From fe20c5e0a8d1f95bdb7661d71eab01ad9f37ef20 Mon Sep 17 00:00:00 2001 From: TheOneWithTheBraid Date: Sun, 21 Aug 2022 11:04:47 +0200 Subject: [PATCH 001/349] feat: include matrix_ldap_registration_proxy Fixes: #1144 Signed-off-by: TheOneWithTheBraid --- .../defaults/main.yml | 47 ++++++++++++++ .../tasks/init.yml | 11 ++++ .../tasks/main.yml | 30 +++++++++ ...f_check_matrix_ldap_registration_proxy.yml | 22 +++++++ .../tasks/setup_install.yml | 63 +++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++++++++ .../tasks/validate_config.yml | 0 .../templates/ldap-registration-proxy.env.j2 | 32 ++++++++++ .../matrix-ldap-registration-proxy.service.j2 | 43 +++++++++++++ .../vars/main.yml | 5 ++ 10 files changed, 289 insertions(+) create mode 100644 roles/matrix-ldap-registration-proxy/defaults/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/init.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_install.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/validate_config.yml create mode 100644 roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 create mode 100644 roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 create mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml new file mode 100644 index 000000000..5516f4f9c --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -0,0 +1,47 @@ +--- +# matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? +# Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy + +matrix_ldap_registration_proxy_enabled: false + +matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" +matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" + +matrix_ldap_registration_proxy_version: "296246afc6a9b3105e67fcf6621cf05ebc74b873" + +matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ldap_registration_proxy" +# We need the docker src directory to be named matrix_ldap_registration_proxy. +matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" +matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" + +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" +matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" + +# Controls whether the self-check feature should validate SSL certificates. +matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true + +matrix_ldap_registration_proxy_container_port: 8080 +# Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). +# +# Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. +matrix_ldap_registration_proxy_container_http_host_bind_port: '' + +# A list of extra arguments to pass to the container +matrix_ldap_registration_proxy_container_extra_arguments: [] + +# List of systemd services that matrix_ldap_registration_proxy.service depends on +matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix_ldap_registration_proxy.service wants +matrix_ldap_registration_proxy_systemd_wanted_services_list: [] + +# Default ma1sd configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" + +# Holds the final ma1sd configuration (a combination of the default and its extension). +matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml new file mode 100644 index 000000000..312165cc4 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -0,0 +1,11 @@ +--- +# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 +# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 +- name: Fail if trying to self-build on Ansible < 2.8 + ansible.builtin.fail: + msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" + when: matrix_matrix_ldap_registration_proxy_enabled | bool diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml new file mode 100644 index 000000000..720d27ba8 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -0,0 +1,30 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" + delegate_to: 127.0.0.1 + become: false + when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml new file mode 100644 index 000000000..ce46c45af --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml @@ -0,0 +1,22 @@ +--- + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" + +- name: Check matrix_ldap_registration_proxy Service + ansible.builtin.uri: + url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" + follow_redirects: none + validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" + check_mode: false + register: result_matrix_ldap_registration_proxy + ignore_errors: true + +- name: Fail if matrix_ldap_registration_proxy Service not working + ansible.builtin.fail: + msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" + when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" + +- name: Report working matrix_ldap_registration_proxy Service + ansible.builtin.debug: + msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml new file mode 100644 index 000000000..1f0307ec3 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -0,0 +1,63 @@ +--- + +- name: Ensure matrix_ldap_registration_proxy paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_ldap_registration_proxy_config_path }}", when: true} + - {path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}", when: true} + when: "item.when | bool" + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_requires_restart: false + +- name: Ensure matrix_ldap_registration_proxy repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_ldap_registration_proxy_container_image_self_build_repo }}" + dest: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + version: "{{ matrix_ldap_registration_proxy_container_image_self_build_branch }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_ldap_registration_proxy_git_pull_results + +- name: Ensure matrix_ldap_registration_proxy Docker image is built + docker_image: + name: "{{ matrix_ldap_registration_proxy_docker_image }}" + source: build + force_source: "{{ matrix_ldap_registration_proxy_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + pull: true + when: true + +- name: Ensure matrix_ldap_registration_proxy config installed + ansible.builtin.copy: + content: "{{ matrix_ldap_registration_proxy_configuration }}" + dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-ldap-registration-proxy.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-ldap-registration-proxy.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + mode: 0644 + register: matrix_ldap_registration_proxy_systemd_service_result + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_ldap_registration_proxy_systemd_service_result.changed | bool" + +- name: Ensure matrix-ldap-registration-proxy.service restarted, if necessary + ansible.builtin.service: + name: "matrix-ldap-registration-proxy.service" + state: restarted + when: "matrix_ldap_registration_proxy_requires_restart | bool" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml new file mode 100644 index 000000000..cc542edf3 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-matrix_ldap_registration_proxy service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + register: matrix_matrix_ldap_registration_proxy_service_stat + +- name: Ensure matrix-matrix_ldap_registration_proxy is stopped + ansible.builtin.service: + name: matrix-matrix_ldap_registration_proxy + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure matrix-ldap-registration-proxy.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + state: absent + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure Matrix matrix_ldap_registration_proxy paths don't exist + ansible.builtin.file: + path: "{{ matrix_matrix_ldap_registration_proxy_base_path }}" + state: absent + +- name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist + docker_image: + name: "{{ matrix_matrix_ldap_registration_proxy_docker_image }}" + state: absent diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml new file mode 100644 index 000000000..e69de29bb diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 new file mode 100644 index 000000000..e7ee29ba1 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -0,0 +1,32 @@ +# please specify the configuration here +# +# these settings are mandatory + +# The server to connect to. Please note it must be accessible from the Docker network +# example: `ldap://127.0.0.1:389` +LDAP_SERVER={{ matrix_ldap_registration_proxy_ldap_uri }} + +# the base DN used for user creation + +LDAP_BASE_DN={{ matrix_ldap_registration_proxy_ldap_base_dn }} + +# the privileged user used for user creation including it's DN +# example: `uid=admin,cn=users,cn=accounts,dc=example,dc=org` + +LDAP_USER={{ matrix_ldap_registration_proxy_ldap_user }} + +# the password of the `LDAP_USER` used for authentication +LDAP_PASSWORD={{ matrix_ldap_registration_proxy_ldap_password }} + +# the human-readable server name of your Matrix server as used in the Matrix ID +# example: `example.org` +MATRIX_SERVER_NAME={{ matrix_ldap_registration_proxy_matrix_server_name }} + +# the url to access the Matrix server API without trailing `/` +# example: `https://matrix.example.org` +MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} + +# these settings are optional: + +# Specify the port to listen on. Default to 8080 +LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 new file mode 100644 index 000000000..afbabe729 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -0,0 +1,43 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=matrix_ldap_registration_proxy +{% for service in matrix_ldap_registration_proxy_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_ldap_registration_proxy_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' + +# matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, +# so /tmp needs to be mounted with an exec option. +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --read-only \ + --network={{ matrix_docker_network }} \ + {% if matrix_ldap_registration_proxy_container_http_host_bind_port %} + -p {{ matrix_ldap_registration_proxy_container_http_host_bind_port }}:{{ matrix_ldap_registration_proxy_container_port }} \ + {% endif %} + --env-file {{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env \ + {% for arg in matrix_ldap_registration_proxy_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_ldap_registration_proxy_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-ldap-registration-proxy + +[Install] +WantedBy=multi-user.target diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml new file mode 100644 index 000000000..3adc735e9 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/vars/main.yml @@ -0,0 +1,5 @@ +--- + +# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). +# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. +matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From d2769d6bca4ed0b4d118907fddf64bd27c27f7d4 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 13:47:44 +0000 Subject: [PATCH 002/349] Update mautrix-telegram: 0.11.3 -> 0.12.0 --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 79c9b7e59..f540ba2de 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -16,7 +16,7 @@ matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git" matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" -matrix_mautrix_telegram_version: v0.11.3 +matrix_mautrix_telegram_version: v0.12.0 # See: https://mau.dev/mautrix/telegram/container_registry matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" From ee892c7cf7880112723294a0e9844561dc481a34 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 13:48:30 +0000 Subject: [PATCH 003/349] Update Jitsi stable-7648-3 -> stable-7648-4 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index d94c62f46..9c31a660b 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -72,7 +72,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7648-3 +matrix_jitsi_version: stable-7648-4 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 033b8e57cc9aab3090356f717697286c9a38f71a Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 14:42:56 +0000 Subject: [PATCH 004/349] Update mautrix-instagram 0.1.3 -> 0.2.0 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index bcb6ddb11..eb223405a 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: v0.1.3 +matrix_mautrix_instagram_version: v0.2.0 # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From bb0ce4cac6dfc70a76dd2639116c9832c94678d9 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 26 Aug 2022 19:47:05 +0000 Subject: [PATCH 005/349] Update Hydrogen 0.3.1 -> 0.3.2 --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 4edfa20c4..bd2917d2b 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.3.1 +matrix_client_hydrogen_version: v0.3.2 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From a0ecf13cdbde8edb023d5b0611cddd602a118419 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 28 Aug 2022 18:05:59 +0300 Subject: [PATCH 006/349] Add ability to control RandomizedDelaySec of matrix-backup-borg.timer Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2068 --- roles/matrix-backup-borg/defaults/main.yml | 5 ++++- .../templates/systemd/matrix-backup-borg.timer.j2 | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/matrix-backup-borg/defaults/main.yml b/roles/matrix-backup-borg/defaults/main.yml index 893817888..de086ebd9 100644 --- a/roles/matrix-backup-borg/defaults/main.yml +++ b/roles/matrix-backup-borg/defaults/main.yml @@ -26,8 +26,11 @@ matrix_backup_borg_systemd_required_services_list: ['docker.service'] # List of systemd services that matrix-backup-borg.service wants matrix_backup_borg_systemd_wanted_services_list: [] -# systemd calendar configuration for backup job +# systemd calendar configuration for the backup job +# the actual job may run with a delay (see matrix_backup_borg_schedule_randomized_delay_sec) matrix_backup_borg_schedule: "*-*-* 04:00:00" +# the delay with which the systemd timer may run in relation to the `matrix_backup_borg_schedule` schedule +matrix_backup_borg_schedule_randomized_delay_sec: 2h # what directories should be added to backup matrix_backup_borg_location_source_directories: [] diff --git a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 b/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 index 541d00203..fdafef766 100644 --- a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 +++ b/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 @@ -4,7 +4,7 @@ Description=Matrix Borg Backup timer [Timer] Unit=matrix-backup-borg.service OnCalendar={{ matrix_backup_borg_schedule }} -RandomizedDelaySec=2h +RandomizedDelaySec={{ matrix_backup_borg_schedule_randomized_delay_sec }} [Install] WantedBy=timers.target From e8fd3fdc19ac6cab79f360b0bb54bf6df2c73f8f Mon Sep 17 00:00:00 2001 From: Aine Date: Sun, 28 Aug 2022 18:48:18 +0300 Subject: [PATCH 007/349] bot-postmoogle: add POSTMOOGLE_USERS config option --- roles/matrix-bot-postmoogle/defaults/main.yml | 9 +++++++++ roles/matrix-bot-postmoogle/templates/env.j2 | 1 + 2 files changed, 10 insertions(+) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 5272e2f2d..bcd401e73 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -84,6 +84,15 @@ matrix_bot_postmoogle_noowner: false # Allow Postmoogle use by users over federation matrix_bot_postmoogle_federation: false +# A list of whitelisted users allowed to use the bridge. +# If not defined, everyone is allowed. +# Example set of rules: +# - @someone:example.com +# - @another:example.com +# - @bot.*:example.com +# - @*:another.com +matrix_bot_postmoogle_users: [] + # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 930681d8d..0bd337525 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -12,5 +12,6 @@ POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} +POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | default('') | join(' ') }} {{ matrix_bot_postmoogle_environment_variables_extension }} From 071424bef2130a28a5386fce9c46d2287740f5f9 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 02:29:57 -0400 Subject: [PATCH 008/349] Update configuring-playbook-bot-mjolnir.md --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 20760d5ef..d1fe64f75 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. [Currently there is no Synapse config option for this](https://github.com/matrix-org/synapse/issues/6286) so you have to manually edit the Synapse database. Manually editing the Synapse database is rarely a good idea but in this case it is required. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. There is a Synapse config option for this but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From b0eb28721b1bfeec72f6fc4dfbf4d20e9a3f86a7 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 29 Aug 2022 15:13:27 +0000 Subject: [PATCH 009/349] postmoogle: add admins (#2073) * postmoogle: add admins * postmoogle: update jija2 defaults * postmoogle: fix typo --- roles/matrix-bot-postmoogle/defaults/main.yml | 9 +++++++++ roles/matrix-bot-postmoogle/templates/env.j2 | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index bcd401e73..a08c0f462 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -93,6 +93,15 @@ matrix_bot_postmoogle_federation: false # - @*:another.com matrix_bot_postmoogle_users: [] +# A list of admins +# Example set of rules: +# - @someone:example.com +# - @another:example.com +# - @bot.*:example.com +# - @*:another.com +matrix_bot_postmoogle_admins: + - "{{ matrix_admin }}" + # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 0bd337525..d73c1b6af 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -12,6 +12,7 @@ POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} -POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | default('') | join(' ') }} +POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | join(' ') }} +POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }} {{ matrix_bot_postmoogle_environment_variables_extension }} From aa9269661348ecb679f3316cea505338646427c2 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 13:10:29 -0400 Subject: [PATCH 010/349] Update configuring-playbook-bot-mjolnir.md --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index d1fe64f75..30aa4c4fc 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. There is a Synapse config option for this but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users) but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From 76953d8a6961d35b13ae7e0d827c38ce5cc46a70 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 13:10:53 -0400 Subject: [PATCH 011/349] Update configuring-playbook-bot-mjolnir.md --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 30aa4c4fc..b7d3022f4 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users) but this can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From cc57af9126218d048059572f2231aeceb1adee7c Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 29 Aug 2022 20:24:00 +0300 Subject: [PATCH 012/349] =?UTF-8?q?=1B[Apostmoogle:=20remove=20noowner=20a?= =?UTF-8?q?nd=20federation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/matrix-bot-postmoogle/defaults/main.yml | 6 ------ roles/matrix-bot-postmoogle/templates/env.j2 | 2 -- 2 files changed, 8 deletions(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index a08c0f462..e6de5dcb1 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -78,12 +78,6 @@ matrix_bot_postmoogle_prefix: '!pm' # Max email size in megabytes, including attachments matrix_bot_postmoogle_maxsize: '1024' -# Allow room settings changes by any room participant -matrix_bot_postmoogle_noowner: false - -# Allow Postmoogle use by users over federation -matrix_bot_postmoogle_federation: false - # A list of whitelisted users allowed to use the bridge. # If not defined, everyone is allowed. # Example set of rules: diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index d73c1b6af..7c0d10bea 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -10,8 +10,6 @@ POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} -POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} -POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | join(' ') }} POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }} From c68f69805271017e1fc2a5174cfaca01edf05665 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 29 Aug 2022 17:43:03 +0000 Subject: [PATCH 013/349] postmoogle: set safe defaults to POSTMOOGLE_USERS --- roles/matrix-bot-postmoogle/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index e6de5dcb1..cb4c8f53a 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -85,7 +85,8 @@ matrix_bot_postmoogle_maxsize: '1024' # - @another:example.com # - @bot.*:example.com # - @*:another.com -matrix_bot_postmoogle_users: [] +matrix_bot_postmoogle_users: + - "@*:{{ matrix_domain }}" # A list of admins # Example set of rules: From 5d7260a93df9df20842addaa540ab73fc02ee690 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 14:30:00 -0400 Subject: [PATCH 014/349] removed server wide rate limit link --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index b7d3022f4..ada4556a0 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this can be found [here](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#ratelimiting) or by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From 8a469adbfbc019c657c17424b07ac28b5dfe9d19 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Mon, 29 Aug 2022 14:33:53 -0400 Subject: [PATCH 015/349] better wording --- docs/configuring-playbook-bot-mjolnir.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index ada4556a0..5fc6331e3 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -29,7 +29,7 @@ Refer to the documentation on [how to obtain an access token](obtaining-access-t ## 3. Make sure the account is free from rate limiting -You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. The Synapse config option for this by using the [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. +You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. This can be done using Synapse's [admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#override-ratelimiting-for-users). This can also be manually done by editing the Synapse database. Manually editing the Synapse database is rarely a good idea. Please ask for help if you are uncomfortable with these steps. 1. Copy the statement below into a text editor. From caebb7be0b2cd02abbe853d1d1243f53e98fdeff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 30 Aug 2022 10:53:59 +0300 Subject: [PATCH 016/349] Disable registration for Conduit by default We do this for all other supported homeservers. A "public by default" homeserver is a bad idea for most people. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2076 --- roles/matrix-conduit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index 25036939a..df1a87d94 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -37,7 +37,7 @@ matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit/condu matrix_conduit_max_request_size: 20_000_000 # Enables registration. If set to false, no users can register on this server. -matrix_conduit_allow_registration: true +matrix_conduit_allow_registration: false matrix_conduit_allow_federation: true From b018a0a11486787bb0283c7230e86790a90d94bc Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 30 Aug 2022 11:10:58 +0000 Subject: [PATCH 017/349] Update ddclient v3.9.1-ls96 -> v3.9.1-ls97 --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 16f6f3ae6..8354e1d90 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls96 +matrix_dynamic_dns_version: v3.9.1-ls97 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From 8e0e9fa878b451c5bb727330430e7993d5418122 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 30 Aug 2022 18:50:44 +0300 Subject: [PATCH 018/349] Deprecate matrix_synapse_account_threepid_delegates_email before Synapse v1.66.0 This is done in anticipation of this option's removal in the upcoming Synapse v1.66.0 release (likely tomorrow). See: https://matrix-org.github.io/synapse/v1.66/upgrade.html#delegation-of-email-validation-no-longer-supported --- group_vars/matrix_servers | 4 +--- roles/matrix-synapse/defaults/main.yml | 4 ---- roles/matrix-synapse/tasks/validate_config.yml | 1 + roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 7 +------ 4 files changed, 3 insertions(+), 13 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2ac8cc297..b02938022 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2237,9 +2237,7 @@ matrix_synapse_enabled: "{{ matrix_homeserver_implementation == 'synapse' }}" matrix_synapse_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" -# When ma1sd is enabled, we can use it to validate email addresses and phone numbers. -# Synapse can validate email addresses by itself as well, but it's probably not what we want by default when we have an identity server. -matrix_synapse_account_threepid_delegates_email: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port | string if matrix_ma1sd_enabled else '' }}" +# When ma1sd is enabled, we can use it to validate phone numbers. It's something that the homeserver cannot do by itself. matrix_synapse_account_threepid_delegates_msisdn: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port | string if matrix_ma1sd_enabled else '' }}" # Normally, matrix-nginx-proxy is enabled and nginx can reach Synapse over the container network. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 6d204b174..1ba7b269b 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -257,10 +257,6 @@ matrix_synapse_registrations_require_3pid: [] # pattern: '\+44' matrix_synapse_allowed_local_3pids: [] -# The server to use for email threepid validation. When empty, Synapse does it by itself. -# Otherwise, this should be pointed to an identity server. -matrix_synapse_account_threepid_delegates_email: '' - # The server to use for phone number threepid validation. When empty, validation cannot happen, as Synapse doesn't support it. # To make it work, this should be pointed to an identity server. matrix_synapse_account_threepid_delegates_msisdn: '' diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index ba60abf8a..d32fce977 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -61,6 +61,7 @@ - {'old': 'matrix_synapse_use_presence', 'new': 'matrix_synapse_presence_enabled'} - {'old': 'matrix_synapse_version_arm64', 'new': ''} - {'old': 'matrix_synapse_enable_group_creation', 'new': ''} + - {'old': 'matrix_synapse_account_threepid_delegates_email', 'new': ''} - name: (Deprecation) Catch and report renamed settings in matrix_synapse_configuration_extension_yaml ansible.builtin.fail: diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 07c5ec89d..04c4b3cf5 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1419,14 +1419,10 @@ allow_guest_access: {{ matrix_synapse_allow_guest_access|to_json }} # #default_identity_server: https://matrix.org -# Handle threepid (email/phone etc) registration and password resets through a set of +# Handle threepid (phone etc) registration and password resets through a set of # *trusted* identity servers. Note that this allows the configured identity server to # reset passwords for accounts! # -# Be aware that if `email` is not set, and SMTP options have not been -# configured in the email config block, registration and user password resets via -# email will be globally disabled. -# # Additionally, if `msisdn` is not set, registration and password resets via msisdn # will be disabled regardless, and users will not be able to associate an msisdn # identifier to their account. This is due to Synapse currently not supporting @@ -1441,7 +1437,6 @@ allow_guest_access: {{ matrix_synapse_allow_guest_access|to_json }} # https://matrix.org/docs/spec/identity_service/latest # account_threepid_delegates: - email: {{ matrix_synapse_account_threepid_delegates_email|to_json }} msisdn: {{ matrix_synapse_account_threepid_delegates_msisdn|to_json }} # Whether users are allowed to change their displayname after it has From 1bc49949f94825de30448cb58c6428ae5ed731fd Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 30 Aug 2022 19:48:16 +0300 Subject: [PATCH 019/349] postmoogle 0.9.0 --- roles/matrix-bot-postmoogle/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index cb4c8f53a..13953f2a3 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: latest +matrix_bot_postmoogle_version: v0.9.0 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" @@ -78,6 +78,7 @@ matrix_bot_postmoogle_prefix: '!pm' # Max email size in megabytes, including attachments matrix_bot_postmoogle_maxsize: '1024' +# DEPRECATED, use !pm users instead # A list of whitelisted users allowed to use the bridge. # If not defined, everyone is allowed. # Example set of rules: From 4bff8c18db7c5649c2e49860d59c38c2856395f2 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 30 Aug 2022 16:49:47 +0000 Subject: [PATCH 020/349] Update grafana 9.1.1 -> 9.1.2 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 6ef4cb6ab..0b57de773 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.1 +matrix_grafana_version: 9.1.2 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 09d4a9beab4f631e98bcec32f7ff674ef077ccce Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 31 Aug 2022 11:17:56 +0300 Subject: [PATCH 021/349] Make matrix_bot_postmoogle_admins=[] when matrix_admin not set .. instead of `['']`. The final result in the `env` file will be the same (`POSTMOOGLE_ADMINS=`) in both cases, but it's better to avoid confusion. --- roles/matrix-bot-postmoogle/defaults/main.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 13953f2a3..10c4255b6 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -82,6 +82,7 @@ matrix_bot_postmoogle_maxsize: '1024' # A list of whitelisted users allowed to use the bridge. # If not defined, everyone is allowed. # Example set of rules: +# matrix_bot_postmoogle_users: # - @someone:example.com # - @another:example.com # - @bot.*:example.com @@ -91,12 +92,12 @@ matrix_bot_postmoogle_users: # A list of admins # Example set of rules: +# matrix_bot_postmoogle_admins: # - @someone:example.com # - @another:example.com # - @bot.*:example.com # - @*:another.com -matrix_bot_postmoogle_admins: - - "{{ matrix_admin }}" +matrix_bot_postmoogle_admins: "{{ [matrix_admin] if matrix_admin else [] }}" # Sentry DSN matrix_bot_postmoogle_sentry: '' From 664406af57f9f79ba4b7d96b59db0baa84587017 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 31 Aug 2022 15:45:46 +0300 Subject: [PATCH 022/349] Upgrade Synapse (v1.65.0 -> v1.66.0) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 1ba7b269b..a25d2d3f1 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.65.0 +matrix_synapse_version: v1.66.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From a6ad396cd29e2ec2e9ad1cc01ffbc8900b316caf Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 31 Aug 2022 16:35:37 +0000 Subject: [PATCH 023/349] Update Element 1.11.3 -> 1.11.4 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index e462df8ae..c4e187a94 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.3 +matrix_client_element_version: v1.11.4 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 023f27324040fa71edfda16cbf84ff8c17dad59f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 31 Aug 2022 16:36:31 +0000 Subject: [PATCH 024/349] Update Cinny 2.1.2 -> 2.1.3 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 1cb22cd1e..c2bc476a9 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.1.2 +matrix_client_cinny_version: v2.1.3 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From e74e3c9e8f3c8c4c0b5222ad60284fe8bdb80e8f Mon Sep 17 00:00:00 2001 From: Silas Date: Thu, 1 Sep 2022 22:23:02 -0300 Subject: [PATCH 025/349] Correctly check number of arguments when creating a dendrite account This is probably a continuation of changes made in d7ed672f7. --- .../dendrite/usr-local-bin/matrix-dendrite-create-account.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 index 507c7012e..edfa521b9 100644 --- a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 +++ b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 @@ -1,7 +1,7 @@ #jinja2: lstrip_blocks: "True" #!/bin/bash -if [ $# -ne 2 ]; then +if [ $# -ne 3 ]; then echo "Usage: "$0" " exit 1 fi From 0300c0e96ee29950d0ede995ac841e996adb7424 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Fri, 2 Sep 2022 03:58:41 +0000 Subject: [PATCH 026/349] Update dendrite 0.9.5 -> 0.9.6 Remove appservice database setup/config as the latest update no longer requires it. --- group_vars/matrix_servers | 4 ---- roles/matrix-dendrite/defaults/main.yml | 3 +-- roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 | 5 ----- 3 files changed, 1 insertion(+), 11 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index b02938022..074e06e9c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1837,10 +1837,6 @@ matrix_postgres_additional_databases: | }] if (matrix_synapse_enabled and matrix_synapse_database_database != matrix_postgres_db_name and matrix_synapse_database_host == 'matrix-postgres') else []) + ([{ - 'name': matrix_dendrite_appservice_database, - 'username': matrix_dendrite_database_user, - 'password': matrix_dendrite_database_password, - },{ 'name': matrix_dendrite_federationapi_database, 'username': matrix_dendrite_database_user, 'password': matrix_dendrite_database_password, diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 50336a111..28f542e15 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.5" +matrix_dendrite_docker_image_tag: "v0.9.6" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" @@ -138,7 +138,6 @@ matrix_dendrite_database_str: "postgresql://{{ matrix_dendrite_database_user }}: matrix_dendrite_database_hostname: "matrix-postgres" matrix_dendrite_database_user: "dendrite" matrix_dendrite_database_password: "itsasecret" -matrix_dendrite_appservice_database: "dendrite_appservice" matrix_dendrite_federationapi_database: "dendrite_federationapi" matrix_dendrite_keyserver_database: "dendrite_keyserver" matrix_dendrite_mediaapi_database: "dendrite_mediaapi" diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index 20131c106..88aacab23 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -133,11 +133,6 @@ app_service_api: internal_api: listen: http://0.0.0.0:7777 connect: http://appservice_api:7777 - database: - connection_string: {{ matrix_dendrite_database_str }}/{{ matrix_dendrite_appservice_database }}?sslmode=disable - max_open_conns: 10 - max_idle_conns: 2 - conn_max_lifetime: -1 # Disable the validation of TLS certificates of appservices. This is # not recommended in production since it may allow appservice traffic From 1efd1045f681fdcb47d4868018aa0a3625634e71 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 2 Sep 2022 14:38:05 +0300 Subject: [PATCH 027/349] Upgrade Hookshot (2.0.1 -> 2.1.0) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 7b927c926..d230fcdb5 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.0.1 +matrix_hookshot_version: 2.1.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 1cae31372c65e6db1d57cd35f37d79d3c85cab36 Mon Sep 17 00:00:00 2001 From: Charles Wright Date: Fri, 2 Sep 2022 13:04:21 -0500 Subject: [PATCH 028/349] Make Conduit's rocksdb_max_open_files parameter configurable, and set it to a higher default value --- roles/matrix-conduit/defaults/main.yml | 5 +++++ roles/matrix-conduit/templates/conduit/conduit.toml.j2 | 3 +++ 2 files changed, 8 insertions(+) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index df1a87d94..48a1ed1b8 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -36,6 +36,11 @@ matrix_conduit_template_conduit_config: "{{ role_path }}/templates/conduit/condu # Max size for uploads, in bytes matrix_conduit_max_request_size: 20_000_000 +# Maximum number of open files for Conduit's embedded RocksDB database +# See https://github.com/facebook/rocksdb/wiki/RocksDB-Tuning-Guide#tuning-other-options +# If not specified, Conduit defaults to a relatively low value of 20 +matrix_conduit_rocksdb_max_open_files: 64 + # Enables registration. If set to false, no users can register on this server. matrix_conduit_allow_registration: false diff --git a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 index 6f479084b..156914403 100644 --- a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 +++ b/roles/matrix-conduit/templates/conduit/conduit.toml.j2 @@ -34,6 +34,9 @@ port = {{ matrix_conduit_port_number }} # Max size for uploads max_request_size = {{ matrix_conduit_max_request_size }} +# Max number of open files for the RocksDB database +rocksdb_max_open_files = {{ matrix_conduit_rocksdb_max_open_files }} + # Enables registration. If set to false, no users can register on this server. allow_registration = {{ matrix_conduit_allow_registration | to_json }} From 1c95c8fc3ebd205ce073c617f00ac1d37e8057ae Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 3 Sep 2022 10:47:39 +0000 Subject: [PATCH 029/349] Update hookshot 2.1.0 -> 2.1.2 --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index d230fcdb5..d60cf15b9 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.1.0 +matrix_hookshot_version: 2.1.2 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From b112480793d10b373645f1969fe2dc03cd8c9d85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:44:49 +0200 Subject: [PATCH 030/349] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/vars/main.yml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml deleted file mode 100644 index 3adc735e9..000000000 --- a/roles/matrix-ldap-registration-proxy/vars/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). -# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. -matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From 88f416638571ba5c88f0815827ff6d518e91412f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:46:56 +0200 Subject: [PATCH 031/349] Validate that basic LDAP settings are provided --- .../tasks/validate_config.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml index e69de29bb..6b52af9c8 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml @@ -0,0 +1,12 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_ldap_registration_proxy_ldap_uri" + - "matrix_ldap_registration_proxy_ldap_base_dn" + - "matrix_ldap_registration_proxy_ldap_user" + - "matrix_ldap_registration_proxy_ldap_password" From ab33024665548238933f0ce4a01d36edbd814887 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:53:26 +0200 Subject: [PATCH 032/349] Make role enabled in role but turn it off in group vars --- group_vars/matrix_servers | 14 ++++++++++++++ .../defaults/main.yml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 074e06e9c..bbfdcf3e9 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1538,6 +1538,20 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # /matrix-jitsi # ###################################################################### +###################################################################### +# +# matrix-ldap-registration-proxy +# +###################################################################### + +# This is only for users with a specific LDAP setup +matrix_ldap_registration_proxy_enabled: false + +###################################################################### +# +# /matrix-ldap-registration-proxy +# +###################################################################### ###################################################################### # diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 5516f4f9c..44a670c15 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -2,7 +2,7 @@ # matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? # Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy -matrix_ldap_registration_proxy_enabled: false +matrix_ldap_registration_proxy_enabled: true matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" From 54def0b1e1103cf9b236a5e2a352c826f3a4900e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:56:03 +0200 Subject: [PATCH 033/349] Avoid cross-referencing of variables in role, move to group vars --- group_vars/matrix_servers | 6 ++++++ roles/matrix-ldap-registration-proxy/defaults/main.yml | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index bbfdcf3e9..92cc5c591 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1547,6 +1547,12 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # This is only for users with a specific LDAP setup matrix_ldap_registration_proxy_enabled: false +# Use the LDAP values specified for the synapse role to setup LDAP proxy +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" + ###################################################################### # # /matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 44a670c15..4165c5910 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -14,10 +14,10 @@ matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ld matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" -matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" -matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" -matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" -matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_ldap_uri: "" +matrix_ldap_registration_proxy_ldap_base_dn: "" +matrix_ldap_registration_proxy_ldap_user: "" +matrix_ldap_registration_proxy_ldap_password: "" matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" From 7665c5e048dbd14ed5854fea36d38817927eec20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:59:07 +0200 Subject: [PATCH 034/349] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 4165c5910..15f597495 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,9 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default ma1sd configuration template which covers the generic use case. +# Default LDAP configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" -# Holds the final ma1sd configuration (a combination of the default and its extension). +# Holds the final LDAP configuration (a combination of the default and its extension). matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" From 949ca115fede8a143df2dde7efdea4fdcdb3eea3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:09 +0200 Subject: [PATCH 035/349] Use a template option for the env with variable extension --- .../matrix-ldap-registration-proxy/defaults/main.yml | 11 ++++++----- .../tasks/setup_install.yml | 4 ++-- .../templates/ldap-registration-proxy.env.j2 | 3 +++ 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 15f597495..469a2f295 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,10 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default LDAP configuration template which covers the generic use case. -# You can customize it by controlling the various variables inside it. -matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" +# Additional environment variables to pass to the LDAP proxy environment variables. +# +# Example: +# matrix_ldap_registration_proxy_env_variables_extension: | +# KEY=value +matrix_ldap_registration_proxy_env_variables_extension: '' -# Holds the final LDAP configuration (a combination of the default and its extension). -matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml index 1f0307ec3..870373370 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -37,8 +37,8 @@ when: true - name: Ensure matrix_ldap_registration_proxy config installed - ansible.builtin.copy: - content: "{{ matrix_ldap_registration_proxy_configuration }}" + ansible.builtin.template: + src: "{{ role_path }}/templates/ldap-registration-proxy.env.j2" dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" mode: 0644 owner: "{{ matrix_user_username }}" diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 index e7ee29ba1..581a0b0d8 100644 --- a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -30,3 +30,6 @@ MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} # Specify the port to listen on. Default to 8080 LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} + +# Use this to extend the configuration with custom variables +{{ matrix_ldap_registration_proxy_env_variables_extension }} From 3bc64fb6cc8d2f0a1b2d4decdc5c95a369420a50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:59 +0200 Subject: [PATCH 036/349] Remove selfcheck --- .../tasks/main.yml | 7 ------ ...f_check_matrix_ldap_registration_proxy.yml | 22 ------------------- 2 files changed, 29 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml index 720d27ba8..576fc1f48 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/main.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -21,10 +21,3 @@ tags: - setup-all - setup-matrix-ldap-registration-proxy - -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" - delegate_to: 127.0.0.1 - become: false - when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" - tags: - - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml deleted file mode 100644 index ce46c45af..000000000 --- a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- - -- ansible.builtin.set_fact: - matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" - -- name: Check matrix_ldap_registration_proxy Service - ansible.builtin.uri: - url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" - follow_redirects: none - validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" - check_mode: false - register: result_matrix_ldap_registration_proxy - ignore_errors: true - -- name: Fail if matrix_ldap_registration_proxy Service not working - ansible.builtin.fail: - msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" - when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" - -- name: Report working matrix_ldap_registration_proxy Service - ansible.builtin.debug: - msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" From 43bca57798c010146ac7a31ec8c5d979f4429e95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 19:38:27 +0200 Subject: [PATCH 037/349] Add nginx rewrite for registration --- .../defaults/main.yml | 4 ++++ .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 ++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 469a2f295..712e1101d 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -30,6 +30,10 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" + + # A list of extra arguments to pass to the container matrix_ldap_registration_proxy_container_extra_arguments: [] diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 2895ba14a..0e16e3e31 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,6 +129,20 @@ } {% endif %} + {% if matrix_ldap_registration_proxy_enabled %} + location _matrix/client/r0/register { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; + proxy_pass http://$backend/register; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; + {% endif %} + } + {% endif %} + {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From ee2badf7a6558cded771f8769b1a714065ee7e3b Mon Sep 17 00:00:00 2001 From: Kolja Lampe Date: Mon, 5 Sep 2022 11:01:31 +0200 Subject: [PATCH 038/349] Correctly refer to the placeholder --- docs/configuring-playbook-bot-matrix-registration-bot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index 739f0869c..a3e4bbeb1 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -56,7 +56,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To use the bot, create a **non-encrypted** room and invite `@bot.matrix-registration-bot:DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +To use the bot, create a **non-encrypted** room and invite `@bot.matrix-registration-bot:DOMAIN` (where `DOMAIN` is your base domain, not the `matrix.` domain). In this room send `help` and the bot will reply with all options. From 5f9f891322effa21d81c468cdcde701b6ba8c72c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 5 Sep 2022 20:04:21 +0300 Subject: [PATCH 039/349] Fix misleading comment Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2086 --- roles/matrix-conduit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/matrix-conduit/defaults/main.yml index 48a1ed1b8..366321b9c 100644 --- a/roles/matrix-conduit/defaults/main.yml +++ b/roles/matrix-conduit/defaults/main.yml @@ -38,7 +38,7 @@ matrix_conduit_max_request_size: 20_000_000 # Maximum number of open files for Conduit's embedded RocksDB database # See https://github.com/facebook/rocksdb/wiki/RocksDB-Tuning-Guide#tuning-other-options -# If not specified, Conduit defaults to a relatively low value of 20 +# By default, Conduit uses a relatively low value of 20. matrix_conduit_rocksdb_max_open_files: 64 # Enables registration. If set to false, no users can register on this server. From e5ba1daad4a8e7c0b4caabbc0f668401778a5640 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:48:19 +0200 Subject: [PATCH 040/349] Remove matrix LDAP proxy config from nginx role --- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 0e16e3e31..2895ba14a 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,20 +129,6 @@ } {% endif %} - {% if matrix_ldap_registration_proxy_enabled %} - location _matrix/client/r0/register { - {% if matrix_nginx_proxy_enabled %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; - proxy_pass http://$backend/register; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; - {% endif %} - } - {% endif %} - {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From 3aa2c8e535e81407782672e76ebd5be27be123e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:52:43 +0200 Subject: [PATCH 041/349] Inject nginx configuration for ldap proxy at runtime --- .../tasks/init.yml | 51 ++++++++++++++++++- 1 file changed, 49 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 312165cc4..15017333b 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -4,8 +4,55 @@ - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" - when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ldap_registration_proxy_container_image_self_build and matrix_ldap_registration_proxy_enabled | bool" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" - when: matrix_matrix_ldap_registration_proxy_enabled | bool + when: matrix_ldap_registration_proxy_enabled | bool + +- block: + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. + when: matrix_nginx_proxy_role_executed | default(False) | bool + + - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | + location {{ matrix_ldap_registration_proxy_public_endpoint }} { + {% if matrix_nginx_proxy_enabled | default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; + proxy_pass http://$backend/register;; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; + {% endif %} + } + + - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` + URL endpoint to the matrix-matrix-ldap-proxy container. + You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. + when: "not matrix_nginx_proxy_enabled | default(False) | bool" + + tags: + - always + when: matrix_ldap_registration_proxy_enabled | bool and matrix_ldap_registration_proxy_appservice_public_enabled | bool From d03d0dc89797303a36ae01a11aea95b6b7db4f0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:54:10 +0200 Subject: [PATCH 042/349] Add role to setup.yml --- setup.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/setup.yml b/setup.yml index 3b7d235d3..0086b032c 100755 --- a/setup.yml +++ b/setup.yml @@ -59,6 +59,7 @@ - matrix-client-hydrogen - matrix-client-cinny - matrix-jitsi + - matrix-ldap-registration-proxy - matrix-ma1sd - matrix-dimension - matrix-etherpad From 24effe36b6e490d13ddd02726ff5692fd3bb7224 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 6 Sep 2022 09:37:35 +0200 Subject: [PATCH 043/349] Fix typo --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 712e1101d..5a010f971 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -30,7 +30,7 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' -matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" From 48a1ab0d22496580d9d7eb14a863cbd9f5ce37a9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 12:16:09 +0300 Subject: [PATCH 044/349] Upgrade Grafana (9.1.2 -> 9.1.3) --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 0b57de773..dcd07bf58 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.2 +matrix_grafana_version: 9.1.3 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 8b40ca8daaa61fdf60bb04f5ff201ee54e942c6d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 6 Sep 2022 12:16:27 +0300 Subject: [PATCH 045/349] Upgrade ddclient (v3.9.1-ls97 -> v3.9.1-ls98) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 8354e1d90..8a5e7cdff 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls97 +matrix_dynamic_dns_version: v3.9.1-ls98 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From b92ff748e46e98c55f05aec46bb7047142810216 Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 9 Sep 2022 10:47:00 +0300 Subject: [PATCH 046/349] Update Postmoogle 0.9.0 -> 0.9.1 --- docs/configuring-dns.md | 33 ++++++++++++------- docs/configuring-playbook-bot-postmoogle.md | 3 ++ group_vars/matrix_servers | 2 ++ roles/matrix-bot-postmoogle/defaults/main.yml | 16 +++++++-- roles/matrix-bot-postmoogle/templates/env.j2 | 5 ++- .../systemd/matrix-bot-postmoogle.service.j2 | 2 ++ 6 files changed, 45 insertions(+), 16 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index ca7c08b08..e03a8cb8d 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -28,18 +28,22 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco ## DNS settings for optional services/features -| Type | Host | Priority | Weight | Port | Target | -| ----- | ---------------------------- | -------- | ------ | ---- | ---------------------- | -| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | -| CNAME | `dimension` | - | - | - | `matrix.` | -| CNAME | `jitsi` | - | - | - | `matrix.` | -| CNAME | `stats` | - | - | - | `matrix.` | -| CNAME | `goneb` | - | - | - | `matrix.` | -| CNAME | `sygnal` | - | - | - | `matrix.` | -| CNAME | `ntfy` | - | - | - | `matrix.` | -| CNAME | `hydrogen` | - | - | - | `matrix.` | -| CNAME | `cinny` | - | - | - | `matrix.` | -| CNAME | `buscarron` | - | - | - | `matrix.` | +| Type | Host | Priority | Weight | Port | Target | +| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | +| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | +| CNAME | `dimension` | - | - | - | `matrix.` | +| CNAME | `jitsi` | - | - | - | `matrix.` | +| CNAME | `stats` | - | - | - | `matrix.` | +| CNAME | `goneb` | - | - | - | `matrix.` | +| CNAME | `sygnal` | - | - | - | `matrix.` | +| CNAME | `ntfy` | - | - | - | `matrix.` | +| CNAME | `hydrogen` | - | - | - | `matrix.` | +| CNAME | `cinny` | - | - | - | `matrix.` | +| CNAME | `buscarron` | - | - | - | `matrix.` | +| MX | `matrix` | 10 | 0 | - | `matrix.` | +| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | +| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | +| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | ## Subdomains setup @@ -77,3 +81,8 @@ This is an optional feature for the optionally-installed [ma1sd service](configu Note: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation. When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md). + +## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup + +To make the [postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge enable its email sending features, you need to configure +SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 70ac57b63..31566da9f 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -35,6 +35,9 @@ matrix_bot_postmoogle_enabled: true matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT ``` +You will also need to add several DNS records so that postmoogle can send emails. +See [Configuring DNS](configuring-dns.md). + ## Installing diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 074e06e9c..6f8411683 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1791,6 +1791,8 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_ntfy] if matrix_ntfy_enabled else []) + + ([matrix_bot_postmoogle_domain] if matrix_bot_postmoogle_enabled else []) + + ([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else []) + matrix_ssl_additional_domains_to_obtain_certificates_for diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 10c4255b6..718480e3c 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.0 +matrix_bot_postmoogle_version: v0.9.1 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" @@ -17,6 +17,7 @@ matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_ matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config" matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data" +matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}" # A list of extra arguments to pass to the container matrix_bot_postmoogle_container_extra_arguments: [] @@ -110,11 +111,20 @@ matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" -# in-container port +# Mandatory TLS, even on plain SMTP port +matrix_bot_postmoogle_tls_required: false + +# in-container ports matrix_bot_postmoogle_port: '2525' +matrix_bot_postmoogle_tls_port: '25587' -# on-host port +# on-host ports matrix_bot_postmoogle_smtp_host_bind_port: '25' +matrix_bot_postmoogle_smtps_host_bind_port: '587' + +# in-container SSL paths +matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem" +matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem" # Additional environment variables to pass to the postmoogle container # diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 7c0d10bea..304e0dd80 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -10,7 +10,10 @@ POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} -POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | join(' ') }} POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }} +POSTMOOGLE_TLS_PORT={{ matrix_bot_postmoogle_tls_port }} +POSTMOOGLE_TLS_CERT={{ matrix_bot_postmoogle_tls_cert }} +POSTMOOGLE_TLS_KEY={{ matrix_bot_postmoogle_tls_key }} +POSTMOOGLE_TLS_REQUIRED={{ matrix_bot_postmoogle_tls_required }} {{ matrix_bot_postmoogle_environment_variables_extension }} diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index 38eb89a65..8250d20a2 100644 --- a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -24,7 +24,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle --network={{ matrix_docker_network }} \ --env-file={{ matrix_bot_postmoogle_config_path }}/env \ -p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \ + -p {{ matrix_bot_postmoogle_smtps_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \ --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ + --mount type=bind,src={{ matrix_bot_postmoogle_ssl_path }},dst=/ssl \ {% for arg in matrix_bot_postmoogle_container_extra_arguments %} {{ arg }} \ {% endfor %} From 692a7af36afcb301d3e16fc9c2924681871cda2e Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 9 Sep 2022 13:19:25 +0300 Subject: [PATCH 047/349] postmoogle feedback --- docs/configuring-dns.md | 2 +- group_vars/matrix_servers | 3 ++ roles/matrix-bot-postmoogle/defaults/main.yml | 30 ++++++++++++++----- .../systemd/matrix-bot-postmoogle.service.j2 | 6 +++- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 2 +- .../tasks/ssl/setup_ssl_manually_managed.yml | 2 +- .../tasks/ssl/setup_ssl_self_signed.yml | 2 +- 7 files changed, 34 insertions(+), 13 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index e03a8cb8d..05cb4b7ad 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -84,5 +84,5 @@ When you're done with the DNS configuration and ready to proceed, continue with ## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup -To make the [postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge enable its email sending features, you need to configure +To make the [postmoogle](configuring-playbook-bot-postmoogle.md) email bridge enable its email sending features, you need to configure SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6f8411683..2c14a917f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1210,6 +1210,9 @@ matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in # We don't enable bots by default. matrix_bot_postmoogle_enabled: false +matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}" +matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem" +matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem" matrix_bot_postmoogle_systemd_required_services_list: | {{ diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 718480e3c..6f7a96cc6 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -17,7 +17,6 @@ matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_ matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config" matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data" -matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}" # A list of extra arguments to pass to the container matrix_bot_postmoogle_container_extra_arguments: [] @@ -111,20 +110,35 @@ matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" -# Mandatory TLS, even on plain SMTP port -matrix_bot_postmoogle_tls_required: false - # in-container ports matrix_bot_postmoogle_port: '2525' matrix_bot_postmoogle_tls_port: '25587' # on-host ports matrix_bot_postmoogle_smtp_host_bind_port: '25' -matrix_bot_postmoogle_smtps_host_bind_port: '587' +matrix_bot_postmoogle_submission_host_bind_port: '587' + +### SSL +## on-host SSL dir +matrix_bot_postmoogle_ssl_path: "" + +## in-container SSL paths +# matrix_bot_postmoogle_tls_cert is the SSL certificate's certificate. +# This is likely set via group_vars/matrix_servers, so you don't need to set it. +# If you do need to set it manually, note that this is an in-container path. +# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path +# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem +matrix_bot_postmoogle_tls_cert: "" + +# matrix_bot_postmoogle_tls_key is the SSL certificate's key. +# This is likely set via group_vars/matrix_servers, so you don't need to set it. +# If you do need to set it manually, note that this is an in-container path. +# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path +# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem +matrix_bot_postmoogle_tls_key: "" -# in-container SSL paths -matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem" -matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem" +# Mandatory TLS, even on plain SMTP port +matrix_bot_postmoogle_tls_required: false # Additional environment variables to pass to the postmoogle container # diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index 8250d20a2..fa45a3a4d 100644 --- a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -24,9 +24,13 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle --network={{ matrix_docker_network }} \ --env-file={{ matrix_bot_postmoogle_config_path }}/env \ -p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \ - -p {{ matrix_bot_postmoogle_smtps_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \ + {% if matrix_bot_postmoogle_ssl_path %} + -p {{ matrix_bot_postmoogle_submission_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \ + {% endif %} --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ + {% if matrix_bot_postmoogle_ssl_path %} --mount type=bind,src={{ matrix_bot_postmoogle_ssl_path }},dst=/ssl \ + {% endif %} {% for arg in matrix_bot_postmoogle_container_extra_arguments %} {{ arg }} \ {% endfor %} diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index 0e5339a9a..f2afe2ff2 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -26,7 +26,7 @@ - name: Obtain Let's Encrypt certificates ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml" - with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}" + with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}" loop_control: loop_var: domain_name diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml index f6fc5a817..769af3235 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml @@ -2,7 +2,7 @@ - name: Verify certificates ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml" - with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}" + with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}" loop_control: loop_var: domain_name when: "matrix_ssl_retrieval_method == 'manually-managed'" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml index 3a7f19587..918b74db3 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml @@ -5,7 +5,7 @@ - name: Generate self-signed certificates ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml" - with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}" + with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}" loop_control: loop_var: domain_name when: "matrix_ssl_retrieval_method == 'self-signed'" From 98b9e2cd848397acfdf1c5573385a2ff7462beb7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:36:53 +0300 Subject: [PATCH 048/349] Add "Component" column to optional-DNS-records table --- docs/configuring-dns.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 05cb4b7ad..8b80613a4 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -28,22 +28,22 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco ## DNS settings for optional services/features -| Type | Host | Priority | Weight | Port | Target | -| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | -| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | -| CNAME | `dimension` | - | - | - | `matrix.` | -| CNAME | `jitsi` | - | - | - | `matrix.` | -| CNAME | `stats` | - | - | - | `matrix.` | -| CNAME | `goneb` | - | - | - | `matrix.` | -| CNAME | `sygnal` | - | - | - | `matrix.` | -| CNAME | `ntfy` | - | - | - | `matrix.` | -| CNAME | `hydrogen` | - | - | - | `matrix.` | -| CNAME | `cinny` | - | - | - | `matrix.` | -| CNAME | `buscarron` | - | - | - | `matrix.` | -| MX | `matrix` | 10 | 0 | - | `matrix.` | -| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | -| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | -| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | +| Type | Host | Priority | Weight | Port | Target | Used by component | +| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | ----------------------------------------------------------------------------------------------------------------------- | +| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | [ma1sd](configuring-playbook-ma1sd.md) identity server | +| CNAME | `dimension` | - | - | - | `matrix.` | [Dimension](configuring-playbook-dimension.md) integration server | +| CNAME | `jitsi` | - | - | - | `matrix.` | [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | +| CNAME | `stats` | - | - | - | `matrix.` | [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | +| CNAME | `goneb` | - | - | - | `matrix.` | [Go-NEB](configuring-playbook-bot-go-neb.md) bot | +| CNAME | `sygnal` | - | - | - | `matrix.` | [Sygnal](configuring-playbook-sygnal.md) push notification gateway | +| CNAME | `ntfy` | - | - | - | `matrix.` | [ntfy](configuring-playbook-ntfy.md) push notifications server | +| CNAME | `hydrogen` | - | - | - | `matrix.` | [Hydrogen](configuring-playbook-client-hydrogen.md) web client | +| CNAME | `cinny` | - | - | - | `matrix.` | [Cinny](configuring-playbook-client-cinny.md) web client | +| CNAME | `buscarron` | - | - | - | `matrix.` | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | +| MX | `matrix` | 10 | 0 | - | `matrix.` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | ## Subdomains setup From 5825a0c9195b990b727d5c0d507671281f01da71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 9 Sep 2022 13:37:52 +0200 Subject: [PATCH 049/349] Cactus comments (#2089) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add construct for cactus comments role * Adjust config files * Add docker self build to defaults * Adjust tasks * Fix smaller syntax errors * Fix env argument * Add tmp path to allow container writing there Background why I did this: https://docs.gunicorn.org/en/stable/settings.html#worker-tmp-dir * Change port back to 5000 as not configurable in container * Try to add appservice config file for synapse to use * Inject appservice file * Correct copied variable name * Comment out unused app service file injection would need mounting the appservice file to the synapse container i guess * Move role before synapse to be able to inject during runtime * Remove unused parts * Change default user id to mirror official docs * Add docs * Update roles/matrix-cactus-comments/tasks/setup_install.yml Co-authored-by: Slavi Pantaleev * Update roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 Co-authored-by: Slavi Pantaleev * Generate secrets if necessary, adjust docs * Rename cactusbot userid * Shorten salt strings Co-authored-by: Slavi Pantaleev * Use tmpfs instead of persistent mount * Remove proxy option as it is nonsense * Add download and serving of cc-client files * Add documentation on client * Clarify docs a bit * Add nginx proxy to required services Signed-off-by: Julian-Samuel Gebühr * Use container address Signed-off-by: Julian-Samuel Gebühr * Correct comment of user id Signed-off-by: Julian-Samuel Gebühr * Use releases or local distributed client Signed-off-by: Julian-Samuel Gebühr * Move homeserver url to defaults Signed-off-by: Julian-Samuel Gebühr * Correct truth value Signed-off-by: Julian-Samuel Gebühr * Add documentation of variables Co-authored-by: Slavi Pantaleev * Tabs vs. spaces Co-authored-by: Slavi Pantaleev * Make nginx root configurable Signed-off-by: Julian-Samuel Gebühr * Complete ake nginx root configurable Signed-off-by: Julian-Samuel Gebühr * Fix file permission Signed-off-by: Julian-Samuel Gebühr * Fix lint errors Signed-off-by: Julian-Samuel Gebühr Signed-off-by: Julian-Samuel Gebühr Co-authored-by: Slavi Pantaleev --- README.md | 2 + docs/configuring-playbook-cactus-comments.md | 63 ++++++++ docs/configuring-playbook.md | 2 + docs/container-images.md | 2 + group_vars/matrix_servers | 29 ++++ .../matrix-cactus-comments/defaults/main.yml | 58 ++++++++ roles/matrix-cactus-comments/tasks/init.yml | 67 +++++++++ roles/matrix-cactus-comments/tasks/main.yml | 23 +++ .../tasks/setup_install.yml | 138 ++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++ .../tasks/validate_config.yml | 10 ++ .../templates/cactus_appservice.yaml.j2 | 19 +++ roles/matrix-cactus-comments/templates/env.j2 | 6 + .../systemd/matrix-cactus-comments.service.j2 | 36 +++++ setup.yml | 1 + 15 files changed, 492 insertions(+) create mode 100644 docs/configuring-playbook-cactus-comments.md create mode 100644 roles/matrix-cactus-comments/defaults/main.yml create mode 100644 roles/matrix-cactus-comments/tasks/init.yml create mode 100644 roles/matrix-cactus-comments/tasks/main.yml create mode 100644 roles/matrix-cactus-comments/tasks/setup_install.yml create mode 100644 roles/matrix-cactus-comments/tasks/setup_uninstall.yml create mode 100644 roles/matrix-cactus-comments/tasks/validate_config.yml create mode 100644 roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 create mode 100644 roles/matrix-cactus-comments/templates/env.j2 create mode 100644 roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 diff --git a/README.md b/README.md index 221e8a85b..e545d18f0 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,8 @@ Using this playbook, you can get the following services configured on your serve - (optional) the [Buscarron](https://gitlab.com/etke.cc/buscarron) bot - see [docs/configuring-playbook-bot-buscarron.md](docs/configuring-playbook-bot-buscarron.md) for setup documentation +- (optional) [Cactus Comments](https://cactus.chat), a federated comment system built on matrix - see [docs/configuring-playbook-cactus-comments.md](docs/configuring-playbook-cactus-comments.md) for setup documentation + Basically, this playbook aims to get you up-and-running with all the necessities around Matrix, without you having to do anything else. **Note**: the list above is exhaustive. It includes optional or even some advanced components that you will most likely not need. diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md new file mode 100644 index 000000000..b62d33b27 --- /dev/null +++ b/docs/configuring-playbook-cactus-comments.md @@ -0,0 +1,63 @@ +# Setting up Cactus Comments (optional) + +The playbook can install and configure [Cactus Comments](https://cactus.chat) for you. + +Cactus Comments is a **federated comment system** built on Matrix. The role allows you to self-host the system. +It respects your privacy, and puts you in control. + +See the project's [documentation](https://cactus.chat/docs/getting-started/introduction/) to learn what it +does and why it might be useful to you. + + +## Configuration + +Add the following block to your `vars.yaml` and make sure to exchange the tokens to randomly generated values. + +```ỳaml +################# +## Cactus Chat ## +################# + +matrix_cactus_comments_enabled: true + +# To allow guest comments without users needing to log in, you need to have guest registration enabled. +# To do this you need to uncomment one of the following lines (depending if you are using synapse or dentrite as a homeserver) +# If you don't know which one you use: The default is synapse ;) +# matrix_synapse_allow_guest_access: true +# matrix_dentrite_allow_guest_access +``` + +## Installing + +After configuring the playbook, run the [installation](installing.md) command again: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` + + +## Usage + +To get started wit cactus comments message @bot.cactusbot:your-homeserver.com and type `help` to make sure it works. +Then register a site by typing: `register `. You will then be invited into a moderation room. +Now you are good to go and can include the comment section on your website! + +**Careful:** To really make use of self-hosting you need change a few things in comparison to the official docs! + +Insert the following snippet into you page and make sure to replace `example.com` with your base domain! + + +```html + + +
+ +``` diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index b3b44b5ff..b17f902f2 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -179,3 +179,5 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional) - [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) (optional) + +- [Setting up a Cactus Comments server](configuring-playbook-cactus-comments.md) - a federated comment system built on Matrix (optional) diff --git a/docs/container-images.md b/docs/container-images.md index b16babff0..737a44578 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -117,3 +117,5 @@ These services are not part of our default installation, but can be enabled by [ - [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) - [Sygnal](https://github.com/matrix-org/sygnal) is a reference Push Gateway for Matrix - [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) - [ntfy](https://ntfy.sh/) is a self-hosted, UnifiedPush-compatible push notifications server + +- [cactuscomments/cactus-appservice](https://hub.docker.com/r/cactuscomments/cactus-appservice/) - [Cactus Comments](https://cactus.chat) a federated comment system built on Matrix diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2c14a917f..d96af3630 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1332,6 +1332,35 @@ matrix_backup_borg_systemd_required_services_list: | # /matrix-backup-borg # ###################################################################### +###################################################################### +# +# matrix-cactus-comments +# +###################################################################### + +matrix_cactus_comments_enabled: false + +# Derive secret values from homeserver secret +matrix_cactus_comments_as_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'cactus.as.token') | to_uuid }}" +matrix_cactus_comments_hs_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'cactus.hs.token') | to_uuid }}" + +matrix_cactus_comments_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_cactus_comments_systemd_required_services_list: | + {{ + (['docker.service']) + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + + + (['matrix-' + matrix_homeserver_implementation + '.service']) + }} + +matrix_cactus_comments_client_nginx_path: {{ '/cactus-comments/' if matrix_nginx_proxy_enabled else matrix_cactus_comments_client_path + '/' }} + +###################################################################### +# +# /matrix-cactus-comments +# +###################################################################### ###################################################################### # diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/matrix-cactus-comments/defaults/main.yml new file mode 100644 index 000000000..dbd5b8441 --- /dev/null +++ b/roles/matrix-cactus-comments/defaults/main.yml @@ -0,0 +1,58 @@ +--- +# Cactus Comments is a federated comment system built on Matrix + +matrix_cactus_comments_enabled: true +matrix_cactus_comments_serve_client_enabled: true +matrix_cactus_comments_container_image_self_build: false +matrix_cactus_comments_docker_repo: "https://gitlab.com/cactus-comments/cactus-appservice.git" +matrix_cactus_comments_docker_repo_version: "{{ matrix_cactus_comments_version if matrix_cactus_comments_version != 'latest' else 'main' }}" +matrix_cactus_comments_docker_src_files_path: "{{ matrix_cactus_comments_base_path }}/docker-src" + + +matrix_cactus_comments_base_path: "{{ matrix_base_data_path }}/cactus-comments" +matrix_cactus_comments_container_tmp_path: "{{ matrix_cactus_comments_base_path }}/tmp" +matrix_cactus_comments_client_path: "{{ matrix_cactus_comments_base_path }}/client" +matrix_cactus_comments_client_file_permissions: "0644" + +matrix_cactus_comments_app_service_config_file: "{{ matrix_cactus_comments_base_path }}/cactus_appservice.yaml" +matrix_cactus_comments_app_service_env_file: "{{ matrix_cactus_comments_base_path }}/cactus.env" + +matrix_cactus_comments_as_token: '' +matrix_cactus_comments_hs_token: '' +matrix_cactus_comments_homeserver_url: "{{ matrix_homeserver_container_url }}" +matrix_cactus_comments_user_id: "bot.cactusbot" +matrix_cactus_comments_tmp_directory_size_mb: 1 + +matrix_cactus_comments_container_port: 5000 + +matrix_cactus_comments_version: latest +matrix_cactus_comments_docker_image: "{{ matrix_container_global_registry_prefix }}cactuscomments/cactus-appservice:{{ matrix_cactus_comments_version }}" +matrix_cactus_comments_docker_image_force_pull: "{{ matrix_cactus_comments_docker_image.endswith(':latest') }}" + +# matrix_cactus_comments_client_version specifies the version of the cactus-client release to use. +# For available versions, see: https://gitlab.com/cactus-comments/cactus-client/-/releases +# Also see: `matrix_cactus_comments_client_local_dir` +matrix_cactus_comments_client_version: "0.13.0" + +# matrix_cactus_comments_client_local_dir specifies a local directory (on the Ansible controller, not on the remote server) with cactus-client files to use. +# This is an alternative to `matrix_cactus_comments_client_version`, to be used when you'd like to +# provide the files locally / manually. +matrix_cactus_comments_client_local_dir: '' + +# matrix_cactus_comments_client_nginx_path specifies the path where nginx can access the client files. +# The default value assumes a container setup. If you're running nginx without a container, consider adjusting this path +matrix_cactus_comments_client_nginx_path: "/cactus-comments/" + +# matrix_cactus_comments_client_endpoint specifies where nginx will serve the files in nginx is enabled +matrix_cactus_comments_client_endpoint: "/cactus-comments/" + +# List of systemd services that matrix-cactus-comments.service depends on +matrix_bot_cactus_comments_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-cactus-comments.service wants +matrix_bot_cactus_comments_systemd_wanted_services_list: [] + +# A list of extra arguments to pass to the container +matrix_cactus_comments_container_extra_arguments: [] + +matrix_cactus_comments_environment_variables_extension: '' diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/matrix-cactus-comments/tasks/init.yml new file mode 100644 index 000000000..78cdd319d --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/init.yml @@ -0,0 +1,67 @@ +--- + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-cactus-comments.service'] }}" + when: matrix_cactus_comments_enabled | bool + +# If the matrix-synapse role is not used, these variables may not exist. +- ansible.builtin.set_fact: + matrix_homeserver_container_runtime_injected_arguments: > + {{ + matrix_homeserver_container_runtime_injected_arguments | default([]) + + + ["--mount type=bind,src={{ matrix_cactus_comments_app_service_config_file }},dst=/matrix-cactus-comments.yaml,ro"] + }} + + matrix_homeserver_app_service_runtime_injected_config_files: > + {{ + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + + + ["/matrix-cactus-comments.yaml"] + }} + when: matrix_cactus_comments_enabled | bool + +- block: + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Cactus Comment's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-cactus-comments role. + when: matrix_nginx_proxy_role_executed | default(False) | bool + + - name: Mount volume + ansible.builtin.set_fact: + matrix_nginx_proxy_container_additional_volumes: > + {{ + matrix_nginx_proxy_container_additional_volumes | default([]) + + + [{"src": "{{ matrix_cactus_comments_client_path }}", "dst": "/cactus-comments/cactus-comments", "options": "ro"}] + }} + - name: Generate Cactus Comment proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_cactus_comments_nginx_proxy_configuration: | + location {{ matrix_cactus_comments_client_endpoint }} { + root {{ matrix_cactus_comments_client_nginx_path }}; + } + when: "matrix_nginx_proxy_enabled | default(False) | bool" + - name: Register Cactus Comment proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_cactus_comments_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled Cactus Comments but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly + when: "not matrix_nginx_proxy_enabled | default(False) | bool" + + tags: + - always + when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool diff --git a/roles/matrix-cactus-comments/tasks/main.yml b/roles/matrix-cactus-comments/tasks/main.yml new file mode 100644 index 000000000..857e2db19 --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_cactus_comments_enabled | bool" + tags: + - setup-all + - setup-cactus-comments + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_cactus_comments_enabled | bool" + tags: + - setup-all + - setup-cactus-comments + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_cactus_comments_enabled | bool" + tags: + - setup-all + - setup-cactus-comments diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/matrix-cactus-comments/tasks/setup_install.yml new file mode 100644 index 000000000..8e6bb68ed --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/setup_install.yml @@ -0,0 +1,138 @@ +--- + +- name: Ensure cactus comments paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_cactus_comments_base_path }}", when: true} + - {path: "{{ matrix_cactus_comments_client_path }}", when: true} + - {path: "{{ matrix_cactus_comments_container_tmp_path }}", when: true} + - {path: "{{ matrix_cactus_comments_docker_src_files_path }}", when: matrix_cactus_comments_container_image_self_build} + when: "item.when | bool" + +- name: Ensure cactus comments environment file created + ansible.builtin.template: + src: "{{ role_path }}/templates/env.j2" + dest: "{{ matrix_cactus_comments_app_service_env_file }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure cactus comments appservice file created + ansible.builtin.template: + src: "{{ role_path }}/templates/cactus_appservice.yaml.j2" + dest: "{{ matrix_cactus_comments_app_service_config_file }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure cactus comments image is pulled + docker_image: + name: "{{ matrix_cactus_comments_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_cactus_comments_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_cactus_comments_docker_image_force_pull }}" + when: "not matrix_cactus_comments_container_image_self_build | bool" + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure cactus comments repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_cactus_comments_docker_repo }}" + version: "{{ matrix_cactus_comments_docker_repo_version }}" + dest: "{{ matrix_cactus_comments_docker_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_cactus_comments_git_pull_results + when: "matrix_cactus_comments_container_image_self_build | bool" + +- name: Ensure cactus comments image is built + docker_image: + name: "{{ matrix_cactus_comments_docker_image }}" + source: build + force_source: "{{ matrix_cactus_comments_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_cactus_comments_docker_src_files_path }}" + pull: true + when: "matrix_cactus_comments_container_image_self_build | bool" + +- block: + - name: Download client binary to local folder + ansible.builtin.get_url: + url: "https://gitlab.com/cactus-comments/cactus-client/-/archive/v{{ matrix_cactus_comments_client_version }}/cactus-client-v{{ matrix_cactus_comments_client_version }}.tar.gz" + dest: "/tmp/cactus-comments-{{ matrix_cactus_comments_client_version }}.tar.gz" + mode: '0644' + register: _download_client + until: _download_client is succeeded + retries: 5 + delay: 2 + check_mode: false + + - name: Unpack client + ansible.builtin.unarchive: + src: "/tmp/cactus-comments-{{ matrix_cactus_comments_client_version }}.tar.gz" + dest: "/tmp/" + remote_src: true + mode: 0600 + check_mode: false + + - name: Propagate client javascript file + ansible.builtin.copy: + src: "/tmp/cactus-client-v{{ matrix_cactus_comments_client_version }}/src/cactus.js" + remote_src: true + dest: "{{ matrix_cactus_comments_client_path }}/cactus.js" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + - name: Propagate client style file + ansible.builtin.copy: + src: "/tmp/cactus-client-v{{ matrix_cactus_comments_client_version }}/src/style.css" + remote_src: true + dest: "{{ matrix_cactus_comments_client_path }}/style.css" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + when: matrix_cactus_comments_client_local_dir | length == 0 + +- block: + - name: Propagate locally distributed client javascreipt + ansible.builtin.copy: + src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js" + dest: "{{ matrix_cactus_comments_client_path }}/cactus.js" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + - name: Propagate locally distributed client style.css + ansible.builtin.copy: + src: "{{ matrix_cactus_comments_client_local_dir }}/src/style.css" + dest: "{{ matrix_cactus_comments_client_path }}/style.css" + mode: "{{ matrix_cactus_comments_client_file_permissions }}" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + when: matrix_cactus_comments_client_local_dir | length > 0 + +- name: Ensure matrix-cactus-comments.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-cactus-comments.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + mode: 0644 + register: matrix_cactus_comments_systemd_service_result + +- name: Ensure systemd reloaded after matrix-cactus-comments.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_cactus_comments_systemd_service_result.changed | bool" + +- name: Ensure matrix-cactus-comments.service restarted, if necessary + ansible.builtin.service: + name: "matrix-cactus-comments.service" + state: restarted diff --git a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml new file mode 100644 index 000000000..011c04b85 --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-cactus-comments service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + register: matrix_cactus_comments_service_stat + +- name: Ensure cactus comments is stopped + ansible.builtin.service: + name: matrix-cactus-comments + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_cactus_comments_service_stat.stat.exists | bool" + +- name: Ensure matrix-cactus-comments.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + state: absent + when: "matrix_cactus_comments_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-cactus-comments.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_cactus_comments_service_stat.stat.exists | bool" + +- name: Ensure Matrix cactus comments paths don't exist + ansible.builtin.file: + path: "{{ matrix_cactus_comments_base_path }}" + state: absent + +- name: Ensure cactus comments Docker image doesn't exist + docker_image: + name: "{{ matrix_cactus_comments_docker_image }}" + state: absent diff --git a/roles/matrix-cactus-comments/tasks/validate_config.yml b/roles/matrix-cactus-comments/tasks/validate_config.yml new file mode 100644 index 000000000..094a203df --- /dev/null +++ b/roles/matrix-cactus-comments/tasks/validate_config.yml @@ -0,0 +1,10 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_cactus_comments_as_token" + - "matrix_cactus_comments_hs_token" diff --git a/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 b/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 new file mode 100644 index 000000000..bfcb4bb36 --- /dev/null +++ b/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 @@ -0,0 +1,19 @@ +# A unique, user-defined ID of the application service which will never change. +id: "Cactus Comments" + +# Where the cactus-appservice is hosted: +url: "http://matrix-cactus-comments:{{ matrix_cactus_comments_container_port }}" + +# Unique tokens used to authenticate requests between our service and the +# homeserver (and the other way). Use the sha256 hashes of something random. +# CHANGE THESE VALUES. +as_token: {{ matrix_cactus_comments_as_token | to_json }} +hs_token: {{ matrix_cactus_comments_hs_token | to_json }} + +# The user id of the cactusbot which can be used to register and moderate sites +sender_localpart: "{{ matrix_cactus_comments_user_id }}" + +namespaces: + aliases: + - exclusive: true + regex: "#comments_.*" diff --git a/roles/matrix-cactus-comments/templates/env.j2 b/roles/matrix-cactus-comments/templates/env.j2 new file mode 100644 index 000000000..ab0489612 --- /dev/null +++ b/roles/matrix-cactus-comments/templates/env.j2 @@ -0,0 +1,6 @@ +CACTUS_HS_TOKEN={{ matrix_cactus_comments_hs_token }} +CACTUS_AS_TOKEN={{ matrix_cactus_comments_as_token }} +CACTUS_HOMESERVER_URL={{ matrix_cactus_comments_homeserver_url }} +CACTUS_USER_ID=@{{ matrix_cactus_comments_user_id }}:{{ matrix_domain }} + +{{ matrix_cactus_comments_environment_variables_extension }} diff --git a/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 new file mode 100644 index 000000000..068255823 --- /dev/null +++ b/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -0,0 +1,36 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Cactus Comments +{% for service in matrix_bot_cactus_comments_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_bot_cactus_comments_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-cactus-comments \ + --log-driver=none \ + --cap-drop=ALL \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --read-only \ + --env-file {{ matrix_cactus_comments_app_service_env_file }} \ + --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_cactus_comments_tmp_directory_size_mb }}m \ + --network={{ matrix_docker_network }} \ + {{ matrix_cactus_comments_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-cactus-comments + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 3b7d235d3..bd78158cd 100755 --- a/setup.yml +++ b/setup.yml @@ -46,6 +46,7 @@ - matrix-bot-postmoogle - matrix-bot-go-neb - matrix-bot-mjolnir + - matrix-cactus-comments - matrix-synapse - matrix-dendrite - matrix-conduit From d2dc9149a9c9d2475cddaa1b26dc64565f269894 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:43:49 +0300 Subject: [PATCH 050/349] =?UTF-8?q?Fix=20YAML=20block=20(=E1=BB=B3aml=20->?= =?UTF-8?q?=20yaml)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- docs/configuring-playbook-cactus-comments.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index b62d33b27..668d3cb6e 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -13,7 +13,7 @@ does and why it might be useful to you. Add the following block to your `vars.yaml` and make sure to exchange the tokens to randomly generated values. -```ỳaml +```yaml ################# ## Cactus Chat ## ################# From c00a8d4099ed5011c818c999bd4a124a3f4e0fff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:47:53 +0300 Subject: [PATCH 051/349] Announce Cactus Comments support Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- CHANGELOG.md | 9 +++++++++ docs/configuring-playbook-cactus-comments.md | 2 +- roles/matrix-cactus-comments/defaults/main.yml | 2 ++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0e094858d..df4957eb5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-09-09 + +## Cactus Comments support + +Thanks to [Julian-Samuel Gebühr (@moan0s)](https://github.com/moan0s), the playbook can now set up [Cactus Comments](https://cactus.chat) - federated comment system for the web based on Matrix. + +See our [Setting up a Cactus Comments server](docs/configuring-playbook-cactus-comments.md) documentation to get started. + + # 2022-08-23 ## Postmoogle email bridge support diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 668d3cb6e..58a989e87 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -38,7 +38,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To get started wit cactus comments message @bot.cactusbot:your-homeserver.com and type `help` to make sure it works. +To get started wit cactus comments message `@bot.cactusbot:your-homeserver.com` and type `help` to make sure it works. Then register a site by typing: `register `. You will then be invited into a moderation room. Now you are good to go and can include the comment section on your website! diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/matrix-cactus-comments/defaults/main.yml index dbd5b8441..a4c50a666 100644 --- a/roles/matrix-cactus-comments/defaults/main.yml +++ b/roles/matrix-cactus-comments/defaults/main.yml @@ -1,5 +1,7 @@ --- # Cactus Comments is a federated comment system built on Matrix +# Project source code URL: https://gitlab.com/cactus-comments/cactus-appservice +# Project source code URL: https://gitlab.com/cactus-comments/cactus-client matrix_cactus_comments_enabled: true matrix_cactus_comments_serve_client_enabled: true From 71555341d1194e90561fa0d65f30764a047b4028 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 14:49:46 +0300 Subject: [PATCH 052/349] Pin Cactus Comments version (latest -> 0.9.0) Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- roles/matrix-cactus-comments/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/matrix-cactus-comments/defaults/main.yml index a4c50a666..224a53489 100644 --- a/roles/matrix-cactus-comments/defaults/main.yml +++ b/roles/matrix-cactus-comments/defaults/main.yml @@ -27,7 +27,7 @@ matrix_cactus_comments_tmp_directory_size_mb: 1 matrix_cactus_comments_container_port: 5000 -matrix_cactus_comments_version: latest +matrix_cactus_comments_version: 0.9.0 matrix_cactus_comments_docker_image: "{{ matrix_container_global_registry_prefix }}cactuscomments/cactus-appservice:{{ matrix_cactus_comments_version }}" matrix_cactus_comments_docker_image_force_pull: "{{ matrix_cactus_comments_docker_image.endswith(':latest') }}" From a4d8a4094bfe5bb3e100b3d2109e38690087fe9c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:02:45 +0300 Subject: [PATCH 053/349] Put "Component" column first in the optional-DNS configuration table Related to 98b9e2cd848397ac --- docs/configuring-dns.md | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 8b80613a4..8d31ab3ff 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -28,22 +28,22 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco ## DNS settings for optional services/features -| Type | Host | Priority | Weight | Port | Target | Used by component | -| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | ----------------------------------------------------------------------------------------------------------------------- | -| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | [ma1sd](configuring-playbook-ma1sd.md) identity server | -| CNAME | `dimension` | - | - | - | `matrix.` | [Dimension](configuring-playbook-dimension.md) integration server | -| CNAME | `jitsi` | - | - | - | `matrix.` | [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | -| CNAME | `stats` | - | - | - | `matrix.` | [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | -| CNAME | `goneb` | - | - | - | `matrix.` | [Go-NEB](configuring-playbook-bot-go-neb.md) bot | -| CNAME | `sygnal` | - | - | - | `matrix.` | [Sygnal](configuring-playbook-sygnal.md) push notification gateway | -| CNAME | `ntfy` | - | - | - | `matrix.` | [ntfy](configuring-playbook-ntfy.md) push notifications server | -| CNAME | `hydrogen` | - | - | - | `matrix.` | [Hydrogen](configuring-playbook-client-hydrogen.md) web client | -| CNAME | `cinny` | - | - | - | `matrix.` | [Cinny](configuring-playbook-client-cinny.md) web client | -| CNAME | `buscarron` | - | - | - | `matrix.` | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | -| MX | `matrix` | 10 | 0 | - | `matrix.` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | -| TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | -| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | -| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | +| Used by component | Type | Host | Priority | Weight | Port | Target | +| ----------------------------------------------------------------------------------------------------------------------- | ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- | +| [ma1sd](configuring-playbook-ma1sd.md) identity server | SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.` | +| [Dimension](configuring-playbook-dimension.md) integration server | CNAME | `dimension` | - | - | - | `matrix.` | +| [Jitsi](configuring-playbook-jitsi.md) video-conferencing platform | CNAME | `jitsi` | - | - | - | `matrix.` | +| [Prometheus/Grafana](configuring-playbook-prometheus-grafana.md) monitoring system | CNAME | `stats` | - | - | - | `matrix.` | +| [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.` | +| [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.` | +| [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.` | +| [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.` | +| [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.` | +| [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md)/[Email2Matrix](configuring-playbook-email2matrix.md) email bridges | MX | `matrix` | 10 | 0 | - | `matrix.` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `matrix` | - | - | - | `v=spf1 ip4: -all` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | +| [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | ## Subdomains setup From 5cfb0fb47799d2eac6ad0437a5548e44a5dd91f3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:06:12 +0300 Subject: [PATCH 054/349] Update Email2Matrix docs page --- docs/configuring-playbook-email2matrix.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 9bebe0e97..56e181f1d 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,6 +1,7 @@ # Setting up Email2Matrix (optional) **Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. +Postmoogle is much more powerful and easier to use, so we recommend that you use it, instead of Email2Matrix. The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. @@ -9,6 +10,10 @@ See the project's [documentation](https://github.com/devture/email2matrix/blob/m ## Preparation +### DNS configuration + +It's not strictly necessary, but you may increase the chances that incoming emails reach your server by adding an `MX` record for `matrix.DOMAIN`, as described in the [Configuring DNS](configuring-dns.md) documentation page. + ### Port availability Ensure that port 25 is available on your Matrix server and open in your firewall. From b510848c6d35501358b045e9de492c5dbbc7a176 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:13:35 +0300 Subject: [PATCH 055/349] Mention that bot.cactusbot is created automatically Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- docs/configuring-playbook-cactus-comments.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-cactus-comments.md b/docs/configuring-playbook-cactus-comments.md index 58a989e87..00c76f543 100644 --- a/docs/configuring-playbook-cactus-comments.md +++ b/docs/configuring-playbook-cactus-comments.md @@ -38,8 +38,10 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To get started wit cactus comments message `@bot.cactusbot:your-homeserver.com` and type `help` to make sure it works. -Then register a site by typing: `register `. You will then be invited into a moderation room. +Upon starting Cactus Comments, a `bot.cactusbot` user account is created automatically. + +To get started, send a `help` message to the `@bot.cactusbot:your-homeserver.com` bot to confirm it's working. +Then, register a site by typing: `register `. You will then be invited into a moderation room. Now you are good to go and can include the comment section on your website! **Careful:** To really make use of self-hosting you need change a few things in comparison to the official docs! From d6bd39c79d3f473d357559eb239eb4042f9b5feb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 15:18:57 +0300 Subject: [PATCH 056/349] Add missing quotes Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d96af3630..31ca61339 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1354,7 +1354,7 @@ matrix_cactus_comments_systemd_required_services_list: | (['matrix-' + matrix_homeserver_implementation + '.service']) }} -matrix_cactus_comments_client_nginx_path: {{ '/cactus-comments/' if matrix_nginx_proxy_enabled else matrix_cactus_comments_client_path + '/' }} +matrix_cactus_comments_client_nginx_path: "{{ '/cactus-comments/' if matrix_nginx_proxy_enabled else matrix_cactus_comments_client_path + '/' }}" ###################################################################### # From c7d8299398fdef5c798fcf41153b6d19f0d18b15 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 9 Sep 2022 16:01:36 +0200 Subject: [PATCH 057/349] Correct service name MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- .../systemd/matrix-ldap-registration-proxy.service.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index afbabe729..13ada897b 100644 --- a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. From 5c954b0d5a99482332bff90cae17abeb47068d71 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 9 Sep 2022 15:55:53 +0000 Subject: [PATCH 058/349] Update Grafana 9.1.3 -> 9.1.4 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index dcd07bf58..5484ed195 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.3 +matrix_grafana_version: 9.1.4 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 8778c14fe27c304507c156f3f86762e9acf15fff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 21:03:41 +0300 Subject: [PATCH 059/349] Upgrade Dendrite (0.9.6 -> 0.9.7) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 28f542e15..db10bafcc 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.6" +matrix_dendrite_docker_image_tag: "v0.9.7" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 11f2cda21a9e8f8d3a060131c210c8cad55994bc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 9 Sep 2022 21:06:17 +0300 Subject: [PATCH 060/349] Upgrade Certbot (1.28 -> 1.30) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 8cf24a228..eec28bee5 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -547,7 +547,7 @@ matrix_ssl_lets_encrypt_staging: false # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server matrix_ssl_lets_encrypt_server: '' -matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.28.0" +matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.30.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 matrix_ssl_lets_encrypt_support_email: ~ From f12206676f295ad4533e308b54a6b8b4eea9ae89 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 13 Sep 2022 15:45:08 +0300 Subject: [PATCH 061/349] Upgrade Synapse (v1.66.0 -> 1.67.0) and remove `frontend_proxy` workers `frontend_proxy` workers have been superseded by `generic_worker` workers. Related to https://github.com/matrix-org/synapse/pull/13645 --- group_vars/matrix_servers | 1 - roles/matrix-nginx-proxy/defaults/main.yml | 1 - .../nginx/conf.d/matrix-synapse.conf.j2 | 30 ------------------- roles/matrix-synapse/defaults/main.yml | 8 +---- .../tasks/synapse/workers/init.yml | 12 -------- .../matrix-synapse/tasks/validate_config.yml | 3 ++ .../templates/synapse/worker.yaml.j2 | 4 +-- roles/matrix-synapse/vars/workers.yml | 29 ++---------------- 8 files changed, 8 insertions(+), 80 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 31ca61339..c0d831e1e 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1762,7 +1762,6 @@ matrix_nginx_proxy_synapse_generic_worker_client_server_locations: "{{ matrix_sy matrix_nginx_proxy_synapse_generic_worker_federation_locations: "{{ matrix_synapse_workers_generic_worker_federation_endpoints }}" matrix_nginx_proxy_synapse_media_repository_locations: "{{matrix_synapse_workers_media_repository_endpoints|default([]) }}" matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_endpoints|default([]) }}" -matrix_nginx_proxy_synapse_frontend_proxy_locations: "{{ matrix_synapse_workers_frontend_proxy_endpoints|default([]) }}" matrix_nginx_proxy_systemd_wanted_services_list: | {{ diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index eec28bee5..a74842158 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -625,7 +625,6 @@ matrix_nginx_proxy_synapse_generic_worker_client_server_locations: [] matrix_nginx_proxy_synapse_generic_worker_federation_locations: [] matrix_nginx_proxy_synapse_media_repository_locations: [] matrix_nginx_proxy_synapse_user_dir_locations: [] -matrix_nginx_proxy_synapse_frontend_proxy_locations: [] # synapse content caching matrix_nginx_proxy_synapse_cache_enabled: false diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 735f45383..81e31a7c0 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -3,7 +3,6 @@ {% set generic_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'generic_worker') | list %} {% set media_repository_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'media_repository') | list %} {% set user_dir_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'user_dir') | list %} -{% set frontend_proxy_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'frontend_proxy') | list %} {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if matrix_nginx_proxy_synapse_cache_enabled %} proxy_cache_path {{ matrix_nginx_proxy_synapse_cache_path }} levels=1:2 keys_zone={{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}:{{ matrix_nginx_proxy_synapse_cache_keys_zone_size }} inactive={{ matrix_nginx_proxy_synapse_cache_inactive_time }} max_size={{ matrix_nginx_proxy_synapse_cache_max_size_mb }}m; @@ -26,18 +25,6 @@ } {% endif %} - {% if frontend_proxy_workers %} - upstream frontend_proxy_upstream { - {% for worker in frontend_proxy_workers %} - {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; - {% else %} - server "127.0.0.1:{{ worker.port }}"; - {% endif %} - {% endfor %} - } - {% endif %} - {% if media_repository_workers %} upstream media_repository_upstream { {% for worker in media_repository_workers %} @@ -120,23 +107,6 @@ server { } {% endfor %} {% endif %} - - {% if frontend_proxy_workers %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappfrontend_proxy - {% for location in matrix_nginx_proxy_synapse_frontend_proxy_locations %} - location ~ {{ location }} { - proxy_pass http://frontend_proxy_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} - {% if matrix_nginx_proxy_synapse_presence_disabled %} - # FIXME: keep in sync with synapse workers documentation manually - location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/[^/]+/status { - proxy_pass http://frontend_proxy_upstream$request_uri; - proxy_set_header Host $host; - } - {% endif %} - {% endif %} {# Workers redirects END #} {% endif %} diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index a25d2d3f1..a7dab5b67 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.66.0 +matrix_synapse_version: v1.67.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" @@ -398,7 +398,6 @@ matrix_synapse_workers_presets: federation_sender_workers_count: 1 media_repository_workers_count: 0 user_dir_workers_count: 0 - frontend_proxy_workers_count: 0 one-of-each: generic_workers_count: 1 pusher_workers_count: 1 @@ -410,7 +409,6 @@ matrix_synapse_workers_presets: # user_dir workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types user_dir_workers_count: 0 - frontend_proxy_workers_count: 1 # Controls whether the matrix-synapse container exposes the various worker ports # (see `port` and `metrics_port` in `matrix_synapse_workers_enabled_list`) outside of the container. @@ -452,10 +450,6 @@ matrix_synapse_workers_user_dir_workers_count: 0 matrix_synapse_workers_user_dir_workers_port_range_start: 18661 matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 -matrix_synapse_workers_frontend_proxy_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['frontend_proxy_workers_count'] }}" -matrix_synapse_workers_frontend_proxy_workers_port_range_start: 18771 -matrix_synapse_workers_frontend_proxy_workers_metrics_range_start: 19771 - # Default list of workers to spawn. # # Unless you populate this manually, this list is dynamically generated diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 4b007bc30..3aa619238 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -56,16 +56,6 @@ register: "matrix_synapse_workers_list_results_media_repository_workers" loop: "{{ range(0, matrix_synapse_workers_media_repository_workers_count | int) | list }}" -- name: Build frontend_proxy workers - ansible.builtin.set_fact: - worker: - type: 'frontend_proxy' - instanceId: "{{ matrix_synapse_workers_frontend_proxy_workers_port_range_start + item }}" - port: "{{ matrix_synapse_workers_frontend_proxy_workers_port_range_start + item }}" - metrics_port: "{{ matrix_synapse_workers_frontend_proxy_workers_metrics_range_start + item }}" - register: "matrix_synapse_workers_list_results_frontend_proxy_workers" - loop: "{{ range(0, matrix_synapse_workers_frontend_proxy_workers_count | int) | list }}" - - ansible.builtin.set_fact: matrix_synapse_dynamic_workers_list: "{{ matrix_synapse_dynamic_workers_list | default([]) + [item.ansible_facts.worker] }}" with_items: | @@ -79,8 +69,6 @@ matrix_synapse_workers_list_results_appservice_workers.results + matrix_synapse_workers_list_results_media_repository_workers.results - + - matrix_synapse_workers_list_results_frontend_proxy_workers.results }} - ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index d32fce977..bcb71c756 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -62,6 +62,9 @@ - {'old': 'matrix_synapse_version_arm64', 'new': ''} - {'old': 'matrix_synapse_enable_group_creation', 'new': ''} - {'old': 'matrix_synapse_account_threepid_delegates_email', 'new': ''} + - {'old': 'matrix_synapse_workers_frontend_proxy_workers_count', 'new': ''} + - {'old': 'matrix_synapse_workers_frontend_proxy_workers_port_range_start', 'new': ''} + - {'old': 'matrix_synapse_workers_frontend_proxy_workers_metrics_range_start', 'new': ''} - name: (Deprecation) Catch and report renamed settings in matrix_synapse_configuration_extension_yaml ansible.builtin.fail: diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 index 239de1f21..33789b0ca 100644 --- a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -11,7 +11,7 @@ worker_replication_http_port: {{ matrix_synapse_replication_http_port }} {% set http_resources = [] %} -{% if matrix_synapse_worker_details.type in ['generic_worker', 'frontend_proxy', 'user_dir'] %} +{% if matrix_synapse_worker_details.type in ['generic_worker', 'user_dir'] %} {% set http_resources = http_resources + ['client'] %} {% endif %} {% if matrix_synapse_worker_details.type in ['generic_worker'] %} @@ -38,7 +38,7 @@ worker_listeners: {% endif %} {% endif %} -{% if matrix_synapse_worker_details.type == 'frontend_proxy' %} +{% if matrix_synapse_worker_details.type == 'generic_worker' %} worker_main_http_uri: http://matrix-synapse:{{ matrix_synapse_container_client_api_port }} {% endif %} diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml index e535d2ccc..3f34bcb2d 100644 --- a/roles/matrix-synapse/vars/workers.yml +++ b/roles/matrix-synapse/vars/workers.yml @@ -55,10 +55,12 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ # Encryption requests + # Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri` - ^/_matrix/client/(r0|v3|unstable)/keys/query$ - ^/_matrix/client/(r0|v3|unstable)/keys/changes$ - ^/_matrix/client/(r0|v3|unstable)/keys/claim$ - ^/_matrix/client/(r0|v3|unstable)/room_keys/ + - ^/_matrix/client/(r0|v3|unstable)/keys/upload/ # Registration/login requests - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ @@ -172,7 +174,6 @@ matrix_synapse_workers_generic_worker_endpoints: # Additionally, the writing of specific streams (such as events) can be moved off # of the main process to a particular worker. - # (This is only supported with Redis-based replication.) # To enable this, the worker must have a HTTP replication listener configured, # have a `worker_name` and be listed in the `instance_map` config. The same worker @@ -432,35 +433,9 @@ matrix_synapse_workers_user_dir_endpoints: # If `update_user_directory` is set to `false`, and this worker is not running, # the above endpoint may give outdated results. -matrix_synapse_workers_frontend_proxy_endpoints: - # Proxies some frequently-requested client endpoints to add caching and remove - # load from the main synapse. It can handle REST endpoints matching the following - # regular expressions: - - - ^/_matrix/client/(r0|v3|unstable)/keys/upload - - # If `use_presence` is False in the homeserver config, it can also handle REST - # endpoints matching the following regular expressions: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/[^/]+/status - - # This "stub" presence handler will pass through `GET` request but make the - # `PUT` effectively a no-op. - - # It will proxy any requests it cannot handle to the main synapse instance. It - # must therefore be configured with the location of the main instance, via - # the `worker_main_http_uri` setting in the `frontend_proxy` worker configuration - # file. For example: - - # ```yaml - # worker_main_http_uri: http://127.0.0.1:8008 - # ``` - matrix_synapse_workers_avail_list: - appservice - federation_sender - - frontend_proxy - generic_worker - media_repository - pusher From afe5a016cb70238668709cf4704de2955a3376f7 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:48:57 +0000 Subject: [PATCH 062/349] Update Grafana 9.1.4 -> 9.1.5 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 5484ed195..dda120a2b 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.4 +matrix_grafana_version: 9.1.5 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From c29a39a6fb56754b9549fcd3ef9d8893336d6f16 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:49:39 +0000 Subject: [PATCH 063/349] Update Element 1.11.4 -> 1.11.5 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index c4e187a94..4898e9ca2 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.4 +matrix_client_element_version: v1.11.5 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 83482721f8c849cd71f94ec933852e8d9b420e55 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:51:32 +0000 Subject: [PATCH 064/349] Update Coturn 4.5.2-r14 -> 4.6.0-r0 --- roles/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index bc87d6544..b2aff9844 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -8,7 +8,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" -matrix_coturn_version: 4.5.2-r14 +matrix_coturn_version: 4.6.0-r0 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From 2edd9a056e7a5ac5bb6159ba7d504995f361df11 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:52:36 +0000 Subject: [PATCH 065/349] Update Appservice IRC 0.34.0 -> 0.35.0 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index 93a8e0844..fb0f3a333 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_irc_version: 0.34.0 +matrix_appservice_irc_version: 0.35.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 17e6c52cbf64882cca428ece1f0dc6730b0a813f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 13 Sep 2022 13:53:45 +0000 Subject: [PATCH 066/349] Update Dendrite 0.9.7 -> 0.9.8 --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index db10bafcc..2a6c4fd67 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.7" +matrix_dendrite_docker_image_tag: "v0.9.8" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 6f02a916ec49c290898b9a36badf99a69b351c4d Mon Sep 17 00:00:00 2001 From: TheOneWithTheBraid Date: Sun, 21 Aug 2022 11:04:47 +0200 Subject: [PATCH 067/349] feat: include matrix_ldap_registration_proxy Fixes: #1144 Signed-off-by: TheOneWithTheBraid --- .../defaults/main.yml | 47 ++++++++++++++ .../tasks/init.yml | 11 ++++ .../tasks/main.yml | 30 +++++++++ ...f_check_matrix_ldap_registration_proxy.yml | 22 +++++++ .../tasks/setup_install.yml | 63 +++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++++++++ .../tasks/validate_config.yml | 0 .../templates/ldap-registration-proxy.env.j2 | 32 ++++++++++ .../matrix-ldap-registration-proxy.service.j2 | 43 +++++++++++++ .../vars/main.yml | 5 ++ 10 files changed, 289 insertions(+) create mode 100644 roles/matrix-ldap-registration-proxy/defaults/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/init.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/main.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_install.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml create mode 100644 roles/matrix-ldap-registration-proxy/tasks/validate_config.yml create mode 100644 roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 create mode 100644 roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 create mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml new file mode 100644 index 000000000..5516f4f9c --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -0,0 +1,47 @@ +--- +# matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? +# Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy + +matrix_ldap_registration_proxy_enabled: false + +matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" +matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" + +matrix_ldap_registration_proxy_version: "296246afc6a9b3105e67fcf6621cf05ebc74b873" + +matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ldap_registration_proxy" +# We need the docker src directory to be named matrix_ldap_registration_proxy. +matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" +matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" + +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" +matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" + +# Controls whether the self-check feature should validate SSL certificates. +matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true + +matrix_ldap_registration_proxy_container_port: 8080 +# Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). +# +# Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. +matrix_ldap_registration_proxy_container_http_host_bind_port: '' + +# A list of extra arguments to pass to the container +matrix_ldap_registration_proxy_container_extra_arguments: [] + +# List of systemd services that matrix_ldap_registration_proxy.service depends on +matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix_ldap_registration_proxy.service wants +matrix_ldap_registration_proxy_systemd_wanted_services_list: [] + +# Default ma1sd configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" + +# Holds the final ma1sd configuration (a combination of the default and its extension). +matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml new file mode 100644 index 000000000..312165cc4 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -0,0 +1,11 @@ +--- +# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 +# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 +- name: Fail if trying to self-build on Ansible < 2.8 + ansible.builtin.fail: + msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" + when: matrix_matrix_ldap_registration_proxy_enabled | bool diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml new file mode 100644 index 000000000..720d27ba8 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -0,0 +1,30 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - setup-all + - setup-matrix-ldap-registration-proxy + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" + delegate_to: 127.0.0.1 + become: false + when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + tags: + - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml new file mode 100644 index 000000000..ce46c45af --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml @@ -0,0 +1,22 @@ +--- + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" + +- name: Check matrix_ldap_registration_proxy Service + ansible.builtin.uri: + url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" + follow_redirects: none + validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" + check_mode: false + register: result_matrix_ldap_registration_proxy + ignore_errors: true + +- name: Fail if matrix_ldap_registration_proxy Service not working + ansible.builtin.fail: + msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" + when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" + +- name: Report working matrix_ldap_registration_proxy Service + ansible.builtin.debug: + msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml new file mode 100644 index 000000000..1f0307ec3 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -0,0 +1,63 @@ +--- + +- name: Ensure matrix_ldap_registration_proxy paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_ldap_registration_proxy_config_path }}", when: true} + - {path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}", when: true} + when: "item.when | bool" + +- ansible.builtin.set_fact: + matrix_ldap_registration_proxy_requires_restart: false + +- name: Ensure matrix_ldap_registration_proxy repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_ldap_registration_proxy_container_image_self_build_repo }}" + dest: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + version: "{{ matrix_ldap_registration_proxy_container_image_self_build_branch }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_ldap_registration_proxy_git_pull_results + +- name: Ensure matrix_ldap_registration_proxy Docker image is built + docker_image: + name: "{{ matrix_ldap_registration_proxy_docker_image }}" + source: build + force_source: "{{ matrix_ldap_registration_proxy_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_ldap_registration_proxy_docker_src_files_path }}" + pull: true + when: true + +- name: Ensure matrix_ldap_registration_proxy config installed + ansible.builtin.copy: + content: "{{ matrix_ldap_registration_proxy_configuration }}" + dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-ldap-registration-proxy.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-ldap-registration-proxy.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + mode: 0644 + register: matrix_ldap_registration_proxy_systemd_service_result + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_ldap_registration_proxy_systemd_service_result.changed | bool" + +- name: Ensure matrix-ldap-registration-proxy.service restarted, if necessary + ansible.builtin.service: + name: "matrix-ldap-registration-proxy.service" + state: restarted + when: "matrix_ldap_registration_proxy_requires_restart | bool" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml new file mode 100644 index 000000000..cc542edf3 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-matrix_ldap_registration_proxy service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + register: matrix_matrix_ldap_registration_proxy_service_stat + +- name: Ensure matrix-matrix_ldap_registration_proxy is stopped + ansible.builtin.service: + name: matrix-matrix_ldap_registration_proxy + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure matrix-ldap-registration-proxy.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + state: absent + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + +- name: Ensure Matrix matrix_ldap_registration_proxy paths don't exist + ansible.builtin.file: + path: "{{ matrix_matrix_ldap_registration_proxy_base_path }}" + state: absent + +- name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist + docker_image: + name: "{{ matrix_matrix_ldap_registration_proxy_docker_image }}" + state: absent diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml new file mode 100644 index 000000000..e69de29bb diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 new file mode 100644 index 000000000..e7ee29ba1 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -0,0 +1,32 @@ +# please specify the configuration here +# +# these settings are mandatory + +# The server to connect to. Please note it must be accessible from the Docker network +# example: `ldap://127.0.0.1:389` +LDAP_SERVER={{ matrix_ldap_registration_proxy_ldap_uri }} + +# the base DN used for user creation + +LDAP_BASE_DN={{ matrix_ldap_registration_proxy_ldap_base_dn }} + +# the privileged user used for user creation including it's DN +# example: `uid=admin,cn=users,cn=accounts,dc=example,dc=org` + +LDAP_USER={{ matrix_ldap_registration_proxy_ldap_user }} + +# the password of the `LDAP_USER` used for authentication +LDAP_PASSWORD={{ matrix_ldap_registration_proxy_ldap_password }} + +# the human-readable server name of your Matrix server as used in the Matrix ID +# example: `example.org` +MATRIX_SERVER_NAME={{ matrix_ldap_registration_proxy_matrix_server_name }} + +# the url to access the Matrix server API without trailing `/` +# example: `https://matrix.example.org` +MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} + +# these settings are optional: + +# Specify the port to listen on. Default to 8080 +LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 new file mode 100644 index 000000000..afbabe729 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -0,0 +1,43 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=matrix_ldap_registration_proxy +{% for service in matrix_ldap_registration_proxy_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_ldap_registration_proxy_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' + +# matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, +# so /tmp needs to be mounted with an exec option. +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --read-only \ + --network={{ matrix_docker_network }} \ + {% if matrix_ldap_registration_proxy_container_http_host_bind_port %} + -p {{ matrix_ldap_registration_proxy_container_http_host_bind_port }}:{{ matrix_ldap_registration_proxy_container_port }} \ + {% endif %} + --env-file {{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env \ + {% for arg in matrix_ldap_registration_proxy_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_ldap_registration_proxy_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-ldap-registration-proxy + +[Install] +WantedBy=multi-user.target diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml new file mode 100644 index 000000000..3adc735e9 --- /dev/null +++ b/roles/matrix-ldap-registration-proxy/vars/main.yml @@ -0,0 +1,5 @@ +--- + +# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). +# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. +matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From 8e76d712df66e7c0191e064562d8ae563cb79736 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:44:49 +0200 Subject: [PATCH 068/349] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/vars/main.yml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/vars/main.yml diff --git a/roles/matrix-ldap-registration-proxy/vars/main.yml b/roles/matrix-ldap-registration-proxy/vars/main.yml deleted file mode 100644 index 3adc735e9..000000000 --- a/roles/matrix-ldap-registration-proxy/vars/main.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- - -# Doing `|from_yaml` when the extension contains nothing yields an empty string (""). -# We need to ensure it's a dictionary or `|combine` (when building `matrix_ma1sd_configuration`) will fail later. -matrix_ma1sd_configuration_extension: "{{ matrix_ma1sd_configuration_extension_yaml | from_yaml if matrix_ma1sd_configuration_extension_yaml | from_yaml else {} }}" From 91e75d650ec69eb205fdcf59324c26f7d3fb9111 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:46:56 +0200 Subject: [PATCH 069/349] Validate that basic LDAP settings are provided --- .../tasks/validate_config.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml index e69de29bb..6b52af9c8 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml @@ -0,0 +1,12 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_ldap_registration_proxy_ldap_uri" + - "matrix_ldap_registration_proxy_ldap_base_dn" + - "matrix_ldap_registration_proxy_ldap_user" + - "matrix_ldap_registration_proxy_ldap_password" From 42230b6765e972d37d6ae4eb2ad008e9de0e8346 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:53:26 +0200 Subject: [PATCH 070/349] Make role enabled in role but turn it off in group vars --- group_vars/matrix_servers | 14 ++++++++++++++ .../defaults/main.yml | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index c0d831e1e..1898d9f71 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1570,6 +1570,20 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # /matrix-jitsi # ###################################################################### +###################################################################### +# +# matrix-ldap-registration-proxy +# +###################################################################### + +# This is only for users with a specific LDAP setup +matrix_ldap_registration_proxy_enabled: false + +###################################################################### +# +# /matrix-ldap-registration-proxy +# +###################################################################### ###################################################################### # diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 5516f4f9c..44a670c15 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -2,7 +2,7 @@ # matrix_ldap_registration_proxy - Want to build a large-scale Matrix server using external registration on LDAP? # Project source code URL: https://gitlab.com/activism.international/matrix_ldap_registration_proxy -matrix_ldap_registration_proxy_enabled: false +matrix_ldap_registration_proxy_enabled: true matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" From b6fee92f0e3d43ad6e8ffc82195fb3e8ad872aac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:56:03 +0200 Subject: [PATCH 071/349] Avoid cross-referencing of variables in role, move to group vars --- group_vars/matrix_servers | 6 ++++++ roles/matrix-ldap-registration-proxy/defaults/main.yml | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 1898d9f71..a204093e5 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1579,6 +1579,12 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # This is only for users with a specific LDAP setup matrix_ldap_registration_proxy_enabled: false +# Use the LDAP values specified for the synapse role to setup LDAP proxy +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" + ###################################################################### # # /matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 44a670c15..4165c5910 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -14,10 +14,10 @@ matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ld matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" -matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" -matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" -matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" -matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +matrix_ldap_registration_proxy_ldap_uri: "" +matrix_ldap_registration_proxy_ldap_base_dn: "" +matrix_ldap_registration_proxy_ldap_user: "" +matrix_ldap_registration_proxy_ldap_password: "" matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" From b4fdc622fd671b94d9a1fd5a50751938ca495d89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 08:59:07 +0200 Subject: [PATCH 072/349] Remove ma1sd leftovers --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 4165c5910..15f597495 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,9 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default ma1sd configuration template which covers the generic use case. +# Default LDAP configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" -# Holds the final ma1sd configuration (a combination of the default and its extension). +# Holds the final LDAP configuration (a combination of the default and its extension). matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" From bdfd84e146069290a0942b928bf58ada6e5e3729 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:09 +0200 Subject: [PATCH 073/349] Use a template option for the env with variable extension --- .../matrix-ldap-registration-proxy/defaults/main.yml | 11 ++++++----- .../tasks/setup_install.yml | 4 ++-- .../templates/ldap-registration-proxy.env.j2 | 3 +++ 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 15f597495..469a2f295 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -39,9 +39,10 @@ matrix_ldap_registration_proxy_systemd_required_services_list: ['docker.service' # List of systemd services that matrix_ldap_registration_proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: [] -# Default LDAP configuration template which covers the generic use case. -# You can customize it by controlling the various variables inside it. -matrix_ldap_registration_proxy_configuration_env: "{{ lookup('template', 'templates/ldap-registration-proxy.env.j2') }}" +# Additional environment variables to pass to the LDAP proxy environment variables. +# +# Example: +# matrix_ldap_registration_proxy_env_variables_extension: | +# KEY=value +matrix_ldap_registration_proxy_env_variables_extension: '' -# Holds the final LDAP configuration (a combination of the default and its extension). -matrix_ldap_registration_proxy_configuration: "{{ matrix_ldap_registration_proxy_configuration_env }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml index 1f0307ec3..870373370 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -37,8 +37,8 @@ when: true - name: Ensure matrix_ldap_registration_proxy config installed - ansible.builtin.copy: - content: "{{ matrix_ldap_registration_proxy_configuration }}" + ansible.builtin.template: + src: "{{ role_path }}/templates/ldap-registration-proxy.env.j2" dest: "{{ matrix_ldap_registration_proxy_config_path }}/ldap-registration-proxy.env" mode: 0644 owner: "{{ matrix_user_username }}" diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 index e7ee29ba1..581a0b0d8 100644 --- a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 @@ -30,3 +30,6 @@ MATRIX_SERVER_URL={{ matrix_ldap_registration_proxy_matrix_server_url }} # Specify the port to listen on. Default to 8080 LISTEN_PORT={{ matrix_ldap_registration_proxy_container_port }} + +# Use this to extend the configuration with custom variables +{{ matrix_ldap_registration_proxy_env_variables_extension }} From 7c79f78d03039c2ba25086dc6e8fea19f372e337 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 09:09:59 +0200 Subject: [PATCH 074/349] Remove selfcheck --- .../tasks/main.yml | 7 ------ ...f_check_matrix_ldap_registration_proxy.yml | 22 ------------------- 2 files changed, 29 deletions(-) delete mode 100644 roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml index 720d27ba8..576fc1f48 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/main.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -21,10 +21,3 @@ tags: - setup-all - setup-matrix-ldap-registration-proxy - -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/self_check_matrix_ldap_registration_proxy.yml" - delegate_to: 127.0.0.1 - become: false - when: "run_self_check | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" - tags: - - self-check diff --git a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml b/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml deleted file mode 100644 index ce46c45af..000000000 --- a/roles/matrix-ldap-registration-proxy/tasks/self_check_matrix_ldap_registration_proxy.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- - -- ansible.builtin.set_fact: - matrix_ldap_registration_proxy_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/r0/register" - -- name: Check matrix_ldap_registration_proxy Service - ansible.builtin.uri: - url: "{{ matrix_ldap_registration_proxy_url_endpoint_public }}" - follow_redirects: none - validate_certs: "{{ matrix_matrix_ldap_registration_proxy_self_check_validate_certificates }}" - check_mode: false - register: result_matrix_ldap_registration_proxy - ignore_errors: true - -- name: Fail if matrix_ldap_registration_proxy Service not working - ansible.builtin.fail: - msg: "Failed checking matrix_ldap_registration_proxy is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`). Is matrix_ldap_registration_proxy running? Is port 443 open in your firewall? Full error: {{ result_matrix_ldap_registration_proxy }}" - when: "result_matrix_ldap_registration_proxy.failed or 'json' not in result_matrix_ldap_registration_proxy" - -- name: Report working matrix_ldap_registration_proxy Service - ansible.builtin.debug: - msg: "matrix_ldap_registration_proxy at `{{ matrix_server_fqn_matrix }}` is working (checked endpoint: `{{ matrix_ldap_registration_proxy_url_endpoint_public }}`)" From a03b5efc42a66c5357cf28cefce5f6c2cd786bbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 4 Sep 2022 19:38:27 +0200 Subject: [PATCH 075/349] Add nginx rewrite for registration --- .../defaults/main.yml | 4 ++++ .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 ++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 469a2f295..712e1101d 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -30,6 +30,10 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" + + # A list of extra arguments to pass to the container matrix_ldap_registration_proxy_container_extra_arguments: [] diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 2895ba14a..0e16e3e31 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,6 +129,20 @@ } {% endif %} + {% if matrix_ldap_registration_proxy_enabled %} + location _matrix/client/r0/register { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; + proxy_pass http://$backend/register; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; + {% endif %} + } + {% endif %} + {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From 94c9312bd0ee4d94145f889cf525775d2356d85c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:48:19 +0200 Subject: [PATCH 076/349] Remove matrix LDAP proxy config from nginx role --- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 0e16e3e31..2895ba14a 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -129,20 +129,6 @@ } {% endif %} - {% if matrix_ldap_registration_proxy_enabled %} - location _matrix/client/r0/register { - {% if matrix_nginx_proxy_enabled %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; - proxy_pass http://$backend/register; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }}/register; - {% endif %} - } - {% endif %} - {% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %} {{- configuration_block }} {% endfor %} From 19e61b0ad726d8b9592a02bb504b2089be91bf3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:52:43 +0200 Subject: [PATCH 077/349] Inject nginx configuration for ldap proxy at runtime --- .../tasks/init.yml | 51 ++++++++++++++++++- 1 file changed, 49 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 312165cc4..15017333b 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -4,8 +4,55 @@ - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: msg: "To self-build the matrix_ldap_registration_proxy image, you should use Ansible 2.8 or higher. See docs/ansible.md" - when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_matrix_ldap_registration_proxy_container_image_self_build and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ldap_registration_proxy_container_image_self_build and matrix_ldap_registration_proxy_enabled | bool" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" - when: matrix_matrix_ldap_registration_proxy_enabled | bool + when: matrix_ldap_registration_proxy_enabled | bool + +- block: + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. + when: matrix_nginx_proxy_role_executed | default(False) | bool + + - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | + location {{ matrix_ldap_registration_proxy_public_endpoint }} { + {% if matrix_nginx_proxy_enabled | default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; + proxy_pass http://$backend/register;; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; + {% endif %} + } + + - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` + URL endpoint to the matrix-matrix-ldap-proxy container. + You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. + when: "not matrix_nginx_proxy_enabled | default(False) | bool" + + tags: + - always + when: matrix_ldap_registration_proxy_enabled | bool and matrix_ldap_registration_proxy_appservice_public_enabled | bool From d33a668e6535c9ddab25289fbb50b1abd76667a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 5 Sep 2022 21:54:10 +0200 Subject: [PATCH 078/349] Add role to setup.yml --- setup.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/setup.yml b/setup.yml index bd78158cd..723f87d9c 100755 --- a/setup.yml +++ b/setup.yml @@ -60,6 +60,7 @@ - matrix-client-hydrogen - matrix-client-cinny - matrix-jitsi + - matrix-ldap-registration-proxy - matrix-ma1sd - matrix-dimension - matrix-etherpad From 1da77f03b16b0832b79189767b143668f226f7af Mon Sep 17 00:00:00 2001 From: TheOneWithTheBraid Date: Tue, 6 Sep 2022 09:01:35 +0000 Subject: [PATCH 079/349] fix: updated default variables Signed-off-by: TheOneWithTheBraid --- .../matrix-ldap-registration-proxy/defaults/main.yml | 7 ++++++- roles/matrix-ldap-registration-proxy/tasks/init.yml | 4 ++-- roles/matrix-ldap-registration-proxy/tasks/main.yml | 6 +++--- .../tasks/setup_uninstall.yml | 12 ++++++------ .../matrix-ldap-registration-proxy.service.j2 | 4 ++-- 5 files changed, 19 insertions(+), 14 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 712e1101d..8f7a2e2db 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -7,6 +7,9 @@ matrix_ldap_registration_proxy_enabled: true matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" +matrix_ldap_registration_proxy_docker_image: "{{ matrix_ldap_registration_proxy_docker_image_name_prefix }}activism.international/matrix_ldap_registration_proxy:{{ matrix_ldap_registration_proxy_version }}" +matrix_ldap_registration_proxy_docker_image_name_prefix: "localhost/" + matrix_ldap_registration_proxy_version: "296246afc6a9b3105e67fcf6621cf05ebc74b873" matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ldap_registration_proxy" @@ -14,6 +17,8 @@ matrix_ldap_registration_proxy_base_path: "{{ matrix_base_data_path }}/matrix_ld matrix_ldap_registration_proxy_docker_src_files_path: "{{ matrix_ldap_registration_proxy_base_path }}/docker-src/matrix_ldap_registration_proxy" matrix_ldap_registration_proxy_config_path: "{{ matrix_ldap_registration_proxy_base_path }}/config" +matrix_ldap_registration_proxy_appservice_public_enabled: false + matrix_ldap_registration_proxy_ldap_uri: "" matrix_ldap_registration_proxy_ldap_base_dn: "" matrix_ldap_registration_proxy_ldap_user: "" @@ -22,7 +27,7 @@ matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" # Controls whether the self-check feature should validate SSL certificates. -matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true +matrix_ldap_registration_proxy_self_check_validate_certificates: true matrix_ldap_registration_proxy_container_port: 8080 # Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 15017333b..f7ed52c5a 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -7,7 +7,7 @@ when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ldap_registration_proxy_container_image_self_build and matrix_ldap_registration_proxy_enabled | bool" - ansible.builtin.set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-matrix-ldap-registration-proxy.service'] }}" + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-ldap-registration-proxy.service'] }}" when: matrix_ldap_registration_proxy_enabled | bool - block: @@ -49,7 +49,7 @@ NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy reverse proxy. Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` - URL endpoint to the matrix-matrix-ldap-proxy container. + URL endpoint to the matrix-ldap-proxy container. You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/matrix-ldap-registration-proxy/tasks/main.yml index 576fc1f48..5815774ec 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/main.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/main.yml @@ -5,19 +5,19 @@ - always - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "run_setup | bool and matrix_ldap_registration_proxy_enabled | bool" tags: - setup-all - setup-matrix-ldap-registration-proxy - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup | bool and matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "run_setup | bool and matrix_ldap_registration_proxy_enabled | bool" tags: - setup-all - setup-matrix-ldap-registration-proxy - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup | bool and not matrix_matrix_ldap_registration_proxy_enabled | bool" + when: "run_setup | bool and not matrix_ldap_registration_proxy_enabled | bool" tags: - setup-all - setup-matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml index cc542edf3..3225a3ae5 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -3,7 +3,7 @@ - name: Check existence of matrix-matrix_ldap_registration_proxy service ansible.builtin.stat: path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" - register: matrix_matrix_ldap_registration_proxy_service_stat + register: matrix_ldap_registration_proxy_service_stat - name: Ensure matrix-matrix_ldap_registration_proxy is stopped ansible.builtin.service: @@ -12,25 +12,25 @@ enabled: false daemon_reload: true register: stopping_result - when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" - name: Ensure matrix-ldap-registration-proxy.service doesn't exist ansible.builtin.file: path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" state: absent - when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" - name: Ensure systemd reloaded after matrix-ldap-registration-proxy.service removal ansible.builtin.service: daemon_reload: true - when: "matrix_matrix_ldap_registration_proxy_service_stat.stat.exists | bool" + when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" - name: Ensure Matrix matrix_ldap_registration_proxy paths don't exist ansible.builtin.file: - path: "{{ matrix_matrix_ldap_registration_proxy_base_path }}" + path: "{{ matrix_ldap_registration_proxy_base_path }}" state: absent - name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist docker_image: - name: "{{ matrix_matrix_ldap_registration_proxy_docker_image }}" + name: "{{ matrix_ldap_registration_proxy_docker_image }}" state: absent diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index afbabe729..4c68ed46c 100644 --- a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-matrix_ldap_registration_proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix_ldap_registration_proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix_ldap_registration_proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. From 54d5741ec14563a454f17982bccd527a0dec1e4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 6 Sep 2022 09:37:35 +0200 Subject: [PATCH 080/349] Fix typo --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 8f7a2e2db..2d2894c9f 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -35,7 +35,7 @@ matrix_ldap_registration_proxy_container_port: 8080 # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. matrix_ldap_registration_proxy_container_http_host_bind_port: '' -matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_-egistration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" From ef523d68a4230233b61b1c41f3bf8fada08cfcd8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 14 Sep 2022 08:13:01 +0300 Subject: [PATCH 081/349] Suppress errors in docker kill/rm calls for Synapse workers We do the same everywhere else. This is an omission. --- .../synapse/systemd/matrix-synapse-worker.service.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index c7ef13fa9..4a38251d7 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -8,8 +8,8 @@ After=matrix-synapse.service Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} -ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' # Intentional delay, so that the homeserver can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -46,8 +46,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor run -m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} -ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} -ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' ExecReload={{ matrix_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' Restart=always From cb2e57e33ad6e95b18a93b0c366f45f4be224c12 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 14 Sep 2022 09:58:33 +0000 Subject: [PATCH 082/349] Update Postmoogle 0.9.1 -> 0.9.2 --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 6f7a96cc6..b411f70db 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.1 +matrix_bot_postmoogle_version: v0.9.2 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From a7067b054d065d419ae632a537891baa88b93e69 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 14 Sep 2022 17:19:47 +0000 Subject: [PATCH 083/349] Bump frenck/action-yamllint from 1.2.0 to 1.3.0 Bumps [frenck/action-yamllint](https://github.com/frenck/action-yamllint) from 1.2.0 to 1.3.0. - [Release notes](https://github.com/frenck/action-yamllint/releases) - [Commits](https://github.com/frenck/action-yamllint/compare/v1.2.0...v1.3.0) --- updated-dependencies: - dependency-name: frenck/action-yamllint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/matrix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml index aa107858b..f63eade4c 100644 --- a/.github/workflows/matrix.yml +++ b/.github/workflows/matrix.yml @@ -13,7 +13,7 @@ jobs: - name: Check out uses: actions/checkout@v3 - name: Run yamllint - uses: frenck/action-yamllint@v1.2.0 + uses: frenck/action-yamllint@v1.3.0 ansible-lint: name: ansible-lint runs-on: ubuntu-latest From fde5fef8b389b0d6a98b61914712f8e3f52d4676 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 14 Sep 2022 20:44:35 +0300 Subject: [PATCH 084/349] Fix Cactus Comments nginx injection when matrix-nginx-proxy disabled Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2101 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089 --- roles/matrix-cactus-comments/tasks/init.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/matrix-cactus-comments/tasks/init.yml index 78cdd319d..9a15cf89b 100644 --- a/roles/matrix-cactus-comments/tasks/init.yml +++ b/roles/matrix-cactus-comments/tasks/init.yml @@ -35,17 +35,18 @@ ansible.builtin.set_fact: matrix_nginx_proxy_container_additional_volumes: > {{ - matrix_nginx_proxy_container_additional_volumes | default([]) + matrix_nginx_proxy_container_additional_volumes | default([]) + [{"src": "{{ matrix_cactus_comments_client_path }}", "dst": "/cactus-comments/cactus-comments", "options": "ro"}] }} + - name: Generate Cactus Comment proxying configuration for matrix-nginx-proxy ansible.builtin.set_fact: matrix_cactus_comments_nginx_proxy_configuration: | location {{ matrix_cactus_comments_client_endpoint }} { root {{ matrix_cactus_comments_client_nginx_path }}; } - when: "matrix_nginx_proxy_enabled | default(False) | bool" + - name: Register Cactus Comment proxying configuration with matrix-nginx-proxy ansible.builtin.set_fact: matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | @@ -54,6 +55,7 @@ + [matrix_cactus_comments_nginx_proxy_configuration] }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: msg: >- From 05819056bc16b7e5ba2e75060bf1e9dcb003f999 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 14 Sep 2022 20:54:00 +0300 Subject: [PATCH 085/349] Document that using Synapse workers with not-matrix-nginx-proxy causes troubles Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090 --- docs/configuring-playbook-synapse.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 50860a178..7c38b5ccd 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -42,7 +42,7 @@ matrix_postgres_process_extra_arguments: [ ] ``` -If you're using the default setup (the `matrix-nginx-proxy` webserver being enabled) or you're using your own `nginx` server (which imports the configuration files generated by the playbook), you're good to go. If you use some other webserver, you may need to tweak your reverse-proxy setup manually to forward traffic to the various workers. +**NOTE**: Disabling `matrix-nginx-proxy` (`matrix_nginx_proxy_enabled: false`) (that is, [using your own other webserver](configuring-playbook-own-webserver.md) when running a Synapse worker setup is likely to cause various troubles (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090)). In case any problems occur, make sure to have a look at the [list of synapse issues about workers](https://github.com/matrix-org/synapse/issues?q=workers+in%3Atitle) and your `journalctl --unit 'matrix-*'`. From 99f4f5edc77011189fdbd0eacabf14df36624bb0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 07:46:17 +0300 Subject: [PATCH 086/349] Add note that disabling matrix-nginx-proxy may be a bad idea sometimes Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090 --- docs/configuring-playbook-own-webserver.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 76fa2d8b3..7e5d60013 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -1,11 +1,14 @@ # Using your own webserver, instead of this playbook's nginx proxy (optional, advanced) -By default, this playbook installs its own nginx webserver (in a Docker container) which listens on ports 80 and 443. +By default, this playbook installs its own nginx webserver (called `matrix-nginx-proxy`, in a Docker container) which listens on ports 80 and 443. If that's alright, you can skip this. If you don't want this playbook's nginx webserver to take over your server's 80/443 ports like that, and you'd like to use your own webserver (be it nginx, Apache, Varnish Cache, etc.), you can. +You should note, however, that the playbook's services work best when you keep using the integrated `matrix-nginx-proxy` webserver. +For example, disabling `matrix-nginx-proxy` when running a [Synapse worker setup for load-balancing](configuring-playbook-synapse.md#load-balancing-with-workers) (a more advanced, non-default configuration) is likely to cause various troubles (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090)). If you need a such more scalable setup, disabling `matrix-nginx-proxy` will be a bad idea. If yours will be a simple (default, non-worker-load-balancing) deployment, disabling `matrix-nginx-proxy` may be fine. + There are **2 ways you can go about it**, if you'd like to use your own webserver: - [Method 1: Disabling the integrated nginx reverse-proxy webserver](#method-1-disabling-the-integrated-nginx-reverse-proxy-webserver) From 226c550ffafc08d3d34d4a92882ed3729124faa0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 07:05:25 +0300 Subject: [PATCH 087/349] Add support for stream writer Synapse workers As stream writer workers are also powered by the `generic_worker` Synapse app, this necessitated that we provide means for distinguishing between them and regular `generic_workers`. I've also taken the time to optimize nginx configuration generation (more Jinja2 macro usage, less duplication). Worker names have also changed. Workers are now named sequentially like this: - `matrix-synapse-worker-0-generic` - `matrix-synapse-worker-1-stream-writer-typing` - `matrix-synapse-worker-2-pusher` instead of `matrix-synapse-worker_generic_worker-18111` (indexed with a port number). People who modify `matrix_synapse_workers_enabled_list` directly will need to adjust their configuration. --- CHANGELOG.md | 39 ++++++ ...configuring-playbook-prometheus-grafana.md | 8 +- group_vars/matrix_servers | 7 + roles/matrix-nginx-proxy/defaults/main.yml | 5 + .../nginx/conf.d/matrix-synapse.conf.j2 | 125 +++++++++++------- .../templates/prometheus.yml.j2 | 5 +- roles/matrix-synapse/defaults/main.yml | 112 ++++++++++++++-- roles/matrix-synapse/tasks/init.yml | 10 +- .../tasks/synapse/workers/init.yml | 50 ++++++- .../inject_systemd_services_for_worker.yml | 19 --- .../synapse/workers/util/inject_worker.yml | 65 +++++++++ .../workers/util/setup_files_for_worker.yml | 10 +- .../matrix-synapse/tasks/validate_config.yml | 5 + .../templates/synapse/homeserver.yaml.j2 | 8 +- .../external_prometheus.yml.example.j2 | 7 +- .../systemd/matrix-synapse-worker.service.j2 | 2 +- .../synapse/systemd/matrix-synapse.service.j2 | 2 +- .../templates/synapse/worker.yaml.j2 | 36 +++-- roles/matrix-synapse/vars/main.yml | 55 ++++++++ 19 files changed, 449 insertions(+), 121 deletions(-) delete mode 100644 roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml create mode 100644 roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index df4957eb5..2b9b149e1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,42 @@ +# 2022-09-15 + +## (Potential Backward Compatibility Break) Major changes to Synapse workers + +People who are interested in running a Synapse worker setup should know that **our Synapse worker implementation is much more powerful now**: + +- we've added [Stream writers support](#stream-writers-support) +- see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) + +### Stream writers support + +From now on, the playbook lets you easily set up various [stream writer workers](https://matrix-org.github.io/synapse/latest/workers.html#stream-writers) which can handle different streams (`events` stream; `typing` URL endpoints, `to_device` URL endpoints, `account_data` URL endpoints, `receipts` URL endpoints, `presence` URL endpoints). All of this work was previously handled by the main Synapse process, but can now be offloaded to stream writer worker processes. + +If you're using `matrix_synapse_workers_preset: one-of-each`, you'll automatically get 6 additional workers (one for each of the above stream types). Our `little-federation-helper` preset (meant to be quite minimal and focusing in improved federation performance) does not include stream writer workers. + +If you'd like to customize the number of workers we also make that possible using these variables: + +```yaml +# Synapse only supports more than 1 worker for the `events` stream. +# All other streams can utilize either 0 or 1 workers, not more than that. +matrix_synapse_workers_stream_writer_events_stream_workers_count: 5 +matrix_synapse_workers_stream_writer_typing_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_to_device_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_account_data_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_receipts_stream_workers_count: 1 +matrix_synapse_workers_stream_writer_presence_stream_workers_count: 1 +``` + +### Potential Backward Incompatibilities after these Synapse worker changes + +Below we'll discuss **potential backward incompatibilities**. + +- **Worker names** (container names, systemd services, worker configuration files) **have changed**. Workers are now labeled sequentially (e.g. `matrix-synapse-worker_generic_worker-18111` -> `matrix-synapse-worker-generic-0`). The playbook will handle these changes automatically. + +- **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. + +- **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. + + # 2022-09-09 ## Cactus Comments support diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index b2878c12b..f86566a94 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -90,11 +90,11 @@ matrix_nginx_proxy_proxy_matrix_metrics_additional_user_location_configuration_b Using `matrix_nginx_proxy_proxy_matrix_metrics_additional_user_location_configuration_blocks` only takes effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true` (see above). -Note : The playbook will hash the basic_auth password for you on setup. Thus, you need to give the plain-text version of the password as a variable. +Note : The playbook will hash the basic_auth password for you on setup. Thus, you need to give the plain-text version of the password as a variable. ### Collecting Synapse worker metrics to an external Prometheus server -If you are using workers (`matrix_synapse_workers_enabled: true`) and have enabled `matrix_synapse_metrics_proxying_enabled` as described above, the playbook will also automatically expose all Synapse worker threads' metrics to `https://matrix.DOMAIN/metrics/synapse/worker/TYPE-ID`, where `TYPE` corresponds to the type and `ID` to the instanceId of a worker as exemplified in `matrix_synapse_workers_enabled_list`. +If you are using workers (`matrix_synapse_workers_enabled: true`) and have enabled `matrix_synapse_metrics_proxying_enabled` as described above, the playbook will also automatically expose all Synapse worker threads' metrics to `https://matrix.DOMAIN/metrics/synapse/worker/ID`, where `ID` corresponds to the worker `id` as exemplified in `matrix_synapse_workers_enabled_list`. The playbook also generates an exemplary config file (`/matrix/synapse/external_prometheus.yml.template`) with all the correct paths which you can copy to your Prometheus server and adapt to your needs. Make sure to edit the specified `password_file` path and contents and path to your `synapse-v2.rules`. It will look a bit like this: @@ -111,8 +111,8 @@ scrape_configs: labels: job: "master" index: 1 - - job_name: 'synapse-generic_worker-1' - metrics_path: /metrics/synapse/worker/generic_worker-18111 + - job_name: 'matrix-synapse-synapse-worker-generic-worker-0' + metrics_path: /metrics/synapse/worker/generic-worker-0 scheme: https basic_auth: username: prometheus diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index c0d831e1e..e891a3d9a 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1760,6 +1760,11 @@ matrix_nginx_proxy_synapse_workers_enabled: "{{ matrix_synapse_workers_enabled } matrix_nginx_proxy_synapse_workers_list: "{{ matrix_synapse_workers_enabled_list }}" matrix_nginx_proxy_synapse_generic_worker_client_server_locations: "{{ matrix_synapse_workers_generic_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_generic_worker_federation_locations: "{{ matrix_synapse_workers_generic_worker_federation_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_typing_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_to_device_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints }}" +matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_media_repository_locations: "{{matrix_synapse_workers_media_repository_endpoints|default([]) }}" matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_endpoints|default([]) }}" @@ -1767,6 +1772,8 @@ matrix_nginx_proxy_systemd_wanted_services_list: | {{ ['matrix-' + matrix_homeserver_implementation + '.service'] + + (matrix_synapse_webserving_workers_systemd_services_list if matrix_homeserver_implementation == 'synapse' and matrix_synapse_workers_enabled) + + (['matrix-corporal.service'] if matrix_corporal_enabled else []) + (['matrix-ma1sd.service'] if matrix_ma1sd_enabled else []) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index a74842158..88c99ea9b 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -623,6 +623,11 @@ matrix_nginx_proxy_synapse_workers_enabled: false matrix_nginx_proxy_synapse_workers_list: [] matrix_nginx_proxy_synapse_generic_worker_client_server_locations: [] matrix_nginx_proxy_synapse_generic_worker_federation_locations: [] +matrix_nginx_proxy_synapse_stream_writer_typing_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_to_device_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations: [] +matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations: [] matrix_nginx_proxy_synapse_media_repository_locations: [] matrix_nginx_proxy_synapse_user_dir_locations: [] diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 81e31a7c0..bbce7462b 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -1,23 +1,52 @@ #jinja2: lstrip_blocks: "True" {% set generic_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'generic_worker') | list %} +{% set stream_writer_typing_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'typing') | list %} +{% set stream_writer_to_device_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'to_device') | list %} +{% set stream_writer_account_data_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'account_data') | list %} +{% set stream_writer_receipts_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'receipts') | list %} +{% set stream_writer_presence_stream_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'stream_writer') | selectattr('stream_writer_stream', 'equalto', 'presence') | list %} {% set media_repository_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'media_repository') | list %} {% set user_dir_workers = matrix_nginx_proxy_synapse_workers_list | selectattr('type', 'equalto', 'user_dir') | list %} + +{% macro render_worker_upstream(name, workers, matrix_nginx_proxy_enabled) %} +{% if workers | length > 0 %} + upstream {{ name }} { + {% for worker in workers %} + {% if matrix_nginx_proxy_enabled %} + server "{{ worker.name }}:{{ worker.port }}"; + {% else %} + server "127.0.0.1:{{ worker.port }}"; + {% endif %} + {% endfor %} + } +{% endif %} +{% endmacro %} + +{% macro render_locations_to_upstream(locations, upstream_name) %} + {% for location in locations %} + location ~ {{ location }} { + proxy_pass http://{{ upstream_name }}$request_uri; + proxy_set_header Host $host; + } + {% endfor %} +{% endmacro %} + {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if matrix_nginx_proxy_synapse_cache_enabled %} proxy_cache_path {{ matrix_nginx_proxy_synapse_cache_path }} levels=1:2 keys_zone={{ matrix_nginx_proxy_synapse_cache_keys_zone_name }}:{{ matrix_nginx_proxy_synapse_cache_keys_zone_size }} inactive={{ matrix_nginx_proxy_synapse_cache_inactive_time }} max_size={{ matrix_nginx_proxy_synapse_cache_max_size_mb }}m; {% endif %} # Round Robin "upstream" pools for workers - {% if generic_workers %} - upstream generic_worker_upstream { + {% if generic_workers |length > 0 %} + upstream generic_workers_upstream { # ensures that requests from the same client will always be passed # to the same server (except when this server is unavailable) hash $http_x_forwarded_for; {% for worker in generic_workers %} {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; + server "{{ worker.name }}:{{ worker.port }}"; {% else %} server "127.0.0.1:{{ worker.port }}"; {% endif %} @@ -25,29 +54,15 @@ } {% endif %} - {% if media_repository_workers %} - upstream media_repository_upstream { - {% for worker in media_repository_workers %} - {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; - {% else %} - server "127.0.0.1:{{ worker.port }}"; - {% endif %} - {% endfor %} - } - {% endif %} + {{ render_worker_upstream('stream_writer_typing_stream_workers_upstream', stream_writer_typing_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_to_device_stream_workers_upstream', stream_writer_to_device_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_account_data_stream_workers_upstream', stream_writer_account_data_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_receipts_stream_workers_upstream', stream_writer_receipts_stream_workers, matrix_nginx_proxy_enabled) }} + {{ render_worker_upstream('stream_writer_presence_stream_workers_upstream', stream_writer_presence_stream_workers, matrix_nginx_proxy_enabled) }} - {% if user_dir_workers %} - upstream user_dir_upstream { - {% for worker in user_dir_workers %} - {% if matrix_nginx_proxy_enabled %} - server "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.port }}"; - {% else %} - server "127.0.0.1:{{ worker.port }}"; - {% endif %} - {% endfor %} - } - {% endif %} + {{ render_worker_upstream('media_repository_workers_upstream', media_repository_workers, matrix_nginx_proxy_enabled) }} + + {{ render_worker_upstream('user_dir_workers_upstream', user_dir_workers, matrix_nginx_proxy_enabled) }} {% endif %} server { @@ -65,21 +80,41 @@ server { {% if matrix_nginx_proxy_synapse_workers_enabled %} {# Workers redirects BEGIN #} - {% if generic_workers %} + {% if generic_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker - {% for location in matrix_nginx_proxy_synapse_generic_worker_client_server_locations %} - location ~ {{ location }} { - proxy_pass http://generic_worker_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_client_server_locations, 'generic_workers_upstream') }} + {% endif %} + + {% if stream_writer_typing_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_typing_stream_worker_client_server_locations, 'stream_writer_typing_stream_workers_upstream') }} + {% endif %} + + {% if stream_writer_to_device_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_to_device_stream_worker_client_server_locations, 'stream_writer_to_device_stream_workers_upstream') }} + {% endif %} + + {% if stream_writer_account_data_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_server_locations, 'stream_writer_account_data_stream_workers_upstream') }} {% endif %} - {% if media_repository_workers %} + {% if stream_writer_receipts_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations, 'stream_writer_receipts_stream_workers_upstream') }} + {% endif %} + + {% if stream_writer_presence_stream_workers | length > 0 %} + # https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations, 'stream_writer_presence_stream_workers_upstream') }} + {% endif %} + + {% if media_repository_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { - proxy_pass http://media_repository_upstream$request_uri; + proxy_pass http://media_repository_workers_upstream$request_uri; proxy_set_header Host $host; client_body_buffer_size 25M; @@ -97,15 +132,10 @@ server { {% endfor %} {% endif %} - {% if user_dir_workers %} + {% if user_dir_workers | length > 0 %} # FIXME: obsolete if matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled is set # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappuser_dir - {% for location in matrix_nginx_proxy_synapse_user_dir_locations %} - location ~ {{ location }} { - proxy_pass http://user_dir_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_user_dir_locations, 'user_dir_workers_upstream') }} {% endif %} {# Workers redirects END #} {% endif %} @@ -150,20 +180,15 @@ server { gzip_types text/plain application/json; {% if matrix_nginx_proxy_synapse_workers_enabled %} - {% if generic_workers %} + {% if generic_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker - {% for location in matrix_nginx_proxy_synapse_generic_worker_federation_locations %} - location ~ {{ location }} { - proxy_pass http://generic_worker_upstream$request_uri; - proxy_set_header Host $host; - } - {% endfor %} + {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_federation_locations, 'generic_workers_upstream') }} {% endif %} - {% if media_repository_workers %} + {% if media_repository_workers | length > 0 %} # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { - proxy_pass http://media_repository_upstream$request_uri; + proxy_pass http://media_repository_workers_upstream$request_uri; proxy_set_header Host $host; client_body_buffer_size 25M; diff --git a/roles/matrix-prometheus/templates/prometheus.yml.j2 b/roles/matrix-prometheus/templates/prometheus.yml.j2 index f3262f485..628f4f4f9 100644 --- a/roles/matrix-prometheus/templates/prometheus.yml.j2 +++ b/roles/matrix-prometheus/templates/prometheus.yml.j2 @@ -37,11 +37,12 @@ scrape_configs: index: 0 {% for worker in matrix_prometheus_scraper_synapse_workers_enabled_list %} {% if worker.metrics_port != 0 %} - - targets: ['matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.metrics_port }}'] + - targets: ['{{ worker.name }}:{{ worker.metrics_port }}'] labels: instance: {{ matrix_domain }} + worker_id: {{ worker.id }} job: {{ worker.type }} - index: {{ worker.instanceId }} + app: {{ worker.app }} {% endif %} {% endfor %} {% endif %} diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index a7dab5b67..4213c4f18 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -398,6 +398,12 @@ matrix_synapse_workers_presets: federation_sender_workers_count: 1 media_repository_workers_count: 0 user_dir_workers_count: 0 + stream_writer_events_stream_workers_count: 0 + stream_writer_typing_stream_workers_count: 0 + stream_writer_to_device_stream_workers_count: 0 + stream_writer_account_data_stream_workers_count: 0 + stream_writer_receipts_stream_workers_count: 0 + stream_writer_presence_stream_workers_count: 0 one-of-each: generic_workers_count: 1 pusher_workers_count: 1 @@ -409,6 +415,12 @@ matrix_synapse_workers_presets: # user_dir workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types user_dir_workers_count: 0 + stream_writer_events_stream_workers_count: 1 + stream_writer_typing_stream_workers_count: 1 + stream_writer_to_device_stream_workers_count: 1 + stream_writer_account_data_stream_workers_count: 1 + stream_writer_receipts_stream_workers_count: 1 + stream_writer_presence_stream_workers_count: 1 # Controls whether the matrix-synapse container exposes the various worker ports # (see `port` and `metrics_port` in `matrix_synapse_workers_enabled_list`) outside of the container. @@ -421,6 +433,71 @@ matrix_synapse_workers_generic_workers_count: "{{ matrix_synapse_workers_presets matrix_synapse_workers_generic_workers_port_range_start: 18111 matrix_synapse_workers_generic_workers_metrics_range_start: 19111 +# matrix_synapse_workers_stream_writer_events_stream_workers_count controls how many stream writers that handle the `events` stream to spawn. +# More than 1 worker is also supported of this type. +matrix_synapse_workers_stream_writer_events_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_events_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_typing_stream_workers_count controls how many stream writers that handle the `typing` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_typing_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_typing_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_to_device_stream_workers_count controls how many stream writers that handle the `to_device` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_to_device_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_to_device_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_account_data_stream_workers_count controls how many stream writers that handle the `account_data` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_account_data_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_account_data_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_receipts_stream_workers_count controls how many stream writers that handle the `receipts` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_receipts_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_receipts_stream_workers_count'] }}" + +# matrix_synapse_workers_stream_writer_presence_stream_workers_count controls how many stream writers that handle the `presence` stream to spawn. +# The count of these workers can only be 0 or 1. +matrix_synapse_workers_stream_writer_presence_stream_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['stream_writer_presence_stream_workers_count'] }}" + +# A list of stream writer workers to enable. This list is built automatically based on other variables. +# You're encouraged to enable/disable stream writer workers by setting `matrix_synapse_workers_stream_writer_*_stream_workers_count` variables, instead of adjusting this list manually. +matrix_synapse_workers_stream_writers: | + {{ + [] + + + ([{'stream': 'events'}] * matrix_synapse_workers_stream_writer_events_stream_workers_count | int) + + + ([{'stream': 'typing'}] * matrix_synapse_workers_stream_writer_typing_stream_workers_count | int) + + + ([{'stream': 'to_device'}] * matrix_synapse_workers_stream_writer_to_device_stream_workers_count | int) + + + ([{'stream': 'account_data'}] * matrix_synapse_workers_stream_writer_account_data_stream_workers_count | int) + + + ([{'stream': 'receipts'}] * matrix_synapse_workers_stream_writer_receipts_stream_workers_count | int) + + + ([{'stream': 'presence'}] * matrix_synapse_workers_stream_writer_presence_stream_workers_count | int) + }} + +# matrix_synapse_stream_writers populates the `stream_writers` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# What you see below is an initial default value which will be adjusted at runtime based on the value of `matrix_synapse_workers_stream_writers`. +# Adjusting this value manually is generally not necessary. +# +# It's tempting to initialize this like this: +# matrix_synapse_stream_writers: +# - typing: [] +# - events: [] +# - to_device: [] +# - account_data: [] +# - receipts: [] +# - presence: [] +# .. but Synapse does not like empty lists (see https://github.com/matrix-org/synapse/issues/13804) +matrix_synapse_stream_writers: {} + +# `matrix_synapse_workers_stream_writer_workers_` variables control the port numbers of various stream writer workers +# defined in `matrix_synapse_workers_stream_writers`. +# It should be noted that not all of the background worker types will need to expose HTTP services, etc. +matrix_synapse_workers_stream_writer_workers_http_port_range_start: 20011 +matrix_synapse_workers_stream_writer_workers_replication_port_range_start: 25011 +matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19111 + # matrix_synapse_workers_pusher_workers_count can only be 0 or 1 for now. # More instances are not supported due to a playbook limitation having to do with keeping `pusher_instances` in `homeserver.yaml` updated. # See https://github.com/matrix-org/synapse/commit/ddfdf945064925eba761ae3748e38f3a1c73c328 @@ -463,25 +540,36 @@ matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 # as certain workers can only be spawned just once. # # Each worker instance in the list defines the following fields: -# - `type` - the type of worker (`generic_worker`, etc.) -# - `instanceId` - a string that identifies the worker. The combination of (`type` + `instanceId`) represents the name of the worker and must be unique. +# - `id` - a string that uniquely identifies the worker +# - `name` - a string that will be used as the container and systemd service name +# - `type` - the type of worker (`generic_worker`, `stream_writer`, `pusher`, etc.) +# - `app` - the Synapse app (https://matrix-org.github.io/synapse/latest/workers.html#available-worker-applications) that powers this worker (`generic_worker`, `federation_sender`, etc.). +# The `app` usually matches the `type`, but not always. For example, `type = stream_writer` workers are served by the `generic_worker` type. # - `port` - an HTTP port where the worker listens for requests (can be `0` for workers that don't do HTTP request processing) # - `metrics_port` - an HTTP port where the worker exports Prometheus metrics +# - `replication_port` - an HTTP port where the worker serves `replication` endpoints (used by stream writers, etc.) +# - `webserving` - tells whether this type of worker serves web (client or federation) requests, so that it can be injected as a dependency to the reverse-proxy # # Example of what this needs to look like, if you're defining it manually: # matrix_synapse_workers_enabled_list: -# - { type: generic_worker, instanceId: '18111', port: 18111, metrics_port: 19111 } -# - { type: generic_worker, instanceId: '18112', port: 18112, metrics_port: 19112 } -# - { type: generic_worker, instanceId: '18113', port: 18113, metrics_port: 19113 } -# - { type: generic_worker, instanceId: '18114', port: 18114, metrics_port: 19114 } -# - { type: generic_worker, instanceId: '18115', port: 18115, metrics_port: 19115 } -# - { type: generic_worker, instanceId: '18116', port: 18116, metrics_port: 19116 } -# - { type: pusher, instanceId: '0', port: 0, metrics_port: 19200 } -# - { type: appservice, instanceId: '0', port: 0, metrics_port: 19300 } -# - { type: federation_sender, instanceId: '0', port: 0, metrics_port: 19400 } -# - { type: media_repository, instanceId: '18551', port: 18551, metrics_port: 19551 } +# - { 'id': 'generic-worker-0', 'name': 'matrix-synapse-worker-generic-0', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18111, 'metrics_port': 19111, 'webserving': true } +# - { 'id': 'generic-worker-1', 'name': 'matrix-synapse-worker-generic-1', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18112, 'metrics_port': 19112, 'webserving': true } +# - { 'id': 'generic-worker-2', 'name': 'matrix-synapse-worker-generic-2', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18113, 'metrics_port': 19113, 'webserving': true } +# - { 'id': 'generic-worker-3', 'name': 'matrix-synapse-worker-generic-3', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18114, 'metrics_port': 19114, 'webserving': true } +# - { 'id': 'generic-worker-4', 'name': 'matrix-synapse-worker-generic-4', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18115, 'metrics_port': 19115, 'webserving': true } +# - { 'id': 'generic-worker-5', 'name': 'matrix-synapse-worker-generic-5', 'type': 'generic_worker', 'app': 'generic_worker', 'port': 18116, 'metrics_port': 19116, 'webserving': true } +# - { 'id': 'stream-writer-0-events', 'name': 'matrix-synapse-worker-stream-writer-0-events', 'type': 'stream_writer', 'app': 'generic_worker', 'stream_writer_stream': 'events', 'port': 0, 'replication_port': 25011, metrics_port: 19111, 'webserving': false } +# - { 'id': 'stream-writer-1-typing', 'name': 'matrix-synapse-worker-stream-writer-1-typing', 'type': 'stream_writer', 'app': 'generic_worker', 'stream_writer_stream': 'typing', 'port': 20012, 'replication_port': 25012, metrics_port: 19112, 'webserving': true } +# - { 'id': 'pusher-0', 'name': 'matrix-synapse-worker-pusher-0', 'type': 'pusher', 'app': 'pusher', 'port': 0, 'metrics_port': 19200, 'webserving': false } +# - { 'id': 'appservice-0', 'name': 'matrix-synapse-worker-appservice-0', 'type': 'appservice', 'port': 0, 'metrics_port': 19300, 'webserving': false } +# - { 'id': 'federation-sender-0', 'name': 'matrix-synapse-worker-federation-sender-0', 'type': 'federation_sender', 'port': 0, 'metrics_port': 19400, 'webserving': false } +# - { 'id': 'media-repository-0', 'name': 'matrix-synapse-worker-media-repository-0', 'type': 'media_repository', 'port': 18551, 'metrics_port': 19551, 'webserving': true } matrix_synapse_workers_enabled_list: [] +# matrix_synapse_instance_map holds the instance map used for mapping worker names (for certain generic workers only!) to where they live (host, port which handles replication traffic). +# This is populated automatically based on `matrix_synapse_workers_enabled_list` during runtime, so you're not required to tweak it manually. +matrix_synapse_instance_map: {} + # Redis information matrix_synapse_redis_enabled: false matrix_synapse_redis_host: "" diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index 77696bced..8610a33b7 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -8,15 +8,15 @@ # Unless `matrix_synapse_workers_enabled_list` is explicitly defined, # we'll generate it dynamically. -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/synapse/workers/init.yml" +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/init.yml" when: "matrix_synapse_enabled and matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list|length == 0" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse.service'] }}" when: matrix_synapse_enabled | bool -- name: Ensure systemd services for workers are injected - ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml" +- name: Ensure workers are injected into various places + ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/util/inject_worker.yml" with_items: "{{ matrix_synapse_workers_enabled_list }}" loop_control: loop_var: matrix_synapse_worker_details @@ -65,9 +65,9 @@ matrix_synapse_worker_nginx_metrics_configuration_block: | {% for worker in matrix_synapse_workers_enabled_list %} {% if worker.metrics_port != 0 %} - location /metrics/synapse/worker/{{ worker.type }}-{{ worker.instanceId }} { + location /metrics/synapse/worker/{{ worker.id }} { resolver 127.0.0.11 valid=5s; - set $backend "matrix-synapse-worker-{{ worker.type }}-{{ worker.instanceId }}:{{ worker.metrics_port }}"; + set $backend "{{ worker.name }}:{{ worker.metrics_port }}"; proxy_pass http://$backend/_synapse/metrics; proxy_set_header Host $host; } diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 3aa619238..fe613e70d 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -7,18 +7,47 @@ - name: Build generic workers ansible.builtin.set_fact: worker: + id: "generic-worker-{{ item }}" + name: "matrix-synapse-worker-generic-{{ item }}" type: 'generic_worker' - instanceId: "{{ matrix_synapse_workers_generic_workers_port_range_start + item }}" + app: 'generic_worker' + webserving: true port: "{{ matrix_synapse_workers_generic_workers_port_range_start + item }}" metrics_port: "{{ matrix_synapse_workers_generic_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_generic_workers" loop: "{{ range(0, matrix_synapse_workers_generic_workers_count | int) | list }}" +- name: Build stream writer workers + ansible.builtin.set_fact: + worker: + id: "stream-writer-{{ item }}-{{ item.stream }}" + # Names must not include understores. Certain stream writer streams (to_device, account_data, ..) do, so we fix them up. + name: "matrix-synapse-worker-stream-writer-{{ idx }}-{{ item.stream | replace('_', '-') }}" + type: 'stream_writer' + app: "generic_worker" + webserving: "{{ item.stream in matrix_synapse_workers_webserving_stream_writer_types }}" + stream_writer_stream: "{{ item.stream }}" + port: "{{ matrix_synapse_workers_stream_writer_workers_http_port_range_start + idx }}" + replication_port: "{{ matrix_synapse_workers_stream_writer_workers_replication_port_range_start + idx }}" + metrics_port: "{{ matrix_synapse_workers_stream_writer_workers_metrics_range_start + idx }}" + register: "matrix_synapse_workers_list_results_stream_writer_workers" + loop: "{{ matrix_synapse_workers_stream_writers }}" + loop_control: + index_var: idx + +- name: Populate matrix_synapse_stream_writers from enabled stream writer workers list + ansible.builtin.set_fact: + matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine ({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" + with_items: "{{ matrix_synapse_workers_list_results_stream_writer_workers.results }}" + - name: Build federation sender workers ansible.builtin.set_fact: worker: + id: "federation-sender-{{ item }}" + name: "matrix-synapse-worker-federation-sender-{{ item }}" type: 'federation_sender' - instanceId: "{{ item }}" + app: 'federation_sender' + webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_federation_sender_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_federation_sender_workers" @@ -28,8 +57,11 @@ - name: Build pusher workers ansible.builtin.set_fact: worker: + id: "pusher-{{ item }}" + name: "matrix-synapse-worker-pusher-{{ item }}" type: 'pusher' - instanceId: "{{ item }}" + app: 'pusher' + webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_pusher_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_pusher_workers" @@ -39,8 +71,11 @@ - name: Build appservice workers ansible.builtin.set_fact: worker: + id: "appservice-{{ item }}" + name: "matrix-synapse-worker-appservice-{{ item }}" type: 'appservice' - instanceId: "{{ item }}" + app: 'appservice' + webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_appservice_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_appservice_workers" @@ -49,8 +84,11 @@ - name: Build media_repository workers ansible.builtin.set_fact: worker: + id: "media-repository-{{ item }}" + name: "matrix-synapse-worker-media-repository-{{ item }}" type: 'media_repository' - instanceId: "{{ matrix_synapse_workers_media_repository_workers_port_range_start + item }}" + app: 'media_repository' + webserving: true port: "{{ matrix_synapse_workers_media_repository_workers_port_range_start + item }}" metrics_port: "{{ matrix_synapse_workers_media_repository_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_media_repository_workers" @@ -62,6 +100,8 @@ {{ matrix_synapse_workers_list_results_generic_workers.results + + matrix_synapse_workers_list_results_stream_writer_workers.results + + matrix_synapse_workers_list_results_federation_sender_workers.results + matrix_synapse_workers_list_results_pusher_workers.results diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml deleted file mode 100644 index 2ecb3f2bf..000000000 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_systemd_services_for_worker.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -# The tasks below run before `validate_config.yml`. -# To avoid failing with a cryptic error message, we'll do validation here. -# -# This check is mostly relevant to people who explicitly define `matrix_synapse_workers_enabled_list` -# (Synapse Workers users from the earlier days of this PR - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456). -# -# In the future, it should be possible to remove this check. -# Our own code which dynamically builds `matrix_synapse_workers_enabled_list` does things right. -- name: Fail if instanceId not defined for worker - ansible.builtin.fail: - msg: "Synapse workers (like {{ matrix_synapse_worker_details | to_json }}) need to define an instanceId property (type + instanceId must be unique)" - when: "'instanceId' not in matrix_synapse_worker_details" - -- ansible.builtin.set_fact: - matrix_synapse_worker_systemd_service_name: "matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.instanceId }}.service" - -- ansible.builtin.set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_systemd_service_name] }}" diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml new file mode 100644 index 000000000..4f6b43986 --- /dev/null +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -0,0 +1,65 @@ +--- +# The tasks below run before `validate_config.yml`. +# To avoid failing with a cryptic error message, we'll do validation here. +# +# This check is mostly relevant to people who explicitly define `matrix_synapse_workers_enabled_list` +# (Synapse Workers users from the earlier days of this PR - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456). +# +# In the future, it should be possible to remove this check. +# Our own code which dynamically builds `matrix_synapse_workers_enabled_list` does things right. +- name: Fail if required property not defined for worker + ansible.builtin.fail: + msg: "Synapse workers (like {{ matrix_synapse_worker_details | to_json }}) need to define a `{{ item }}` property" + with_items: + - id + - name + - type + - app + - port + - webserving + when: "item not in matrix_synapse_worker_details" + +# Names are used for container names and systemd services. +# Routing happens based on container names, so Synapse processes that try to route to workers with underscores in the name will complain. Example: +# > InvalidCodepoint Codepoint U+005F at position 46 of 'matrix-synapse-worker-stream-writer-3-account_data' not allowed +- name: Fail if worker name includes underscore + ansible.builtin.fail: + msg: "Unrecognized Synapse worker `name`: `{{ matrix_synapse_worker_details.name }}`. It must not include underscores" + when: "'_' in matrix_synapse_worker_details.name" + +- name: Fail if worker type unknown + ansible.builtin.fail: + msg: "Unrecognized Synapse worker `type`: `{{ matrix_synapse_worker_details.type }}`. Supported types are: {{ matrix_synapse_known_worker_types | join(', ') }}" + when: "matrix_synapse_worker_details.type not in matrix_synapse_known_worker_types" + +- name: Fail if worker app unknown + ansible.builtin.fail: + msg: "Unrecognized Synapse worker `app`: `{{ matrix_synapse_worker_details.app }}`. Supported types are: {{ matrix_synapse_workers_avail_list | join(', ') }}" + when: "matrix_synapse_worker_details.app not in matrix_synapse_workers_avail_list" + +- block: + - name: Fail if stream_writer_stream not defined for stream_writer worker + ansible.builtin.fail: + msg: >- + Synapse stream_writer workers (such as {{ item }}) need to define a valid `stream_writer_stream` property + (not `{{ matrix_synapse_worker_details.stream_writer_stream|default('undefined') }}`). + Supported types are: {{ matrix_synapse_workers_known_stream_writer_stream_types | join(', ') }} + when: "'stream_writer_stream' not in matrix_synapse_worker_details or matrix_synapse_worker_details.stream_writer_stream not in matrix_synapse_workers_known_stream_writer_stream_types" + + - name: Fail if replication_port not defined for stream_writer worker + ansible.builtin.fail: + msg: "Synapse background workers of type stream_writer (such as {{ item }}) need to define a valid `replication_port` property" + when: "'replication_port' not in matrix_synapse_worker_details" + when: "matrix_synapse_worker_details.type == 'stream_writer'" + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" + +- ansible.builtin.set_fact: + matrix_synapse_webserving_workers_systemd_services_list: "{{ matrix_synapse_webserving_workers_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" + when: matrix_synapse_worker_details.webserving | bool + +# Inject stream writers and various other background workers into the instance map. +- ansible.builtin.set_fact: + matrix_synapse_instance_map: "{{ matrix_synapse_instance_map | combine({matrix_synapse_worker_details.name: {'host': matrix_synapse_worker_details.name, 'port': matrix_synapse_worker_details.replication_port}}) }}" + when: matrix_synapse_worker_details.type in matrix_synapse_known_instance_map_eligible_worker_types diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml index d6d4924fb..d3f309175 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml @@ -1,13 +1,9 @@ --- - ansible.builtin.set_fact: - matrix_synapse_worker_systemd_service_name: "matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.instanceId }}" - -- ansible.builtin.set_fact: - matrix_synapse_worker_container_name: "{{ matrix_synapse_worker_systemd_service_name }}" - -- ansible.builtin.set_fact: - matrix_synapse_worker_config_file_name: "worker.{{ matrix_synapse_worker_details.type }}_{{ matrix_synapse_worker_details.instanceId }}.yaml" + matrix_synapse_worker_systemd_service_name: "{{ matrix_synapse_worker_details.name }}" + matrix_synapse_worker_container_name: "{{ matrix_synapse_worker_details.name }}" + matrix_synapse_worker_config_file_name: "worker.{{ matrix_synapse_worker_details.name }}.yaml" - name: Ensure configuration exists for {{ matrix_synapse_worker_systemd_service_name }} ansible.builtin.template: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index bcb71c756..1fc708166 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -32,6 +32,11 @@ with_items: - "matrix_synapse_workers_pusher_workers_count" - "matrix_synapse_workers_federation_sender_workers_count" + - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" + - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" + - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" + - "matrix_synapse_workers_stream_writer_receipts_stream_workers_count" + - "matrix_synapse_workers_stream_writer_presence_stream_workers_count" - name: (Deprecation) Catch and report renamed settings ansible.builtin.fail: diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 04c4b3cf5..86d03be41 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -352,13 +352,13 @@ worker_app: synapse.app.homeserver # thx https://oznetnerd.com/2017/04/18/jinja2-selectattr-filter/ # reduce the main worker's offerings to core homeserver business -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list %} +{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0 %} send_federation: false {% endif %} -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list %} +{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} enable_media_repo: false {% endif %} -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list %} +{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0 %} start_pushers: false {% endif %} @@ -2870,6 +2870,7 @@ opentracing: # worker1: # host: localhost # port: 8034 +instance_map: {{ matrix_synapse_instance_map | to_json }} # Experimental: When using workers you can define which workers should # handle event persistence and typing notifications. Any worker @@ -2878,6 +2879,7 @@ opentracing: #stream_writers: # events: worker1 # typing: worker1 +stream_writers: {{ matrix_synapse_stream_writers | to_json }} # The worker that is used to run background tasks (e.g. cleaning up expired # data). If not provided this defaults to the main process. diff --git a/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 b/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 index b194c3c2d..1501697d7 100644 --- a/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 +++ b/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 @@ -24,8 +24,8 @@ scrape_configs: job: "master" index: "0" {% for worker in matrix_synapse_workers_enabled_list %} - - job_name: 'synapse-{{ worker.type }}-{{ worker.instanceId }}' - metrics_path: /metrics/synapse/worker/{{ worker.type }}-{{ worker.instanceId }} + - job_name: '{{ worker.name }}' + metrics_path: /metrics/synapse/worker/{{ worker.id }} scheme: {{ 'https' if matrix_nginx_proxy_https_enabled|default(true) else 'http' }} {% if matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled|default(true) %} basic_auth: @@ -35,6 +35,7 @@ scrape_configs: static_configs: - targets: ['{{ matrix_server_fqn_matrix }}:{{ matrix_nginx_proxy_container_https_host_bind_port|default(443) if matrix_nginx_proxy_https_enabled|default(true) else matrix_nginx_proxy_container_http_host_bind_port|default(80) }}'] labels: + worker_id: {{ worker.id }} job: "{{ worker.type }}" - index: "{{ worker.instanceId }}" + app: {{ worker.app }} {% endfor %} diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 4a38251d7..96b65a0ae 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -43,7 +43,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor {{ arg }} \ {% endfor %} {{ matrix_synapse_docker_image }} \ - run -m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} + run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index 027114fb3..eed50ad1e 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -12,7 +12,7 @@ Wants={{ service }} {% if matrix_synapse_workers_enabled %} {% for matrix_synapse_worker_details in matrix_synapse_workers_enabled_list %} -Wants=matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.port }}.service +Wants={{ matrix_synapse_worker_details.name }}.service {% endfor %} {% endif %} diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 index 33789b0ca..c9637a839 100644 --- a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -1,27 +1,38 @@ #jinja2: lstrip_blocks: "True" -worker_app: synapse.app.{{ matrix_synapse_worker_details.type }} -worker_name: {{ matrix_synapse_worker_details.type ~ ':' ~ matrix_synapse_worker_details.port }} +worker_app: synapse.app.{{ matrix_synapse_worker_details.app }} +worker_name: {{ matrix_synapse_worker_details.name }} {% if matrix_synapse_replication_listener_enabled %} worker_replication_host: matrix-synapse worker_replication_http_port: {{ matrix_synapse_replication_http_port }} {% endif %} -{% set has_listeners = (matrix_synapse_worker_details.type not in [ 'appservice', 'federation_sender', 'pusher' ] or matrix_synapse_metrics_enabled) %} - {% set http_resources = [] %} -{% if matrix_synapse_worker_details.type in ['generic_worker', 'user_dir'] %} +{% if matrix_synapse_worker_details.type == 'user_dir' %} {% set http_resources = http_resources + ['client'] %} {% endif %} -{% if matrix_synapse_worker_details.type in ['generic_worker'] %} - {% set http_resources = http_resources+ ['federation'] %} +{% if matrix_synapse_worker_details.type == 'generic_worker' %} + {% set http_resources = http_resources + ['client', 'federation'] %} {% endif %} -{% if matrix_synapse_worker_details.type in ['media_repository'] %} +{# + None of the background workers need to handle federation traffic. + Only some of the stream writers need to handle client traffic. +#} +{% if matrix_synapse_worker_details.type == 'stream_writer' and matrix_synapse_worker_details.webserving %} + {% set http_resources = http_resources + ['client'] %} +{% endif %} +{% if matrix_synapse_worker_details.type == 'media_repository' %} {% set http_resources = http_resources + ['media'] %} {% endif %} -{% if http_resources|length > 0 or matrix_synapse_metrics_enabled %} +{% set replication_http_resources = [] %} +{% if matrix_synapse_worker_details.type == 'stream_writer' %} + {# All background workers need to handle replication traffic. #} + {% set replication_http_resources = replication_http_resources + ['replication'] %} +{% endif %} + +{% if http_resources|length > 0 or matrix_synapse_metrics_enabled or replication_http_resources|length > 0 %} worker_listeners: {% if http_resources|length > 0 %} - type: http @@ -36,6 +47,13 @@ worker_listeners: bind_addresses: ['0.0.0.0'] port: {{ matrix_synapse_worker_details.metrics_port }} {% endif %} +{% if replication_http_resources|length > 0 %} + - type: http + bind_addresses: ['::'] + port: {{ matrix_synapse_worker_details.replication_port }} + resources: + - names: {{ replication_http_resources|to_json }} +{% endif %} {% endif %} {% if matrix_synapse_worker_details.type == 'generic_worker' %} diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index 2d9b62cf7..e8b0e49c6 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -36,3 +36,58 @@ matrix_synapse_workers_generic_worker_federation_endpoints: "{{ matrix_synapse_w # matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints. # It's intentionally put in a separate variable, to avoid tripping ansible-lint's var-spacing rule. matrix_synapse_workers_generic_worker_federation_endpoints_regex: '.*(/_matrix/federation|/_matrix/key).*' + +# matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream +matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing + +# matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints contains the endpoints serviced by the `to_device` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream +matrix_synapse_workers_stream_writer_to_device_stream_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ + +# matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints contains the endpoints serviced by the `account_data` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream +matrix_synapse_workers_stream_writer_account_data_stream_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/.*/tags + - ^/_matrix/client/(r0|v3|unstable)/.*/account_data + +# matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints contains the endpoints serviced by the `recepts` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream +matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt + - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers + +# matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints contains the endpoints serviced by the `presence` stream writer. +# See: https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream +matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints: + - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + +# matrix_synapse_workers_known_stream_writer_stream_types contains the list of stream writer stream types that the playbook recognizes. +# This is used for validation purposes. If adding support for a new type, besides adding it to this list, +# don't forget to actually configure it where appropriate (see worker.yaml.j2`, the nginx proxy configuration, etc). +matrix_synapse_workers_known_stream_writer_stream_types: ['events', 'typing', 'to_device', 'account_data', 'receipts', 'presence'] + +# matrix_synapse_workers_webserving_stream_writer_types contains a list of stream writer types that serve web (client) requests. +# Not all stream writers serve web requests. Some just perform background tasks. +matrix_synapse_workers_webserving_stream_writer_types: ['typing', 'to_device', 'account_data', 'receipts', 'presence'] + +# matrix_synapse_workers_systemd_services_list contains a list of systemd services (one for each worker systemd service which serves web requests). +# This list is built during runtime. +# Not all workers serve web requests. Those that don't won't be injected here. +matrix_synapse_webserving_workers_systemd_services_list: [] + +# matrix_synapse_known_worker_types contains the list of known worker types. +# A worker type is different than a worker app (e.g. `generic_worker`). +# For example, the `stream_writer` worker type is served by the `generic_worker` app, but is a separate type that we recognize. +matrix_synapse_known_worker_types: | + {{ + matrix_synapse_workers_avail_list + + + ['stream_writer'] + }} + +# matrix_synapse_known_instance_map_eligible_worker_types contains the list of worker types that are to be injected into `matrix_synapse_instance_map`. +matrix_synapse_known_instance_map_eligible_worker_types: + - stream_writer From ec654ca91ee32dcac5fefd5d750bb6aa4e47896f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:13:08 +0300 Subject: [PATCH 088/349] Add support for multiple federation sender workers --- CHANGELOG.md | 8 +++++++- roles/matrix-synapse/defaults/main.yml | 13 +++++++++++-- roles/matrix-synapse/tasks/synapse/workers/init.yml | 7 +++++++ roles/matrix-synapse/tasks/validate_config.yml | 1 - .../templates/synapse/homeserver.yaml.j2 | 5 ++--- 5 files changed, 27 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2b9b149e1..4a1fbb2d6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,8 @@ People who are interested in running a Synapse worker setup should know that **our Synapse worker implementation is much more powerful now**: -- we've added [Stream writers support](#stream-writers-support) +- we've added support for [Stream writers](#stream-writers-support) +- we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -26,6 +27,11 @@ matrix_synapse_workers_stream_writer_receipts_stream_workers_count: 1 matrix_synapse_workers_stream_writer_presence_stream_workers_count: 1 ``` +### Multiple federation sender workers support + +Until now, we only supported a single `federation_sender` worker (`matrix_synapse_workers_federation_sender_workers_count` could either be `0` or `1`). +From now on, you can have as many as you want to help with your federation traffic. + ### Potential Backward Incompatibilities after these Synapse worker changes Below we'll discuss **potential backward incompatibilities**. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4213c4f18..6349fa6f1 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -510,12 +510,21 @@ matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 matrix_synapse_workers_appservice_workers_count: 0 matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 -# matrix_synapse_workers_federation_sender_workers_count can only be 0 or 1 for now. -# More instances are not supported due to a playbook limitation having to do with keeping `federation_sender_instances` in `homeserver.yaml` updated. +# matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. # See https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappfederation_sender matrix_synapse_workers_federation_sender_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['federation_sender_workers_count'] }}" matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 +# matrix_synapse_federation_sender_instances populates the `federation_sender_instances` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# What you see below is an initial default value which will be adjusted at runtime based on the value of `matrix_synapse_workers_federation_sender_workers_count` or `matrix_synapse_workers_enabled_list`. +# Adjusting this value manually is generally not necessary. +matrix_synapse_federation_sender_instances: [] + +# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic. +# This is allowed if workers are disabled, or if there are no federation sender workers. +# Adjusting this value manually is generally not necessary. +matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" + matrix_synapse_workers_media_repository_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['media_repository_workers_count'] }}" matrix_synapse_workers_media_repository_workers_port_range_start: 18551 matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index fe613e70d..6ab6784f3 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -53,6 +53,13 @@ register: "matrix_synapse_workers_list_results_federation_sender_workers" loop: "{{ range(0, matrix_synapse_workers_federation_sender_workers_count | int) | list }}" +- name: Populate matrix_synapse_federation_sender_instances from enabled federation sender workers list + ansible.builtin.set_fact: + matrix_synapse_federation_sender_instances: "{{ matrix_synapse_federation_sender_instances + [item.ansible_facts.worker.name] }}" + with_items: "{{ matrix_synapse_workers_list_results_federation_sender_workers.results }}" + +- debug: var="matrix_synapse_federation_sender_instances" + # This type of worker can only have a count of 1, at most - name: Build pusher workers ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index 1fc708166..04a04cd51 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -31,7 +31,6 @@ when: "vars[item]|int > 1" with_items: - "matrix_synapse_workers_pusher_workers_count" - - "matrix_synapse_workers_federation_sender_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 86d03be41..9f6679fc4 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -352,9 +352,6 @@ worker_app: synapse.app.homeserver # thx https://oznetnerd.com/2017/04/18/jinja2-selectattr-filter/ # reduce the main worker's offerings to core homeserver business -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0 %} -send_federation: false -{% endif %} {% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} enable_media_repo: false {% endif %} @@ -2851,6 +2848,7 @@ opentracing: # Uncomment if using a federation sender worker. # #send_federation: false +send_federation: {{ matrix_synapse_send_federation | to_json }} # It is possible to run multiple federation sender workers, in which case the # work is balanced across them. @@ -2862,6 +2860,7 @@ opentracing: # #federation_sender_instances: # - federation_sender1 +federation_sender_instances: {{ matrix_synapse_federation_sender_instances | to_json }} # When using workers this should be a map from `worker_name` to the # HTTP replication listener of the worker, if configured. From 22cf259155e0a3cac5d0d53fd330e7ea028bcf13 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:14:47 +0300 Subject: [PATCH 089/349] Put common worker configuration options at the top --- .../templates/synapse/worker.yaml.j2 | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 index c9637a839..2b0df98dd 100644 --- a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -2,11 +2,18 @@ worker_app: synapse.app.{{ matrix_synapse_worker_details.app }} worker_name: {{ matrix_synapse_worker_details.name }} +worker_daemonize: false +worker_log_config: /data/{{ matrix_server_fqn_matrix }}.log.config + {% if matrix_synapse_replication_listener_enabled %} worker_replication_host: matrix-synapse worker_replication_http_port: {{ matrix_synapse_replication_http_port }} {% endif %} +{% if matrix_synapse_worker_details.type == 'generic_worker' %} +worker_main_http_uri: http://matrix-synapse:{{ matrix_synapse_container_client_api_port }} +{% endif %} + {% set http_resources = [] %} {% if matrix_synapse_worker_details.type == 'user_dir' %} @@ -55,10 +62,3 @@ worker_listeners: - names: {{ replication_http_resources|to_json }} {% endif %} {% endif %} - -{% if matrix_synapse_worker_details.type == 'generic_worker' %} -worker_main_http_uri: http://matrix-synapse:{{ matrix_synapse_container_client_api_port }} -{% endif %} - -worker_daemonize: false -worker_log_config: /data/{{ matrix_server_fqn_matrix }}.log.config From b842447047be77bcf209d9f3ed0609e063b8a192 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:32:55 +0300 Subject: [PATCH 090/349] Add support for multiple pusher workers --- CHANGELOG.md | 7 +++++++ roles/matrix-synapse/defaults/main.yml | 19 ++++++++++++++----- .../matrix-synapse/tasks/validate_config.yml | 3 +-- .../templates/synapse/homeserver.yaml.j2 | 6 +++--- 4 files changed, 25 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4a1fbb2d6..90b9b8f76 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ People who are interested in running a Synapse worker setup should know that **o - we've added support for [Stream writers](#stream-writers-support) - we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) +- we've added support for [multiple pusher workers](#multiple-pusher-workers-support) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -32,6 +33,12 @@ matrix_synapse_workers_stream_writer_presence_stream_workers_count: 1 Until now, we only supported a single `federation_sender` worker (`matrix_synapse_workers_federation_sender_workers_count` could either be `0` or `1`). From now on, you can have as many as you want to help with your federation traffic. +### Multiple pusher workers support + +Until now, we only supported a single `pusher` worker (`matrix_synapse_workers_pusher_workers_count` could either be `0` or `1`). +From now on, you can have as many as you want to help with pushing notifications out. + + ### Potential Backward Incompatibilities after these Synapse worker changes Below we'll discuss **potential backward incompatibilities**. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 6349fa6f1..ca84ff38d 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -498,12 +498,21 @@ matrix_synapse_workers_stream_writer_workers_http_port_range_start: 20011 matrix_synapse_workers_stream_writer_workers_replication_port_range_start: 25011 matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19111 -# matrix_synapse_workers_pusher_workers_count can only be 0 or 1 for now. -# More instances are not supported due to a playbook limitation having to do with keeping `pusher_instances` in `homeserver.yaml` updated. -# See https://github.com/matrix-org/synapse/commit/ddfdf945064925eba761ae3748e38f3a1c73c328 +# matrix_synapse_workers_pusher_workers_count controls the number of pusher workers (workers who push out notifications) to spawn. +# See https://matrix-org.github.io/synapse/latest/workers.html#synapseapppusher matrix_synapse_workers_pusher_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['pusher_workers_count'] }}" matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 +# matrix_synapse_federation_pusher_instances populates the `pusher_instances` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# What you see below is an initial default value which will be adjusted at runtime based on the value of `matrix_synapse_workers_pusher_workers_count` or `matrix_synapse_workers_enabled_list`. +# Adjusting this value manually is generally not necessary. +matrix_synapse_federation_pusher_instances: [] + +# matrix_synapse_start_pushers controls if theh main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). +# This is allowed if workers are disabled, or if there are no pusher workers. +# Adjusting this value manually is generally not necessary. +matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" + # matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. # appservice workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types @@ -511,7 +520,7 @@ matrix_synapse_workers_appservice_workers_count: 0 matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 # matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. -# See https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappfederation_sender +# See https://matrix-org.github.io/synapse/latest/workers.html#synapseappfederation_sender matrix_synapse_workers_federation_sender_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['federation_sender_workers_count'] }}" matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 @@ -520,7 +529,7 @@ matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 # Adjusting this value manually is generally not necessary. matrix_synapse_federation_sender_instances: [] -# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic. +# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). # This is allowed if workers are disabled, or if there are no federation sender workers. # Adjusting this value manually is generally not necessary. matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index 04a04cd51..faab7daa1 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -12,7 +12,7 @@ - "matrix_synapse_database_password" - "matrix_synapse_database_database" -- name: Fail if asking to configure deprecaed workers (appservice, userdir) +- name: Fail if asking to configure deprecated workers (appservice, userdir) ansible.builtin.fail: msg: >- `{{ item }}` cannot be more than 0. @@ -30,7 +30,6 @@ `{{ item }}` cannot be more than 1. This is a single-instance worker. when: "vars[item]|int > 1" with_items: - - "matrix_synapse_workers_pusher_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 9f6679fc4..5e60f1c03 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -355,9 +355,6 @@ worker_app: synapse.app.homeserver {% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} enable_media_repo: false {% endif %} -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0 %} -start_pushers: false -{% endif %} daemonize: false {% endif %} @@ -2862,6 +2859,9 @@ send_federation: {{ matrix_synapse_send_federation | to_json }} # - federation_sender1 federation_sender_instances: {{ matrix_synapse_federation_sender_instances | to_json }} +pusher_instances: {{ matrix_synapse_federation_pusher_instances | to_json }} +start_pushers: {{ matrix_synapse_start_pushers | to_json }} + # When using workers this should be a map from `worker_name` to the # HTTP replication listener of the worker, if configured. # From 8cd7c1ec2f85d80659f33fe7334f4a4ddfd34ac4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 08:37:19 +0300 Subject: [PATCH 091/349] Relocate enable_media_repo and make it configurable via matrix_synapse_enable_media_repo .. although.. manual configuration is discouraged in most cases. --- roles/matrix-synapse/defaults/main.yml | 11 ++++++++--- .../templates/synapse/homeserver.yaml.j2 | 8 +------- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index ca84ff38d..05cd767a6 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -508,8 +508,8 @@ matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 # Adjusting this value manually is generally not necessary. matrix_synapse_federation_pusher_instances: [] -# matrix_synapse_start_pushers controls if theh main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). -# This is allowed if workers are disabled, or if there are no pusher workers. +# matrix_synapse_start_pushers controls if the main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). +# This is enabled if workers are disabled, or if there are no pusher workers. # Adjusting this value manually is generally not necessary. matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" @@ -529,7 +529,7 @@ matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 # Adjusting this value manually is generally not necessary. matrix_synapse_federation_sender_instances: [] -# matrix_synapse_send_federation controls if theh main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). +# matrix_synapse_send_federation controls if the main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). # This is allowed if workers are disabled, or if there are no federation sender workers. # Adjusting this value manually is generally not necessary. matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" @@ -538,6 +538,11 @@ matrix_synapse_workers_media_repository_workers_count: "{{ matrix_synapse_worker matrix_synapse_workers_media_repository_workers_port_range_start: 18551 matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 +# matrix_synapse_enable_media_repo controls if the main Synapse process should serve media repository endpoints or if it should be left to media_repository workers (see `matrix_synapse_workers_media_repository_workers_count`). +# This is enabled if workers are disabled, or if there are no media repository workers. +# Adjusting this value manually is generally not necessary. +matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" + # Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. # user_dir workers are deprecated since Synapse v1.59. This will be removed. # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 5e60f1c03..a635559f2 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -349,13 +349,6 @@ listeners: # c.f. https://github.com/matrix-org/synapse/tree/master/contrib/systemd-with-workers/README.md worker_app: synapse.app.homeserver - -# thx https://oznetnerd.com/2017/04/18/jinja2-selectattr-filter/ -# reduce the main worker's offerings to core homeserver business -{% if matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0 %} -enable_media_repo: false -{% endif %} - daemonize: false {% endif %} @@ -1017,6 +1010,7 @@ federation_rr_transactions_per_room_per_second: {{ matrix_synapse_federation_rr_ # following if you are using a separate media store worker. # #enable_media_repo: false +enable_media_repo: {{ matrix_synapse_enable_media_repo | to_json }} # Directory where uploaded images and attachments are stored. # From 5f3f460cda5653232087c146b4cd0fa74dff1c96 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:00:57 +0300 Subject: [PATCH 092/349] Restore support for appservice and user_dir workers --- CHANGELOG.md | 25 +++++++++++- group_vars/matrix_servers | 2 +- .../nginx/conf.d/matrix-synapse.conf.j2 | 5 ++- roles/matrix-synapse/defaults/main.yml | 38 ++++++++++--------- .../tasks/synapse/workers/init.yml | 20 ++++++++-- .../synapse/workers/util/inject_worker.yml | 2 +- .../matrix-synapse/tasks/validate_config.yml | 14 +------ .../templates/synapse/homeserver.yaml.j2 | 8 ++++ roles/matrix-synapse/vars/main.yml | 23 +++++++++-- roles/matrix-synapse/vars/workers.yml | 4 +- 10 files changed, 100 insertions(+), 41 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 90b9b8f76..37032735e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,14 @@ # 2022-09-15 -## (Potential Backward Compatibility Break) Major changes to Synapse workers +## (Potential Backward Compatibility Break) Major improvements to Synapse workers People who are interested in running a Synapse worker setup should know that **our Synapse worker implementation is much more powerful now**: - we've added support for [Stream writers](#stream-writers-support) - we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) - we've added support for [multiple pusher workers](#multiple-pusher-workers-support) +- we've restored support for [`appservice` workers](#appservice-worker-support-is-back) +- we've restored support for [`user_dir` workers](#user-directory-worker-support-is-back) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -38,6 +40,25 @@ From now on, you can have as many as you want to help with your federation traff Until now, we only supported a single `pusher` worker (`matrix_synapse_workers_pusher_workers_count` could either be `0` or `1`). From now on, you can have as many as you want to help with pushing notifications out. +### Appservice worker support is back + +We previously had an `appservice` worker type, which [Synapse deprecated in v1.59.0](https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). So did we, at the time. + +The new way to implement such workers is by using a `generic_worker` and dedicating it to the task of talking to Application Services. +From now on, we have support for this. + +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `appserice` worker automatically. +You can also control the `appserice` workers count with `matrix_synapse_workers_appserice_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. + +### User Directory worker support is back + +We previously had a `user_dir` worker type, which [Synapse deprecated in v1.59.0](https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). So did we, at the time. + +The new way to implement such workers is by using a `generic_worker` and dedicating it to the task of serving the user directory. +From now on, we have support for this. + +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `user_dir` worker automatically. +You can also control the `user_dir` workers count with `matrix_synapse_workers_user_dir_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. ### Potential Backward Incompatibilities after these Synapse worker changes @@ -45,6 +66,8 @@ Below we'll discuss **potential backward incompatibilities**. - **Worker names** (container names, systemd services, worker configuration files) **have changed**. Workers are now labeled sequentially (e.g. `matrix-synapse-worker_generic_worker-18111` -> `matrix-synapse-worker-generic-0`). The playbook will handle these changes automatically. +- Due to increased worker types support above, people who use `matrix_synapse_workers_preset: one-of-each` should be aware that with these changes, **the playbook will deploy 8 additional workers** (6 stream writers, 1 `appservice` worker, 1 `user_dir` worker). This **may increase RAM/CPU usage**, etc. If you find your server struggling, consider disabling some workers with the appropriate `matrix_synapse_workers_*_workers_count` variables. + - **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. - **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e891a3d9a..78d1ed68a 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1766,7 +1766,7 @@ matrix_nginx_proxy_synapse_stream_writer_account_data_stream_worker_client_serve matrix_nginx_proxy_synapse_stream_writer_receipts_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_stream_writer_presence_stream_worker_client_server_locations: "{{ matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints }}" matrix_nginx_proxy_synapse_media_repository_locations: "{{matrix_synapse_workers_media_repository_endpoints|default([]) }}" -matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_endpoints|default([]) }}" +matrix_nginx_proxy_synapse_user_dir_locations: "{{ matrix_synapse_workers_user_dir_worker_client_server_endpoints|default([]) }}" matrix_nginx_proxy_systemd_wanted_services_list: | {{ diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index bbce7462b..488ced5a8 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -133,8 +133,9 @@ server { {% endif %} {% if user_dir_workers | length > 0 %} - # FIXME: obsolete if matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled is set - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappuser_dir + # https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory + # If matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled is set, requests may not reach here, + # but could be captured early on (see `matrix-domain.conf.j2`) and forwarded elsewhere (to an identity server, etc.). {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_user_dir_locations, 'user_dir_workers_upstream') }} {% endif %} {# Workers redirects END #} diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 05cd767a6..7f6ce40fa 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -394,9 +394,9 @@ matrix_synapse_workers_presets: little-federation-helper: generic_workers_count: 0 pusher_workers_count: 0 - appservice_workers_count: 0 federation_sender_workers_count: 1 media_repository_workers_count: 0 + appservice_workers_count: 0 user_dir_workers_count: 0 stream_writer_events_stream_workers_count: 0 stream_writer_typing_stream_workers_count: 0 @@ -407,14 +407,10 @@ matrix_synapse_workers_presets: one-of-each: generic_workers_count: 1 pusher_workers_count: 1 - # appservice workers are deprecated since Synapse v1.59. This will be removed. - appservice_workers_count: 0 federation_sender_workers_count: 1 media_repository_workers_count: 1 - # Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. - # user_dir workers are deprecated since Synapse v1.59. This will be removed. - # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types - user_dir_workers_count: 0 + appservice_workers_count: 1 + user_dir_workers_count: 1 stream_writer_events_stream_workers_count: 1 stream_writer_typing_stream_workers_count: 1 stream_writer_to_device_stream_workers_count: 1 @@ -513,12 +509,6 @@ matrix_synapse_federation_pusher_instances: [] # Adjusting this value manually is generally not necessary. matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" -# matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. -# appservice workers are deprecated since Synapse v1.59. This will be removed. -# See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types -matrix_synapse_workers_appservice_workers_count: 0 -matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 - # matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. # See https://matrix-org.github.io/synapse/latest/workers.html#synapseappfederation_sender matrix_synapse_workers_federation_sender_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['federation_sender_workers_count'] }}" @@ -543,13 +533,27 @@ matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 # Adjusting this value manually is generally not necessary. matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" -# Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. -# user_dir workers are deprecated since Synapse v1.59. This will be removed. -# See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types -matrix_synapse_workers_user_dir_workers_count: 0 +# matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. +# appservice workers were deprecated since Synapse v1.59 (see: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). +# Our implementation uses generic worker services and assigns them to perform appservice work using the `notify_appservices_from_worker` Synapse option. +matrix_synapse_workers_appservice_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['appservice_workers_count'] }}" +matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 + +# matrix_synapse_notify_appservices_from_worker populates the `notify_appservices_from_worker` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `notify_appservices_from_worker` is meant to point to a worker, which is dedicated to sending output traffic to Application Services. +matrix_synapse_notify_appservices_from_worker: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'appservice') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'appservice') | list | length > 0) else '' }}" + +# matrix_synapse_workers_user_dir_workers_count can only be 0 or 1. More instances are not supported. +# user_dir workers were deprecated since Synapse v1.59 (see: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). +# Our implementation uses generic worker services and assigns them to perform appservice work using the `update_user_directory_from_worker` Synapse option. +matrix_synapse_workers_user_dir_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['user_dir_workers_count'] }}" matrix_synapse_workers_user_dir_workers_port_range_start: 18661 matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 +# matrix_synapse_update_user_directory_from_worker populates the `update_user_directory_from_worker` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `update_user_directory_from_worker` is meant to point to a worker, which is dedicated to updating the user directory and servicing some user directory URL endpoints (`matrix_synapse_workers_user_dir_worker_client_server_endpoints`). +matrix_synapse_update_user_directory_from_worker: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list | length > 0) else '' }}" + # Default list of workers to spawn. # # Unless you populate this manually, this list is dynamically generated diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 6ab6784f3..c5a532979 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -58,8 +58,6 @@ matrix_synapse_federation_sender_instances: "{{ matrix_synapse_federation_sender_instances + [item.ansible_facts.worker.name] }}" with_items: "{{ matrix_synapse_workers_list_results_federation_sender_workers.results }}" -- debug: var="matrix_synapse_federation_sender_instances" - # This type of worker can only have a count of 1, at most - name: Build pusher workers ansible.builtin.set_fact: @@ -81,13 +79,27 @@ id: "appservice-{{ item }}" name: "matrix-synapse-worker-appservice-{{ item }}" type: 'appservice' - app: 'appservice' + app: 'generic_worker' webserving: false port: 0 metrics_port: "{{ matrix_synapse_workers_appservice_workers_metrics_range_start + item }}" register: "matrix_synapse_workers_list_results_appservice_workers" loop: "{{ range(0, matrix_synapse_workers_appservice_workers_count | int) | list }}" +# This type of worker can only have a count of 1, at most +- name: Build user_dir workers + ansible.builtin.set_fact: + worker: + id: "user-dir-{{ item }}" + name: "matrix-synapse-worker-user-dir-{{ item }}" + type: 'user_dir' + app: 'generic_worker' + webserving: true + port: "{{ matrix_synapse_workers_user_dir_workers_port_range_start + item }}" + metrics_port: "{{ matrix_synapse_workers_user_dir_workers_metrics_range_start + item }}" + register: "matrix_synapse_workers_list_results_user_dir_workers" + loop: "{{ range(0, matrix_synapse_workers_user_dir_workers_count | int) | list }}" + - name: Build media_repository workers ansible.builtin.set_fact: worker: @@ -115,6 +127,8 @@ + matrix_synapse_workers_list_results_appservice_workers.results + + matrix_synapse_workers_list_results_user_dir_workers.results + + matrix_synapse_workers_list_results_media_repository_workers.results }} diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index 4f6b43986..0a52db327 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -59,7 +59,7 @@ matrix_synapse_webserving_workers_systemd_services_list: "{{ matrix_synapse_webserving_workers_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" when: matrix_synapse_worker_details.webserving | bool -# Inject stream writers and various other background workers into the instance map. +# Inject stream writers into the instance map. - ansible.builtin.set_fact: matrix_synapse_instance_map: "{{ matrix_synapse_instance_map | combine({matrix_synapse_worker_details.name: {'host': matrix_synapse_worker_details.name, 'port': matrix_synapse_worker_details.replication_port}}) }}" when: matrix_synapse_worker_details.type in matrix_synapse_known_instance_map_eligible_worker_types diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index faab7daa1..f6b1fe688 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -12,24 +12,14 @@ - "matrix_synapse_database_password" - "matrix_synapse_database_database" -- name: Fail if asking to configure deprecated workers (appservice, userdir) - ansible.builtin.fail: - msg: >- - `{{ item }}` cannot be more than 0. - This type of worker has been deprecated since Synapse v1.59. - Please remove your `{{ item }}` configuration to solve this problem. - See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types - when: "vars[item]|int != 0" - with_items: - - "matrix_synapse_workers_appservice_workers_count" - - "matrix_synapse_workers_user_dir_workers_count" - - name: Fail if asking for more than 1 instance of single-instance workers ansible.builtin.fail: msg: >- `{{ item }}` cannot be more than 1. This is a single-instance worker. when: "vars[item]|int > 1" with_items: + - "matrix_synapse_workers_appservice_workers_count" + - "matrix_synapse_workers_user_dir_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index a635559f2..ef8684abd 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2874,6 +2874,14 @@ instance_map: {{ matrix_synapse_instance_map | to_json }} # typing: worker1 stream_writers: {{ matrix_synapse_stream_writers | to_json }} +{% if matrix_synapse_notify_appservices_from_worker != '' %} +notify_appservices_from_worker: {{ matrix_synapse_notify_appservices_from_worker | to_json }} +{% endif %} + +{% if matrix_synapse_update_user_directory_from_worker != '' %} +update_user_directory_from_worker: {{ matrix_synapse_update_user_directory_from_worker | to_json }} +{% endif %} + # The worker that is used to run background tasks (e.g. cleaning up expired # data). If not provided this defaults to the main process. # diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index e8b0e49c6..2dc00feaf 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -64,6 +64,11 @@ matrix_synapse_workers_stream_writer_receipts_stream_worker_client_server_endpoi matrix_synapse_workers_stream_writer_presence_stream_worker_client_server_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ +# matrix_synapse_workers_user_dir_worker_client_server_endpoints contains the endpoints serviced by the `type = user_dir` (`app = generic_worker`) worker. +# See: https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory +matrix_synapse_workers_user_dir_worker_client_server_endpoints: + - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + # matrix_synapse_workers_known_stream_writer_stream_types contains the list of stream writer stream types that the playbook recognizes. # This is used for validation purposes. If adding support for a new type, besides adding it to this list, # don't forget to actually configure it where appropriate (see worker.yaml.j2`, the nginx proxy configuration, etc). @@ -79,13 +84,25 @@ matrix_synapse_workers_webserving_stream_writer_types: ['typing', 'to_device', ' matrix_synapse_webserving_workers_systemd_services_list: [] # matrix_synapse_known_worker_types contains the list of known worker types. +# # A worker type is different than a worker app (e.g. `generic_worker`). # For example, the `stream_writer` worker type is served by the `generic_worker` app, but is a separate type that we recognize. +# +# Some other types (`appservice` and `user_dir`) used to be Synapse worker apps, which got subsequently deprecated. +# We still allow these types of workers and map them to the `generic_worker` app, +# which is why we make sure they're part of the list below. +# We use the `unique` filter because they're part of `matrix_synapse_workers_avail_list` too (for now; scheduled for removal). matrix_synapse_known_worker_types: | {{ - matrix_synapse_workers_avail_list - + - ['stream_writer'] + ( + matrix_synapse_workers_avail_list + + + ['stream_writer'] + + + ['appservice'] + + + ['user_dir'] + ) | unique }} # matrix_synapse_known_instance_map_eligible_worker_types contains the list of worker types that are to be injected into `matrix_synapse_instance_map`. diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml index 3f34bcb2d..bc49e8354 100644 --- a/roles/matrix-synapse/vars/workers.yml +++ b/roles/matrix-synapse/vars/workers.yml @@ -90,7 +90,9 @@ matrix_synapse_workers_generic_worker_endpoints: # - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ # User directory search requests - - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + # Any worker can handle these, but we have a dedicated user_dir worker for this, + # so we'd like for other generic workers to not try and capture these requests. + # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ # Additionally, the following REST endpoints can be handled for GET requests: From a1fb0826183af614c277430f257bfcc729026d53 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:32:51 +0300 Subject: [PATCH 093/349] Add support for running background tasks on a worker --- CHANGELOG.md | 10 +++++++++- roles/matrix-synapse/defaults/main.yml | 11 +++++++++++ .../tasks/synapse/workers/init.yml | 16 ++++++++++++++++ roles/matrix-synapse/tasks/validate_config.yml | 1 + .../templates/synapse/homeserver.yaml.j2 | 3 +++ roles/matrix-synapse/vars/main.yml | 2 ++ 6 files changed, 42 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 37032735e..06cac7a7d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ People who are interested in running a Synapse worker setup should know that **o - we've added support for [Stream writers](#stream-writers-support) - we've added support for [multiple federation sender workers](#multiple-federation-sender-workers-support) - we've added support for [multiple pusher workers](#multiple-pusher-workers-support) +- we've added support for [running background tasks on a worker](#background-tasks-can-run-on-a-worker) - we've restored support for [`appservice` workers](#appservice-worker-support-is-back) - we've restored support for [`user_dir` workers](#user-directory-worker-support-is-back) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) @@ -40,6 +41,13 @@ From now on, you can have as many as you want to help with your federation traff Until now, we only supported a single `pusher` worker (`matrix_synapse_workers_pusher_workers_count` could either be `0` or `1`). From now on, you can have as many as you want to help with pushing notifications out. +### Background tasks can run on a worker + +From now on, you can put [background task processing on a worker](https://matrix-org.github.io/synapse/latest/workers.html#background-tasks). + +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `background` worker automatically. +You can also control the `background` workers count with `matrix_synapse_workers_background_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. + ### Appservice worker support is back We previously had an `appservice` worker type, which [Synapse deprecated in v1.59.0](https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). So did we, at the time. @@ -66,7 +74,7 @@ Below we'll discuss **potential backward incompatibilities**. - **Worker names** (container names, systemd services, worker configuration files) **have changed**. Workers are now labeled sequentially (e.g. `matrix-synapse-worker_generic_worker-18111` -> `matrix-synapse-worker-generic-0`). The playbook will handle these changes automatically. -- Due to increased worker types support above, people who use `matrix_synapse_workers_preset: one-of-each` should be aware that with these changes, **the playbook will deploy 8 additional workers** (6 stream writers, 1 `appservice` worker, 1 `user_dir` worker). This **may increase RAM/CPU usage**, etc. If you find your server struggling, consider disabling some workers with the appropriate `matrix_synapse_workers_*_workers_count` variables. +- Due to increased worker types support above, people who use `matrix_synapse_workers_preset: one-of-each` should be aware that with these changes, **the playbook will deploy 9 additional workers** (6 stream writers, 1 `appservice` worker, 1 `user_dir` worker, 1 background task worker). This **may increase RAM/CPU usage**, etc. If you find your server struggling, consider disabling some workers with the appropriate `matrix_synapse_workers_*_workers_count` variables. - **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 7f6ce40fa..672285cc7 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -398,6 +398,7 @@ matrix_synapse_workers_presets: media_repository_workers_count: 0 appservice_workers_count: 0 user_dir_workers_count: 0 + background_workers_count: 0 stream_writer_events_stream_workers_count: 0 stream_writer_typing_stream_workers_count: 0 stream_writer_to_device_stream_workers_count: 0 @@ -411,6 +412,7 @@ matrix_synapse_workers_presets: media_repository_workers_count: 1 appservice_workers_count: 1 user_dir_workers_count: 1 + background_workers_count: 1 stream_writer_events_stream_workers_count: 1 stream_writer_typing_stream_workers_count: 1 stream_writer_to_device_stream_workers_count: 1 @@ -554,6 +556,15 @@ matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 # `update_user_directory_from_worker` is meant to point to a worker, which is dedicated to updating the user directory and servicing some user directory URL endpoints (`matrix_synapse_workers_user_dir_worker_client_server_endpoints`). matrix_synapse_update_user_directory_from_worker: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'user_dir') | list | length > 0) else '' }}" +# matrix_synapse_workers_background_workers_count can only be 0 or 1. More instances are not supported. +# Our implementation uses a generic worker and assigns Synapse to perform background work on this worker using the `run_background_tasks_on` Synapse option. +matrix_synapse_workers_background_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['background_workers_count'] }}" +matrix_synapse_workers_background_workers_metrics_range_start: 19700 + +# matrix_synapse_run_background_tasks_on populates the `run_background_tasks_on` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `run_background_tasks_on` is meant to point to a worker, which is dedicated to processing background tasks. +matrix_synapse_run_background_tasks_on: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'background') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'background') | list | length > 0) else '' }}" + # Default list of workers to spawn. # # Unless you populate this manually, this list is dynamically generated diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index c5a532979..0c2b8a793 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -100,6 +100,20 @@ register: "matrix_synapse_workers_list_results_user_dir_workers" loop: "{{ range(0, matrix_synapse_workers_user_dir_workers_count | int) | list }}" +# This type of worker can only have a count of 1, at most +- name: Build background workers + ansible.builtin.set_fact: + worker: + id: "background-{{ item }}" + name: "matrix-synapse-worker-background-{{ item }}" + type: 'background' + app: 'generic_worker' + webserving: false + port: 0 + metrics_port: "{{ matrix_synapse_workers_background_workers_metrics_range_start + item }}" + register: "matrix_synapse_workers_list_results_background_workers" + loop: "{{ range(0, matrix_synapse_workers_background_workers_count | int) | list }}" + - name: Build media_repository workers ansible.builtin.set_fact: worker: @@ -130,6 +144,8 @@ matrix_synapse_workers_list_results_user_dir_workers.results + matrix_synapse_workers_list_results_media_repository_workers.results + + + matrix_synapse_workers_list_results_background_workers.results }} - ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index f6b1fe688..79e581549 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -20,6 +20,7 @@ with_items: - "matrix_synapse_workers_appservice_workers_count" - "matrix_synapse_workers_user_dir_workers_count" + - "matrix_synapse_workers_background_workers_count" - "matrix_synapse_workers_stream_writer_typing_stream_workers_count" - "matrix_synapse_workers_stream_writer_to_device_stream_workers_count" - "matrix_synapse_workers_stream_writer_account_data_stream_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index ef8684abd..e330617fd 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2886,6 +2886,9 @@ update_user_directory_from_worker: {{ matrix_synapse_update_user_directory_from_ # data). If not provided this defaults to the main process. # #run_background_tasks_on: worker1 +{% if matrix_synapse_run_background_tasks_on != '' %} +run_background_tasks_on: {{ matrix_synapse_run_background_tasks_on | to_json }} +{% endif %} # A shared secret used by the replication APIs to authenticate HTTP requests # from workers. diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index 2dc00feaf..b403b461b 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -102,6 +102,8 @@ matrix_synapse_known_worker_types: | ['appservice'] + ['user_dir'] + + + ['background'] ) | unique }} From 8887aed500db8f0cc9de30170e9d272d029d14b8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:34:02 +0300 Subject: [PATCH 094/349] Do not add federation_sender_instances/pusher_instances configuration if not necessary This keeps the configuration cleaner and hopefully prevents odd issues if Synapse (by any chance) happens to interpret `pusher_instances: []` as "no pushers", instead of as "push from the master process". I haven't confirmed what an empty pushers/federation-senders list means, so it's safer to just avoid it. --- roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index e330617fd..3cd76bf95 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2851,9 +2851,13 @@ send_federation: {{ matrix_synapse_send_federation | to_json }} # #federation_sender_instances: # - federation_sender1 +{% if matrix_synapse_federation_sender_instances | length > 0 %} federation_sender_instances: {{ matrix_synapse_federation_sender_instances | to_json }} +{% endif %} +{% if matrix_synapse_federation_pusher_instances | length > 0 %} pusher_instances: {{ matrix_synapse_federation_pusher_instances | to_json }} +{% endif %} start_pushers: {{ matrix_synapse_start_pushers | to_json }} # When using workers this should be a map from `worker_name` to the From 109e1addb882304a4fa31db7ae253a72c1c867a8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:45:03 +0300 Subject: [PATCH 095/349] Improve reliability when using more than 1 media_repository worker --- CHANGELOG.md | 8 ++++++++ roles/matrix-synapse/defaults/main.yml | 5 +++++ roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 4 ++++ 3 files changed, 17 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 06cac7a7d..95356d8cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ People who are interested in running a Synapse worker setup should know that **o - we've added support for [running background tasks on a worker](#background-tasks-can-run-on-a-worker) - we've restored support for [`appservice` workers](#appservice-worker-support-is-back) - we've restored support for [`user_dir` workers](#user-directory-worker-support-is-back) +- we've made it possible to [reliably use more than 1 `media_repository` worker](#using-more-than-1-media-repository-worker-is-now-more-reliable) - see the [Potential Backward Incompatibilities after these Synapse worker changes](#potential-backward-incompatibilities-after-these-synapse-worker-changes) ### Stream writers support @@ -68,6 +69,13 @@ From now on, we have support for this. With `matrix_synapse_workers_preset: one-of-each`, you'll get one `user_dir` worker automatically. You can also control the `user_dir` workers count with `matrix_synapse_workers_user_dir_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. +### Using more than 1 media repository worker is now more reliable + +With `matrix_synapse_workers_preset: one-of-each`, we only launch one `media_repository` worker. + +If you've been configuring `matrix_synapse_workers_media_repository_workers_count` manually, you may have increased that to more workers. +When multiple media repository workers are in use, background tasks related to the media repository must always be configured to run on a single `media_repository` worker via `media_instance_running_background_jobs`. Until now, we weren't doing this correctly, but we now are. + ### Potential Backward Incompatibilities after these Synapse worker changes Below we'll discuss **potential backward incompatibilities**. diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 672285cc7..dab098fb0 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -535,6 +535,11 @@ matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 # Adjusting this value manually is generally not necessary. matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" +# matrix_synapse_media_instance_running_background_jobs populates the `media_instance_running_background_jobs` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). +# `media_instance_running_background_jobs` is meant to point to a single media-repository worker, which is dedicated to running background tasks that maintain the media repository. +# Multiple `media_repository` workers may be enabled. We always pick the first one as the background tasks worker. +matrix_synapse_media_instance_running_background_jobs: "{{ (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list)[0].name if (matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) else '' }}" + # matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. # appservice workers were deprecated since Synapse v1.59 (see: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types). # Our implementation uses generic worker services and assigns them to perform appservice work using the `notify_appservices_from_worker` Synapse option. diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 3cd76bf95..ae71b7aec 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2894,6 +2894,10 @@ update_user_directory_from_worker: {{ matrix_synapse_update_user_directory_from_ run_background_tasks_on: {{ matrix_synapse_run_background_tasks_on | to_json }} {% endif %} +{% if matrix_synapse_media_instance_running_background_jobs != '' %} +media_instance_running_background_jobs: {{ matrix_synapse_media_instance_running_background_jobs | to_json }} +{% endif %} + # A shared secret used by the replication APIs to authenticate HTTP requests # from workers. # From ef112181a1b4dae89642e2189da610244f03602f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 10:46:17 +0300 Subject: [PATCH 096/349] Update some Synapse documentation URLs --- .../templates/nginx/conf.d/matrix-synapse.conf.j2 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 488ced5a8..1d6f2106a 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -81,7 +81,7 @@ server { {# Workers redirects BEGIN #} {% if generic_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_client_server_locations, 'generic_workers_upstream') }} {% endif %} @@ -111,7 +111,7 @@ server { {% endif %} {% if media_repository_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { proxy_pass http://media_repository_workers_upstream$request_uri; @@ -182,11 +182,11 @@ server { {% if matrix_nginx_proxy_synapse_workers_enabled %} {% if generic_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappgeneric_worker + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker {{ render_locations_to_upstream(matrix_nginx_proxy_synapse_generic_worker_federation_locations, 'generic_workers_upstream') }} {% endif %} {% if media_repository_workers | length > 0 %} - # https://github.com/matrix-org/synapse/blob/master/docs/workers.md#synapseappmedia_repository + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappmedia_repository {% for location in matrix_nginx_proxy_synapse_media_repository_locations %} location ~ {{ location }} { proxy_pass http://media_repository_workers_upstream$request_uri; From 800267b1824d98ac3e7bf6043b821ef0cb6dd72d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 12:33:23 +0300 Subject: [PATCH 097/349] Fix incorrect if checks breaking start_pushers/send_federaiton/enable_media_repo Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2103 --- roles/matrix-synapse/defaults/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index dab098fb0..4e0af66b6 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -507,9 +507,9 @@ matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 matrix_synapse_federation_pusher_instances: [] # matrix_synapse_start_pushers controls if the main Synapse process should push out notifications or if it should be left to pusher workers (see `matrix_synapse_federation_pusher_instances`). -# This is enabled if workers are disabled, or if there are no pusher workers. +# This is enabled if workers are disabled, or if they are enabled, but there are no pusher workers. # Adjusting this value manually is generally not necessary. -matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length > 0) }}" +matrix_synapse_start_pushers: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'pusher') | list | length == 0) }}" # matrix_synapse_workers_federation_sender_workers_count controls the number of federation sender workers to spawn. # See https://matrix-org.github.io/synapse/latest/workers.html#synapseappfederation_sender @@ -522,18 +522,18 @@ matrix_synapse_workers_federation_sender_workers_metrics_range_start: 19400 matrix_synapse_federation_sender_instances: [] # matrix_synapse_send_federation controls if the main Synapse process should send federation traffic or if it should be left to federation_sender workers (see `matrix_synapse_federation_sender_instances`). -# This is allowed if workers are disabled, or if there are no federation sender workers. +# This is allowed if workers are disabled, or they are enabled, but there are no federation sender workers. # Adjusting this value manually is generally not necessary. -matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length > 0) }}" +matrix_synapse_send_federation: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'federation_sender') | list | length == 0) }}" matrix_synapse_workers_media_repository_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['media_repository_workers_count'] }}" matrix_synapse_workers_media_repository_workers_port_range_start: 18551 matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 # matrix_synapse_enable_media_repo controls if the main Synapse process should serve media repository endpoints or if it should be left to media_repository workers (see `matrix_synapse_workers_media_repository_workers_count`). -# This is enabled if workers are disabled, or if there are no media repository workers. +# This is enabled if workers are disabled, or if they are enabled, but there are no media repository workers. # Adjusting this value manually is generally not necessary. -matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length > 0) }}" +matrix_synapse_enable_media_repo: "{{ not matrix_synapse_workers_enabled or (matrix_synapse_workers_enabled_list | selectattr('type', 'equalto', 'media_repository') | list | length == 0) }}" # matrix_synapse_media_instance_running_background_jobs populates the `media_instance_running_background_jobs` Synapse configuration used when Synapse workers are in use (`matrix_synapse_workers_enabled`). # `media_instance_running_background_jobs` is meant to point to a single media-repository worker, which is dedicated to running background tasks that maintain the media repository. From b07fd768300ff39054d8204024d3ad01dce36e9c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 12:46:41 +0300 Subject: [PATCH 098/349] Fix prometheus.yml.j2 indentation and worker ids for stream writers Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2105 --- roles/matrix-prometheus/templates/prometheus.yml.j2 | 10 +++++----- roles/matrix-synapse/tasks/synapse/workers/init.yml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-prometheus/templates/prometheus.yml.j2 b/roles/matrix-prometheus/templates/prometheus.yml.j2 index 628f4f4f9..83ae8a9a1 100644 --- a/roles/matrix-prometheus/templates/prometheus.yml.j2 +++ b/roles/matrix-prometheus/templates/prometheus.yml.j2 @@ -32,17 +32,17 @@ scrape_configs: static_configs: - targets: {{ matrix_prometheus_scraper_synapse_targets|to_json }} labels: - instance: {{ matrix_domain }} + instance: {{ matrix_domain | to_json }} job: master index: 0 {% for worker in matrix_prometheus_scraper_synapse_workers_enabled_list %} {% if worker.metrics_port != 0 %} - targets: ['{{ worker.name }}:{{ worker.metrics_port }}'] labels: - instance: {{ matrix_domain }} - worker_id: {{ worker.id }} - job: {{ worker.type }} - app: {{ worker.app }} + instance: {{ matrix_domain | to_json }} + worker_id: {{ worker.id | to_json }} + job: {{ worker.type | to_json }} + app: {{ worker.app | to_json }} {% endif %} {% endfor %} {% endif %} diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 0c2b8a793..43e44b630 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -20,7 +20,7 @@ - name: Build stream writer workers ansible.builtin.set_fact: worker: - id: "stream-writer-{{ item }}-{{ item.stream }}" + id: "stream-writer-{{ idx }}-{{ item.stream }}" # Names must not include understores. Certain stream writer streams (to_device, account_data, ..) do, so we fix them up. name: "matrix-synapse-worker-stream-writer-{{ idx }}-{{ item.stream | replace('_', '-') }}" type: 'stream_writer' From 3d2547329e9bcbbde802d4a9330eae2d0dd90dab Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Sep 2022 13:14:31 +0300 Subject: [PATCH 099/349] Add missing else clause to inline if Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2103 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2104 --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 78d1ed68a..01e287a7b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1772,7 +1772,7 @@ matrix_nginx_proxy_systemd_wanted_services_list: | {{ ['matrix-' + matrix_homeserver_implementation + '.service'] + - (matrix_synapse_webserving_workers_systemd_services_list if matrix_homeserver_implementation == 'synapse' and matrix_synapse_workers_enabled) + (matrix_synapse_webserving_workers_systemd_services_list if matrix_homeserver_implementation == 'synapse' and matrix_synapse_workers_enabled else []) + (['matrix-corporal.service'] if matrix_corporal_enabled else []) + From b8b7974b78965eb3d7a0fcd9142c0e47b0857c7a Mon Sep 17 00:00:00 2001 From: Jost Alemann <58050402+jalemann@users.noreply.github.com> Date: Fri, 16 Sep 2022 13:13:11 +0200 Subject: [PATCH 100/349] fix: typo --- CHANGELOG.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 95356d8cd..deb1bc0ce 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -56,8 +56,8 @@ We previously had an `appservice` worker type, which [Synapse deprecated in v1.5 The new way to implement such workers is by using a `generic_worker` and dedicating it to the task of talking to Application Services. From now on, we have support for this. -With `matrix_synapse_workers_preset: one-of-each`, you'll get one `appserice` worker automatically. -You can also control the `appserice` workers count with `matrix_synapse_workers_appserice_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. +With `matrix_synapse_workers_preset: one-of-each`, you'll get one `appservice` worker automatically. +You can also control the `appservice` workers count with `matrix_synapse_workers_appservice_workers_count`. Only `0` or `1` workers of this type are supported by Synapse. ### User Directory worker support is back From 0a4ce46e1ee89edce74f3bc7a8be2547c927fcfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 18:25:36 +0200 Subject: [PATCH 101/349] Add doc page MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- ...ng-playbook-matrix-ldap-registration-proxy.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 docs/configuring-playbook-matrix-ldap-registration-proxy.md diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md new file mode 100644 index 000000000..661535f39 --- /dev/null +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -0,0 +1,16 @@ +# Setting up matrix-ldap-registration-proxy (optional) + +The playbook can install and configure [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) for you. + +This proxy handles Matrix registration requests and forwards them to LDAP. + +**Please note:** This does support the full Matrix specification for registrations. It only provide a very coarse +implementation of a basic password registration. + +## Quickstart + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + +```yaml +matrix_ldap_registration_proxy_enabled: true +``` From e87bee15dd376eac897916d9c609c59e93d32d65 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 16 Sep 2022 19:57:52 +0300 Subject: [PATCH 102/349] Add note about the Kakaotalk bridge being dangerous to use --- docs/configuring-playbook-bridge-appservice-kakaotalk.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 127f18f49..3c49d726a 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -2,6 +2,8 @@ The playbook can install and configure [matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) for you. `matrix-appservice-kakaotalk` is a bridge to [Kakaotalk](https://www.kakaocorp.com/page/service/service/KakaoTalk?lang=ENG) based on [node-kakao](https://github.com/storycraft/node-kakao) (now unmaintained) and some [mautrix-facebook](https://github.com/mautrix/facebook) code. +**NOTE**: there have been recent reports (~2022-09-16) that **using this bridge may get your account banned**. + See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) to learn what it does and why it might be useful to you. From db705aff4f226ae0685a39e7cbe2fc5036b40914 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 19:15:33 +0200 Subject: [PATCH 103/349] Add documentation to readme/list of services MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- README.md | 2 ++ docs/configuring-playbook.md | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index 221e8a85b..4c64ee2cd 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,8 @@ Using this playbook, you can get the following services configured on your serve - (optional, advanced) the [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) LDAP Auth password provider module +- (optional, advanced) the [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) a proxy that handles Matrix registration requests and forwards them to LDAP. + - (optional, advanced) the [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) spam checker module - (optional, advanced) the [Matrix Corporal](https://github.com/devture/matrix-corporal) reconciliator and gateway for a managed Matrix server diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index b3b44b5ff..735dddf2b 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -86,6 +86,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the LDAP password provider module](configuring-playbook-ldap-auth.md) (optional, advanced) +- [Setting up the ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md) (optional, advanced) + - [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (optional, advanced) - [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (optional, advanced) @@ -179,3 +181,5 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional) - [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) (optional) + + From d23cef541ebd8c6cc21a1540a50215fddb184c94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 19:16:45 +0200 Subject: [PATCH 104/349] Redo exposing the service to nginx MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Service is now exposed by default on port 8585 and forwarded by nginx to the specified endpoint Signed-off-by: Julian-Samuel Gebühr --- roles/matrix-ldap-registration-proxy/defaults/main.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index 5a010f971..bf7f35643 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -28,10 +28,14 @@ matrix_ldap_registration_proxy_container_port: 8080 # Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. -matrix_ldap_registration_proxy_container_http_host_bind_port: '' +matrix_ldap_registration_proxy_container_http_host_bind_port: '8585'}' -matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_port }}" -matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_port }}" +# `matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw` contains the raw port number extracted from `matrix_ldap_registration_proxy_container_http_host_bind_port`, + # which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') + matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw: "{{ '' if matrix_ldap_registration_proxy_container_http_host_bind_port == '' else (matrix_ldap_registration_proxy_container_http_host_bind_port.split(':')[1] if ':' in matrix_ldap_registration_proxy_container_http_host_bind_port else matrix_ldap_registration_proxy_container_http_host_bind_port) }}" + +matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" +matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" # A list of extra arguments to pass to the container From 2fa0ddcf539b73882be52a1aefaef93a01133fc4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 16 Sep 2022 19:25:00 +0200 Subject: [PATCH 105/349] TODO: Check if ths documentation is correct MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- ...ring-playbook-matrix-ldap-registration-proxy.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 661535f39..31b75a0be 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -14,3 +14,17 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_ldap_registration_proxy_enabled: true ``` + +That is enough if you use the synapse external password provider via LDAP. +If you want to use your own credentials add the following to your `inventory/host_vars/matrix.DOMAIN/vars.yml`: + + + +# LDAP credentials +```yaml +matrix_ldap_registration_proxy_ldap_uri: +matrix_ldap_registration_proxy_ldap_base_dn: +matrix_ldap_registration_proxy_ldap_user: +matrix_ldap_registration_proxy_ldap_password: +``` +TODO: is the block above correct? Else indicate that it can only be used with the LDAP password provider for Synapse From e25678c57a3910f72b979882418e3a46a527d501 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 17 Sep 2022 09:23:09 +0300 Subject: [PATCH 106/349] Upgrade Hookshot (2.1.2 -> 2.2.0) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index d60cf15b9..57d31af56 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.1.2 +matrix_hookshot_version: 2.2.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From b45cd7495c66c680b113e367824297783c8959f4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 17 Sep 2022 09:39:42 +0300 Subject: [PATCH 107/349] Upgrade mautrix-whatsapp (0.6.1 -> 0.7.0) and change some defaults `ephemeral_events`` and `sync_with_custom_puppets` have been flipped to keep up with the default upstream config: https://github.com/mautrix/whatsapp/commit/b33bd9c4a7e070f03008d2b47ed764b05c2fc20d --- .../matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 12 ++++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 821f3f283..81494584c 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git" matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" -matrix_mautrix_whatsapp_version: v0.6.1 +matrix_mautrix_whatsapp_version: v0.7.0 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 8073da658..87d4627d3 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -5,6 +5,9 @@ homeserver: address: {{ matrix_mautrix_whatsapp_homeserver_address }} # The domain of the homeserver (for MXIDs, etc). domain: {{ matrix_mautrix_whatsapp_homeserver_domain }} + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard # The URL to push real-time bridge status to. # If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes. # The bridge will use the appservice as_token to authorize requests. @@ -52,7 +55,7 @@ appservice: # Whether or not to receive ephemeral events via appservice transactions. # Requires MSC2409 support (i.e. Synapse 1.22+). # You should disable bridge -> sync_with_custom_puppets when this is enabled. - ephemeral_events: false + ephemeral_events: true # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" @@ -188,7 +191,7 @@ bridge: # Should Matrix users leaving groups be bridged to WhatsApp? bridge_matrix_leave: true # Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices. - sync_with_custom_puppets: true + sync_with_custom_puppets: false # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. @@ -268,6 +271,9 @@ bridge: # Should the bridge never send alerts to the bridge management room? # These are mostly things like the user being logged out. disable_bridge_alerts: false + # Should the bridge stop if the WhatsApp server says another user connected with the same session? + # This is only safe on single-user bridges. + crash_on_stream_replaced: false # Should the bridge detect URLs in outgoing messages, ask the homeserver to generate a preview, # and send it to WhatsApp? URL previews can always be sent using the `com.beeper.linkpreviews` # key in the event content even if this is disabled. @@ -311,6 +317,8 @@ bridge: # This will cause the bridge bot to be in private chats for the encryption to work properly. # It is recommended to also set private_chat_portal_meta to true when using this. default: {{ matrix_mautrix_whatsapp_bridge_encryption_default|to_json }} + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false # Require encryption, drop any unencrypted messages. require: false # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. From f2b66c3b04cec2a685d919a8a5bfcc0992dc4290 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 17 Sep 2022 10:02:07 +0300 Subject: [PATCH 108/349] Use a different name for appservice-irc image (localhost/ prefix) if self-building enabled Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2108 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index fb0f3a333..bd69df792 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -15,6 +15,7 @@ matrix_appservice_irc_version: 0.35.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" +matrix_appservice_irc_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_irc_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_appservice_irc_base_path: "{{ matrix_base_data_path }}/appservice-irc" matrix_appservice_irc_config_path: "{{ matrix_appservice_irc_base_path }}/config" From 49c64a8d65165d03df9c95c8fa05fc1bf67af988 Mon Sep 17 00:00:00 2001 From: borisrunakov Date: Sat, 17 Sep 2022 10:22:05 +0300 Subject: [PATCH 109/349] change stream writer worker metrics range start --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4e0af66b6..db7043113 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -494,7 +494,7 @@ matrix_synapse_stream_writers: {} # It should be noted that not all of the background worker types will need to expose HTTP services, etc. matrix_synapse_workers_stream_writer_workers_http_port_range_start: 20011 matrix_synapse_workers_stream_writer_workers_replication_port_range_start: 25011 -matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19111 +matrix_synapse_workers_stream_writer_workers_metrics_range_start: 19211 # matrix_synapse_workers_pusher_workers_count controls the number of pusher workers (workers who push out notifications) to spawn. # See https://matrix-org.github.io/synapse/latest/workers.html#synapseapppusher From 3a3a0b5c9a6039706c488ac439c9a27777cb035e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 17 Sep 2022 13:41:29 +0000 Subject: [PATCH 110/349] Update Cinny 2.1.3 -> 2.2.0 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index c2bc476a9..c041794cb 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.1.3 +matrix_client_cinny_version: v2.2.0 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 435c4f8b01896b84fdc3d68d51352b37e02a7ecf Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Sat, 17 Sep 2022 14:33:29 +0000 Subject: [PATCH 111/349] dendrite: update config to match upstream defaults --- roles/matrix-dendrite/defaults/main.yml | 2 +- .../templates/dendrite/dendrite.yaml.j2 | 29 +++++++++++++++++++ 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 2a6c4fd67..df78b56d8 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -90,7 +90,7 @@ matrix_dendrite_tmp_directory_size_mb: 500 # Rate limits matrix_dendrite_rate_limiting_enabled: true -matrix_dendrite_rate_limiting_threshold: 5 +matrix_dendrite_rate_limiting_threshold: 20 matrix_dendrite_rate_limiting_cooloff_ms: 500 # Controls whether people with access to the homeserver can register by themselves. diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index 88aacab23..d44da2192 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -58,6 +58,10 @@ global: # e.g. localhost:443 well_known_server_name: "" + # The server name to delegate client-server communications to, with optional port + # e.g. localhost:443 + well_known_client_name: "" + # Lists of domains that the server will trust as identity servers to verify third # party identifiers such as phone numbers and email addresses. trusted_third_party_id_servers: {{ matrix_dendrite_trusted_id_servers|to_json }} @@ -73,6 +77,25 @@ global: # Whether outbound presence events are allowed, e.g. sending presence events to other servers enable_outbound: false + # Configuration for in-memory caches. Caches can often improve performance by + # keeping frequently accessed items (like events, identifiers etc.) in memory + # rather than having to read them from the database. + cache: + # The estimated maximum size for the global cache in bytes, or in terabytes, + # gigabytes, megabytes or kilobytes when the appropriate 'tb', 'gb', 'mb' or + # 'kb' suffix is specified. Note that this is not a hard limit, nor is it a + # memory limit for the entire process. A cache that is too small may ultimately + # provide little or no benefit. + max_size_estimated: 1gb + + # The maximum amount of time that a cache entry can live for in memory before + # it will be evicted and/or refreshed from the database. Lower values result in + # easier admission of new cache entries but may also increase database load in + # comparison to higher values, so adjust conservatively. Higher values may make + # it harder for new items to make it into the cache, e.g. if new rooms suddenly + # become popular. + max_age: 1h + # Server notices allows server admins to send messages to all users. server_notices: enabled: false @@ -186,6 +209,8 @@ client_api: enabled: {{ matrix_dendrite_rate_limiting_enabled|to_json }} threshold: {{ matrix_dendrite_rate_limiting_threshold|to_json }} cooloff_ms: {{ matrix_dendrite_rate_limiting_cooloff_ms|to_json }} + exempt_user_ids: + # - "@user:domain.com" # Configuration for the Federation API. federation_api: @@ -324,6 +349,10 @@ sync_api: # a reverse proxy server. # real_ip_header: X-Real-IP real_ip_header: {{ matrix_dendrite_sync_api_real_ip_header|to_json }} + fulltext: + enabled: false + index_path: "./fulltextindex" + language: "en" # more possible languages can be found at https://github.com/blevesearch/bleve/tree/master/analysis/lang # Configuration for the User API. user_api: From 47fa90bdc31876a7df24a57a14a86375da3ec2eb Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 17 Sep 2022 20:38:07 +0000 Subject: [PATCH 112/349] Update mautrix-signal 0.3.0 -> 0.4.0 --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index d6d3faa2b..d8e4016cf 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git" matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" -matrix_mautrix_signal_version: v0.3.0 +matrix_mautrix_signal_version: v0.4.0 matrix_mautrix_signal_daemon_version: 0.21.1 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" From f042542086a6e4c40b833dac86b6926ebfe69697 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 17 Sep 2022 23:51:05 +0300 Subject: [PATCH 113/349] Update Honoroit 0.9.13 -> 0.9.14 --- roles/matrix-bot-honoroit/defaults/main.yml | 13 ++++++++++++- roles/matrix-bot-honoroit/templates/env.j2 | 3 ++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 7a3e0d190..1c48dc192 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.13 +matrix_bot_honoroit_version: v0.9.14 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" @@ -88,6 +88,17 @@ matrix_bot_honoroit_loglevel: '' # Disable encryption matrix_bot_honoroit_noencryption: false +# A list of whitelisted users allowed to use/invite honoroit +# If not defined, everyone is allowed. +# Example set of rules: +# matrix_bot_honoroit_users: +# - @someone:example.com +# - @another:example.com +# - @bot.*:example.com +# - @*:another.com +matrix_bot_honoroit_allowedusers: + - "@*:*" + # Max items in cache matrix_bot_honoroit_cachesize: '' diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/matrix-bot-honoroit/templates/env.j2 index c8d10c6a0..0cfd88c1d 100644 --- a/roles/matrix-bot-honoroit/templates/env.j2 +++ b/roles/matrix-bot-honoroit/templates/env.j2 @@ -10,7 +10,8 @@ HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }} HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }} HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }} HONOROIT_IGNORENOTHREAD={{ matrix_bot_honoroit_ignorenothread }} -HONOROIT_IGNOREDROOMS={{ matrix_bot_honoroit_ignoredrooms|join(' ') }} +HONOROIT_IGNOREDROOMS={{ matrix_bot_honoroit_ignoredrooms | join(' ') }} +HONOROIT_ALLOWEDUSERS={{ matrix_bot_honoroit_allowedusers | join(' ') }} HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }} HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }} HONOROIT_TEXT_NOENCRYPTION={{ matrix_bot_honoroit_text_noencryption }} From 0259a7a50b46f31fac9f3f1fa2473a1753655200 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 18 Sep 2022 12:03:54 +0300 Subject: [PATCH 114/349] Fix typo Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2114 --- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 1c48dc192..94d4a5e64 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -91,7 +91,7 @@ matrix_bot_honoroit_noencryption: false # A list of whitelisted users allowed to use/invite honoroit # If not defined, everyone is allowed. # Example set of rules: -# matrix_bot_honoroit_users: +# matrix_bot_honoroit_allowedusers: # - @someone:example.com # - @another:example.com # - @bot.*:example.com From 89648cf58e8de298301b973274947eaa7335afeb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 18 Sep 2022 12:21:09 +0300 Subject: [PATCH 115/349] Fix some ansible-lint-reported warnings --- roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/server_base/setup_raspbian.yml | 2 +- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 6 +++--- .../matrix-bridge-appservice-irc/tasks/validate_config.yml | 2 +- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 4 ---- roles/matrix-common-after/tasks/dump_runtime_results.yml | 2 +- roles/matrix-common-after/tasks/start.yml | 4 ++-- roles/matrix-dynamic-dns/tasks/validate_config.yml | 2 +- roles/matrix-email2matrix/tasks/validate_config.yml | 2 +- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- roles/matrix-postgres/tasks/migrate_db_to_postgres.yml | 2 +- roles/matrix-postgres/tasks/validate_config.yml | 2 +- roles/matrix-sygnal/tasks/validate_config.yml | 2 +- .../tasks/ext/synapse-simple-antispam/setup_install.yml | 2 +- roles/matrix-synapse/tasks/init.yml | 6 +++--- roles/matrix-synapse/tasks/register_user.yml | 2 +- .../tasks/rust-synapse-compress-state/main.yml | 2 +- roles/matrix-synapse/tasks/synapse/workers/init.yml | 2 +- .../tasks/synapse/workers/util/inject_worker.yml | 2 +- roles/matrix-synapse/tasks/update_user_password.yml | 4 ++-- roles/matrix-synapse/tasks/validate_config.yml | 2 +- 22 files changed, 27 insertions(+), 31 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 6d69f3e5b..2f8645e5a 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -134,7 +134,7 @@ matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_sh: "/usr/bin/env sh" -matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}" +matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/matrix-base/tasks/server_base/setup_raspbian.yml index 54ea4d185..18c6eb65e 100644 --- a/roles/matrix-base/tasks/server_base/setup_raspbian.yml +++ b/roles/matrix-base/tasks/server_base/setup_raspbian.yml @@ -36,6 +36,6 @@ ansible.builtin.apt: name: - "{{ matrix_docker_package_name }}" - - "python{{'3' if ansible_python.version.major == 3 else ''}}-docker" + - "python{{ '3' if ansible_python.version.major == 3 else '' }}-docker" state: present when: matrix_docker_installation_enabled | bool diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 251d0b4a2..461af0608 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -35,7 +35,7 @@ + [matrix_bot_maubot_matrix_nginx_proxy_configuration] }} - when: matrix_bot_maubot_proxy_management_interface|bool + when: matrix_bot_maubot_proxy_management_interface | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 0be7089ce..dd0fc1f6a 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -12,18 +12,18 @@ enabled: false daemon_reload: true register: stopping_result - when: "matrix_bot_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists | bool" - name: Ensure matrix-bot-maubot.service doesn't exist ansible.builtin.file: path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" state: absent - when: "matrix_bot_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists | bool" - name: Ensure systemd reloaded after matrix-bot-maubot.service removal ansible.builtin.service: daemon_reload: true - when: "matrix_bot_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists | bool" - name: Ensure Matrix maubot paths don't exist ansible.builtin.file: diff --git a/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml b/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml index f101e6fea..f0d887c8f 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml @@ -23,7 +23,7 @@ You need to define one or more servers by either using `matrix_appservice_irc_ircService_servers` or by extending the base configuration with additional configuration in `matrix_appservice_irc_configuration_extension_yaml`. Overriding the whole bridge's configuration (`matrix_appservice_irc_configuration`) is yet another possibility. - when: "matrix_appservice_irc_configuration.ircService.servers|length == 0" + when: "matrix_appservice_irc_configuration.ircService.servers | length == 0" - name: (Deprecation) Catch and report renamed appservice-irc variables ansible.builtin.fail: diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 81494584c..cb4900eec 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -86,10 +86,6 @@ matrix_mautrix_whatsapp_login_shared_secret: '' matrix_mautrix_whatsapp_bridge_login_shared_secret_map: "{{ {matrix_mautrix_whatsapp_homeserver_domain: matrix_mautrix_whatsapp_login_shared_secret} if matrix_mautrix_whatsapp_login_shared_secret else {} }}" -# Servers to always allow double puppeting from -matrix_mautrix_whatsapp_bridge_double_puppet_server_map: - "{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}" - # Enable End-to-bridge encryption matrix_mautrix_whatsapp_bridge_encryption_allow: false matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" diff --git a/roles/matrix-common-after/tasks/dump_runtime_results.yml b/roles/matrix-common-after/tasks/dump_runtime_results.yml index 4074a625d..7dba367d2 100644 --- a/roles/matrix-common-after/tasks/dump_runtime_results.yml +++ b/roles/matrix-common-after/tasks/dump_runtime_results.yml @@ -4,4 +4,4 @@ - ansible.builtin.debug: msg: "" with_items: "{{ matrix_playbook_runtime_results }}" - when: "matrix_playbook_runtime_results is defined and matrix_playbook_runtime_results|length > 0" + when: "matrix_playbook_runtime_results is defined and matrix_playbook_runtime_results | length > 0" diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml index 890eabfab..605b3f61c 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/matrix-common-after/tasks/start.yml @@ -49,8 +49,8 @@ See `roles/matrix-common-after/defaults/main.yml` for more details about that. with_items: "{{ matrix_systemd_services_list }}" when: - - "item.endswith('.service') and (ansible_facts.services[item]|default(none) is none or ansible_facts.services[item].state != 'running')" - when: " ansible_distribution != 'Archlinux'" + - "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')" + when: "ansible_distribution != 'Archlinux'" - block: # Currently there is a bug in ansible that renders is incompatible with systemd. diff --git a/roles/matrix-dynamic-dns/tasks/validate_config.yml b/roles/matrix-dynamic-dns/tasks/validate_config.yml index 610dc2f8c..60adade89 100644 --- a/roles/matrix-dynamic-dns/tasks/validate_config.yml +++ b/roles/matrix-dynamic-dns/tasks/validate_config.yml @@ -4,7 +4,7 @@ ansible.builtin.fail: msg: >- You need to define at least one configuration in `matrix_dynamic_dns_domain_configurations` for using matrix-dynamic-dns. - when: "matrix_dynamic_dns_domain_configurations|length == 0" + when: "matrix_dynamic_dns_domain_configurations | length == 0" - name: Fail if required settings not defined in configuration blocks ansible.builtin.fail: diff --git a/roles/matrix-email2matrix/tasks/validate_config.yml b/roles/matrix-email2matrix/tasks/validate_config.yml index 59a3581e4..8d89f1d6a 100644 --- a/roles/matrix-email2matrix/tasks/validate_config.yml +++ b/roles/matrix-email2matrix/tasks/validate_config.yml @@ -4,4 +4,4 @@ ansible.builtin.fail: msg: > You need to define at least one mapping in `matrix_email2matrix_matrix_mappings` for enabling Email2Matrix. - when: "matrix_email2matrix_matrix_mappings|length == 0" + when: "matrix_email2matrix_matrix_mappings | length == 0" diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 88c99ea9b..7cdc0c921 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -633,7 +633,7 @@ matrix_nginx_proxy_synapse_user_dir_locations: [] # synapse content caching matrix_nginx_proxy_synapse_cache_enabled: false -matrix_nginx_proxy_synapse_cache_path: "{{ '/tmp/synapse-cache' if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path+'/synapse-cache' }}" +matrix_nginx_proxy_synapse_cache_path: "{{ '/tmp/synapse-cache' if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path + '/synapse-cache' }}" matrix_nginx_proxy_synapse_cache_keys_zone_name: "STATIC" matrix_nginx_proxy_synapse_cache_keys_zone_size: "10m" matrix_nginx_proxy_synapse_cache_inactive_time: "48h" diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index be967d684..f79a12f87 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -157,7 +157,7 @@ register: matrix_postgres_migrate_db_to_postgres_additional_queries_result changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0 - when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([])|length > 0" + when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" - name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) ansible.builtin.command: diff --git a/roles/matrix-postgres/tasks/validate_config.yml b/roles/matrix-postgres/tasks/validate_config.yml index f239b116a..a6225632c 100644 --- a/roles/matrix-postgres/tasks/validate_config.yml +++ b/roles/matrix-postgres/tasks/validate_config.yml @@ -36,4 +36,4 @@ - name: Fail if Postgres password length exceeded ansible.builtin.fail: msg: "The maximum `matrix_postgres_connection_password` length is 99 characters" - when: "matrix_postgres_connection_password|length > 99" + when: "matrix_postgres_connection_password | length > 99" diff --git a/roles/matrix-sygnal/tasks/validate_config.yml b/roles/matrix-sygnal/tasks/validate_config.yml index b2c380109..277bd1b2a 100644 --- a/roles/matrix-sygnal/tasks/validate_config.yml +++ b/roles/matrix-sygnal/tasks/validate_config.yml @@ -4,4 +4,4 @@ ansible.builtin.fail: msg: >- Enabling Sygnal requires that you specify at least one app in `matrix_sygnal_apps` - when: "matrix_sygnal_enabled and matrix_sygnal_apps|length == 0" + when: "matrix_sygnal_enabled and matrix_sygnal_apps | length == 0" diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 23a382f26..34a7a7e06 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -3,7 +3,7 @@ - name: Fail if Synapse Simple Antispam blocked homeservers is not set ansible.builtin.fail: msg: "Synapse Simple Antispam is enabled, but no blocked homeservers have been set in matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers" - when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers|length == 0" + when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers | length == 0" - name: Ensure git installed (RedHat) ansible.builtin.yum: diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index 8610a33b7..acfbf0313 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -9,7 +9,7 @@ # Unless `matrix_synapse_workers_enabled_list` is explicitly defined, # we'll generate it dynamically. - ansible.builtin.include_tasks: "{{ role_path }}/tasks/synapse/workers/init.yml" - when: "matrix_synapse_enabled and matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list|length == 0" + when: "matrix_synapse_enabled and matrix_synapse_workers_enabled and matrix_synapse_workers_enabled_list | length == 0" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse.service'] }}" @@ -73,7 +73,7 @@ } {% endif %} {% endfor %} - when: matrix_synapse_workers_enabled_list|length > 0 + when: matrix_synapse_workers_enabled_list | length > 0 - name: Register synapse worker metrics proxying configuration with matrix-nginx-proxy (matrix.DOMAIN/metrics/synapse/worker) ansible.builtin.set_fact: @@ -83,5 +83,5 @@ + [matrix_synapse_worker_nginx_metrics_configuration_block] }} - when: matrix_synapse_workers_enabled_list|length > 0 + when: matrix_synapse_workers_enabled_list | length > 0 when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool diff --git a/roles/matrix-synapse/tasks/register_user.yml b/roles/matrix-synapse/tasks/register_user.yml index 8c344b2de..817484495 100644 --- a/roles/matrix-synapse/tasks/register_user.yml +++ b/roles/matrix-synapse/tasks/register_user.yml @@ -28,6 +28,6 @@ when: "start_result.changed" - name: Register user - ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-synapse-register-user {{ username|quote }} {{ password|quote }} {{ '1' if admin == 'yes' else '0' }}" + ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-synapse-register-user {{ username | quote }} {{ password | quote }} {{ '1' if admin == 'yes' else '0' }}" register: matrix_synapse_register_user_result changed_when: matrix_synapse_register_user_result.rc == 0 diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index fcea86064..29860e5a5 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -92,7 +92,7 @@ ansible.builtin.fail: msg: >- Expecting 4 lines in the "find rooms" result. - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines|length != 4" + when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" - block: # matrix_synapse_rust_synapse_compress_state_eligible_rooms is a list diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 43e44b630..0fc4e79c3 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -37,7 +37,7 @@ - name: Populate matrix_synapse_stream_writers from enabled stream writer workers list ansible.builtin.set_fact: - matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine ({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" + matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" with_items: "{{ matrix_synapse_workers_list_results_stream_writer_workers.results }}" - name: Build federation sender workers diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index 0a52db327..eee731515 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -42,7 +42,7 @@ ansible.builtin.fail: msg: >- Synapse stream_writer workers (such as {{ item }}) need to define a valid `stream_writer_stream` property - (not `{{ matrix_synapse_worker_details.stream_writer_stream|default('undefined') }}`). + (not `{{ matrix_synapse_worker_details.stream_writer_stream | default('undefined') }}`). Supported types are: {{ matrix_synapse_workers_known_stream_writer_stream_types | join(', ') }} when: "'stream_writer_stream' not in matrix_synapse_worker_details or matrix_synapse_worker_details.stream_writer_stream not in matrix_synapse_workers_known_stream_writer_stream_types" diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml index 586bf51b3..f7b404565 100644 --- a/roles/matrix-synapse/tasks/update_user_password.yml +++ b/roles/matrix-synapse/tasks/update_user_password.yml @@ -36,11 +36,11 @@ when: "start_result.changed or postgres_start_result.changed" - name: Generate password hash - ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}" + ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password | quote }}" register: password_hash changed_when: false - name: Update user password hash - ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-postgres-update-user-password-hash {{ username|quote }} {{ password_hash.stdout|quote }}" + ansible.builtin.command: "{{ matrix_local_bin_path }}/matrix-postgres-update-user-password-hash {{ username | quote }} {{ password_hash.stdout | quote }}" register: matrix_synapse_update_user_password_result changed_when: matrix_synapse_update_user_password_result.rc == 0 diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index 79e581549..0758c88fb 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -16,7 +16,7 @@ ansible.builtin.fail: msg: >- `{{ item }}` cannot be more than 1. This is a single-instance worker. - when: "vars[item]|int > 1" + when: "vars[item] | int > 1" with_items: - "matrix_synapse_workers_appservice_workers_count" - "matrix_synapse_workers_user_dir_workers_count" From 139be4870601c3a5df50dd4dc623bc0225b8b3a7 Mon Sep 17 00:00:00 2001 From: Mecallie <33781978+Mecallie@users.noreply.github.com> Date: Mon, 19 Sep 2022 21:04:02 +0200 Subject: [PATCH 116/349] Updated the Element settings. --- docs/configuring-playbook-ntfy.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 57dfb3b28..757bcccd4 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -71,7 +71,8 @@ Steps needed for specific matrix apps: 3. verify `Settings` -> `Notifications` -> `UnifiedPush: Notification targets` as described below in the "Troubleshooting" section. * Element-android v1.4.26+: - - [not yet documented; should auto-detect and use it?] + 1. choose `Settings` -> `Notifications` -> `Notification method` -> `ntfy` + 2. verify `Settings` -> `Troubleshoot` -> `Troubleshoot notification settings` If the matrix app asks, "Choose a distributor: FCM Fallback or ntfy", then choose "ntfy". From 18836e910f77ea557e174e4467a605f4be7cf736 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 20 Sep 2022 09:03:22 +0000 Subject: [PATCH 117/349] Update mautrix-instagram 0.2.0 -> 0.2.1 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index eb223405a..b739a4a37 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: v0.2.0 +matrix_mautrix_instagram_version: v0.2.1 # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From 63423e614fffe8162ce391c205d50b00b49454c5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 20 Sep 2022 09:09:27 +0000 Subject: [PATCH 118/349] Update ddclient v3.9.1-ls98 -> v3.9.1-ls99 --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 8a5e7cdff..53ecfa33f 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls98 +matrix_dynamic_dns_version: v3.9.1-ls99 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From c6f9a42f40c1bb07445f77201c560d8217c9415e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 20 Sep 2022 14:58:45 +0000 Subject: [PATCH 119/349] Update Grafana 9.1.5 -> 9.1.6 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index dda120a2b..381a9abf0 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.5 +matrix_grafana_version: 9.1.6 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 8717447dc56d9853cb8d338c7ab8d42144d43566 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 21 Sep 2022 08:08:30 +0000 Subject: [PATCH 120/349] Update Honoroit 0.9.14 -> 0.9.15 --- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 94d4a5e64..68fb8c177 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.14 +matrix_bot_honoroit_version: v0.9.15 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" From 6d29048ed90d6e71906cba664f2cb4c47c595f55 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 21 Sep 2022 08:20:21 +0000 Subject: [PATCH 121/349] Update Postmoogle 0.9.2 -> 0.9.3 --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index b411f70db..b51f81ad0 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.2 +matrix_bot_postmoogle_version: v0.9.3 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 202f54f327965cbefc0ebab505be59983834a236 Mon Sep 17 00:00:00 2001 From: Warrows Date: Thu, 22 Sep 2022 13:48:24 +0200 Subject: [PATCH 122/349] Improve maubot doc Add two important informations: - The `mbc` commands must be ran in the docker container - Not using this method prevent from using encrypted rooms with the bot --- docs/configuring-playbook-bot-maubot.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 1a6636d79..11ab1cce2 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -54,4 +54,5 @@ Choose a strong password for the bot. You can generate a good password with a co ## Obtaining an admin access token -This can be done via `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md). +This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands you'll need to open the bot docker container with `docker exec -it matrix-bot-maubot sh` +Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md). However these two methods won't allow the bot to work in encrypted rooms. From 59adb8d02862258c05e09d29c922040c3c675edb Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Thu, 22 Sep 2022 09:21:23 -0500 Subject: [PATCH 123/349] dendrite: update image tag version - 0.9.9 (https://github.com/matrix-org/dendrite/releases/tag/v0.9.9) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index df78b56d8..542ed1368 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.8" +matrix_dendrite_docker_image_tag: "v0.9.9" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From fc56288f5ba1f9044616834fb8c911ca77c43923 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 23 Sep 2022 08:34:58 +0000 Subject: [PATCH 124/349] Update Postmoogle 0.9.3 -> 0.9.4 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * send emails in UTF-8 👋 * fix options descriptions * add SMTP auth * allow sending emails from your apps and scripts using postmoogle as email provider --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index b51f81ad0..abec64c41 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.3 +matrix_bot_postmoogle_version: v0.9.4 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From b77907f2d4a793c93c73916a390b7a4ab3ea4e47 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Sat, 24 Sep 2022 04:12:49 +0000 Subject: [PATCH 125/349] whatsapp: do not turn on synapse only options --- roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 87d4627d3..28971447e 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -55,7 +55,7 @@ appservice: # Whether or not to receive ephemeral events via appservice transactions. # Requires MSC2409 support (i.e. Synapse 1.22+). # You should disable bridge -> sync_with_custom_puppets when this is enabled. - ephemeral_events: true + ephemeral_events: false # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" @@ -191,7 +191,7 @@ bridge: # Should Matrix users leaving groups be bridged to WhatsApp? bridge_matrix_leave: true # Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices. - sync_with_custom_puppets: false + sync_with_custom_puppets: true # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 484536b039843838a5885e7f91a01d1cfd1406e5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 24 Sep 2022 16:01:27 +0000 Subject: [PATCH 126/349] Do not restart postmoogle during installation Reason: during a fresh install, when there is no synapse yet, systemd unit fails to start, thus whole play fails --- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index d7e5dbee9..3e6e6dc66 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -91,9 +91,3 @@ ansible.builtin.service: daemon_reload: true when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" - -- name: Ensure matrix-bot-postmoogle.service restarted, if necessary - ansible.builtin.service: - name: "matrix-bot-postmoogle.service" - state: restarted - when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" From dd8106790e831d4b98a8ac491b45f13e33d0246f Mon Sep 17 00:00:00 2001 From: mjarr <87588014+mjarr@users.noreply.github.com> Date: Sat, 24 Sep 2022 18:53:56 +0200 Subject: [PATCH 127/349] synapse: match upstream rate limit defaults --- roles/matrix-synapse/defaults/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index db7043113..2ef6e949a 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -148,22 +148,22 @@ matrix_synapse_rc_admin_redaction: matrix_synapse_rc_joins: local: per_second: 0.1 - burst_count: 3 + burst_count: 10 remote: per_second: 0.01 - burst_count: 3 + burst_count: 10 matrix_synapse_rc_invites: per_room: - per_second: 0.5 - burst_count: 5 + per_second: 0.3 + burst_count: 10 per_user: - per_second: 0.004 - burst_count: 3 - per_issuer: - per_second: 0.5 + per_second: 0.003 burst_count: 5 + per_issuer: + per_second: 0.3 + burst_count: 10 matrix_synapse_rc_federation: From 14af09e4f344819d75f539871bed10e39642dc13 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:08:47 +0300 Subject: [PATCH 128/349] Define matrix_grafana_dashboard_download_urls_all variable in matrix-grafana role We shouldn't be using it in the role (`tasks/setup.yml`) without defining at least some default value in the role itself. We've always had the override in `group_vars/matrix_servers`, so the variable was essentially defined (at the playbook level), but that's not the right way to do things. --- roles/matrix-grafana/defaults/main.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 381a9abf0..ffdfa1322 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -16,6 +16,10 @@ matrix_grafana_dashboard_download_urls: - "https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json" - "https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json" +# matrix_grafana_dashboard_download_urls_all contains the full list (of URLs) of dashboards to download. +# This variable is overriden elsewhere and additional URLs are injected into it (besides those seen in `matrix_grafana_dashboard_download_urls`) based on the enabled components. +matrix_grafana_dashboard_download_urls_all: "{{ matrix_grafana_dashboard_download_urls }}" + matrix_grafana_base_path: "{{ matrix_base_data_path }}/grafana" matrix_grafana_config_path: "{{ matrix_grafana_base_path }}/config" matrix_grafana_data_path: "{{ matrix_grafana_base_path }}/data" From 6c928d87ca3bd2af445eef3be5430d987abcdaaa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:23:54 +0300 Subject: [PATCH 129/349] Configure Grafana's default_home_dashboard_path properly Using `matrix_synapse_*` variables within the `matrix-grafana` role is not a good practice. We now have a `matrix_grafana_default_home_dashboard_path` variable with a good universal default value and we override it via `group_vars/matrix_servers` based on enabled components, etc. This is a better fix for https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2133 --- group_vars/matrix_servers | 9 +++++++++ roles/matrix-grafana/defaults/main.yml | 4 ++++ roles/matrix-grafana/templates/grafana.ini.j2 | 6 +----- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 01e287a7b..68e524531 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2484,6 +2484,15 @@ matrix_grafana_dashboard_download_urls_all: | (matrix_prometheus_postgres_exporter_dashboard_urls if matrix_prometheus_postgres_exporter_enabled else []) }} +matrix_grafana_default_home_dashboard_path: |- + {{ + { + 'synapse': ('/etc/grafana/dashboards/synapse.json' if matrix_synapse_metrics_enabled else '/etc/grafana/dashboards/node-exporter-full.json'), + 'dendrite': '/etc/grafana/dashboards/node-exporter-full.json', + 'conduit': '/etc/grafana/dashboards/node-exporter-full.json', + }[matrix_homeserver_implementation] + }} + matrix_grafana_systemd_wanted_services_list: | {{ [] diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index ffdfa1322..61d27839c 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -54,6 +54,10 @@ matrix_grafana_content_security_policy: true matrix_grafana_content_security_policy_customized: false matrix_grafana_content_security_policy_template: "script-src 'self' 'unsafe-eval' 'unsafe-inline' http: https: 'strict-dynamic' $NONCE;object-src 'none';font-src 'self';style-src 'self' 'unsafe-inline' blob:;img-src * data:;base-uri 'self';connect-src 'self' grafana.com ws://$ROOT_PATH wss://$ROOT_PATH;manifest-src 'self';media-src 'none';form-action 'self';" +# matrix_grafana_default_home_dashboard_path influences the `default_home_dashboard_path` grafana.ini setting, +# which is an in-container path for the default dashboard. +matrix_grafana_default_home_dashboard_path: /etc/grafana/dashboards/node-exporter-full.json + # A list of extra arguments to pass to the container matrix_grafana_container_extra_arguments: [] diff --git a/roles/matrix-grafana/templates/grafana.ini.j2 b/roles/matrix-grafana/templates/grafana.ini.j2 index 1e06683ee..ac609f914 100644 --- a/roles/matrix-grafana/templates/grafana.ini.j2 +++ b/roles/matrix-grafana/templates/grafana.ini.j2 @@ -26,8 +26,4 @@ enabled = {{ matrix_grafana_anonymous_access }} org_name = "{{ matrix_grafana_anonymous_access_org_name }}" [dashboards] -{% if matrix_synapse_metrics_enabled %} -default_home_dashboard_path = /etc/grafana/dashboards/synapse.json -{% else %} -default_home_dashboard_path = /etc/grafana/dashboards/node-exporter-full.json -{% endif %} +default_home_dashboard_path = {{ matrix_grafana_default_home_dashboard_path }} From 3f4bedb31e008332c7839899393e7e7ad52f32a3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:26:30 +0300 Subject: [PATCH 130/349] Use matrix_grafana_enabled: true in the matrix-grafana role This is consistent with what all other roles do. If someone includes a role, the assumption is that they want its functionality enabled. The playbook distribution then disables components via `group_vars/matrix_servers`. We've always had `matrix_grafana_enabled: false` there, so flipping the in-role `_enabled` flag to `true` does not change anything for playbook users. Users who import the roles individually in their own other playbooks (and who don't use `group_vars/matrix_servers`) may observe a change in the defaults with this. --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 61d27839c..2b98b2a8a 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -3,7 +3,7 @@ # See: https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md # Project source code URL: https://github.com/grafana/grafana -matrix_grafana_enabled: false +matrix_grafana_enabled: true matrix_grafana_version: 9.1.6 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" From f623cf355065f375a94fa3c2a9c23e582483485b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 08:46:10 +0300 Subject: [PATCH 131/349] Only download Grafana dashboard URLs for enabled services If someone is using Dendrite and enabling Grafana, we'll no longer download Synapse dashboards. If someone is not using node-exporter, we'll no longer download node exporter dashboards. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2133 --- group_vars/matrix_servers | 6 ++++-- roles/matrix-grafana/defaults/main.yml | 12 ++---------- roles/matrix-grafana/tasks/setup.yml | 2 +- roles/matrix-grafana/tasks/validate_config.yml | 9 +++++++++ .../defaults/main.yml | 5 +++++ .../defaults/main.yml | 2 ++ roles/matrix-synapse/defaults/main.yml | 5 +++++ 7 files changed, 28 insertions(+), 13 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 68e524531..efbe856de 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2477,9 +2477,11 @@ matrix_grafana_enabled: false # Grafana's HTTP port to the local host. matrix_grafana_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:3000' }}" -matrix_grafana_dashboard_download_urls_all: | +matrix_grafana_dashboard_download_urls: | {{ - matrix_grafana_dashboard_download_urls + (matrix_synapse_grafana_dashboard_urls if matrix_homeserver_implementation == 'synapse' and matrix_synapse_metrics_enabled else []) + + + (matrix_prometheus_node_exporter_dashboard_urls if matrix_prometheus_node_exporter_enabled else []) + (matrix_prometheus_postgres_exporter_dashboard_urls if matrix_prometheus_postgres_exporter_enabled else []) }} diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 2b98b2a8a..6c02dde7a 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -9,16 +9,8 @@ matrix_grafana_version: 9.1.6 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" -# Not conditional, because when someone disables metrics -# they might still want to look at the old existing data. -# So it would be silly to delete the dashboard in such case. -matrix_grafana_dashboard_download_urls: - - "https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json" - - "https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json" - -# matrix_grafana_dashboard_download_urls_all contains the full list (of URLs) of dashboards to download. -# This variable is overriden elsewhere and additional URLs are injected into it (besides those seen in `matrix_grafana_dashboard_download_urls`) based on the enabled components. -matrix_grafana_dashboard_download_urls_all: "{{ matrix_grafana_dashboard_download_urls }}" +# matrix_grafana_dashboard_download_urls holds a list of URLs of dashboards to download +matrix_grafana_dashboard_download_urls: [] matrix_grafana_base_path: "{{ matrix_base_data_path }}/grafana" matrix_grafana_config_path: "{{ matrix_grafana_base_path }}/config" diff --git a/roles/matrix-grafana/tasks/setup.yml b/roles/matrix-grafana/tasks/setup.yml index 591c02224..25378ce7e 100644 --- a/roles/matrix-grafana/tasks/setup.yml +++ b/roles/matrix-grafana/tasks/setup.yml @@ -68,7 +68,7 @@ mode: 0440 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - with_items: "{{ matrix_grafana_dashboard_download_urls_all }}" + with_items: "{{ matrix_grafana_dashboard_download_urls }}" when: matrix_grafana_enabled | bool register: result retries: "{{ matrix_geturl_retries_count }}" diff --git a/roles/matrix-grafana/tasks/validate_config.yml b/roles/matrix-grafana/tasks/validate_config.yml index cc48c5596..21c44dc83 100644 --- a/roles/matrix-grafana/tasks/validate_config.yml +++ b/roles/matrix-grafana/tasks/validate_config.yml @@ -5,3 +5,12 @@ msg: > You need to enable `matrix_prometheus_enabled` to use Prometheus as data source for Grafana. when: "not matrix_prometheus_enabled" + +- name: (Deprecation) Catch and report renamed settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_grafana_dashboard_download_urls_all', 'new': 'matrix_grafana_dashboard_download_urls'} diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/matrix-prometheus-node-exporter/defaults/main.yml index c7d6512f6..b7952d072 100644 --- a/roles/matrix-prometheus-node-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-node-exporter/defaults/main.yml @@ -60,3 +60,8 @@ matrix_prometheus_node_exporter_container_http_host_bind_port: '' # If matrix_prometheus_node_exporter_container_http_host_bind_port is set to an IP that is not 0.0.0.0 and a port, that ":" value will be used # Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf) matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_node_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_node_exporter_container_http_host_bind_port else (matrix_prometheus_node_exporter_container_http_host_bind_port if matrix_prometheus_node_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}" + +# matrix_prometheus_node_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions. +# If the Grafana role is enabled, these dashboards will be downloaded. +matrix_prometheus_node_exporter_dashboard_urls: + - https://raw.githubusercontent.com/rfrail3/grafana-dashboards/master/prometheus/node-exporter-full.json diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml index 31ff8b8b4..f0cbfede9 100644 --- a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-postgres-exporter/defaults/main.yml @@ -58,5 +58,7 @@ matrix_prometheus_postgres_exporter_container_http_host_bind_port: '' # Otherwise this value will be empty and you will have to manually configure your NGINX config file. (If you are using the config files generated by this playbook, you will have to edit matrix-domain.conf) matrix_prometheus_postgres_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host: "{{ '127.0.0.1' + matrix_prometheus_postgres_exporter_container_http_host_bind_port_number_raw if not ':' in matrix_prometheus_postgres_exporter_container_http_host_bind_port else (matrix_prometheus_postgres_exporter_container_http_host_bind_port if matrix_prometheus_postgres_exporter_container_http_host_bind_port.split(':')[0] != '0.0.0.0' else '') }}" +# matrix_prometheus_postgres_exporter_dashboard_urls contains a list of URLs with Grafana dashboard definitions. +# If the Grafana role is enabled, these dashboards will be downloaded. matrix_prometheus_postgres_exporter_dashboard_urls: - "https://grafana.com/api/dashboards/9628/revisions/7/download" diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 2ef6e949a..40f20bcd9 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -365,6 +365,11 @@ matrix_url_preview_accept_language: ['en-US', 'en'] matrix_synapse_metrics_enabled: false matrix_synapse_metrics_port: 9100 +# matrix_synapse_grafana_dashboard_urls contains a list of URLs with Grafana dashboard definitions. +# If the Grafana role is enabled, these dashboards will be downloaded. +matrix_synapse_grafana_dashboard_urls: + - https://raw.githubusercontent.com/matrix-org/synapse/master/contrib/grafana/synapse.json + # Controls whether Synapse metrics should be proxied (exposed) on: # - `matrix.DOMAIN/metrics/synapse/main-process` for the main process # - `matrix.DOMAIN/metrics/synapse/worker/{type}-{id}` for each worker process From 049969266169c432e94477b92166f38cf3bf564d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Sep 2022 15:31:20 +0300 Subject: [PATCH 132/349] Upgrade appservice-irc (0.35.0 -> 0.35.1) --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index bd69df792..c4fa75fe4 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_irc_version: 0.35.0 +matrix_appservice_irc_version: 0.35.1 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 8e448aed0fd72f254143010e83dbd4aff9aa382f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 26 Sep 2022 18:23:55 +0000 Subject: [PATCH 133/349] Update Prometheus Node Exporter 1.3.1 -> 1.4.0 --- roles/matrix-prometheus-node-exporter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/matrix-prometheus-node-exporter/defaults/main.yml index b7952d072..9b89519c5 100644 --- a/roles/matrix-prometheus-node-exporter/defaults/main.yml +++ b/roles/matrix-prometheus-node-exporter/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_node_exporter_enabled: false -matrix_prometheus_node_exporter_version: v1.3.1 +matrix_prometheus_node_exporter_version: v1.4.0 matrix_prometheus_node_exporter_docker_image: "{{ matrix_container_global_registry_prefix }}prom/node-exporter:{{ matrix_prometheus_node_exporter_version }}" matrix_prometheus_node_exporter_docker_image_force_pull: "{{ matrix_prometheus_node_exporter_docker_image.endswith(':latest') }}" From 0ab5371ebd81ded69d793e35c2c61c1f019c3b00 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 08:54:20 +0300 Subject: [PATCH 134/349] Upgrade mautrix-telegram (0.12.0 -> 0.12.1) and lottieconverter (alpine-3.15 -> alpine-3.16) --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index f540ba2de..9fdfd4302 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -9,14 +9,14 @@ matrix_telegram_lottieconverter_container_image_self_build_mask_arch: false matrix_telegram_lottieconverter_docker_repo: "https://mau.dev/tulir/lottieconverter.git" matrix_telegram_lottieconverter_docker_repo_version: "master" matrix_telegram_lottieconverter_docker_src_files_path: "{{ matrix_base_data_path }}/lotticonverter/docker-src" -matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.15" # needs to be ajusted according to FROM clause of Dockerfile of mautrix-telegram +matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.16" # needs to be adjusted according to the FROM clause of Dockerfile of mautrix-telegram matrix_mautrix_telegram_container_image_self_build: false matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git" matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" -matrix_mautrix_telegram_version: v0.12.0 +matrix_mautrix_telegram_version: v0.12.1 # See: https://mau.dev/mautrix/telegram/container_registry matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" From 1ea1597020f783864a3d0beba50a59f3b1797c5b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 11:38:33 +0300 Subject: [PATCH 135/349] Fix some ansible-lint-reported warnings This mostly fixes `key-order` warnings around `block` statements. --- .config/ansible-lint.yml | 3 +++ roles/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/server_base/setup.yml | 6 +++--- roles/matrix-bot-buscarron/tasks/setup_install.yml | 8 ++++---- roles/matrix-bot-honoroit/tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 12 ++++++------ roles/matrix-bridge-appservice-slack/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- .../matrix-bridge-appservice-webhooks/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 9 ++++----- roles/matrix-bridge-hookshot/tasks/init.yml | 4 ++-- .../tasks/setup_install.yml | 9 ++++----- roles/matrix-bridge-mautrix-facebook/tasks/init.yml | 9 ++++----- .../tasks/setup_install.yml | 8 ++++---- .../tasks/validate_config.yml | 4 ++-- .../matrix-bridge-mautrix-googlechat/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mautrix-hangouts/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mautrix-telegram/tasks/init.yml | 9 ++++----- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 9 ++++----- .../tasks/setup_install.yml | 12 ++++++------ .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mx-puppet-slack/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml | 8 ++++---- .../tasks/setup_install.yml | 8 ++++---- roles/matrix-cactus-comments/tasks/init.yml | 9 ++++----- roles/matrix-cactus-comments/tasks/setup_install.yml | 8 ++++---- roles/matrix-client-element/tasks/prepare_themes.yml | 12 +++++------- roles/matrix-common-after/tasks/start.yml | 8 ++++---- roles/matrix-coturn/tasks/setup_install.yml | 4 ++-- roles/matrix-dimension/tasks/setup_install.yml | 8 ++++---- roles/matrix-etherpad/tasks/init.yml | 8 ++++---- roles/matrix-ma1sd/tasks/migrate_mxisd.yml | 4 ++-- roles/matrix-ma1sd/tasks/setup_install.yml | 12 ++++++------ .../tasks/nginx-proxy/setup_metrics_auth.yml | 4 ++-- .../tasks/self_check_well_known.yml | 4 ++-- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 8 ++++---- .../ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml | 4 ++-- roles/matrix-nginx-proxy/tasks/validate_config.yml | 4 ++-- roles/matrix-postgres/defaults/main.yml | 4 ++-- .../tasks/import_generic_sqlite_db.yml | 4 ++-- .../matrix-postgres/tasks/migrate_db_to_postgres.yml | 9 ++++----- .../tasks/migrate_postgres_data_directory.yml | 4 ++-- roles/matrix-prometheus-node-exporter/tasks/init.yml | 4 ++-- .../tasks/init.yml | 4 ++-- roles/matrix-registration/tasks/init.yml | 8 ++++---- roles/matrix-registration/tasks/setup_install.yml | 8 ++++---- roles/matrix-synapse-admin/tasks/init.yml | 8 ++++---- roles/matrix-synapse/tasks/init.yml | 4 ++-- .../tasks/rust-synapse-compress-state/main.yml | 8 ++++---- roles/matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- .../tasks/synapse/workers/util/inject_worker.yml | 4 ++-- roles/matrix-synapse/vars/main.yml | 2 +- 64 files changed, 217 insertions(+), 223 deletions(-) diff --git a/.config/ansible-lint.yml b/.config/ansible-lint.yml index beff46585..22ba92532 100644 --- a/.config/ansible-lint.yml +++ b/.config/ansible-lint.yml @@ -9,5 +9,8 @@ skip_list: - schema - command-instead-of-shell - role-name + # We frequently load configuration from a template (into a variable), then merge that with another variable (configuration extension) + # before finally dumping it to a file. + - template-instead-of-copy offline: false diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/matrix-backup-borg/tasks/setup_install.yml index e3401a13f..b44a8fa1b 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/matrix-backup-borg/tasks/setup_install.yml @@ -1,6 +1,7 @@ --- -- block: +- when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == '' + block: - name: Fail with matrix_backup_borg_version advice if Postgres not enabled ansible.builtin.fail: msg: >- @@ -20,7 +21,6 @@ - name: Set the correct borg backup version to use ansible.builtin.set_fact: matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}" - when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == '' - name: Ensure borg paths exist ansible.builtin.file: diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 2f8645e5a..eccda626c 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -134,7 +134,7 @@ matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_sh: "/usr/bin/env sh" -matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" +matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 40d5a4d01..8cc4dff4c 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -9,7 +9,8 @@ - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml" when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 30 -- block: +- when: ansible_os_family == 'Debian' + block: # ansible_lsb is only available if lsb-release is installed. - name: Ensure lsb-release installed ansible.builtin.apt: @@ -28,7 +29,6 @@ - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml" when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian') - when: ansible_os_family == 'Debian' - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml" when: ansible_distribution == 'Archlinux' @@ -39,7 +39,7 @@ state: started enabled: true -- name: "Ensure {{ matrix_ntpd_service }} is started and autoruns" +- name: "Ensure ntpd is started and autoruns" ansible.builtin.service: name: "{{ matrix_ntpd_service }}" state: started diff --git a/roles/matrix-bot-buscarron/tasks/setup_install.yml b/roles/matrix-bot-buscarron/tasks/setup_install.yml index 0db7b728b..564ff7e0f 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/matrix-bot-buscarron/tasks/setup_install.yml @@ -2,13 +2,15 @@ - ansible.builtin.set_fact: matrix_bot_buscarron_requires_restart: false -- block: +- when: "matrix_bot_buscarron_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_buscarron_sqlite_database_path_local }}" register: matrix_bot_buscarron_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_buscarron_sqlite_database_path_local }}" @@ -24,8 +26,6 @@ - ansible.builtin.set_fact: matrix_bot_buscarron_requires_restart: true - when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_buscarron_database_engine == 'postgres'" - name: Ensure buscarron paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/matrix-bot-honoroit/tasks/setup_install.yml index 9bb979fc2..8a440484e 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml @@ -2,13 +2,15 @@ - ansible.builtin.set_fact: matrix_bot_honoroit_requires_restart: false -- block: +- when: "matrix_bot_honoroit_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_honoroit_sqlite_database_path_local }}" register: matrix_bot_honoroit_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}" @@ -24,8 +26,6 @@ - ansible.builtin.set_fact: matrix_bot_honoroit_requires_restart: true - when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_honoroit_database_engine == 'postgres'" - name: Ensure honoroit paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 0ad895af3..93285bf60 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_bot_matrix_reminder_bot_requires_restart: false -- block: +- when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" @@ -25,8 +27,6 @@ - ansible.builtin.set_fact: matrix_bot_matrix_reminder_bot_requires_restart: true - when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'" - name: Ensure matrix-reminder-bot paths exist ansible.builtin.file: diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index 3e6e6dc66..9c9e59ee5 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -1,11 +1,13 @@ --- -- block: +- when: "matrix_bot_postmoogle_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result - - block: + - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" @@ -21,8 +23,6 @@ - ansible.builtin.set_fact: matrix_bot_postmoogle_requires_restart: true - when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_bot_postmoogle_database_engine == 'postgres'" - name: Ensure postmoogle paths exist ansible.builtin.file: diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml index af17613c6..e12c15727 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_appservice_discord_requires_restart: false -- block: +- when: "matrix_appservice_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_appservice_discord_sqlite_database_path_local }}" register: matrix_appservice_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_appservice_discord_sqlite_database_path_local }}" @@ -25,8 +27,6 @@ - ansible.builtin.set_fact: matrix_appservice_discord_requires_restart: true - when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_discord_database_engine == 'postgres'" - name: Ensure Appservice Discord image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index 6b7fc92d9..6794e8148 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -21,7 +21,8 @@ path: "{{ matrix_appservice_irc_base_path }}/passkey.pem" register: matrix_appservice_irc_stat_passkey -- block: +- when: "matrix_appservice_irc_stat_passkey.stat.exists" + block: - name: (Data relocation) Ensure matrix-appservice-irc.service is stopped ansible.builtin.service: name: matrix-appservice-irc @@ -44,24 +45,23 @@ - rooms.db - users.db failed_when: false - when: "matrix_appservice_irc_stat_passkey.stat.exists" - ansible.builtin.set_fact: matrix_appservice_irc_requires_restart: false -- block: +- when: "matrix_appservice_irc_database_engine == 'postgres'" + block: - name: Check if a nedb database already exists ansible.builtin.stat: path: "{{ matrix_appservice_irc_data_path }}/users.db" register: matrix_appservice_irc_nedb_database_path_local_stat_result - - block: + - when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" - ansible.builtin.set_fact: matrix_appservice_irc_requires_restart: true - when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_irc_database_engine == 'postgres'" - name: Ensure Appservice IRC image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index 023b4288f..d06e5aaf1 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -43,7 +43,10 @@ The matrix-bridge-appservice-slack role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed | default(False)" -- block: +- when: matrix_appservice_slack_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -76,9 +79,6 @@ + [matrix_appservice_slack_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_appservice_slack_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml index a2921d980..9b741d69f 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -17,19 +17,19 @@ - ansible.builtin.set_fact: matrix_appservice_slack_requires_restart: false -- block: +- when: "matrix_appservice_slack_database_engine == 'postgres'" + block: - name: Check if a nedb database already exists ansible.builtin.stat: path: "{{ matrix_appservice_slack_data_path }}/teams.db" register: matrix_appservice_slack_nedb_database_path_local_stat_result - - block: + - when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" - ansible.builtin.set_fact: matrix_appservice_slack_requires_restart: true - when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists | bool" - when: "matrix_appservice_slack_database_engine == 'postgres'" - name: Ensure Appservice Slack image is pulled docker_image: diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml index 7cb2cfd6d..1f8ace9e8 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml @@ -36,7 +36,10 @@ The matrix-bridge-appservice-webhooks role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed | default(False)" -- block: +- when: matrix_appservice_webhooks_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -71,9 +74,6 @@ + [matrix_appservice_webhooks_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_appservice_webhooks_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 603f9d1d6..5cd8da882 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -26,7 +26,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_appservice_webhooks_container_image_self_build | bool" + block: - name: Ensure Appservice webhooks repository is present on self-build ansible.builtin.git: repo: "{{ matrix_appservice_webhooks_container_image_self_build_repo }}" @@ -47,7 +48,6 @@ dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}" path: "{{ matrix_appservice_webhooks_docker_src_files_path }}" pull: true - when: "matrix_appservice_webhooks_container_image_self_build | bool" - name: Ensure Matrix Appservice webhooks config is installed ansible.builtin.copy: diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index f1d7e8fdf..c1b19df99 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -34,7 +34,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_beeper_linkedin_container_image_self_build | bool" + block: - name: Ensure Beeper LinkedIn repository is present on self-build ansible.builtin.git: repo: "{{ matrix_beeper_linkedin_container_image_self_build_repo }}" @@ -72,7 +73,6 @@ pull: true args: TARGETARCH: "{{ matrix_architecture }}" - when: "matrix_beeper_linkedin_container_image_self_build | bool" - name: Ensure beeper-linkedin config.yaml installed ansible.builtin.copy: diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 7403ff5c5..320196860 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_go_skype_bridge_requires_restart: false -- block: +- when: "matrix_go_skype_bridge_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}" register: matrix_go_skype_bridge_sqlite_database_path_local_stat_result - - block: + - when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_go_skype_bridge_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_go_skype_bridge_requires_restart: true - when: "matrix_go_skype_bridge_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_go_skype_bridge_database_engine == 'postgres'" - - name: Ensure Go Skype Bridge paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/matrix-bridge-hookshot/tasks/init.yml index e6cd1209e..63921f311 100644 --- a/roles/matrix-bridge-hookshot/tasks/init.yml +++ b/roles/matrix-bridge-hookshot/tasks/init.yml @@ -28,7 +28,8 @@ }} when: matrix_hookshot_enabled | bool -- block: +- when: matrix_hookshot_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -128,7 +129,6 @@ [matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain] }} when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool - when: matrix_hookshot_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml index 7e2ed79ca..4b05765ac 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_discord_requires_restart: false -- block: +- when: "matrix_mautrix_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" register: matrix_mautrix_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_discord_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_mautrix_discord_requires_restart: true - when: "matrix_mautrix_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_discord_database_engine == 'postgres'" - - name: Ensure Mautrix Discord paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index 5252af828..5565689f4 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_facebook_enabled | bool -- block: +- when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -70,7 +73,3 @@ URL endpoint to the matrix-mautrix-facebook container. You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 3e7d8f051..ca882fb05 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_facebook_requires_restart: false -- block: +- when: "matrix_mautrix_facebook_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_facebook_requires_restart: true - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_facebook_database_engine == 'postgres'" - name: Ensure Mautrix Facebook image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml index 4f588b5f5..413ea0273 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml @@ -10,7 +10,8 @@ - "matrix_mautrix_facebook_appservice_token" - "matrix_mautrix_facebook_homeserver_token" -- block: +- when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" + block: - name: Inject warning if on an old SQLite-supporting version ansible.builtin.set_fact: matrix_playbook_runtime_results: | @@ -21,4 +22,3 @@ "NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)" ] }} - when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index 2c5bdc10c..c4ae920c4 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_googlechat_enabled | bool -- block: +- when: matrix_mautrix_googlechat_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -59,9 +62,6 @@ + [matrix_mautrix_googlechat_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mautrix_googlechat_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index f2192a342..f2fccb293 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_googlechat_requires_restart: false -- block: +- when: "matrix_mautrix_googlechat_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}" register: matrix_mautrix_googlechat_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_googlechat_requires_restart: true - when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_googlechat_database_engine == 'postgres'" - name: Ensure Mautrix googlechat image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 39b88edbe..380dc4b38 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_hangouts_enabled | bool -- block: +- when: matrix_mautrix_hangouts_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -59,9 +62,6 @@ + [matrix_mautrix_hangouts_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mautrix_hangouts_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 4087162e2..48c835846 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_hangouts_requires_restart: false -- block: +- when: "matrix_mautrix_hangouts_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" register: matrix_mautrix_hangouts_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_hangouts_requires_restart: true - when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_hangouts_database_engine == 'postgres'" - name: Ensure Mautrix Hangouts image is pulled docker_image: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index f9b3bb1c3..f828f7932 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mautrix_telegram_enabled | bool -- block: +- when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -69,7 +72,3 @@ URL endpoint to the matrix-mautrix-telegram container. You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 6ce396573..7a50b709c 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_telegram_requires_restart: false -- block: +- when: "matrix_mautrix_telegram_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" register: matrix_mautrix_telegram_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" @@ -33,8 +35,6 @@ - ansible.builtin.set_fact: matrix_mautrix_telegram_requires_restart: true - when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_telegram_database_engine == 'postgres'" - name: Ensure Mautrix Telegram paths exist ansible.builtin.file: diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index c3edd6a75..b58542f72 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -11,13 +11,15 @@ - ansible.builtin.set_fact: matrix_mautrix_whatsapp_requires_restart: false -- block: +- when: "matrix_mautrix_whatsapp_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" register: matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" @@ -34,9 +36,6 @@ - ansible.builtin.set_fact: matrix_mautrix_whatsapp_requires_restart: true - when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mautrix_whatsapp_database_engine == 'postgres'" - - name: Ensure Mautrix Whatsapp paths exists ansible.builtin.file: diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index d60f73f9f..b863b4446 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -27,7 +27,8 @@ path: "{{ matrix_mx_puppet_discord_base_path }}/database.db" register: matrix_mx_puppet_discord_stat_database -- block: +- when: "matrix_mx_puppet_discord_stat_database.stat.exists" + block: - name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped ansible.builtin.service: name: matrix-mx-puppet-discord @@ -40,18 +41,19 @@ cmd: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db" register: matrix_mx_puppet_discord_relocate_database_result changed_when: matrix_mx_puppet_discord_relocate_database_result.rc == 0 - when: "matrix_mx_puppet_discord_stat_database.stat.exists" - ansible.builtin.set_fact: matrix_mx_puppet_discord_requires_restart: false -- block: +- when: "matrix_mx_puppet_discord_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" register: matrix_mx_puppet_discord_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" @@ -67,8 +69,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_discord_requires_restart: true - when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_discord_database_engine == 'postgres'" - name: Ensure MX Puppet Discord image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index 497f0109b..f81ae4a01 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_groupme_requires_restart: false -- block: +- when: "matrix_mx_puppet_groupme_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}" register: matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_groupme_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_groupme_requires_restart: true - when: "matrix_mx_puppet_groupme_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_groupme_database_engine == 'postgres'" - name: Ensure MX Puppet Groupme image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 7695d88ec..600ed63c6 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -12,13 +12,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_instagram_requires_restart: false -- block: +- when: "matrix_mx_puppet_instagram_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" register: matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" @@ -34,8 +36,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_instagram_requires_restart: true - when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_instagram_database_engine == 'postgres'" - name: Ensure mx-puppet-instagram image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index 506a271d3..9eff170ac 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mx_puppet_slack_enabled | bool -- block: +- when: matrix_mx_puppet_slack_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -60,9 +63,6 @@ + [matrix_mx_puppet_slack_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mx_puppet_slack_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 70dac9ace..9c5ae4fc8 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -39,13 +39,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_slack_requires_restart: false -- block: +- when: "matrix_mx_puppet_slack_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" register: matrix_mx_puppet_slack_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" @@ -61,8 +63,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_slack_requires_restart: true - when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_slack_database_engine == 'postgres'" - name: Ensure MX Puppet Slack image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index 804876303..c75566f30 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_steam_requires_restart: false -- block: +- when: "matrix_mx_puppet_steam_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" register: matrix_mx_puppet_steam_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_steam_requires_restart: true - when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_steam_database_engine == 'postgres'" - name: Ensure MX Puppet Steam image is pulled docker_image: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index 444491ea2..a58cd9ac6 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -27,7 +27,10 @@ }} when: matrix_mx_puppet_twitter_enabled | bool -- block: +- when: matrix_mx_puppet_twitter_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -60,9 +63,6 @@ + [matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_mx_puppet_twitter_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 305cd5dea..ed94eae59 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -43,13 +43,15 @@ - ansible.builtin.set_fact: matrix_mx_puppet_twitter_requires_restart: false -- block: +- when: "matrix_mx_puppet_twitter_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" register: matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result - - block: + - when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" @@ -65,8 +67,6 @@ - ansible.builtin.set_fact: matrix_mx_puppet_twitter_requires_restart: true - when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_mx_puppet_twitter_database_engine == 'postgres'" - name: Ensure MX Puppet Twitter image is pulled docker_image: diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/matrix-cactus-comments/tasks/init.yml index 9a15cf89b..5067d0254 100644 --- a/roles/matrix-cactus-comments/tasks/init.yml +++ b/roles/matrix-cactus-comments/tasks/init.yml @@ -21,7 +21,10 @@ }} when: matrix_cactus_comments_enabled | bool -- block: +- when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -63,7 +66,3 @@ reverse proxy. Please make sure that you're proxying client files in {{ matrix_cactus_comments_client_path }} correctly when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/matrix-cactus-comments/tasks/setup_install.yml index 8e6bb68ed..ec5311e82 100644 --- a/roles/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/matrix-cactus-comments/tasks/setup_install.yml @@ -65,7 +65,8 @@ pull: true when: "matrix_cactus_comments_container_image_self_build | bool" -- block: +- when: matrix_cactus_comments_client_local_dir | length == 0 + block: - name: Download client binary to local folder ansible.builtin.get_url: url: "https://gitlab.com/cactus-comments/cactus-client/-/archive/v{{ matrix_cactus_comments_client_version }}/cactus-client-v{{ matrix_cactus_comments_client_version }}.tar.gz" @@ -101,9 +102,9 @@ mode: "{{ matrix_cactus_comments_client_file_permissions }}" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_cactus_comments_client_local_dir | length == 0 -- block: +- when: matrix_cactus_comments_client_local_dir | length > 0 + block: - name: Propagate locally distributed client javascreipt ansible.builtin.copy: src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js" @@ -118,7 +119,6 @@ mode: "{{ matrix_cactus_comments_client_file_permissions }}" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_cactus_comments_client_local_dir | length > 0 - name: Ensure matrix-cactus-comments.service installed ansible.builtin.template: diff --git a/roles/matrix-client-element/tasks/prepare_themes.yml b/roles/matrix-client-element/tasks/prepare_themes.yml index 8185122c6..3f5c9783c 100644 --- a/roles/matrix-client-element/tasks/prepare_themes.yml +++ b/roles/matrix-client-element/tasks/prepare_themes.yml @@ -4,7 +4,11 @@ # Tasks related to setting up Element themes # -- block: +- when: matrix_client_element_themes_enabled | bool + run_once: true + delegate_to: 127.0.0.1 + become: false + block: - name: Ensure Element themes repository is pulled ansible.builtin.git: repo: "{{ matrix_client_element_themes_repository_url }}" @@ -29,12 +33,6 @@ matrix_client_element_settingDefaults_custom_themes: "{{ matrix_client_element_settingDefaults_custom_themes + [item['content'] | b64decode | from_json] }}" # noqa var-naming with_items: "{{ matrix_client_element_theme_file_contents.results }}" - run_once: true - delegate_to: 127.0.0.1 - become: false - when: matrix_client_element_themes_enabled | bool - - # # Tasks related to getting rid of Element themes (if it was previously enabled) # diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml index 605b3f61c..c88eb64f5 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/matrix-common-after/tasks/start.yml @@ -34,7 +34,8 @@ delegate_to: 127.0.0.1 become: false -- block: +- when: "ansible_distribution != 'Archlinux'" + block: - name: Populate service facts ansible.builtin.service_facts: @@ -50,9 +51,9 @@ with_items: "{{ matrix_systemd_services_list }}" when: - "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')" - when: "ansible_distribution != 'Archlinux'" -- block: +- when: "ansible_distribution == 'Archlinux'" + block: # Currently there is a bug in ansible that renders is incompatible with systemd. # service_facts is not collecting the data successfully. # Therefore iterating here manually @@ -70,4 +71,3 @@ Try running `systemctl status {{ item.item }}` and `journalctl -fu {{ item.item }}` on the server to investigate. with_items: "{{ systemdstatus.results }}" when: "item.status['ActiveState'] != 'active'" - when: "ansible_distribution == 'Archlinux'" diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/matrix-coturn/tasks/setup_install.yml index 2a1af7310..be9d8574f 100644 --- a/roles/matrix-coturn/tasks/setup_install.yml +++ b/roles/matrix-coturn/tasks/setup_install.yml @@ -29,7 +29,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_coturn_container_image_self_build | bool" + block: - name: Ensure Coturn repository is present on self-build ansible.builtin.git: repo: "{{ matrix_coturn_container_image_self_build_repo }}" @@ -50,7 +51,6 @@ dockerfile: "{{ matrix_coturn_container_image_self_build_repo_dockerfile_path }}" path: "{{ matrix_coturn_docker_src_files_path }}" pull: true - when: "matrix_coturn_container_image_self_build | bool" - name: Ensure Coturn configuration path exists ansible.builtin.file: diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/matrix-dimension/tasks/setup_install.yml index 7060285a6..c55708365 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/matrix-dimension/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_dimension_requires_restart: false -- block: +- when: "matrix_dimension_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_dimension_sqlite_database_path_local }}" register: matrix_dimension_sqlite_database_path_local_stat_result - - block: + - when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool" + block: # pgloader makes a few columns `smallint`, instead of `boolean`. # We need to fix them up. - ansible.builtin.set_fact: @@ -67,8 +69,6 @@ - ansible.builtin.set_fact: matrix_dimension_requires_restart: true - when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_dimension_database_engine == 'postgres'" - name: Ensure Dimension base path exists ansible.builtin.file: diff --git a/roles/matrix-etherpad/tasks/init.yml b/roles/matrix-etherpad/tasks/init.yml index e16b78dd6..cfd127bd1 100644 --- a/roles/matrix-etherpad/tasks/init.yml +++ b/roles/matrix-etherpad/tasks/init.yml @@ -4,7 +4,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}" when: matrix_etherpad_enabled | bool -- block: +- when: matrix_etherpad_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -49,9 +52,6 @@ + [matrix_etherpad_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_etherpad_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml index 7457001c8..3ba7b14d4 100644 --- a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml +++ b/roles/matrix-ma1sd/tasks/migrate_mxisd.yml @@ -42,7 +42,8 @@ # We use shell commands for the migration, because the Ansible copy module cannot # recursively copy remote directories (like `/matrix/mxisd/data/sign.key`) in older versions of Ansible. -- block: +- when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" + block: - name: Copy mxisd data files to ma1sd folder ansible.builtin.command: cmd: "cp -ar {{ matrix_base_data_path }}/mxisd/data {{ matrix_ma1sd_base_path }}" @@ -66,7 +67,6 @@ cmd: "mv {{ matrix_base_data_path }}/mxisd {{ matrix_base_data_path }}/mxisd.migrated" register: matrix_ma1sd_migrate_mxisd_move_directory_result changed_when: matrix_ma1sd_migrate_mxisd_move_directory_result.rc == 0 - when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" - name: Ensure outdated matrix-mxisd.service doesn't exist ansible.builtin.file: diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/matrix-ma1sd/tasks/setup_install.yml index ef32288fa..5f4b29574 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/matrix-ma1sd/tasks/setup_install.yml @@ -21,13 +21,15 @@ - ansible.builtin.set_fact: matrix_ma1sd_requires_restart: false -- block: +- when: "matrix_ma1sd_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_ma1sd_sqlite_database_path_local }}" register: matrix_ma1sd_sqlite_database_path_local_stat_result - - block: + - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_ma1sd_sqlite_database_path_local }}" @@ -44,8 +46,6 @@ - ansible.builtin.set_fact: matrix_ma1sd_requires_restart: true - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_ma1sd_database_engine == 'postgres'" - name: Ensure ma1sd image is pulled docker_image: @@ -59,7 +59,8 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed -- block: +- when: "matrix_ma1sd_container_image_self_build | bool" + block: - name: Ensure gradle is installed for self-building (Debian) ansible.builtin.apt: name: @@ -111,7 +112,6 @@ repository: "{{ matrix_ma1sd_docker_image }}" force_tag: true source: local - when: "matrix_ma1sd_container_image_self_build | bool" - name: Ensure ma1sd config installed ansible.builtin.copy: diff --git a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index c511e402c..c2215ebad 100644 --- a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -15,7 +15,8 @@ # See: https://docs.ansible.com/ansible/2.3/htpasswd_module.html#requirements-on-host-that-executes-module # We support various distros, with various versions of Python. Installing additional Python modules can be a hassle. # As a workaround, we run `htpasswd` from an Apache container image. -- block: +- when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' + block: - name: Ensure Apache Docker image is pulled for generating matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs) docker_image: name: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image }}" @@ -57,4 +58,3 @@ ansible.builtin.file: path: /tmp/matrix-nginx-proxy-metrics-password state: absent - when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml index 2a5042d5a..e7ed549c6 100644 --- a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml +++ b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml @@ -9,7 +9,8 @@ follow_redirects: "{{ matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects }}" validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}" -- block: +- when: matrix_well_known_matrix_server_enabled | bool + block: - ansible.builtin.set_fact: well_known_file_check_matrix_server: path: /.well-known/matrix/server @@ -21,7 +22,6 @@ - name: Determine domains that we require certificates for (ma1sd) ansible.builtin.set_fact: well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}" - when: matrix_well_known_matrix_server_enabled | bool - name: Perform well-known checks ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index f2afe2ff2..029ef860d 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -16,7 +16,8 @@ # Tasks related to setting up Let's Encrypt's management of certificates # -- block: +- when: "matrix_ssl_retrieval_method == 'lets-encrypt'" + block: - name: Ensure certbot Docker image is pulled docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" @@ -43,13 +44,13 @@ mode: 0644 when: "item.applicable | bool" with_items: "{{ matrix_ssl_renewal_systemd_units_list }}" - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" # # Tasks related to getting rid of Let's Encrypt's management of certificates # -- block: +- when: "matrix_ssl_retrieval_method != 'lets-encrypt'" + block: - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed ansible.builtin.file: path: "{{ matrix_systemd_path }}/{{ item.name }}" @@ -61,4 +62,3 @@ ansible.builtin.file: path: "{{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew" state: absent - when: "matrix_ssl_retrieval_method != 'lets-encrypt'" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml index 18cae090e..176692ff7 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml @@ -13,7 +13,8 @@ - ansible.builtin.set_fact: domain_name_needs_cert: "{{ not domain_name_certificate_path_stat.stat.exists }}" -- block: +- when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''" + block: - name: Ensure required service for obtaining is started ansible.builtin.service: name: "{{ matrix_ssl_pre_obtaining_required_service_name }}" @@ -24,7 +25,6 @@ ansible.builtin.wait_for: timeout: "{{ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds }}" when: "matrix_ssl_pre_obtaining_required_service_start_result.changed | bool" - when: "domain_name_needs_cert | bool and matrix_ssl_pre_obtaining_required_service_name != ''" # This will fail if there is something running on port 80 (like matrix-nginx-proxy). # We suppress the error, as we'll try another method below. diff --git a/roles/matrix-nginx-proxy/tasks/validate_config.yml b/roles/matrix-nginx-proxy/tasks/validate_config.yml index 6c87a4bb2..f7d18c9e4 100644 --- a/roles/matrix-nginx-proxy/tasks/validate_config.yml +++ b/roles/matrix-nginx-proxy/tasks/validate_config.yml @@ -35,7 +35,8 @@ - or raw htpasswd content (provided in `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content`) when: "matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled | bool and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content == '' and (matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username == '' or matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password == ''))" -- block: +- when: "matrix_ssl_retrieval_method == 'lets-encrypt'" + block: - name: (Deprecation) Catch and report renamed settings ansible.builtin.fail: msg: >- @@ -57,7 +58,6 @@ - "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container" - "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container" when: "vars[item] == '' or vars[item] is none" - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" - name: (Deprecation) Catch and report old metrics usage ansible.builtin.fail: diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 39481f2e7..117611a34 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -78,7 +78,7 @@ matrix_postgres_import_roles_to_ignore: [matrix_postgres_connection_username] # which is unsupported by default by newer Postgres versions (v14+). # When users are created and passwords are set by the playbook, they end up hashed as `scram-sha-256` on Postgres v14+. # If an md5-hashed password is restored on top, Postgres v14+ will refuse to authenticate users with it by default. -matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa var-spacing +matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa jinja[spacing] # A list of databases to avoid creating when importing (or upgrading) the database. # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), @@ -86,7 +86,7 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. matrix_postgres_import_databases_to_ignore: [matrix_postgres_db_name] -matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa var-spacing +matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] # The number of seconds to wait after starting `matrix-postgres.service` # and before trying to run queries for creating additional databases/users against it. diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml index 671cb33f5..f99478dd0 100644 --- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -25,7 +25,8 @@ # We either expect `postgres_db_connection_string` specifying a full Postgres database connection string, # or `postgres_connection_string_variable_name`, specifying a name of a variable, which contains a valid connection string. -- block: +- when: 'postgres_connection_string_variable_name is defined' + block: - name: Fail if postgres_connection_string_variable_name points to an undefined variable ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`" when: "postgres_connection_string_variable_name not in vars" @@ -33,7 +34,6 @@ - name: Get Postgres connection string from variable ansible.builtin.set_fact: postgres_db_connection_string: "{{ lookup('vars', postgres_connection_string_variable_name) }}" - when: 'postgres_connection_string_variable_name is defined' - name: Fail if playbook called incorrectly ansible.builtin.fail: diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index f79a12f87..bfd91c29a 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -31,7 +31,8 @@ msg: "File cannot be found on the server at {{ matrix_postgres_db_migration_request.src }}" when: "not matrix_postgres_db_migration_request_src_stat_result.stat.exists" -- block: +- when: "matrix_postgres_pgloader_container_image_self_build | bool" + block: - name: Ensure pgloader repository is present on self-build ansible.builtin.git: repo: "{{ matrix_postgres_pgloader_container_image_self_build_repo }}" @@ -69,7 +70,6 @@ dockerfile: Dockerfile path: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}" pull: true - when: "matrix_postgres_pgloader_container_image_self_build | bool" - name: Ensure pgloader Docker image is pulled docker_image: @@ -134,7 +134,8 @@ register: matrix_postgres_migrate_db_to_postgres_import_result changed_when: matrix_postgres_migrate_db_to_postgres_import_result.rc == 0 -- block: +- when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" + block: - ansible.builtin.import_role: name: matrix-postgres tasks_from: detect_existing_postgres_version @@ -157,8 +158,6 @@ register: matrix_postgres_migrate_db_to_postgres_additional_queries_result changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0 - when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" - - name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) ansible.builtin.command: cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup" diff --git a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml index fde580f55..0e3a606d5 100644 --- a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml +++ b/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml @@ -52,14 +52,14 @@ group: "{{ matrix_user_groupname }}" when: "result_pg_old_data_dir_stat.stat.exists" -- block: +- when: "result_pg_old_data_dir_stat.stat.exists" + block: - name: Relocate Postgres data files from old directory to new ansible.builtin.command: cmd: "mv {{ item.path }} {{ matrix_postgres_data_path }}/{{ item.path | basename }}" with_items: "{{ result_pg_old_data_dir_find.files }}" register: matrix_postgres_migrate_postgres_data_directory_move_result changed_when: matrix_postgres_migrate_postgres_data_directory_move_result.rc == 0 - when: "result_pg_old_data_dir_stat.stat.exists" # Intentionally not starting matrix-postgres here. # It likely needs to be updated to point to the new directory. diff --git a/roles/matrix-prometheus-node-exporter/tasks/init.yml b/roles/matrix-prometheus-node-exporter/tasks/init.yml index 42f216677..460ab1373 100644 --- a/roles/matrix-prometheus-node-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-node-exporter/tasks/init.yml @@ -4,7 +4,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-node-exporter.service'] }}" when: matrix_prometheus_node_exporter_enabled | bool -- block: +- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -38,4 +39,3 @@ + [matrix_prometheus_node_exporter_nginx_metrics_configuration_block] }} - when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml index 03fe965c1..20333dce6 100644 --- a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml +++ b/roles/matrix-prometheus-postgres-exporter/tasks/init.yml @@ -4,7 +4,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-prometheus-postgres-exporter.service'] }}" when: matrix_prometheus_postgres_exporter_enabled | bool -- block: +- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -38,4 +39,3 @@ + [matrix_prometheus_postgres_exporter_nginx_metrics_configuration_block] }} - when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool diff --git a/roles/matrix-registration/tasks/init.yml b/roles/matrix-registration/tasks/init.yml index 922db0f71..2b43dffdf 100644 --- a/roles/matrix-registration/tasks/init.yml +++ b/roles/matrix-registration/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-registration.service'] }}" when: matrix_registration_enabled | bool -- block: +- when: matrix_registration_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -54,9 +57,6 @@ + [matrix_registration_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_registration_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index d3048337d..6b895d694 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -3,13 +3,15 @@ - ansible.builtin.set_fact: matrix_registration_requires_restart: false -- block: +- when: "matrix_registration_database_engine == 'postgres'" + block: - name: Check if an SQLite database already exists ansible.builtin.stat: path: "{{ matrix_registration_sqlite_database_path_local }}" register: matrix_registration_sqlite_database_path_local_stat_result - - block: + - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" + block: - ansible.builtin.set_fact: matrix_postgres_db_migration_request: src: "{{ matrix_registration_sqlite_database_path_local }}" @@ -30,8 +32,6 @@ - ansible.builtin.set_fact: matrix_registration_requires_restart: true - when: "matrix_registration_sqlite_database_path_local_stat_result.stat.exists | bool" - when: "matrix_registration_database_engine == 'postgres'" - name: Ensure matrix-registration paths exist ansible.builtin.file: diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/matrix-synapse-admin/tasks/init.yml index f934eced2..c2b2d05f2 100644 --- a/roles/matrix-synapse-admin/tasks/init.yml +++ b/roles/matrix-synapse-admin/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse-admin.service'] }}" when: matrix_synapse_admin_enabled | bool -- block: +- when: matrix_synapse_admin_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -45,9 +48,6 @@ + [matrix_synapse_admin_matrix_nginx_proxy_configuration] }} - tags: - - always - when: matrix_synapse_admin_enabled | bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used ansible.builtin.debug: diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index acfbf0313..a77320c22 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -26,7 +26,8 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}" when: matrix_s3_media_store_enabled | bool -- block: +- when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -84,4 +85,3 @@ [matrix_synapse_worker_nginx_metrics_configuration_block] }} when: matrix_synapse_workers_enabled_list | length > 0 - when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index 29860e5a5..fab0af55a 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -85,16 +85,17 @@ # # Row 3 contains a space when there's no result. -- block: +- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" + block: - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result" - name: Fail if room find result is not what we expect ansible.builtin.fail: msg: >- Expecting 4 lines in the "find rooms" result. - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" -- block: +- when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '" + block: # matrix_synapse_rust_synapse_compress_state_eligible_rooms is a list # of dictionaries like this: {'room_id': '!some-id', 'count': 2461329} - ansible.builtin.set_fact: @@ -113,7 +114,6 @@ with_items: "{{ matrix_synapse_rust_synapse_compress_state_eligible_rooms }}" loop_control: loop_var: room_details - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines[2] != ' '" - name: Show notice about lack of rooms to compress ansible.builtin.debug: diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index e4ec0f670..aea03f059 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -18,7 +18,8 @@ group: "{{ matrix_user_groupname }}" when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" -- block: +- when: "matrix_synapse_container_image_self_build | bool" + block: - name: Ensure Synapse repository is present on self-build ansible.builtin.git: repo: "{{ matrix_synapse_container_image_self_build_repo }}" @@ -48,7 +49,6 @@ environment: DOCKER_BUILDKIT: 1 when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''" - when: "matrix_synapse_container_image_self_build | bool" - name: Ensure Synapse Docker image is pulled docker_image: diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index eee731515..b69529b9b 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -37,7 +37,8 @@ msg: "Unrecognized Synapse worker `app`: `{{ matrix_synapse_worker_details.app }}`. Supported types are: {{ matrix_synapse_workers_avail_list | join(', ') }}" when: "matrix_synapse_worker_details.app not in matrix_synapse_workers_avail_list" -- block: +- when: "matrix_synapse_worker_details.type == 'stream_writer'" + block: - name: Fail if stream_writer_stream not defined for stream_writer worker ansible.builtin.fail: msg: >- @@ -50,7 +51,6 @@ ansible.builtin.fail: msg: "Synapse background workers of type stream_writer (such as {{ item }}) need to define a valid `replication_port` property" when: "'replication_port' not in matrix_synapse_worker_details" - when: "matrix_synapse_worker_details.type == 'stream_writer'" - ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + [matrix_synapse_worker_details.name + '.service'] }}" diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index b403b461b..a4d43e784 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -34,7 +34,7 @@ matrix_synapse_workers_generic_worker_client_server_endpoints: "{{ matrix_synaps matrix_synapse_workers_generic_worker_federation_endpoints: "{{ matrix_synapse_workers_generic_worker_endpoints | default([]) | map('regex_search', matrix_synapse_workers_generic_worker_federation_endpoints_regex) | list | difference([none]) }}" # matrix_synapse_workers_generic_worker_federation_endpoints_regex contains the regex used in matrix_synapse_workers_generic_worker_federation_endpoints. -# It's intentionally put in a separate variable, to avoid tripping ansible-lint's var-spacing rule. +# It's intentionally put in a separate variable, to avoid tripping ansible-lint's jinja[spacing] rule. matrix_synapse_workers_generic_worker_federation_endpoints_regex: '.*(/_matrix/federation|/_matrix/key).*' # matrix_synapse_workers_stream_writer_typing_stream_worker_client_server_endpoints contains the endpoints serviced by the `typing` stream writer. From 5d5642abc54947e39235423fc33f425073dbf578 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 15:35:40 +0300 Subject: [PATCH 136/349] Upgrade Synapse (v1.67.0 -> v1.68.0) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 40f20bcd9..4c5fc09e8 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.67.0 +matrix_synapse_version: v1.68.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From de671ad58a8784e54f3f61495d80a17818edacd8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 27 Sep 2022 15:37:24 +0300 Subject: [PATCH 137/349] Upgrade ddclient (v3.9.1-ls99 -> v3.9.1-ls100) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 53ecfa33f..c465fef96 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls99 +matrix_dynamic_dns_version: v3.9.1-ls100 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From f9e750c47f1bee8f1caa9381b0b1debd48ce36c6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 27 Sep 2022 19:42:17 +0000 Subject: [PATCH 138/349] Update Element 1.11.5 -> 1.11.6 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 4898e9ca2..a534ba11a 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.5 +matrix_client_element_version: v1.11.6 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 89ca2e5eda9d511bcd5c4aacf884d00fb7802b3c Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 27 Sep 2022 19:47:05 +0000 Subject: [PATCH 139/349] Update Ntfy 1.27.2 -> 1.28.0 --- roles/matrix-ntfy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ntfy/defaults/main.yml b/roles/matrix-ntfy/defaults/main.yml index 66bc5be45..762439806 100644 --- a/roles/matrix-ntfy/defaults/main.yml +++ b/roles/matrix-ntfy/defaults/main.yml @@ -7,7 +7,7 @@ matrix_ntfy_base_path: "{{ matrix_base_data_path }}/ntfy" matrix_ntfy_config_dir_path: "{{ matrix_ntfy_base_path }}/config" matrix_ntfy_data_path: "{{ matrix_ntfy_base_path }}/data" -matrix_ntfy_version: v1.27.2 +matrix_ntfy_version: v1.28.0 matrix_ntfy_docker_image: "{{ matrix_container_global_registry_prefix }}binwiederhier/ntfy:{{ matrix_ntfy_version }}" matrix_ntfy_docker_image_force_pull: "{{ matrix_ntfy_docker_image.endswith(':latest') }}" From 38e19e48d2f5b8fec2fbbcd32654978df3447382 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 28 Sep 2022 15:59:47 +0200 Subject: [PATCH 140/349] Bump element version This is a security relevant update --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index a534ba11a..4bd51d466 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.6 +matrix_client_element_version: v1.11.7 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 01acd6ec3dfc0bb9fe1329136c7c31772c454a07 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 28 Sep 2022 18:23:34 +0300 Subject: [PATCH 141/349] Upgrade Cinny (2.2.0 -> 2.2.1) --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index c041794cb..817efe39e 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.2.0 +matrix_client_cinny_version: v2.2.1 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 68c2e0bee5a5a9394b20adbaf46c1e4f5b8d53d0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 28 Sep 2022 18:43:50 +0300 Subject: [PATCH 142/349] Upgrade Element (v1.11.7 -> v1.11.8) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 4bd51d466..e4b6315b0 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.7 +matrix_client_element_version: v1.11.8 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 5f0fbd6d62295e589fcb93b6a802de4cc8b6a88d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 28 Sep 2022 18:46:10 +0300 Subject: [PATCH 143/349] Upgrade Cinny (2.2.1 -> 2.2.2) --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 817efe39e..de974eb12 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -6,7 +6,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.2.1 +matrix_client_cinny_version: v2.2.2 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From db7cc3bda0883a30f96304d83ddde8fce7220d7a Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 29 Sep 2022 10:53:35 +0000 Subject: [PATCH 144/349] Update Jitsi stable-7648-4 -> stable-7830 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 9c31a660b..80d270d4f 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -72,7 +72,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7648-4 +matrix_jitsi_version: stable-7830 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 41e1da2ff4be785a211c23edb6d7ab34e6c250b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Thu, 29 Sep 2022 18:00:14 +0200 Subject: [PATCH 145/349] Make registration proxy independent of other roles, document (#7) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Make registration proxy independent of other roles, document Signed-off-by: Julian-Samuel Gebühr * Fix yml issues Signed-off-by: Julian-Samuel Gebühr * Remove undefined variable (as service HAS to be exposed Signed-off-by: Julian-Samuel Gebühr * Add registration endpint Defines the registration endpoint that should be intercepted/forwarded to the proxy Signed-off-by: Julian-Samuel Gebühr * Add image name Signed-off-by: Julian-Samuel Gebühr Signed-off-by: Julian-Samuel Gebühr --- ...playbook-matrix-ldap-registration-proxy.md | 21 +++-- group_vars/matrix_servers | 6 -- .../defaults/main.yml | 10 ++- .../tasks/init.yml | 82 +++++++++---------- 4 files changed, 59 insertions(+), 60 deletions(-) diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 31b75a0be..8a4adae4e 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -13,18 +13,21 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_ldap_registration_proxy_enabled: true -``` - -That is enough if you use the synapse external password provider via LDAP. -If you want to use your own credentials add the following to your `inventory/host_vars/matrix.DOMAIN/vars.yml`: - - - # LDAP credentials -```yaml matrix_ldap_registration_proxy_ldap_uri: matrix_ldap_registration_proxy_ldap_base_dn: matrix_ldap_registration_proxy_ldap_user: matrix_ldap_registration_proxy_ldap_password: ``` -TODO: is the block above correct? Else indicate that it can only be used with the LDAP password provider for Synapse + +If you already use the [synapse external password provider via LDAP](docs/configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) +you can use the following values as configuration: + +```yaml +# Use the LDAP values specified for the synapse role to setup LDAP proxy +matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" +matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" +matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" +matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" +``` + diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a204093e5..1898d9f71 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1579,12 +1579,6 @@ matrix_jitsi_etherpad_base: "{{ matrix_etherpad_base_url if matrix_etherpad_enab # This is only for users with a specific LDAP setup matrix_ldap_registration_proxy_enabled: false -# Use the LDAP values specified for the synapse role to setup LDAP proxy -matrix_ldap_registration_proxy_ldap_uri: "{{ matrix_synapse_ext_password_provider_ldap_uri }}" -matrix_ldap_registration_proxy_ldap_base_dn: "{{ matrix_synapse_ext_password_provider_ldap_base }}" -matrix_ldap_registration_proxy_ldap_user: "{{ matrix_synapse_ext_password_provider_ldap_bind_dn }}" -matrix_ldap_registration_proxy_ldap_password: "{{ matrix_synapse_ext_password_provider_ldap_bind_password }}" - ###################################################################### # # /matrix-ldap-registration-proxy diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/matrix-ldap-registration-proxy/defaults/main.yml index bf7f35643..7ee5a947b 100644 --- a/roles/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/matrix-ldap-registration-proxy/defaults/main.yml @@ -4,6 +4,7 @@ matrix_ldap_registration_proxy_enabled: true +matrix_ldap_registration_proxy_docker_image: matrix_ldap_registration_proxy matrix_ldap_registration_proxy_container_image_self_build_repo: "https://gitlab.com/activism.international/matrix_ldap_registration_proxy.git" matrix_ldap_registration_proxy_container_image_self_build_branch: "{{ matrix_ldap_registration_proxy_version }}" @@ -21,6 +22,8 @@ matrix_ldap_registration_proxy_ldap_password: "" matrix_ldap_registration_proxy_matrix_server_name: "{{ matrix_domain }}" matrix_ldap_registration_proxy_matrix_server_url: "https://{{ matrix_server_fqn_matrix }}" +matrix_ldap_registration_proxy_registration_endpoint: "/_matrix/client/r0/register" + # Controls whether the self-check feature should validate SSL certificates. matrix_matrix_ldap_registration_proxy_self_check_validate_certificates: true @@ -28,11 +31,11 @@ matrix_ldap_registration_proxy_container_port: 8080 # Controls whether the matrix_ldap_registration_proxy container exposes its HTTP port (tcp/{{ matrix_ldap_registration_proxy_container_port }} in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8080"), or empty string to not expose. -matrix_ldap_registration_proxy_container_http_host_bind_port: '8585'}' +matrix_ldap_registration_proxy_container_http_host_bind_port: '' # `matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw` contains the raw port number extracted from `matrix_ldap_registration_proxy_container_http_host_bind_port`, - # which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') - matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw: "{{ '' if matrix_ldap_registration_proxy_container_http_host_bind_port == '' else (matrix_ldap_registration_proxy_container_http_host_bind_port.split(':')[1] if ':' in matrix_ldap_registration_proxy_container_http_host_bind_port else matrix_ldap_registration_proxy_container_http_host_bind_port) }}" +# which can contain values like this: ('1234', '127.0.0.1:1234', '0.0.0.0:1234') +matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw: "{{ '' if matrix_ldap_registration_proxy_container_http_host_bind_port == '' else (matrix_ldap_registration_proxy_container_http_host_bind_port.split(':')[1] if ':' in matrix_ldap_registration_proxy_container_http_host_bind_port else matrix_ldap_registration_proxy_container_http_host_bind_port) }}" matrix_ldap_registration_proxy_registration_addr_with_container: "matrix-ldap_registration-proxy:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" matrix_ldap_registration_proxy_registration_addr_sans_container: "127.0.0.1:{{ matrix_ldap_registration_proxy_container_http_host_bind_port_number_raw }}" @@ -53,4 +56,3 @@ matrix_ldap_registration_proxy_systemd_wanted_services_list: [] # matrix_ldap_registration_proxy_env_variables_extension: | # KEY=value matrix_ldap_registration_proxy_env_variables_extension: '' - diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index f7ed52c5a..79d603df9 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -11,48 +11,48 @@ when: matrix_ldap_registration_proxy_enabled | bool - block: - - name: Fail if matrix-nginx-proxy role already executed - ansible.builtin.fail: - msg: >- - Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, - but it's pointless since the matrix-nginx-proxy role had already executed. - To fix this, please change the order of roles in your playbook, - so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. - when: matrix_nginx_proxy_role_executed | default(False) | bool + - name: Fail if matrix-nginx-proxy role already executed + ansible.builtin.fail: + msg: >- + Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy, + but it's pointless since the matrix-nginx-proxy role had already executed. + To fix this, please change the order of roles in your playbook, + so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. + when: matrix_nginx_proxy_role_executed | default(False) | bool - - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy - ansible.builtin.set_fact: - matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | - location {{ matrix_ldap_registration_proxy_public_endpoint }} { - {% if matrix_nginx_proxy_enabled | default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; - proxy_pass http://$backend/register;; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; - {% endif %} - } + - name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: | + location {{ matrix_ldap_registration_proxy_registration_endpoint }} { + {% if matrix_nginx_proxy_enabled | default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; + proxy_pass http://$backend/register;; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; + {% endif %} + } - - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy - ansible.builtin.set_fact: - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) - + - [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] - }} - - name: Warn about reverse-proxying if matrix-nginx-proxy not used - ansible.builtin.debug: - msg: >- - NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` - URL endpoint to the matrix-ldap-proxy container. - You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. - when: "not matrix_nginx_proxy_enabled | default(False) | bool" + - name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + + + [matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration] + }} + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}` + URL endpoint to the matrix-ldap-proxy container. + You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. + when: "not matrix_nginx_proxy_enabled | default(False) | bool" tags: - - always - when: matrix_ldap_registration_proxy_enabled | bool and matrix_ldap_registration_proxy_appservice_public_enabled | bool + - always + when: matrix_ldap_registration_proxy_enabled | bool From 59c46662e5d3978008ce89a68ccc240df9c8a9de Mon Sep 17 00:00:00 2001 From: Catalan Lover Date: Thu, 29 Sep 2022 20:25:56 +0200 Subject: [PATCH 146/349] Start Updating Mjolnir CFG from Initial to Current --- .../templates/production.yaml.j2 | 224 ++++++++++++------ 1 file changed, 154 insertions(+), 70 deletions(-) diff --git a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 index e5eb3aeae..7963982fa 100644 --- a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 +++ b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 @@ -1,136 +1,184 @@ -# Where the homeserver is located (client-server URL). This should point at -# pantalaimon if you're using that. +# Endpoint URL that Mjolnir uses to interact with the matrix homeserver (client-server API), +# set this to the pantalaimon URL if you're using that. homeserverUrl: "{{ matrix_homeserver_url }}" -# The access token for the bot to use. Do not populate if using Pantalaimon. +# Endpoint URL that Mjolnir could use to fetch events related to reports (client-server API and /_synapse/), +# only set this to the public-internet homeserver client API URL, do NOT set this to the pantalaimon URL. +rawHomeserverUrl: "{{ matrix_homeserver_url }}" + +# Matrix Access Token to use, Mjolnir will only use this if pantalaimon.use is false. accessToken: "{{ matrix_bot_mjolnir_access_token }}" -# Pantalaimon options (https://github.com/matrix-org/pantalaimon) +# Options related to Pantalaimon (https://github.com/matrix-org/pantalaimon) #pantalaimon: -# # If true, accessToken above is ignored and the username/password below will be -# # used instead. The access token of the bot will be stored in the dataPath. +# # Whether or not Mjolnir will use pantalaimon to access the matrix homeserver, +# # set to `true` if you're using pantalaimon. +# # +# # Be sure to point homeserverUrl to the pantalaimon instance. +# # +# # Mjolnir will log in using the given username and password once, +# # then store the resulting access token in a file under dataPath. # use: false # # # The username to login with. # username: mjolnir # -# # The password to login with. Can be removed after the bot has logged in once and -# # stored the access token. +# # The password Mjolnir will login with. +# # +# # After successfully logging in once, this will be ignored, so this value can be blanked after first startup. # password: your_password -# The directory the bot should store various bits of information in +# The path Mjolnir will store its state/data in, leave default ("/data/storage") when using containers. dataPath: "/data" -# If true (the default), only users in the `managementRoom` can invite the bot -# to new rooms. +# If true (the default), Mjolnir will only accept invites from users present in managementRoom. autojoinOnlyIfManager: true -# If `autojoinOnlyIfManager` is false, only the members in this group can invite +# If `autojoinOnlyIfManager` is false, only the members in this space can invite # the bot to new rooms. -#acceptInvitesFromGroup: '+example:example.org' +#acceptInvitesFromSpace: "!example:example.org" -# If the bot is invited to a room and it won't accept the invite (due to the -# conditions above), report it to the management room. Defaults to disabled (no -# reporting). +# Whether Mjolnir should report ignored invites to the management room (if autojoinOnlyIfManager is true). recordIgnoredInvites: false -# The room ID where people can use the bot. The bot has no access controls, so -# anyone in this room can use the bot - secure your room! +# The room ID (or room alias) of the management room, anyone in this room can issue commands to Mjolnir. +# +# Mjolnir has no more granular access controls other than this, be sure you trust everyone in this room - secure it! +# # This should be a room alias or room ID - not a matrix.to URL. -# Note: Mjolnir is fairly verbose - expect a lot of messages from it. +# +# Note: By default, Mjolnir is fairly verbose - expect a lot of messages in this room. +# (see verboseLogging to adjust this a bit.) managementRoom: "{{ matrix_bot_mjolnir_management_room }}" -# Set to false to make the management room a bit quieter. +# Whether Mjolnir should log a lot more messages in the room, +# mainly involves "all-OK" messages, and debugging messages for when mjolnir checks bans in a room. verboseLogging: false -# The log level for the logs themselves. One of DEBUG, INFO, WARN, and ERROR. +# The log level of terminal (or container) output, +# can be one of DEBUG, INFO, WARN and ERROR, in increasing order of importance and severity. +# # This should be at INFO or DEBUG in order to get support for Mjolnir problems. logLevel: "INFO" -# Set to false to disable synchronizing the ban lists on startup. If true, this -# is the same as running !mjolnir sync immediately after startup. +# Whether or not Mjolnir should synchronize policy lists immediately after startup. +# Equivalent to running '!mjolnir sync'. syncOnStartup: true -# Set to false to prevent Mjolnir from checking its permissions on startup. This -# is recommended to be left as "true" to catch room permission problems (state -# resets, etc) before Mjolnir is needed. +# Whether or not Mjolnir should check moderation permissions in all protected rooms on startup. +# Equivalent to running `!mjolnir verify`. verifyPermissionsOnStartup: true -# If true, Mjolnir won't actually ban users or apply server ACLs, but will -# think it has. This is useful to see what it does in a scenario where the -# bot might not be trusted fully, yet. Default false (do bans/ACLs). +# Whether or not Mjolnir should actually apply bans and policy lists, +# turn on to trial some untrusted configuration or lists. noop: false -# Set to true to use /joined_members instead of /state to figure out who is -# in the room. Using /state is preferred because it means that users are -# banned when they are invited instead of just when they join, though if your -# server struggles with /state requests then set this to true. +# Whether Mjolnir should check member lists quicker (by using a different endpoint), +# keep in mind that enabling this will miss invited (but not joined) users. +# +# Turn on if your bot is in (very) large rooms, or in large amounts of rooms. fasterMembershipChecks: false -# A case-insensitive list of ban reasons to automatically redact a user's -# messages for. Typically this is useful to avoid having to type two commands -# to the bot. Use asterisks to represent globs (ie: "spam*testing" would match -# "spam for testing" as well as "spamtesting"). +# A case-insensitive list of ban reasons to have the bot also automatically redact the user's messages for. +# +# If the bot sees you ban a user with a reason that is an (exact case-insensitive) match to this list, +# it will also remove the user's messages automatically. +# +# Typically this is useful to avoid having to give two commands to the bot. +# Advanced: Use asterisks to have the reason match using "globs" +# (f.e. "spam*testing" would match "spam for testing" as well as "spamtesting"). +# +# See here for more info: https://www.digitalocean.com/community/tools/glob +# Note: Keep in mind that glob is NOT regex! automaticallyRedactForReasons: - - "spam" - - "advertising" + - "spam" + - "advertising" -# A list of rooms to protect (matrix.to URLs) +# A list of rooms to protect. Mjolnir will add this to the list it knows from its account data. +# +# It won't, however, add it to the account data. +# Manually add the room via '!mjolnir rooms add' to have it stay protected regardless if this config value changes. +# +# Note: These must be matrix.to URLs #protectedRooms: # - "https://matrix.to/#/#yourroom:example.org" -# Set this option to true to protect every room the bot is joined to. Note that -# this effectively makes the protectedRooms and associated commands useless because -# the bot by nature must be joined to the room to protect it. +# Whether or not to add all joined rooms to the "protected rooms" list +# (excluding the management room and watched policy list rooms, see below). +# +# Note that this effectively makes the protectedRooms and associated commands useless +# for regular rooms. # -# Note: the management room is *excluded* from this condition. Add it to the -# protected rooms to protect it. +# Note: the management room is *excluded* from this condition. +# Explicitly add it as a protected room to protect it. # -# Note: ban list rooms the bot is watching but didn't create will not be protected. -# Manually add these rooms to the protected rooms list if you want them protected. +# Note: Ban list rooms the bot is watching but didn't create will not be protected. +# Explicitly add these rooms as a protected room list if you want them protected. protectAllJoinedRooms: false +# Increase this delay to have Mjölnir wait longer between two consecutive backgrounded +# operations. The total duration of operations will be longer, but the homeserver won't +# be affected as much. Conversely, decrease this delay to have Mjölnir chain operations +# faster. The total duration of operations will generally be shorter, but the performance +# of the homeserver may be more impacted. +backgroundDelayMS: 500 + +# Server administration commands, these commands will only work if Mjolnir is +# a global server administrator, and the bot's server is a Synapse instance. +#admin: +# # Whether or not Mjolnir can temporarily take control of any eligible account from the local homeserver who's in the room +# # (with enough permissions) to "make" a user an admin. +# # +# # This only works if a local user with enough admin permissions is present in the room. +# enableMakeRoomAdminCommand: false + # Misc options for command handling and commands commands: - # If true, Mjolnir will respond to commands like !help and !ban instead of - # requiring a prefix. This is useful if Mjolnir is the only bot running in - # your management room. + # Whether or not the `!mjolnir` prefix is necessary to submit commands. # - # Note that Mjolnir can be pinged by display name instead of having to use + # If `true`, will allow commands like `!ban`, `!help`, etc. + # + # Note: Mjolnir can also be pinged by display name instead of having to use # the !mjolnir prefix. For example, "my_moderator_bot: ban @spammer:example.org" - # will ban a user. + # will address only my_moderator_bot. allowNoPrefix: false - # In addition to the bot's display name, !mjolnir, and optionally no prefix - # above, the bot will respond to these names. The items here can be used either - # as display names or prefixed with exclamation points. + # Any additional bot prefixes that Mjolnir will listen to. i.e. adding `mod` will allow `!mod help`. additionalPrefixes: - "mjolnir_bot" - # If true, ban commands that use wildcard characters require confirmation with - # an extra `--force` argument + # Whether or not commands with a wildcard (*) will require an additional `--force` argument + # in the command to be able to be submitted. confirmWildcardBan: true -# Configuration specific to certain toggleable protections +# Configuration specific to certain toggle-able protections #protections: # # Configuration for the wordlist plugin, which can ban users based if they say certain # # blocked words shortly after joining. # wordlist: -# # A list of words which should be monitored by the bot. These will match if any part -# # of the word is present in the message in any case. e.g. "hello" also matches -# # "HEllO". Additionally, regular expressions can be used. +# # A list of case-insensitive keywords that the WordList protection will watch for from new users. +# # +# # WordList will ban users who use these words when first joining a room, so take caution when selecting them. +# # +# # For advanced usage, regex can also be used, see the following links for more information; +# # - https://www.digitalocean.com/community/tutorials/an-introduction-to-regular-expressions +# # - https://regexr.com/ +# # - https://regexone.com/ # words: -# - "CaSe" -# - "InSeNsAtIve" -# - "WoRd" -# - "LiSt" -# -# # How long after a user joins the server should the bot monitor their messages. After -# # this time, users can say words from the wordlist without being banned automatically. -# # Set to zero to disable (users will always be banned if they say a bad word) +# - "LoReM" +# - "IpSuM" +# - "DoLoR" +# - "aMeT" +# +# # For how long (in minutes) the user is "new" to the WordList plugin. +# # +# # After this time, the user will no longer be banned for using a word in the above wordlist. +# # +# # Set to zero to disable the timeout and make users *always* appear "new". +# # (users will always be banned if they say a bad word) # minutesBeforeTrusting: 20 -# Options for monitoring the health of the bot +# Options for advanced monitoring of the health of the bot. health: # healthz options. These options are best for use in container environments # like Kubernetes to detect how healthy the service is. The bot will report @@ -160,3 +208,39 @@ health: # The HTTP status code which reports that the bot is not healthy/ready. # Defaults to 418. unhealthyStatus: 418 + +# Options for exposing web APIs. +#web: +# # Whether to enable web APIs. +# enabled: false +# +# # The port to expose the webserver on. Defaults to 8080. +# port: 8080 +# +# # The address to listen for requests on. Defaults to only the current +# # computer. +# address: localhost +# +# # Alternative setting to open to the entire web. Be careful, +# # as this will increase your security perimeter: +# # +# # address: "0.0.0.0" +# +# # A web API designed to intercept Matrix API +# # POST /_matrix/client/r0/rooms/{roomId}/report/{eventId} +# # and display readable abuse reports in the moderation room. +# # +# # If you wish to take advantage of this feature, you will need +# # to configure a reverse proxy, see e.g. test/nginx.conf +# abuseReporting: +# # Whether to enable this feature. +# enabled: false + +# Whether or not to actively poll synapse for abuse reports, to be used +# instead of intercepting client calls to synapse's abuse endpoint, when that +# isn't possible/practical. +pollReports: true + +# Whether or not new reports, received either by webapi or polling, +# should be printed to our managementRoom. +displayReports: true \ No newline at end of file From b51fe595b279b368b959031ac781ca5511efb0ae Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 30 Sep 2022 08:30:26 +0300 Subject: [PATCH 147/349] Upgrade matrix-corporal (2.3.0 -> 2.3.1) --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index bb1b8fa19..0ea8c75ce 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -23,7 +23,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.3.0 +matrix_corporal_version: 2.3.1 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility From c650495c0e6b8e0bb7a779e75e392c6369dd9d2f Mon Sep 17 00:00:00 2001 From: Warrows Date: Fri, 30 Sep 2022 11:50:43 +0200 Subject: [PATCH 148/349] Update proxied nginx for maubot --- roles/matrix-bot-maubot/tasks/init.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 461af0608..888d58d81 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,8 +14,9 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}/$1"; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; proxy_pass http://$backend; + proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% else %} From 851a52a532e916965c04a0c28a9289173def9ee8 Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Fri, 30 Sep 2022 08:35:26 -0500 Subject: [PATCH 149/349] dendrite: update tag image version - update to 0.10.0 (https://github.com/matrix-org/dendrite/releases/tag/v0.10.0) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 542ed1368..e1d1bec19 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.9" +matrix_dendrite_docker_image_tag: "v0.10.0" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From ec8daad805b845e9ce8180cc72a98fd99d8cd9bf Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Fri, 30 Sep 2022 12:08:18 -0500 Subject: [PATCH 150/349] dendrite: update image tag version - update to v0.10.1 (https://github.com/matrix-org/dendrite/releases/tag/v0.10.1) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index e1d1bec19..9c8789e83 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.0" +matrix_dendrite_docker_image_tag: "v0.10.1" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 81ee2449a8ab8b3d30156fe32021667d94cc49d4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 09:18:54 +0300 Subject: [PATCH 151/349] Remove double ; --- roles/matrix-ldap-registration-proxy/tasks/init.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 79d603df9..0b2051c3d 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -28,7 +28,7 @@ {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}"; - proxy_pass http://$backend/register;; + proxy_pass http://$backend/register; {% else %} {# Generic configuration for use outside of our container setup #} proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register; From f4804f475a1cf0d724ca691c434c0ff64d9c3e2d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 09:27:49 +0300 Subject: [PATCH 152/349] Announce matrix-ldap-registration-proxy Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2038 --- CHANGELOG.md | 9 +++++++++ docs/configuring-playbook-ldap-auth.md | 7 +++++++ ...onfiguring-playbook-matrix-ldap-registration-proxy.md | 2 +- 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index deb1bc0ce..06664634d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-10-02 + +## matrix-ldap-registration-proxy support + +Thanks to [@TheOneWithTheBraid](https://github.com/TheOneWithTheBraid), we now support installing [matrix-ldap-registration-proxy](https://gitlab.com/activism.international/matrix_ldap_registration_proxy) - a proxy which handles Matrix registration requests and forwards them to LDAP. + +See our [Setting up the ldap-registration-proxy](docs/configuring-playbook-matrix-ldap-registration-proxy.md) documentation to get started. + + # 2022-09-15 ## (Potential Backward Compatibility Break) Major improvements to Synapse workers diff --git a/docs/configuring-playbook-ldap-auth.md b/docs/configuring-playbook-ldap-auth.md index 5144323ad..ecc0f2579 100644 --- a/docs/configuring-playbook-ldap-auth.md +++ b/docs/configuring-playbook-ldap-auth.md @@ -28,5 +28,12 @@ If you wish for users to **authenticate only against configured password provide matrix_synapse_password_config_localdb_enabled: false ``` + ## Using ma1sd Identity Server for authentication + If you wish to use the ma1sd Identity Server for LDAP authentication instead of [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3) consult [Adjusting ma1sd Identity Server configuration](configuring-playbook-ma1sd.md#authentication). + + +## Handling user registration + +If you wish for users to also be able to make new registrations against LDAP, you may **also** wish to [set up the ldap-registration-proxy](configuring-playbook-matrix-ldap-registration-proxy.md). diff --git a/docs/configuring-playbook-matrix-ldap-registration-proxy.md b/docs/configuring-playbook-matrix-ldap-registration-proxy.md index 8a4adae4e..16e0641e7 100644 --- a/docs/configuring-playbook-matrix-ldap-registration-proxy.md +++ b/docs/configuring-playbook-matrix-ldap-registration-proxy.md @@ -20,7 +20,7 @@ matrix_ldap_registration_proxy_ldap_user: matrix_ldap_registration_proxy_ldap_password: ``` -If you already use the [synapse external password provider via LDAP](docs/configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) +If you already use the [synapse external password provider via LDAP](configuring-playbook-ldap-auth.md) (that is, you have `matrix_synapse_ext_password_provider_ldap_enabled: true` and other options in your configuration) you can use the following values as configuration: ```yaml From 033f188c1ee0e1fecd933577d1d517475df2e314 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 11:10:32 +0300 Subject: [PATCH 153/349] Upgrade matrix-corporal (2.3.1 -> 2.3.2) --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index 0ea8c75ce..0cae911b3 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -23,7 +23,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.3.1 +matrix_corporal_version: 2.3.2 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility From 43e38170e50834e11010f72e7ccdb53669755ee5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 2 Oct 2022 16:47:55 +0300 Subject: [PATCH 154/349] Upgrade matrix-corporal (2.3.2 -> 2.4.0) --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index 0cae911b3..8c391dfbf 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -23,7 +23,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.3.2 +matrix_corporal_version: 2.4.0 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility From 2aceb445af81f3fa049961bf8946e5687f3f381c Mon Sep 17 00:00:00 2001 From: Catalan Lover <48515417+FSG-Cat@users.noreply.github.com> Date: Sun, 2 Oct 2022 21:14:56 +0200 Subject: [PATCH 155/349] Fix config error that can cause Mjolnir to crash --- roles/matrix-bot-mjolnir/templates/production.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 index 7963982fa..7643d65f7 100644 --- a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 +++ b/roles/matrix-bot-mjolnir/templates/production.yaml.j2 @@ -239,8 +239,8 @@ health: # Whether or not to actively poll synapse for abuse reports, to be used # instead of intercepting client calls to synapse's abuse endpoint, when that # isn't possible/practical. -pollReports: true +pollReports: false # Whether or not new reports, received either by webapi or polling, # should be printed to our managementRoom. -displayReports: true \ No newline at end of file +displayReports: false From 936412a08e2335b81cc6fc33ffccf1e18c0df566 Mon Sep 17 00:00:00 2001 From: Warrows Date: Mon, 3 Oct 2022 14:25:30 +0200 Subject: [PATCH 156/349] Update proxied nginx for maubot - Don't put unnecessary Host header. - Update both cases (with or without nginx proxy) --- roles/matrix-bot-maubot/tasks/init.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 888d58d81..6d0210438 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,14 +14,13 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; - proxy_pass http://$backend; - proxy_set_header Host $host; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}; + proxy_pass http://$backend$request_uri"; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} From 5fd94466e17b8d69ff91964bbaa61fc81311f084 Mon Sep 17 00:00:00 2001 From: Warrows Date: Mon, 3 Oct 2022 23:44:45 +0200 Subject: [PATCH 157/349] Fix quote error introduced in 936412a08 --- roles/matrix-bot-maubot/tasks/init.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 6d0210438..ccb5956e6 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,13 +14,13 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}; - proxy_pass http://$backend$request_uri"; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}"; + proxy_pass http://$backend$request_uri; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}$request_uri"; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}$request_uri; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} From 0a5cc4436bbe81215d0209bda8485e9393fdae1b Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 4 Oct 2022 13:41:11 +0000 Subject: [PATCH 158/349] Update grafana 9.1.6 -> 9.1.7 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 6c02dde7a..2b139cd47 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.1.6 +matrix_grafana_version: 9.1.7 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 9b1d0a98943403fa07e3fe9a2b64f5f47d3b8500 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 5 Oct 2022 06:42:02 +0000 Subject: [PATCH 159/349] Update prometheus 2.38.0 -> 2.39.0 --- roles/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/matrix-prometheus/defaults/main.yml index 002309ac2..b2d5e9644 100644 --- a/roles/matrix-prometheus/defaults/main.yml +++ b/roles/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.38.0 +matrix_prometheus_version: v2.39.0 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From 7872aa1611f5251909b1ff8403a10c3b3c5f2c99 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 5 Oct 2022 08:47:29 +0000 Subject: [PATCH 160/349] Update hookshot 2.2.0 -> 2.3.0 --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 57d31af56..b9b308660 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.2.0 +matrix_hookshot_version: 2.3.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From d1b5681ba0f523b2908eb7eb21239a840f824e66 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 10:03:16 +0300 Subject: [PATCH 161/349] Report async task failures better We were previously trying to reach into `.rc`, but there's no such thing if `async_result.finished == 0`. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2153 --- roles/matrix-postgres/tasks/import_postgres.yml | 3 ++- roles/matrix-postgres/tasks/run_vacuum.yml | 3 ++- .../tasks/rust-synapse-compress-state/compress_room.yml | 6 ++++-- .../tasks/rust-synapse-compress-state/main.yml | 1 + 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 53d67436b..965719e46 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -108,4 +108,5 @@ async: "{{ postgres_import_wait_time }}" poll: 10 register: matrix_postgres_import_postgres_command_result - changed_when: matrix_postgres_import_postgres_command_result.rc == 0 + failed_when: not matrix_postgres_import_postgres_command_result.async_result.finished + changed_when: matrix_postgres_import_postgres_command_result.async_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index ce2bee6b9..efe69a832 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -78,7 +78,8 @@ async: "{{ postgres_vacuum_wait_time }}" poll: 10 register: matrix_postgres_synapse_vacuum_result - changed_when: matrix_postgres_synapse_vacuum_result.rc == 0 + failed_when: not matrix_postgres_synapse_vacuum_result.async_result.finished + changed_when: matrix_postgres_synapse_vacuum_result.async_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results - ansible.builtin.debug: var="matrix_postgres_synapse_vacuum_result" diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 221a75700..ff42cbc4c 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -21,7 +21,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_compress_room_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_compress_room_command_result - changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_compress_room_command_result" @@ -44,7 +45,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_psql_import_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_psql_import_command_result - changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 - name: Clean up ansible.builtin.file: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index fab0af55a..dcf9eed9d 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -70,6 +70,7 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_find_rooms_command_wait_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_find_rooms_command_result + failed_when: not matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.async_result.finished changed_when: false # We expect the output to be like this: From 8d40ddd6548b1f90274442c1bc5948d07c1e8a39 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 13:22:52 +0300 Subject: [PATCH 162/349] Adjust importing-postgres docs to mention postgres_default_import_database --- docs/importing-postgres.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/importing-postgres.md b/docs/importing-postgres.md index c5a8d8286..09c9b6676 100644 --- a/docs/importing-postgres.md +++ b/docs/importing-postgres.md @@ -12,7 +12,7 @@ If your database name differs, be sure to change `matrix_synapse_database_databa The playbook supports importing Postgres dump files in **text** (e.g. `pg_dump > dump.sql`) or **gzipped** formats (e.g. `pg_dump | gzip -c > dump.sql.gz`). -Importing multiple databases (as dumped by `pg_dumpall`) is also supported. +Importing multiple databases (as dumped by `pg_dumpall`) is also supported. But the migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new roomes, ...) Before doing the actual import, **you need to upload your Postgres dump file to the server** (any path is okay). @@ -24,11 +24,14 @@ To import, run this command (make sure to replace `` must be a file path to a Postgres dump file on the server (not on your local machine!). +**Notes**: + +- `` must be a file path to a Postgres dump file on the server (not on your local machine!) +- `postgres_default_import_database` defaults to `matrix`, which is useful for importing multiple databases (for dumps made with `pg_dumpall`). If you're importing a single database (e.g. `synapse`), consider changing `postgres_default_import_database` accordingly ## Troubleshooting @@ -90,7 +93,7 @@ If not, you probably get this error. `synapse` is the correct table owner, but t "ERROR: role synapse does not exist" ``` -Once the database is clear and the ownership of the tables has been fixed in the SQL file, the import task should succeed. +Once the database is clear and the ownership of the tables has been fixed in the SQL file, the import task should succeed. Check, if `--dbname` is set to `synapse` (not `matrix`) and replace paths (or even better, copy this line from your terminal) ``` From e9993856a6240a4c00e5ceda341adbe77a6a2ae3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 13:23:48 +0300 Subject: [PATCH 163/349] Fix typo --- docs/importing-postgres.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/importing-postgres.md b/docs/importing-postgres.md index 09c9b6676..fe3817f53 100644 --- a/docs/importing-postgres.md +++ b/docs/importing-postgres.md @@ -13,7 +13,7 @@ If your database name differs, be sure to change `matrix_synapse_database_databa The playbook supports importing Postgres dump files in **text** (e.g. `pg_dump > dump.sql`) or **gzipped** formats (e.g. `pg_dump | gzip -c > dump.sql.gz`). Importing multiple databases (as dumped by `pg_dumpall`) is also supported. -But the migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new roomes, ...) +But the migration might be a good moment, to "reset" a not properly working bridge. Be aware, that it might affect all users (new link to bridge, new rooms, ...) Before doing the actual import, **you need to upload your Postgres dump file to the server** (any path is okay). From 69b1b56691c6ebdcc41cab8b27c10864c0c7c198 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 14:01:20 +0300 Subject: [PATCH 164/349] Upgrade signald (0.21.1 -> 0.22.2) --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index d8e4016cf..9a06e423a 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -10,7 +10,7 @@ matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: v0.4.0 -matrix_mautrix_signal_daemon_version: 0.21.1 +matrix_mautrix_signal_daemon_version: 0.22.2 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" From aff7ca2426a75323cb091765b316d8af9cfdbaf0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 16:39:07 +0300 Subject: [PATCH 165/349] Upgrade appservice-slack (1.11.0 -> 2.0.1) This also disables self-building on arm64, since it's no longer necessary: https://github.com/matrix-org/matrix-appservice-slack/pull/656 --- group_vars/matrix_servers | 2 +- roles/matrix-bridge-appservice-slack/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 3ca4d6f2a..cfccd3876 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -139,7 +139,7 @@ matrix_appservice_webhooks_systemd_required_services_list: | # We don't enable bridges by default. matrix_appservice_slack_enabled: false -matrix_appservice_slack_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" +matrix_appservice_slack_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" # Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-slack over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/matrix-bridge-appservice-slack/defaults/main.yml index 71fca8e6e..b5fbc13f9 100644 --- a/roles/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/matrix-bridge-appservice-slack/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/apps # matrix_appservice_slack_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_slack_version: 1.11.0 +matrix_appservice_slack_version: 2.0.1 matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_docker_image_tag }}" matrix_appservice_slack_docker_image_tag: "{{ 'latest' if matrix_appservice_slack_version == 'latest' else ('release-' + matrix_appservice_slack_version) }}" matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}" From a12cbeac3bfde7a9166b3e18604fdcc1c3db204d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Oct 2022 19:48:11 +0300 Subject: [PATCH 166/349] Fix async commands Fixes a regression introduced in d1b5681ba0f523. Looks like `.finished` is a property on the main object, not on some `.async_result` object. --- roles/matrix-postgres/tasks/import_postgres.yml | 4 ++-- roles/matrix-postgres/tasks/run_vacuum.yml | 4 ++-- .../tasks/rust-synapse-compress-state/compress_room.yml | 8 ++++---- .../tasks/rust-synapse-compress-state/main.yml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 965719e46..40877e0b5 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -108,5 +108,5 @@ async: "{{ postgres_import_wait_time }}" poll: 10 register: matrix_postgres_import_postgres_command_result - failed_when: not matrix_postgres_import_postgres_command_result.async_result.finished - changed_when: matrix_postgres_import_postgres_command_result.async_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 + failed_when: not matrix_postgres_import_postgres_command_result.finished + changed_when: matrix_postgres_import_postgres_command_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index efe69a832..aafa761db 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -78,8 +78,8 @@ async: "{{ postgres_vacuum_wait_time }}" poll: 10 register: matrix_postgres_synapse_vacuum_result - failed_when: not matrix_postgres_synapse_vacuum_result.async_result.finished - changed_when: matrix_postgres_synapse_vacuum_result.async_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 + failed_when: not matrix_postgres_synapse_vacuum_result.finished + changed_when: matrix_postgres_synapse_vacuum_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results - ansible.builtin.debug: var="matrix_postgres_synapse_vacuum_result" diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index ff42cbc4c..6ae016fcc 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -21,8 +21,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_compress_room_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_compress_room_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished - changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_compress_room_command_result" @@ -45,8 +45,8 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_psql_import_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_psql_import_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished - changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.async_result.finished and matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 + failed_when: not matrix_synapse_rust_synapse_compress_state_psql_import_command_result.finished + changed_when: matrix_synapse_rust_synapse_compress_state_psql_import_command_result.finished and matrix_synapse_rust_synapse_compress_state_psql_import_command_result.rc == 0 - name: Clean up ansible.builtin.file: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index dcf9eed9d..b48e60775 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -70,7 +70,7 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_find_rooms_command_wait_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_find_rooms_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.async_result.finished + failed_when: not matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.finished changed_when: false # We expect the output to be like this: From 61a1d6a7bd33366b09b6c4680ee3260f5a797955 Mon Sep 17 00:00:00 2001 From: Aine Date: Thu, 6 Oct 2022 23:08:58 +0300 Subject: [PATCH 167/349] Update Postmoogle 0.9.4 -> 0.9.5 --- roles/matrix-bot-postmoogle/defaults/main.yml | 5 ++++- roles/matrix-bot-postmoogle/templates/env.j2 | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index abec64c41..949f0913c 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.4 +matrix_bot_postmoogle_version: v0.9.5 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" @@ -110,6 +110,9 @@ matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" +# Password (passphrase) to encrypt account data +matrix_bot_postmoogle_data_secret: "" + # in-container ports matrix_bot_postmoogle_port: '2525' matrix_bot_postmoogle_tls_port: '25587' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index 304e0dd80..c81510534 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -15,5 +15,6 @@ POSTMOOGLE_TLS_PORT={{ matrix_bot_postmoogle_tls_port }} POSTMOOGLE_TLS_CERT={{ matrix_bot_postmoogle_tls_cert }} POSTMOOGLE_TLS_KEY={{ matrix_bot_postmoogle_tls_key }} POSTMOOGLE_TLS_REQUIRED={{ matrix_bot_postmoogle_tls_required }} +POSTMOOGLE_DATA_SECRET={{ matrix_bot_postmoogle_data_secret }} {{ matrix_bot_postmoogle_environment_variables_extension }} From 12d4e080fa1bede67b3c57d8fbffb6498895db95 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 7 Oct 2022 21:36:36 +0300 Subject: [PATCH 168/349] Upgrade Dendrite (0.10.1 -> 0.10.2) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 9c8789e83..92a9ff9f7 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.1" +matrix_dendrite_docker_image_tag: "v0.10.2" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 9e0bfcc05e18f955e8cfe34f9d3069e724439332 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 7 Oct 2022 21:37:17 +0300 Subject: [PATCH 169/349] Upgrade Prometheus (2.39.0 -> 2.39.1) --- roles/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/matrix-prometheus/defaults/main.yml index b2d5e9644..cbd3575e4 100644 --- a/roles/matrix-prometheus/defaults/main.yml +++ b/roles/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.39.0 +matrix_prometheus_version: v2.39.1 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From af910db58349388d01197021270d22508dd67f08 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Fri, 7 Oct 2022 21:37:30 +0000 Subject: [PATCH 170/349] dendrite: update config --- .../templates/dendrite/dendrite.yaml.j2 | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index d44da2192..86a12d7c2 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -349,10 +349,16 @@ sync_api: # a reverse proxy server. # real_ip_header: X-Real-IP real_ip_header: {{ matrix_dendrite_sync_api_real_ip_header|to_json }} - fulltext: + # Configuration for the full-text search engine. + search: + # Whether or not search is enabled. enabled: false - index_path: "./fulltextindex" - language: "en" # more possible languages can be found at https://github.com/blevesearch/bleve/tree/master/analysis/lang + # The path where the search index will be created in. + index_path: "/matrix-media-store-parent/searchindex" + # The language most likely to be used on the server - used when indexing, to + # ensure the returned results match expectations. A full list of possible languages + # can be found at https://github.com/blevesearch/bleve/tree/master/analysis/lang + language: "en" # Configuration for the User API. user_api: From b17b1fb01a29a84837151dabd8fed36caf05c168 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sun, 9 Oct 2022 15:52:55 +0000 Subject: [PATCH 171/349] Update jitsi stable-7830 -> stable-7882 --- roles/matrix-jitsi/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 80d270d4f..e1fcc318a 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -72,7 +72,7 @@ matrix_jitsi_jibri_recorder_password: '' matrix_jitsi_enable_lobby: false -matrix_jitsi_version: stable-7830 +matrix_jitsi_version: stable-7882 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}" From 1be8f8b0baa3149f8949f08010ead0ab8019b469 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 9 Oct 2022 19:23:40 +0300 Subject: [PATCH 172/349] import_tasks -> ansible.builtin.import_tasks --- roles/matrix-bot-maubot/tasks/main.yml | 8 ++++---- roles/matrix-conduit/tasks/conduit/setup.yml | 4 ++-- roles/matrix-conduit/tasks/main.yml | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/main.yml b/roles/matrix-bot-maubot/tasks/main.yml index c67e25ee7..773f4b9fa 100644 --- a/roles/matrix-bot-maubot/tasks/main.yml +++ b/roles/matrix-bot-maubot/tasks/main.yml @@ -1,22 +1,22 @@ --- -- import_tasks: "{{ role_path }}/tasks/init.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" tags: - always -- import_tasks: "{{ role_path }}/tasks/validate_config.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - setup-bot-maubot -- import_tasks: "{{ role_path }}/tasks/setup_install.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - setup-bot-maubot -- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" when: "run_setup|bool and not matrix_bot_maubot_enabled|bool" tags: - setup-all diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/matrix-conduit/tasks/conduit/setup.yml index fa095f669..425d0f7e9 100644 --- a/roles/matrix-conduit/tasks/conduit/setup.yml +++ b/roles/matrix-conduit/tasks/conduit/setup.yml @@ -1,7 +1,7 @@ --- -- import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/conduit/setup_install.yml" when: "matrix_conduit_enabled | bool" -- import_tasks: "{{ role_path }}/tasks/conduit/setup_uninstall.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/conduit/setup_uninstall.yml" when: "not matrix_conduit_enabled | bool" diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/matrix-conduit/tasks/main.yml index c8862bd77..623d04582 100644 --- a/roles/matrix-conduit/tasks/main.yml +++ b/roles/matrix-conduit/tasks/main.yml @@ -1,10 +1,10 @@ --- -- import_tasks: "{{ role_path }}/tasks/init.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" tags: - always -- import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/conduit/setup.yml" when: run_setup | bool tags: - setup-all From e6ecd54e724fd0a7394db2b5530aecf5929e6ffc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 9 Oct 2022 20:42:20 +0300 Subject: [PATCH 173/349] Suppress some ansible-lint errors --- roles/matrix-postgres/tasks/import_generic_sqlite_db.yml | 4 ++-- roles/matrix-postgres/tasks/migrate_db_to_postgres.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml index f99478dd0..897ebc2e9 100644 --- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -67,7 +67,7 @@ become: false when: "matrix_postgres_service_start_result.changed | bool" -- name: Import SQLite database from {{ sqlite_database_path }} into Postgres +- name: Import SQLite database from {{ sqlite_database_path }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- {{ matrix_host_command_docker }} run @@ -83,7 +83,7 @@ register: matrix_postgres_import_generic_sqlite_db_import_result changed_when: matrix_postgres_import_generic_sqlite_db_import_result.rc == 0 -- name: Archive SQLite database ({{ sqlite_database_path }} -> {{ sqlite_database_path }}.backup) +- name: Archive SQLite database ({{ sqlite_database_path }} -> {{ sqlite_database_path }}.backup) # noqa name[template] ansible.builtin.command: cmd: "mv {{ sqlite_database_path }} {{ sqlite_database_path }}.backup" register: matrix_postgres_import_generic_sqlite_db_move_result diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index bfd91c29a..dd75fb17c 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -118,7 +118,7 @@ failed_when: false with_items: "{{ matrix_postgres_db_migration_request.systemd_services_to_stop }}" -- name: Import {{ matrix_postgres_db_migration_request.engine_old }} database from {{ matrix_postgres_db_migration_request.src }} into Postgres +- name: Import {{ matrix_postgres_db_migration_request.engine_old }} database from {{ matrix_postgres_db_migration_request.src }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- {{ matrix_host_command_docker }} run @@ -158,7 +158,7 @@ register: matrix_postgres_migrate_db_to_postgres_additional_queries_result changed_when: matrix_postgres_migrate_db_to_postgres_additional_queries_result.rc == 0 -- name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) +- name: Archive {{ matrix_postgres_db_migration_request.engine_old }} database ({{ matrix_postgres_db_migration_request.src }} -> {{ matrix_postgres_db_migration_request.src }}.backup) # noqa name[template] ansible.builtin.command: cmd: "mv {{ matrix_postgres_db_migration_request.src }} {{ matrix_postgres_db_migration_request.src }}.backup" register: matrix_postgres_migrate_db_to_postgres_move_result From 7cc3aae041966cd111d1ef9d0b14a3812c60edc2 Mon Sep 17 00:00:00 2001 From: Samuel Meenzen Date: Sun, 9 Oct 2022 21:59:33 +0200 Subject: [PATCH 174/349] fix(mautrix-discord): allow configuring the restricted_rooms option --- roles/matrix-bridge-mautrix-discord/defaults/main.yml | 4 ++++ roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml index dbc23031d..0cc180527 100644 --- a/roles/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -140,3 +140,7 @@ matrix_mautrix_discord_registration: "{{ matrix_mautrix_discord_registration_yam matrix_mautrix_discord_bridge_encryption_allow: false matrix_mautrix_discord_bridge_encryption_default: "{{ matrix_mautrix_discord_bridge_encryption_allow }}" matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_discord_bridge_encryption_allow }}" + +# On conduit this option may prevent you from joining spaces created by the bridge. +# Setting this to false fixes the issue. +matrix_mautrix_discord_restricted_rooms: true \ No newline at end of file diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index fdd4f788d..cd64f5d9c 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -101,7 +101,7 @@ bridge: message_error_notices: true # Should the bridge use space-restricted join rules instead of invite-only for guild rooms? # This can avoid unnecessary invite events in guild rooms when members are synced in. - restricted_rooms: true + restricted_rooms: {{ matrix_mautrix_discord_restricted_rooms }} # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 1d024975d650c99f4393c74aa0bcae698c40f435 Mon Sep 17 00:00:00 2001 From: Samuel Meenzen Date: Mon, 10 Oct 2022 07:10:15 +0000 Subject: [PATCH 175/349] Automatically set restricted_rooms to false on conduit --- group_vars/matrix_servers | 4 ++++ roles/matrix-bridge-mautrix-discord/defaults/main.yml | 2 +- roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index cfccd3876..ae5395fbe 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -695,6 +695,10 @@ matrix_mautrix_discord_login_shared_secret: "{{ matrix_synapse_ext_password_prov matrix_mautrix_discord_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db') | to_uuid }}" +# Enabling bridge.restricted_rooms for this bridge does not work well with Conduit, so we disable it by default. +# See: todo: add link to upstream issue +matrix_mautrix_discord_bridge_restricted_rooms: "{{ false if matrix_homeserver_implementation == 'conduit' else true }}" + ###################################################################### # # /matrix-bridge-mautrix-discord diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml index 0cc180527..d3eae38a6 100644 --- a/roles/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -143,4 +143,4 @@ matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_d # On conduit this option may prevent you from joining spaces created by the bridge. # Setting this to false fixes the issue. -matrix_mautrix_discord_restricted_rooms: true \ No newline at end of file +matrix_mautrix_discord_bridge_restricted_rooms: true \ No newline at end of file diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index cd64f5d9c..f88d0829c 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -101,7 +101,7 @@ bridge: message_error_notices: true # Should the bridge use space-restricted join rules instead of invite-only for guild rooms? # This can avoid unnecessary invite events in guild rooms when members are synced in. - restricted_rooms: {{ matrix_mautrix_discord_restricted_rooms }} + restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms }} # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 81f90f0ad1d70dabbaacd84736c8281c090861e5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 10 Oct 2022 17:09:42 +0300 Subject: [PATCH 176/349] Use |to_json for matrix_mautrix_discord_bridge_restricted_rooms --- roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 index f88d0829c..039923350 100644 --- a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 @@ -101,7 +101,7 @@ bridge: message_error_notices: true # Should the bridge use space-restricted join rules instead of invite-only for guild rooms? # This can avoid unnecessary invite events in guild rooms when members are synced in. - restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms }} + restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms|to_json }} # Should the bridge update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. From 9c52a8b3a11ba51e0fd3de90e28994f1373bce21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Mon, 10 Oct 2022 16:05:40 -0400 Subject: [PATCH 177/349] update Jitsi on LAN configuration doc --- docs/configuring-playbook-jitsi.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index f7e8a949c..51ad29b79 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -87,7 +87,7 @@ For more information refer to the [docker-jitsi-meet](https://github.com/jitsi/d By default the Jitsi Meet instance does not work with a client in LAN (Local Area Network), even if others are connected from WAN. There are no video and audio. In the case of WAN to WAN everything is ok. -The reason is the Jitsi VideoBridge git to LAN client the IP address of the docker image instead of the host. The [documentation](https://github.com/jitsi/docker-jitsi-meet#running-behind-nat-or-on-a-lan-environment) of Jitsi in docker suggest to add `DOCKER_HOST_ADDRESS` in enviornment variable to make it work. +The reason is the Jitsi VideoBridge git to LAN client the IP address of the docker image instead of the host. The [documentation](https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker/#running-behind-nat-or-on-a-lan-environment) of Jitsi in docker suggest to add `JVB_ADVERTISE_IPS` in enviornment variable to make it work. Here is how to do it in the playbook. @@ -95,7 +95,7 @@ Add these two lines to your `inventory/host_vars/matrix.DOMAIN/vars.yml` configu ```yaml matrix_jitsi_jvb_container_extra_arguments: - - '--env "DOCKER_HOST_ADDRESS="' + - '--env "JVB_ADVERTISE_IPS="' ``` ## (Optional) Fine tune Jitsi From 3a1847e193f6d99bdf5e4551856c302a7a60de55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Mon, 10 Oct 2022 16:25:17 -0400 Subject: [PATCH 178/349] moved bind port variables documentation for webserver on different docker network or host in a more generic section --- docs/configuring-playbook-own-webserver.md | 32 ++++++++++++---------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 7e5d60013..ecae105bc 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -27,11 +27,23 @@ No matter which external webserver you decide to go with, you'll need to: 1) Make sure your web server user (something like `http`, `apache`, `www-data`, `nginx`) is part of the `matrix` group. You should run something like this: `usermod -a -G matrix nginx`. This allows your webserver user to access files owned by the `matrix` group. When using an external nginx webserver, this allows it to read configuration files from `/matrix/nginx-proxy/conf.d`. When using another server, it would make other files, such as `/matrix/static-files/.well-known`, accessible to it. -2) Edit your configuration file (`inventory/host_vars/matrix./vars.yml`) to disable the integrated nginx server: - -```yaml -matrix_nginx_proxy_enabled: false -``` +2) Edit your configuration file (`inventory/host_vars/matrix./vars.yml`) + - to disable the integrated nginx server: + + ```yaml + matrix_nginx_proxy_enabled: false + ``` + - if using an external server on another docker network or host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other docker network or host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. + + These variables will make Docker expose the ports to the local network instead of localhost only. + [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) + + Here are the variables required for the default configuration (Synapse and Element) + ``` + matrix_synapse_container_client_api_host_bind_port: '8008' + matrix_synapse_container_federation_api_plain_host_bind_port: '8048' + matrix_client_element_container_http_host_bind_port: "8765" + ``` 3) **If you'll manage SSL certificates by yourself**, edit your configuration file (`inventory/host_vars/matrix./vars.yml`) to disable SSL certificate retrieval: @@ -41,7 +53,6 @@ matrix_ssl_retrieval_method: none **Note**: During [installation](installing.md), unless you've disabled SSL certificate management (`matrix_ssl_retrieval_method: none`), the playbook would need 80 to be available, in order to retrieve SSL certificates. **Please manually stop your other webserver while installing**. You can start it back up afterwards. - ### Using your own external nginx webserver Once you've followed the [Preparation](#preparation) guide above, it's time to set up your external nginx server. @@ -60,15 +71,6 @@ matrix_nginx_proxy_ssl_protocols: "TLSv1.2" If you are experiencing issues, try updating to a newer version of Nginx. As a data point in May 2021 a user reported that Nginx 1.14.2 was not working for them. They were getting errors about socket leaks. Updating to Nginx 1.19 fixed their issue. -If you are not going to be running your webserver on the same docker network, or the same machine as matrix, these variables can be set to bind synapse to an exposed port. [Keep in mind that there are some security concerns if you simply proxy everything to it](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) -```yaml -# Takes an ":" or "" value (e.g. "127.0.0.1:8048" or "192.168.1.3:80"), or empty string to not expose. -matrix_synapse_container_client_api_host_bind_port: '' -matrix_synapse_container_federation_api_plain_host_bind_port: '' -``` - - - ### Using your own external Apache webserver Once you've followed the [Preparation](#preparation) guide above, you can take a look at the [examples/apache](../examples/apache) directory for a sample configuration. From 527184097131b22ef913cc031355d3e5ace8fd0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Mon, 10 Oct 2022 16:43:42 -0400 Subject: [PATCH 179/349] caddy2 Caddyfile : add CORS handling, update click-jacking protection to handle different subdomains and add example for cases with other well-knowns --- examples/caddy2/Caddyfile | 45 ++++++++++++++++++++++++++++++++++----- 1 file changed, 40 insertions(+), 5 deletions(-) diff --git a/examples/caddy2/Caddyfile b/examples/caddy2/Caddyfile index 162e539e5..a19ce6dd7 100644 --- a/examples/caddy2/Caddyfile +++ b/examples/caddy2/Caddyfile @@ -1,3 +1,15 @@ +(cors) { + @cors_preflight method OPTIONS + + handle @cors_preflight { + header Access-Control-Allow-Origin "{args.0}" + header Access-Control-Allow-Methods "HEAD, GET, POST, PUT, PATCH, DELETE" + header Access-Control-Allow-Headers "Content-Type, Authorization" + header Access-Control-Max-Age "3600" + } +} + + matrix.DOMAIN.tld { # creates letsencrypt certificate @@ -81,6 +93,13 @@ matrix.DOMAIN.tld { header Access-Control-Allow-Origin * file_server } + + # If you have other well-knowns already handled by your base domain, you can replace the above block by this one, along with the replacement suggested in the base domain + #handle @wellknown { + # # .well-known is handled by base domain + # reverse_proxy https://DOMAIN.tld { + # header_up Host {http.reverse_proxy.upstream.hostport} + #} handle { encode zstd gzip @@ -114,6 +133,8 @@ element.DOMAIN.tld { # creates letsencrypt certificate # tls your@email.com + import cors https://*.DOMAIN.tld + header { # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -123,6 +144,8 @@ element.DOMAIN.tld { X-Content-Type-Options "nosniff" # Disallow the site to be rendered within a frame (clickjacking protection) X-Frame-Options "DENY" + # If using integrations that add frames to Element, such as Dimension and its integrations running on the same domain, it can be a good idea to limit sources allowed to be rendered + # Content-Security-Policy frame-src https://*.DOMAIN.tld # X-Robots-Tag X-Robots-Tag "noindex, noarchive, nofollow" } @@ -144,6 +167,8 @@ element.DOMAIN.tld { # # creates letsencrypt certificate # # tls your@email.com # +# import cors https://*.DOMAIN.tld +# # header { # # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS # Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -151,8 +176,8 @@ element.DOMAIN.tld { # X-XSS-Protection "1; mode=block" # # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type # X-Content-Type-Options "nosniff" -# # Disallow the site to be rendered within a frame (clickjacking protection) -# X-Frame-Options "DENY" +# # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain (clickjacking protection) +# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # X-Robots-Tag # X-Robots-Tag "noindex, noarchive, nofollow" # } @@ -176,6 +201,8 @@ element.DOMAIN.tld { # creates letsencrypt certificate # tls your@email.com # +# import cors https://*.DOMAIN.tld +# # header { # # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS # Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -185,9 +212,9 @@ element.DOMAIN.tld { # # # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type # X-Content-Type-Options "nosniff" -# -# # Disallow the site to be rendered within a frame (clickjacking protection) -# X-Frame-Options "SAMEORIGIN" + +# # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain +# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # # Disable some features # Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope #'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'" @@ -225,6 +252,14 @@ element.DOMAIN.tld { # header_up Host {http.reverse_proxy.upstream.hostport} # } # } +# # If you have other well-knowns already handled by your base domain, you can replace the above block by this one, along with the replacement suggested in the matrix subdomain +# # handle /.well-known/* { +# # encode zstd gzip +# # header Cache-Control max-age=14400 +# # header Content-Type application/json +# # header Access-Control-Allow-Origin * +# #} +# # # Configration for the base domain goes here # # handle { # # header -Server From a47ce70cd26a83148785d112e8b647377fe50300 Mon Sep 17 00:00:00 2001 From: Jim Myhrberg Date: Tue, 11 Oct 2022 00:43:22 +0100 Subject: [PATCH 180/349] fix(goofys): fix synapse systemd unit file to correctly require goofys On Debian 10 (buster) at least, while the Synapse systemd service unit was referring to Goofys as "matrix-goofys" without a ".service" suffix, systemd was ignoring the goofys dependency, starting Synapse before Goofys. All other dependant units which work are using the ".service" suffix. This generally leads to the mount path goofys using having been populated by Synapse before Goofys starts, causing it to fail due to the mount target not being empty. The fix seems to be to ensure that the Synapse service unit refers to Goofys as "matrix-goofys.service". This change causes the following two lines in "/etc/systemd/system/matrix-synapse.service": Requires=matrix-goofys After=matrix-goofys To be changed to: Requires=matrix-goofys.service After=matrix-goofys.service --- group_vars/matrix_servers | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index cfccd3876..b055245bc 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2364,7 +2364,7 @@ matrix_synapse_systemd_required_services_list: | + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + - (['matrix-goofys'] if matrix_s3_media_store_enabled else []) + (['matrix-goofys.service'] if matrix_s3_media_store_enabled else []) }} matrix_synapse_systemd_wanted_services_list: | @@ -2650,7 +2650,7 @@ matrix_dendrite_systemd_required_services_list: | + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + - (['matrix-goofys'] if matrix_s3_media_store_enabled else []) + (['matrix-goofys.service'] if matrix_s3_media_store_enabled else []) }} matrix_dendrite_systemd_wanted_services_list: | From 9412140477902e9aff7177c9a039527ba40c4c8d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 06:00:49 +0000 Subject: [PATCH 181/349] Enable hookshot feeds by default as per documentation: "Services that need no further configuration are enabled by default" and feeds service doesn't require it --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index b9b308660..0854edbf5 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -128,7 +128,7 @@ matrix_hookshot_generic_allow_js_transformation_functions: false matrix_hookshot_generic_user_id_prefix: '_webhooks_' -matrix_hookshot_feeds_enabled: false +matrix_hookshot_feeds_enabled: true # polling interval in seconds matrix_hookshot_feeds_interval: 600 From 5ff03c0b15eb16e5e3a7f016925f6df78f36e1c6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 06:04:18 +0000 Subject: [PATCH 182/349] Change hookshot logging level to warn all other bridges use that level --- roles/matrix-bridge-hookshot/templates/config.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2 index 6fbce7709..5cd11a874 100644 --- a/roles/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2 @@ -108,7 +108,7 @@ metrics: logging: # (Optional) Logging settings. You can have a severity debug,info,warn,error # - level: info + level: warn {% if matrix_hookshot_widgets_enabled %} widgets: # (Optional) EXPERIMENTAL support for complimentary widgets From da041bc60c67f674ac9f748e528ee3d42ebafb28 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 11 Oct 2022 09:38:11 +0300 Subject: [PATCH 183/349] Upgrade mautrix-instagram (0.2.1 -> latest) We don't like updating to untagged releases, but.. 0.2.1 has some regression and upstream is not releasing 0.2.2 or 0.3.0 just yet, so we either need to downgrade to 0.2.0 or go `latest`. We can hopefully switch back to a tagged release soon. Related to https://github.com/mautrix/instagram/issues/56 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index b739a4a37..7305d0fbf 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: v0.2.1 +matrix_mautrix_instagram_version: latest # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From 8311c59a8fa3a9b13b9076d0d6fbaefff66e74be Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 11 Oct 2022 10:43:01 +0300 Subject: [PATCH 184/349] Add Usage section to Hookshot docs --- docs/configuring-playbook-bridge-hookshot.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 3e8a54a20..51d7a335f 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -8,6 +8,7 @@ See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/l Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot. + ## Setup Instructions Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/latest/setup.html) to learn what the individual options do. @@ -16,10 +17,25 @@ Refer to the [official instructions](https://matrix-org.github.io/matrix-hooksho 2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). 3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. -5. Refer to [Hookshot's official instructions](https://matrix-org.github.io/matrix-hookshot/latest/usage.html) to start using the bridge. **Important:** Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](urls-for-bridges-setup) below. Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. + +## Usage + +Create a room and invite the Hookshot bot (`@hookshot:DOMAIN`) to it. + +Make sure the bot is able to send state events (usually the Moderator power level in clients). + +Send a `!hookshot help` message to see a list of help commands. + +Refer to [Hookshot's documentation](https://matrix-org.github.io/matrix-hookshot/latest/usage.html) for more details about using the brige's various features. + +**Important:** Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](#urls-for-bridges-setup) below. + + +## More setup documentation + ### URLs for bridges setup Unless indicated otherwise, the following endpoints are reachable on your `matrix.` subdomain (if the feature is enabled). From 21bed90e13c46b6ed5fb3f0945bf9435e76ede90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Tue, 11 Oct 2022 07:26:29 -0400 Subject: [PATCH 185/349] remove mention of other docker host in external webserver documentation (binding ports section) --- docs/configuring-playbook-own-webserver.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index ecae105bc..50d9d1da7 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -33,16 +33,16 @@ No matter which external webserver you decide to go with, you'll need to: ```yaml matrix_nginx_proxy_enabled: false ``` - - if using an external server on another docker network or host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other docker network or host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. + - if using an external server on another host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. These variables will make Docker expose the ports to the local network instead of localhost only. [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) Here are the variables required for the default configuration (Synapse and Element) ``` - matrix_synapse_container_client_api_host_bind_port: '8008' - matrix_synapse_container_federation_api_plain_host_bind_port: '8048' - matrix_client_element_container_http_host_bind_port: "8765" + matrix_synapse_container_client_api_host_bind_port: '0.0.0.0:8008' + matrix_synapse_container_federation_api_plain_host_bind_port: '0.0.0.0:8048' + matrix_client_element_container_http_host_bind_port: "0.0.0.0:8765" ``` 3) **If you'll manage SSL certificates by yourself**, edit your configuration file (`inventory/host_vars/matrix./vars.yml`) to disable SSL certificate retrieval: From a061ea54b3e302e1582daa442690ad8d71d6ddc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Tue, 11 Oct 2022 07:32:02 -0400 Subject: [PATCH 186/349] Caddyfile example : enable Content-Security-Policy by default instead of having the line commented --- examples/caddy2/Caddyfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/caddy2/Caddyfile b/examples/caddy2/Caddyfile index a19ce6dd7..43005ca41 100644 --- a/examples/caddy2/Caddyfile +++ b/examples/caddy2/Caddyfile @@ -177,7 +177,7 @@ element.DOMAIN.tld { # # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type # X-Content-Type-Options "nosniff" # # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain (clickjacking protection) -# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld +# Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # X-Robots-Tag # X-Robots-Tag "noindex, noarchive, nofollow" # } @@ -214,7 +214,7 @@ element.DOMAIN.tld { # X-Content-Type-Options "nosniff" # # Only allow same base domain to render this website in a frame; Can be removed if the client (Element for example) is hosted on another domain -# # Content-Security-Policy frame-ancestors https://*.DOMAIN.tld +# Content-Security-Policy frame-ancestors https://*.DOMAIN.tld # # # Disable some features # Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope #'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'" From 19f1c8ea5ee3ffbd520cc6c54fc45957bea8b0e5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 14:29:52 +0000 Subject: [PATCH 187/349] Update element 1.11.8 -> 1.11.9 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index e4b6315b0..acdaec83c 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.8 +matrix_client_element_version: v1.11.9 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From fe8f91a9dac67e6b48a8704e7010768575eed1ab Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 14:30:55 +0000 Subject: [PATCH 188/349] Update postmoogle 0.9.5 -> 0.9.6 * show recipient's email (header `TO`) * add `norecipient` option * add anti-spam options (`spamcheck:` and `spamlist:`) * fix bugs --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 949f0913c..8e76998eb 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.5 +matrix_bot_postmoogle_version: v0.9.6 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 3c669761cec4ffd6e7811776934c8927890d1180 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 18:31:46 +0000 Subject: [PATCH 189/349] Update element 1.11.9 -> 1.11.10 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index acdaec83c..c8e476a19 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.9 +matrix_client_element_version: v1.11.10 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 43b1be9a3c121764c9c48eb7a3542aaee7e0f469 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 11 Oct 2022 18:57:52 +0000 Subject: [PATCH 190/349] Update grafana 9.1.7 -> 9.2.0 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 2b139cd47..677435e82 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.1.7 +matrix_grafana_version: 9.2.0 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 7c7b9d119f73a42222f089548e4a97be959ca5fe Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 12 Oct 2022 10:57:25 +0000 Subject: [PATCH 191/349] Update postmoogle 0.9.6 -> 0.9.7 * fix room account data retrieving --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 8e76998eb..1bcd570a5 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.6 +matrix_bot_postmoogle_version: v0.9.7 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 35e80b708781e7db6c04a778ce0892c7db225605 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Darveau?= Date: Wed, 12 Oct 2022 09:15:03 -0400 Subject: [PATCH 192/349] Update docs/configuring-playbook-own-webserver.md Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-own-webserver.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 50d9d1da7..87201e3e9 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -35,7 +35,7 @@ No matter which external webserver you decide to go with, you'll need to: ``` - if using an external server on another host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. - These variables will make Docker expose the ports to the local network instead of localhost only. + These variables will make Docker expose the ports on all network interfaces instead of localhost only. [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) Here are the variables required for the default configuration (Synapse and Element) From 337016da28e2cb18c4cf3624a47c2faec4fed272 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 09:27:46 +0300 Subject: [PATCH 193/349] Improve S3 docs a bit Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1869 --- docs/configuring-playbook-s3.md | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index 9132ff718..43aaa8792 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -13,7 +13,7 @@ If you'd like to move your locally-stored media store data to Amazon S3 (or anot ## Amazon S3 -You'll need an Amazon S3 bucket and some IAM user credentials (access key + secret key) with full write access to the bucket. Example security policy: +You'll need an Amazon S3 bucket and some IAM user credentials (access key + secret key) with full write access to the bucket. Example IAM security policy: ```json { @@ -34,6 +34,8 @@ You'll need an Amazon S3 bucket and some IAM user credentials (access key + secr } ``` +**NOTE**: This policy needs to be attached to an IAM user creted from the **Security Credentials** menu. This is not a **Bucket Policy**. + You then need to enable S3 support in your configuration file (`inventory/host_vars/matrix./vars.yml`). It would be something like this: @@ -91,8 +93,13 @@ It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-d Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: -- [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) -- [Migrating to Backblaze B2](#migrating-to-backblaze-b2) +- [Storing Matrix media files on Amazon S3 (optional)](#storing-matrix-media-files-on-amazon-s3-optional) + - [Amazon S3](#amazon-s3) + - [Using other S3-compatible object stores](#using-other-s3-compatible-object-stores) + - [Backblaze B2](#backblaze-b2) + - [Migrating from local filesystem storage to S3](#migrating-from-local-filesystem-storage-to-s3) + - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) + - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) ### Migrating to any S3-compatible storage (universal, but likely slow) From 62215a87fed6cbeffdb124261209df00f82ba1a5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 16:25:57 +0300 Subject: [PATCH 194/349] Upgrade Postgres minor versions (14.4 -> 14.5, 13.7 -> 13.8, etc.) --- roles/matrix-postgres/defaults/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 117611a34..de28d7ada 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -24,11 +24,11 @@ matrix_postgres_architecture: amd64 matrix_postgres_docker_image_suffix: "{{ '-alpine' if matrix_postgres_architecture in ['amd64', 'arm64'] else '' }}" matrix_postgres_docker_image_v9: "{{ matrix_container_global_registry_prefix }}postgres:9.6.24{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.21{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.16{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.11{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.7{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.4{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.22{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.17{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.12{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.8{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.5{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v14 }}" # This variable is assigned at runtime. Overriding its value has no effect. From 0da068c7e61a35c2fdb226fe95df4f06b6527953 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 16:28:47 +0300 Subject: [PATCH 195/349] Add support for configuring Synapse's media_storage_providers In the future, we'll also inject media storage providers that we support into the `matrix_synapse_media_storage_providers_auto` list. --- roles/matrix-synapse/defaults/main.yml | 20 +++++++++++++++++++ .../templates/synapse/homeserver.yaml.j2 | 1 + 2 files changed, 21 insertions(+) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4c5fc09e8..d117eaafa 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -798,6 +798,26 @@ matrix_synapse_spam_checker: [] # Certain Synapse extensions that you can enable below auto-inject themselves into `matrix_synapse_modules` at runtime. matrix_synapse_modules: [] +# matrix_synapse_media_storage_providers contains the Synapse `media_storage_providers` configuration setting. +# To add your own custom `media_storage_providers`, use `matrix_synapse_media_storage_providers_custom`. +matrix_synapse_media_storage_providers: "{{ matrix_synapse_media_storage_providers_auto + matrix_synapse_media_storage_providers_custom }}" + +# matrix_synapse_media_storage_providers_auto contains a list of storage providers that are added by the playbook based on other configuration +matrix_synapse_media_storage_providers_auto: | + {{ + [] + }} + +# matrix_synapse_media_storage_providers_custom contains your own custom list of storage providers. +# You're meant to define each custom module as valid keys and values, not as a YAML string that needs to be parsed. +# +# Example: +# matrix_synapse_media_storage_providers_custom: +# - module: module.SomeModule +# store_local: True +# # ... +matrix_synapse_media_storage_providers_custom: [] + matrix_synapse_encryption_enabled_by_default_for_room_type: "off" matrix_synapse_trusted_key_servers: diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index ae71b7aec..9b02346cf 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1029,6 +1029,7 @@ media_store_path: "/matrix-media-store-parent/{{ matrix_synapse_media_store_dire # store_synchronous: false # config: # directory: /mnt/some/other/directory +media_storage_providers: {{ matrix_synapse_media_storage_providers | to_json }} # The largest allowed upload size in bytes # From 881fdd28f0bf2e10635ac7a6c3941fa8636cdbff Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 16:33:19 +0300 Subject: [PATCH 196/349] Add support for Synapse container image customization This allows people to augment the Synapse image with custom tools and addons without having to rebuild it from scratch. If customizations are enabled, the playbook will build a new `localhost/matrixdotorg/synapse:VERSION-customized` image on top of the default one (`FROM matrixdotorg/synapse:VERSION`) and with custom Dockerfile build steps. For servers that self-build the Synapse image, the Synapse image will be built first, before proceding to extend it the same way. In the future, we'll also have easy to enable Dockerfile build steps for modules that the playbook supports. --- .../tasks/import_synapse_sqlite_db.yml | 2 +- roles/matrix-synapse/defaults/main.yml | 33 +++++++++++++++++++ roles/matrix-synapse/tasks/setup_synapse.yml | 1 + .../tasks/synapse/setup_install.yml | 19 +++++++++++ .../tasks/synapse/setup_uninstall.yml | 5 ++- .../synapse/customizations/Dockerfile.j2 | 3 ++ .../systemd/matrix-synapse-worker.service.j2 | 2 +- .../synapse/systemd/matrix-synapse.service.j2 | 2 +- 8 files changed, 63 insertions(+), 4 deletions(-) create mode 100644 roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 diff --git a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml b/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml index a459b6e1d..b885ea975 100644 --- a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml @@ -83,7 +83,7 @@ --mount type=bind,src={{ matrix_synapse_config_dir_path }},dst=/data --mount type=bind,src={{ matrix_synapse_config_dir_path }},dst=/matrix-media-store-parent/media-store --mount type=bind,src={{ server_path_homeserver_db }},dst=/{{ server_path_homeserver_db | basename }} - {{ matrix_synapse_docker_image }} + {{ matrix_synapse_docker_image_final }} /usr/local/bin/synapse_port_db --sqlite-database /{{ server_path_homeserver_db | basename }} --postgres-config /data/homeserver.yaml register: matrix_postgres_import_synapse_sqlite_db_result changed_when: matrix_postgres_import_synapse_sqlite_db_result.rc == 0 diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index d117eaafa..40e05be72 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -7,14 +7,47 @@ matrix_synapse_enabled: true matrix_synapse_container_image_self_build: false matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/synapse.git" +# matrix_synapse_container_image_customizations_enabled controls whether a customized Synapse image will be built. +# +# We toggle this variable to `true` when certain features which require a custom build are enabled. +# Feel free to toggle this to `true` yourself and specify build steps in `matrix_synapse_container_image_customizations_dockerfile_body_custom`. +# +# See: +# - `roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2` +# - `matrix_synapse_container_image_customizations_dockerfile_body_custom` +# - `matrix_synapse_docker_image_customized` +# - `matrix_synapse_docker_image_final` +matrix_synapse_container_image_customizations_enabled: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}" + +# matrix_synapse_container_image_customizations_dockerfile_body contains your custom Dockerfile steps +# for building your customized Synapse image based on the original (upstream) image (`matrix_synapse_docker_image`). +# A `FROM ...` clause is included automatically so you don't have to. +# +# Example: +# matrix_synapse_container_image_customizations_dockerfile_body_custom: | +# RUN echo 'This is a custom step for building the customized Docker image for Synapse.' +# RUN echo 'You can override matrix_synapse_container_image_customizations_dockerfile_body_custom to add your own steps.' +# RUN echo 'Note that matrix_synapse_container_image_customizations_dockerfile_body_auto injects steps before this.' +# RUN echo 'You do NOT need to include a FROM clause yourself.' +matrix_synapse_container_image_customizations_dockerfile_body_custom: '' + matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_synapse_version: v1.68.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" +# matrix_synapse_docker_image_customized is the name of the locally built Synapse image +# which adds various customizations on top of the original (upstream) Synapse image. +# This image will be based on the upstream `matrix_synapse_docker_image` image, only if `matrix_synapse_container_image_customizations_enabled: true`. +matrix_synapse_docker_image_customized: "localhost/matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}-customized" + +# matrix_synapse_docker_image_final holds the name of the Synapse image to run depending on whether or not customizations are enabled. +matrix_synapse_docker_image_final: "{{ matrix_synapse_docker_image_customized if matrix_synapse_container_image_customizations_enabled else matrix_synapse_docker_image }} " + matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_docker_src_files_path: "{{ matrix_synapse_base_path }}/docker-src" +matrix_synapse_customized_docker_src_files_path: "{{ matrix_synapse_base_path }}/customized-docker-src" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage" matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store" diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index d4e6ae95a..7b887f30f 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -11,6 +11,7 @@ - {path: "{{ matrix_synapse_config_dir_path }}", when: true} - {path: "{{ matrix_synapse_ext_path }}", when: true} - {path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}"} + - {path: "{{ matrix_synapse_customized_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_customizations_enabled }}"} # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index aea03f059..4d0e749f9 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -62,6 +62,25 @@ delay: "{{ matrix_container_retries_delay }}" until: result is not failed +- when: "matrix_synapse_container_image_customizations_enabled | bool" + block: + - name: Ensure customizations Dockerfile is created + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/customizations/Dockerfile.j2" + dest: "{{ matrix_synapse_customized_docker_src_files_path }}/Dockerfile" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + + - name: Ensure customized Docker image for Synapse is built + docker_image: + name: "{{ matrix_synapse_docker_image_customized }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_synapse_customized_docker_src_files_path }}" + pull: true + - name: Check if a Synapse signing key exists ansible.builtin.stat: path: "{{ matrix_synapse_config_dir_path }}/{{ matrix_server_fqn_matrix }}.signing.key" diff --git a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml index 17b1b8c45..06e550145 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml @@ -27,8 +27,11 @@ - name: Ensure Synapse Docker image doesn't exist docker_image: - name: "{{ matrix_synapse_docker_image }}" + name: "{{ item }}" state: absent + with_items: + - "{{ matrix_synapse_docker_image_final }}" + - "{{ matrix_synapse_docker_image }}" - name: Ensure sample prometheus.yml for external scraping is deleted ansible.builtin.file: diff --git a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 new file mode 100644 index 000000000..7cce2086d --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 @@ -0,0 +1,3 @@ +FROM {{ matrix_synapse_docker_image }} + +{{ matrix_synapse_container_image_customizations_dockerfile_body_custom }} diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 96b65a0ae..3855b850c 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -42,7 +42,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} - {{ matrix_synapse_docker_image }} \ + {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index eed50ad1e..f41cc54c8 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -60,7 +60,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} - {{ matrix_synapse_docker_image }} \ + {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.homeserver -c /data/homeserver.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' From ac7cb3619dfe522af280875566e859007f7a0374 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 17:41:41 +0300 Subject: [PATCH 197/349] Add support for synapse-s3-storage-provider --- docs/configuring-playbook-s3-goofys.md | 137 +++++++++++++ docs/configuring-playbook-s3.md | 193 +++++------------- ...ng-playbook-synapse-s3-storage-provider.md | 104 ++++++++++ roles/matrix-synapse/defaults/main.yml | 35 ++++ .../tasks/ext/s3-storage-provider/init.yml | 5 + .../tasks/ext/s3-storage-provider/setup.yml | 10 + .../ext/s3-storage-provider/setup_install.yml | 54 +++++ .../s3-storage-provider/setup_uninstall.yml | 24 +++ .../s3-storage-provider/validate_config.yml | 18 ++ roles/matrix-synapse/tasks/ext/setup.yml | 2 + roles/matrix-synapse/tasks/init.yml | 3 + roles/matrix-synapse/tasks/setup_synapse.yml | 1 + .../synapse/customizations/Dockerfile.j2 | 4 + .../ext/s3-storage-provider/database.yaml.j2 | 5 + .../synapse/ext/s3-storage-provider/env.j2 | 16 ++ .../media_storage_provider.yaml.j2 | 14 ++ ...pse-s3-storage-provider-migrate.service.j2 | 7 + ...napse-s3-storage-provider-migrate.timer.j2 | 10 + ...rix-synapse-s3-storage-provider-migrate.j2 | 13 ++ ...atrix-synapse-s3-storage-provider-shell.j2 | 13 ++ 20 files changed, 528 insertions(+), 140 deletions(-) create mode 100644 docs/configuring-playbook-s3-goofys.md create mode 100644 docs/configuring-playbook-synapse-s3-storage-provider.md create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml create mode 100644 roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 create mode 100644 roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md new file mode 100644 index 000000000..2efacddcc --- /dev/null +++ b/docs/configuring-playbook-s3-goofys.md @@ -0,0 +1,137 @@ +# Storing Matrix media files on Amazon S3 with Goofys (optional) + +If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), +you can let this playbook configure [Goofys](https://github.com/kahing/goofys) for you. + +Another (and better performing) way to use S3 storage with Synapse is [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md). + +Using a Goofys-backed media store works, but performance may not be ideal. If possible, try to use a region which is close to your Matrix server. + +If you'd like to move your locally-stored media store data to Amazon S3 (or another S3-compatible object store), we also provide some migration instructions below. + + +## Usage + +After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), you can proceed to configure Goofys in your configuration file (`inventory/host_vars/matrix./vars.yml`): + +```yaml +matrix_s3_media_store_enabled: true +matrix_s3_media_store_bucket_name: "your-bucket-name" +matrix_s3_media_store_aws_access_key: "access-key-goes-here" +matrix_s3_media_store_aws_secret_key: "secret-key-goes-here" +matrix_s3_media_store_region: "eu-central-1" +``` + +You can use any S3-compatible object store by **additionally** configuring these variables: + +```yaml +matrix_s3_media_store_custom_endpoint_enabled: true +matrix_s3_media_store_custom_endpoint: "https://your-custom-endpoint" +``` + +If you have local media store files and wish to migrate to Backblaze B2 subsequently, follow our [migration guide to Backblaze B2](#migrating-to-backblaze-b2) below instead of applying this configuration as-is. + + +## Migrating from local filesystem storage to S3 + +It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before migrating your local media store to an S3-backed one. + +Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: + +- [Storing Matrix media files on Amazon S3 with Goofys (optional)](#storing-matrix-media-files-on-amazon-s3-with-goofys-optional) + - [Usage](#usage) + - [Migrating from local filesystem storage to S3](#migrating-from-local-filesystem-storage-to-s3) + - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) + - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) + +### Migrating to any S3-compatible storage (universal, but likely slow) + +It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. + +1. Proceed with the steps below without stopping Matrix services + +2. Start by adding the base S3 configuration in your `vars.yml` file (seen above, may be different depending on the S3 provider of your choice) + +3. In addition to the base configuration you see above, add this to your `vars.yml` file: + +```yaml +matrix_s3_media_store_path: /matrix/s3-media-store +``` + +This enables S3 support, but mounts the S3 storage bucket to `/matrix/s3-media-store` without hooking it to your homeserver yet. Your homeserver will still continue using your local filesystem for its media store. + +5. Run the playbook to apply the changes: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +6. Do an **initial sync of your files** by running this **on the server** (it may take a very long time): + +```sh +sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/storage/media-store/. /matrix/s3-media-store/. +``` + +You may need to install `rsync` manually. + +7. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) + +8. Start the S3 service by running this **on the server**: `systemctl start matrix-goofys` + +9. Sync the files again by re-running the `rsync` command you see in step #6 + +10. Stop the S3 service by running this **on the server**: `systemctl stop matrix-goofys` + +11. Get the old media store out of the way by running this command on the server: + +```sh +mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup +``` + +12. Remove the `matrix_s3_media_store_path` configuration from your `vars.yml` file (undoing step #3 above) + +13. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +14. You're done! Verify that loading existing (old) media files works and that you can upload new ones. + +15. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` + + +### Migrating to Backblaze B2 + +It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. + +1. While all Matrix services are running, run the following command on the server: + +(you need to adjust the 3 `--env` line below with your own data) + +```sh +docker run -it --rm -w /work \ +--env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ +--env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ +--env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ +-v /matrix/synapse/storage/media-store/:/work \ +--entrypoint=/bin/sh \ +docker.io/tianon/backblaze-b2:2.1.0 \ +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work/ b2://$B2_BUCKET_NAME' +``` + +This is some initial file sync, which may take a very long time. + +2. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) + +3. Run the command from step #1 again. + +Doing this will sync any new files that may have been created locally in the meantime. + +Now that Matrix services aren't running, we're sure to get Backblaze B2 and your local media store fully in sync. + +4. Get the old media store out of the way by running this command on the server: + +```sh +mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup +``` + +5. Put the [Backblaze B2 settings seen above](#backblaze-b2) in your `vars.yml` file + +6. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` + +7. You're done! Verify that loading existing (old) media files works and that you can upload new ones. + +8. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` diff --git a/docs/configuring-playbook-s3.md b/docs/configuring-playbook-s3.md index 43aaa8792..539f96d32 100644 --- a/docs/configuring-playbook-s3.md +++ b/docs/configuring-playbook-s3.md @@ -1,15 +1,44 @@ -# Storing Matrix media files on Amazon S3 (optional) +# Storing Synapse media files on Amazon S3 or another compatible Object Storage (optional) By default, this playbook configures your server to store Synapse's content repository (`media_store`) files on the local filesystem. If that's alright, you can skip this. -If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), -you can let this playbook configure [Goofys](https://github.com/kahing/goofys) for you. +As an alternative to storing media files on the local filesystem, you can store them on [Amazon S3](https://aws.amazon.com/s3/) or another S3-compatible object store. -Using a Goofys-backed media store works, but performance may not be ideal. If possible, try to use a region which is close to your Matrix server. +First, [choose an Object Storage provider](#choosing-an-object-storage-provider). -If you'd like to move your locally-stored media store data to Amazon S3 (or another S3-compatible object store), we also provide some migration instructions below. +Then, [create the S3 bucket](#bucket-creation-and-security-configuration). +Finally, [set up S3 storage for Synapse](#setting-up) (with [Goofys](configuring-playbook-s3-goofys.md) or [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md)). + + +## Choosing an Object Storage provider + +You can create [Amazon S3](https://aws.amazon.com/s3/) or another S3-compatible object store like [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html), [Wasabi](https://wasabi.com), [Digital Ocean Spaces](https://www.digitalocean.com/products/spaces), etc. + +Amazon S3 and Backblaze S3 are pay-as-you with no minimum charges for storing too little data. + +All these providers have different prices, with Backblaze B2 appearing to be the cheapest. + +Wasabi has a minimum charge of 1TB if you're storing less than 1TB, which becomes expensive if you need to store less data than that. + +Digital Ocean Spaces has a minimum charge of 250GB ($5/month as of 2022-10), which is also expensive if you're storing less data than that. + +Important aspects of choosing the right provider are: + +- a provider by a company you like and trust (or dislike less than the others) +- a provider which has a data region close to your Matrix server (if it's farther away, high latency may cause slowdowns) +- a provider which is OK pricewise +- a provider with free or cheap egress (if you need to get the data out often, for some reason) - likely not too important for the common use-case + + +## Bucket creation and Security Configuration + +Now that you've [chosen an Object Storage provider](#choosing-an-object-storage-provider), you need to create a storage bucket. + +How you do this varies from provider to provider, with Amazon S3 being the most complicated due to its vast number of services and complicated security policies. + +Below, we provider some guides for common providers. If you don't see yours, look at the others for inspiration or read some guides online about how to create a bucket. Feel free to contribute to this documentation with an update! ## Amazon S3 @@ -34,161 +63,45 @@ You'll need an Amazon S3 bucket and some IAM user credentials (access key + secr } ``` -**NOTE**: This policy needs to be attached to an IAM user creted from the **Security Credentials** menu. This is not a **Bucket Policy**. - -You then need to enable S3 support in your configuration file (`inventory/host_vars/matrix./vars.yml`). -It would be something like this: - -```yaml -matrix_s3_media_store_enabled: true -matrix_s3_media_store_bucket_name: "your-bucket-name" -matrix_s3_media_store_aws_access_key: "access-key-goes-here" -matrix_s3_media_store_aws_secret_key: "secret-key-goes-here" -matrix_s3_media_store_region: "eu-central-1" -``` - +**NOTE**: This policy needs to be attached to an IAM user created from the **Security Credentials** menu. This is not a **Bucket Policy**. -## Using other S3-compatible object stores -You can use any S3-compatible object store by **additionally** configuring these variables: +## Backblaze B2 -```yaml -matrix_s3_media_store_custom_endpoint_enabled: true -# Example: "https://storage.googleapis.com" -matrix_s3_media_store_custom_endpoint: "your-custom-endpoint" -``` +To use [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html) you first need to sign up. -### Backblaze B2 +You [can't easily change which region (US, Europe) your Backblaze account stores files in](https://old.reddit.com/r/backblaze/comments/hi1v90/make_the_choice_for_the_b2_data_center_region/), so make sure to carefully choose the region when signing up (hint: it's a hard to see dropdown below the username/password fields in the signup form). -To use [Backblaze B2](https://www.backblaze.com/b2/cloud-storage.html): +After logging in to Backblaze: - create a new **private** bucket through its user interface (you can call it something like `matrix-DOMAIN-media-store`) -- note the **Endpoint** for your bucket (something like `s3.us-west-002.backblazeb2.com`) -- adjust its lifecycle rules to use the following **custom** rules: - - File Path: *empty value* - - Days Till Hide: *empty value* - - Days Till Delete: `1` +- note the **Endpoint** for your bucket (something like `s3.us-west-002.backblazeb2.com`). +- adjust its Lifecycle Rules to: Keep only the last version of the file - go to [App Keys](https://secure.backblaze.com/app_keys.htm) and use the **Add a New Application Key** to create a new one - restrict it to the previously created bucket (e.g. `matrix-DOMAIN-media-store`) - give it *Read & Write* access -Copy the `keyID` and `applicationKey`. - -You need the following *additional* playbook configuration (on top of what you see above): - -```yaml -matrix_s3_media_store_bucket_name: "YOUR_BUCKET_NAME_GOES_HERE" -matrix_s3_media_store_aws_access_key: "YOUR_keyID_GOES_HERE" -matrix_s3_media_store_aws_secret_key: "YOUR_applicationKey_GOES_HERE" -matrix_s3_media_store_custom_endpoint_enabled: true -matrix_s3_media_store_custom_endpoint: "https://s3.us-west-002.backblazeb2.com" # this may be different for your bucket -``` - -If you have local media store files and wish to migrate to Backblaze B2 subsequently, follow our [migration guide to Backblaze B2](#migrating-to-backblaze-b2) below instead of applying this configuration as-is. +The `keyID` value is your **Access Key** and `applicationKey` is your **Secret Key**. +For configuring [Goofys](configuring-playbook-s3-goofys.md) or [s3-synapse-storage-provider](configuring-playbook-synapse-s3-storage-provider.md) you will need: -## Migrating from local filesystem storage to S3 +- **Endpoint URL** - this is the **Endpoint** value you saw above, but prefixed with `https://` -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before migrating your local media store to an S3-backed one. +- **Region** - use the value you see in the Endpoint (e.g. `us-west-002`) -Follow one of the guides below for a migration path from a locally-stored media store to one stored on S3-compatible storage: +- **Storage Class** - use `STANDARD`. Backblaze B2 does not have different storage classes, so it doesn't make sense to use any other value. -- [Storing Matrix media files on Amazon S3 (optional)](#storing-matrix-media-files-on-amazon-s3-optional) - - [Amazon S3](#amazon-s3) - - [Using other S3-compatible object stores](#using-other-s3-compatible-object-stores) - - [Backblaze B2](#backblaze-b2) - - [Migrating from local filesystem storage to S3](#migrating-from-local-filesystem-storage-to-s3) - - [Migrating to any S3-compatible storage (universal, but likely slow)](#migrating-to-any-s3-compatible-storage-universal-but-likely-slow) - - [Migrating to Backblaze B2](#migrating-to-backblaze-b2) - -### Migrating to any S3-compatible storage (universal, but likely slow) - -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. - -1. Proceed with the steps below without stopping Matrix services - -2. Start by adding the base S3 configuration in your `vars.yml` file (seen above, may be different depending on the S3 provider of your choice) - -3. In addition to the base configuration you see above, add this to your `vars.yml` file: - -```yaml -matrix_s3_media_store_path: /matrix/s3-media-store -``` -This enables S3 support, but mounts the S3 storage bucket to `/matrix/s3-media-store` without hooking it to your homeserver yet. Your homeserver will still continue using your local filesystem for its media store. +## Other providers -5. Run the playbook to apply the changes: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +For other S3-compatible providers, you may not need to configure security policies, etc. (just like for [Backblaze B2](#backblaze-b2)). -6. Do an **initial sync of your files** by running this **on the server** (it may take a very long time): - -```sh -sudo -u matrix -- rsync --size-only --ignore-existing -avr /matrix/synapse/storage/media-store/. /matrix/s3-media-store/. -``` - -You may need to install `rsync` manually. - -7. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) - -8. Start the S3 service by running this **on the server**: `systemctl start matrix-goofys` - -9. Sync the files again by re-running the `rsync` command you see in step #6 - -10. Stop the S3 service by running this **on the server**: `systemctl stop matrix-goofys` - -11. Get the old media store out of the way by running this command on the server: - -```sh -mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup -``` - -12. Remove the `matrix_s3_media_store_path` configuration from your `vars.yml` file (undoing step #3 above) - -13. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - -14. You're done! Verify that loading existing (old) media files works and that you can upload new ones. - -15. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` - - -### Migrating to Backblaze B2 - -It's a good idea to [make a complete server backup](faq.md#how-do-i-backup-the-data-on-my-server) before doing this. - -1. While all Matrix services are running, run the following command on the server: - -(you need to adjust the 3 `--env` line below with your own data) - -```sh -docker run -it --rm -w /work \ ---env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ ---env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ ---env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ --v /matrix/synapse/storage/media-store/:/work \ ---entrypoint=/bin/sh \ -docker.io/tianon/backblaze-b2:2.1.0 \ --c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work/ b2://$B2_BUCKET_NAME' -``` - -This is some initial file sync, which may take a very long time. - -2. Stop all Matrix services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) - -3. Run the command from step #1 again. - -Doing this will sync any new files that may have been created locally in the meantime. - -Now that Matrix services aren't running, we're sure to get Backblaze B2 and your local media store fully in sync. - -4. Get the old media store out of the way by running this command on the server: - -```sh -mv /matrix/synapse/storage/media-store /matrix/synapse/storage/media-store-local-backup -``` +You most likely just need to create an S3 bucket and get some credentials (access key and secret key) for accessing the bucket in a read/write manner. -5. Put the [Backblaze B2 settings seen above](#backblaze-b2) in your `vars.yml` file -6. Run the playbook: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` +## Setting up -7. You're done! Verify that loading existing (old) media files works and that you can upload new ones. +To set up Synapse to store files in S3, follow the instructions for the method of your choice: -8. When confident that it all works, get rid of the local media store directory: `rm -rf /matrix/synapse/storage/media-store-local-backup` +- using [synapse-s3-storage-provider](configuring-playbook-synapse-s3-storage-provider.md) (recommended) +- using [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md new file mode 100644 index 000000000..bc0250f11 --- /dev/null +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -0,0 +1,104 @@ +# Storing Synapse media files on Amazon S3 with synapse-s3-storage-provider (optional) + +If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), +you can use the [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) media provider module for Synapse. + +An alternative (which has worse performance) is to use [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md). + + +## How it works? + +Summarized writings here are inspired by [this article](https://quentin.dufour.io/blog/2021-09-14/matrix-synapse-s3-storage/). + +The way media storage providers in Synapse work has some caveats: + +- Synapse still continues to use locally-stored files (for creating thumbnails, serving files, etc) +- the media storage provider is just an extra storage mechanism (in addition to the local filesystem) +- all files are stored locally at first, and then copied to the media storage provider (either synchronously or asynchronously) +- if a file is not available on the local filesystem, it's pulled from a media storage provider + +You may be thinking **if all files are stored locally as well, what's the point**? + +You can run some scripts to delete the local files once in a while, thus freeing up local disk space. If these files are needed in the future (for serving them to users, etc.), Synapse will pull them from the media storage provider on demand. + +While you will need some local disk space around, it's only to accommodate usage, etc., and won't grow as large as your S3 store. + + +## Installing + +After [creating the S3 bucket and configuring it](configuring-playbook-s3.md#bucket-creation-and-security-configuration), you can proceed to configure Goofys in your configuration file (`inventory/host_vars/matrix./vars.yml`): + +```yaml +matrix_synapse_ext_synapse_s3_storage_provider_enabled: true +matrix_synapse_ext_synapse_s3_storage_provider_config_bucket: your-bucket-name +matrix_synapse_ext_synapse_s3_storage_provider_config_region_name: some-region-name # e.g. eu-central-1 +matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url: https://.. # delete this whole line for Amazon S3 +matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: access-key-goes-here +matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key: secret-key-goes-here +matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD # or STANDARD_IA, etc. + +# For additional advanced settings, take a look at `roles/matrix-synapse/defaults/main.yml` +``` + +If you have existing files in Synapse's media repository (`/matrix/synapse/media-store/..`): + +- new files will start being stored both locally and on the S3 store +- the existing files will remain on the local filesystem only until [migrating them to the S3 store](#migrating-your-existing-media-files-to-the-s3-store) +- at some point (and periodically in the future), you can delete local files which have been uploaded to the S3 store already + + +## Migrating your existing media files to the S3 store + +Migrating your existing data can happen in multiple ways: + +- [using the `s3_media_upload` script from `synapse-s3-storage-provider`](#using-the-s3_media_upload-script-from-synapse-s3-storage-provider) (very slow when dealing with lots of data) +- [using another tool in combination with `s3_media_upload`](#using-another-tool-in-combination-with-s3_media_upload) (quicker when dealing with lots of data) + +### Using the `s3_media_upload` script from `synapse-s3-storage-provider` + +Instead of using `s3_media_upload` directly, which is very slow and painful for an initial data migration, we recommend [using another tool in combination with `s3_media_upload`](#using-another-tool-in-combination-with-s3_media_upload). + +To copy your existing files, SSH into the server and run `/usr/local/bin/matrix-synapse-s3-storage-provider-shell`. + +This launches a Synapse container, which has access to the local media store, Postgres database, S3 store and has some convenient environment variables configured for you to use (`MEDIA_PATH`, `BUCKET`, `ENDPOINT`, `UPDATE_DB_DAYS`, etc). + +Then use the following commands (`$` values come from environment variables - they're **not placeholders** that you need to substitute): + +- `s3_media_upload update-db $UPDATE_DB_DURATION` - create a local SQLite database (`cache.db`) with a list of media repository files (from the `synapse` Postgres database) eligible for operating on + - `$UPDATE_DB_DURATION` is influenced by the `matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count` variable (defaults to `0`) + - `$UPDATE_DB_DURATION` defaults to `0d` (0 days), which means **include files which haven't been accessed for more than 0 days** (that is, **all files will be included**). +- `s3_media_upload check-deleted $MEDIA_PATH` - check whether files in the local cache still exist in the local media repository directory +- `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory + +The `upload` command may take a lot of time to complete. + + +### Using another tool in combination with `s3_media_upload` + +To migrate your existing local data to S3, we recommend to: + +- **first** use another tool ([`aws s3`](#copying-data-to-amazon-s3) or [`b2 sync`](#copying-data-to-backblaze-b2), etc.) to copy the local files to the S3 bucket + +- **only then** [use the `s3_media_upload` tool to finish the migration](#using-the-s3_media_upload-script-from-synapse-s3-storage-provider) (this checks to ensure all files are uploaded and then deletes the local files) + +#### Copying data to Amazon S3 + +Generally, you need to use the `aws s3` tool. + +This documentation section could use an improvement. Ideally, we'd come up with a guide like the one used in [Copying data to Backblaze B2](#copying-data-to-backblaze-b2) - running `aws s3` in a container, etc. + +#### Copying data to Backblaze B2 + +To copy to Backblaze B2, start a container like this: + +```sh +docker run -it --rm \ +-w /work \ +--env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ +--env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ +--env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ +--mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ +--entrypoint=/bin/sh \ +tianon/backblaze-b2:3.6.0 \ +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' +``` diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 40e05be72..383e67ab8 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -19,6 +19,10 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s # - `matrix_synapse_docker_image_final` matrix_synapse_container_image_customizations_enabled: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}" +# Controls whether custom build steps will be added to the Dockerfile for installing s3-storage-provider. +# The version that will be installed is specified in `matrix_synapse_ext_synapse_s3_storage_provider_version`. +matrix_synapse_container_image_customizations_s3_storage_provider_installation_enabled: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}" + # matrix_synapse_container_image_customizations_dockerfile_body contains your custom Dockerfile steps # for building your customized Synapse image based on the original (upstream) image (`matrix_synapse_docker_image`). # A `FROM ...` clause is included automatically so you don't have to. @@ -52,6 +56,7 @@ matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage" matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store" matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext" +matrix_synapse_ext_s3_storage_provider_path: "{{ matrix_synapse_base_path }}/ext/s3-storage-provider" matrix_synapse_container_client_api_port: 8008 @@ -787,6 +792,32 @@ matrix_synapse_ext_encryption_config_yaml: | patch_power_levels: {{ matrix_synapse_ext_encryption_disabler_patch_power_levels | to_json }} +# matrix_synapse_ext_synapse_s3_storage_provider_enabled controls whether to enable https://github.com/matrix-org/synapse-s3-storage-provider +# Installing it requires building a customized Docker image for Synapse (see `matrix_synapse_container_image_customizations_enabled`). +# Enabling this will enable customizations and inject the appropriate Dockerfile clauses for installing synapse-s3-storage-provider. +matrix_synapse_ext_synapse_s3_storage_provider_enabled: false +matrix_synapse_ext_synapse_s3_storage_provider_version: 1.1.2 +# Controls whether media from this (local) server is stored in s3-storage-provider +matrix_synapse_ext_synapse_s3_storage_provider_store_local: true +# Controls whether media from remote servers is stored in s3-storage-provider +matrix_synapse_ext_synapse_s3_storage_provider_store_remote: true +# Controls whether files are stored to S3 at the same time they are stored on the local filesystem. +# For slightly improved reliability, consider setting this to `true`. +# Even with asynchronous uploading to S3 (`false` value), data loss shouldn't be possible, +# because the local filesystem is a reliable data store anyway. +matrix_synapse_ext_synapse_s3_storage_provider_store_synchronous: false +matrix_synapse_ext_synapse_s3_storage_provider_config_bucket: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_region_name: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key: '' +matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD +matrix_synapse_ext_synapse_s3_storage_provider_config_threadpool_size: 40 +# matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count is a day value (number) for the `s3_media_upload update-db` command. +# It specifies how old files need to have been inactive to be eligible for migration from the local filesystem to the S3 data store. +# By default, we use `0` which says "all files are eligible for migration". +matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count: 0 + matrix_s3_media_store_enabled: false matrix_s3_media_store_custom_endpoint_enabled: false matrix_s3_goofys_docker_image: "ewoutp/goofys:latest" @@ -839,6 +870,10 @@ matrix_synapse_media_storage_providers: "{{ matrix_synapse_media_storage_provide matrix_synapse_media_storage_providers_auto: | {{ [] + + + [ + lookup('ansible.builtin.template', role_path + '/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2') | from_yaml + ] if matrix_synapse_ext_synapse_s3_storage_provider_enabled else [] }} # matrix_synapse_media_storage_providers_custom contains your own custom list of storage providers. diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml new file mode 100644 index 000000000..008161cb1 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml @@ -0,0 +1,5 @@ +--- + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse-s3-storage-provider-migrate.timer'] }}" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml new file mode 100644 index 000000000..aefa49fe4 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml @@ -0,0 +1,10 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/validate_config.yml" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/setup_install.yml" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/setup_uninstall.yml" + when: not matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml new file mode 100644 index 000000000..31f721819 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml @@ -0,0 +1,54 @@ +--- + +# We install this into Synapse by making `matrix_synapse_ext_synapse_s3_storage_provider_enabled` influence other variables: +# - `matrix_synapse_media_storage_providers` (via `matrix_synapse_media_storage_providers_auto`) +# - `matrix_synapse_container_image_customizations_enabled` +# - `matrix_synapse_container_image_customizations_s3_storage_provider_installation_enabled` +# +# Below are additional tasks for setting up various helper scripts, etc. + +- name: Ensure s3-storage-provider env file installed + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/env.j2" + dest: "{{ matrix_synapse_ext_s3_storage_provider_path }}/env" + mode: 0640 + +- name: Ensure s3-storage-provider data path exists + ansible.builtin.file: + path: "{{ matrix_synapse_ext_s3_storage_provider_path }}/data" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure s3-storage-provider database.yaml file installed + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/database.yaml.j2" + dest: "{{ matrix_synapse_ext_s3_storage_provider_path }}/data/database.yaml" + mode: 0640 + +- name: Ensure s3-storage-provider scripts installed + ansible.builtin.template: + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/usr-local-bin/{{ item }}.j2" + dest: "{{ matrix_local_bin_path }}/{{ item }}" + mode: 0750 + with_items: + - matrix-synapse-s3-storage-provider-shell + - matrix-synapse-s3-storage-provider-migrate + +- name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer are installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/.j2" + src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/systemd/{{ item }}.j2" + dest: "{{ matrix_systemd_path }}/{{ item }}" + mode: 0640 + with_items: + - matrix-synapse-s3-storage-provider-migrate.service + - matrix-synapse-s3-storage-provider-migrate.timer + register: matrix_synapse_s3_storage_provider_systemd_service_result + +- name: Ensure systemd reloaded after matrix-synapse-s3-storage-provider-migrate.service installation + ansible.builtin.service: + daemon_reload: true + when: matrix_synapse_s3_storage_provider_systemd_service_result.changed | bool + diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml new file mode 100644 index 000000000..205a55417 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml @@ -0,0 +1,24 @@ +--- + +- name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer don't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/{{ item }}" + state: absent + with_items: + - matrix-synapse-s3-storage-provider-migrate.timer + - matrix-synapse-s3-storage-provider-migrate.service + register: matrix_synapse_s3_storage_provider_migrate_sevice_removal + +- name: Ensure systemd reloaded after matrix-synapse-s3-storage-provider-migrate.service removal + ansible.builtin.service: + daemon_reload: true + when: matrix_synapse_s3_storage_provider_migrate_sevice_removal.changed | bool + +- name: Ensure s3-storage-provider files don't exist + ansible.builtin.file: + path: "{{ item }}" + state: absent + with_items: + - "{{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-shell" + - "{{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-migrate" + - "{{ matrix_synapse_ext_s3_storage_provider_path }}" diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml new file mode 100644 index 000000000..d71809fe5 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml @@ -0,0 +1,18 @@ +--- + +- name: Fail if required s3-storage-provider settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`) for using s3-storage-provider. + when: "vars[item] == ''" + with_items: + - "matrix_synapse_ext_synapse_s3_storage_provider_config_bucket" + - "matrix_synapse_ext_synapse_s3_storage_provider_config_region_name" + - "matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id" + - "matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key" + +- name: Fail if required matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url looks invalid + ansible.builtin.fail: + msg: >- + `matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url` needs to look like a URL (`http://` or `https://` prefix). + when: "matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url != '' and not matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url.startswith('http')" diff --git a/roles/matrix-synapse/tasks/ext/setup.yml b/roles/matrix-synapse/tasks/ext/setup.yml index d944f2574..6cf1afaa4 100644 --- a/roles/matrix-synapse/tasks/ext/setup.yml +++ b/roles/matrix-synapse/tasks/ext/setup.yml @@ -11,3 +11,5 @@ - ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup.yml" - ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/mjolnir-antispam/setup.yml" + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/setup.yml" diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index a77320c22..9146936a0 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -26,6 +26,9 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}" when: matrix_s3_media_store_enabled | bool +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ext/s3-storage-provider/init.yml" + when: matrix_synapse_ext_synapse_s3_storage_provider_enabled | bool + - when: matrix_synapse_enabled | bool and matrix_synapse_metrics_proxying_enabled | bool block: - name: Fail if matrix-nginx-proxy role already executed diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index 7b887f30f..13a5819e1 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -12,6 +12,7 @@ - {path: "{{ matrix_synapse_ext_path }}", when: true} - {path: "{{ matrix_synapse_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_self_build }}"} - {path: "{{ matrix_synapse_customized_docker_src_files_path }}", when: "{{ matrix_synapse_container_image_customizations_enabled }}"} + - {path: "{{ matrix_synapse_ext_s3_storage_provider_path }}", when: "{{ matrix_synapse_ext_synapse_s3_storage_provider_enabled }}"} # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. diff --git a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 index 7cce2086d..3919e9557 100644 --- a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 +++ b/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 @@ -1,3 +1,7 @@ FROM {{ matrix_synapse_docker_image }} +{% if matrix_synapse_container_image_customizations_s3_storage_provider_installation_enabled %} +RUN pip install synapse-s3-storage-provider=={{ matrix_synapse_ext_synapse_s3_storage_provider_version }} +{% endif %} + {{ matrix_synapse_container_image_customizations_dockerfile_body_custom }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 new file mode 100644 index 000000000..ed11645eb --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 @@ -0,0 +1,5 @@ +user: {{ matrix_synapse_database_user | to_json }} +password: {{ matrix_synapse_database_password | to_json }} +database: {{ matrix_synapse_database_database | to_json }} +host: {{ matrix_synapse_database_host | to_json }} +port: {{ matrix_synapse_database_port | to_json }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 new file mode 100644 index 000000000..4b09688ba --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 @@ -0,0 +1,16 @@ +AWS_ACCESS_KEY_ID={{ matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id }} +AWS_SECRET_ACCESS_KEY={{ matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key }} +AWS_DEFAULT_REGION={{ matrix_synapse_ext_synapse_s3_storage_provider_config_region_name }} + +ENDPOINT={{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url }} +BUCKET={{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket }} + +PG_USER={{ matrix_synapse_database_user }} +PG_PASS={{ matrix_synapse_database_password }} +PG_DB={{ matrix_synapse_database_database }} +PG_HOST={{ matrix_synapse_database_host }} +PG_PORT={{ matrix_synapse_database_port }} + +MEDIA_PATH=/matrix-media-store-parent/{{ matrix_synapse_media_store_directory_name }} + +UPDATE_DB_DURATION={{ matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count }}d diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 new file mode 100644 index 000000000..97b0f5f2b --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 @@ -0,0 +1,14 @@ +module: s3_storage_provider.S3StorageProviderBackend +store_local: {{ matrix_synapse_ext_synapse_s3_storage_provider_store_local | to_json }} +store_remote: {{ matrix_synapse_ext_synapse_s3_storage_provider_store_remote | to_json }} +store_synchronous: {{ matrix_synapse_ext_synapse_s3_storage_provider_store_synchronous | to_json }} +config: + bucket: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket | to_json }} + region_name: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_region_name | to_json }} + endpoint_url: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url | to_json }} + access_key_id: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id | to_json }} + secret_access_key: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key | to_json }} + + storage_class: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class | to_json }} + + threadpool_size: {{ matrix_synapse_ext_synapse_s3_storage_provider_config_threadpool_size | to_json }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 new file mode 100644 index 000000000..ea8f0c8cb --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=Migrates locally-stored Synapse media store files to S3 + +[Service] +Type=oneshot +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStart={{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-migrate diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 new file mode 100644 index 000000000..61526ac12 --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 @@ -0,0 +1,10 @@ +[Unit] +Description=Migrates locally-stored Synapse media store files to S3 + +[Timer] +Unit=matrix-synapse-s3-storage-provider-migrate.service +OnCalendar=*-*-* 05:00:00 +RandomizedDelaySec=2h + +[Install] +WantedBy=timers.target diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 new file mode 100644 index 000000000..0893f5d66 --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 @@ -0,0 +1,13 @@ +#jinja2: lstrip_blocks: "True" +#!/bin/bash + +{{ matrix_host_command_docker }} run \ + --rm \ + --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ + --mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \ + --mount type=bind,src={{ matrix_synapse_ext_s3_storage_provider_path }}/data,dst=/data \ + --workdir=/data \ + --network={{ matrix_docker_network }} \ + --entrypoint=/bin/bash \ + {{ matrix_synapse_docker_image_final }} \ + -c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT' diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 new file mode 100644 index 000000000..c67a6dda0 --- /dev/null +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 @@ -0,0 +1,13 @@ +#jinja2: lstrip_blocks: "True" +#!/bin/bash + +{{ matrix_host_command_docker }} run \ + -it \ + --rm \ + --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ + --mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \ + --mount type=bind,src={{ matrix_synapse_ext_s3_storage_provider_path }}/data,dst=/data \ + --workdir=/data \ + --network={{ matrix_docker_network }} \ + --entrypoint=/bin/bash \ + {{ matrix_synapse_docker_image_final }} From a3759b0466fac32d482942177d7e690990d799e9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 17:50:48 +0300 Subject: [PATCH 198/349] Announce Synapse customization and synapse-s3-storage-provider support --- CHANGELOG.md | 33 ++++++++++++++++++++++++++ roles/matrix-synapse/defaults/main.yml | 1 - 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 06664634d..e99cd360a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,36 @@ +# 2022-10-14 + +## synapse-s3-storage-provider support + +You can now store your Synapse media repository files on Amazon S3 (or another S3-compatible object store) using [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) - a media provider for Synapse (Python module), which should work faster and more reliably than our previous [Goofys](docs/configuring-playbook-s3-goofys.md) implementation (Goofys will continue to work). + +This is not just for initial installations. Users with existing files (stored in the local filesystem) can also migrate their files to `synapse-s3-storage-provider`. + +To get started, see our [Storing Synapse media files on Amazon S3 with synapse-s3-storage-provider](docs/configuring-playbook-synapse-s3-storage-provider.md) documentation. + + +## Synapse container image customization support + +We now support customizing the Synapse container image by adding additional build steps to its [`Dockerfile`](https://docs.docker.com/engine/reference/builder/). + +Our [synapse-s3-storage-provider support](#synapse-s3-storage-provider-support) is actually built on this. When `s3-storage-provider` is enabled, we automatically add additional build steps to install its Python module into the Synapse image. + +Besides this kind of auto-added build steps (for components supported by the playbook), we also let you inject your own custom build steps using configuration like this: + +```yaml +matrix_synapse_container_image_customizations_enabled: true + +matrix_synapse_container_image_customizations_dockerfile_body_custom: | + RUN echo 'This is a custom step for building the customized Docker image for Synapse.' + RUN echo 'You can override matrix_synapse_container_image_customizations_dockerfile_body_custom to add your own steps.' + RUN echo 'You do NOT need to include a FROM clause yourself.' +``` + +People who have needed to customize Synapse previously had to fork the git repository, make their changes to the `Dockerfile` there, point the playbook to the new repository (`matrix_synapse_container_image_self_build_repo`) and enable self-building from scratch (`matrix_synapse_container_image_self_build: true`). This is harder and slower. + +With the new Synapse-customization feature in the playbook, we use the original upstream (pre-built, if available) Synapse image and only build on top of it, right on the Matrix server. This is much faster than building all of Synapse from scratch. + + # 2022-10-02 ## matrix-ldap-registration-proxy support diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 383e67ab8..4b9791594 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -31,7 +31,6 @@ matrix_synapse_container_image_customizations_s3_storage_provider_installation_e # matrix_synapse_container_image_customizations_dockerfile_body_custom: | # RUN echo 'This is a custom step for building the customized Docker image for Synapse.' # RUN echo 'You can override matrix_synapse_container_image_customizations_dockerfile_body_custom to add your own steps.' -# RUN echo 'Note that matrix_synapse_container_image_customizations_dockerfile_body_auto injects steps before this.' # RUN echo 'You do NOT need to include a FROM clause yourself.' matrix_synapse_container_image_customizations_dockerfile_body_custom: '' From 63a0e5c4f6b1b3384a8178ac6414712094736bc6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 17:58:47 +0300 Subject: [PATCH 199/349] Add warnings to synapse-s3-storage-provider support feature --- CHANGELOG.md | 2 ++ docs/configuring-playbook-synapse-s3-storage-provider.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e99cd360a..3ee9afac2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## synapse-s3-storage-provider support +**`synapse-s3-storage-provider` support is very new and still relatively untested. Using it may cause data loss.** + You can now store your Synapse media repository files on Amazon S3 (or another S3-compatible object store) using [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) - a media provider for Synapse (Python module), which should work faster and more reliably than our previous [Goofys](docs/configuring-playbook-s3-goofys.md) implementation (Goofys will continue to work). This is not just for initial installations. Users with existing files (stored in the local filesystem) can also migrate their files to `synapse-s3-storage-provider`. diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index bc0250f11..3490705ae 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -3,6 +3,8 @@ If you'd like to store Synapse's content repository (`media_store`) files on Amazon S3 (or other S3-compatible service), you can use the [synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider) media provider module for Synapse. +**`synapse-s3-storage-provider` support is very new and still relatively untested. Using it may cause data loss.** + An alternative (which has worse performance) is to use [Goofys to mount the S3 store to the local filesystem](configuring-playbook-s3-goofys.md). From fe9647559538756ca2f0bb547c621de638506c14 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:01:51 +0300 Subject: [PATCH 200/349] Remove some useless PG_ variables fron the s3-storage-provider env-file These Postgres configuration variables are part of the `database.yaml` file and don't need to be here. --- .../templates/synapse/ext/s3-storage-provider/env.j2 | 6 ------ 1 file changed, 6 deletions(-) diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 index 4b09688ba..3788499b3 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 @@ -5,12 +5,6 @@ AWS_DEFAULT_REGION={{ matrix_synapse_ext_synapse_s3_storage_provider_config_regi ENDPOINT={{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url }} BUCKET={{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket }} -PG_USER={{ matrix_synapse_database_user }} -PG_PASS={{ matrix_synapse_database_password }} -PG_DB={{ matrix_synapse_database_database }} -PG_HOST={{ matrix_synapse_database_host }} -PG_PORT={{ matrix_synapse_database_port }} - MEDIA_PATH=/matrix-media-store-parent/{{ matrix_synapse_media_store_directory_name }} UPDATE_DB_DURATION={{ matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count }}d From 2e0fc5c11c9d7dd165b09c8dc7bcbf8fcf6c2020 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:04:49 +0300 Subject: [PATCH 201/349] Fix some ansible-lint-reported warnings --- .../tasks/ext/s3-storage-provider/setup_install.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml index 31f721819..796842704 100644 --- a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml @@ -38,7 +38,6 @@ - name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer are installed ansible.builtin.template: - src: "{{ role_path }}/templates/systemd/.j2" src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/systemd/{{ item }}.j2" dest: "{{ matrix_systemd_path }}/{{ item }}" mode: 0640 @@ -51,4 +50,3 @@ ansible.builtin.service: daemon_reload: true when: matrix_synapse_s3_storage_provider_systemd_service_result.changed | bool - From 3cf0dcda6d39506cc71c249d3001ec30d826b554 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:07:10 +0300 Subject: [PATCH 202/349] Update "b2 sync" commands --- docs/configuring-playbook-s3-goofys.md | 6 +++--- docs/configuring-playbook-synapse-s3-storage-provider.md | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-s3-goofys.md b/docs/configuring-playbook-s3-goofys.md index 2efacddcc..ef8f20c2c 100644 --- a/docs/configuring-playbook-s3-goofys.md +++ b/docs/configuring-playbook-s3-goofys.md @@ -106,10 +106,10 @@ docker run -it --rm -w /work \ --env='B2_KEY_ID=YOUR_KEY_GOES_HERE' \ --env='B2_KEY_SECRET=YOUR_SECRET_GOES_HERE' \ --env='B2_BUCKET_NAME=YOUR_BUCKET_NAME_GOES_HERE' \ --v /matrix/synapse/storage/media-store/:/work \ +--mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ --entrypoint=/bin/sh \ -docker.io/tianon/backblaze-b2:2.1.0 \ --c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work/ b2://$B2_BUCKET_NAME' +docker.io/tianon/backblaze-b2:3.6.0 \ +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' ``` This is some initial file sync, which may take a very long time. diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 3490705ae..7f2af49c5 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -102,5 +102,5 @@ docker run -it --rm \ --mount type=bind,src=/matrix/synapse/storage/media-store,dst=/work,ro \ --entrypoint=/bin/sh \ tianon/backblaze-b2:3.6.0 \ --c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET > /dev/null && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' +-c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' ``` From de8fd519c56e5905b729ce18c558cc478dc05de7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:14:34 +0300 Subject: [PATCH 203/349] Document matrix-synapse-s3-storage-provider-migrate.{service,timer} --- ...iguring-playbook-synapse-s3-storage-provider.md | 14 +++++++++++++- ...ix-synapse-s3-storage-provider-migrate.timer.j2 | 1 - 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 7f2af49c5..6ab2820a4 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -21,7 +21,7 @@ The way media storage providers in Synapse work has some caveats: You may be thinking **if all files are stored locally as well, what's the point**? -You can run some scripts to delete the local files once in a while, thus freeing up local disk space. If these files are needed in the future (for serving them to users, etc.), Synapse will pull them from the media storage provider on demand. +You can run some scripts to delete the local files once in a while (which we do automatically by default - see [Periodically cleaning up the local filesystem](#periodically-cleaning-up-the-local-filesystem)), thus freeing up local disk space. If these files are needed in the future (for serving them to users, etc.), Synapse will pull them from the media storage provider on demand. While you will need some local disk space around, it's only to accommodate usage, etc., and won't grow as large as your S3 store. @@ -104,3 +104,15 @@ docker run -it --rm \ tianon/backblaze-b2:3.6.0 \ -c 'b2 authorize-account $B2_KEY_ID $B2_KEY_SECRET && b2 sync /work b2://$B2_BUCKET_NAME --skipNewer' ``` + +## Periodically cleaning up the local filesystem + +As described in [How it works?](#how-it-works) above, when new media is uploaded to the Synapse homeserver, it's first stored locally and then also stored on the remote S3 storage. + +By default, we periodically ensure that all local files are uploaded to S3 and are then removed from the local filesystem. This is done automatically using: + +- the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` script +- .. invoked via the `matrix-synapse-s3-storage-provider-migrate.service` service +- .. triggered by the `matrix-synapse-s3-storage-provider-migrate.timer` timer, every day at 05:00 + +So.. you don't need to perform any maintenance yourself. diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 index 61526ac12..5013c7a81 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 @@ -4,7 +4,6 @@ Description=Migrates locally-stored Synapse media store files to S3 [Timer] Unit=matrix-synapse-s3-storage-provider-migrate.service OnCalendar=*-*-* 05:00:00 -RandomizedDelaySec=2h [Install] WantedBy=timers.target From 6f56b9fb38fbc5216054067a1658e8530a98f4fc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:17:08 +0300 Subject: [PATCH 204/349] Upgrade Dendrite (0.10.2 -> 0.10.3) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 92a9ff9f7..2adf13daa 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.2" +matrix_dendrite_docker_image_tag: "v0.10.3" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 30745db6d5f098fa68ac228b900f6efa82fd5ed1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:29:30 +0300 Subject: [PATCH 205/349] Add storage-class support to the s3_media_upload command and mention matrix-synapse-s3-storage-provider-migrate script --- ...configuring-playbook-synapse-s3-storage-provider.md | 10 ++++++++-- .../templates/synapse/ext/s3-storage-provider/env.j2 | 1 + .../matrix-synapse-s3-storage-provider-migrate.j2 | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index 6ab2820a4..fce5b4edd 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -70,10 +70,16 @@ Then use the following commands (`$` values come from environment variables - th - `$UPDATE_DB_DURATION` is influenced by the `matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count` variable (defaults to `0`) - `$UPDATE_DB_DURATION` defaults to `0d` (0 days), which means **include files which haven't been accessed for more than 0 days** (that is, **all files will be included**). - `s3_media_upload check-deleted $MEDIA_PATH` - check whether files in the local cache still exist in the local media repository directory -- `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory +- `s3_media_upload upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT` - uploads locally-stored files to S3 and deletes them from the local media repository directory -The `upload` command may take a lot of time to complete. +The `s3_media_upload upload` command may take a lot of time to complete. +Instead of running the above commands manually in the shell, you can also run the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` script which will run the same commands automatically. We demonstrate how to do it manually, because: + +- it's what the upstream project demonstrates and it teaches you how to use the `s3_media_upload` tool +- allows you to check and verify the output of each command, to catch mistakes +- includes progress bars and detailed output for each command +- allows you to easily interrupt slow-running commands, etc. (the `/usr/local/bin/matrix-synapse-s3-storage-provider-migrate` starts a container without interactive TTY support, so `Ctrl+C` may not work and you and require killing via `docker kill ..`) ### Using another tool in combination with `s3_media_upload` diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 index 3788499b3..6dfcbe418 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 @@ -4,6 +4,7 @@ AWS_DEFAULT_REGION={{ matrix_synapse_ext_synapse_s3_storage_provider_config_regi ENDPOINT={{ matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url }} BUCKET={{ matrix_synapse_ext_synapse_s3_storage_provider_config_bucket }} +STORAGE_CLASS={{ matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class }} MEDIA_PATH=/matrix-media-store-parent/{{ matrix_synapse_media_store_directory_name }} diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 index 0893f5d66..e6684e696 100644 --- a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 +++ b/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 @@ -10,4 +10,4 @@ --network={{ matrix_docker_network }} \ --entrypoint=/bin/bash \ {{ matrix_synapse_docker_image_final }} \ - -c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --endpoint-url $ENDPOINT' + -c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT' From 5a7b80d9e48326f8d6bedf1e31a234fbe735c8d6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:31:17 +0300 Subject: [PATCH 206/349] Update configuring-playbook-synapse-s3-storage-provider.md --- docs/configuring-playbook-synapse-s3-storage-provider.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index fce5b4edd..a71e5a0bf 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -48,6 +48,8 @@ If you have existing files in Synapse's media repository (`/matrix/synapse/media - the existing files will remain on the local filesystem only until [migrating them to the S3 store](#migrating-your-existing-media-files-to-the-s3-store) - at some point (and periodically in the future), you can delete local files which have been uploaded to the S3 store already +Regardless of whether you need to [Migrate your existing files to the S3 store](#migrating-your-existing-media-files-to-the-s3-store) or not, make sure you've familiarized yourself with [How it works?](#how-it-works) above and [Periodically cleaning up the local filesystem](#periodically-cleaning-up-the-local-filesystem) below. + ## Migrating your existing media files to the S3 store From 1e0d10586d4bd04dde30adb1e860ada432084865 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 14 Oct 2022 18:49:27 +0300 Subject: [PATCH 207/349] Update README to mention synapse-s3-storage-provider --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b93fdd5da..569dbb3f8 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) a [Dendrite](https://github.com/matrix-org/dendrite) homeserver - storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. -- (optional) [Amazon S3](https://aws.amazon.com/s3/) storage for Synapse's content repository (`media_store`) files using [Goofys](https://github.com/kahing/goofys) +- (optional) [Amazon S3](https://aws.amazon.com/s3/) (or other S3-compatible object store) storage for Synapse's content repository (`media_store`) files using [Goofys](https://github.com/kahing/goofys) or [`synapse-s3-storage-provider`](https://github.com/matrix-org/synapse-s3-storage-provider) - (optional, default) [PostgreSQL](https://www.postgresql.org/) database for Synapse. [Using an external PostgreSQL server](docs/configuring-playbook-external-postgres.md) is also possible. From 8025bd19b0b93ac52230f756e86155b6b7bf17a7 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:33:28 +0200 Subject: [PATCH 208/349] update Docs regarding Filter-Mode-Flag --- docs/configuring-playbook-bridge-mautrix-telegram.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 08ee83ccd..91596afc4 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -59,3 +59,8 @@ matrix_mautrix_telegram_configuration_extension_yaml: | More details about permissions in this example: https://github.com/mautrix/telegram/blob/master/mautrix_telegram/example-config.yaml#L410 + +If you like to exclude all groups from syncing and use the Telgeram-Bridge only for direct chats, you can add the following additional playbook configuration: +```yaml +matrix_mautrix_telegram_filter_mode: whitelist +``` From 01078fea8f0c32e09e20a81070ce0cc5f6712435 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:37:09 +0200 Subject: [PATCH 209/349] add default for TG filter_mode --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 9fdfd4302..0f52cc222 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -38,6 +38,9 @@ matrix_mautrix_telegram_api_id: '' matrix_mautrix_telegram_api_hash: '' matrix_mautrix_telegram_bot_token: disabled +# Define the filter-mode +matrix_mautrix_telegram_filter_mode: "blacklist" + # Whether or not the public-facing endpoints should be enabled (web-based login) matrix_mautrix_telegram_appservice_public_enabled: true From a6e167cf91932eac58fdcb117062f2a31d62ed64 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:38:51 +0200 Subject: [PATCH 210/349] add option to change filter_mode --- roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index d50be47da..2e6aae51b 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -273,7 +273,7 @@ bridge: # Filter mode to use. Either "blacklist" or "whitelist". # If the mode is "blacklist", the listed chats will never be bridged. # If the mode is "whitelist", only the listed chats can be bridged. - mode: blacklist + mode: "{{ matrix_mautrix_telegram_filter_mode }}" # The list of group/channel IDs to filter. list: [] From 7b3b22ce072ce02d7ebb8665f899147422a84841 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Sat, 15 Oct 2022 14:43:25 +0200 Subject: [PATCH 211/349] update docs to exclude grou-sync --- docs/configuring-playbook-bridge-mautrix-telegram.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index 08ee83ccd..91596afc4 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -59,3 +59,8 @@ matrix_mautrix_telegram_configuration_extension_yaml: | More details about permissions in this example: https://github.com/mautrix/telegram/blob/master/mautrix_telegram/example-config.yaml#L410 + +If you like to exclude all groups from syncing and use the Telgeram-Bridge only for direct chats, you can add the following additional playbook configuration: +```yaml +matrix_mautrix_telegram_filter_mode: whitelist +``` From a7dc9a406de907ab21804613a13c335f335c4352 Mon Sep 17 00:00:00 2001 From: Felix Stupp Date: Sat, 15 Oct 2022 20:17:58 +0000 Subject: [PATCH 212/349] docs/configuring-playbook: Add link to etherpad configuration --- docs/configuring-playbook.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 43b68ee8f..efb0f7e3c 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -34,6 +34,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md) (optional) +- [Setting up Etherpad](configuring-playbook-etherpad.md) (optional) + - [Setting up Dynamic DNS](configuring-playbook-dynamic-dns.md) (optional) - [Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server](configuring-playbook-prometheus-grafana.md) (optional) From 4d267dad4084859ca9c69b23e241c4ae2c1d2817 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 16 Oct 2022 18:24:55 +0300 Subject: [PATCH 213/349] Upgrade mautrix-whatsapp (0.7.0 -> 0.7.1) and sync bridge config with upstream --- .../matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- .../templates/config.yaml.j2 | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index cb4900eec..55b7387f1 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git" matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" -matrix_mautrix_whatsapp_version: v0.7.0 +matrix_mautrix_whatsapp_version: v0.7.1 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 28971447e..9c0b95e8d 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -147,6 +147,12 @@ bridge: # provisioning endpoint is used or when a message comes in from that # chat. max_initial_conversations: -1 + # If this value is greater than 0, then if the conversation's last + # message was more than this number of hours ago, then the conversation + # will automatically be marked it as read. + # Conversations that have a last message that is less than this number + # of hours ago will have their unread status synced from WhatsApp. + unread_hours_threshold: 0 # Settings for immediate backfills. These backfills should generally be # small and their main purpose is to populate each of the initial chats # (as configured by max_initial_conversations) with a few messages so @@ -228,7 +234,10 @@ bridge: # manually. login_shared_secret_map: {{ matrix_mautrix_whatsapp_bridge_login_shared_secret_map|to_json }} # Should the bridge explicitly set the avatar and room name for private chat portal rooms? + # This is implicitly enabled in encrypted rooms. private_chat_portal_meta: false + # Should group members be synced in parallel? This makes member sync faster + parallel_member_sync: false # Should Matrix m.notice-type messages be bridged? bridge_notices: true # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. @@ -281,6 +290,9 @@ bridge: # Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552. # This is currently not supported in most clients. caption_in_message: false + # Should Matrix edits be bridged to WhatsApp edits? + # Official WhatsApp clients don't render edits yet, but once they do, the bridge should work with them right away. + send_whatsapp_edits: false # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration # Null means there's no enforced timeout. message_handling_timeout: From 07a7234ba0c642f910e3381776edf5b40735c9de Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 16 Oct 2022 18:27:35 +0300 Subject: [PATCH 214/349] Use | to_json --- .../matrix-bridge-mautrix-telegram/templates/config.yaml.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index 2e6aae51b..b7af83f57 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -273,12 +273,12 @@ bridge: # Filter mode to use. Either "blacklist" or "whitelist". # If the mode is "blacklist", the listed chats will never be bridged. # If the mode is "whitelist", only the listed chats can be bridged. - mode: "{{ matrix_mautrix_telegram_filter_mode }}" + mode: {{ matrix_mautrix_telegram_filter_mode | to_json }} # The list of group/channel IDs to filter. list: [] # The prefix for commands. Only required in non-management rooms. - command_prefix: "{{ matrix_mautrix_telegram_command_prefix }}" + command_prefix: {{ matrix_mautrix_telegram_command_prefix | to_json }} # Permissions for using the bridge. # Permitted values: @@ -291,7 +291,7 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: {{ matrix_mautrix_telegram_bridge_permissions|to_json }} + permissions: {{ matrix_mautrix_telegram_bridge_permissions | to_json }} # Options related to the message relay Telegram bot. relaybot: From 6480cc36293da31fa58b3aa1f7fe90fffbae87bf Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 17 Oct 2022 08:03:10 +0300 Subject: [PATCH 215/349] Fix `'something' is undefined` error in matrix-bridge-appservice-slack .. when `matrix_nginx_proxy_enabled: false` Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2177 --- roles/matrix-bridge-appservice-slack/tasks/init.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index d06e5aaf1..5d03b24b9 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -85,7 +85,7 @@ msg: >- NOTE: You've enabled the Matrix Slack bridge but are not using the matrix-nginx-proxy reverse proxy. - Please make sure that you're proxying the `{{ something }}` + Please make sure that you're proxying the `{{ matrix_appservice_slack_public_endpoint }}` URL endpoint to the matrix-appservice-slack container. You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable. when: "matrix_appservice_slack_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool" From c781bdea992435fd9768d5a7458058528b712300 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 17 Oct 2022 14:24:57 +0000 Subject: [PATCH 216/349] Update Synapse 1.68.0 -> 1.69.0 --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 4b9791594..5e5867eb8 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -36,7 +36,7 @@ matrix_synapse_container_image_customizations_dockerfile_body_custom: '' matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.68.0 +matrix_synapse_version: v1.69.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From bcba84389d683f9143dbb7c2ccb516e4b68773d6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 18 Oct 2022 12:43:13 +0000 Subject: [PATCH 217/349] Update grafana 9.2.0 -> 9.2.1 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 677435e82..767a749bc 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.0 +matrix_grafana_version: 9.2.1 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 2eef6af23e6a8c4e5a46c9ccf49a12c0e4f24c91 Mon Sep 17 00:00:00 2001 From: David Napier Date: Wed, 19 Oct 2022 10:45:11 -0400 Subject: [PATCH 218/349] Bump postgres version to newly released 15 --- roles/matrix-postgres/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index de28d7ada..93de2612b 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -29,7 +29,8 @@ matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }} matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.12{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.8{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.5{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v14 }}" +matrix_postgres_docker_image_v15: "{{ matrix_container_global_registry_prefix }}postgres:15{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v15 }}" # This variable is assigned at runtime. Overriding its value has no effect. matrix_postgres_docker_image_to_use: '{{ matrix_postgres_docker_image_latest }}' From c4a57428a6bedac73f1f8253ab0c5e4010aa00dc Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Thu, 20 Oct 2022 00:34:30 -0400 Subject: [PATCH 219/349] add if hostname is not availble for SRV record --- docs/configuring-dns.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 8d31ab3ff..ea5fea88f 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -45,6 +45,8 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` | | [Postmoogle](configuring-playbook-bot-postmoogle.md) email bridge | TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` | +When setting up a SRV record, if you are asked for a service and protocol instead of a hostname split the host value from the table where the period is. For example use service as `_matrix-identity` and protocol as `_tcp`. + ## Subdomains setup As the table above illustrates, you need to create 2 subdomains (`matrix.` and `element.`) and point both of them to your new server's IP address (DNS `A` record or `CNAME` record is fine). From 20db57d288e037bd651d718e945fff96faa33d77 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 17 Oct 2022 17:35:52 +0300 Subject: [PATCH 220/349] Upgrade certbot (v1.30.0 -> v1.31.0) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 7cdc0c921..84ec4f7e1 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -547,7 +547,7 @@ matrix_ssl_lets_encrypt_staging: false # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server matrix_ssl_lets_encrypt_server: '' -matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.30.0" +matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.31.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 matrix_ssl_lets_encrypt_support_email: ~ From a32eea41fe56bdee721f8062b1199217704b0daa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 07:43:01 +0300 Subject: [PATCH 221/349] Make roles/matrix-postgres/tasks/detect_existing_postgres_version.yml detect Postgres v14 --- .../tasks/detect_existing_postgres_version.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml b/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml index 687d5e3a5..1be8291b6 100644 --- a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml +++ b/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml @@ -68,3 +68,8 @@ ansible.builtin.set_fact: matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v13 }}" when: "matrix_postgres_detected_version == '13' or matrix_postgres_detected_version.startswith('13.')" + +- name: Determine corresponding Docker image to detected version (use 14.x, if detected) + ansible.builtin.set_fact: + matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v14 }}" + when: "matrix_postgres_detected_version == '14' or matrix_postgres_detected_version.startswith('14.')" From 80da7dfb0bc4dbff1b6982d213ca5cbb98ff7f94 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 11:48:56 +0300 Subject: [PATCH 222/349] Update docs/prerequisites.md --- docs/prerequisites.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 1ed4befea..74954648d 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -26,7 +26,7 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you - Properly configured DNS records for `` (details in [Configuring DNS](configuring-dns.md)). -- Some TCP/UDP ports open. This playbook configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: +- Some TCP/UDP ports open. This playbook (actually [Docker itself](https://docs.docker.com/network/iptables/)) configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: - `80/tcp`: HTTP webserver - `443/tcp`: HTTPS webserver From af3a32cf6a7f7c6f73ee6bd85b3fede721b5e70c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 15:46:02 +0300 Subject: [PATCH 223/349] Fix Jinja2 interpolation for some default variables We're overriding these in the correct way in `group_vars/matrix_servers` so this wasn't causing any problem in practice. --- roles/matrix-postgres/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 93de2612b..1b11bad8c 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -68,7 +68,7 @@ matrix_postgres_additional_databases: [] # If a dump file contains the roles and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE ROLE` statements in the dump. -matrix_postgres_import_roles_to_ignore: [matrix_postgres_connection_username] +matrix_postgres_import_roles_to_ignore: "{{ [matrix_postgres_connection_username] }}" # When importing an existing Postgres database (when restoring a backup) or when doing a Postgres upgrade (which dumps & restores), we'd like to avoid: # - creating users (`CREATE ROLE ..`) @@ -85,7 +85,7 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. -matrix_postgres_import_databases_to_ignore: [matrix_postgres_db_name] +matrix_postgres_import_databases_to_ignore: "{{ [matrix_postgres_db_name] }}" matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] From b8097b0bd6f79f9efb66c4df7676129f86e07bd2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 20 Oct 2022 16:05:55 +0300 Subject: [PATCH 224/349] Add support for binary content to matrix-aux --- roles/matrix-aux/defaults/main.yml | 9 +++++++++ roles/matrix-aux/tasks/setup.yml | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/roles/matrix-aux/defaults/main.yml b/roles/matrix-aux/defaults/main.yml index e4a4e8277..4c1f88796 100644 --- a/roles/matrix-aux/defaults/main.yml +++ b/roles/matrix-aux/defaults/main.yml @@ -50,6 +50,9 @@ matrix_aux_file_default_mode: '0640' # then you likely need to add `/matrix/some/path` to `matrix_aux_directory_definitions` as well. # You don't need to do this for directories that the playbook already creates for you. # +# Use a `content` key for text content and `src` with a location to a file for binary content. +# The `content` key does not support binary content (see https://github.com/ansible/ansible/issues/11594). +# # Example: # # matrix_aux_file_definitions: @@ -69,4 +72,10 @@ matrix_aux_file_default_mode: '0640' # mode: '0600' # owner: 'some-user' # group: 'some-group' +# +# - dest: /matrix/aux/binary-file.dat +# src: "/path/to/binary.dat" +# mode: '0600' +# owner: 'some-user' +# group: 'some-group' matrix_aux_file_definitions: [] diff --git a/roles/matrix-aux/tasks/setup.yml b/roles/matrix-aux/tasks/setup.yml index ccb0bdcb4..eb0adad49 100644 --- a/roles/matrix-aux/tasks/setup.yml +++ b/roles/matrix-aux/tasks/setup.yml @@ -11,8 +11,9 @@ - name: Ensure AUX files are created ansible.builtin.copy: + src: "{{ item.src if 'src' in item else omit }}" + content: "{{ item.content if 'content' in item else omit }}" dest: "{{ item.dest }}" - content: "{{ item.content }}" owner: "{{ item.owner | default(matrix_user_username) }}" group: "{{ item.group | default(matrix_user_groupname) }}" mode: "{{ item.mode | default(matrix_aux_file_default_mode) }}" From bed9c18ab04156e6e96521a380acc3be0c36e047 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 05:31:52 +0300 Subject: [PATCH 225/349] Pin Postgres version to 15.0 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2180 Just specifying `15` means we won't automatically re-pull `15.1` when it comes out. --- roles/matrix-postgres/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 1b11bad8c..6ddbdf9fd 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -29,7 +29,7 @@ matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }} matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.12{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.8{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.5{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v15: "{{ matrix_container_global_registry_prefix }}postgres:15{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v15: "{{ matrix_container_global_registry_prefix }}postgres:15.0{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v15 }}" # This variable is assigned at runtime. Overriding its value has no effect. From e37e86eb1cfdabf0bbe7464037060cbb0cacf2dc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 07:33:10 +0300 Subject: [PATCH 226/349] Fix 'could not save history to file "//.psql_history"' errors --- roles/matrix-postgres/templates/env-postgres-psql.j2 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-postgres/templates/env-postgres-psql.j2 b/roles/matrix-postgres/templates/env-postgres-psql.j2 index c61927a3e..220589874 100644 --- a/roles/matrix-postgres/templates/env-postgres-psql.j2 +++ b/roles/matrix-postgres/templates/env-postgres-psql.j2 @@ -1,4 +1,8 @@ #jinja2: lstrip_blocks: "True" PGUSER={{ matrix_postgres_connection_username }} PGPASSWORD={{ matrix_postgres_connection_password }} -PGDATABASE={{ matrix_postgres_db_name }} \ No newline at end of file +PGDATABASE={{ matrix_postgres_db_name }} +# Prevent errors like this: +# > could not save history to file "//.psql_history": Permission denied +# .. due to Postgres not being able to write to the filesystem. +PSQL_HISTORY=/dev/null From 0a022db256688a9924d199828f4f555bbb94d168 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Fri, 21 Oct 2022 00:52:48 -0400 Subject: [PATCH 227/349] grammar correction the word "both" would refer to only 2 urls in this context --- docs/configuring-well-known.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 81caf04cb..fd548aa63 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -192,7 +192,7 @@ Make sure to: ## Confirming it works -No matter which method you've used to set up the well-known files, if you've done it correctly you should be able to see a JSON file at both of these URLs: +No matter which method you've used to set up the well-known files, if you've done it correctly you should be able to see a JSON file at these URLs: - `https:///.well-known/matrix/server` - `https:///.well-known/matrix/client` From 0b44ec19b4e1d39420710f229808f0780c5820d2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 10:00:49 +0300 Subject: [PATCH 228/349] Do not override matrix_postgres_import_roles_to_ignore/matrix_postgres_import_databases_to_ignore in group_vars These values that we were setting also make sense in the context of the `matrix-postgres` role even when not used within the playbook. --- group_vars/matrix_servers | 14 -------------- roles/matrix-postgres/defaults/main.yml | 14 ++++++++++++-- 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index b055245bc..6728eaaae 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2112,20 +2112,6 @@ matrix_postgres_additional_databases: | }} -matrix_postgres_import_roles_to_ignore: | - {{ - [matrix_postgres_connection_username] - + - matrix_postgres_additional_databases|map(attribute='username') | list - }} - -matrix_postgres_import_databases_to_ignore: | - {{ - [matrix_postgres_db_name] - + - matrix_postgres_additional_databases|map(attribute='name') | list - }} - ###################################################################### # # /matrix-postgres diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 6ddbdf9fd..e34b3b606 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -68,7 +68,12 @@ matrix_postgres_additional_databases: [] # If a dump file contains the roles and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE ROLE` statements in the dump. -matrix_postgres_import_roles_to_ignore: "{{ [matrix_postgres_connection_username] }}" +matrix_postgres_import_roles_to_ignore: | + {{ + [matrix_postgres_connection_username] + + + matrix_postgres_additional_databases|map(attribute='username') | list + }} # When importing an existing Postgres database (when restoring a backup) or when doing a Postgres upgrade (which dumps & restores), we'd like to avoid: # - creating users (`CREATE ROLE ..`) @@ -85,7 +90,12 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_post # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), # importing would fail. # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. -matrix_postgres_import_databases_to_ignore: "{{ [matrix_postgres_db_name] }}" +matrix_postgres_import_databases_to_ignore: | + {{ + [matrix_postgres_db_name] + + + matrix_postgres_additional_databases|map(attribute='name') | list + }} matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] From ff0fc88faeac6444dcee93241dca23a24356cde1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 11:25:30 +0300 Subject: [PATCH 229/349] Make Postgres import not break for databases with special names We haven't encountered such a problem yet, but it doesn't hurt to make things more robust. --- roles/matrix-postgres/defaults/main.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index e34b3b606..7b0660bbd 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -84,7 +84,9 @@ matrix_postgres_import_roles_to_ignore: | # which is unsupported by default by newer Postgres versions (v14+). # When users are created and passwords are set by the playbook, they end up hashed as `scram-sha-256` on Postgres v14+. # If an md5-hashed password is restored on top, Postgres v14+ will refuse to authenticate users with it by default. -matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE ({{ matrix_postgres_import_roles_to_ignore | join('|') }})(;| WITH)" # noqa jinja[spacing] +# +# We also allow for the role name to be quoted, which is rare, but might happen for role names which are special keywords (e.g. `default`). +matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE \\\"?({{ matrix_postgres_import_roles_to_ignore | join('|') }})\\\"?(;| WITH)" # noqa jinja[spacing] # A list of databases to avoid creating when importing (or upgrading) the database. # If a dump file contains the databases and they've also been created beforehand (see `matrix_postgres_additional_databases`), @@ -97,7 +99,8 @@ matrix_postgres_import_databases_to_ignore: | matrix_postgres_additional_databases|map(attribute='name') | list }} -matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\s" # noqa jinja[spacing] +# We also allow for the database name to be quoted, which is rare, but might happen for database names which are special keywords (e.g. `default`). +matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE \\\"?({{ matrix_postgres_import_databases_to_ignore | join('|') }})\\\"?\\s" # noqa jinja[spacing] # The number of seconds to wait after starting `matrix-postgres.service` # and before trying to run queries for creating additional databases/users against it. From 7e8184e210798da376b2fd16baa7c730811dcbb4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 14:58:21 +0300 Subject: [PATCH 230/349] Do not break the guided installation flow --- docs/configuring-dns.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index ea5fea88f..3803ba8f6 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -26,6 +26,8 @@ Be mindful as to how long it will take for the DNS records to propagate. If you are using Cloudflare DNS, make sure to disable the proxy and set all records to `DNS only`. Otherwise, fetching certificates will fail. +When you're done configuring DNS, proceed to [Configuring the playbook](configuring-playbook.md). + ## DNS settings for optional services/features | Used by component | Type | Host | Priority | Weight | Port | Target | From 4cf85605a911e998409d9e2a1cb7a94d83854491 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 17:36:24 +0300 Subject: [PATCH 231/349] Upgrade Dendrite (0.10.3 -> 0.10.4) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 2adf13daa..dc0af2dc3 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.3" +matrix_dendrite_docker_image_tag: "v0.10.4" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 463596884028dc38099d40155cc4117976bca8d6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Oct 2022 20:07:29 +0300 Subject: [PATCH 232/349] Upgrade Hookshot (2.3.0 -> 2.4.0) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 0854edbf5..1c390f340 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 2.3.0 +matrix_hookshot_version: 2.4.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 7d043489bdc5533b188fe891692d1d85ec13ed93 Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Fri, 21 Oct 2022 21:51:54 +0200 Subject: [PATCH 233/349] update remote-repo-infos with link to doc was a litte confusing for me, so i added the link to the syntax-descr. --- docs/configuring-playbook-backup-borg.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 41ca0156c..72ec9e678 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -56,7 +56,7 @@ where: * USER - SSH user of a provider/server * HOST - SSH host of a provider/server -* REPO - borg repository name, it will be initialized on backup start, eg: `matrix` +* REPO - borg repository name, it will be initialized on backup start, eg: `matrix`, regarding Syntax see [Remote repositories](https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls) * PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager * PRIVATE KEY - the content of the **private** part of the SSH key you created before. The whole key (all of its belonging lines) under `matrix_backup_borg_ssh_key_private` needs to be indented with 2 spaces From ac8312d95f58d573488ef49907830cbdf876a62b Mon Sep 17 00:00:00 2001 From: smargold476 <105579587+smargold476@users.noreply.github.com> Date: Fri, 21 Oct 2022 22:19:03 +0200 Subject: [PATCH 234/349] update link to example in my environment i see the matrix. conf in that file: /matrix/nginx-proxy/conf.d/matrix-domain.conf --- docs/configuring-playbook-ssl-certificates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-ssl-certificates.md b/docs/configuring-playbook-ssl-certificates.md index 30a8f0b87..606160da4 100644 --- a/docs/configuring-playbook-ssl-certificates.md +++ b/docs/configuring-playbook-ssl-certificates.md @@ -99,7 +99,7 @@ The certificate files would be made available in `/matrix/ssl/config/live/ Date: Sat, 22 Oct 2022 08:45:27 +0300 Subject: [PATCH 235/349] Make ntfy not try to listen on a privileged port We're starting it with `--user` and dropped capabilities, after all. Hopefully fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2188 --- roles/matrix-ntfy/templates/ntfy/server.yml.j2 | 1 + roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-ntfy/templates/ntfy/server.yml.j2 b/roles/matrix-ntfy/templates/ntfy/server.yml.j2 index 4cafcd62a..096991a70 100644 --- a/roles/matrix-ntfy/templates/ntfy/server.yml.j2 +++ b/roles/matrix-ntfy/templates/ntfy/server.yml.j2 @@ -1,3 +1,4 @@ base_url: {{ matrix_ntfy_base_url }} behind_proxy: true cache_file: /data/cache.db +listen-http: :8080 diff --git a/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index da292e5ce..f41598560 100644 --- a/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -21,7 +21,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ntfy \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_ntfy_container_http_host_bind_port %} - -p {{ matrix_ntfy_container_http_host_bind_port }}:80 \ + -p {{ matrix_ntfy_container_http_host_bind_port }}:8080 \ {% endif %} --mount type=bind,src={{ matrix_ntfy_config_dir_path }},dst=/etc/ntfy,ro \ --mount type=bind,src={{ matrix_ntfy_data_path }},dst=/data \ From 3bd0af76ddec6004e9e794fd821e0809123cc4a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 22 Oct 2022 07:47:00 +0200 Subject: [PATCH 236/349] Add information on how to manually run the backup MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julian-Samuel Gebühr --- docs/configuring-playbook-backup-borg.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 41ca0156c..0fda66da9 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -73,3 +73,9 @@ After configuring the playbook, run the [installation](installing.md) command ag ``` ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ``` + +## Manually start a backup + +For testing your setup it can be helpful to not wait until 4am. If you want to run the backup immediately, log onto the server +and run `systemctl start matrix-backup-borg`. This will not return until the backup is done, so possibly a long time. +Consider using [tmux](https://en.wikipedia.org/wiki/Tmux) if your SSH connection is unstable. From 9fd3e00b71fdd450bf0643b30179f880e63d175c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 23 Oct 2022 07:45:54 +0300 Subject: [PATCH 237/349] Upgrade nginx (1.23.1 -> 1.23.2) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 84ec4f7e1..efef89af3 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -1,7 +1,7 @@ --- # Project source code URL: https://github.com/nginx/nginx matrix_nginx_proxy_enabled: true -matrix_nginx_proxy_version: 1.23.1-alpine +matrix_nginx_proxy_version: 1.23.2-alpine # We use an official nginx image, which we fix-up to run unprivileged. # An alternative would be an `nginxinc/nginx-unprivileged` image, but From 716efe7ad5923cdbdc7721fc58f0db38f588a391 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 23 Oct 2022 09:52:02 +0300 Subject: [PATCH 238/349] Upgrade ddclient (v3.9.1-ls100 -> v3.10.0-ls102) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index c465fef96..af4d95927 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls100 +matrix_dynamic_dns_version: v3.10.0-ls102 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From d44b0378505ac5df4b9f6cafb93f46248234a5c4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 23 Oct 2022 18:45:22 +0300 Subject: [PATCH 239/349] fgrep -> grep -F --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index f0aeb3971..576dcbf56 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ .PHONY: lint help: ## Show this help. - @fgrep -h "##" $(MAKEFILE_LIST) | fgrep -v fgrep | sed -e 's/\\$$//' | sed -e 's/##//' + @grep -F -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -e 's/\\$$//' | sed -e 's/##//' lint: ## Runs ansible-lint against all roles in the playbook ansible-lint From 24409766eb5cfeadc1f668e077532f0b8b78091d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 24 Oct 2022 05:42:18 +0000 Subject: [PATCH 240/349] Fix 502 ref: 57bb340343c692c9439c863cd1d13c54cecb87b8 --- .../templates/nginx/conf.d/matrix-ntfy.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 index 988b3b355..ae100edac 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 @@ -21,7 +21,7 @@ {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-ntfy:80"; + set $backend "matrix-ntfy:8080"; proxy_pass http://$backend; {% else %} {# Generic configuration for use outside of our container setup #} From 9c549a185f6b035cb2979d0c41f9d7e2858037fc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 25 Oct 2022 06:28:24 +0300 Subject: [PATCH 241/349] Auto-purge orphaned Let's Encrypt renewal configuration files --- roles/matrix-nginx-proxy/defaults/main.yml | 14 ++++++++++ ...urge_ssl_lets_encrypt_orphaned_configs.yml | 27 +++++++++++++++++++ .../tasks/ssl/setup_ssl_lets_encrypt.yml | 3 +++ 3 files changed, 44 insertions(+) create mode 100644 roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index efef89af3..c233dc43c 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -572,6 +572,20 @@ matrix_ssl_log_dir_path: "{{ matrix_ssl_base_path }}/log" matrix_ssl_pre_obtaining_required_service_name: ~ matrix_ssl_pre_obtaining_required_service_start_wait_time_seconds: 60 +# matrix_ssl_orphaned_renewal_configs_purging_enabled controls whether the playbook will delete Let's Encryption renewal configuration files (`/matrix/ssl/config/renewal/*.conf) +# for domains that are not part of the `matrix_ssl_domains_to_obtain_certificates_for` list. +# +# As the `matrix_ssl_domains_to_obtain_certificates_for` list changes over time, the playbook obtains certificates for various domains +# and sets up "renewal" configuration files to keep these certificates fresh. +# When a domain disappears from the `matrix_ssl_domains_to_obtain_certificates_for` list (because its associated service had gotten disabled), +# the certificate files and renewal configuration still remain in the filesystem and certbot may try to renewal the certificate for this domain. +# If there's no DNS record for this domain or it doesn't point to this server anymore, the `matrix-ssl-lets-encrypt-certificates-renew.service` systemd service +# won't be able to renew the certificate and will generate an error. +# +# With `matrix_ssl_orphaned_renewal_configs_purging_enabled` enabled, orphaned renewal configurations will be purged on each playbook run. +# Some other leftover files will still remain, but we don't bother purging them because they don't cause troubles. +matrix_ssl_orphaned_renewal_configs_purging_enabled: true + # Nginx Optimize SSL Session # # ssl_session_cache: diff --git a/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml b/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml new file mode 100644 index 000000000..51fd1f314 --- /dev/null +++ b/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml @@ -0,0 +1,27 @@ +--- + +- name: Check if a Let's Encrypt renewal configuration directory exists + ansible.builtin.stat: + path: "{{ matrix_ssl_config_dir_path }}/renewal" + register: matrix_ssl_config_renewal_directory_stat_result + +- when: matrix_ssl_config_renewal_directory_stat_result.stat.exists | bool + block: + - name: Determine current Let's Encrypt renewal configs + ansible.builtin.find: + path: "{{ matrix_ssl_config_dir_path }}/renewal" + patterns: ".*.conf$" + use_regex: true + register: matrix_ssl_current_renewal_config_files + + - name: Determine unnecessary Let's Encrypt renewal configs + ansible.builtin.set_fact: + matrix_ssl_current_renewal_config_files_to_purge: "{{ matrix_ssl_current_renewal_config_files_to_purge | default([]) + [item.path] }}" + with_items: "{{ matrix_ssl_current_renewal_config_files.files }}" + when: "item.path | basename | replace('.conf', '') not in matrix_ssl_domains_to_obtain_certificates_for" + + - name: Purge unneceessary Let's Encrypt renewal config files + ansible.builtin.file: + path: "{{ item }}" + state: absent + with_items: "{{ matrix_ssl_current_renewal_config_files_to_purge | default([]) }}" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index 029ef860d..62430f4bb 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -18,6 +18,9 @@ - when: "matrix_ssl_retrieval_method == 'lets-encrypt'" block: + - when: matrix_ssl_orphaned_renewal_configs_purging_enabled | bool + ansible.builtin.import_tasks: "{{ role_path }}/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml" + - name: Ensure certbot Docker image is pulled docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" From cb2fecbea96ead3e9003c22bcabda00e20dd3b01 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 25 Oct 2022 06:43:57 +0300 Subject: [PATCH 242/349] Fix some ansible-lint-reported warnings --- roles/matrix-base/tasks/server_base/setup.yml | 3 ++- .../tasks/validate_config.yml | 3 ++- roles/matrix-ldap-registration-proxy/tasks/init.yml | 9 ++++----- roles/matrix-postgres/tasks/import_generic_sqlite_db.yml | 3 ++- roles/matrix-postgres/tasks/run_vacuum.yml | 3 ++- .../tasks/rust-synapse-compress-state/compress_room.yml | 3 ++- .../tasks/rust-synapse-compress-state/main.yml | 3 ++- 7 files changed, 16 insertions(+), 11 deletions(-) diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 8cc4dff4c..9e3319f5f 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -21,7 +21,8 @@ register: lsb_release_installation_result - name: Reread ansible_lsb facts if lsb-release got installed - ansible.builtin.setup: filter=ansible_lsb* + ansible.builtin.setup: + filter: ansible_lsb* when: lsb_release_installation_result.changed - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_debian.yml" diff --git a/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml b/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml index 901b760bf..e005f162b 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml @@ -22,5 +22,6 @@ - {'old': 'matrix_appservice_discord_container_expose_client_server_api_port', 'new': ''} - name: Require a valid database engine - ansible.builtin.fail: msg="`matrix_appservice_discord_database_engine` needs to be either 'sqlite' or 'postgres'" + ansible.builtin.fail: + msg: "`matrix_appservice_discord_database_engine` needs to be either 'sqlite' or 'postgres'" when: "matrix_appservice_discord_database_engine not in ['sqlite', 'postgres']" diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/matrix-ldap-registration-proxy/tasks/init.yml index 0b2051c3d..406236095 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/init.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/init.yml @@ -10,7 +10,10 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-ldap-registration-proxy.service'] }}" when: matrix_ldap_registration_proxy_enabled | bool -- block: +- when: matrix_ldap_registration_proxy_enabled | bool + tags: + - always + block: - name: Fail if matrix-nginx-proxy role already executed ansible.builtin.fail: msg: >- @@ -52,7 +55,3 @@ URL endpoint to the matrix-ldap-proxy container. You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable. when: "not matrix_nginx_proxy_enabled | default(False) | bool" - - tags: - - always - when: matrix_ldap_registration_proxy_enabled | bool diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml index 897ebc2e9..4a515c27d 100644 --- a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -28,7 +28,8 @@ - when: 'postgres_connection_string_variable_name is defined' block: - name: Fail if postgres_connection_string_variable_name points to an undefined variable - ansible.builtin.fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`" + ansible.builtin.fail: + msg: "postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`" when: "postgres_connection_string_variable_name not in vars" - name: Get Postgres connection string from variable diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index aafa761db..439599828 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -82,7 +82,8 @@ changed_when: matrix_postgres_synapse_vacuum_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results -- ansible.builtin.debug: var="matrix_postgres_synapse_vacuum_result" +- ansible.builtin.debug: + var: "matrix_postgres_synapse_vacuum_result" - name: Ensure matrix-synapse is started, if it previously was ansible.builtin.service: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 6ae016fcc..9834e256a 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -24,7 +24,8 @@ failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 -- ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_compress_room_command_result" +- ansible.builtin.debug: + var: "matrix_synapse_rust_synapse_compress_state_compress_room_command_result" - name: Generate Postgres compression SQL import command ansible.builtin.set_fact: diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index b48e60775..80c25f7fa 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -88,7 +88,8 @@ - when: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.failed or matrix_synapse_rust_synapse_compress_state_find_rooms_command_result.stdout_lines | length != 4" block: - - ansible.builtin.debug: var="matrix_synapse_rust_synapse_compress_state_find_rooms_command_result" + - ansible.builtin.debug: + var: "matrix_synapse_rust_synapse_compress_state_find_rooms_command_result" - name: Fail if room find result is not what we expect ansible.builtin.fail: From fd7e1604a5880242b67d92fa1d8df4180fc53c6f Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 25 Oct 2022 09:16:24 +0000 Subject: [PATCH 243/349] Update appservice-irc 0.35.1 -> 0.36.0 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index c4fa75fe4..d54a7685d 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -11,7 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`). # It's a bare version number now. We try to somewhat retain compatibility below. -matrix_appservice_irc_version: 0.35.1 +matrix_appservice_irc_version: 0.36.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}" matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 81d8785811bd3aca8a6334910e2143edda8a3dda Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 25 Oct 2022 13:03:50 +0000 Subject: [PATCH 244/349] Update grafana 9.2.1 -> 9.2.2 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 767a749bc..5bccb60d2 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.1 +matrix_grafana_version: 9.2.2 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 145a57a7b8ad1d01a3a05c28abe6586078611418 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 25 Oct 2022 18:25:07 +0300 Subject: [PATCH 245/349] update honoroit 0.9.15 -> 0.9.16 --- group_vars/matrix_servers | 2 +- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6728eaaae..e31e0dba3 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1163,7 +1163,7 @@ matrix_bot_honoroit_systemd_required_services_list: | # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_honoroit_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_honoroit_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'honoroit.bot.db') | to_uuid }}" -matrix_bot_honoroit_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_bot_honoroit_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" ###################################################################### # diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 68fb8c177..3510f4732 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.15 +matrix_bot_honoroit_version: v0.9.16 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" From a22d5b1726a207f6349e47890684759a14e1e697 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 25 Oct 2022 18:26:57 +0300 Subject: [PATCH 246/349] update postmoogle 0.9.7 -> 0.9.8 --- group_vars/matrix_servers | 2 +- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6728eaaae..354b66913 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1227,7 +1227,7 @@ matrix_bot_postmoogle_systemd_required_services_list: | matrix_bot_postmoogle_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db') | to_uuid }}" -matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" ###################################################################### # diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 1bcd570a5..af6c23ac0 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" -matrix_bot_postmoogle_version: v0.9.7 +matrix_bot_postmoogle_version: v0.9.8 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" From 12fe1f417c2816939755bfc5e1e61a376b59ea90 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 25 Oct 2022 18:39:39 +0300 Subject: [PATCH 247/349] update buscarron 1.2.1 -> 1.3.0 --- docs/configuring-playbook-bot-buscarron.md | 4 +-- group_vars/matrix_servers | 2 +- roles/matrix-bot-buscarron/defaults/main.yml | 32 ++++++++++++++------ roles/matrix-bot-buscarron/templates/env.j2 | 6 +++- 4 files changed, 30 insertions(+), 14 deletions(-) diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index 3a5822abd..b38f25c67 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -36,10 +36,10 @@ matrix_bot_buscarron_forms: room: "!yourRoomID:DOMAIN" # (mandatory) Room ID where form submission will be posted redirect: https://DOMAIN # (mandatory) To what page user will be redirected after the form submission ratelimit: 1r/m # (optional) rate limit of the form, format: r/, eg: 1r/s or 54r/m + hasemail: 1 # (optional) form has "email" field that should be validated extensions: [] # (optional) list of form extensions (not used yet) -matrix_bot_buscarron_spam_hosts: [] # (optional) list of email domains/hosts that should be rejected automatically -matrix_bot_buscarron_spam_emails: [] # (optional) list of email addresses that should be rejected automatically +matrix_bot_buscarron_spamlist: [] # (optional) list of emails/domains/hosts (with wildcards support) that should be rejected automatically ``` You will also need to add a DNS record so that buscarron can be accessed. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6728eaaae..5d463da2b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1194,7 +1194,7 @@ matrix_bot_buscarron_systemd_required_services_list: | # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_buscarron_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_buscarron_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'buscarron.bot.db') | to_uuid }}" -matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" ###################################################################### # diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/matrix-bot-buscarron/defaults/main.yml index 648d53447..21d9a4a39 100644 --- a/roles/matrix-bot-buscarron/defaults/main.yml +++ b/roles/matrix-bot-buscarron/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_buscarron_docker_repo: "https://gitlab.com/etke.cc/buscarron.git" matrix_bot_buscarron_docker_repo_version: "{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_src_files_path: "{{ matrix_base_data_path }}/buscarron/docker-src" -matrix_bot_buscarron_version: v1.2.1 +matrix_bot_buscarron_version: v1.3.0 matrix_bot_buscarron_docker_image: "{{ matrix_bot_buscarron_docker_image_name_prefix }}buscarron:{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_buscarron_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_buscarron_docker_image_force_pull: "{{ matrix_bot_buscarron_docker_image.endswith(':latest') }}" @@ -78,37 +78,49 @@ matrix_bot_buscarron_homeserver: "{{ matrix_homeserver_container_url }}" matrix_bot_buscarron_forms: [] # Disable encryption -matrix_bot_buscarron_noencryption: +matrix_bot_buscarron_noencryption: false # Sentry DSN -matrix_bot_buscarron_sentry: +matrix_bot_buscarron_sentry: '' # Log level matrix_bot_buscarron_loglevel: INFO -# spam hosts/domains +# list of spammers with wildcards support, eg: *@spam.com spam@*, spam@spam.com +matrix_bot_buscarron_spamlist: [] + +# spam hosts/domains. +# deprecated, use matrix_bot_buscarron_spamlist matrix_bot_buscarron_spam_hosts: [] # spam email addresses +# deprecated, use matrix_bot_buscarron_spamlist matrix_bot_buscarron_spam_emails: [] # spam email localparts +# deprecated, use matrix_bot_buscarron_spamlist matrix_bot_buscarron_spam_localparts: [] -# Ban duration in hours -matrix_bot_buscarron_ban_duration: 24 - # Banlist size matrix_bot_buscarron_ban_size: 10000 +# Permanent banlist +matrix_bot_buscarron_ban_list: [] + # Postmark token (confirmation emails) -matrix_bot_buscarron_pm_token: +matrix_bot_buscarron_pm_token: '' # Postmark sender signature -matrix_bot_buscarron_pm_from: +matrix_bot_buscarron_pm_from: '' # Postmark confirmation email's reply-to -matrix_bot_buscarron_pm_replyto: +matrix_bot_buscarron_pm_replyto: '' + +# email address (from) for SMTP validation. Must be valid email on valid SMTP server, otherwise it will be rejected by other servers +matrix_bot_buscarron_smtp_from: '' + +# enforce SMTP validation +matrix_bot_buscarron_smtp_validation: false # Additional environment variables to pass to the buscarron container # diff --git a/roles/matrix-bot-buscarron/templates/env.j2 b/roles/matrix-bot-buscarron/templates/env.j2 index 42da0d349..90ae5f7e8 100644 --- a/roles/matrix-bot-buscarron/templates/env.j2 +++ b/roles/matrix-bot-buscarron/templates/env.j2 @@ -3,22 +3,26 @@ BUSCARRON_PASSWORD={{ matrix_bot_buscarron_password }} BUSCARRON_HOMESERVER={{ matrix_bot_buscarron_homeserver }} BUSCARRON_DB_DSN={{ matrix_bot_buscarron_database_connection_string }} BUSCARRON_DB_DIALECT={{ matrix_bot_buscarron_database_dialect }} +BUSCARRON_SPAMLIST={{ matrix_bot_buscarron_spamlist|join(" ") }} BUSCARRON_SPAM_HOSTS={{ matrix_bot_buscarron_spam_hosts|join(" ") }} BUSCARRON_SPAM_EMAILS={{ matrix_bot_buscarron_spam_emails|join(" ") }} BUSCARRON_SPAM_LOCALPARTS={{ matrix_bot_buscarron_spam_localparts|join(" ") }} BUSCARRON_SENTRY={{ matrix_bot_buscarron_sentry }} BUSCARRON_LOGLEVEL={{ matrix_bot_buscarron_loglevel }} -BUSCARRON_BAN_DURATION={{ matrix_bot_buscarron_ban_duration }} BUSCARRON_BAN_SIZE={{ matrix_bot_buscarron_ban_size }} +BUSCARRON_BAN_LIST={{ matrix_bot_buscarron_ban_list }} BUSCARRON_PM_TOKEN={{ matrix_bot_buscarron_pm_token }} BUSCARRON_PM_FROM={{ matrix_bot_buscarron_pm_from }} BUSCARRON_PM_REPLYTO={{ matrix_bot_buscarron_pm_replyto }} +BUSCARRON_SMTP_FROM={{ matrix_bot_buscarron_smtp_from }} +BUSCARRON_SMTP_VALIDATION={{ matrix_bot_buscarron_smtp_validation }} BUSCARRON_NOENCRYPTION={{ matrix_bot_buscarron_noencryption }} {% set forms = [] %} {% for form in matrix_bot_buscarron_forms -%}{{- forms.append(form.name) -}} BUSCARRON_{{ form.name|upper }}_ROOM={{ form.room|default('') }} BUSCARRON_{{ form.name|upper }}_REDIRECT={{ form.redirect|default('') }} BUSCARRON_{{ form.name|upper }}_HASDOMAIN={{ form.hasdomain|default('') }} +BUSCARRON_{{ form.name|upper }}_HASEMAIL={{ form.hasemail|default('') }} BUSCARRON_{{ form.name|upper }}_RATELIMIT={{ form.ratelimit|default('') }} BUSCARRON_{{ form.name|upper }}_EXTENSIONS={{ form.extensions|default('')|join(' ') }} BUSCARRON_{{ form.name|upper }}_CONFIRMATION_SUBJECT={{ form.confirmation_subject|default('') }} From 437d177d3133827379d303bba452480bd30d3ab9 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 25 Oct 2022 18:17:47 +0000 Subject: [PATCH 248/349] update element v1.11.10 -> v1.11.11 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index c8e476a19..7204aa107 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.10 +matrix_client_element_version: v1.11.11 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 9a439f91ae5b412756c51bb3dbf55643cd8127a9 Mon Sep 17 00:00:00 2001 From: Array in a Matrix Date: Wed, 26 Oct 2022 12:58:09 -0400 Subject: [PATCH 249/349] update way to login to discord --- docs/configuring-playbook-bridge-mautrix-discord.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 9fbf14240..065609b25 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -12,7 +12,7 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.h ## Prerequisites -For using this bridge, you would **need to authenticate by scanning a QR code with the Discord app on your phone**. +For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone **or** by using **discord account token**. You can delete the Discord app after the authentication process. @@ -70,7 +70,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage 1. Start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). -2. Send a `login` command +2. If you would like to login to Discord using a token, send `login-token` command, otherwise, send `login-qr` command. 3. You'll see a QR code which you need to scan with the Discord app on your phone. You can scan it with the camera app too, which will open Discord, which will then instruct you to scan it a 2nd time in the Discord app. 4. After confirming (in the Discord app) that you'd like to allow this login, the bot should respond with "Succcessfully authenticated as ..." 5. Now that you're logged in, you can send a `help` command to the bot again, to see additional commands you have access to From 170960be1aafcdf2b094322f8c9f268b744a29bf Mon Sep 17 00:00:00 2001 From: Joe Kappus Date: Wed, 26 Oct 2022 18:47:09 -0400 Subject: [PATCH 250/349] update element v1.11.11 -> v1.11.12 fixes jitsi issue --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 7204aa107..2d5c99d2b 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.11 +matrix_client_element_version: v1.11.12 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From e5e5ee4f7237c8047abfe85fc2aa0e25eb38edb2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 06:45:37 +0300 Subject: [PATCH 251/349] Use fixed image tags for prodrigestivill/postgres-backup-local At some point, we can drop v9.6 support and use a single variable that holds this value. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2191 --- roles/matrix-postgres-backup/defaults/main.yml | 18 +++++++++--------- .../tasks/validate_config.yml | 11 +++++++++++ 2 files changed, 20 insertions(+), 9 deletions(-) diff --git a/roles/matrix-postgres-backup/defaults/main.yml b/roles/matrix-postgres-backup/defaults/main.yml index ed42266f2..d59c84e95 100644 --- a/roles/matrix-postgres-backup/defaults/main.yml +++ b/roles/matrix-postgres-backup/defaults/main.yml @@ -24,18 +24,18 @@ matrix_postgres_backup_postgres_data_path: "" matrix_postgres_backup_architecture: amd64 -# matrix_postgres_docker_image_suffix controls whether we use Alpine-based images (`-alpine`) or the normal Debian-based images. +# matrix_postgres_backup_docker_image_distro controls whether we use Alpine-based images (`-alpine`) or the normal Debian-based images. # Alpine-based Postgres images are smaller and we usually prefer them, but they don't work on ARM32 (tested on a Raspberry Pi 3 running Raspbian 10.7). # On ARM32, `-alpine` images fail with the following error: # > LOG: startup process (PID 37) was terminated by signal 11: Segmentation fault -matrix_postgres_backup_docker_image_suffix: "{{ '-alpine' if matrix_postgres_backup_architecture in ['amd64', 'arm64'] else '' }}" - -matrix_postgres_backup_docker_image_v9: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:9.6{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v10: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:10{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v11: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:11{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v12: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:12{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v13: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:13{{ matrix_postgres_backup_docker_image_suffix }}" -matrix_postgres_backup_docker_image_v14: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:14{{ matrix_postgres_backup_docker_image_suffix }}" +matrix_postgres_backup_docker_image_distro: "{{ 'alpine' if matrix_postgres_backup_architecture in ['amd64', 'arm64'] else 'debian' }}" + +matrix_postgres_backup_docker_image_v9: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:9.6-{{ matrix_postgres_backup_docker_image_distro }}-2aa03d1" +matrix_postgres_backup_docker_image_v10: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:10-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v11: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:11-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v12: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:12-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v13: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:13-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_v14: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:14-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" matrix_postgres_backup_docker_image_latest: "{{ matrix_postgres_backup_docker_image_v14 }}" # This variable is assigned at runtime. Overriding its value has no effect. diff --git a/roles/matrix-postgres-backup/tasks/validate_config.yml b/roles/matrix-postgres-backup/tasks/validate_config.yml index 8a2ddb5ad..2ba643748 100644 --- a/roles/matrix-postgres-backup/tasks/validate_config.yml +++ b/roles/matrix-postgres-backup/tasks/validate_config.yml @@ -16,3 +16,14 @@ - "matrix_postgres_backup_keep_months" - "matrix_postgres_backup_path" - "matrix_postgres_backup_databases" + +- name: (Deprecation) Catch and report renamed settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_postgres_backup_docker_image_suffix', 'new': 'matrix_postgres_backup_docker_image_distro'} + + From 6cacf7297d7dc88a37537569fd9d9fc81db62176 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 06:50:04 +0300 Subject: [PATCH 252/349] Add support for postgres-backup-local v15 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2200 --- roles/matrix-postgres-backup/defaults/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-postgres-backup/defaults/main.yml b/roles/matrix-postgres-backup/defaults/main.yml index d59c84e95..abdfa74c5 100644 --- a/roles/matrix-postgres-backup/defaults/main.yml +++ b/roles/matrix-postgres-backup/defaults/main.yml @@ -36,7 +36,8 @@ matrix_postgres_backup_docker_image_v11: "{{ matrix_container_global_registry_pr matrix_postgres_backup_docker_image_v12: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:12-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" matrix_postgres_backup_docker_image_v13: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:13-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" matrix_postgres_backup_docker_image_v14: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:14-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" -matrix_postgres_backup_docker_image_latest: "{{ matrix_postgres_backup_docker_image_v14 }}" +matrix_postgres_backup_docker_image_v15: "{{ matrix_container_global_registry_prefix }}prodrigestivill/postgres-backup-local:15-{{ matrix_postgres_backup_docker_image_distro }}-2cf00a5" +matrix_postgres_backup_docker_image_latest: "{{ matrix_postgres_backup_docker_image_v15 }}" # This variable is assigned at runtime. Overriding its value has no effect. matrix_postgres_backup_docker_image_to_use: '{{ matrix_postgres_backup_docker_image_latest }}' From 35c5c23a3e4c0f0d9981f18895a0da300a7ea8ac Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 06:50:41 +0300 Subject: [PATCH 253/349] Remove useless tasks from matrix-postgres-backup role `matrix-postgres-backup` reuses the `matrix-postgres` role for these tasks, not its own definitions. --- .../util/detect_existing_postgres_version.yml | 61 ------------------- 1 file changed, 61 deletions(-) delete mode 100644 roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml diff --git a/roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml b/roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml deleted file mode 100644 index 877e5934d..000000000 --- a/roles/matrix-postgres-backup/tasks/util/detect_existing_postgres_version.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- - -# This utility aims to determine if there is some existing Postgres version in use or not. -# If there is, it also tries to detect the Docker image that corresponds to that version. - -- name: Initialize Postgres version determination variables (default to empty) - ansible.builtin.set_fact: - matrix_postgres_backup_detection_pg_version_path: "{{ matrix_postgres_data_path }}/PG_VERSION" - matrix_postgres_backup_detected_existing: false - matrix_postgres_backup_detected_version: "" - matrix_postgres_backup_detected_version_corresponding_docker_image: "" - -- name: Determine existing Postgres version (check PG_VERSION file) - ansible.builtin.stat: - path: "{{ matrix_postgres_backup_detection_pg_version_path }}" - register: result_pg_version_stat - -- ansible.builtin.set_fact: - matrix_postgres_backup_detected_existing: true - when: "result_pg_version_stat.stat.exists" - -- name: Determine existing Postgres version (read PG_VERSION file) - ansible.builtin.slurp: - src: "{{ matrix_postgres_backup_detection_pg_version_path }}" - register: result_pg_version - when: matrix_postgres_backup_detected_existing | bool - -- name: Determine existing Postgres version (make sense of PG_VERSION file) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version: "{{ result_pg_version['content'] | b64decode | replace('\n', '') }}" - when: matrix_postgres_backup_detected_existing | bool - -- name: Determine corresponding Docker image to detected version (assume default of latest) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_latest }}" - when: "matrix_postgres_backup_detected_version != ''" - -- name: Determine corresponding Docker image to detected version (use 9.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v9 }}" - when: "matrix_postgres_backup_detected_version.startswith('9.')" - -- name: Determine corresponding Docker image to detected version (use 10.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v10 }}" - when: "matrix_postgres_backup_detected_version == '10' or matrix_postgres_backup_detected_version.startswith('10.')" - -- name: Determine corresponding Docker image to detected version (use 11.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v11 }}" - when: "matrix_postgres_backup_detected_version == '11' or matrix_postgres_backup_detected_version.startswith('11.')" - -- name: Determine corresponding Docker image to detected version (use 12.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v12 }}" - when: "matrix_postgres_backup_detected_version == '12' or matrix_postgres_backup_detected_version.startswith('12.')" - -- name: Determine corresponding Docker image to detected version (use 13.x, if detected) - ansible.builtin.set_fact: - matrix_postgres_backup_detected_version_corresponding_docker_image: "{{ matrix_postgres_backup_docker_image_v13 }}" - when: "matrix_postgres_backup_detected_version == '13' or matrix_postgres_backup_detected_version.startswith('13.')" From ce8e9be6a857c2541a00b22a3ec14ca01cd41562 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 09:48:49 +0300 Subject: [PATCH 254/349] Document Conduit installation Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2076 --- docs/configuring-playbook-conduit.md | 58 ++++++++++++++++++++++++++++ docs/configuring-playbook.md | 5 ++- examples/vars.yml | 4 +- 3 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 docs/configuring-playbook-conduit.md diff --git a/docs/configuring-playbook-conduit.md b/docs/configuring-playbook-conduit.md new file mode 100644 index 000000000..8739a5674 --- /dev/null +++ b/docs/configuring-playbook-conduit.md @@ -0,0 +1,58 @@ +# Configuring Conduit (optional) + +By default, this playbook configures the [Synapse](https://github.com/matrix-org/synapse) Matrix server, but you can also use [Conduit](https://conduit.rs). + +**NOTES**: + +- **You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Conduit). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet. + +- **homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding + + +## Installation + +To use Conduit, you **generally** need the following additional `vars.yml` configuration: + +```yaml +matrix_homeserver_implementation: conduit +``` + +However, since Conduit is difficult (see [famedly/conduit#276](https://gitlab.com/famedly/conduit/-/issues/276) and [famedly/conduit#354](https://gitlab.com/famedly/conduit/-/merge_requests/354)) when it comes to creating the first user account and does not support [registering users](registering-users.md) (via the command line or via the playbook) like Synapse and Dendrite do, we recommend the following flow: + +1. Add `matrix_conduit_allow_registration: true` to your `vars.yml` the first time around, temporarily +2. Run the playbook (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` - see [Installing](installing.md)) +3. Create your first user via Element or any other client which supports creating users +4. Get rid of `matrix_conduit_allow_registration: true` from your `vars.yml` +5. Run the playbook again (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-conduit,start` would be enough this time) +6. You can now use your server safely. Additional users can be created by messaging the internal Conduit bot + + +## Configuring bridges / appservices + +Automatic appservice setup is currently unsupported when using conduit. After setting up the service as usual you may notice that it is unable to start. + +You will have to manually register appservices using the the [register-appservice](https://gitlab.com/famedly/conduit/-/blob/next/APPSERVICES.md) command. + +Find the `registration.yaml` in the `/matrix` directory, for example `/matrix/mautrix-signal/bridge/registration.yaml`, then pass the content to conduit: + + + @conduit:your.server.name: register-appservice + ``` + as_token: + de.sorunome.msc2409.push_ephemeral: true + hs_token: + id: signal + namespaces: + aliases: + - exclusive: true + regex: ^#signal_.+:example\.org$ + users: + - exclusive: true + regex: ^@signal_.+:example\.org$ + - exclusive: true + regex: ^@signalbot:example\.org$ + rate_limited: false + sender_localpart: _bot_signalbot + url: http://matrix-mautrix-signal:29328 + ``` + diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index efb0f7e3c..127ab47da 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -42,7 +42,10 @@ When you're done with all the configuration you'd like to do, continue with [Ins ### Core service adjustments -- [Configuring Synapse](configuring-playbook-synapse.md) (optional) +- Homeserver configuration: + - [Configuring Synapse](configuring-playbook-synapse.md), if you're going with the default/recommended homeserver implementation (optional) + + - [Configuring Conduit](configuring-playbook-conduit.md), if you've switched to the [Conduit](https://conduit.rs) homeserver implementation (optional) - [Configuring Element](configuring-playbook-client-element.md) (optional) diff --git a/examples/vars.yml b/examples/vars.yml index 3ca8f4601..248f906ba 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -12,7 +12,9 @@ matrix_domain: YOUR_BARE_DOMAIN_NAME_HERE # The Matrix homeserver software to install. -# See `roles/matrix-base/defaults/main.yml` for valid options. +# See: +# - `roles/matrix-base/defaults/main.yml` for valid options +# - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice matrix_homeserver_implementation: synapse # A secret used as a base, for generating various other secrets. From 7303f9241c583ce17a9bc224092c89c73d0233e1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 27 Oct 2022 09:59:54 +0300 Subject: [PATCH 255/349] Fix yamllint error --- roles/matrix-postgres-backup/tasks/validate_config.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/roles/matrix-postgres-backup/tasks/validate_config.yml b/roles/matrix-postgres-backup/tasks/validate_config.yml index 2ba643748..aab68eafa 100644 --- a/roles/matrix-postgres-backup/tasks/validate_config.yml +++ b/roles/matrix-postgres-backup/tasks/validate_config.yml @@ -25,5 +25,3 @@ when: "item.old in vars" with_items: - {'old': 'matrix_postgres_backup_docker_image_suffix', 'new': 'matrix_postgres_backup_docker_image_distro'} - - From 45226f31410e89ab9a116aa061c293dda4aa2985 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 27 Oct 2022 08:14:31 +0000 Subject: [PATCH 256/349] Update signald 0.22.2 -> 0.23.0 ref: https://gitlab.com/signald/signald/-/issues/343 --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 9a06e423a..83b0a5ce0 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -10,7 +10,7 @@ matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: v0.4.0 -matrix_mautrix_signal_daemon_version: 0.22.2 +matrix_mautrix_signal_daemon_version: 0.23.0 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" From 3c31638de969e5b1a7fd7fe3e6ced64125afc156 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 27 Oct 2022 10:45:08 +0000 Subject: [PATCH 257/349] fix buscarron ban list --- roles/matrix-bot-buscarron/templates/env.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-buscarron/templates/env.j2 b/roles/matrix-bot-buscarron/templates/env.j2 index 90ae5f7e8..80ddd38cc 100644 --- a/roles/matrix-bot-buscarron/templates/env.j2 +++ b/roles/matrix-bot-buscarron/templates/env.j2 @@ -10,7 +10,7 @@ BUSCARRON_SPAM_LOCALPARTS={{ matrix_bot_buscarron_spam_localparts|join(" ") }} BUSCARRON_SENTRY={{ matrix_bot_buscarron_sentry }} BUSCARRON_LOGLEVEL={{ matrix_bot_buscarron_loglevel }} BUSCARRON_BAN_SIZE={{ matrix_bot_buscarron_ban_size }} -BUSCARRON_BAN_LIST={{ matrix_bot_buscarron_ban_list }} +BUSCARRON_BAN_LIST={{ matrix_bot_buscarron_ban_list|default('')|join(' ') }} BUSCARRON_PM_TOKEN={{ matrix_bot_buscarron_pm_token }} BUSCARRON_PM_FROM={{ matrix_bot_buscarron_pm_from }} BUSCARRON_PM_REPLYTO={{ matrix_bot_buscarron_pm_replyto }} From 48388a3d96218fe61a7501c131f67ccf61718254 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Fri, 28 Oct 2022 13:20:17 +0200 Subject: [PATCH 258/349] use fqcns for some task Signed-off-by: Sebastian Gumprich --- roles/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/matrix-backup-borg/tasks/setup_uninstall.yml | 2 +- roles/matrix-base/tasks/server_base/setup_archlinux.yml | 4 ++-- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- roles/matrix-base/tasks/util/ensure_fuse_installed.yml | 2 +- roles/matrix-base/tasks/util/ensure_openssl_installed.yml | 2 +- roles/matrix-bot-buscarron/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-buscarron/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-go-neb/tasks/setup_install.yml | 2 +- roles/matrix-bot-go-neb/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-honoroit/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-honoroit/tasks/setup_uninstall.yml | 2 +- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 2 +- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-mjolnir/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml | 2 +- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../matrix-bridge-appservice-irc/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-beeper-linkedin/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-go-skype-bridge/tasks/setup_install.yml | 4 ++-- roles/matrix-bridge-heisenbridge/tasks/setup_install.yml | 2 +- roles/matrix-bridge-hookshot/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-discord/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-signal/tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 6 +++--- .../matrix-bridge-mautrix-twitter/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-slack/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-steam/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- roles/matrix-bridge-sms/tasks/setup_install.yml | 2 +- roles/matrix-cactus-comments/tasks/setup_install.yml | 4 ++-- roles/matrix-cactus-comments/tasks/setup_uninstall.yml | 2 +- roles/matrix-client-cinny/tasks/setup_install.yml | 4 ++-- roles/matrix-client-cinny/tasks/setup_uninstall.yml | 2 +- roles/matrix-client-element/tasks/setup_install.yml | 4 ++-- roles/matrix-client-element/tasks/setup_uninstall.yml | 2 +- roles/matrix-client-hydrogen/tasks/setup_install.yml | 4 ++-- roles/matrix-client-hydrogen/tasks/setup_uninstall.yml | 2 +- roles/matrix-conduit/tasks/conduit/setup_install.yml | 2 +- roles/matrix-conduit/tasks/conduit/setup_uninstall.yml | 2 +- roles/matrix-corporal/tasks/setup_corporal.yml | 6 +++--- roles/matrix-coturn/tasks/setup_install.yml | 6 +++--- roles/matrix-dendrite/tasks/dendrite/setup_install.yml | 2 +- roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml | 2 +- roles/matrix-dimension/tasks/setup_install.yml | 4 ++-- roles/matrix-dimension/tasks/setup_uninstall.yml | 2 +- roles/matrix-dynamic-dns/tasks/install.yml | 4 ++-- roles/matrix-email2matrix/tasks/setup_install.yml | 4 ++-- roles/matrix-email2matrix/tasks/setup_uninstall.yml | 2 +- roles/matrix-etherpad/tasks/setup_install.yml | 2 +- roles/matrix-etherpad/tasks/setup_uninstall.yml | 2 +- roles/matrix-grafana/tasks/setup.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml | 2 +- roles/matrix-jitsi/tasks/setup_jitsi_web.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 2 +- roles/matrix-ma1sd/tasks/setup_install.yml | 6 +++--- roles/matrix-ma1sd/tasks/setup_uninstall.yml | 2 +- roles/matrix-mailer/tasks/setup_mailer.yml | 6 +++--- .../tasks/nginx-proxy/setup_metrics_auth.yml | 2 +- roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 2 +- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 2 +- roles/matrix-ntfy/tasks/setup_install.yml | 2 +- roles/matrix-ntfy/tasks/setup_uninstall.yml | 2 +- .../tasks/setup_postgres_backup.yml | 2 +- roles/matrix-postgres/tasks/migrate_db_to_postgres.yml | 4 ++-- roles/matrix-postgres/tasks/setup_postgres.yml | 2 +- roles/matrix-prometheus-node-exporter/tasks/setup.yml | 2 +- roles/matrix-prometheus-postgres-exporter/tasks/setup.yml | 2 +- roles/matrix-prometheus/tasks/setup_install.yml | 2 +- roles/matrix-redis/tasks/setup_redis.yml | 2 +- roles/matrix-registration/tasks/setup_install.yml | 4 ++-- roles/matrix-registration/tasks/setup_uninstall.yml | 2 +- roles/matrix-sygnal/tasks/setup_install.yml | 2 +- roles/matrix-sygnal/tasks/setup_uninstall.yml | 2 +- roles/matrix-synapse-admin/tasks/setup.yml | 6 +++--- .../tasks/ext/mjolnir-antispam/setup_install.yml | 2 +- .../tasks/ext/synapse-simple-antispam/setup_install.yml | 2 +- roles/matrix-synapse/tasks/goofys/setup_install.yml | 2 +- roles/matrix-synapse/tasks/goofys/setup_uninstall.yml | 2 +- roles/matrix-synapse/tasks/import_media_store.yml | 2 +- .../tasks/rust-synapse-compress-state/main.yml | 2 +- roles/matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- roles/matrix-synapse/tasks/synapse/setup_uninstall.yml | 2 +- 103 files changed, 159 insertions(+), 159 deletions(-) diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/matrix-backup-borg/tasks/setup_install.yml index b44a8fa1b..f99051e35 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/matrix-backup-borg/tasks/setup_install.yml @@ -59,7 +59,7 @@ mode: 0600 - name: Ensure borg image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_backup_borg_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_backup_borg_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -82,7 +82,7 @@ when: "matrix_backup_borg_container_image_self_build | bool" - name: Ensure borg image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_backup_borg_docker_image }}" source: build force_source: "{{ matrix_backup_borg_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-backup-borg/tasks/setup_uninstall.yml b/roles/matrix-backup-borg/tasks/setup_uninstall.yml index fb583f57a..37832b2b1 100644 --- a/roles/matrix-backup-borg/tasks/setup_uninstall.yml +++ b/roles/matrix-backup-borg/tasks/setup_uninstall.yml @@ -36,6 +36,6 @@ state: absent - name: Ensure borg Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_backup_borg_docker_image }}" state: absent diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/matrix-base/tasks/server_base/setup_archlinux.yml index c912e58f3..a93136148 100644 --- a/roles/matrix-base/tasks/server_base/setup_archlinux.yml +++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml @@ -1,7 +1,7 @@ --- - name: Install host dependencies - pacman: + community.general.pacman: name: - python-docker - python-dnspython @@ -9,7 +9,7 @@ update_cache: true - name: Ensure Docker is installed - pacman: + community.general.pacman: name: - docker state: present diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 2e8609873..6eebe3c0e 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -20,7 +20,7 @@ when: "matrix_vars_yml_snapshotting_enabled | bool" - name: Ensure Matrix network is created in Docker - docker_network: + community.docker.docker_network: name: "{{ matrix_docker_network }}" driver: bridge diff --git a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/matrix-base/tasks/util/ensure_fuse_installed.yml index 47d2d9e85..240a5c625 100644 --- a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml +++ b/roles/matrix-base/tasks/util/ensure_fuse_installed.yml @@ -16,7 +16,7 @@ when: ansible_os_family == 'Debian' - name: Ensure fuse installed (Archlinux) - pacman: + community.general.pacman: name: - fuse3 state: present diff --git a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/matrix-base/tasks/util/ensure_openssl_installed.yml index ae22fb495..a5bdf21a5 100644 --- a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml +++ b/roles/matrix-base/tasks/util/ensure_openssl_installed.yml @@ -16,7 +16,7 @@ when: ansible_os_family == 'Debian' - name: Ensure openssl installed (Archlinux) - pacman: + community.general.pacman: name: - openssl state: present diff --git a/roles/matrix-bot-buscarron/tasks/setup_install.yml b/roles/matrix-bot-buscarron/tasks/setup_install.yml index 564ff7e0f..4a23d7e72 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/matrix-bot-buscarron/tasks/setup_install.yml @@ -50,7 +50,7 @@ mode: 0640 - name: Ensure buscarron image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_buscarron_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -73,7 +73,7 @@ when: "matrix_bot_buscarron_container_image_self_build | bool" - name: Ensure buscarron image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" source: build force_source: "{{ matrix_bot_buscarron_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml b/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml index ad9e78cdd..848d24d2b 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure buscarron Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_buscarron_docker_image }}" state: absent diff --git a/roles/matrix-bot-go-neb/tasks/setup_install.yml b/roles/matrix-bot-go-neb/tasks/setup_install.yml index a651c1608..522155972 100644 --- a/roles/matrix-bot-go-neb/tasks/setup_install.yml +++ b/roles/matrix-bot-go-neb/tasks/setup_install.yml @@ -17,7 +17,7 @@ when: "item.when | bool" - name: Ensure go-neb image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_go_neb_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_go_neb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml b/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml index 9794a90ad..833910942 100644 --- a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure go-neb Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_go_neb_docker_image }}" state: absent diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/matrix-bot-honoroit/tasks/setup_install.yml index 8a440484e..3c9745576 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml @@ -50,7 +50,7 @@ mode: 0640 - name: Ensure honoroit image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_honoroit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -73,7 +73,7 @@ when: "matrix_bot_honoroit_container_image_self_build | bool" - name: Ensure honoroit image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" source: build force_source: "{{ matrix_bot_honoroit_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml index 6ede0d1d2..54869e312 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure honoroit Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_honoroit_docker_image }}" state: absent diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml index d4522321e..5896ac620 100644 --- a/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml @@ -22,7 +22,7 @@ mode: 0640 - name: Ensure matrix-registration-bot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_registration_bot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_matrix_registration_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -45,7 +45,7 @@ when: "matrix_bot_matrix_registration_bot_container_image_self_build | bool" - name: Ensure matrix-registration-bot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_registration_bot_docker_image }}" source: build force_source: "{{ matrix_bot_matrix_registration_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml b/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml index 426eefc10..63bc53ad0 100644 --- a/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure matrix-registration-bot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_registration_bot_docker_image }}" state: absent diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 93285bf60..5d784ef34 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -43,7 +43,7 @@ when: "item.when | bool" - name: Ensure matrix-reminder-bot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -66,7 +66,7 @@ when: "matrix_bot_matrix_reminder_bot_container_image_self_build | bool" - name: Ensure matrix-reminder-bot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" source: build force_source: "{{ matrix_bot_matrix_reminder_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml index d8926df75..de9e04271 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure matrix-reminder-bot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" state: absent diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 185a29889..50e48254c 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -26,7 +26,7 @@ mode: "u=rwx" - name: Ensure maubot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -49,7 +49,7 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: build force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index dd0fc1f6a..6a5e7fdc4 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure maubot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" state: absent diff --git a/roles/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/matrix-bot-mjolnir/tasks/setup_install.yml index 08ac9d034..b9bcf37d8 100644 --- a/roles/matrix-bot-mjolnir/tasks/setup_install.yml +++ b/roles/matrix-bot-mjolnir/tasks/setup_install.yml @@ -18,7 +18,7 @@ when: "item.when | bool" - name: Ensure mjolnir Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_mjolnir_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_mjolnir_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -41,7 +41,7 @@ when: "matrix_bot_mjolnir_container_image_self_build | bool" - name: Ensure mjolnir Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_mjolnir_docker_image }}" source: build force_source: "{{ matrix_bot_mjolnir_git_pull_results.changed }}" diff --git a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml b/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml index 5c7f4c896..afefcc489 100644 --- a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure mjolnir Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_mjolnir_docker_image }}" state: absent diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index 9c9e59ee5..5edfd4a9b 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -46,7 +46,7 @@ mode: 0640 - name: Ensure postmoogle image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_postmoogle_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_postmoogle_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -69,7 +69,7 @@ when: "matrix_bot_postmoogle_container_image_self_build | bool" - name: Ensure postmoogle image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_postmoogle_docker_image }}" source: build force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml index 64164a860..5502298cd 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure postmoogle Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_postmoogle_docker_image }}" state: absent diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml index e12c15727..3ef48c3df 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -29,7 +29,7 @@ matrix_appservice_discord_requires_restart: true - name: Ensure Appservice Discord image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_discord_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index 6794e8148..4b4614b17 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -64,7 +64,7 @@ matrix_appservice_irc_requires_restart: true - name: Ensure Appservice IRC image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_irc_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -87,7 +87,7 @@ when: "matrix_appservice_irc_enabled | bool and matrix_appservice_irc_container_image_self_build | bool" - name: Ensure matrix-appservice-irc Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_irc_docker_image }}" source: build force_source: "{{ matrix_appservice_irc_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml index def73c595..2dd334cb7 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml @@ -9,7 +9,7 @@ when: "matrix_synapse_role_executed | default(False)" - name: Ensure matrix-appservice-kakaotalk image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_kakaotalk_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -21,7 +21,7 @@ until: result is not failed - name: Ensure matrix-appservice-kakaotalk-node image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_node_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_kakaotalk_node_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -58,7 +58,7 @@ when: "matrix_appservice_kakaotalk_container_image_self_build | bool" - name: Ensure matrix-appservice-kakaotalk-node Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_node_docker_image }}" source: build force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -70,7 +70,7 @@ when: "matrix_appservice_kakaotalk_container_image_self_build | bool" - name: Ensure matrix-appservice-kakaotalk Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_kakaotalk_docker_image }}" source: build force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml index 9b741d69f..d882d27d1 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -32,7 +32,7 @@ matrix_appservice_slack_requires_restart: true - name: Ensure Appservice Slack image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_slack_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -55,7 +55,7 @@ when: "matrix_appservice_slack_container_image_self_build | bool" - name: Ensure matrix-appservice-slack Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_slack_docker_image }}" source: build force_source: "{{ matrix_appservice_slack_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 5cd8da882..824b5b783 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -15,7 +15,7 @@ when: "item.when | bool" - name: Ensure Appservice webhooks image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_webhooks_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_appservice_webhooks_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -39,7 +39,7 @@ register: matrix_appservice_webhooks_git_pull_results - name: Ensure Appservice webhooks Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_appservice_webhooks_docker_image }}" source: build force_source: "{{ matrix_appservice_webhooks_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index c1b19df99..97464adcf 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -23,7 +23,7 @@ - name: Ensure Beeper LinkedIn image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_beeper_linkedin_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_beeper_linkedin_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -62,7 +62,7 @@ changed_when: matrix_beeper_linkedin_generate_docker_requirements_result.rc == 0 - name: Ensure Beeper LinkedIn Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_beeper_linkedin_docker_image }}" source: build force_source: "{{ matrix_beeper_linkedin_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 320196860..82ccc72c3 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -52,7 +52,7 @@ when: item.when | bool - name: Ensure Go Skype Bridge image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_go_skype_bridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_go_skype_bridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_go_skype_bridge_container_image_self_build | bool" - name: Ensure Go Skype Bridge Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_go_skype_bridge_docker_image }}" source: build force_source: "{{ matrix_go_skype_bridge_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml index ffcc1c8b9..f8e1259bc 100644 --- a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml +++ b/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure heisenbridge image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_heisenbridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_heisenbridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/matrix-bridge-hookshot/tasks/setup_install.yml index 0c6bfc34b..7c1cdf950 100644 --- a/roles/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/matrix-bridge-hookshot/tasks/setup_install.yml @@ -15,7 +15,7 @@ when: item.when | bool - name: Ensure hookshot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_hookshot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_hookshot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -38,7 +38,7 @@ when: "matrix_hookshot_container_image_self_build | bool" - name: Ensure hookshot Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_hookshot_docker_image }}" source: build force_source: "{{ matrix_hookshot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml index 4b05765ac..ae3862d47 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -52,7 +52,7 @@ when: item.when | bool - name: Ensure Mautrix Discord image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_discord_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_mautrix_discord_container_image_self_build | bool" - name: Ensure Mautrix discord Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_discord_docker_image }}" source: build force_source: "{{ matrix_mautrix_discord_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index ca882fb05..651e77942 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -37,7 +37,7 @@ matrix_mautrix_facebook_requires_restart: true - name: Ensure Mautrix Facebook image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_facebook_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_mautrix_facebook_container_image_self_build | bool" - name: Ensure Mautrix Facebook Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_facebook_docker_image }}" source: build force_source: "{{ matrix_mautrix_facebook_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index f2fccb293..2e043def2 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -37,7 +37,7 @@ matrix_mautrix_googlechat_requires_restart: true - name: Ensure Mautrix googlechat image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_googlechat_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_googlechat_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_mautrix_googlechat_container_image_self_build | bool" - name: Ensure Mautrix googlechat Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_googlechat_docker_image }}" source: build force_source: "{{ matrix_mautrix_googlechat_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 48c835846..e62ef21c0 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -37,7 +37,7 @@ matrix_mautrix_hangouts_requires_restart: true - name: Ensure Mautrix Hangouts image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_hangouts_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_hangouts_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_mautrix_hangouts_container_image_self_build | bool" - name: Ensure Mautrix Hangouts Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_hangouts_docker_image }}" source: build force_source: "{{ matrix_mautrix_hangouts_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index 88b0286e7..47076eb7e 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -8,7 +8,7 @@ when: "matrix_synapse_role_executed | default(False)" - name: Ensure Mautrix instagram image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_instagram_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -45,7 +45,7 @@ when: "matrix_mautrix_instagram_container_image_self_build | bool" - name: Ensure Mautrix instagram Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_instagram_docker_image }}" source: build force_source: "{{ matrix_mautrix_instagram_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml index cfc704a82..577e80a90 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -9,7 +9,7 @@ when: "matrix_synapse_role_executed | default(False)" - name: Ensure Mautrix Signal image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -33,7 +33,7 @@ when: "matrix_mautrix_signal_container_image_self_build | bool" - name: Ensure Mautrix Signal image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_docker_image }}" source: build force_source: "{{ matrix_mautrix_signal_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -46,7 +46,7 @@ - name: Ensure Mautrix Signal Daemon image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_daemon_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -66,7 +66,7 @@ when: "matrix_mautrix_signal_daemon_container_image_self_build | bool" - name: Ensure Mautrix Signal Daemon image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_signal_daemon_docker_image }}" source: build force_source: "{{ matrix_mautrix_signal_daemon_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 7a50b709c..3d6e66f67 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -51,7 +51,7 @@ when: item.when | bool - name: Ensure Mautrix Telegram image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_telegram_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_telegram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -74,7 +74,7 @@ when: "matrix_telegram_lottieconverter_container_image_self_build | bool and matrix_mautrix_telegram_container_image_self_build | bool" - name: Ensure lottieconverter Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_telegram_lottieconverter_docker_image }}" source: build force_source: "{{ matrix_telegram_lottieconverter_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -97,7 +97,7 @@ when: "matrix_mautrix_telegram_container_image_self_build | bool" - name: Ensure matrix-mautrix-telegram Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_telegram_docker_image }}" source: build force_source: "{{ matrix_mautrix_telegram_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 05887c6d7..485e8be4b 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -12,7 +12,7 @@ matrix_mautrix_twitter_requires_restart: false - name: Ensure Mautrix Twitter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_twitter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -49,7 +49,7 @@ when: "matrix_mautrix_twitter_enabled | bool and matrix_mautrix_twitter_container_image_self_build" - name: Ensure Mautrix Twitter Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_twitter_docker_image }}" source: build force_source: "{{ matrix_mautrix_twitter_git_pull_results.changed }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index b58542f72..20dd2cc10 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -52,7 +52,7 @@ when: item.when | bool - name: Ensure Mautrix Whatsapp image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_whatsapp_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_whatsapp_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_mautrix_whatsapp_container_image_self_build | bool" - name: Ensure Mautrix Whatsapp Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mautrix_whatsapp_docker_image }}" source: build force_source: "{{ matrix_mautrix_whatsapp_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index b863b4446..715c9e422 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -71,7 +71,7 @@ matrix_mx_puppet_discord_requires_restart: true - name: Ensure MX Puppet Discord image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_discord_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -94,7 +94,7 @@ when: "matrix_mx_puppet_discord_enabled | bool and matrix_mx_puppet_discord_container_image_self_build" - name: Ensure MX Puppet Discord Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_discord_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_discord_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index f81ae4a01..4e33961b6 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -69,7 +69,7 @@ matrix_mx_puppet_groupme_requires_restart: true - name: Ensure MX Puppet Groupme image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_groupme_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_groupme_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -92,7 +92,7 @@ when: "matrix_mx_puppet_groupme_enabled | bool and matrix_mx_puppet_groupme_container_image_self_build" - name: Ensure MX Puppet Groupme Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_groupme_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_groupme_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 600ed63c6..7b1a26eed 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -38,7 +38,7 @@ matrix_mx_puppet_instagram_requires_restart: true - name: Ensure mx-puppet-instagram image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_instagram_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: "matrix_mx_puppet_instagram_enabled | bool and matrix_mx_puppet_instagram_container_image_self_build | bool" - name: Ensure mx-puppet-instagram Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_instagram_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_instagram_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 9c5ae4fc8..db5841240 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -65,7 +65,7 @@ matrix_mx_puppet_slack_requires_restart: true - name: Ensure MX Puppet Slack image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_slack_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -88,7 +88,7 @@ when: "matrix_mx_puppet_slack_enabled | bool and matrix_mx_puppet_slack_container_image_self_build" - name: Ensure MX Puppet Slack Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_slack_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_slack_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index c75566f30..9875dcce4 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -69,7 +69,7 @@ matrix_mx_puppet_steam_requires_restart: true - name: Ensure MX Puppet Steam image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_steam_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_steam_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -92,7 +92,7 @@ when: "matrix_mx_puppet_steam_enabled | bool and matrix_mx_puppet_steam_container_image_self_build" - name: Ensure MX Puppet Steam Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_steam_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_steam_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index ed94eae59..87da97b9f 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -69,7 +69,7 @@ matrix_mx_puppet_twitter_requires_restart: true - name: Ensure MX Puppet Twitter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_twitter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mx_puppet_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -92,7 +92,7 @@ when: "matrix_mx_puppet_twitter_enabled | bool and matrix_mx_puppet_twitter_container_image_self_build" - name: Ensure MX Puppet Twitter Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mx_puppet_twitter_docker_image }}" source: build force_source: "{{ matrix_mx_puppet_twitter_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bridge-sms/tasks/setup_install.yml b/roles/matrix-bridge-sms/tasks/setup_install.yml index dcc317ba2..b4125e511 100644 --- a/roles/matrix-bridge-sms/tasks/setup_install.yml +++ b/roles/matrix-bridge-sms/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure matrix-sms-bridge image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_sms_bridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" register: result diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/matrix-cactus-comments/tasks/setup_install.yml index ec5311e82..7085290f9 100644 --- a/roles/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/matrix-cactus-comments/tasks/setup_install.yml @@ -31,7 +31,7 @@ mode: 0640 - name: Ensure cactus comments image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_cactus_comments_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_cactus_comments_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -54,7 +54,7 @@ when: "matrix_cactus_comments_container_image_self_build | bool" - name: Ensure cactus comments image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_cactus_comments_docker_image }}" source: build force_source: "{{ matrix_cactus_comments_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml index 011c04b85..3491d9125 100644 --- a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml +++ b/roles/matrix-cactus-comments/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure cactus comments Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_cactus_comments_docker_image }}" state: absent diff --git a/roles/matrix-client-cinny/tasks/setup_install.yml b/roles/matrix-client-cinny/tasks/setup_install.yml index 755b872fd..a39c7f9dd 100644 --- a/roles/matrix-client-cinny/tasks/setup_install.yml +++ b/roles/matrix-client-cinny/tasks/setup_install.yml @@ -12,7 +12,7 @@ when: "item.when | bool" - name: Ensure Cinny Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_client_cinny_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_client_cinny_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -54,7 +54,7 @@ when: "item.src is not none" - name: Ensure Cinny Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_client_cinny_docker_image }}" source: build force_source: "{{ matrix_client_cinny_git_pull_results.changed }}" diff --git a/roles/matrix-client-cinny/tasks/setup_uninstall.yml b/roles/matrix-client-cinny/tasks/setup_uninstall.yml index e6f71b0bc..6cc93e1be 100644 --- a/roles/matrix-client-cinny/tasks/setup_uninstall.yml +++ b/roles/matrix-client-cinny/tasks/setup_uninstall.yml @@ -30,6 +30,6 @@ state: absent - name: Ensure Cinny Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_client_cinny_docker_image }}" state: absent diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/matrix-client-element/tasks/setup_install.yml index b21da064d..044ed6113 100644 --- a/roles/matrix-client-element/tasks/setup_install.yml +++ b/roles/matrix-client-element/tasks/setup_install.yml @@ -13,7 +13,7 @@ when: "item.when | bool" - name: Ensure Element Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_client_element_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_client_element_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -50,7 +50,7 @@ when: "matrix_client_element_container_image_self_build | bool and matrix_client_element_container_image_self_build_low_memory_system_patch_enabled | bool" - name: Ensure Element Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_client_element_docker_image }}" source: build force_source: "{{ matrix_client_element_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-client-element/tasks/setup_uninstall.yml b/roles/matrix-client-element/tasks/setup_uninstall.yml index b3cdd05e5..c40a4fc66 100644 --- a/roles/matrix-client-element/tasks/setup_uninstall.yml +++ b/roles/matrix-client-element/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Element Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_client_element_docker_image }}" state: absent diff --git a/roles/matrix-client-hydrogen/tasks/setup_install.yml b/roles/matrix-client-hydrogen/tasks/setup_install.yml index 4cd445d01..dfd0607bf 100644 --- a/roles/matrix-client-hydrogen/tasks/setup_install.yml +++ b/roles/matrix-client-hydrogen/tasks/setup_install.yml @@ -13,7 +13,7 @@ when: "item.when | bool" - name: Ensure Hydrogen Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_client_hydrogen_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_client_hydrogen_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -58,7 +58,7 @@ # This step MUST come after the steps to install the configuration files because the config files # are currently only read at build time, not at run time like most other components in the playbook - name: Ensure Hydrogen Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_client_hydrogen_docker_image }}" source: build force_source: "{{ matrix_client_hydrogen_git_pull_results.changed }}" diff --git a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml b/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml index d543cbb32..49d2f4cac 100644 --- a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml +++ b/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Hydrogen Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_client_hydrogen_docker_image }}" state: absent diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/matrix-conduit/tasks/conduit/setup_install.yml index ac5be14dd..cf8c66577 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_install.yml @@ -1,6 +1,6 @@ --- - name: Ensure Conduit Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_conduit_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_conduit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml index 3bbbc3a78..1bba9a9e0 100644 --- a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml +++ b/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml @@ -25,6 +25,6 @@ when: "matrix_conduit_service_stat.stat.exists" - name: Ensure Conduit Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_conduit_docker_image }}" state: absent diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/matrix-corporal/tasks/setup_corporal.yml index 583c27eba..e4fce8976 100644 --- a/roles/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/matrix-corporal/tasks/setup_corporal.yml @@ -29,7 +29,7 @@ when: "matrix_corporal_enabled | bool and matrix_corporal_container_image_self_build | bool" - name: Ensure Matrix Corporal Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_corporal_docker_image }}" source: build force_source: "{{ matrix_corporal_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -41,7 +41,7 @@ when: "matrix_corporal_enabled | bool and matrix_corporal_container_image_self_build | bool" - name: Ensure Matrix Corporal Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_corporal_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_corporal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -115,7 +115,7 @@ when: "not matrix_corporal_enabled | bool" - name: Ensure Matrix Corporal Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_corporal_docker_image }}" state: absent when: "not matrix_corporal_enabled | bool" diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/matrix-coturn/tasks/setup_install.yml index be9d8574f..ef44c073f 100644 --- a/roles/matrix-coturn/tasks/setup_install.yml +++ b/roles/matrix-coturn/tasks/setup_install.yml @@ -18,7 +18,7 @@ when: "item.when | bool" - name: Ensure Coturn image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_coturn_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_coturn_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -42,7 +42,7 @@ register: matrix_coturn_git_pull_results - name: Ensure Coturn Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_coturn_docker_image }}" source: build force_source: "{{ matrix_coturn_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -69,7 +69,7 @@ group: "{{ matrix_user_groupname }}" - name: Ensure Coturn network is created in Docker - docker_network: + community.docker.docker_network: name: "{{ matrix_coturn_docker_network }}" driver: bridge diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/matrix-dendrite/tasks/dendrite/setup_install.yml index 3052e1010..98090e156 100644 --- a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml +++ b/roles/matrix-dendrite/tasks/dendrite/setup_install.yml @@ -18,7 +18,7 @@ when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists" - name: Ensure Dendrite Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_dendrite_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_dendrite_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml b/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml index b6d8cfaca..6a2ea5b1d 100644 --- a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml +++ b/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml @@ -25,6 +25,6 @@ when: "matrix_dendrite_service_stat.stat.exists" - name: Ensure Dendrite Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_dendrite_docker_image }}" state: absent diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/matrix-dimension/tasks/setup_install.yml index c55708365..fc4763973 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/matrix-dimension/tasks/setup_install.yml @@ -87,7 +87,7 @@ group: "{{ matrix_dimension_user_gid }}" - name: Ensure Dimension image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_dimension_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_dimension_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -110,7 +110,7 @@ register: matrix_dimension_git_pull_results - name: Ensure Dimension Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_dimension_docker_image }}" source: build force_source: "{{ matrix_dimension_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-dimension/tasks/setup_uninstall.yml b/roles/matrix-dimension/tasks/setup_uninstall.yml index 3e2026a11..c939e66ae 100644 --- a/roles/matrix-dimension/tasks/setup_uninstall.yml +++ b/roles/matrix-dimension/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Dimension Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_dimension_docker_image }}" state: absent diff --git a/roles/matrix-dynamic-dns/tasks/install.yml b/roles/matrix-dynamic-dns/tasks/install.yml index e83637bfc..4be6d9f07 100644 --- a/roles/matrix-dynamic-dns/tasks/install.yml +++ b/roles/matrix-dynamic-dns/tasks/install.yml @@ -1,7 +1,7 @@ --- - name: Ensure Dynamic DNS image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_dynamic_dns_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_dynamic_dns_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -37,7 +37,7 @@ when: "matrix_dynamic_dns_enabled | bool and matrix_dynamic_dns_container_image_self_build | bool" - name: Ensure Dynamic DNS Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_dynamic_dns_docker_image }}" source: build force_source: "{{ matrix_dynamic_dns_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/matrix-email2matrix/tasks/setup_install.yml index 2a782a1a8..a6399a4ef 100644 --- a/roles/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/matrix-email2matrix/tasks/setup_install.yml @@ -22,7 +22,7 @@ mode: 0640 - name: Ensure Email2Matrix image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_email2matrix_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_email2matrix_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -45,7 +45,7 @@ when: "matrix_email2matrix_container_image_self_build | bool" - name: Ensure Email2Matrix Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_email2matrix_docker_image }}" source: build force_source: "{{ matrix_email2matrix_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/matrix-email2matrix/tasks/setup_uninstall.yml index a713a65ad..6aec40d2e 100644 --- a/roles/matrix-email2matrix/tasks/setup_uninstall.yml +++ b/roles/matrix-email2matrix/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Email2Matrix Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_email2matrix_docker_image }}" state: absent diff --git a/roles/matrix-etherpad/tasks/setup_install.yml b/roles/matrix-etherpad/tasks/setup_install.yml index 0243e9d7e..4974bd47b 100644 --- a/roles/matrix-etherpad/tasks/setup_install.yml +++ b/roles/matrix-etherpad/tasks/setup_install.yml @@ -17,7 +17,7 @@ group: "{{ matrix_etherpad_user_gid }}" - name: Ensure Etherpad image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_etherpad_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_etherpad_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-etherpad/tasks/setup_uninstall.yml b/roles/matrix-etherpad/tasks/setup_uninstall.yml index 38697366c..1a5d003e1 100644 --- a/roles/matrix-etherpad/tasks/setup_uninstall.yml +++ b/roles/matrix-etherpad/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Etherpad Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_etherpad_docker_image }}" state: absent diff --git a/roles/matrix-grafana/tasks/setup.yml b/roles/matrix-grafana/tasks/setup.yml index 25378ce7e..9198ffd8c 100644 --- a/roles/matrix-grafana/tasks/setup.yml +++ b/roles/matrix-grafana/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-grafana image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_grafana_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_grafana_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml index 8b2ec6a7a..5654fe3d5 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml @@ -17,7 +17,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-jicofo Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_jicofo_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_jicofo_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml index cdb94ebdd..9a50f8c62 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml @@ -17,7 +17,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-jvb Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_jvb_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_jvb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml index 9383b48b6..8ba99f91d 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -18,7 +18,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-prosody Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_prosody_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_prosody_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml index 1c7daa4b9..9326ee610 100644 --- a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml +++ b/roles/matrix-jitsi/tasks/setup_jitsi_web.yml @@ -19,7 +19,7 @@ when: matrix_jitsi_enabled | bool and item.when - name: Ensure jitsi-web Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_jitsi_web_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_jitsi_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml index 870373370..97b7e8eb0 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -26,7 +26,7 @@ register: matrix_ldap_registration_proxy_git_pull_results - name: Ensure matrix_ldap_registration_proxy Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_ldap_registration_proxy_docker_image }}" source: build force_source: "{{ matrix_ldap_registration_proxy_git_pull_results.changed }}" diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml index 3225a3ae5..96ab0b67a 100644 --- a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml +++ b/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure matrix_ldap_registration_proxy Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_ldap_registration_proxy_docker_image }}" state: absent diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/matrix-ma1sd/tasks/setup_install.yml index 5f4b29574..38ff3036c 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/matrix-ma1sd/tasks/setup_install.yml @@ -48,7 +48,7 @@ matrix_ma1sd_requires_restart: true - name: Ensure ma1sd image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_ma1sd_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_ma1sd_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -75,7 +75,7 @@ when: ansible_os_family == 'RedHat' - name: Ensure gradle is installed for self-building (Archlinux) - pacman: + community.general.pacman: name: - gradle state: present @@ -101,7 +101,7 @@ when: matrix_ma1sd_git_pull_results.changed - name: Ensure ma1sd Docker image is tagged correctly - docker_image: + community.docker.docker_image: # The build script always tags the image with 2 tags: # - based on the branch/version: e.g. `ma1uta/ma1sd:2.4.0` (when on `2.4.0`) # or `ma1uta/ma1sd:2.4.0-19-ga71d32b` (when on a given commit for a pre-release) diff --git a/roles/matrix-ma1sd/tasks/setup_uninstall.yml b/roles/matrix-ma1sd/tasks/setup_uninstall.yml index 2bc505b0f..0349ec32e 100644 --- a/roles/matrix-ma1sd/tasks/setup_uninstall.yml +++ b/roles/matrix-ma1sd/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure ma1sd Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_ma1sd_docker_image }}" state: absent diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/matrix-mailer/tasks/setup_mailer.yml index 2ab39df5d..36ec80164 100644 --- a/roles/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/matrix-mailer/tasks/setup_mailer.yml @@ -35,7 +35,7 @@ when: "matrix_mailer_enabled | bool and matrix_mailer_container_image_self_build | bool" - name: Ensure exim-relay Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_mailer_docker_image }}" source: build force_source: "{{ matrix_mailer_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -47,7 +47,7 @@ when: "matrix_mailer_enabled | bool and matrix_mailer_container_image_self_build | bool" - name: Ensure exim-relay image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_mailer_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mailer_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -108,7 +108,7 @@ when: "not matrix_mailer_enabled | bool" - name: Ensure mailer Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_mailer_docker_image }}" state: absent when: "not matrix_mailer_enabled | bool" diff --git a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index c2215ebad..6129a49fa 100644 --- a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -18,7 +18,7 @@ - when: matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username != '' block: - name: Ensure Apache Docker image is pulled for generating matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs) - docker_image: + community.docker.docker_image: name: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 4d93e769c..11a1cc069 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -193,7 +193,7 @@ # Tasks related to setting up matrix-nginx-proxy # - name: Ensure nginx Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_nginx_proxy_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_nginx_proxy_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index 62430f4bb..b212752c9 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -22,7 +22,7 @@ ansible.builtin.import_tasks: "{{ role_path }}/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml" - name: Ensure certbot Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_ssl_lets_encrypt_certbot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-ntfy/tasks/setup_install.yml b/roles/matrix-ntfy/tasks/setup_install.yml index 9afabc4cd..ef50c42a1 100644 --- a/roles/matrix-ntfy/tasks/setup_install.yml +++ b/roles/matrix-ntfy/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure matrix-ntfy image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_ntfy_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_ntfy_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-ntfy/tasks/setup_uninstall.yml b/roles/matrix-ntfy/tasks/setup_uninstall.yml index f6d9cc8aa..d5da1d8e6 100644 --- a/roles/matrix-ntfy/tasks/setup_uninstall.yml +++ b/roles/matrix-ntfy/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure ntfy Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_ntfy_docker_image }}" state: absent diff --git a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml index a62467572..2518326a3 100644 --- a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -17,7 +17,7 @@ when: matrix_postgres_backup_enabled | bool - name: Ensure postgres backup Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_backup_docker_image_to_use }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_postgres_backup_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml index dd75fb17c..215d36c10 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -61,7 +61,7 @@ replace: 'FROM debian:bullseye-slim' - name: Ensure pgloader Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_pgloader_docker_image }}" source: build force_source: "{{ matrix_postgres_pgloader_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -72,7 +72,7 @@ pull: true - name: Ensure pgloader Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_pgloader_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_postgres_pgloader_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/matrix-postgres/tasks/setup_postgres.yml index 49eb3249b..9efc73a66 100644 --- a/roles/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/matrix-postgres/tasks/setup_postgres.yml @@ -37,7 +37,7 @@ # Even if we don't run the internal server, we still need this for running the CLI - name: Ensure postgres Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_postgres_docker_image_to_use }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_postgres_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/matrix-prometheus-node-exporter/tasks/setup.yml index 0c6e77fcb..370b23d13 100644 --- a/roles/matrix-prometheus-node-exporter/tasks/setup.yml +++ b/roles/matrix-prometheus-node-exporter/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-prometheus-node-exporter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_prometheus_node_exporter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_prometheus_node_exporter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml index 00a61df62..dda614da8 100644 --- a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml +++ b/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-prometheus-postgres-exporter image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_prometheus_postgres_exporter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_prometheus_postgres_exporter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-prometheus/tasks/setup_install.yml b/roles/matrix-prometheus/tasks/setup_install.yml index c3aeaa7a6..928b1ab5f 100644 --- a/roles/matrix-prometheus/tasks/setup_install.yml +++ b/roles/matrix-prometheus/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure matrix-prometheus image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_prometheus_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_prometheus_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-redis/tasks/setup_redis.yml b/roles/matrix-redis/tasks/setup_redis.yml index 7dd7ea9f2..f3b047c09 100644 --- a/roles/matrix-redis/tasks/setup_redis.yml +++ b/roles/matrix-redis/tasks/setup_redis.yml @@ -5,7 +5,7 @@ # - name: Ensure redis Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_redis_docker_image_to_use }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_redis_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index 6b895d694..2f630ef00 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -48,7 +48,7 @@ when: "item.when | bool" - name: Ensure matrix-registration image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_registration_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_registration_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -79,7 +79,7 @@ when: "matrix_registration_container_image_self_build | bool and matrix_registration_container_image_self_build_python_dependencies_patch_enabled | bool" - name: Ensure matrix-registration Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_registration_docker_image }}" source: build force_source: "{{ matrix_registration_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-registration/tasks/setup_uninstall.yml b/roles/matrix-registration/tasks/setup_uninstall.yml index e3d713dc5..70e4fe97e 100644 --- a/roles/matrix-registration/tasks/setup_uninstall.yml +++ b/roles/matrix-registration/tasks/setup_uninstall.yml @@ -26,6 +26,6 @@ when: "matrix_registration_service_stat.stat.exists | bool" - name: Ensure matrix-registration Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_registration_docker_image }}" state: absent diff --git a/roles/matrix-sygnal/tasks/setup_install.yml b/roles/matrix-sygnal/tasks/setup_install.yml index 8f5f69377..e5c41bf00 100644 --- a/roles/matrix-sygnal/tasks/setup_install.yml +++ b/roles/matrix-sygnal/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure Sygnal image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_sygnal_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_sygnal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-sygnal/tasks/setup_uninstall.yml b/roles/matrix-sygnal/tasks/setup_uninstall.yml index eff4a74b8..dc752def3 100644 --- a/roles/matrix-sygnal/tasks/setup_uninstall.yml +++ b/roles/matrix-sygnal/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Sygnal Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_sygnal_docker_image }}" state: absent diff --git a/roles/matrix-synapse-admin/tasks/setup.yml b/roles/matrix-synapse-admin/tasks/setup.yml index 660212724..1dfa68a24 100644 --- a/roles/matrix-synapse-admin/tasks/setup.yml +++ b/roles/matrix-synapse-admin/tasks/setup.yml @@ -5,7 +5,7 @@ # - name: Ensure matrix-synapse-admin image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_admin_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_admin_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -28,7 +28,7 @@ when: "matrix_synapse_admin_enabled | bool and matrix_synapse_admin_container_image_self_build | bool" - name: Ensure matrix-synapse-admin Docker image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_admin_docker_image }}" source: build force_source: "{{ matrix_synapse_admin_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -82,7 +82,7 @@ when: "not matrix_synapse_admin_enabled | bool and matrix_synapse_admin_service_stat.stat.exists" - name: Ensure matrix-synapse-admin Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_admin_docker_image }}" state: absent when: "not matrix_synapse_admin_enabled | bool" diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml index 3869f1aa7..117fb7576 100644 --- a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml @@ -17,7 +17,7 @@ when: "ansible_os_family == 'Debian'" - name: Ensure git installed (Archlinux) - pacman: + community.general.pacman: name: - git state: present diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 34a7a7e06..dd3ff2d3f 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -22,7 +22,7 @@ when: "ansible_os_family == 'Debian'" - name: Ensure git installed (Archlinux) - pacman: + community.general.pacman: name: - git state: present diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/matrix-synapse/tasks/goofys/setup_install.yml index e3c341502..01eee8b87 100644 --- a/roles/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/matrix-synapse/tasks/goofys/setup_install.yml @@ -3,7 +3,7 @@ - ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_fuse_installed.yml" - name: Ensure Goofys Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_s3_goofys_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_s3_goofys_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml index da78003f5..1e9f166dc 100644 --- a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml +++ b/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure Goofys Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_s3_goofys_docker_image }}" state: absent diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 36ab9779b..740eb5102 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -51,7 +51,7 @@ # This can only work with local files, not if the media store is on Amazon S3, # as it won't be accessible in such a case. - name: Ensure provided media store directory is synchronized - synchronize: + ansible.builtin.synchronize: src: "{{ server_path_media_store }}/" dest: "{{ matrix_synapse_media_store_path }}" delete: true diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index 80c25f7fa..c8138c0bd 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -43,7 +43,7 @@ group: "{{ matrix_user_groupname }}" - name: Ensure rust-synapse-compress-state image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_rust_synapse_compress_state_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_rust_synapse_compress_state_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index 4d0e749f9..86395db2d 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -51,7 +51,7 @@ when: "matrix_synapse_git_pull_results.changed | bool or matrix_synapse_docker_image_check_result.stdout == ''" - name: Ensure Synapse Docker image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_synapse_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -73,7 +73,7 @@ mode: 0640 - name: Ensure customized Docker image for Synapse is built - docker_image: + community.docker.docker_image: name: "{{ matrix_synapse_docker_image_customized }}" source: build build: diff --git a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml index 06e550145..ac79f3709 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml @@ -26,7 +26,7 @@ when: "matrix_synapse_service_stat.stat.exists" - name: Ensure Synapse Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ item }}" state: absent with_items: From 7fb45a507d2abf0d34670dd72a342f3fd9bcfa75 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 28 Oct 2022 17:39:53 +0300 Subject: [PATCH 259/349] Make --tags=run-postgres-vacuum and --tags=upgrade-postgres not assume Synapse Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2211 --- group_vars/matrix_servers | 5 +++++ roles/matrix-postgres/defaults/main.yml | 4 ++++ roles/matrix-postgres/tasks/run_vacuum.yml | 11 ++++++----- roles/matrix-postgres/tasks/upgrade_postgres.yml | 11 +++++++---- 4 files changed, 22 insertions(+), 9 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d4464df9f..18aa553c0 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2112,6 +2112,11 @@ matrix_postgres_additional_databases: | }} +matrix_postgres_systemd_services_to_stop_for_maintenance_list: | + {{ + ['matrix-' + matrix_homeserver_implementation + '.service'] + }} + ###################################################################### # # /matrix-postgres diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 7b0660bbd..fe469f16c 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -15,6 +15,10 @@ matrix_postgres_db_name: "matrix" matrix_postgres_base_path: "{{ matrix_base_data_path }}/postgres" matrix_postgres_data_path: "{{ matrix_postgres_base_path }}/data" +# matrix_postgres_systemd_services_to_stop_for_maintenance_list specifies the list of systemd services to stop before vacuuming or upgrading. +# These services will be restarted after the operation completes. +matrix_postgres_systemd_services_to_stop_for_maintenance_list: [] + matrix_postgres_architecture: amd64 # matrix_postgres_docker_image_suffix controls whether we use Alpine-based images (`-alpine`) or the normal Debian-based images. diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 439599828..97dec022a 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -67,11 +67,12 @@ - ansible.builtin.set_fact: matrix_postgres_synapse_was_running: "{{ ansible_facts.services['matrix-synapse.service'] | default(none) is not none and ansible_facts.services['matrix-synapse.service'].state == 'running' }}" -- name: Ensure matrix-synapse is stopped +- name: Ensure services are stopped ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: stopped daemon_reload: true + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" - name: Run Postgres vacuum command ansible.builtin.command: "{{ matrix_postgres_vacuum_command }}" @@ -85,9 +86,9 @@ - ansible.builtin.debug: var: "matrix_postgres_synapse_vacuum_result" -- name: Ensure matrix-synapse is started, if it previously was +- name: Ensure services are started ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: started daemon_reload: true - when: "matrix_postgres_synapse_was_running | bool" + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" diff --git a/roles/matrix-postgres/tasks/upgrade_postgres.yml b/roles/matrix-postgres/tasks/upgrade_postgres.yml index 2f228a4c2..3d22407ca 100644 --- a/roles/matrix-postgres/tasks/upgrade_postgres.yml +++ b/roles/matrix-postgres/tasks/upgrade_postgres.yml @@ -55,10 +55,12 @@ - ansible.builtin.debug: msg: "Upgrading database from {{ matrix_postgres_detected_version_corresponding_docker_image }} to {{ matrix_postgres_docker_image_latest }}" -- name: Ensure matrix-synapse is stopped +- name: Ensure services are stopped ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: stopped + daemon_reload: true + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" - name: Ensure matrix-postgres is started ansible.builtin.service: @@ -175,11 +177,12 @@ path: "{{ postgres_dump_dir }}/{{ postgres_dump_name }}" state: absent -- name: Ensure matrix-synapse is started +- name: Ensure services are started ansible.builtin.service: - name: matrix-synapse + name: "{{ item }}" state: started daemon_reload: true + with_items: "{{ matrix_postgres_systemd_services_to_stop_for_maintenance_list }}" - ansible.builtin.debug: msg: "NOTE: Your old Postgres data directory is preserved at `{{ postgres_auto_upgrade_backup_data_path }}`. You might want to get rid of it once you've confirmed that all is well." From 30180048c3b6f797617ddf7f12c20b00db14e5b1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 28 Oct 2022 19:43:44 +0300 Subject: [PATCH 260/349] Upgrade Synapse (v1.69.0 -> v1.70.1) --- roles/matrix-synapse/defaults/main.yml | 2 +- roles/matrix-synapse/vars/workers.yml | 38 +++++++++++++++++--------- 2 files changed, 26 insertions(+), 14 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 5e5867eb8..2028d8b77 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -36,7 +36,7 @@ matrix_synapse_container_image_customizations_dockerfile_body_custom: '' matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.69.0 +matrix_synapse_version: v1.70.1 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml index bc49e8354..2598caa68 100644 --- a/roles/matrix-synapse/vars/workers.yml +++ b/roles/matrix-synapse/vars/workers.yml @@ -43,6 +43,8 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ - ^/_matrix/client/v1/rooms/.*/hierarchy$ + - ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ + - ^/_matrix/client/v1/rooms/.*/threads$ - ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ - ^/_matrix/client/(r0|v3|unstable)/account/3pid$ @@ -136,8 +138,9 @@ matrix_synapse_workers_generic_worker_endpoints: # [#7530](https://github.com/matrix-org/synapse/issues/7530) and # [#9427](https://github.com/matrix-org/synapse/issues/9427). - # Note that a HTTP listener with `client` and `federation` resources must be - # configured in the `worker_listeners` option in the worker config. + # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) + # with `client` and `federation` `resources` must be configured in the `worker_listeners` + # option in the worker config. # #### Load balancing @@ -177,7 +180,8 @@ matrix_synapse_workers_generic_worker_endpoints: # Additionally, the writing of specific streams (such as events) can be moved off # of the main process to a particular worker. - # To enable this, the worker must have a HTTP replication listener configured, + # To enable this, the worker must have a + # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, # have a `worker_name` and be listed in the `instance_map` config. The same worker # can handle multiple streams, but unless otherwise documented, each stream can only # have a single writer. @@ -266,7 +270,7 @@ matrix_synapse_workers_generic_worker_endpoints: # There is also support for moving background tasks to a separate # worker. Background tasks are run periodically or started via replication. Exactly # which tasks are configured to run depends on your Synapse configuration (e.g. if - # stats is enabled). + # stats is enabled). This worker doesn't handle any REST endpoints itself. # To enable this, the worker must have a `worker_name` and can be configured to run # background tasks. For example, to move background tasks to a dedicated worker, @@ -314,8 +318,8 @@ matrix_synapse_workers_generic_worker_endpoints: # #### Notifying Application Services # You can designate one generic worker to send output traffic to Application Services. - - # Specify its name in the shared configuration as follows: + # Doesn't handle any REST endpoints itself, but you should specify its name in the + # shared configuration as follows: # ```yaml # notify_appservices_from_worker: worker_name @@ -342,6 +346,12 @@ matrix_synapse_workers_generic_worker_endpoints: # - pusher_worker2 # ``` + # An example for a pusher instance: + + # ```yaml + # {{#include systemd-with-workers/workers/pusher_worker.yaml}} + # ``` + # ] # appservice worker (no API endpoints) [ @@ -371,6 +381,12 @@ matrix_synapse_workers_generic_worker_endpoints: # - federation_sender1 # - federation_sender2 # ``` + + # An example for a federation sender instance: + + # ```yaml + # {{#include systemd-with-workers/workers/federation_sender.yaml}} + # ``` # ] matrix_synapse_workers_media_repository_endpoints: @@ -392,16 +408,12 @@ matrix_synapse_workers_media_repository_endpoints: # media repository. Note that doing so will prevent the main process from being # able to handle the above endpoints. - # In the `media_repository` worker configuration file, configure the http listener to + # In the `media_repository` worker configuration file, configure the + # [HTTP listener](usage/configuration/config_documentation.md#listeners) to # expose the `media` resource. For example: # ```yaml - # worker_listeners: - # - type: http - # port: 8085 - # resources: - # - names: - # - media + # {{#include systemd-with-workers/workers/media_worker.yaml}} # ``` # Note that if running multiple media repositories they must be on the same server From e25464409dbc59e53d181ebcb41c37e3bf473e4e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 28 Oct 2022 20:53:48 +0000 Subject: [PATCH 261/349] Update mautrix-signal 0.4.0 -> 0.4.1 ref: https://github.com/mautrix/signal/releases/tag/v0.4.1 --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 83b0a5ce0..24ba9b39d 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git" matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" -matrix_mautrix_signal_version: v0.4.0 +matrix_mautrix_signal_version: v0.4.1 matrix_mautrix_signal_daemon_version: 0.23.0 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" From 80e57417f497c3c37d53daa04f8ef6b010b96e19 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 19 Jun 2022 11:30:28 +0200 Subject: [PATCH 262/349] To recover from a failure or allow to quickly reset to known state we need to know with what playbook-commit the sever is installed. This commit saves the GIT hash/status when we run the playbook in a file called git_hash.yml. It also backs up that file by copying it to the target machine. --- roles/matrix-base/defaults/main.yml | 4 ++ roles/matrix-base/tasks/setup_matrix_base.yml | 53 +++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index eccda626c..9213c661c 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -298,3 +298,7 @@ run_setup: true run_self_check: true run_start: true run_stop: true + +# Saves the git hash in a file called git_hash.yml +# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) +git_save_hash: true \ No newline at end of file diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 6eebe3c0e..5d3c5820f 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -19,6 +19,59 @@ mode: '0660' when: "matrix_vars_yml_snapshotting_enabled | bool" +- name: Save current git-repo status on the target to aid with restoring in case of problems + block: + - name: Get local git hash + delegate_to: 127.0.0.1 + become: false + register: git_describe + shell: + git describe + --always + --tags + --dirty + --long + --all + + - set_fact: + git_hash: "{{ git_describe.stdout }}" + + - name: Git hash + debug: + msg: "Git hash: {{ git_hash }}" + + - name: Save git hash in git_hash.yml + become: false + local_action: + copy + content="git_hash_last_run{{ ":" }} {{ git_hash }}\n" + dest="{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" + + - name: Copy git_hash.yml file to target + copy: + src: "{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" + dest: "{{ matrix_base_data_path }}/git_hash.yml" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: '0660' + + rescue: + - name: GIT not found error + ansible.builtin.debug: + msg: >- + Couldn't find GIT on the local machine. Continuing without saving the GIT hash. + You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + when: "git_describe.stderr.find('not found') != -1" + + - name: GIT hash error + ansible.builtin.fail: + msg: >- + Error when trying to get the GIT hash. + You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + when: "git_describe.stderr.find('not found') == -1" + + when: "matrix_vars_yml_snapshotting_enabled|bool and git_save_hash|bool" + - name: Ensure Matrix network is created in Docker community.docker.docker_network: name: "{{ matrix_docker_network }}" From ab398276af1d1b82c685a2cbd3f017f4cac2683a Mon Sep 17 00:00:00 2001 From: Stefan Warnat Date: Sun, 30 Oct 2022 00:55:36 +0200 Subject: [PATCH 263/349] Always use resolver variable in nginx conf.d files --- .../nginx/conf.d/matrix-base-domain.conf.j2 | 2 +- .../nginx/conf.d/matrix-bot-buscarron.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-bot-go-neb.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-cinny.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-element.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-hydrogen.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-conduit.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-dendrite.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-dimension.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 +++++++------- .../templates/nginx/conf.d/matrix-grafana.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-jitsi.conf.j2 | 8 ++++---- .../templates/nginx/conf.d/matrix-ntfy.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-riot-web.conf.j2 | 2 +- .../templates/nginx/conf.d/matrix-sygnal.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-synapse.conf.j2 | 4 ++-- 16 files changed, 37 insertions(+), 37 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 index 3aff997db..44978dc40 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 @@ -45,7 +45,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 index 0ce1473be..4f0fd4a8f 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 @@ -24,7 +24,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-bot-buscarron:8080"; proxy_pass http://$backend; {% else %} @@ -51,7 +51,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 index e5589f555..a62ddfc81 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 @@ -18,7 +18,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-bot-go-neb:4050"; proxy_pass http://$backend; {% else %} @@ -44,7 +44,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 index df66349fe..2ec6eb1ba 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 @@ -24,7 +24,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-client-cinny:8080"; proxy_pass http://$backend; {% else %} @@ -51,7 +51,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 index dea91b212..0beeae52b 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 @@ -26,7 +26,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-client-element:8080"; proxy_pass http://$backend; {% else %} @@ -53,7 +53,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 index e9428c557..7a2e9dfac 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 @@ -24,7 +24,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-client-hydrogen:8080"; proxy_pass http://$backend; {% else %} @@ -51,7 +51,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 index 2106acc48..6e7aca793 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 @@ -28,7 +28,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_conduit_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -59,7 +59,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_conduit_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 index 939156a31..10eccf373 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 @@ -28,7 +28,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_dendrite_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -59,7 +59,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_dendrite_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 index 07347be62..730fc4c1d 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 @@ -21,7 +21,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-dimension:8184"; proxy_pass http://$backend; {% else %} @@ -47,7 +47,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 2895ba14a..63d45bc63 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -62,7 +62,7 @@ location ^~ /_matrix/corporal { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -80,7 +80,7 @@ location ^~ /_matrix/identity { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -98,7 +98,7 @@ location ^~ /_matrix/client/r0/user_directory/search { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -115,7 +115,7 @@ location ~ ^/_matrix/client/r0/register/(email|msisdn)/requestToken$ { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -140,7 +140,7 @@ location ~* ^({{ matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_prefix_regexes|join('|') }}) { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -185,7 +185,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} @@ -288,7 +288,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 index def67f666..094180448 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 @@ -28,7 +28,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-grafana:3000"; proxy_pass http://$backend; {% else %} @@ -55,7 +55,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 index 54b8ea436..aa4b6b446 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 @@ -21,7 +21,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-jitsi-web:80"; proxy_pass http://$backend; {% else %} @@ -36,7 +36,7 @@ # colibri (JVB) websockets location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) { {% if matrix_nginx_proxy_enabled %} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-jitsi-jvb:9090"; proxy_pass http://$backend; {% else %} @@ -57,7 +57,7 @@ # XMPP websocket location = /xmpp-websocket { {% if matrix_nginx_proxy_enabled %} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend {{ matrix_jitsi_xmpp_bosh_url_base }}; proxy_pass $backend/xmpp-websocket; {% else %} @@ -89,7 +89,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 index ae100edac..fbae47e17 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 @@ -20,7 +20,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-ntfy:8080"; proxy_pass http://$backend; {% else %} @@ -49,7 +49,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 index 5bcbeba5b..990269134 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 @@ -36,7 +36,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 index 0f33c0a77..e3c6a461a 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 @@ -19,7 +19,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-sygnal:6000"; proxy_pass http://$backend; {% else %} @@ -46,7 +46,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index 1d6f2106a..da1893299 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -150,7 +150,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -211,7 +211,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} From 678dfc6dc3afe990fc71decf65260115458371bc Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:00:04 +0100 Subject: [PATCH 264/349] Rename var --- roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/setup_matrix_base.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 9213c661c..22d89c231 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -301,4 +301,4 @@ run_stop: true # Saves the git hash in a file called git_hash.yml # Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -git_save_hash: true \ No newline at end of file +matrix_playbook_commit_hash_preservation_enabled: true \ No newline at end of file diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 5d3c5820f..d443fee8d 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -60,17 +60,17 @@ ansible.builtin.debug: msg: >- Couldn't find GIT on the local machine. Continuing without saving the GIT hash. - You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('not found') != -1" - name: GIT hash error ansible.builtin.fail: msg: >- Error when trying to get the GIT hash. - You can disable saving the GIT hash by setting 'git_save_hash: false' in vars.yml + You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('not found') == -1" - when: "matrix_vars_yml_snapshotting_enabled|bool and git_save_hash|bool" + when: "matrix_vars_yml_snapshotting_enabled|bool and matrix_playbook_commit_hash_preservation_enabled|bool" - name: Ensure Matrix network is created in Docker community.docker.docker_network: From 230eea678471e9b46b3a9069d5505c4499dc6f63 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:04:33 +0100 Subject: [PATCH 265/349] Save git_hash.yml only on the target --- roles/matrix-base/tasks/setup_matrix_base.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index d443fee8d..a97738551 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -40,16 +40,9 @@ debug: msg: "Git hash: {{ git_hash }}" - - name: Save git hash in git_hash.yml - become: false - local_action: - copy - content="git_hash_last_run{{ ":" }} {{ git_hash }}\n" - dest="{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" - - - name: Copy git_hash.yml file to target + - name: Save git_hash.yml on target copy: - src: "{{ matrix_vars_yml_snapshotting_src }}/git_hash.yml" + content: "{{ git_hash }}" dest: "{{ matrix_base_data_path }}/git_hash.yml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" From 930867d50d7bf399c843c13211ed78473a430943 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:07:39 +0100 Subject: [PATCH 266/349] Remove matrix_vars_yml_snapshotting_enabled condition --- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index a97738551..6fe7e47d2 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -63,7 +63,7 @@ You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('not found') == -1" - when: "matrix_vars_yml_snapshotting_enabled|bool and matrix_playbook_commit_hash_preservation_enabled|bool" + when: "matrix_playbook_commit_hash_preservation_enabled|bool" - name: Ensure Matrix network is created in Docker community.docker.docker_network: From 3d902b7fe733957e966593775979ec22e349899e Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:33:09 +0100 Subject: [PATCH 267/349] be more specific on GIT not found error --- roles/matrix-base/tasks/setup_matrix_base.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 6fe7e47d2..59dbe087d 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -54,14 +54,14 @@ msg: >- Couldn't find GIT on the local machine. Continuing without saving the GIT hash. You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('not found') != -1" + when: "git_describe.stderr.find('git: not found') != -1" - - name: GIT hash error + - name: Get GIT hash error ansible.builtin.fail: msg: >- Error when trying to get the GIT hash. You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('not found') == -1" + when: "git_describe.stderr.find('git: not found') == -1" when: "matrix_playbook_commit_hash_preservation_enabled|bool" From fd25cf8f54e9341b005004f1dd991b9458c0be2e Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:37:45 +0100 Subject: [PATCH 268/349] Update wording --- roles/matrix-base/defaults/main.yml | 11 ++++++----- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 22d89c231..4ad5fe556 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -284,6 +284,11 @@ matrix_docker_installation_enabled: true # Possible values are "docker-ce" (default) and "docker.io" (Debian). matrix_docker_package_name: docker-ce +# Controls whether the current playbook's commit hash is saved in `git_hash.yml` on the target +# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) +# to suppres the warning message. +matrix_playbook_commit_hash_preservation_enabled: true + # Variables to Control which parts of our roles run. run_postgres_import: true run_postgres_upgrade: true @@ -297,8 +302,4 @@ run_dendrite_register_user: true run_setup: true run_self_check: true run_start: true -run_stop: true - -# Saves the git hash in a file called git_hash.yml -# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -matrix_playbook_commit_hash_preservation_enabled: true \ No newline at end of file +run_stop: true \ No newline at end of file diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 59dbe087d..44e4137c9 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -59,7 +59,7 @@ - name: Get GIT hash error ansible.builtin.fail: msg: >- - Error when trying to get the GIT hash. + Error when trying to get the GIT hash. Please consult the error message above. You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('git: not found') == -1" From 15fbc525cf4f70e8e1f9a0814e4b9fb671d18dd3 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Sun, 30 Oct 2022 14:53:27 +0100 Subject: [PATCH 269/349] Typo --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 4ad5fe556..bcc821a45 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -286,7 +286,7 @@ matrix_docker_package_name: docker-ce # Controls whether the current playbook's commit hash is saved in `git_hash.yml` on the target # Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -# to suppres the warning message. +# to suppress the warning message. matrix_playbook_commit_hash_preservation_enabled: true # Variables to Control which parts of our roles run. From 54e71f2012afa055f6a4f119b00ffd76d756cc7a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 12:38:43 +0200 Subject: [PATCH 270/349] Mention "matrix_hookshot_enabled: true" on the Hookshot documentation page --- docs/configuring-playbook-bridge-hookshot.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 51d7a335f..5505d0ad1 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -13,13 +13,16 @@ Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbo Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/latest/setup.html) to learn what the individual options do. -1. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required. -2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). -3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. -4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. +1. Enable the bridge by adding `matrix_hookshot_enabled: true` to your `vars.yml` file +2. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required. +3. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). +4. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. +5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. +Finally, run the playbook (see [installing](installing.md)). + ## Usage From cada3ef48b05b35da11b714d8505eeb785173a19 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 12:47:10 +0200 Subject: [PATCH 271/349] Use pre-built image for Hookshot on arm64 --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 18aa553c0..e5de094fb 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -765,7 +765,7 @@ matrix_heisenbridge_systemd_wanted_services_list: | # We don't enable bridges by default. matrix_hookshot_enabled: false -matrix_hookshot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" +matrix_hookshot_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" matrix_hookshot_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'hookshot.as.tok') | to_uuid }}" From 8338f750e0a89d7f8a015fa82d44a901aa61b326 Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Mon, 31 Oct 2022 14:13:11 -0400 Subject: [PATCH 272/349] document login to discord with token --- docs/configuring-playbook-bridge-mautrix-discord.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 065609b25..d67e78570 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -12,12 +12,19 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.h ## Prerequisites -For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone **or** by using **discord account token**. +There are 2 ways to link the bridge to discord. + +### Method 1: Login using QR code + +For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone. You can delete the Discord app after the authentication process. -If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. +If this is a dealbreaker for you, consider using the [second method](#method-2-login-using-discord-token) or one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. + +### Method 2: Login using Discord token +To acquire the token, open Discord in a private browser window. Then open the developer settings (keybaord shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under "Request Headers" you should find a variable called "Authorization", this is the token to your Discord account. ## Installing From 96b923e3aa4e6d9018832f4b3eaab142194d3376 Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Mon, 31 Oct 2022 14:19:20 -0400 Subject: [PATCH 273/349] typo --- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index d67e78570..80c2f165f 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -24,7 +24,7 @@ If this is a dealbreaker for you, consider using the [second method](#method-2-l ### Method 2: Login using Discord token -To acquire the token, open Discord in a private browser window. Then open the developer settings (keybaord shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under "Request Headers" you should find a variable called "Authorization", this is the token to your Discord account. +To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. ## Installing From 975dda54c9db16f7158f33d1263318626c9cf735 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 21:34:14 +0200 Subject: [PATCH 274/349] Upgrade Dendrite (0.10.4 -> 0.10.5) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index dc0af2dc3..945c16197 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.4" +matrix_dendrite_docker_image_tag: "v0.10.5" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From ec45b873762826044c558e91764b8abfe3651368 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 21:50:39 +0200 Subject: [PATCH 275/349] Add matrix_hookshot_feeds_pollTimeoutSeconds --- roles/matrix-bridge-hookshot/defaults/main.yml | 1 + roles/matrix-bridge-hookshot/templates/config.yml.j2 | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 1c390f340..775ef087b 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -131,6 +131,7 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true # polling interval in seconds matrix_hookshot_feeds_interval: 600 +matrix_hookshot_feeds_pollTimeoutSeconds: 10 # There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead. diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2 index 5cd11a874..fb029efd6 100644 --- a/roles/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2 @@ -84,6 +84,7 @@ feeds: # enabled: {{ matrix_hookshot_feeds_enabled }} pollIntervalSeconds: {{ matrix_hookshot_feeds_interval }} + pollTimeoutSeconds: {{ matrix_hookshot_feeds_pollTimeoutSeconds | to_json }} {% endif %} {% if matrix_hookshot_provisioning_enabled %} provisioning: From e1274a6e56ea3e06284b2867a76d951276c160c8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 31 Oct 2022 21:52:01 +0200 Subject: [PATCH 276/349] Rename variable (matrix_hookshot_feeds_interval -> matrix_hookshot_feeds_pollIntervalSeconds) This is more consistent with how we name variables. It's also less confusing, especially given that we have `matrix_hookshot_feeds_pollTimeoutSeconds` as well. --- roles/matrix-bridge-hookshot/defaults/main.yml | 3 +-- roles/matrix-bridge-hookshot/tasks/validate_config.yml | 9 +++++++++ roles/matrix-bridge-hookshot/templates/config.yml.j2 | 4 ++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 775ef087b..96781f9aa 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -129,8 +129,7 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true -# polling interval in seconds -matrix_hookshot_feeds_interval: 600 +matrix_hookshot_feeds_pollIntervalSeconds: 600 matrix_hookshot_feeds_pollTimeoutSeconds: 10 diff --git a/roles/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/matrix-bridge-hookshot/tasks/validate_config.yml index 0fbcf53c2..3392f1b64 100644 --- a/roles/matrix-bridge-hookshot/tasks/validate_config.yml +++ b/roles/matrix-bridge-hookshot/tasks/validate_config.yml @@ -58,6 +58,15 @@ with_items: - "matrix_hookshot_provisioning_secret" +- name: (Deprecation) Catch and report renamed Hookshot variables + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_hookshot_feeds_interval', 'new': 'matrix_hookshot_feeds_pollIntervalSeconds'} + - name: (Deprecation) Catch and report old metrics usage ansible.builtin.fail: msg: >- diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2 index fb029efd6..527afafaf 100644 --- a/roles/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2 @@ -82,8 +82,8 @@ generic: feeds: # (Optional) Configure this to enable RSS/Atom feed support # - enabled: {{ matrix_hookshot_feeds_enabled }} - pollIntervalSeconds: {{ matrix_hookshot_feeds_interval }} + enabled: {{ matrix_hookshot_feeds_enabled | to_json }} + pollIntervalSeconds: {{ matrix_hookshot_feeds_pollIntervalSeconds | to_json }} pollTimeoutSeconds: {{ matrix_hookshot_feeds_pollTimeoutSeconds | to_json }} {% endif %} {% if matrix_hookshot_provisioning_enabled %} From 39e6484956671080c1d7e2fbd94c6d7427669b66 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 22:57:16 +0100 Subject: [PATCH 277/349] fix lints --- roles/matrix-base/tasks/setup_matrix_base.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 44e4137c9..5c45323e5 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -21,11 +21,11 @@ - name: Save current git-repo status on the target to aid with restoring in case of problems block: - - name: Get local git hash + - name: Get local git hash delegate_to: 127.0.0.1 become: false register: git_describe - shell: + ansible.builtin.shell: git describe --always --tags @@ -33,15 +33,15 @@ --long --all - - set_fact: + - ansible.builtin.set_fact: git_hash: "{{ git_describe.stdout }}" - name: Git hash - debug: + ansible.builtin.debug: msg: "Git hash: {{ git_hash }}" - + - name: Save git_hash.yml on target - copy: + ansible.builtin.copy: content: "{{ git_hash }}" dest: "{{ matrix_base_data_path }}/git_hash.yml" owner: "{{ matrix_user_username }}" From 2b049da963ddab978e6be9fdc014d23f819ed272 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:00:04 +0100 Subject: [PATCH 278/349] move when clause per linting suggestion --- roles/matrix-base/tasks/setup_matrix_base.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 5c45323e5..cdde09d28 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -20,6 +20,7 @@ when: "matrix_vars_yml_snapshotting_enabled | bool" - name: Save current git-repo status on the target to aid with restoring in case of problems + when: "matrix_playbook_commit_hash_preservation_enabled|bool" block: - name: Get local git hash delegate_to: 127.0.0.1 @@ -63,8 +64,6 @@ You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml when: "git_describe.stderr.find('git: not found') == -1" - when: "matrix_playbook_commit_hash_preservation_enabled|bool" - - name: Ensure Matrix network is created in Docker community.docker.docker_network: name: "{{ matrix_docker_network }}" From 45c9c2b17a6e60f828b0d4a1723c4eb8a5aae1cb Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:08:45 +0100 Subject: [PATCH 279/349] convert shell to command usage --- roles/matrix-base/tasks/setup_matrix_base.yml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index cdde09d28..0aafe1834 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -26,13 +26,14 @@ delegate_to: 127.0.0.1 become: false register: git_describe - ansible.builtin.shell: - git describe - --always - --tags - --dirty - --long - --all + ansible.builtin.command: + cmd: >- + git describe + --always + --tags + --dirty + --long + --all - ansible.builtin.set_fact: git_hash: "{{ git_describe.stdout }}" From 93615b6ad988edb4a7972e32f0595d70fb2fd1e0 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:20:56 +0100 Subject: [PATCH 280/349] Revert "convert shell to command usage" to allow for a catching the specific "git: not found" error. This reverts commit 45c9c2b17a6e60f828b0d4a1723c4eb8a5aae1cb. --- roles/matrix-base/tasks/setup_matrix_base.yml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 0aafe1834..cdde09d28 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -26,14 +26,13 @@ delegate_to: 127.0.0.1 become: false register: git_describe - ansible.builtin.command: - cmd: >- - git describe - --always - --tags - --dirty - --long - --all + ansible.builtin.shell: + git describe + --always + --tags + --dirty + --long + --all - ansible.builtin.set_fact: git_hash: "{{ git_describe.stdout }}" From 8b425b995ec446109b6b13f711c85d11b57e8136 Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Mon, 31 Oct 2022 23:44:47 +0100 Subject: [PATCH 281/349] add newline char --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index bcc821a45..52049ed51 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -302,4 +302,4 @@ run_dendrite_register_user: true run_setup: true run_self_check: true run_start: true -run_stop: true \ No newline at end of file +run_stop: true From 3fc19295e2373a2149b0ebe67b48d63915c12faf Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 07:05:26 +0200 Subject: [PATCH 282/349] Fix ansible-lint error (ansible.builtin.synchronize -> ansible.posix.synchronize) --- roles/matrix-synapse/tasks/import_media_store.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 740eb5102..bdd99ca4d 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -51,7 +51,7 @@ # This can only work with local files, not if the media store is on Amazon S3, # as it won't be accessible in such a case. - name: Ensure provided media store directory is synchronized - ansible.builtin.synchronize: + ansible.posix.synchronize: src: "{{ server_path_media_store }}/" dest: "{{ matrix_synapse_media_store_path }}" delete: true From 3a49b0077c8b8704c6f7b1cf00b8c19d2e24270b Mon Sep 17 00:00:00 2001 From: ikkemaniac Date: Tue, 1 Nov 2022 09:23:55 +0100 Subject: [PATCH 283/349] fix ansible-lint errors --- roles/matrix-base/tasks/setup_matrix_base.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index cdde09d28..0bf197b66 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -22,10 +22,11 @@ - name: Save current git-repo status on the target to aid with restoring in case of problems when: "matrix_playbook_commit_hash_preservation_enabled|bool" block: - - name: Get local git hash + - name: Get local git hash # noqa command-instead-of-module delegate_to: 127.0.0.1 become: false register: git_describe + changed_when: false ansible.builtin.shell: git describe --always From f7b45fd4402a25db979da3086d053fd61816dcab Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 12:58:22 +0200 Subject: [PATCH 284/349] Upgrade ddclient (v3.10.0-ls102 -> v3.10.0-ls103) --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index af4d95927..056eecba3 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.10.0-ls102 +matrix_dynamic_dns_version: v3.10.0-ls103 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From 17caa13a71a36365343ba417c7d42d5d44d68dda Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 12:59:15 +0200 Subject: [PATCH 285/349] Upgrade Grafana (9.2.2 -> 9.2.3) --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 5bccb60d2..43b29c94a 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.2 +matrix_grafana_version: 9.2.3 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 9fb21b89a8a7be51d014ad40fb6bb4cccbbb8dec Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 14:57:29 +0200 Subject: [PATCH 286/349] Fix import-postgres/run-postgres-vacuum failures being suppressed We were only reporting failures for when the async task didn't finish. We also need to report a failure for when the task finished, but returned a non-zero exit code. --- roles/matrix-postgres/tasks/import_postgres.yml | 2 +- roles/matrix-postgres/tasks/run_vacuum.yml | 2 +- .../tasks/rust-synapse-compress-state/compress_room.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 40877e0b5..302a8f411 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -108,5 +108,5 @@ async: "{{ postgres_import_wait_time }}" poll: 10 register: matrix_postgres_import_postgres_command_result - failed_when: not matrix_postgres_import_postgres_command_result.finished + failed_when: not matrix_postgres_import_postgres_command_result.finished or matrix_postgres_import_postgres_command_result.rc != 0 changed_when: matrix_postgres_import_postgres_command_result.finished and matrix_postgres_import_postgres_command_result.rc == 0 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 97dec022a..9801ab2c7 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -79,7 +79,7 @@ async: "{{ postgres_vacuum_wait_time }}" poll: 10 register: matrix_postgres_synapse_vacuum_result - failed_when: not matrix_postgres_synapse_vacuum_result.finished + failed_when: not matrix_postgres_synapse_vacuum_result.finished or matrix_postgres_synapse_vacuum_result.rc != 0 changed_when: matrix_postgres_synapse_vacuum_result.finished and matrix_postgres_synapse_vacuum_result.rc == 0 # Intentionally show the results diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 9834e256a..88db265d3 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -21,7 +21,7 @@ async: "{{ matrix_synapse_rust_synapse_compress_state_compress_room_time }}" poll: 10 register: matrix_synapse_rust_synapse_compress_state_compress_room_command_result - failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished + failed_when: not matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished or matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc != 0 changed_when: matrix_synapse_rust_synapse_compress_state_compress_room_command_result.finished and matrix_synapse_rust_synapse_compress_state_compress_room_command_result.rc == 0 - ansible.builtin.debug: From 74b186a4543cd7c59ffcdf6f13c20da4590ea2dc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 15:05:41 +0200 Subject: [PATCH 287/349] Fix "too many spaces after colon" ansible-lint error --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 056eecba3..77e01d0ee 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -7,7 +7,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.10.0-ls103 +matrix_dynamic_dns_version: v3.10.0-ls103 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From a4662660d2ca70cdadf496e1047fc50204937faf Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 15:06:10 +0200 Subject: [PATCH 288/349] Do not wait needlessly when vacuuming or importing Postgres --- roles/matrix-postgres/tasks/import_postgres.yml | 4 +++- roles/matrix-postgres/tasks/run_vacuum.yml | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 302a8f411..107a1f887 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -49,8 +49,10 @@ name: matrix-postgres state: started daemon_reload: true + register: matrix_postgres_import_start_result -- name: Wait a bit, so that Postgres can start +- when: matrix_postgres_import_start_result.changed | bool + name: Wait a bit, so that Postgres can start ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 9801ab2c7..1b769f01f 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -28,8 +28,10 @@ name: matrix-postgres state: started daemon_reload: true + register: matrix_postgres_vacuum_start_result -- name: Wait a bit, so that Postgres can start +- when: matrix_postgres_vacuum_start_result.changed | bool + name: Wait a bit, so that Postgres can start ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 From 125ca5569d4cc81d8b0d9f07a9b299dd3852436c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 15:47:00 +0200 Subject: [PATCH 289/349] Use unique filter for matrix_postgres_import_roles_to_ignore and matrix_postgres_import_databases_to_ignore Dendrite uses a lot of databases, but a single (`dendrite`) role, which leads to `matrix_postgres_import_roles_to_ignore` being something like `['dendrite', 'dendrite', 'dendrite', ...]` needlessly. This leads to weird regexes being generated for `matrix_postgres_import_roles_ignore_regex`. It's not that it hurts, but it just looks odd. --- roles/matrix-postgres/defaults/main.yml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index fe469f16c..5a0cdb6c6 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -74,9 +74,11 @@ matrix_postgres_additional_databases: [] # We either need to not create them or to ignore the `CREATE ROLE` statements in the dump. matrix_postgres_import_roles_to_ignore: | {{ - [matrix_postgres_connection_username] - + - matrix_postgres_additional_databases|map(attribute='username') | list + ( + [matrix_postgres_connection_username] + + + matrix_postgres_additional_databases|map(attribute='username') | list + ) | unique }} # When importing an existing Postgres database (when restoring a backup) or when doing a Postgres upgrade (which dumps & restores), we'd like to avoid: @@ -98,9 +100,11 @@ matrix_postgres_import_roles_ignore_regex: "^(CREATE|ALTER) ROLE \\\"?({{ matrix # We either need to not create them or to ignore the `CREATE DATABASE` statements in the dump. matrix_postgres_import_databases_to_ignore: | {{ - [matrix_postgres_db_name] - + - matrix_postgres_additional_databases|map(attribute='name') | list + ( + [matrix_postgres_db_name] + + + matrix_postgres_additional_databases|map(attribute='name') | list + ) | unique }} # We also allow for the database name to be quoted, which is rare, but might happen for database names which are special keywords (e.g. `default`). From 501420f3cc09d2fc071ff620fd949c10b3fa2109 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 1 Nov 2022 14:18:41 +0000 Subject: [PATCH 290/349] Update element 1.11.12 -> 1.11.13 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 2d5c99d2b..b2ffd05da 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.12 +matrix_client_element_version: v1.11.13 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From c3dc64b1d5e06fb356fce37dcab27664ef335ef7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 16:22:58 +0200 Subject: [PATCH 291/349] Add matrix-user-creator role - automatic user account creation support We no longer ask users to create Matrix user accounts for these bots: - Postmoogle - Honoroit - Reminder Bot Other bots and services (matrix-registration-bot, maubot, mjolnir, Dimension, etc.) require an Access Token to run (not a password), so this new role doesn't help for them. It does help for the above bots though, and for defining your own "initial user accounts" in the `matrix_user_creator_users_additional` variable. --- docs/configuring-playbook-bot-honoroit.md | 30 +++---- ...ng-playbook-bot-matrix-registration-bot.md | 2 +- ...guring-playbook-bot-matrix-reminder-bot.md | 30 +++---- docs/configuring-playbook-bot-postmoogle.md | 30 +++---- docs/installing.md | 80 ++++++++++++++----- group_vars/matrix_servers | 34 ++++++++ roles/matrix-user-creator/defaults/main.yml | 22 +++++ roles/matrix-user-creator/tasks/main.yml | 9 +++ roles/matrix-user-creator/tasks/setup.yml | 33 ++++++++ .../util/ensure_user_registered_conduit.yml | 5 ++ .../util/ensure_user_registered_dendrite.yml | 17 ++++ .../util/ensure_user_registered_synapse.yml | 22 +++++ .../tasks/util/validate_user.yml | 16 ++++ roles/matrix-user-creator/vars/main.yml | 34 ++++++++ setup.yml | 1 + 15 files changed, 292 insertions(+), 73 deletions(-) create mode 100644 roles/matrix-user-creator/defaults/main.yml create mode 100644 roles/matrix-user-creator/tasks/main.yml create mode 100644 roles/matrix-user-creator/tasks/setup.yml create mode 100644 roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml create mode 100644 roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml create mode 100644 roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml create mode 100644 roles/matrix-user-creator/tasks/util/validate_user.yml create mode 100644 roles/matrix-user-creator/vars/main.yml diff --git a/docs/configuring-playbook-bot-honoroit.md b/docs/configuring-playbook-bot-honoroit.md index 45fc033da..42f31d49a 100644 --- a/docs/configuring-playbook-bot-honoroit.md +++ b/docs/configuring-playbook-bot-honoroit.md @@ -7,21 +7,6 @@ It's a bot you can use to setup **your own helpdesk on matrix** See the project's [documentation](https://gitlab.com/etke.cc/honoroit#how-it-looks-like) to learn what it does with screenshots and why it might be useful to you. -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@honoroit:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_honoroit_login` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=honoroit password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - - ## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -29,7 +14,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_honoroit_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_honoroit_login: honoroit + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_honoroit_password: PASSWORD_FOR_THE_BOT # Adjust this to your room ID @@ -41,9 +29,15 @@ matrix_bot_honoroit_roomid: "!yourRoomID:DOMAIN" After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_honoroit_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_honoroit_password` to let the bot know its new password ## Usage diff --git a/docs/configuring-playbook-bot-matrix-registration-bot.md b/docs/configuring-playbook-bot-matrix-registration-bot.md index a3e4bbeb1..b1e3fdc6c 100644 --- a/docs/configuring-playbook-bot-matrix-registration-bot.md +++ b/docs/configuring-playbook-bot-matrix-registration-bot.md @@ -16,7 +16,7 @@ By default, the playbook will set use the bot with a username like this: `@bot.m (to use a different username, adjust the `matrix_bot_matrix_registration_bot_matrix_user_id_localpart` variable). -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): +For [other bots supported by the playbook](configuring-playbook.md#bots), Matrix bot user accounts are created and put to use automatically. For `matrix-registration-bot`, however, this is not the case - you **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): ``` ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.matrix-registration-bot password=PASSWORD_FOR_THE_BOT admin=yes' --tags=register-user diff --git a/docs/configuring-playbook-bot-matrix-reminder-bot.md b/docs/configuring-playbook-bot-matrix-reminder-bot.md index aaf5670c1..da73e5dbe 100644 --- a/docs/configuring-playbook-bot-matrix-reminder-bot.md +++ b/docs/configuring-playbook-bot-matrix-reminder-bot.md @@ -7,21 +7,6 @@ It's a bot you can use to **schedule one-off & recurring reminders and alarms**. See the project's [documentation](https://github.com/anoadragon453/matrix-reminder-bot#usage) to learn what it does and why it might be useful to you. -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@bot.matrix-reminder-bot:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_matrix_reminder_bot_matrix_user_id_localpart` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.matrix-reminder-bot password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - - ## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -29,7 +14,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_matrix_reminder_bot_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_matrix_reminder_bot_matrix_user_id_localpart: bot.matrix-reminder-bot + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_matrix_reminder_bot_matrix_user_password: PASSWORD_FOR_THE_BOT # Adjust this to your timezone @@ -41,9 +29,15 @@ matrix_bot_matrix_reminder_bot_reminders_timezone: Europe/London After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_matrix_reminder_bot_matrix_user_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_matrix_reminder_bot_matrix_user_password` to let the bot know its new password ## Usage diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 31566da9f..0fa366935 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -9,21 +9,6 @@ It's a bot/bridge you can use to forward emails to Matrix rooms See the project's [documentation](https://gitlab.com/etke.cc/postmoogle) to learn what it does and why it might be useful to you. -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@postmoogle:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_postmoogle_login` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=postmoogle password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - - ## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -31,7 +16,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_postmoogle_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_postmoogle_login: postmoogle + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT ``` @@ -43,9 +31,15 @@ See [Configuring DNS](configuring-dns.md). After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_postmoogle_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_postmoogle_password` to let the bot know its new password ## Usage diff --git a/docs/installing.md b/docs/installing.md index 8b1b51aa5..308e6fe66 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -1,25 +1,64 @@ # Installing -## 1. Installing the Matrix services - If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. -Run this command to install the Matrix services: +## Playbook tags introduction -```bash -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all +The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks. + +The general command syntax is: `ansible-playbook -i inventory/hosts setup.yml --tags=COMMA_SEPARATED_TAGS_GO_HERE` + +Here are some playbook tags that you should be familiar with: + +- `setup-all` - runs all setup tasks for all components, but does not start/restart services + +- `setup-SERVICE` (e.g. `setup-bot-postmoogle`) - runs the setup tasks only for a given role, but does not start/restart services. You can discover these additional tags in each role (`roles/*/main.yml`). Running per-component setup tasks is **not recommended**, as components sometimes depend on each other and running just the setup tasks for a given component may not be enough. For example, setting up the [mautrix-telegram bridge](configuring-playbook-bridge-mautrix-telegram.md), in addition to the `setup-mautrix-telegram` tag, requires database changes (the `setup-postgres` tag) as well as reverse-proxy changes (the `setup-nginx-proxy` tag). + +- `start` - starts all systemd services and makes them start automatically in the future + +- `stop` - stops all systemd services + +- `ensure-matrix-users-created` - a special tag which ensures that all special users needed by the playbook (for bots, etc.) are created + +`setup-*` tags **do not start services** automatically, because you may wish to do things before starting services, such as importing a database dump, restoring data from another server, etc. + + +## 1. Installing Matrix + +If you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the all Ansible commands + +If you **do** use SSH keys for authentication, **and** use a non-root user to *become* root (sudo), you may need to add `-K` (`--ask-become-pass`) to all Ansible commands + +There 2 ways to start the installation process - depending on whether you're [Installing a brand new server (without importing data)](#installing-a-brand-new-server-without-importing-data) or [Installing a server into which you'll import old data](#installing-a-server-into-which-youll-import-old-data). + + +### Installing a brand new server (without importing data) + +If this is **a brand new** Matrix server and you **won't be importing old data into it**, run all these tags: + +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -The above command **doesn't start any services just yet** (another step does this later - below). Feel free to **re-run this setup command any time** you think something is off with the server configuration. +This will do a full installation and start all Matrix services. + +Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-the-future) and [Finalize the installation](#3-finalize-the-installation) -**Notes**: -- if you **don't** use SSH keys for authentication, but rather a regular password, you may need to add `--ask-pass` to the above (and all other) Ansible commands. -- if you **do** use SSH keys for authentication, **and** use a non-root user to *become* root (sudo), you may need to add `-K` (`--ask-become-pass`) to the above (and all other) Ansible commands. +### Installing a server into which you'll import old data + +If you will be importing data into your newly created Matrix server, install it, but **do not** start its services just yet. +Starting its services or messing with its database now will affect your data import later on. + +To do the installation **without** starting services, run only the `setup-all` tag: + +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all +``` -## 2. Things you might want to do after installing +When this command completes, services won't be running yet. -**Before starting the services**, you may want to do additional things like: +You can now: - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional) @@ -27,21 +66,26 @@ The above command **doesn't start any services just yet** (another step does thi - [Importing `media_store` data files from an existing Synapse installation](importing-synapse-media-store.md) (optional) +.. and then proceed to starting all services: -## 3. Starting the services - -When you're ready to start the Matrix services (and set them up to auto-start in the future), run this command: - -```bash +```sh ansible-playbook -i inventory/hosts setup.yml --tags=start ``` -## 4. Finalize the installation +Proceed to [Maintaining your setup in the future](#2-maintaining-your-setup-in-the-future) and [Finalize the installation](#3-finalize-the-installation) + + +## 2. Maintaining your setup in the future + +Feel free to **re-run the setup command any time** you think something is off with the server configuration. Ansible will take your configuration and update your server to match. + + +## 3. Finalize the installation Now that services are running, you need to **finalize the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md). -## 5. Things to do next +## 4. Things to do next After you have started the services and **finalized the installation process** (required for federation to work!) by [Configuring Service Discovery via .well-known](configuring-well-known.md), you can: diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e5de094fb..872e778bc 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2677,3 +2677,37 @@ matrix_conduit_systemd_required_services_list: | # /matrix-conduit # ###################################################################### + + +###################################################################### +# +# matrix-user-creator +# +###################################################################### + +matrix_user_creator_users_auto: | + {{ + [{ + 'username': matrix_bot_matrix_reminder_bot_matrix_user_id_localpart, + 'initial_password': matrix_bot_matrix_reminder_bot_matrix_user_password, + 'initial_type': 'bot', + }] if matrix_bot_matrix_reminder_bot_enabled else [] + + + [{ + 'username': matrix_bot_honoroit_login, + 'initial_password': matrix_bot_honoroit_password, + 'initial_type': 'bot', + }] if matrix_bot_honoroit_enabled else [] + + + [{ + 'username': matrix_bot_postmoogle_login, + 'initial_password': matrix_bot_postmoogle_password, + 'initial_type': 'bot', + }] if matrix_bot_postmoogle_enabled else [] + }} + +###################################################################### +# +# /matrix-user-creator +# +###################################################################### diff --git a/roles/matrix-user-creator/defaults/main.yml b/roles/matrix-user-creator/defaults/main.yml new file mode 100644 index 000000000..5c90a1e0f --- /dev/null +++ b/roles/matrix-user-creator/defaults/main.yml @@ -0,0 +1,22 @@ +--- + +# matrix-user-creator is a role that aims to automate initial Matrix user account creation. +# +# This role only supports initial user account creation and will not manage subsequent user-type changes +# or password changes. +# +# The playbook registers various bot user accounts automatically using this role by injecting +# user creation definitions into the `matrix_user_creator_users_auto` variable. +# +# To get started creating your own Matrix user accounts, use the `matrix_user_creator_users_additional` variable. + +# matrix_user_creator_users_auto holds a list of users that should be created on the Matrix homeserver. +# The playbook adds some user definitions here to have them end up in `matrix_user_creator_users` (see `vars/main.yml`) and get automatically created. +# This value is influenced by the playbook and will be overwritten elsewhere (`group_vars/`, etc.) +# To add your own user definitions, use the `matrix_user_creator_users_additional` variable. +matrix_user_creator_users_auto: [] + +# matrix_user_creator_users_additional holds a list of users that should be created on the Matrix homeserver. +# Add your own users here to have them end up in `matrix_user_creator_users` (see `vars/main.yml`) and get automatically created. +# For example syntax for this variable, see the documentation for `matrix_user_creator_users` in `vars/main.yml`. +matrix_user_creator_users_additional: [] diff --git a/roles/matrix-user-creator/tasks/main.yml b/roles/matrix-user-creator/tasks/main.yml new file mode 100644 index 000000000..ba20504f7 --- /dev/null +++ b/roles/matrix-user-creator/tasks/main.yml @@ -0,0 +1,9 @@ +--- + +- when: matrix_user_creator_users | length > 0 + ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup.yml" + tags: + # This role intentionally doesn't do work on a `setup-all` tag. + # If it did, the initial installation (`--tags=setup-all`) would also potentially polute the database with data, + # which would make importing a database dump problematic. + - ensure-matrix-users-created diff --git a/roles/matrix-user-creator/tasks/setup.yml b/roles/matrix-user-creator/tasks/setup.yml new file mode 100644 index 000000000..73dfd4548 --- /dev/null +++ b/roles/matrix-user-creator/tasks/setup.yml @@ -0,0 +1,33 @@ +--- + +- name: Validate Matrix users to create + ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/validate_user.yml" + with_items: "{{ matrix_user_creator_users }}" + loop_control: + loop_var: user + # Suppress logging to avoid dumping the credentials to the shell + no_log: true + +- name: Ensure systemd is reloaded before starting the homeserver + ansible.builtin.service: + daemon_reload: true + +- name: Ensure homeserver is started before creating Matrix users + ansible.builtin.service: + name: "matrix-{{ matrix_homeserver_implementation }}.service" + state: started + daemon_reload: true + register: matrix_user_registrator_homeserver_start_result + +- name: Wait a while, so that the homeserver can manage to start before creating Matrix users + ansible.builtin.pause: + seconds: 7 + when: matrix_user_registrator_homeserver_start_result.changed | bool + +- name: Ensure Matrix users are created + ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_user_registered_{{ matrix_homeserver_implementation }}.yml" + with_items: "{{ matrix_user_creator_users }}" + loop_control: + loop_var: user + # Suppress logging to avoid dumping the credentials to the shell + no_log: true diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml b/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml new file mode 100644 index 000000000..8bbd147b5 --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml @@ -0,0 +1,5 @@ +--- + +- name: Ensure Conduit user registered - {{ user.username | quote }} + ansible.builtin.debug: + msg: "Not registering user. To register Conduit users, message the Conduit bot" diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml b/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml new file mode 100644 index 000000000..5fb1636fc --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml @@ -0,0 +1,17 @@ +--- + +- name: Ensure Dendrite user registered - {{ user.username | quote }} + ansible.builtin.command: + cmd: |- + {{ matrix_host_command_docker }} exec matrix-dendrite + create-account + -config /data/dendrite.yaml + -username {{ user.username | quote }} + -password {{ user.initial_password | quote }} + {% if user.initial_type == 'admin' %} + -admin + {% endif %} + -url http://localhost:{{ matrix_dendrite_http_bind_port }} + register: matrix_dendrite_register_user_result + changed_when: matrix_dendrite_register_user_result.rc == 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr + failed_when: matrix_dendrite_register_user_result.rc != 0 and 'Desired user ID is already taken' not in matrix_dendrite_register_user_result.stderr diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml b/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml new file mode 100644 index 000000000..fde82096c --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml @@ -0,0 +1,22 @@ +--- + +- name: Ensure Synapse user registered - {{ user.username | quote }} + ansible.builtin.command: + cmd: |- + {{ matrix_host_command_docker }} exec matrix-synapse + register_new_matrix_user + -u {{ user.username | quote }} + -p {{ user.initial_password | quote }} + -c /data/homeserver.yaml + {% if user.initial_type == 'admin' %} + --admin + {% else %} + --no-admin + {% if user.initial_type != 'user' %} + --user_type={{ user.initial_type | quote }} + {% endif %} + {% endif %} + http://localhost:{{ matrix_synapse_container_client_api_port }} + register: matrix_synapse_register_user_result + changed_when: matrix_synapse_register_user_result.rc == 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout + failed_when: matrix_synapse_register_user_result.rc != 0 and 'User ID already taken' not in matrix_synapse_register_user_result.stdout diff --git a/roles/matrix-user-creator/tasks/util/validate_user.yml b/roles/matrix-user-creator/tasks/util/validate_user.yml new file mode 100644 index 000000000..e35475d4e --- /dev/null +++ b/roles/matrix-user-creator/tasks/util/validate_user.yml @@ -0,0 +1,16 @@ +--- + +- name: Fail if invalid username + ansible.builtin.fail: + msg: "Empty usernames values are not allowed ({{ user }})" + when: not (user.username | default('')) + +- name: Fail if invalid initial_password for user - {{ user.username }} + ansible.builtin.fail: + msg: "Empty initial_password values are not allowed" + when: not (user.initial_password | default('')) + +- name: Fail if invalid initial_type for user - {{ user.username }} + ansible.builtin.fail: + msg: "User initial_type `{{ user.initial_type | default('undefined') }}` is not supported" + when: user.initial_type | default('undefined') not in ['admin', 'user', 'bot', 'support'] diff --git a/roles/matrix-user-creator/vars/main.yml b/roles/matrix-user-creator/vars/main.yml new file mode 100644 index 000000000..7b65bb8aa --- /dev/null +++ b/roles/matrix-user-creator/vars/main.yml @@ -0,0 +1,34 @@ +--- + +# matrix_user_creator_users holds a list of users that should be created on the Matrix homeserver. +# +# Removing a user from this list will not automatically delete/disable the Matrix user on the homeserver. +# +# As the `initial_password` / `initial_type` field names indicate, these are just initial values. +# Changing the password or type values subsequently will not update the already existing user's details. +# +# The known user types are: 'admin', 'user', 'bot', 'support'. +# These are inspired by Synapse's user types. +# 'admin' and 'user' types are generally recognized across homeservers. +# Other homeservers may not support 'bot' and 'support'. Such homeservers will fall back to whatever types they do support. +# +# Example: +# matrix_user_creator_users: +# - username: root +# initial_password: some-password +# initial_type: admin +# +# - username: john +# initial_password: some-password +# initial_type: user +# +# - username: bot.matrix-reminder-bot +# initial_password: some-password +# initial_type: bot +# +# - username: bot.matrix-reminder-bot +# initial_password: some-password +# initial_type: support +# +# To create you own users, use the `matrix_user_creator_users_additional` variable. +matrix_user_creator_users: "{{ matrix_user_creator_users_auto + matrix_user_creator_users_additional }}" diff --git a/setup.yml b/setup.yml index 723f87d9c..b41793540 100755 --- a/setup.yml +++ b/setup.yml @@ -72,4 +72,5 @@ - matrix-aux - matrix-postgres-backup - matrix-backup-borg + - matrix-user-creator - matrix-common-after From 34873da3fd158a5675f88f32eb96e551f128b1ff Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Tue, 1 Nov 2022 10:58:05 -0400 Subject: [PATCH 292/349] moved login instructions to useage --- ...iguring-playbook-bridge-mautrix-discord.md | 28 +++++++++++-------- 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 80c2f165f..0a704696c 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -12,19 +12,9 @@ See the project's [documentation](https://docs.mau.fi/bridges/go/discord/index.h ## Prerequisites -There are 2 ways to link the bridge to discord. +There are 2 ways to login to discord using this bridge, either by [scanning a QR code](#method-1-login-using-qr-code-recommended) using the Discord mobile app **or** by using a [Discord token](#method-2-login-using-discord-token-not-recommended). -### Method 1: Login using QR code - -For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone. - -You can delete the Discord app after the authentication process. - -If this is a dealbreaker for you, consider using the [second method](#method-2-login-using-discord-token) or one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. - -### Method 2: Login using Discord token - -To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. +If this is a dealbreaker for you, consider using one of the other Discord bridges supported by the playbook: [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) or [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md). These come with their own complexity and limitations, however, so we recommend that you proceed with this one if possible. ## Installing @@ -76,6 +66,20 @@ When using this method, **each user** that wishes to enable Double Puppeting nee ## Usage +### Logging in + +#### Method 1: Login using QR code (recommended) + +For using this bridge, you would need to authenticate by **scanning a QR code** with the Discord app on your phone. + +You can delete the Discord app after the authentication process. + +#### Method 2: Login using Discord token (not recommended) + +To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. After copying the token you can close the browser window. + +### Bridging + 1. Start a chat with `@discordbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). 2. If you would like to login to Discord using a token, send `login-token` command, otherwise, send `login-qr` command. 3. You'll see a QR code which you need to scan with the Discord app on your phone. You can scan it with the camera app too, which will open Discord, which will then instruct you to scan it a 2nd time in the Discord app. From eaa9b7cfc4a05bce65cbc0424508bec827c44fb1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 1 Nov 2022 17:03:53 +0200 Subject: [PATCH 293/349] Add automatic user account creation support to Buscarron Continuation of c3dc64b1d5e06f --- docs/configuring-playbook-bot-buscarron.md | 29 +++++++++------------- group_vars/matrix_servers | 6 +++++ 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/docs/configuring-playbook-bot-buscarron.md b/docs/configuring-playbook-bot-buscarron.md index b38f25c67..0b80ba403 100644 --- a/docs/configuring-playbook-bot-buscarron.md +++ b/docs/configuring-playbook-bot-buscarron.md @@ -5,20 +5,6 @@ The playbook can install and configure [buscarron](https://gitlab.com/etke.cc/bu It's a bot you can use to setup **your own helpdesk on matrix** It's a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) matrix room -## Registering the bot user - -By default, the playbook will set up the bot with a username like this: `@bot.buscarron:DOMAIN`. - -(to use a different username, adjust the `matrix_bot_buscarron_login` variable). - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.buscarron password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. - ## Adjusting the playbook configuration @@ -27,7 +13,10 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_buscarron_enabled: true -# Adjust this to whatever password you chose when registering the bot user +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_buscarron_login: bot.buscarron + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` matrix_bot_buscarron_password: PASSWORD_FOR_THE_BOT # Adjust accepted forms @@ -57,9 +46,15 @@ matrix_server_fqn_buscarron: "form.{{ matrix_domain }}" After configuring the playbook, run the [installation](installing.md) command again: +```sh +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start -``` + +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_buscarron_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_buscarron_password` to let the bot know its new password ## Usage diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 872e778bc..bdf5dccec 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2704,6 +2704,12 @@ matrix_user_creator_users_auto: | 'initial_password': matrix_bot_postmoogle_password, 'initial_type': 'bot', }] if matrix_bot_postmoogle_enabled else [] + + + [{ + 'username': matrix_bot_buscarron_login, + 'initial_password': matrix_bot_buscarron_password, + 'initial_type': 'bot', + }] if matrix_bot_buscarron_enabled else [] }} ###################################################################### From fe360d7f99f645f81c8684f3d30664a23988413a Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Tue, 1 Nov 2022 11:08:10 -0400 Subject: [PATCH 294/349] added missing comma --- docs/configuring-playbook-bridge-mautrix-discord.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 0a704696c..f717f8afc 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -76,7 +76,7 @@ You can delete the Discord app after the authentication process. #### Method 2: Login using Discord token (not recommended) -To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. After copying the token you can close the browser window. +To acquire the token, open Discord in a private browser window. Then open the developer settings (keyboard shortcut might be "ctrl+shift+i" or by pressing "F12"). Navigate to the "Network" tab then reload the page. In the URL filter or search bar type "/api" and find the response with the file name of "library". Under the request headers you should find a variable called "Authorization", this is the token to your Discord account. After copying the token, you can close the browser window. ### Bridging From b7bd68d3cb58e7e48e239ba66867a8b4c4f1631e Mon Sep 17 00:00:00 2001 From: Michael Hollister Date: Tue, 1 Nov 2022 13:11:11 -0500 Subject: [PATCH 295/349] Fixed filter for Synapse stream_writer HS config --- roles/matrix-synapse/tasks/synapse/workers/init.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/matrix-synapse/tasks/synapse/workers/init.yml index 0fc4e79c3..d88884d09 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/init.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/init.yml @@ -37,7 +37,7 @@ - name: Populate matrix_synapse_stream_writers from enabled stream writer workers list ansible.builtin.set_fact: - matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}) }}" + matrix_synapse_stream_writers: "{{ matrix_synapse_stream_writers | combine({item.ansible_facts.worker.stream_writer_stream: [item.ansible_facts.worker.name]}, list_merge='append') }}" with_items: "{{ matrix_synapse_workers_list_results_stream_writer_workers.results }}" - name: Build federation sender workers From 28d9ee857895e257bef651df9d91e45b5f28335c Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Tue, 1 Nov 2022 14:12:52 -0500 Subject: [PATCH 296/349] dendrite: update tag to v0.10.6 - update tag to latest dendrite release (https://github.com/matrix-org/dendrite/releases/tag/v0.10.6) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 945c16197..a1d03960c 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.5" +matrix_dendrite_docker_image_tag: "v0.10.6" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 8a609e5cf2b0bf59fdbf36cdcaafdfc9cf750d1d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 2 Nov 2022 07:00:45 +0200 Subject: [PATCH 297/349] Fix some ansible-lint-reported errors --- roles/matrix-base/tasks/setup_matrix_base.yml | 2 +- roles/matrix-bridge-hookshot/defaults/main.yml | 4 ++-- roles/matrix-postgres/tasks/import_postgres.yml | 4 ++-- roles/matrix-postgres/tasks/run_vacuum.yml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/matrix-base/tasks/setup_matrix_base.yml index 0bf197b66..2439fdea3 100644 --- a/roles/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/matrix-base/tasks/setup_matrix_base.yml @@ -22,7 +22,7 @@ - name: Save current git-repo status on the target to aid with restoring in case of problems when: "matrix_playbook_commit_hash_preservation_enabled|bool" block: - - name: Get local git hash # noqa command-instead-of-module + - name: Get local git hash # noqa command-instead-of-module delegate_to: 127.0.0.1 become: false register: git_describe diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 96781f9aa..4c39876a2 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -129,8 +129,8 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true -matrix_hookshot_feeds_pollIntervalSeconds: 600 -matrix_hookshot_feeds_pollTimeoutSeconds: 10 +matrix_hookshot_feeds_pollIntervalSeconds: 600 # no-qa var-naming +matrix_hookshot_feeds_pollTimeoutSeconds: 10 # no-qa var-naming # There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead. diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/matrix-postgres/tasks/import_postgres.yml index 107a1f887..d5bfaa86c 100644 --- a/roles/matrix-postgres/tasks/import_postgres.yml +++ b/roles/matrix-postgres/tasks/import_postgres.yml @@ -51,8 +51,8 @@ daemon_reload: true register: matrix_postgres_import_start_result -- when: matrix_postgres_import_start_result.changed | bool - name: Wait a bit, so that Postgres can start +- name: Wait a bit, so that Postgres can start + when: matrix_postgres_import_start_result.changed | bool ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/matrix-postgres/tasks/run_vacuum.yml index 1b769f01f..c1bf8d762 100644 --- a/roles/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/matrix-postgres/tasks/run_vacuum.yml @@ -30,8 +30,8 @@ daemon_reload: true register: matrix_postgres_vacuum_start_result -- when: matrix_postgres_vacuum_start_result.changed | bool - name: Wait a bit, so that Postgres can start +- name: Wait a bit, so that Postgres can start + when: matrix_postgres_vacuum_start_result.changed | bool ansible.builtin.wait_for: timeout: "{{ postgres_start_wait_time }}" delegate_to: 127.0.0.1 From 0fd9f3d4f99076fab4bc85a8b16dfda324aa4091 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 2 Nov 2022 07:21:09 +0000 Subject: [PATCH 298/349] Pin mautrix-instagram to v0.2.2 --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index 7305d0fbf..dcdf6723d 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}" -matrix_mautrix_instagram_version: latest +matrix_mautrix_instagram_version: v0.2.2 # See: https://mau.dev/tulir/mautrix-instagram/container_registry matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" From 752d2ba8d0e4ed458633e9acbfd3a4680fe8ddaf Mon Sep 17 00:00:00 2001 From: Samuel Meenzen Date: Wed, 2 Nov 2022 20:39:14 +0100 Subject: [PATCH 299/349] Update matrix_servers --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 3988a2b31..2e3a217c0 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -696,7 +696,7 @@ matrix_mautrix_discord_database_engine: "{{ 'postgres' if matrix_postgres_enable matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db') | to_uuid }}" # Enabling bridge.restricted_rooms for this bridge does not work well with Conduit, so we disable it by default. -# See: todo: add link to upstream issue +# This will be fixed in the upcoming `0.5.0` release of conduit. matrix_mautrix_discord_bridge_restricted_rooms: "{{ false if matrix_homeserver_implementation == 'conduit' else true }}" ###################################################################### From e1cfb6e79ff09f80063db89bc4fee10d6a621222 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 07:42:08 +0200 Subject: [PATCH 300/349] Make yamllint happy --- roles/matrix-bridge-mautrix-discord/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/matrix-bridge-mautrix-discord/defaults/main.yml index d3eae38a6..7163954a4 100644 --- a/roles/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-discord/defaults/main.yml @@ -143,4 +143,4 @@ matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_d # On conduit this option may prevent you from joining spaces created by the bridge. # Setting this to false fixes the issue. -matrix_mautrix_discord_bridge_restricted_rooms: true \ No newline at end of file +matrix_mautrix_discord_bridge_restricted_rooms: true From 410a915a8ab72a2715b14488522ad549a2ca1492 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 09:11:29 +0200 Subject: [PATCH 301/349] Move roles/matrix* to roles/custom/matrix* This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`, similar to how it's done in: - https://github.com/spantaleev/gitea-docker-ansible-deploy - https://github.com/spantaleev/nextcloud-docker-ansible-deploy In the near future, we'll be removing a lot of the shared role code from here and using upstream roles for it. Some of the core `matrix-*` roles have already been extracted out into other reusable roles: - https://github.com/devture/com.devture.ansible.role.postgres - https://github.com/devture/com.devture.ansible.role.systemd_docker_base - https://github.com/devture/com.devture.ansible.role.timesync - https://github.com/devture/com.devture.ansible.role.vars_preserver - https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages - https://github.com/devture/com.devture.ansible.role.playbook_help We just need to migrate to those. --- .yamllint | 2 +- CHANGELOG.md | 14 +- Makefile | 5 +- docs/configuring-playbook-backup-borg.md | 2 +- ...ng-playbook-bridge-appservice-kakaotalk.md | 4 +- ...iguring-playbook-bridge-beeper-linkedin.md | 2 +- ...onfiguring-playbook-bridge-heisenbridge.md | 2 +- docs/configuring-playbook-bridge-hookshot.md | 12 +- ...iguring-playbook-bridge-mautrix-discord.md | 8 +- ...guring-playbook-bridge-mautrix-facebook.md | 2 +- ...uring-playbook-bridge-mautrix-instagram.md | 2 +- ...figuring-playbook-bridge-mautrix-signal.md | 2 +- docs/configuring-playbook-client-element.md | 6 +- docs/configuring-playbook-dimension.md | 4 +- .../configuring-playbook-external-postgres.md | 2 +- docs/configuring-playbook-jitsi.md | 2 +- docs/configuring-playbook-ma1sd.md | 4 +- docs/configuring-playbook-mautrix-bridges.md | 4 +- docs/configuring-playbook-nginx.md | 4 +- docs/configuring-playbook-ntfy.md | 2 +- docs/configuring-playbook-own-webserver.md | 4 +- docs/configuring-playbook-sygnal.md | 4 +- ...ng-playbook-synapse-s3-storage-provider.md | 2 +- docs/configuring-playbook-synapse.md | 6 +- examples/vars.yml | 2 +- .../{ => custom}/matrix-aux/defaults/main.yml | 0 roles/{ => custom}/matrix-aux/tasks/main.yml | 0 roles/{ => custom}/matrix-aux/tasks/setup.yml | 0 .../matrix-backup-borg/defaults/main.yml | 0 .../matrix-backup-borg/tasks/init.yml | 0 .../matrix-backup-borg/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-backup-borg/templates/passwd.j2 | 0 .../matrix-backup-borg/templates/sshkey.j2 | 0 .../systemd/matrix-backup-borg.service.j2 | 0 .../systemd/matrix-backup-borg.timer.j2 | 0 .../matrix-base/defaults/main.yml | 0 .../files/yum.repos.d/docker-ce-centos.repo | 0 .../files/yum.repos.d/docker-ce-fedora.repo | 0 .../matrix-base/tasks/clean_up_old_files.yml | 0 roles/{ => custom}/matrix-base/tasks/main.yml | 0 .../matrix-base/tasks/sanity_check.yml | 0 .../matrix-base/tasks/server_base/setup.yml | 0 .../tasks/server_base/setup_archlinux.yml | 0 .../tasks/server_base/setup_debian.yml | 0 .../tasks/server_base/setup_fedora.yml | 0 .../tasks/server_base/setup_raspbian.yml | 0 .../tasks/server_base/setup_redhat.yml | 0 .../tasks/server_base/setup_redhat8.yml | 0 .../matrix-base/tasks/setup_matrix_base.yml | 0 .../matrix-base/tasks/setup_matrix_user.yml | 0 .../matrix-base/tasks/setup_well_known.yml | 0 .../tasks/util/ensure_fuse_installed.yml | 0 .../tasks/util/ensure_openssl_installed.yml | 0 .../static-files/well-known/matrix-client.j2 | 0 .../static-files/well-known/matrix-server.j2 | 0 .../static-files/well-known/matrix-support.j2 | 0 .../usr-local-bin/matrix-remove-all.j2 | 0 roles/{ => custom}/matrix-base/vars/main.yml | 0 .../matrix-bot-buscarron/defaults/main.yml | 0 .../matrix-bot-buscarron/tasks/init.yml | 0 .../matrix-bot-buscarron/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-bot-buscarron/templates/env.j2 | 0 .../systemd/matrix-bot-buscarron.service.j2 | 0 .../matrix-bot-go-neb/defaults/main.yml | 0 .../matrix-bot-go-neb/tasks/init.yml | 0 .../matrix-bot-go-neb/tasks/main.yml | 0 .../matrix-bot-go-neb/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-bot-go-neb.service.j2 | 0 .../matrix-bot-honoroit/defaults/main.yml | 0 .../matrix-bot-honoroit/tasks/init.yml | 0 .../matrix-bot-honoroit/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-bot-honoroit/templates/env.j2 | 0 .../systemd/matrix-bot-honoroit.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config/config.yml.j2 | 0 ...rix-bot-matrix-registration-bot.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-bot-matrix-reminder-bot.service.j2 | 0 .../matrix-bot-maubot/defaults/main.yml | 0 .../matrix-bot-maubot/tasks/init.yml | 0 .../matrix-bot-maubot/tasks/main.yml | 0 .../matrix-bot-maubot/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config/config.yaml.j2 | 0 .../systemd/matrix-bot-maubot.service.j2 | 0 .../matrix-bot-mjolnir/defaults/main.yml | 0 .../matrix-bot-mjolnir/tasks/init.yml | 0 .../matrix-bot-mjolnir/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/production.yaml.j2 | 0 .../systemd/matrix-bot-mjolnir.service.j2 | 0 .../matrix-bot-postmoogle/defaults/main.yml | 0 .../matrix-bot-postmoogle/tasks/init.yml | 0 .../matrix-bot-postmoogle/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-bot-postmoogle/templates/env.j2 | 0 .../systemd/matrix-bot-postmoogle.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-appservice-discord.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/migrate_nedb_to_postgres.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-appservice-irc.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../templates/node-config.json.j2 | 0 ...atrix-appservice-kakaotalk-node.service.j2 | 0 .../matrix-appservice-kakaotalk.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/migrate_nedb_to_postgres.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-appservice-slack.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../templates/database.json.j2 | 0 .../templates/schema.yml.j2 | 0 .../matrix-appservice-webhooks.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-beeper-linkedin.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-go-skype-bridge.service.j2 | 0 .../defaults/main.yml | 0 .../matrix-bridge-heisenbridge/tasks/init.yml | 0 .../matrix-bridge-heisenbridge/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../systemd/matrix-heisenbridge.service.j2 | 0 .../matrix-bridge-hookshot/defaults/main.yml | 0 .../matrix-bridge-hookshot/files/.gitkeep | 0 .../matrix-bridge-hookshot/tasks/init.yml | 0 .../matrix-bridge-hookshot/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yml.j2 | 0 .../templates/registration.yml.j2 | 0 .../systemd/matrix-hookshot.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mautrix-discord.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-facebook.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-googlechat.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-hangouts.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-instagram.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../templates/env.j2 | 0 .../templates/registration.yaml.j2 | 0 .../matrix-mautrix-signal-daemon.service.j2 | 0 .../systemd/matrix-mautrix-signal.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-telegram.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mautrix-twitter.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mautrix-whatsapp.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-discord.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-groupme.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-instagram.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mx-puppet-slack.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-mx-puppet-steam.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../matrix-mx-puppet-twitter.service.j2 | 0 .../matrix-bridge-sms/defaults/main.yml | 0 .../matrix-bridge-sms/tasks/init.yml | 0 .../matrix-bridge-sms/tasks/main.yml | 0 .../matrix-bridge-sms/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../systemd/matrix-sms-bridge.service.j2 | 0 .../matrix-cactus-comments/defaults/main.yml | 0 .../matrix-cactus-comments/tasks/init.yml | 0 .../matrix-cactus-comments/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/cactus_appservice.yaml.j2 | 0 .../matrix-cactus-comments/templates/env.j2 | 0 .../systemd/matrix-cactus-comments.service.j2 | 0 .../matrix-client-cinny/defaults/main.yml | 0 .../matrix-client-cinny/tasks/init.yml | 0 .../matrix-client-cinny/tasks/main.yml | 0 .../matrix-client-cinny/tasks/self_check.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../templates/nginx.conf.j2 | 0 .../systemd/matrix-client-cinny.service.j2 | 0 .../matrix-client-element/defaults/main.yml | 0 .../matrix-client-element/tasks/init.yml | 0 .../matrix-client-element/tasks/main.yml | 0 .../tasks/migrate_riot_web.yml | 0 .../tasks/prepare_themes.yml | 0 .../tasks/self_check.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../templates/nginx.conf.j2 | 0 .../systemd/matrix-client-element.service.j2 | 0 .../templates/welcome.html.j2 | 0 .../matrix-client-element/vars/main.yml | 0 .../matrix-client-hydrogen/defaults/main.yml | 0 .../matrix-client-hydrogen/tasks/init.yml | 0 .../matrix-client-hydrogen/tasks/main.yml | 0 .../tasks/self_check.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../templates/nginx.conf.j2 | 0 .../systemd/matrix-client-hydrogen.service.j2 | 0 .../matrix-common-after/defaults/main.yml | 0 .../tasks/dump_runtime_results.yml | 0 .../matrix-common-after/tasks/main.yml | 0 .../tasks/run_docker_prune.yml | 0 .../matrix-common-after/tasks/start.yml | 2 +- .../matrix-common-after/tasks/stop.yml | 0 .../matrix-conduit/defaults/main.yml | 0 .../matrix-conduit/tasks/conduit/setup.yml | 0 .../tasks/conduit/setup_install.yml | 0 .../tasks/conduit/setup_uninstall.yml | 0 .../matrix-conduit/tasks/init.yml | 0 .../matrix-conduit/tasks/main.yml | 0 .../templates/conduit/conduit.toml.j2 | 0 .../conduit/systemd/matrix-conduit.service.j2 | 0 .../{ => custom}/matrix-conduit/vars/main.yml | 0 .../matrix-corporal/defaults/main.yml | 0 .../matrix-corporal/tasks/init.yml | 0 .../matrix-corporal/tasks/main.yml | 0 .../tasks/self_check_corporal.yml | 0 .../matrix-corporal/tasks/setup_corporal.yml | 0 .../matrix-corporal/tasks/validate_config.yml | 0 .../matrix-corporal/templates/config.json.j2 | 0 .../systemd/matrix-corporal.service.j2 | 0 .../matrix-coturn/defaults/main.yml | 0 .../{ => custom}/matrix-coturn/tasks/init.yml | 0 .../{ => custom}/matrix-coturn/tasks/main.yml | 0 .../matrix-coturn/tasks/setup_install.yml | 0 .../matrix-coturn/tasks/setup_uninstall.yml | 0 .../matrix-coturn/tasks/validate_config.yml | 0 .../systemd/matrix-coturn-reload.service.j2 | 0 .../systemd/matrix-coturn-reload.timer.j2 | 0 .../systemd/matrix-coturn.service.j2 | 0 .../templates/turnserver.conf.j2 | 0 .../matrix-dendrite/defaults/main.yml | 0 .../matrix-dendrite/tasks/dendrite/setup.yml | 0 .../tasks/dendrite/setup_install.yml | 0 .../tasks/dendrite/setup_uninstall.yml | 0 .../matrix-dendrite/tasks/init.yml | 0 .../matrix-dendrite/tasks/main.yml | 0 .../matrix-dendrite/tasks/register_user.yml | 0 .../tasks/self_check_client_api.yml | 0 .../tasks/self_check_federation_api.yml | 0 .../matrix-dendrite/tasks/setup_dendrite.yml | 0 .../matrix-dendrite/tasks/validate_config.yml | 0 .../templates/dendrite/dendrite.yaml.j2 | 0 .../systemd/matrix-dendrite.service.j2 | 0 .../matrix-dendrite-create-account.j2 | 0 .../matrix-dendrite/vars/main.yml | 0 .../matrix-dimension/defaults/main.yml | 0 .../matrix-dimension/tasks/init.yml | 0 .../matrix-dimension/tasks/main.yml | 0 .../matrix-dimension/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../matrix-dimension/templates/config.yaml.j2 | 0 .../systemd/matrix-dimension.service.j2 | 0 .../matrix-dimension/vars/main.yml | 0 .../matrix-dynamic-dns/defaults/main.yml | 0 .../matrix-dynamic-dns/tasks/init.yml | 0 .../matrix-dynamic-dns/tasks/install.yml | 0 .../matrix-dynamic-dns/tasks/main.yml | 0 .../matrix-dynamic-dns/tasks/uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/ddclient.conf.j2 | 0 .../systemd/matrix-dynamic-dns.service.j2 | 0 .../matrix-email2matrix/defaults/main.yml | 0 .../matrix-email2matrix/tasks/init.yml | 0 .../matrix-email2matrix/tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.json.j2 | 0 .../systemd/matrix-email2matrix.service.j2 | 0 .../matrix-etherpad/defaults/main.yml | 0 .../matrix-etherpad/tasks/init.yml | 0 .../matrix-etherpad/tasks/main.yml | 0 .../matrix-etherpad/tasks/setup_install.yml | 0 .../matrix-etherpad/tasks/setup_uninstall.yml | 0 .../matrix-etherpad/tasks/validate_config.yml | 0 .../templates/settings.json.j2 | 0 .../systemd/matrix-etherpad.service.j2 | 0 .../matrix-grafana/defaults/main.yml | 0 .../matrix-grafana/tasks/init.yml | 0 .../matrix-grafana/tasks/main.yml | 0 .../matrix-grafana/tasks/setup.yml | 0 .../matrix-grafana/tasks/validate_config.yml | 0 .../templates/dashboards.yaml.j2 | 0 .../templates/datasources.yaml.j2 | 0 .../matrix-grafana/templates/grafana.ini.j2 | 0 .../systemd/matrix-grafana.service.j2 | 0 .../matrix-jitsi/defaults/main.yml | 0 .../{ => custom}/matrix-jitsi/tasks/init.yml | 0 .../{ => custom}/matrix-jitsi/tasks/main.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_base.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_jvb.yml | 0 .../tasks/setup_jitsi_prosody.yml | 0 .../matrix-jitsi/tasks/setup_jitsi_web.yml | 0 .../tasks/util/setup_jitsi_auth.yml | 0 .../matrix-jitsi/tasks/validate_config.yml | 0 .../matrix-jitsi/templates/jicofo/env.j2 | 0 .../templates/jicofo/logging.properties.j2 | 0 .../jicofo/matrix-jitsi-jicofo.service.j2 | 0 .../jicofo/sip-communicator.properties.j2 | 0 .../jvb/custom-sip-communicator.properties.j2 | 0 .../matrix-jitsi/templates/jvb/env.j2 | 0 .../templates/jvb/logging.properties.j2 | 0 .../templates/jvb/matrix-jitsi-jvb.service.j2 | 0 .../matrix-jitsi/templates/prosody/env.j2 | 0 .../prosody/matrix-jitsi-prosody.service.j2 | 0 .../templates/web/custom-config.js.j2 | 0 .../web/custom-interface_config.js.j2 | 0 .../matrix-jitsi/templates/web/env.j2 | 0 .../templates/web/matrix-jitsi-web.service.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/ldap-registration-proxy.env.j2 | 0 .../matrix-ldap-registration-proxy.service.j2 | 0 .../matrix-ma1sd/defaults/main.yml | 0 .../{ => custom}/matrix-ma1sd/tasks/init.yml | 0 .../{ => custom}/matrix-ma1sd/tasks/main.yml | 0 .../matrix-ma1sd/tasks/migrate_mxisd.yml | 0 .../matrix-ma1sd/tasks/self_check_ma1sd.yml | 0 .../matrix-ma1sd/tasks/setup_install.yml | 2 +- .../matrix-ma1sd/tasks/setup_uninstall.yml | 0 .../matrix-ma1sd/tasks/validate_config.yml | 0 .../matrix-ma1sd/templates/ma1sd.yaml.j2 | 0 .../templates/systemd/matrix-ma1sd.service.j2 | 0 roles/{ => custom}/matrix-ma1sd/vars/main.yml | 0 .../matrix-mailer/defaults/main.yml | 0 .../{ => custom}/matrix-mailer/tasks/init.yml | 0 .../{ => custom}/matrix-mailer/tasks/main.yml | 0 .../matrix-mailer/tasks/setup_mailer.yml | 0 .../matrix-mailer/templates/env-mailer.j2 | 0 .../systemd/matrix-mailer.service.j2 | 0 .../matrix-nginx-proxy/defaults/main.yml | 2 +- .../matrix-nginx-proxy/tasks/init.yml | 0 .../matrix-nginx-proxy/tasks/main.yml | 0 .../tasks/nginx-proxy/setup_metrics_auth.yml | 0 .../tasks/self_check_well_known.yml | 0 .../tasks/self_check_well_known_file.yml | 0 .../tasks/setup_nginx_proxy.yml | 0 .../tasks/setup_well_known.yml | 0 .../matrix-nginx-proxy/tasks/ssl/main.yml | 0 ...urge_ssl_lets_encrypt_orphaned_configs.yml | 0 .../tasks/ssl/setup_ssl_lets_encrypt.yml | 0 ...tup_ssl_lets_encrypt_obtain_for_domain.yml | 0 .../tasks/ssl/setup_ssl_manually_managed.yml | 0 ...ssl_manually_managed_verify_for_domain.yml | 0 .../tasks/ssl/setup_ssl_self_signed.yml | 0 ...etup_ssl_self_signed_obtain_for_domain.yml | 0 .../tasks/validate_config.yml | 0 .../nginx/conf.d/matrix-base-domain.conf.j2 | 0 .../nginx/conf.d/matrix-bot-buscarron.conf.j2 | 0 .../nginx/conf.d/matrix-bot-go-neb.conf.j2 | 0 .../nginx/conf.d/matrix-client-cinny.conf.j2 | 0 .../conf.d/matrix-client-element.conf.j2 | 0 .../conf.d/matrix-client-hydrogen.conf.j2 | 0 .../nginx/conf.d/matrix-conduit.conf.j2 | 0 .../nginx/conf.d/matrix-dendrite.conf.j2 | 0 .../nginx/conf.d/matrix-dimension.conf.j2 | 0 .../nginx/conf.d/matrix-domain.conf.j2 | 0 .../nginx/conf.d/matrix-grafana.conf.j2 | 0 .../nginx/conf.d/matrix-jitsi.conf.j2 | 0 .../nginx/conf.d/matrix-ntfy.conf.j2 | 0 .../nginx/conf.d/matrix-riot-web.conf.j2 | 0 .../nginx/conf.d/matrix-sygnal.conf.j2 | 0 .../nginx/conf.d/matrix-synapse.conf.j2 | 0 .../templates/nginx/conf.d/nginx-http.conf.j2 | 0 .../templates/nginx/nginx.conf.j2 | 0 .../systemd/matrix-nginx-proxy.service.j2 | 0 ...lets-encrypt-certificates-renew.service.j2 | 0 ...l-lets-encrypt-certificates-renew.timer.j2 | 0 .../matrix-ssl-nginx-proxy-reload.service.j2 | 0 .../matrix-ssl-nginx-proxy-reload.timer.j2 | 0 ...rix-ssl-lets-encrypt-certificates-renew.j2 | 0 .../matrix-nginx-proxy/vars/main.yml | 0 .../matrix-ntfy/defaults/main.yml | 0 roles/{ => custom}/matrix-ntfy/tasks/init.yml | 0 roles/{ => custom}/matrix-ntfy/tasks/main.yml | 0 .../matrix-ntfy/tasks/self_check.yml | 0 .../matrix-ntfy/tasks/setup_install.yml | 0 .../matrix-ntfy/tasks/setup_uninstall.yml | 0 .../matrix-ntfy/templates/ntfy/server.yml.j2 | 0 .../templates/systemd/matrix-ntfy.service.j2 | 0 .../matrix-postgres-backup/defaults/main.yml | 0 .../matrix-postgres-backup/tasks/init.yml | 0 .../matrix-postgres-backup/tasks/main.yml | 0 .../tasks/setup_postgres_backup.yml | 2 +- .../tasks/validate_config.yml | 0 .../templates/env-postgres-backup.j2 | 0 .../systemd/matrix-postgres-backup.service.j2 | 0 .../matrix-postgres/defaults/main.yml | 0 .../detect_existing_postgres_version.yml | 0 .../tasks/import_generic_sqlite_db.yml | 0 .../matrix-postgres/tasks/import_postgres.yml | 0 .../tasks/import_synapse_sqlite_db.yml | 0 .../matrix-postgres/tasks/init.yml | 0 .../matrix-postgres/tasks/main.yml | 0 .../tasks/migrate_db_to_postgres.yml | 2 +- .../tasks/migrate_postgres_data_directory.yml | 0 .../matrix-postgres/tasks/run_vacuum.yml | 0 .../matrix-postgres/tasks/setup_postgres.yml | 0 .../tasks/upgrade_postgres.yml | 0 .../tasks/util/create_additional_database.yml | 0 .../util/create_additional_databases.yml | 0 .../matrix-postgres/tasks/validate_config.yml | 0 .../templates/env-postgres-psql.j2 | 0 .../templates/env-postgres-server.j2 | 0 .../init-additional-db-user-and-role.sql.j2 | 0 .../systemd/matrix-postgres.service.j2 | 0 .../matrix-change-user-admin-status.j2 | 0 .../matrix-postgres-cli-non-interactive.j2 | 0 .../usr-local-bin/matrix-postgres-cli.j2 | 0 ...trix-postgres-update-user-password-hash.j2 | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup.yml | 0 ...matrix-prometheus-node-exporter.service.j2 | 0 .../vars/main.yml | 0 .../defaults/main.yml | 0 .../tasks/init.yml | 0 .../tasks/main.yml | 0 .../tasks/setup.yml | 0 ...ix-prometheus-postgres-exporter.service.j2 | 0 .../vars/main.yml | 0 .../matrix-prometheus/defaults/main.yml | 0 .../matrix-prometheus/tasks/init.yml | 0 .../matrix-prometheus/tasks/main.yml | 0 .../matrix-prometheus/tasks/setup_install.yml | 0 .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/prometheus.yml.j2 | 0 .../systemd/matrix-prometheus.service.j2 | 0 .../matrix-redis/defaults/main.yml | 0 .../{ => custom}/matrix-redis/tasks/init.yml | 0 .../{ => custom}/matrix-redis/tasks/main.yml | 0 .../matrix-redis/tasks/setup_redis.yml | 0 .../matrix-redis/templates/redis.conf.j2 | 0 .../templates/systemd/matrix-redis.service.j2 | 0 .../matrix-registration/defaults/main.yml | 0 .../tasks/generate_token.yml | 0 .../matrix-registration/tasks/init.yml | 0 .../matrix-registration/tasks/list_tokens.yml | 0 .../matrix-registration/tasks/main.yml | 0 .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 0 .../tasks/validate_config.yml | 0 .../templates/config.yaml.j2 | 0 .../systemd/matrix-registration.service.j2 | 0 .../matrix-sygnal/defaults/main.yml | 0 .../{ => custom}/matrix-sygnal/tasks/init.yml | 0 .../{ => custom}/matrix-sygnal/tasks/main.yml | 0 .../matrix-sygnal/tasks/setup_install.yml | 0 .../matrix-sygnal/tasks/setup_uninstall.yml | 0 .../matrix-sygnal/tasks/validate_config.yml | 0 .../matrix-sygnal/templates/sygnal.yaml.j2 | 0 .../systemd/matrix-sygnal.service.j2 | 0 .../matrix-synapse-admin/defaults/main.yml | 0 .../matrix-synapse-admin/tasks/init.yml | 0 .../matrix-synapse-admin/tasks/main.yml | 0 .../matrix-synapse-admin/tasks/setup.yml | 0 .../tasks/validate_config.yml | 0 .../systemd/matrix-synapse-admin.service.j2 | 0 .../matrix-synapse/defaults/main.yml | 2 +- .../files/workers-doc-to-yaml.awk | 0 .../files/workers-doc-to-yaml.sh | 0 .../tasks/ext/encryption-disabler/setup.yml | 0 .../ext/encryption-disabler/setup_install.yml | 0 .../encryption-disabler/setup_uninstall.yml | 0 .../tasks/ext/ldap-auth/setup.yml | 0 .../tasks/ext/mjolnir-antispam/setup.yml | 0 .../ext/mjolnir-antispam/setup_install.yml | 0 .../ext/mjolnir-antispam/setup_uninstall.yml | 0 .../tasks/ext/rest-auth/setup.yml | 0 .../tasks/ext/rest-auth/setup_install.yml | 0 .../tasks/ext/rest-auth/setup_uninstall.yml | 0 .../tasks/ext/s3-storage-provider/init.yml | 0 .../tasks/ext/s3-storage-provider/setup.yml | 0 .../ext/s3-storage-provider/setup_install.yml | 0 .../s3-storage-provider/setup_uninstall.yml | 0 .../s3-storage-provider/validate_config.yml | 0 .../matrix-synapse/tasks/ext/setup.yml | 0 .../tasks/ext/shared-secret-auth/setup.yml | 0 .../ext/shared-secret-auth/setup_install.yml | 0 .../shared-secret-auth/setup_uninstall.yml | 0 .../ext/synapse-simple-antispam/setup.yml | 0 .../synapse-simple-antispam/setup_install.yml | 0 .../setup_uninstall.yml | 0 .../matrix-synapse/tasks/goofys/setup.yml | 0 .../tasks/goofys/setup_install.yml | 0 .../tasks/goofys/setup_uninstall.yml | 0 .../tasks/import_media_store.yml | 0 .../matrix-synapse/tasks/init.yml | 0 .../matrix-synapse/tasks/main.yml | 0 .../matrix-synapse/tasks/register_user.yml | 0 .../compress_room.yml | 0 .../rust-synapse-compress-state/main.yml | 0 .../tasks/self_check_client_api.yml | 0 .../tasks/self_check_federation_api.yml | 0 .../matrix-synapse/tasks/setup_synapse.yml | 0 .../matrix-synapse/tasks/synapse/setup.yml | 0 .../tasks/synapse/setup_install.yml | 0 .../tasks/synapse/setup_uninstall.yml | 0 .../tasks/synapse/workers/init.yml | 0 .../tasks/synapse/workers/setup.yml | 0 .../tasks/synapse/workers/setup_install.yml | 0 .../tasks/synapse/workers/setup_uninstall.yml | 0 .../synapse/workers/util/inject_worker.yml | 0 .../workers/util/setup_files_for_worker.yml | 0 .../tasks/update_user_password.yml | 0 .../matrix-synapse/tasks/validate_config.yml | 0 .../templates/goofys/env-goofys.j2 | 0 .../goofys/systemd/matrix-goofys.service.j2 | 0 .../synapse/customizations/Dockerfile.j2 | 0 .../ext/s3-storage-provider/database.yaml.j2 | 0 .../synapse/ext/s3-storage-provider/env.j2 | 0 .../media_storage_provider.yaml.j2 | 0 ...pse-s3-storage-provider-migrate.service.j2 | 0 ...napse-s3-storage-provider-migrate.timer.j2 | 0 ...rix-synapse-s3-storage-provider-migrate.j2 | 0 ...atrix-synapse-s3-storage-provider-shell.j2 | 0 .../templates/synapse/homeserver.yaml.j2 | 0 .../external_prometheus.yml.example.j2 | 0 .../templates/synapse/synapse.log.config.j2 | 0 .../systemd/matrix-synapse-worker.service.j2 | 0 .../synapse/systemd/matrix-synapse.service.j2 | 0 .../matrix-synapse-register-user.j2 | 0 .../templates/synapse/worker.yaml.j2 | 0 .../{ => custom}/matrix-synapse/vars/main.yml | 0 .../matrix-synapse/vars/workers.yml | 0 .../matrix-user-creator/defaults/main.yml | 0 .../matrix-user-creator/tasks/main.yml | 0 .../matrix-user-creator/tasks/setup.yml | 0 .../util/ensure_user_registered_conduit.yml | 0 .../util/ensure_user_registered_dendrite.yml | 0 .../util/ensure_user_registered_synapse.yml | 0 .../tasks/util/validate_user.yml | 0 .../matrix-user-creator/vars/main.yml | 0 setup.yml | 136 +++++++++--------- 722 files changed, 148 insertions(+), 145 deletions(-) rename roles/{ => custom}/matrix-aux/defaults/main.yml (100%) rename roles/{ => custom}/matrix-aux/tasks/main.yml (100%) rename roles/{ => custom}/matrix-aux/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-backup-borg/defaults/main.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/init.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/main.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-backup-borg/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-backup-borg/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-backup-borg/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/passwd.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/sshkey.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 (100%) rename roles/{ => custom}/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 (100%) rename roles/{ => custom}/matrix-base/defaults/main.yml (100%) rename roles/{ => custom}/matrix-base/files/yum.repos.d/docker-ce-centos.repo (100%) rename roles/{ => custom}/matrix-base/files/yum.repos.d/docker-ce-fedora.repo (100%) rename roles/{ => custom}/matrix-base/tasks/clean_up_old_files.yml (100%) rename roles/{ => custom}/matrix-base/tasks/main.yml (100%) rename roles/{ => custom}/matrix-base/tasks/sanity_check.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_archlinux.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_debian.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_fedora.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_raspbian.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_redhat.yml (100%) rename roles/{ => custom}/matrix-base/tasks/server_base/setup_redhat8.yml (100%) rename roles/{ => custom}/matrix-base/tasks/setup_matrix_base.yml (100%) rename roles/{ => custom}/matrix-base/tasks/setup_matrix_user.yml (100%) rename roles/{ => custom}/matrix-base/tasks/setup_well_known.yml (100%) rename roles/{ => custom}/matrix-base/tasks/util/ensure_fuse_installed.yml (100%) rename roles/{ => custom}/matrix-base/tasks/util/ensure_openssl_installed.yml (100%) rename roles/{ => custom}/matrix-base/templates/static-files/well-known/matrix-client.j2 (100%) rename roles/{ => custom}/matrix-base/templates/static-files/well-known/matrix-server.j2 (100%) rename roles/{ => custom}/matrix-base/templates/static-files/well-known/matrix-support.j2 (100%) rename roles/{ => custom}/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 (100%) rename roles/{ => custom}/matrix-base/vars/main.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-buscarron/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 (100%) rename roles/{ => custom}/matrix-bot-go-neb/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-go-neb/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 (100%) rename roles/{ => custom}/matrix-bot-honoroit/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-honoroit/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 (100%) rename roles/{ => custom}/matrix-bot-maubot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-maubot/templates/config/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 (100%) rename roles/{ => custom}/matrix-bot-mjolnir/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-mjolnir/templates/production.yaml.j2 (100%) rename roles/{ => custom}/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 (100%) rename roles/{ => custom}/matrix-bot-postmoogle/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bot-postmoogle/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/database.json.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 (100%) rename roles/{ => custom}/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-hookshot/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/files/.gitkeep (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-hookshot/templates/config.yml.j2 (100%) rename roles/{ => custom}/matrix-bridge-hookshot/templates/registration.yml.j2 (100%) rename roles/{ => custom}/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/env.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 (100%) rename roles/{ => custom}/matrix-bridge-sms/defaults/main.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/init.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/main.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 (100%) rename roles/{ => custom}/matrix-cactus-comments/defaults/main.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/init.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/main.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 (100%) rename roles/{ => custom}/matrix-cactus-comments/templates/env.j2 (100%) rename roles/{ => custom}/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 (100%) rename roles/{ => custom}/matrix-client-cinny/defaults/main.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/init.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/main.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-client-cinny/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-client-cinny/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-client-cinny/templates/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 (100%) rename roles/{ => custom}/matrix-client-element/defaults/main.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/init.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/main.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/migrate_riot_web.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/prepare_themes.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-client-element/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-client-element/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-client-element/templates/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-client-element/templates/systemd/matrix-client-element.service.j2 (100%) rename roles/{ => custom}/matrix-client-element/templates/welcome.html.j2 (100%) rename roles/{ => custom}/matrix-client-element/vars/main.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/defaults/main.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/init.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/main.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-client-hydrogen/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-client-hydrogen/templates/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 (100%) rename roles/{ => custom}/matrix-common-after/defaults/main.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/dump_runtime_results.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/main.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/run_docker_prune.yml (100%) rename roles/{ => custom}/matrix-common-after/tasks/start.yml (97%) rename roles/{ => custom}/matrix-common-after/tasks/stop.yml (100%) rename roles/{ => custom}/matrix-conduit/defaults/main.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/conduit/setup.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/conduit/setup_install.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/conduit/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/init.yml (100%) rename roles/{ => custom}/matrix-conduit/tasks/main.yml (100%) rename roles/{ => custom}/matrix-conduit/templates/conduit/conduit.toml.j2 (100%) rename roles/{ => custom}/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 (100%) rename roles/{ => custom}/matrix-conduit/vars/main.yml (100%) rename roles/{ => custom}/matrix-corporal/defaults/main.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/init.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/main.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/self_check_corporal.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/setup_corporal.yml (100%) rename roles/{ => custom}/matrix-corporal/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-corporal/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-corporal/templates/systemd/matrix-corporal.service.j2 (100%) rename roles/{ => custom}/matrix-coturn/defaults/main.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/init.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/main.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-coturn/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 (100%) rename roles/{ => custom}/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 (100%) rename roles/{ => custom}/matrix-coturn/templates/systemd/matrix-coturn.service.j2 (100%) rename roles/{ => custom}/matrix-coturn/templates/turnserver.conf.j2 (100%) rename roles/{ => custom}/matrix-dendrite/defaults/main.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/dendrite/setup.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/dendrite/setup_install.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/dendrite/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/init.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/main.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/register_user.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/self_check_client_api.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/self_check_federation_api.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/setup_dendrite.yml (100%) rename roles/{ => custom}/matrix-dendrite/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 (100%) rename roles/{ => custom}/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 (100%) rename roles/{ => custom}/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 (100%) rename roles/{ => custom}/matrix-dendrite/vars/main.yml (100%) rename roles/{ => custom}/matrix-dimension/defaults/main.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/init.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/main.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-dimension/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-dimension/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-dimension/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-dimension/templates/systemd/matrix-dimension.service.j2 (100%) rename roles/{ => custom}/matrix-dimension/vars/main.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/defaults/main.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/init.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/install.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/main.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/uninstall.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-dynamic-dns/templates/ddclient.conf.j2 (100%) rename roles/{ => custom}/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 (100%) rename roles/{ => custom}/matrix-email2matrix/defaults/main.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/init.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/main.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-email2matrix/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-email2matrix/templates/config.json.j2 (100%) rename roles/{ => custom}/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 (100%) rename roles/{ => custom}/matrix-etherpad/defaults/main.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/init.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/main.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-etherpad/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-etherpad/templates/settings.json.j2 (100%) rename roles/{ => custom}/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 (100%) rename roles/{ => custom}/matrix-grafana/defaults/main.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/init.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/main.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-grafana/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-grafana/templates/dashboards.yaml.j2 (100%) rename roles/{ => custom}/matrix-grafana/templates/datasources.yaml.j2 (100%) rename roles/{ => custom}/matrix-grafana/templates/grafana.ini.j2 (100%) rename roles/{ => custom}/matrix-grafana/templates/systemd/matrix-grafana.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/defaults/main.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/init.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/main.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_base.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_jicofo.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_jvb.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_prosody.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/setup_jitsi_web.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/util/setup_jitsi_auth.yml (100%) rename roles/{ => custom}/matrix-jitsi/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/logging.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/logging.properties.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/prosody/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/custom-config.js.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/custom-interface_config.js.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/env.j2 (100%) rename roles/{ => custom}/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/defaults/main.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/init.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/main.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 (100%) rename roles/{ => custom}/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 (100%) rename roles/{ => custom}/matrix-ma1sd/defaults/main.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/init.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/main.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/migrate_mxisd.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/self_check_ma1sd.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-ma1sd/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-ma1sd/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-ma1sd/templates/ma1sd.yaml.j2 (100%) rename roles/{ => custom}/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 (100%) rename roles/{ => custom}/matrix-ma1sd/vars/main.yml (100%) rename roles/{ => custom}/matrix-mailer/defaults/main.yml (100%) rename roles/{ => custom}/matrix-mailer/tasks/init.yml (100%) rename roles/{ => custom}/matrix-mailer/tasks/main.yml (100%) rename roles/{ => custom}/matrix-mailer/tasks/setup_mailer.yml (100%) rename roles/{ => custom}/matrix-mailer/templates/env-mailer.j2 (100%) rename roles/{ => custom}/matrix-mailer/templates/systemd/matrix-mailer.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/defaults/main.yml (99%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/init.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/main.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/self_check_well_known.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/self_check_well_known_file.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/setup_well_known.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/main.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 (100%) rename roles/{ => custom}/matrix-nginx-proxy/vars/main.yml (100%) rename roles/{ => custom}/matrix-ntfy/defaults/main.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/init.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/main.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/self_check.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-ntfy/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-ntfy/templates/ntfy/server.yml.j2 (100%) rename roles/{ => custom}/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 (100%) rename roles/{ => custom}/matrix-postgres-backup/defaults/main.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/tasks/init.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/tasks/main.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/tasks/setup_postgres_backup.yml (99%) rename roles/{ => custom}/matrix-postgres-backup/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-postgres-backup/templates/env-postgres-backup.j2 (100%) rename roles/{ => custom}/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 (100%) rename roles/{ => custom}/matrix-postgres/defaults/main.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/detect_existing_postgres_version.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/import_generic_sqlite_db.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/import_postgres.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/import_synapse_sqlite_db.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/init.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/main.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/migrate_db_to_postgres.yml (99%) rename roles/{ => custom}/matrix-postgres/tasks/migrate_postgres_data_directory.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/run_vacuum.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/setup_postgres.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/upgrade_postgres.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/util/create_additional_database.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/util/create_additional_databases.yml (100%) rename roles/{ => custom}/matrix-postgres/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-postgres/templates/env-postgres-psql.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/env-postgres-server.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/systemd/matrix-postgres.service.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 (100%) rename roles/{ => custom}/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 (100%) rename roles/{ => custom}/matrix-prometheus-node-exporter/vars/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/defaults/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/tasks/init.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/tasks/main.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 (100%) rename roles/{ => custom}/matrix-prometheus-postgres-exporter/vars/main.yml (100%) rename roles/{ => custom}/matrix-prometheus/defaults/main.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/init.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/main.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-prometheus/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-prometheus/templates/prometheus.yml.j2 (100%) rename roles/{ => custom}/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 (100%) rename roles/{ => custom}/matrix-redis/defaults/main.yml (100%) rename roles/{ => custom}/matrix-redis/tasks/init.yml (100%) rename roles/{ => custom}/matrix-redis/tasks/main.yml (100%) rename roles/{ => custom}/matrix-redis/tasks/setup_redis.yml (100%) rename roles/{ => custom}/matrix-redis/templates/redis.conf.j2 (100%) rename roles/{ => custom}/matrix-redis/templates/systemd/matrix-redis.service.j2 (100%) rename roles/{ => custom}/matrix-registration/defaults/main.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/generate_token.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/init.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/list_tokens.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/main.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/setup_install.yml (99%) rename roles/{ => custom}/matrix-registration/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-registration/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-registration/templates/config.yaml.j2 (100%) rename roles/{ => custom}/matrix-registration/templates/systemd/matrix-registration.service.j2 (100%) rename roles/{ => custom}/matrix-sygnal/defaults/main.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/init.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/main.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/setup_install.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-sygnal/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-sygnal/templates/sygnal.yaml.j2 (100%) rename roles/{ => custom}/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 (100%) rename roles/{ => custom}/matrix-synapse-admin/defaults/main.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/init.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/main.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/defaults/main.yml (99%) rename roles/{ => custom}/matrix-synapse/files/workers-doc-to-yaml.awk (100%) rename roles/{ => custom}/matrix-synapse/files/workers-doc-to-yaml.sh (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/encryption-disabler/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/ldap-auth/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/rest-auth/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/rest-auth/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/init.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/goofys/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/goofys/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/goofys/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/import_media_store.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/init.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/main.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/register_user.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/rust-synapse-compress-state/main.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/self_check_client_api.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/self_check_federation_api.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/setup_synapse.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/init.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/setup.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/setup_install.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/update_user_password.yml (100%) rename roles/{ => custom}/matrix-synapse/tasks/validate_config.yml (100%) rename roles/{ => custom}/matrix-synapse/templates/goofys/env-goofys.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/homeserver.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/synapse.log.config.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 (100%) rename roles/{ => custom}/matrix-synapse/templates/synapse/worker.yaml.j2 (100%) rename roles/{ => custom}/matrix-synapse/vars/main.yml (100%) rename roles/{ => custom}/matrix-synapse/vars/workers.yml (100%) rename roles/{ => custom}/matrix-user-creator/defaults/main.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/main.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/setup.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml (100%) rename roles/{ => custom}/matrix-user-creator/tasks/util/validate_user.yml (100%) rename roles/{ => custom}/matrix-user-creator/vars/main.yml (100%) diff --git a/.yamllint b/.yamllint index 08b89afd9..6f10a36da 100644 --- a/.yamllint +++ b/.yamllint @@ -2,7 +2,7 @@ extends: default ignore: | - roles/matrix-synapse/vars/workers.yml + roles/custom/matrix-synapse/vars/workers.yml rules: line-length: disable diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ee9afac2..4d8b9b219 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -130,7 +130,7 @@ Below we'll discuss **potential backward incompatibilities**. - **Metric endpoints have also changed** (`/metrics/synapse/worker/generic_worker-18111` -> `/metrics/synapse/worker/generic-worker-0`). If you're [collecting metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-metrics-to-an-external-prometheus-server), consider revisiting our [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server) docs and updating your Prometheus configuration. **If you're collecting metrics to the integrated Prometheus server** (not enabled by default), **your Prometheus configuration will be updated automatically**. Old data (from before this change) may stick around though. -- **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. +- **the format of `matrix_synapse_workers_enabled_list` has changed**. You were never advised to use this variable for directly creating workers (we advise people to control workers using `matrix_synapse_workers_preset` or by tweaking `matrix_synapse_workers_*_workers_count` variables only), but some people may have started using the `matrix_synapse_workers_enabled_list` variable to gain more control over workers. If you're one of them, you'll need to adjust its value. See `roles/custom/matrix-synapse/defaults/main.yml` for more information on the new format. The playbook will also do basic validation and complain if you got something wrong. # 2022-09-09 @@ -412,7 +412,7 @@ matrix_ma1sd_enabled: true We now support installing the [matrix_encryption_disabler](https://github.com/digitalentity/matrix_encryption_disabler) Synapse module, which lets you prevent End-to-End-Encryption from being enabled by users on your homeserver. The popular opinion is that this is dangerous and shouldn't be done, but there are valid use cases for disabling encryption discussed [here](https://github.com/matrix-org/synapse/issues/4401). -To enable this module (and prevent encryption from being used on your homserver), add `matrix_synapse_ext_encryption_disabler_enabled: true` to your configuration. This module provides further customization. Check its other configuration settings (and defaults) in `roles/matrix-synapse/defaults/main.yml`. +To enable this module (and prevent encryption from being used on your homserver), add `matrix_synapse_ext_encryption_disabler_enabled: true` to your configuration. This module provides further customization. Check its other configuration settings (and defaults) in `roles/custom/matrix-synapse/defaults/main.yml`. # 2022-02-01 @@ -799,7 +799,7 @@ You have 3 ways to proceed: - stop the bridge (`systemctl stop matrix-mautrix-facebook`) - create a new `matrix_mautrix_facebook` Postgres database for it - run [pgloader](https://pgloader.io/) manually (we import this bridge's data using default settings and it works well) - - define `matrix_mautrix_facebook_database_*` variables in your `vars.yml` file (credentials, etc.) - you can find their defaults in `roles/matrix-mautrix-facebook/defaults/main.yml` + - define `matrix_mautrix_facebook_database_*` variables in your `vars.yml` file (credentials, etc.) - you can find their defaults in `roles/custom/matrix-mautrix-facebook/defaults/main.yml` - switch the bridge to Postgres (`matrix_mautrix_facebook_database_engine: 'postgres'` in your `vars.yml` file) - re-run the playbook (`--tags=setup-all,start`) and ensure the bridge works (`systemctl status matrix-mautrix-facebook` and `journalctl -fu matrix-mautrix-facebook`) - send a `login` message to the Facebook bridge bot again @@ -1677,7 +1677,7 @@ Having Synapse not be a required component potentially opens the door for instal ## Bridges are now separate from the Synapse role Bridges are no longer part of the `matrix-synapse` role. -Each bridge now lives in its own separate role (`roles/matrix-bridge-*`). +Each bridge now lives in its own separate role (`roles/custom/matrix-bridge-*`). These bridge roles are independent of the `matrix-synapse` role, so it should be possible to use them with a Synapse instance installed another way (not through the playbook). @@ -1971,7 +1971,7 @@ The following variables are no longer supported by this playbook: - `matrix_mxisd_template_config` You are encouraged to use the `matrix_mxisd_configuration_extension_yaml` variable to define your own mxisd configuration additions and overrides. -Refer to the [default variables file](roles/matrix-mxisd/defaults/main.yml) for more information. +Refer to the [default variables file](roles/custom/matrix-mxisd/defaults/main.yml) for more information. This new way of configuring mxisd is beneficial because: @@ -2033,14 +2033,14 @@ Based on feedback from others, running Synapse on Python 3 is supposed to decrea ## Riot homepage customization You can now customize some parts of the Riot homepage (or even completely replace it with your own custom page). -See the `matrix_riot_web_homepage_` variables in `roles/matrix-riot-web/defaults/main.yml`. +See the `matrix_riot_web_homepage_` variables in `roles/custom/matrix-riot-web/defaults/main.yml`. # 2018-12-04 ## mxisd extensibility -The [LDAP identity store for mxisd](https://github.com/kamax-matrix/mxisd/blob/master/docs/stores/ldap.md) can now be configured easily using playbook variables (see the `matrix_mxisd_ldap_` variables in `roles/matrix-server/defaults/main.yml`). +The [LDAP identity store for mxisd](https://github.com/kamax-matrix/mxisd/blob/master/docs/stores/ldap.md) can now be configured easily using playbook variables (see the `matrix_mxisd_ldap_` variables in `roles/custom/matrix-server/defaults/main.yml`). # 2018-11-28 diff --git a/Makefile b/Makefile index 576dcbf56..62419150c 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,10 @@ -.PHONY: lint +.PHONY: roles lint help: ## Show this help. @grep -F -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -e 's/\\$$//' | sed -e 's/##//' +roles: ## Pull roles + ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force + lint: ## Runs ansible-lint against all roles in the playbook ansible-lint diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 3d9cad87a..f3cfc6def 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -64,7 +64,7 @@ To backup without encryption, add `matrix_backup_borg_encryption: 'none'` to you `matrix_backup_borg_location_source_directories` defines the list of directories to back up: it's set to `{{ matrix_base_data_path }}` by default, which is the base directory for every service's data, such as Synapse, Postgres and the bridges. You might want to exclude certain directories or file patterns from the backup using the `matrix_backup_borg_location_exclude_patterns` variable. -Check the `roles/matrix-backup-borg/defaults/main.yml` file for the full list of available options. +Check the `roles/custom/matrix-backup-borg/defaults/main.yml` file for the full list of available options. ## Installing diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index 3c49d726a..99ddafe83 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -28,8 +28,8 @@ There are some additional things you may wish to configure about the bridge. Take a look at: -- `roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml` for some variables that you can customize via your `vars.yml` file -- `roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_appservice_kakaotalk_configuration_extension_yaml` variable +- `roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml` for some variables that you can customize via your `vars.yml` file +- `roles/custom/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_appservice_kakaotalk_configuration_extension_yaml` variable ### Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index eac756e29..6ec294fbd 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -27,7 +27,7 @@ matrix_beeper_linkedin_configuration_extension_yaml: | '@YOUR_USERNAME:YOUR_DOMAIN': admin ``` -You may wish to look at `roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2` to find other things you would like to configure. ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-heisenbridge.md b/docs/configuring-playbook-bridge-heisenbridge.md index 2c1b438f6..b21eab1ff 100644 --- a/docs/configuring-playbook-bridge-heisenbridge.md +++ b/docs/configuring-playbook-bridge-heisenbridge.md @@ -8,7 +8,7 @@ See the project's [README](https://github.com/hifi/heisenbridge/blob/master/READ ## Configuration -Below are the common configuration options that you may want to set, exhaustive list is in [the bridge's defaults var file](../roles/matrix-bridge-heisenbridge/defaults/main.yml). +Below are the common configuration options that you may want to set, exhaustive list is in [the bridge's defaults var file](../roles/custom/matrix-bridge-heisenbridge/defaults/main.yml). At a minimum, you only need to enable the bridge to get it up and running (`inventory/host_vars/matrix.DOMAIN/vars.yml`): diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 5505d0ad1..5cd4dd4c0 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -14,12 +14,12 @@ Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbo Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/latest/setup.html) to learn what the individual options do. 1. Enable the bridge by adding `matrix_hookshot_enabled: true` to your `vars.yml` file -2. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required. +2. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) as required. 3. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). 4. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. 5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. -Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. +Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) for how to use them. Finally, run the playbook (see [installing](installing.md)). @@ -54,14 +54,14 @@ Unless indicated otherwise, the following endpoints are reachable on your `matri | widgets | `/hookshot/widgetapi/` | `matrix_hookshot_widgets_endpoint` | Widgets | | metrics | `/metrics/hookshot` | `matrix_hookshot_metrics_enabled` and `matrix_hookshot_metrics_proxying_enabled`. Requires `/metrics/*` endpoints to also be enabled via `matrix_nginx_proxy_proxy_matrix_metrics_enabled` (see the `matrix-nginx-proxy` role). Read more in the [Metrics section](#metrics) below. | Prometheus | -See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml). +See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/custom/matrix-bridge-hookshot/tasks/init.yml). -The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) in detail for more info. +The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) in detail for more info. ### Manage GitHub Private Key with matrix-aux role The GitHub bridge requires you to install a private key file. This can be done in multiple ways: -- copy the *contents* of the downloaded file and set the variable `matrix_hookshot_github_private_key` to the contents (see example in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml)). +- copy the *contents* of the downloaded file and set the variable `matrix_hookshot_github_private_key` to the contents (see example in [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml)). - somehow copy the file to the path `{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}` (default: `/matrix/hookshot/private-key.pem`) on the server manually. - use the `matrix-aux` role to copy the file from an arbitrary path on your ansible client to the correct path on the server. @@ -74,7 +74,7 @@ matrix_aux_file_definitions: owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" ``` -For more info see the documentation in the [matrix-aux base configuration file](/roles/matrix-aux/defaults/main.yml). +For more info see the documentation in the [matrix-aux base configuration file](/roles/custom/matrix-aux/defaults/main.yml). ### Provisioning API diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 065609b25..439113fd4 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -1,7 +1,7 @@ # Setting up Mautrix Discord (optional) -**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. -- For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. +**Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. +- For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. @@ -40,8 +40,8 @@ There are some additional things you may wish to configure about the bridge. Take a look at: -- `roles/matrix-bridge-mautrix-discord/defaults/main.yml` for some variables that you can customize via your `vars.yml` file -- `roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_mautrix_discord_configuration_extension_yaml` variable +- `roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml` for some variables that you can customize via your `vars.yml` file +- `roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_mautrix_discord_configuration_extension_yaml` variable ### Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index d74ec2a3f..82d51df32 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -39,7 +39,7 @@ matrix_mautrix_facebook_configuration_extension_yaml: | default: true ``` -You may wish to look at `roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-facebook/defaults/main.yml` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml` to find other things you would like to configure. ## Set up Double Puppeting diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index cbfdcb0b5..c5b3feb7a 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -31,7 +31,7 @@ matrix_mautrix_instagram_configuration_extension_yaml: | '@YOUR_USERNAME:YOUR_DOMAIN': admin ``` -You may wish to look at `roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-instagram/defaults/main.yml` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml` to find other things you would like to configure. ## Usage diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 403177e6a..13e424d4f 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -55,7 +55,7 @@ matrix_mautrix_signal_bridge_permissions: | '@USER:YOUR_DOMAIN' : user ``` -You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. ## Set up Double Puppeting diff --git a/docs/configuring-playbook-client-element.md b/docs/configuring-playbook-client-element.md index 2248327f6..1f90aca68 100644 --- a/docs/configuring-playbook-client-element.md +++ b/docs/configuring-playbook-client-element.md @@ -17,7 +17,7 @@ matrix_client_element_enabled: false The playbook provides some customization variables you could use to change Element's settings. -Their defaults are defined in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/matrix-client-element/templates/config.json.j2`](../roles/matrix-client-element/templates/config.json.j2) template. +Their defaults are defined in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml) and they ultimately end up in the generated `/matrix/element/config.json` file (on the server). This file is generated from the [`roles/custom/matrix-client-element/templates/config.json.j2`](../roles/custom/matrix-client-element/templates/config.json.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. @@ -25,9 +25,9 @@ Alternatively, **if there is no pre-defined variable** for an Element setting yo - you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Element's various settings that rarely get used. -- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/matrix-client-element/templates/config.json.j2)) by making use of the `matrix_client_element_configuration_extension_json_` variable. You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml). +- or, you can **extend and override the default configuration** ([`config.json.j2`](../roles/custom/matrix-client-element/templates/config.json.j2)) by making use of the `matrix_client_element_configuration_extension_json_` variable. You can find information about this in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml). -- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_element_configuration_default` (or `matrix_client_element_configuration`). You can find information about this in [`roles/matrix-client-element/defaults/main.yml`](../roles/matrix-client-element/defaults/main.yml). +- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_client_element_configuration_default` (or `matrix_client_element_configuration`). You can find information about this in [`roles/custom/matrix-client-element/defaults/main.yml`](../roles/custom/matrix-client-element/defaults/main.yml). ## Themes diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index b97be7646..e201785a1 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -22,7 +22,7 @@ matrix_dimension_enabled: true ## Define admin users -These users can modify the integrations this Dimension supports. +These users can modify the integrations this Dimension supports. Add this to your configuration file (`inventory/host_vars/matrix./vars.yml`): ```yaml @@ -73,6 +73,6 @@ In the interim until the above limitation is resolved, an admin user needs to co ## Additional features To use a more custom configuration, you can define a `matrix_dimension_configuration_extension_yaml` string variable and put your configuration in it. -To learn more about how to do this, refer to the information about `matrix_dimension_configuration_extension_yaml` in the [default variables file](../roles/matrix-dimension/defaults/main.yml) of the Dimension component. +To learn more about how to do this, refer to the information about `matrix_dimension_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-dimension/defaults/main.yml) of the Dimension component. You can find all configuration options on [GitHub page of Dimension project](https://github.com/turt2live/matrix-dimension/blob/master/config/default.yaml). diff --git a/docs/configuring-playbook-external-postgres.md b/docs/configuring-playbook-external-postgres.md index eef3cbace..1f1a30e49 100644 --- a/docs/configuring-playbook-external-postgres.md +++ b/docs/configuring-playbook-external-postgres.md @@ -20,7 +20,7 @@ matrix_synapse_database_database: "your-postgres-server-database-name" # Rewire any other service (each `matrix-*` role) you may wish to use to use your external Postgres server. # Each service expects to have its own dedicated database on the Postgres server -# and uses its own variable names (see `roles/matrix-*/defaults/main.yml) for configuring Postgres connectivity. +# and uses its own variable names (see `roles/custom/matrix-*/defaults/main.yml) for configuring Postgres connectivity. ``` The database (as specified in `matrix_synapse_database_database`) must exist and be accessible with the given credentials. diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 51ad29b79..f278e54ec 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -14,7 +14,7 @@ Before installing Jitsi, make sure you've created the `jitsi.DOMAIN` DNS record. You may also need to open the following ports to your server: - `4443/tcp` - RTP media fallback over TCP -- `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/matrix-jitsi/defaults/main.yml)). +- `10000/udp` - RTP media over UDP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/custom/matrix-jitsi/defaults/main.yml)). ## Installation diff --git a/docs/configuring-playbook-ma1sd.md b/docs/configuring-playbook-ma1sd.md index e18a51c5d..1e92378a9 100644 --- a/docs/configuring-playbook-ma1sd.md +++ b/docs/configuring-playbook-ma1sd.md @@ -33,7 +33,7 @@ matrix_ma1sd_matrixorg_forwarding_enabled: true ## Customizing email templates If you'd like to change the default email templates used by ma1sd, take a look at the `matrix_ma1sd_threepid_medium_email_custom_` variables -(in the `roles/matrix-ma1sd/defaults/main.yml` file. +(in the `roles/custom/matrix-ma1sd/defaults/main.yml` file. ## ma1sd-controlled Registration @@ -86,7 +86,7 @@ You can refer to the [ma1sd website](https://github.com/ma1uta/ma1sd) for more d To use a more custom configuration, you can define a `matrix_ma1sd_configuration_extension_yaml` string variable and put your configuration in it. -To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/matrix-ma1sd/defaults/main.yml) of the ma1sd component. +To learn more about how to do this, refer to the information about `matrix_ma1sd_configuration_extension_yaml` in the [default variables file](../roles/custom/matrix-ma1sd/defaults/main.yml) of the ma1sd component. ## Example: SMS verification diff --git a/docs/configuring-playbook-mautrix-bridges.md b/docs/configuring-playbook-mautrix-bridges.md index 1cd76f963..abc6b0f18 100644 --- a/docs/configuring-playbook-mautrix-bridges.md +++ b/docs/configuring-playbook-mautrix-bridges.md @@ -64,7 +64,7 @@ Can be used to set the username for the bridge. ## Discovering additional configuration options -You may wish to look at `roles/matrix-bridge-mautrix-SERVICENAME/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-SERVICENAME/defaults/main.yml` to find other things you would like to configure. +You may wish to look at `roles/custom/matrix-bridge-mautrix-SERVICENAME/templates/config.yaml.j2` and `roles/custom/matrix-bridge-mautrix-SERVICENAME/defaults/main.yml` to find other things you would like to configure. ## Set up Double Puppeting @@ -97,7 +97,7 @@ If you have issues with a service, and are requesting support, the higher levels ## Usage -You then need to start a chat with `@SERVICENAMEbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +You then need to start a chat with `@SERVICENAMEbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). Send `login ` to the bridge bot to get started You can learn more here about authentication from the bridge's official documentation on Authentication https://docs.mau.fi/bridges/python/SERVICENAME/authentication.html . diff --git a/docs/configuring-playbook-nginx.md b/docs/configuring-playbook-nginx.md index c8500b374..96f854d0e 100644 --- a/docs/configuring-playbook-nginx.md +++ b/docs/configuring-playbook-nginx.md @@ -42,7 +42,7 @@ Besides changing the preset (`matrix_nginx_proxy_ssl_preset`), you can also dire - `matrix_nginx_proxy_ssl_prefer_server_ciphers`: for specifying if the server or the client choice when negotiating the cipher. It can set to `on` or `off`. - `matrix_nginx_proxy_ssl_ciphers`: for specifying the SSL Cipher suites used by nginx. -For more information about these variables, check the `roles/matrix-nginx-proxy/defaults/main.yml` file. +For more information about these variables, check the `roles/custom/matrix-nginx-proxy/defaults/main.yml` file. ## Synapse + OpenID Connect for Single-Sign-On @@ -80,5 +80,5 @@ matrix_nginx_proxy_proxy_http_additional_server_configuration_blocks: # These lines will be included in the nginx configuration. # This is at the top level of the file, so you will need to define all of the `server { ... }` blocks. - | - # For advanced use, have a look at the template files in `roles/matrix-nginx-proxy/templates/nginx/conf.d` + # For advanced use, have a look at the template files in `roles/custom/matrix-nginx-proxy/templates/nginx/conf.d` ``` diff --git a/docs/configuring-playbook-ntfy.md b/docs/configuring-playbook-ntfy.md index 757bcccd4..a5aec60b4 100644 --- a/docs/configuring-playbook-ntfy.md +++ b/docs/configuring-playbook-ntfy.md @@ -23,7 +23,7 @@ matrix_ntfy_configuration_extension_yaml: | log_level: DEBUG ``` -For a more complete list of variables that you could override, see `roles/matrix-ntfy/defaults/main.yml`. +For a more complete list of variables that you could override, see `roles/custom/matrix-ntfy/defaults/main.yml`. For a complete list of ntfy config options that you could put in `matrix_ntfy_configuration_extension_yaml`, see the [ntfy config documentation](https://ntfy.sh/docs/config/#config-options). diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 87201e3e9..9fd51086b 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -34,7 +34,7 @@ No matter which external webserver you decide to go with, you'll need to: matrix_nginx_proxy_enabled: false ``` - if using an external server on another host, add the `_http_host_bind_port` or `_http_bind_port` variables for the services that will be exposed by the external server on the other host. The actual name of the variable is listed in the `roles//defaults/vars.yml` file for each service. Most variables follow the `_http_host_bind_port` format. - + These variables will make Docker expose the ports on all network interfaces instead of localhost only. [Keep in mind that there are some security concerns if you simply proxy everything.](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints) @@ -84,7 +84,7 @@ After following the [Preparation](#preparation) guide above, you can take a loo ### Using another external webserver -Feel free to look at the [examples/apache](../examples/apache) directory, or the [template files in the matrix-nginx-proxy role](../roles/matrix-nginx-proxy/templates/nginx/conf.d/). +Feel free to look at the [examples/apache](../examples/apache) directory, or the [template files in the matrix-nginx-proxy role](../roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/). ## Method 2: Fronting the integrated nginx reverse-proxy webserver with another reverse-proxy diff --git a/docs/configuring-playbook-sygnal.md b/docs/configuring-playbook-sygnal.md index 3eb626ebc..1a344530c 100644 --- a/docs/configuring-playbook-sygnal.md +++ b/docs/configuring-playbook-sygnal.md @@ -41,14 +41,14 @@ matrix_aux_file_definitions: group: "{{ matrix_user_groupname }}" ``` -For a more complete example of available fields and values they can take, see `roles/matrix-sygnal/templates/sygnal.yaml.j2` (or the [upstream `sygnal.yaml.sample` configuration file](https://github.com/matrix-org/sygnal/blob/master/sygnal.yaml.sample)). +For a more complete example of available fields and values they can take, see `roles/custom/matrix-sygnal/templates/sygnal.yaml.j2` (or the [upstream `sygnal.yaml.sample` configuration file](https://github.com/matrix-org/sygnal/blob/master/sygnal.yaml.sample)). Configuring [GCM/FCM](https://firebase.google.com/docs/cloud-messaging/) is easier, as it only requires that you provide some config values. To configure [APNS](https://developer.apple.com/notifications/) (Apple Push Notification Service), you'd need to provide one or more certificate files. To do that, the above example configuration: -- makes use of the `matrix-aux` role (and its `matrix_aux_file_definitions` variable) to make the playbook install files into `/matrix/sygnal/data` (the `matrix_sygnal_data_path` variable). See `roles/matrix-aux/defaults/main.yml` for usage examples. It also makes sure the files are owned by `matrix:matrix`, so that Sygnal can read them. Of course, you can also install these files manually yourself, if you'd rather not use `matrix-aux`. +- makes use of the `matrix-aux` role (and its `matrix_aux_file_definitions` variable) to make the playbook install files into `/matrix/sygnal/data` (the `matrix_sygnal_data_path` variable). See `roles/custom/matrix-aux/defaults/main.yml` for usage examples. It also makes sure the files are owned by `matrix:matrix`, so that Sygnal can read them. Of course, you can also install these files manually yourself, if you'd rather not use `matrix-aux`. - references these files in the Sygnal configuration (`matrix_sygnal_apps`) using a path like `/data/..` (the `/matrix/sygnal/data` directory on the host system is mounted into the `/data` directory inside the container) diff --git a/docs/configuring-playbook-synapse-s3-storage-provider.md b/docs/configuring-playbook-synapse-s3-storage-provider.md index a71e5a0bf..2dba264be 100644 --- a/docs/configuring-playbook-synapse-s3-storage-provider.md +++ b/docs/configuring-playbook-synapse-s3-storage-provider.md @@ -39,7 +39,7 @@ matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id: access-key- matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key: secret-key-goes-here matrix_synapse_ext_synapse_s3_storage_provider_config_storage_class: STANDARD # or STANDARD_IA, etc. -# For additional advanced settings, take a look at `roles/matrix-synapse/defaults/main.yml` +# For additional advanced settings, take a look at `roles/custom/matrix-synapse/defaults/main.yml` ``` If you have existing files in Synapse's media repository (`/matrix/synapse/media-store/..`): diff --git a/docs/configuring-playbook-synapse.md b/docs/configuring-playbook-synapse.md index 7c38b5ccd..2e14f1ad4 100644 --- a/docs/configuring-playbook-synapse.md +++ b/docs/configuring-playbook-synapse.md @@ -5,7 +5,7 @@ If that's enough for you, you can skip this document. The playbook provides lots of customization variables you could use to change Synapse's settings. -Their defaults are defined in [`roles/matrix-synapse/defaults/main.yml`](../roles/matrix-synapse/defaults/main.yml) and they ultimately end up in the generated `/matrix/synapse/config/homeserver.yaml` file (on the server). This file is generated from the [`roles/matrix-synapse/templates/synapse/homeserver.yaml.j2`](../roles/matrix-synapse/templates/synapse/homeserver.yaml.j2) template. +Their defaults are defined in [`roles/custom/matrix-synapse/defaults/main.yml`](../roles/custom/matrix-synapse/defaults/main.yml) and they ultimately end up in the generated `/matrix/synapse/config/homeserver.yaml` file (on the server). This file is generated from the [`roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2`](../roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2) template. **If there's an existing variable** which controls a setting you wish to change, you can simply define that variable in your configuration file (`inventory/host_vars/matrix./vars.yml`) and [re-run the playbook](installing.md) to apply the changes. @@ -13,9 +13,9 @@ Alternatively, **if there is no pre-defined variable** for a Synapse setting you - you can either **request a variable to be created** (or you can submit such a contribution yourself). Keep in mind that it's **probably not a good idea** to create variables for each one of Synapse's various settings that rarely get used. -- or, you can **extend and override the default configuration** ([`homeserver.yaml.j2`](../roles/matrix-synapse/templates/synapse/homeserver.yaml.j2)) by making use of the `matrix_synapse_configuration_extension_yaml` variable. You can find information about this in [`roles/matrix-synapse/defaults/main.yml`](../roles/matrix-synapse/defaults/main.yml). +- or, you can **extend and override the default configuration** ([`homeserver.yaml.j2`](../roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2)) by making use of the `matrix_synapse_configuration_extension_yaml` variable. You can find information about this in [`roles/custom/matrix-synapse/defaults/main.yml`](../roles/custom/matrix-synapse/defaults/main.yml). -- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_synapse_configuration` (or `matrix_synapse_configuration_yaml`). You can find information about this in [`roles/matrix-synapse/defaults/main.yml`](../roles/matrix-synapse/defaults/main.yml). +- or, if extending the configuration is still not powerful enough for your needs, you can **override the configuration completely** using `matrix_synapse_configuration` (or `matrix_synapse_configuration_yaml`). You can find information about this in [`roles/custom/matrix-synapse/defaults/main.yml`](../roles/custom/matrix-synapse/defaults/main.yml). ## Load balancing with workers diff --git a/examples/vars.yml b/examples/vars.yml index 248f906ba..e1b6cf054 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -13,7 +13,7 @@ matrix_domain: YOUR_BARE_DOMAIN_NAME_HERE # The Matrix homeserver software to install. # See: -# - `roles/matrix-base/defaults/main.yml` for valid options +# - `roles/custom/matrix-base/defaults/main.yml` for valid options # - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice matrix_homeserver_implementation: synapse diff --git a/roles/matrix-aux/defaults/main.yml b/roles/custom/matrix-aux/defaults/main.yml similarity index 100% rename from roles/matrix-aux/defaults/main.yml rename to roles/custom/matrix-aux/defaults/main.yml diff --git a/roles/matrix-aux/tasks/main.yml b/roles/custom/matrix-aux/tasks/main.yml similarity index 100% rename from roles/matrix-aux/tasks/main.yml rename to roles/custom/matrix-aux/tasks/main.yml diff --git a/roles/matrix-aux/tasks/setup.yml b/roles/custom/matrix-aux/tasks/setup.yml similarity index 100% rename from roles/matrix-aux/tasks/setup.yml rename to roles/custom/matrix-aux/tasks/setup.yml diff --git a/roles/matrix-backup-borg/defaults/main.yml b/roles/custom/matrix-backup-borg/defaults/main.yml similarity index 100% rename from roles/matrix-backup-borg/defaults/main.yml rename to roles/custom/matrix-backup-borg/defaults/main.yml diff --git a/roles/matrix-backup-borg/tasks/init.yml b/roles/custom/matrix-backup-borg/tasks/init.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/init.yml rename to roles/custom/matrix-backup-borg/tasks/init.yml diff --git a/roles/matrix-backup-borg/tasks/main.yml b/roles/custom/matrix-backup-borg/tasks/main.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/main.yml rename to roles/custom/matrix-backup-borg/tasks/main.yml diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/custom/matrix-backup-borg/tasks/setup_install.yml similarity index 99% rename from roles/matrix-backup-borg/tasks/setup_install.yml rename to roles/custom/matrix-backup-borg/tasks/setup_install.yml index f99051e35..9c7429b84 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_install.yml @@ -10,7 +10,7 @@ when: not matrix_postgres_enabled - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: detect_existing_postgres_version - name: Fail if detected Postgres version is unsupported diff --git a/roles/matrix-backup-borg/tasks/setup_uninstall.yml b/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/setup_uninstall.yml rename to roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml diff --git a/roles/matrix-backup-borg/tasks/validate_config.yml b/roles/custom/matrix-backup-borg/tasks/validate_config.yml similarity index 100% rename from roles/matrix-backup-borg/tasks/validate_config.yml rename to roles/custom/matrix-backup-borg/tasks/validate_config.yml diff --git a/roles/matrix-backup-borg/templates/config.yaml.j2 b/roles/custom/matrix-backup-borg/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/config.yaml.j2 rename to roles/custom/matrix-backup-borg/templates/config.yaml.j2 diff --git a/roles/matrix-backup-borg/templates/passwd.j2 b/roles/custom/matrix-backup-borg/templates/passwd.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/passwd.j2 rename to roles/custom/matrix-backup-borg/templates/passwd.j2 diff --git a/roles/matrix-backup-borg/templates/sshkey.j2 b/roles/custom/matrix-backup-borg/templates/sshkey.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/sshkey.j2 rename to roles/custom/matrix-backup-borg/templates/sshkey.j2 diff --git a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 rename to roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 diff --git a/roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 similarity index 100% rename from roles/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 rename to roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.timer.j2 diff --git a/roles/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml similarity index 100% rename from roles/matrix-base/defaults/main.yml rename to roles/custom/matrix-base/defaults/main.yml diff --git a/roles/matrix-base/files/yum.repos.d/docker-ce-centos.repo b/roles/custom/matrix-base/files/yum.repos.d/docker-ce-centos.repo similarity index 100% rename from roles/matrix-base/files/yum.repos.d/docker-ce-centos.repo rename to roles/custom/matrix-base/files/yum.repos.d/docker-ce-centos.repo diff --git a/roles/matrix-base/files/yum.repos.d/docker-ce-fedora.repo b/roles/custom/matrix-base/files/yum.repos.d/docker-ce-fedora.repo similarity index 100% rename from roles/matrix-base/files/yum.repos.d/docker-ce-fedora.repo rename to roles/custom/matrix-base/files/yum.repos.d/docker-ce-fedora.repo diff --git a/roles/matrix-base/tasks/clean_up_old_files.yml b/roles/custom/matrix-base/tasks/clean_up_old_files.yml similarity index 100% rename from roles/matrix-base/tasks/clean_up_old_files.yml rename to roles/custom/matrix-base/tasks/clean_up_old_files.yml diff --git a/roles/matrix-base/tasks/main.yml b/roles/custom/matrix-base/tasks/main.yml similarity index 100% rename from roles/matrix-base/tasks/main.yml rename to roles/custom/matrix-base/tasks/main.yml diff --git a/roles/matrix-base/tasks/sanity_check.yml b/roles/custom/matrix-base/tasks/sanity_check.yml similarity index 100% rename from roles/matrix-base/tasks/sanity_check.yml rename to roles/custom/matrix-base/tasks/sanity_check.yml diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/custom/matrix-base/tasks/server_base/setup.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup.yml rename to roles/custom/matrix-base/tasks/server_base/setup.yml diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/custom/matrix-base/tasks/server_base/setup_archlinux.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_archlinux.yml rename to roles/custom/matrix-base/tasks/server_base/setup_archlinux.yml diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/custom/matrix-base/tasks/server_base/setup_debian.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_debian.yml rename to roles/custom/matrix-base/tasks/server_base/setup_debian.yml diff --git a/roles/matrix-base/tasks/server_base/setup_fedora.yml b/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_fedora.yml rename to roles/custom/matrix-base/tasks/server_base/setup_fedora.yml diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_raspbian.yml rename to roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml diff --git a/roles/matrix-base/tasks/server_base/setup_redhat.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_redhat.yml rename to roles/custom/matrix-base/tasks/server_base/setup_redhat.yml diff --git a/roles/matrix-base/tasks/server_base/setup_redhat8.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml similarity index 100% rename from roles/matrix-base/tasks/server_base/setup_redhat8.yml rename to roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml diff --git a/roles/matrix-base/tasks/setup_matrix_base.yml b/roles/custom/matrix-base/tasks/setup_matrix_base.yml similarity index 100% rename from roles/matrix-base/tasks/setup_matrix_base.yml rename to roles/custom/matrix-base/tasks/setup_matrix_base.yml diff --git a/roles/matrix-base/tasks/setup_matrix_user.yml b/roles/custom/matrix-base/tasks/setup_matrix_user.yml similarity index 100% rename from roles/matrix-base/tasks/setup_matrix_user.yml rename to roles/custom/matrix-base/tasks/setup_matrix_user.yml diff --git a/roles/matrix-base/tasks/setup_well_known.yml b/roles/custom/matrix-base/tasks/setup_well_known.yml similarity index 100% rename from roles/matrix-base/tasks/setup_well_known.yml rename to roles/custom/matrix-base/tasks/setup_well_known.yml diff --git a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml similarity index 100% rename from roles/matrix-base/tasks/util/ensure_fuse_installed.yml rename to roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml diff --git a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml similarity index 100% rename from roles/matrix-base/tasks/util/ensure_openssl_installed.yml rename to roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/custom/matrix-base/templates/static-files/well-known/matrix-client.j2 similarity index 100% rename from roles/matrix-base/templates/static-files/well-known/matrix-client.j2 rename to roles/custom/matrix-base/templates/static-files/well-known/matrix-client.j2 diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-server.j2 b/roles/custom/matrix-base/templates/static-files/well-known/matrix-server.j2 similarity index 100% rename from roles/matrix-base/templates/static-files/well-known/matrix-server.j2 rename to roles/custom/matrix-base/templates/static-files/well-known/matrix-server.j2 diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-support.j2 b/roles/custom/matrix-base/templates/static-files/well-known/matrix-support.j2 similarity index 100% rename from roles/matrix-base/templates/static-files/well-known/matrix-support.j2 rename to roles/custom/matrix-base/templates/static-files/well-known/matrix-support.j2 diff --git a/roles/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 b/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 similarity index 100% rename from roles/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 rename to roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 diff --git a/roles/matrix-base/vars/main.yml b/roles/custom/matrix-base/vars/main.yml similarity index 100% rename from roles/matrix-base/vars/main.yml rename to roles/custom/matrix-base/vars/main.yml diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/custom/matrix-bot-buscarron/defaults/main.yml similarity index 100% rename from roles/matrix-bot-buscarron/defaults/main.yml rename to roles/custom/matrix-bot-buscarron/defaults/main.yml diff --git a/roles/matrix-bot-buscarron/tasks/init.yml b/roles/custom/matrix-bot-buscarron/tasks/init.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/init.yml rename to roles/custom/matrix-bot-buscarron/tasks/init.yml diff --git a/roles/matrix-bot-buscarron/tasks/main.yml b/roles/custom/matrix-bot-buscarron/tasks/main.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/main.yml rename to roles/custom/matrix-bot-buscarron/tasks/main.yml diff --git a/roles/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-buscarron/tasks/setup_install.yml rename to roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index 4a23d7e72..431989f80 100644 --- a/roles/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -21,7 +21,7 @@ systemd_services_to_stop: ['matrix-bot-buscarron.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-buscarron/tasks/validate_config.yml b/roles/custom/matrix-bot-buscarron/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-buscarron/tasks/validate_config.yml rename to roles/custom/matrix-bot-buscarron/tasks/validate_config.yml diff --git a/roles/matrix-bot-buscarron/templates/env.j2 b/roles/custom/matrix-bot-buscarron/templates/env.j2 similarity index 100% rename from roles/matrix-bot-buscarron/templates/env.j2 rename to roles/custom/matrix-bot-buscarron/templates/env.j2 diff --git a/roles/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 similarity index 100% rename from roles/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 rename to roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 diff --git a/roles/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml similarity index 100% rename from roles/matrix-bot-go-neb/defaults/main.yml rename to roles/custom/matrix-bot-go-neb/defaults/main.yml diff --git a/roles/matrix-bot-go-neb/tasks/init.yml b/roles/custom/matrix-bot-go-neb/tasks/init.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/init.yml rename to roles/custom/matrix-bot-go-neb/tasks/init.yml diff --git a/roles/matrix-bot-go-neb/tasks/main.yml b/roles/custom/matrix-bot-go-neb/tasks/main.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/main.yml rename to roles/custom/matrix-bot-go-neb/tasks/main.yml diff --git a/roles/matrix-bot-go-neb/tasks/setup_install.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/setup_install.yml rename to roles/custom/matrix-bot-go-neb/tasks/setup_install.yml diff --git a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-go-neb/tasks/validate_config.yml b/roles/custom/matrix-bot-go-neb/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-go-neb/tasks/validate_config.yml rename to roles/custom/matrix-bot-go-neb/tasks/validate_config.yml diff --git a/roles/matrix-bot-go-neb/templates/config.yaml.j2 b/roles/custom/matrix-bot-go-neb/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bot-go-neb/templates/config.yaml.j2 rename to roles/custom/matrix-bot-go-neb/templates/config.yaml.j2 diff --git a/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 similarity index 100% rename from roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 rename to roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/custom/matrix-bot-honoroit/defaults/main.yml similarity index 100% rename from roles/matrix-bot-honoroit/defaults/main.yml rename to roles/custom/matrix-bot-honoroit/defaults/main.yml diff --git a/roles/matrix-bot-honoroit/tasks/init.yml b/roles/custom/matrix-bot-honoroit/tasks/init.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/init.yml rename to roles/custom/matrix-bot-honoroit/tasks/init.yml diff --git a/roles/matrix-bot-honoroit/tasks/main.yml b/roles/custom/matrix-bot-honoroit/tasks/main.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/main.yml rename to roles/custom/matrix-bot-honoroit/tasks/main.yml diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-honoroit/tasks/setup_install.yml rename to roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 3c9745576..5ca63186b 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -21,7 +21,7 @@ systemd_services_to_stop: ['matrix-bot-honoroit.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-honoroit/tasks/validate_config.yml b/roles/custom/matrix-bot-honoroit/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-honoroit/tasks/validate_config.yml rename to roles/custom/matrix-bot-honoroit/tasks/validate_config.yml diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/custom/matrix-bot-honoroit/templates/env.j2 similarity index 100% rename from roles/matrix-bot-honoroit/templates/env.j2 rename to roles/custom/matrix-bot-honoroit/templates/env.j2 diff --git a/roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 similarity index 100% rename from roles/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 rename to roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 diff --git a/roles/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/defaults/main.yml rename to roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/init.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/init.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/init.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/init.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/main.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/main.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/main.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-matrix-registration-bot/tasks/validate_config.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/tasks/validate_config.yml rename to roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml diff --git a/roles/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 rename to roles/custom/matrix-bot-matrix-registration-bot/templates/config/config.yml.j2 diff --git a/roles/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 similarity index 100% rename from roles/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 rename to roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 diff --git a/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/defaults/main.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/init.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/init.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/init.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/main.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/main.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/main.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 5d784ef34..9418892d3 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -22,7 +22,7 @@ systemd_services_to_stop: ['matrix-bot-matrix-reminder-bot.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml rename to roles/custom/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml diff --git a/roles/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 rename to roles/custom/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2 diff --git a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 similarity index 100% rename from roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 rename to roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/custom/matrix-bot-maubot/defaults/main.yml similarity index 100% rename from roles/matrix-bot-maubot/defaults/main.yml rename to roles/custom/matrix-bot-maubot/defaults/main.yml diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/custom/matrix-bot-maubot/tasks/init.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/init.yml rename to roles/custom/matrix-bot-maubot/tasks/init.yml diff --git a/roles/matrix-bot-maubot/tasks/main.yml b/roles/custom/matrix-bot-maubot/tasks/main.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/main.yml rename to roles/custom/matrix-bot-maubot/tasks/main.yml diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/setup_install.yml rename to roles/custom/matrix-bot-maubot/tasks/setup_install.yml diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-maubot/tasks/validate_config.yml b/roles/custom/matrix-bot-maubot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-maubot/tasks/validate_config.yml rename to roles/custom/matrix-bot-maubot/tasks/validate_config.yml diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/custom/matrix-bot-maubot/templates/config/config.yaml.j2 similarity index 100% rename from roles/matrix-bot-maubot/templates/config/config.yaml.j2 rename to roles/custom/matrix-bot-maubot/templates/config/config.yaml.j2 diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 similarity index 100% rename from roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 rename to roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 diff --git a/roles/matrix-bot-mjolnir/defaults/main.yml b/roles/custom/matrix-bot-mjolnir/defaults/main.yml similarity index 100% rename from roles/matrix-bot-mjolnir/defaults/main.yml rename to roles/custom/matrix-bot-mjolnir/defaults/main.yml diff --git a/roles/matrix-bot-mjolnir/tasks/init.yml b/roles/custom/matrix-bot-mjolnir/tasks/init.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/init.yml rename to roles/custom/matrix-bot-mjolnir/tasks/init.yml diff --git a/roles/matrix-bot-mjolnir/tasks/main.yml b/roles/custom/matrix-bot-mjolnir/tasks/main.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/main.yml rename to roles/custom/matrix-bot-mjolnir/tasks/main.yml diff --git a/roles/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/setup_install.yml rename to roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml diff --git a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-mjolnir/tasks/validate_config.yml b/roles/custom/matrix-bot-mjolnir/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-mjolnir/tasks/validate_config.yml rename to roles/custom/matrix-bot-mjolnir/tasks/validate_config.yml diff --git a/roles/matrix-bot-mjolnir/templates/production.yaml.j2 b/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 similarity index 100% rename from roles/matrix-bot-mjolnir/templates/production.yaml.j2 rename to roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2 diff --git a/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 similarity index 100% rename from roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 rename to roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml similarity index 100% rename from roles/matrix-bot-postmoogle/defaults/main.yml rename to roles/custom/matrix-bot-postmoogle/defaults/main.yml diff --git a/roles/matrix-bot-postmoogle/tasks/init.yml b/roles/custom/matrix-bot-postmoogle/tasks/init.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/init.yml rename to roles/custom/matrix-bot-postmoogle/tasks/init.yml diff --git a/roles/matrix-bot-postmoogle/tasks/main.yml b/roles/custom/matrix-bot-postmoogle/tasks/main.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/main.yml rename to roles/custom/matrix-bot-postmoogle/tasks/main.yml diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bot-postmoogle/tasks/setup_install.yml rename to roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml index 5edfd4a9b..852b5b1a4 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml @@ -18,7 +18,7 @@ systemd_services_to_stop: ['matrix-bot-postmoogle.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml rename to roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml diff --git a/roles/matrix-bot-postmoogle/tasks/validate_config.yml b/roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bot-postmoogle/tasks/validate_config.yml rename to roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/custom/matrix-bot-postmoogle/templates/env.j2 similarity index 100% rename from roles/matrix-bot-postmoogle/templates/env.j2 rename to roles/custom/matrix-bot-postmoogle/templates/env.j2 diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 similarity index 100% rename from roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 rename to roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 diff --git a/roles/matrix-bridge-appservice-discord/defaults/main.yml b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-discord/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/init.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/main.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-appservice-discord/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index 3ef48c3df..ffba95b69 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -22,7 +22,7 @@ systemd_services_to_stop: ['matrix-appservice-discord.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-discord/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-discord/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 rename to roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-irc/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/main.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-irc/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-irc/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 rename to roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/node-config.json.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 rename to roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-slack/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/main.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-slack/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-slack/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-slack/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-slack/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 rename to roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/defaults/main.yml b/roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/defaults/main.yml rename to roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/init.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/init.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/main.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/main.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/main.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/validate_config.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/tasks/validate_config.yml rename to roles/custom/matrix-bridge-appservice-webhooks/tasks/validate_config.yml diff --git a/roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/templates/database.json.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/database.json.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/database.json.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/database.json.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/schema.yml.j2 diff --git a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 similarity index 100% rename from roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 rename to roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/defaults/main.yml rename to roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/init.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/init.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/main.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/main.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/main.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml rename to roles/custom/matrix-bridge-beeper-linkedin/tasks/validate_config.yml diff --git a/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 similarity index 100% rename from roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 rename to roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 diff --git a/roles/matrix-bridge-go-skype-bridge/defaults/main.yml b/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/defaults/main.yml rename to roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/init.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/init.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/init.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/main.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/main.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/main.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 82ccc72c3..001855fd1 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -31,7 +31,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/validate_config.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/tasks/validate_config.yml rename to roles/custom/matrix-bridge-go-skype-bridge/tasks/validate_config.yml diff --git a/roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-go-skype-bridge/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 similarity index 100% rename from roles/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 rename to roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/defaults/main.yml rename to roles/custom/matrix-bridge-heisenbridge/defaults/main.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/init.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/init.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/init.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/main.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/main.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/main.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/setup_install.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml diff --git a/roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 similarity index 100% rename from roles/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 rename to roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-hookshot/defaults/main.yml rename to roles/custom/matrix-bridge-hookshot/defaults/main.yml diff --git a/roles/matrix-bridge-hookshot/files/.gitkeep b/roles/custom/matrix-bridge-hookshot/files/.gitkeep similarity index 100% rename from roles/matrix-bridge-hookshot/files/.gitkeep rename to roles/custom/matrix-bridge-hookshot/files/.gitkeep diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/custom/matrix-bridge-hookshot/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/init.yml rename to roles/custom/matrix-bridge-hookshot/tasks/init.yml diff --git a/roles/matrix-bridge-hookshot/tasks/main.yml b/roles/custom/matrix-bridge-hookshot/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/main.yml rename to roles/custom/matrix-bridge-hookshot/tasks/main.yml diff --git a/roles/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/setup_install.yml rename to roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml diff --git a/roles/matrix-bridge-hookshot/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-hookshot/tasks/validate_config.yml b/roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-hookshot/tasks/validate_config.yml rename to roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 similarity index 100% rename from roles/matrix-bridge-hookshot/templates/config.yml.j2 rename to roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 diff --git a/roles/matrix-bridge-hookshot/templates/registration.yml.j2 b/roles/custom/matrix-bridge-hookshot/templates/registration.yml.j2 similarity index 100% rename from roles/matrix-bridge-hookshot/templates/registration.yml.j2 rename to roles/custom/matrix-bridge-hookshot/templates/registration.yml.j2 diff --git a/roles/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 similarity index 100% rename from roles/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 rename to roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 diff --git a/roles/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml index ae3862d47..ef36acf53 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -31,7 +31,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-discord/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-discord/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 rename to roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 651e77942..9ea0e7a4a 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-facebook.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 rename to roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 diff --git a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index 2e043def2..27ef80c65 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-googlechat.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 rename to roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index e62ef21c0..65241a332 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-hangouts.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 rename to roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-instagram/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 rename to roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-signal/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-signal/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/env.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/env.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/env.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/env.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 rename to roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 3d6e66f67..05c5121a8 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -30,7 +30,7 @@ systemd_services_to_stop: ['matrix-mautrix-telegram.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-telegram/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 rename to roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-twitter/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 rename to roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/init.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/main.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/main.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index 20dd2cc10..d50be0a4a 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -31,7 +31,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 rename to roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index 715c9e422..d9b330bb7 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -64,7 +64,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-discord.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-discord/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index 4e33961b6..cee7f41e3 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -62,7 +62,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-groupme.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-groupme/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-groupme/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 7b1a26eed..9f0468c17 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -31,7 +31,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-instagram.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-instagram/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-instagram/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index db5841240..78ac6f082 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -58,7 +58,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-slack.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-slack/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index 9875dcce4..0cccd7fe6 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -62,7 +62,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-steam.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-steam/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-steam/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 diff --git a/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/init.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/main.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/main.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml similarity index 99% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 87da97b9f..167a62bb2 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -62,7 +62,7 @@ systemd_services_to_stop: ['matrix-mx-puppet-twitter.service'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml rename to roles/custom/matrix-bridge-mx-puppet-twitter/tasks/validate_config.yml diff --git a/roles/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 rename to roles/custom/matrix-bridge-mx-puppet-twitter/templates/config.yaml.j2 diff --git a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 similarity index 100% rename from roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 rename to roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 diff --git a/roles/matrix-bridge-sms/defaults/main.yml b/roles/custom/matrix-bridge-sms/defaults/main.yml similarity index 100% rename from roles/matrix-bridge-sms/defaults/main.yml rename to roles/custom/matrix-bridge-sms/defaults/main.yml diff --git a/roles/matrix-bridge-sms/tasks/init.yml b/roles/custom/matrix-bridge-sms/tasks/init.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/init.yml rename to roles/custom/matrix-bridge-sms/tasks/init.yml diff --git a/roles/matrix-bridge-sms/tasks/main.yml b/roles/custom/matrix-bridge-sms/tasks/main.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/main.yml rename to roles/custom/matrix-bridge-sms/tasks/main.yml diff --git a/roles/matrix-bridge-sms/tasks/setup_install.yml b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/setup_install.yml rename to roles/custom/matrix-bridge-sms/tasks/setup_install.yml diff --git a/roles/matrix-bridge-sms/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/setup_uninstall.yml rename to roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml diff --git a/roles/matrix-bridge-sms/tasks/validate_config.yml b/roles/custom/matrix-bridge-sms/tasks/validate_config.yml similarity index 100% rename from roles/matrix-bridge-sms/tasks/validate_config.yml rename to roles/custom/matrix-bridge-sms/tasks/validate_config.yml diff --git a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 similarity index 100% rename from roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 rename to roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 diff --git a/roles/matrix-cactus-comments/defaults/main.yml b/roles/custom/matrix-cactus-comments/defaults/main.yml similarity index 100% rename from roles/matrix-cactus-comments/defaults/main.yml rename to roles/custom/matrix-cactus-comments/defaults/main.yml diff --git a/roles/matrix-cactus-comments/tasks/init.yml b/roles/custom/matrix-cactus-comments/tasks/init.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/init.yml rename to roles/custom/matrix-cactus-comments/tasks/init.yml diff --git a/roles/matrix-cactus-comments/tasks/main.yml b/roles/custom/matrix-cactus-comments/tasks/main.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/main.yml rename to roles/custom/matrix-cactus-comments/tasks/main.yml diff --git a/roles/matrix-cactus-comments/tasks/setup_install.yml b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/setup_install.yml rename to roles/custom/matrix-cactus-comments/tasks/setup_install.yml diff --git a/roles/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/setup_uninstall.yml rename to roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml diff --git a/roles/matrix-cactus-comments/tasks/validate_config.yml b/roles/custom/matrix-cactus-comments/tasks/validate_config.yml similarity index 100% rename from roles/matrix-cactus-comments/tasks/validate_config.yml rename to roles/custom/matrix-cactus-comments/tasks/validate_config.yml diff --git a/roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 b/roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 similarity index 100% rename from roles/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 rename to roles/custom/matrix-cactus-comments/templates/cactus_appservice.yaml.j2 diff --git a/roles/matrix-cactus-comments/templates/env.j2 b/roles/custom/matrix-cactus-comments/templates/env.j2 similarity index 100% rename from roles/matrix-cactus-comments/templates/env.j2 rename to roles/custom/matrix-cactus-comments/templates/env.j2 diff --git a/roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 similarity index 100% rename from roles/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 rename to roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/custom/matrix-client-cinny/defaults/main.yml similarity index 100% rename from roles/matrix-client-cinny/defaults/main.yml rename to roles/custom/matrix-client-cinny/defaults/main.yml diff --git a/roles/matrix-client-cinny/tasks/init.yml b/roles/custom/matrix-client-cinny/tasks/init.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/init.yml rename to roles/custom/matrix-client-cinny/tasks/init.yml diff --git a/roles/matrix-client-cinny/tasks/main.yml b/roles/custom/matrix-client-cinny/tasks/main.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/main.yml rename to roles/custom/matrix-client-cinny/tasks/main.yml diff --git a/roles/matrix-client-cinny/tasks/self_check.yml b/roles/custom/matrix-client-cinny/tasks/self_check.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/self_check.yml rename to roles/custom/matrix-client-cinny/tasks/self_check.yml diff --git a/roles/matrix-client-cinny/tasks/setup_install.yml b/roles/custom/matrix-client-cinny/tasks/setup_install.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/setup_install.yml rename to roles/custom/matrix-client-cinny/tasks/setup_install.yml diff --git a/roles/matrix-client-cinny/tasks/setup_uninstall.yml b/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/setup_uninstall.yml rename to roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml diff --git a/roles/matrix-client-cinny/tasks/validate_config.yml b/roles/custom/matrix-client-cinny/tasks/validate_config.yml similarity index 100% rename from roles/matrix-client-cinny/tasks/validate_config.yml rename to roles/custom/matrix-client-cinny/tasks/validate_config.yml diff --git a/roles/matrix-client-cinny/templates/config.json.j2 b/roles/custom/matrix-client-cinny/templates/config.json.j2 similarity index 100% rename from roles/matrix-client-cinny/templates/config.json.j2 rename to roles/custom/matrix-client-cinny/templates/config.json.j2 diff --git a/roles/matrix-client-cinny/templates/nginx.conf.j2 b/roles/custom/matrix-client-cinny/templates/nginx.conf.j2 similarity index 100% rename from roles/matrix-client-cinny/templates/nginx.conf.j2 rename to roles/custom/matrix-client-cinny/templates/nginx.conf.j2 diff --git a/roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 similarity index 100% rename from roles/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 rename to roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml similarity index 100% rename from roles/matrix-client-element/defaults/main.yml rename to roles/custom/matrix-client-element/defaults/main.yml diff --git a/roles/matrix-client-element/tasks/init.yml b/roles/custom/matrix-client-element/tasks/init.yml similarity index 100% rename from roles/matrix-client-element/tasks/init.yml rename to roles/custom/matrix-client-element/tasks/init.yml diff --git a/roles/matrix-client-element/tasks/main.yml b/roles/custom/matrix-client-element/tasks/main.yml similarity index 100% rename from roles/matrix-client-element/tasks/main.yml rename to roles/custom/matrix-client-element/tasks/main.yml diff --git a/roles/matrix-client-element/tasks/migrate_riot_web.yml b/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml similarity index 100% rename from roles/matrix-client-element/tasks/migrate_riot_web.yml rename to roles/custom/matrix-client-element/tasks/migrate_riot_web.yml diff --git a/roles/matrix-client-element/tasks/prepare_themes.yml b/roles/custom/matrix-client-element/tasks/prepare_themes.yml similarity index 100% rename from roles/matrix-client-element/tasks/prepare_themes.yml rename to roles/custom/matrix-client-element/tasks/prepare_themes.yml diff --git a/roles/matrix-client-element/tasks/self_check.yml b/roles/custom/matrix-client-element/tasks/self_check.yml similarity index 100% rename from roles/matrix-client-element/tasks/self_check.yml rename to roles/custom/matrix-client-element/tasks/self_check.yml diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/custom/matrix-client-element/tasks/setup_install.yml similarity index 100% rename from roles/matrix-client-element/tasks/setup_install.yml rename to roles/custom/matrix-client-element/tasks/setup_install.yml diff --git a/roles/matrix-client-element/tasks/setup_uninstall.yml b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-client-element/tasks/setup_uninstall.yml rename to roles/custom/matrix-client-element/tasks/setup_uninstall.yml diff --git a/roles/matrix-client-element/tasks/validate_config.yml b/roles/custom/matrix-client-element/tasks/validate_config.yml similarity index 100% rename from roles/matrix-client-element/tasks/validate_config.yml rename to roles/custom/matrix-client-element/tasks/validate_config.yml diff --git a/roles/matrix-client-element/templates/config.json.j2 b/roles/custom/matrix-client-element/templates/config.json.j2 similarity index 100% rename from roles/matrix-client-element/templates/config.json.j2 rename to roles/custom/matrix-client-element/templates/config.json.j2 diff --git a/roles/matrix-client-element/templates/nginx.conf.j2 b/roles/custom/matrix-client-element/templates/nginx.conf.j2 similarity index 100% rename from roles/matrix-client-element/templates/nginx.conf.j2 rename to roles/custom/matrix-client-element/templates/nginx.conf.j2 diff --git a/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 similarity index 100% rename from roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 rename to roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 diff --git a/roles/matrix-client-element/templates/welcome.html.j2 b/roles/custom/matrix-client-element/templates/welcome.html.j2 similarity index 100% rename from roles/matrix-client-element/templates/welcome.html.j2 rename to roles/custom/matrix-client-element/templates/welcome.html.j2 diff --git a/roles/matrix-client-element/vars/main.yml b/roles/custom/matrix-client-element/vars/main.yml similarity index 100% rename from roles/matrix-client-element/vars/main.yml rename to roles/custom/matrix-client-element/vars/main.yml diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml similarity index 100% rename from roles/matrix-client-hydrogen/defaults/main.yml rename to roles/custom/matrix-client-hydrogen/defaults/main.yml diff --git a/roles/matrix-client-hydrogen/tasks/init.yml b/roles/custom/matrix-client-hydrogen/tasks/init.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/init.yml rename to roles/custom/matrix-client-hydrogen/tasks/init.yml diff --git a/roles/matrix-client-hydrogen/tasks/main.yml b/roles/custom/matrix-client-hydrogen/tasks/main.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/main.yml rename to roles/custom/matrix-client-hydrogen/tasks/main.yml diff --git a/roles/matrix-client-hydrogen/tasks/self_check.yml b/roles/custom/matrix-client-hydrogen/tasks/self_check.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/self_check.yml rename to roles/custom/matrix-client-hydrogen/tasks/self_check.yml diff --git a/roles/matrix-client-hydrogen/tasks/setup_install.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/setup_install.yml rename to roles/custom/matrix-client-hydrogen/tasks/setup_install.yml diff --git a/roles/matrix-client-hydrogen/tasks/setup_uninstall.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/setup_uninstall.yml rename to roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml diff --git a/roles/matrix-client-hydrogen/tasks/validate_config.yml b/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml similarity index 100% rename from roles/matrix-client-hydrogen/tasks/validate_config.yml rename to roles/custom/matrix-client-hydrogen/tasks/validate_config.yml diff --git a/roles/matrix-client-hydrogen/templates/config.json.j2 b/roles/custom/matrix-client-hydrogen/templates/config.json.j2 similarity index 100% rename from roles/matrix-client-hydrogen/templates/config.json.j2 rename to roles/custom/matrix-client-hydrogen/templates/config.json.j2 diff --git a/roles/matrix-client-hydrogen/templates/nginx.conf.j2 b/roles/custom/matrix-client-hydrogen/templates/nginx.conf.j2 similarity index 100% rename from roles/matrix-client-hydrogen/templates/nginx.conf.j2 rename to roles/custom/matrix-client-hydrogen/templates/nginx.conf.j2 diff --git a/roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 similarity index 100% rename from roles/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 rename to roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 diff --git a/roles/matrix-common-after/defaults/main.yml b/roles/custom/matrix-common-after/defaults/main.yml similarity index 100% rename from roles/matrix-common-after/defaults/main.yml rename to roles/custom/matrix-common-after/defaults/main.yml diff --git a/roles/matrix-common-after/tasks/dump_runtime_results.yml b/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml similarity index 100% rename from roles/matrix-common-after/tasks/dump_runtime_results.yml rename to roles/custom/matrix-common-after/tasks/dump_runtime_results.yml diff --git a/roles/matrix-common-after/tasks/main.yml b/roles/custom/matrix-common-after/tasks/main.yml similarity index 100% rename from roles/matrix-common-after/tasks/main.yml rename to roles/custom/matrix-common-after/tasks/main.yml diff --git a/roles/matrix-common-after/tasks/run_docker_prune.yml b/roles/custom/matrix-common-after/tasks/run_docker_prune.yml similarity index 100% rename from roles/matrix-common-after/tasks/run_docker_prune.yml rename to roles/custom/matrix-common-after/tasks/run_docker_prune.yml diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/custom/matrix-common-after/tasks/start.yml similarity index 97% rename from roles/matrix-common-after/tasks/start.yml rename to roles/custom/matrix-common-after/tasks/start.yml index c88eb64f5..a781dab75 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/custom/matrix-common-after/tasks/start.yml @@ -47,7 +47,7 @@ Try running `systemctl status {{ item }}` and `journalctl -fu {{ item }}` on the server to investigate. If you're on a slow or overloaded server, it may be that services take a longer time to start and that this error is a false-positive. You can consider raising the value of the `matrix_common_after_systemd_service_start_wait_for_timeout_seconds` variable. - See `roles/matrix-common-after/defaults/main.yml` for more details about that. + See `roles/custom/matrix-common-after/defaults/main.yml` for more details about that. with_items: "{{ matrix_systemd_services_list }}" when: - "item.endswith('.service') and (ansible_facts.services[item] | default(none) is none or ansible_facts.services[item].state != 'running')" diff --git a/roles/matrix-common-after/tasks/stop.yml b/roles/custom/matrix-common-after/tasks/stop.yml similarity index 100% rename from roles/matrix-common-after/tasks/stop.yml rename to roles/custom/matrix-common-after/tasks/stop.yml diff --git a/roles/matrix-conduit/defaults/main.yml b/roles/custom/matrix-conduit/defaults/main.yml similarity index 100% rename from roles/matrix-conduit/defaults/main.yml rename to roles/custom/matrix-conduit/defaults/main.yml diff --git a/roles/matrix-conduit/tasks/conduit/setup.yml b/roles/custom/matrix-conduit/tasks/conduit/setup.yml similarity index 100% rename from roles/matrix-conduit/tasks/conduit/setup.yml rename to roles/custom/matrix-conduit/tasks/conduit/setup.yml diff --git a/roles/matrix-conduit/tasks/conduit/setup_install.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml similarity index 100% rename from roles/matrix-conduit/tasks/conduit/setup_install.yml rename to roles/custom/matrix-conduit/tasks/conduit/setup_install.yml diff --git a/roles/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml similarity index 100% rename from roles/matrix-conduit/tasks/conduit/setup_uninstall.yml rename to roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml diff --git a/roles/matrix-conduit/tasks/init.yml b/roles/custom/matrix-conduit/tasks/init.yml similarity index 100% rename from roles/matrix-conduit/tasks/init.yml rename to roles/custom/matrix-conduit/tasks/init.yml diff --git a/roles/matrix-conduit/tasks/main.yml b/roles/custom/matrix-conduit/tasks/main.yml similarity index 100% rename from roles/matrix-conduit/tasks/main.yml rename to roles/custom/matrix-conduit/tasks/main.yml diff --git a/roles/matrix-conduit/templates/conduit/conduit.toml.j2 b/roles/custom/matrix-conduit/templates/conduit/conduit.toml.j2 similarity index 100% rename from roles/matrix-conduit/templates/conduit/conduit.toml.j2 rename to roles/custom/matrix-conduit/templates/conduit/conduit.toml.j2 diff --git a/roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 similarity index 100% rename from roles/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 rename to roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 diff --git a/roles/matrix-conduit/vars/main.yml b/roles/custom/matrix-conduit/vars/main.yml similarity index 100% rename from roles/matrix-conduit/vars/main.yml rename to roles/custom/matrix-conduit/vars/main.yml diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/custom/matrix-corporal/defaults/main.yml similarity index 100% rename from roles/matrix-corporal/defaults/main.yml rename to roles/custom/matrix-corporal/defaults/main.yml diff --git a/roles/matrix-corporal/tasks/init.yml b/roles/custom/matrix-corporal/tasks/init.yml similarity index 100% rename from roles/matrix-corporal/tasks/init.yml rename to roles/custom/matrix-corporal/tasks/init.yml diff --git a/roles/matrix-corporal/tasks/main.yml b/roles/custom/matrix-corporal/tasks/main.yml similarity index 100% rename from roles/matrix-corporal/tasks/main.yml rename to roles/custom/matrix-corporal/tasks/main.yml diff --git a/roles/matrix-corporal/tasks/self_check_corporal.yml b/roles/custom/matrix-corporal/tasks/self_check_corporal.yml similarity index 100% rename from roles/matrix-corporal/tasks/self_check_corporal.yml rename to roles/custom/matrix-corporal/tasks/self_check_corporal.yml diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/custom/matrix-corporal/tasks/setup_corporal.yml similarity index 100% rename from roles/matrix-corporal/tasks/setup_corporal.yml rename to roles/custom/matrix-corporal/tasks/setup_corporal.yml diff --git a/roles/matrix-corporal/tasks/validate_config.yml b/roles/custom/matrix-corporal/tasks/validate_config.yml similarity index 100% rename from roles/matrix-corporal/tasks/validate_config.yml rename to roles/custom/matrix-corporal/tasks/validate_config.yml diff --git a/roles/matrix-corporal/templates/config.json.j2 b/roles/custom/matrix-corporal/templates/config.json.j2 similarity index 100% rename from roles/matrix-corporal/templates/config.json.j2 rename to roles/custom/matrix-corporal/templates/config.json.j2 diff --git a/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 similarity index 100% rename from roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 rename to roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/custom/matrix-coturn/defaults/main.yml similarity index 100% rename from roles/matrix-coturn/defaults/main.yml rename to roles/custom/matrix-coturn/defaults/main.yml diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/custom/matrix-coturn/tasks/init.yml similarity index 100% rename from roles/matrix-coturn/tasks/init.yml rename to roles/custom/matrix-coturn/tasks/init.yml diff --git a/roles/matrix-coturn/tasks/main.yml b/roles/custom/matrix-coturn/tasks/main.yml similarity index 100% rename from roles/matrix-coturn/tasks/main.yml rename to roles/custom/matrix-coturn/tasks/main.yml diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/custom/matrix-coturn/tasks/setup_install.yml similarity index 100% rename from roles/matrix-coturn/tasks/setup_install.yml rename to roles/custom/matrix-coturn/tasks/setup_install.yml diff --git a/roles/matrix-coturn/tasks/setup_uninstall.yml b/roles/custom/matrix-coturn/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-coturn/tasks/setup_uninstall.yml rename to roles/custom/matrix-coturn/tasks/setup_uninstall.yml diff --git a/roles/matrix-coturn/tasks/validate_config.yml b/roles/custom/matrix-coturn/tasks/validate_config.yml similarity index 100% rename from roles/matrix-coturn/tasks/validate_config.yml rename to roles/custom/matrix-coturn/tasks/validate_config.yml diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 similarity index 100% rename from roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 rename to roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 similarity index 100% rename from roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 rename to roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 similarity index 100% rename from roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 rename to roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 diff --git a/roles/matrix-coturn/templates/turnserver.conf.j2 b/roles/custom/matrix-coturn/templates/turnserver.conf.j2 similarity index 100% rename from roles/matrix-coturn/templates/turnserver.conf.j2 rename to roles/custom/matrix-coturn/templates/turnserver.conf.j2 diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/custom/matrix-dendrite/defaults/main.yml similarity index 100% rename from roles/matrix-dendrite/defaults/main.yml rename to roles/custom/matrix-dendrite/defaults/main.yml diff --git a/roles/matrix-dendrite/tasks/dendrite/setup.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup.yml similarity index 100% rename from roles/matrix-dendrite/tasks/dendrite/setup.yml rename to roles/custom/matrix-dendrite/tasks/dendrite/setup.yml diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml similarity index 100% rename from roles/matrix-dendrite/tasks/dendrite/setup_install.yml rename to roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml diff --git a/roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml similarity index 100% rename from roles/matrix-dendrite/tasks/dendrite/setup_uninstall.yml rename to roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml diff --git a/roles/matrix-dendrite/tasks/init.yml b/roles/custom/matrix-dendrite/tasks/init.yml similarity index 100% rename from roles/matrix-dendrite/tasks/init.yml rename to roles/custom/matrix-dendrite/tasks/init.yml diff --git a/roles/matrix-dendrite/tasks/main.yml b/roles/custom/matrix-dendrite/tasks/main.yml similarity index 100% rename from roles/matrix-dendrite/tasks/main.yml rename to roles/custom/matrix-dendrite/tasks/main.yml diff --git a/roles/matrix-dendrite/tasks/register_user.yml b/roles/custom/matrix-dendrite/tasks/register_user.yml similarity index 100% rename from roles/matrix-dendrite/tasks/register_user.yml rename to roles/custom/matrix-dendrite/tasks/register_user.yml diff --git a/roles/matrix-dendrite/tasks/self_check_client_api.yml b/roles/custom/matrix-dendrite/tasks/self_check_client_api.yml similarity index 100% rename from roles/matrix-dendrite/tasks/self_check_client_api.yml rename to roles/custom/matrix-dendrite/tasks/self_check_client_api.yml diff --git a/roles/matrix-dendrite/tasks/self_check_federation_api.yml b/roles/custom/matrix-dendrite/tasks/self_check_federation_api.yml similarity index 100% rename from roles/matrix-dendrite/tasks/self_check_federation_api.yml rename to roles/custom/matrix-dendrite/tasks/self_check_federation_api.yml diff --git a/roles/matrix-dendrite/tasks/setup_dendrite.yml b/roles/custom/matrix-dendrite/tasks/setup_dendrite.yml similarity index 100% rename from roles/matrix-dendrite/tasks/setup_dendrite.yml rename to roles/custom/matrix-dendrite/tasks/setup_dendrite.yml diff --git a/roles/matrix-dendrite/tasks/validate_config.yml b/roles/custom/matrix-dendrite/tasks/validate_config.yml similarity index 100% rename from roles/matrix-dendrite/tasks/validate_config.yml rename to roles/custom/matrix-dendrite/tasks/validate_config.yml diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 similarity index 100% rename from roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 rename to roles/custom/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 diff --git a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 similarity index 100% rename from roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 rename to roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/custom/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 similarity index 100% rename from roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 rename to roles/custom/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 diff --git a/roles/matrix-dendrite/vars/main.yml b/roles/custom/matrix-dendrite/vars/main.yml similarity index 100% rename from roles/matrix-dendrite/vars/main.yml rename to roles/custom/matrix-dendrite/vars/main.yml diff --git a/roles/matrix-dimension/defaults/main.yml b/roles/custom/matrix-dimension/defaults/main.yml similarity index 100% rename from roles/matrix-dimension/defaults/main.yml rename to roles/custom/matrix-dimension/defaults/main.yml diff --git a/roles/matrix-dimension/tasks/init.yml b/roles/custom/matrix-dimension/tasks/init.yml similarity index 100% rename from roles/matrix-dimension/tasks/init.yml rename to roles/custom/matrix-dimension/tasks/init.yml diff --git a/roles/matrix-dimension/tasks/main.yml b/roles/custom/matrix-dimension/tasks/main.yml similarity index 100% rename from roles/matrix-dimension/tasks/main.yml rename to roles/custom/matrix-dimension/tasks/main.yml diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/custom/matrix-dimension/tasks/setup_install.yml similarity index 99% rename from roles/matrix-dimension/tasks/setup_install.yml rename to roles/custom/matrix-dimension/tasks/setup_install.yml index fc4763973..a16d0407a 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/custom/matrix-dimension/tasks/setup_install.yml @@ -64,7 +64,7 @@ additional_psql_statements_db_name: "{{ matrix_dimension_database_name }}" - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-dimension/tasks/setup_uninstall.yml b/roles/custom/matrix-dimension/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-dimension/tasks/setup_uninstall.yml rename to roles/custom/matrix-dimension/tasks/setup_uninstall.yml diff --git a/roles/matrix-dimension/tasks/validate_config.yml b/roles/custom/matrix-dimension/tasks/validate_config.yml similarity index 100% rename from roles/matrix-dimension/tasks/validate_config.yml rename to roles/custom/matrix-dimension/tasks/validate_config.yml diff --git a/roles/matrix-dimension/templates/config.yaml.j2 b/roles/custom/matrix-dimension/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-dimension/templates/config.yaml.j2 rename to roles/custom/matrix-dimension/templates/config.yaml.j2 diff --git a/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 similarity index 100% rename from roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 rename to roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 diff --git a/roles/matrix-dimension/vars/main.yml b/roles/custom/matrix-dimension/vars/main.yml similarity index 100% rename from roles/matrix-dimension/vars/main.yml rename to roles/custom/matrix-dimension/vars/main.yml diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/custom/matrix-dynamic-dns/defaults/main.yml similarity index 100% rename from roles/matrix-dynamic-dns/defaults/main.yml rename to roles/custom/matrix-dynamic-dns/defaults/main.yml diff --git a/roles/matrix-dynamic-dns/tasks/init.yml b/roles/custom/matrix-dynamic-dns/tasks/init.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/init.yml rename to roles/custom/matrix-dynamic-dns/tasks/init.yml diff --git a/roles/matrix-dynamic-dns/tasks/install.yml b/roles/custom/matrix-dynamic-dns/tasks/install.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/install.yml rename to roles/custom/matrix-dynamic-dns/tasks/install.yml diff --git a/roles/matrix-dynamic-dns/tasks/main.yml b/roles/custom/matrix-dynamic-dns/tasks/main.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/main.yml rename to roles/custom/matrix-dynamic-dns/tasks/main.yml diff --git a/roles/matrix-dynamic-dns/tasks/uninstall.yml b/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/uninstall.yml rename to roles/custom/matrix-dynamic-dns/tasks/uninstall.yml diff --git a/roles/matrix-dynamic-dns/tasks/validate_config.yml b/roles/custom/matrix-dynamic-dns/tasks/validate_config.yml similarity index 100% rename from roles/matrix-dynamic-dns/tasks/validate_config.yml rename to roles/custom/matrix-dynamic-dns/tasks/validate_config.yml diff --git a/roles/matrix-dynamic-dns/templates/ddclient.conf.j2 b/roles/custom/matrix-dynamic-dns/templates/ddclient.conf.j2 similarity index 100% rename from roles/matrix-dynamic-dns/templates/ddclient.conf.j2 rename to roles/custom/matrix-dynamic-dns/templates/ddclient.conf.j2 diff --git a/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 similarity index 100% rename from roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 rename to roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 diff --git a/roles/matrix-email2matrix/defaults/main.yml b/roles/custom/matrix-email2matrix/defaults/main.yml similarity index 100% rename from roles/matrix-email2matrix/defaults/main.yml rename to roles/custom/matrix-email2matrix/defaults/main.yml diff --git a/roles/matrix-email2matrix/tasks/init.yml b/roles/custom/matrix-email2matrix/tasks/init.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/init.yml rename to roles/custom/matrix-email2matrix/tasks/init.yml diff --git a/roles/matrix-email2matrix/tasks/main.yml b/roles/custom/matrix-email2matrix/tasks/main.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/main.yml rename to roles/custom/matrix-email2matrix/tasks/main.yml diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/custom/matrix-email2matrix/tasks/setup_install.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/setup_install.yml rename to roles/custom/matrix-email2matrix/tasks/setup_install.yml diff --git a/roles/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/setup_uninstall.yml rename to roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml diff --git a/roles/matrix-email2matrix/tasks/validate_config.yml b/roles/custom/matrix-email2matrix/tasks/validate_config.yml similarity index 100% rename from roles/matrix-email2matrix/tasks/validate_config.yml rename to roles/custom/matrix-email2matrix/tasks/validate_config.yml diff --git a/roles/matrix-email2matrix/templates/config.json.j2 b/roles/custom/matrix-email2matrix/templates/config.json.j2 similarity index 100% rename from roles/matrix-email2matrix/templates/config.json.j2 rename to roles/custom/matrix-email2matrix/templates/config.json.j2 diff --git a/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 similarity index 100% rename from roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 rename to roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 diff --git a/roles/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml similarity index 100% rename from roles/matrix-etherpad/defaults/main.yml rename to roles/custom/matrix-etherpad/defaults/main.yml diff --git a/roles/matrix-etherpad/tasks/init.yml b/roles/custom/matrix-etherpad/tasks/init.yml similarity index 100% rename from roles/matrix-etherpad/tasks/init.yml rename to roles/custom/matrix-etherpad/tasks/init.yml diff --git a/roles/matrix-etherpad/tasks/main.yml b/roles/custom/matrix-etherpad/tasks/main.yml similarity index 100% rename from roles/matrix-etherpad/tasks/main.yml rename to roles/custom/matrix-etherpad/tasks/main.yml diff --git a/roles/matrix-etherpad/tasks/setup_install.yml b/roles/custom/matrix-etherpad/tasks/setup_install.yml similarity index 100% rename from roles/matrix-etherpad/tasks/setup_install.yml rename to roles/custom/matrix-etherpad/tasks/setup_install.yml diff --git a/roles/matrix-etherpad/tasks/setup_uninstall.yml b/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-etherpad/tasks/setup_uninstall.yml rename to roles/custom/matrix-etherpad/tasks/setup_uninstall.yml diff --git a/roles/matrix-etherpad/tasks/validate_config.yml b/roles/custom/matrix-etherpad/tasks/validate_config.yml similarity index 100% rename from roles/matrix-etherpad/tasks/validate_config.yml rename to roles/custom/matrix-etherpad/tasks/validate_config.yml diff --git a/roles/matrix-etherpad/templates/settings.json.j2 b/roles/custom/matrix-etherpad/templates/settings.json.j2 similarity index 100% rename from roles/matrix-etherpad/templates/settings.json.j2 rename to roles/custom/matrix-etherpad/templates/settings.json.j2 diff --git a/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 similarity index 100% rename from roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 rename to roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/custom/matrix-grafana/defaults/main.yml similarity index 100% rename from roles/matrix-grafana/defaults/main.yml rename to roles/custom/matrix-grafana/defaults/main.yml diff --git a/roles/matrix-grafana/tasks/init.yml b/roles/custom/matrix-grafana/tasks/init.yml similarity index 100% rename from roles/matrix-grafana/tasks/init.yml rename to roles/custom/matrix-grafana/tasks/init.yml diff --git a/roles/matrix-grafana/tasks/main.yml b/roles/custom/matrix-grafana/tasks/main.yml similarity index 100% rename from roles/matrix-grafana/tasks/main.yml rename to roles/custom/matrix-grafana/tasks/main.yml diff --git a/roles/matrix-grafana/tasks/setup.yml b/roles/custom/matrix-grafana/tasks/setup.yml similarity index 100% rename from roles/matrix-grafana/tasks/setup.yml rename to roles/custom/matrix-grafana/tasks/setup.yml diff --git a/roles/matrix-grafana/tasks/validate_config.yml b/roles/custom/matrix-grafana/tasks/validate_config.yml similarity index 100% rename from roles/matrix-grafana/tasks/validate_config.yml rename to roles/custom/matrix-grafana/tasks/validate_config.yml diff --git a/roles/matrix-grafana/templates/dashboards.yaml.j2 b/roles/custom/matrix-grafana/templates/dashboards.yaml.j2 similarity index 100% rename from roles/matrix-grafana/templates/dashboards.yaml.j2 rename to roles/custom/matrix-grafana/templates/dashboards.yaml.j2 diff --git a/roles/matrix-grafana/templates/datasources.yaml.j2 b/roles/custom/matrix-grafana/templates/datasources.yaml.j2 similarity index 100% rename from roles/matrix-grafana/templates/datasources.yaml.j2 rename to roles/custom/matrix-grafana/templates/datasources.yaml.j2 diff --git a/roles/matrix-grafana/templates/grafana.ini.j2 b/roles/custom/matrix-grafana/templates/grafana.ini.j2 similarity index 100% rename from roles/matrix-grafana/templates/grafana.ini.j2 rename to roles/custom/matrix-grafana/templates/grafana.ini.j2 diff --git a/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 similarity index 100% rename from roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 rename to roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/custom/matrix-jitsi/defaults/main.yml similarity index 100% rename from roles/matrix-jitsi/defaults/main.yml rename to roles/custom/matrix-jitsi/defaults/main.yml diff --git a/roles/matrix-jitsi/tasks/init.yml b/roles/custom/matrix-jitsi/tasks/init.yml similarity index 100% rename from roles/matrix-jitsi/tasks/init.yml rename to roles/custom/matrix-jitsi/tasks/init.yml diff --git a/roles/matrix-jitsi/tasks/main.yml b/roles/custom/matrix-jitsi/tasks/main.yml similarity index 100% rename from roles/matrix-jitsi/tasks/main.yml rename to roles/custom/matrix-jitsi/tasks/main.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_base.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_base.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml diff --git a/roles/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml similarity index 100% rename from roles/matrix-jitsi/tasks/setup_jitsi_web.yml rename to roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml diff --git a/roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml b/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml similarity index 100% rename from roles/matrix-jitsi/tasks/util/setup_jitsi_auth.yml rename to roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml diff --git a/roles/matrix-jitsi/tasks/validate_config.yml b/roles/custom/matrix-jitsi/tasks/validate_config.yml similarity index 100% rename from roles/matrix-jitsi/tasks/validate_config.yml rename to roles/custom/matrix-jitsi/tasks/validate_config.yml diff --git a/roles/matrix-jitsi/templates/jicofo/env.j2 b/roles/custom/matrix-jitsi/templates/jicofo/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/env.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/env.j2 diff --git a/roles/matrix-jitsi/templates/jicofo/logging.properties.j2 b/roles/custom/matrix-jitsi/templates/jicofo/logging.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/logging.properties.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/logging.properties.j2 diff --git a/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 diff --git a/roles/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 b/roles/custom/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 rename to roles/custom/matrix-jitsi/templates/jicofo/sip-communicator.properties.j2 diff --git a/roles/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 b/roles/custom/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 rename to roles/custom/matrix-jitsi/templates/jvb/custom-sip-communicator.properties.j2 diff --git a/roles/matrix-jitsi/templates/jvb/env.j2 b/roles/custom/matrix-jitsi/templates/jvb/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/env.j2 rename to roles/custom/matrix-jitsi/templates/jvb/env.j2 diff --git a/roles/matrix-jitsi/templates/jvb/logging.properties.j2 b/roles/custom/matrix-jitsi/templates/jvb/logging.properties.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/logging.properties.j2 rename to roles/custom/matrix-jitsi/templates/jvb/logging.properties.j2 diff --git a/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 rename to roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 diff --git a/roles/matrix-jitsi/templates/prosody/env.j2 b/roles/custom/matrix-jitsi/templates/prosody/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/prosody/env.j2 rename to roles/custom/matrix-jitsi/templates/prosody/env.j2 diff --git a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 rename to roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 diff --git a/roles/matrix-jitsi/templates/web/custom-config.js.j2 b/roles/custom/matrix-jitsi/templates/web/custom-config.js.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/custom-config.js.j2 rename to roles/custom/matrix-jitsi/templates/web/custom-config.js.j2 diff --git a/roles/matrix-jitsi/templates/web/custom-interface_config.js.j2 b/roles/custom/matrix-jitsi/templates/web/custom-interface_config.js.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/custom-interface_config.js.j2 rename to roles/custom/matrix-jitsi/templates/web/custom-interface_config.js.j2 diff --git a/roles/matrix-jitsi/templates/web/env.j2 b/roles/custom/matrix-jitsi/templates/web/env.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/env.j2 rename to roles/custom/matrix-jitsi/templates/web/env.j2 diff --git a/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 similarity index 100% rename from roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 rename to roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 diff --git a/roles/matrix-ldap-registration-proxy/defaults/main.yml b/roles/custom/matrix-ldap-registration-proxy/defaults/main.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/defaults/main.yml rename to roles/custom/matrix-ldap-registration-proxy/defaults/main.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/init.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/init.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/init.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/init.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/main.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/main.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/main.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/main.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/setup_install.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml diff --git a/roles/matrix-ldap-registration-proxy/tasks/validate_config.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/validate_config.yml similarity index 100% rename from roles/matrix-ldap-registration-proxy/tasks/validate_config.yml rename to roles/custom/matrix-ldap-registration-proxy/tasks/validate_config.yml diff --git a/roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 similarity index 100% rename from roles/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 rename to roles/custom/matrix-ldap-registration-proxy/templates/ldap-registration-proxy.env.j2 diff --git a/roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 similarity index 100% rename from roles/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 rename to roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 diff --git a/roles/matrix-ma1sd/defaults/main.yml b/roles/custom/matrix-ma1sd/defaults/main.yml similarity index 100% rename from roles/matrix-ma1sd/defaults/main.yml rename to roles/custom/matrix-ma1sd/defaults/main.yml diff --git a/roles/matrix-ma1sd/tasks/init.yml b/roles/custom/matrix-ma1sd/tasks/init.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/init.yml rename to roles/custom/matrix-ma1sd/tasks/init.yml diff --git a/roles/matrix-ma1sd/tasks/main.yml b/roles/custom/matrix-ma1sd/tasks/main.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/main.yml rename to roles/custom/matrix-ma1sd/tasks/main.yml diff --git a/roles/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/migrate_mxisd.yml rename to roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml diff --git a/roles/matrix-ma1sd/tasks/self_check_ma1sd.yml b/roles/custom/matrix-ma1sd/tasks/self_check_ma1sd.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/self_check_ma1sd.yml rename to roles/custom/matrix-ma1sd/tasks/self_check_ma1sd.yml diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml similarity index 99% rename from roles/matrix-ma1sd/tasks/setup_install.yml rename to roles/custom/matrix-ma1sd/tasks/setup_install.yml index 38ff3036c..e474d906c 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -41,7 +41,7 @@ pgloader_options: ['--with "quote identifiers"'] - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-ma1sd/tasks/setup_uninstall.yml b/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/setup_uninstall.yml rename to roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml diff --git a/roles/matrix-ma1sd/tasks/validate_config.yml b/roles/custom/matrix-ma1sd/tasks/validate_config.yml similarity index 100% rename from roles/matrix-ma1sd/tasks/validate_config.yml rename to roles/custom/matrix-ma1sd/tasks/validate_config.yml diff --git a/roles/matrix-ma1sd/templates/ma1sd.yaml.j2 b/roles/custom/matrix-ma1sd/templates/ma1sd.yaml.j2 similarity index 100% rename from roles/matrix-ma1sd/templates/ma1sd.yaml.j2 rename to roles/custom/matrix-ma1sd/templates/ma1sd.yaml.j2 diff --git a/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 similarity index 100% rename from roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 rename to roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 diff --git a/roles/matrix-ma1sd/vars/main.yml b/roles/custom/matrix-ma1sd/vars/main.yml similarity index 100% rename from roles/matrix-ma1sd/vars/main.yml rename to roles/custom/matrix-ma1sd/vars/main.yml diff --git a/roles/matrix-mailer/defaults/main.yml b/roles/custom/matrix-mailer/defaults/main.yml similarity index 100% rename from roles/matrix-mailer/defaults/main.yml rename to roles/custom/matrix-mailer/defaults/main.yml diff --git a/roles/matrix-mailer/tasks/init.yml b/roles/custom/matrix-mailer/tasks/init.yml similarity index 100% rename from roles/matrix-mailer/tasks/init.yml rename to roles/custom/matrix-mailer/tasks/init.yml diff --git a/roles/matrix-mailer/tasks/main.yml b/roles/custom/matrix-mailer/tasks/main.yml similarity index 100% rename from roles/matrix-mailer/tasks/main.yml rename to roles/custom/matrix-mailer/tasks/main.yml diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/custom/matrix-mailer/tasks/setup_mailer.yml similarity index 100% rename from roles/matrix-mailer/tasks/setup_mailer.yml rename to roles/custom/matrix-mailer/tasks/setup_mailer.yml diff --git a/roles/matrix-mailer/templates/env-mailer.j2 b/roles/custom/matrix-mailer/templates/env-mailer.j2 similarity index 100% rename from roles/matrix-mailer/templates/env-mailer.j2 rename to roles/custom/matrix-mailer/templates/env-mailer.j2 diff --git a/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 similarity index 100% rename from roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 rename to roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml similarity index 99% rename from roles/matrix-nginx-proxy/defaults/main.yml rename to roles/custom/matrix-nginx-proxy/defaults/main.yml index c233dc43c..ca4a15e72 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml @@ -252,7 +252,7 @@ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_path: "{{ matrix_nginx_proxy_ # when `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_username` and `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_password` are provided. # This image provides the `htpasswd` tool which we use for generating the htpasswd file protecting `/metrics/*`. # To avoid using this, use `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content` instead of supplying username/password. -# Learn more in: `roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml`. +# Learn more in: `roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml`. matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image: "{{ matrix_container_global_registry_prefix }}httpd:{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag }}" matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag: "2.4.54-alpine3.16" matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag.endswith(':latest') }}" diff --git a/roles/matrix-nginx-proxy/tasks/init.yml b/roles/custom/matrix-nginx-proxy/tasks/init.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/init.yml rename to roles/custom/matrix-nginx-proxy/tasks/init.yml diff --git a/roles/matrix-nginx-proxy/tasks/main.yml b/roles/custom/matrix-nginx-proxy/tasks/main.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/main.yml rename to roles/custom/matrix-nginx-proxy/tasks/main.yml diff --git a/roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml rename to roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml b/roles/custom/matrix-nginx-proxy/tasks/self_check_well_known.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/self_check_well_known.yml rename to roles/custom/matrix-nginx-proxy/tasks/self_check_well_known.yml diff --git a/roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml b/roles/custom/matrix-nginx-proxy/tasks/self_check_well_known_file.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/self_check_well_known_file.yml rename to roles/custom/matrix-nginx-proxy/tasks/self_check_well_known_file.yml diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml rename to roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml diff --git a/roles/matrix-nginx-proxy/tasks/setup_well_known.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_well_known.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/setup_well_known.yml rename to roles/custom/matrix-nginx-proxy/tasks/setup_well_known.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/main.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/main.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/main.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/main.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/purge_ssl_lets_encrypt_orphaned_configs.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml rename to roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml diff --git a/roles/matrix-nginx-proxy/tasks/validate_config.yml b/roles/custom/matrix-nginx-proxy/tasks/validate_config.yml similarity index 100% rename from roles/matrix-nginx-proxy/tasks/validate_config.yml rename to roles/custom/matrix-nginx-proxy/tasks/validate_config.yml diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-buscarron.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-cinny.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-conduit.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dendrite.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-ntfy.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 rename to roles/custom/matrix-nginx-proxy/templates/nginx/nginx.conf.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 rename to roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 diff --git a/roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 b/roles/custom/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 similarity index 100% rename from roles/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 rename to roles/custom/matrix-nginx-proxy/templates/usr-local-bin/matrix-ssl-lets-encrypt-certificates-renew.j2 diff --git a/roles/matrix-nginx-proxy/vars/main.yml b/roles/custom/matrix-nginx-proxy/vars/main.yml similarity index 100% rename from roles/matrix-nginx-proxy/vars/main.yml rename to roles/custom/matrix-nginx-proxy/vars/main.yml diff --git a/roles/matrix-ntfy/defaults/main.yml b/roles/custom/matrix-ntfy/defaults/main.yml similarity index 100% rename from roles/matrix-ntfy/defaults/main.yml rename to roles/custom/matrix-ntfy/defaults/main.yml diff --git a/roles/matrix-ntfy/tasks/init.yml b/roles/custom/matrix-ntfy/tasks/init.yml similarity index 100% rename from roles/matrix-ntfy/tasks/init.yml rename to roles/custom/matrix-ntfy/tasks/init.yml diff --git a/roles/matrix-ntfy/tasks/main.yml b/roles/custom/matrix-ntfy/tasks/main.yml similarity index 100% rename from roles/matrix-ntfy/tasks/main.yml rename to roles/custom/matrix-ntfy/tasks/main.yml diff --git a/roles/matrix-ntfy/tasks/self_check.yml b/roles/custom/matrix-ntfy/tasks/self_check.yml similarity index 100% rename from roles/matrix-ntfy/tasks/self_check.yml rename to roles/custom/matrix-ntfy/tasks/self_check.yml diff --git a/roles/matrix-ntfy/tasks/setup_install.yml b/roles/custom/matrix-ntfy/tasks/setup_install.yml similarity index 100% rename from roles/matrix-ntfy/tasks/setup_install.yml rename to roles/custom/matrix-ntfy/tasks/setup_install.yml diff --git a/roles/matrix-ntfy/tasks/setup_uninstall.yml b/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-ntfy/tasks/setup_uninstall.yml rename to roles/custom/matrix-ntfy/tasks/setup_uninstall.yml diff --git a/roles/matrix-ntfy/templates/ntfy/server.yml.j2 b/roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 similarity index 100% rename from roles/matrix-ntfy/templates/ntfy/server.yml.j2 rename to roles/custom/matrix-ntfy/templates/ntfy/server.yml.j2 diff --git a/roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 similarity index 100% rename from roles/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 rename to roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 diff --git a/roles/matrix-postgres-backup/defaults/main.yml b/roles/custom/matrix-postgres-backup/defaults/main.yml similarity index 100% rename from roles/matrix-postgres-backup/defaults/main.yml rename to roles/custom/matrix-postgres-backup/defaults/main.yml diff --git a/roles/matrix-postgres-backup/tasks/init.yml b/roles/custom/matrix-postgres-backup/tasks/init.yml similarity index 100% rename from roles/matrix-postgres-backup/tasks/init.yml rename to roles/custom/matrix-postgres-backup/tasks/init.yml diff --git a/roles/matrix-postgres-backup/tasks/main.yml b/roles/custom/matrix-postgres-backup/tasks/main.yml similarity index 100% rename from roles/matrix-postgres-backup/tasks/main.yml rename to roles/custom/matrix-postgres-backup/tasks/main.yml diff --git a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml similarity index 99% rename from roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml rename to roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index 2518326a3..d0335f395 100644 --- a/roles/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -4,7 +4,7 @@ # Tasks related to setting up postgres backup # - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: detect_existing_postgres_version when: 'matrix_postgres_backup_enabled | bool and matrix_postgres_backup_postgres_data_path != ""' diff --git a/roles/matrix-postgres-backup/tasks/validate_config.yml b/roles/custom/matrix-postgres-backup/tasks/validate_config.yml similarity index 100% rename from roles/matrix-postgres-backup/tasks/validate_config.yml rename to roles/custom/matrix-postgres-backup/tasks/validate_config.yml diff --git a/roles/matrix-postgres-backup/templates/env-postgres-backup.j2 b/roles/custom/matrix-postgres-backup/templates/env-postgres-backup.j2 similarity index 100% rename from roles/matrix-postgres-backup/templates/env-postgres-backup.j2 rename to roles/custom/matrix-postgres-backup/templates/env-postgres-backup.j2 diff --git a/roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 similarity index 100% rename from roles/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 rename to roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/custom/matrix-postgres/defaults/main.yml similarity index 100% rename from roles/matrix-postgres/defaults/main.yml rename to roles/custom/matrix-postgres/defaults/main.yml diff --git a/roles/matrix-postgres/tasks/detect_existing_postgres_version.yml b/roles/custom/matrix-postgres/tasks/detect_existing_postgres_version.yml similarity index 100% rename from roles/matrix-postgres/tasks/detect_existing_postgres_version.yml rename to roles/custom/matrix-postgres/tasks/detect_existing_postgres_version.yml diff --git a/roles/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml similarity index 100% rename from roles/matrix-postgres/tasks/import_generic_sqlite_db.yml rename to roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml diff --git a/roles/matrix-postgres/tasks/import_postgres.yml b/roles/custom/matrix-postgres/tasks/import_postgres.yml similarity index 100% rename from roles/matrix-postgres/tasks/import_postgres.yml rename to roles/custom/matrix-postgres/tasks/import_postgres.yml diff --git a/roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_synapse_sqlite_db.yml similarity index 100% rename from roles/matrix-postgres/tasks/import_synapse_sqlite_db.yml rename to roles/custom/matrix-postgres/tasks/import_synapse_sqlite_db.yml diff --git a/roles/matrix-postgres/tasks/init.yml b/roles/custom/matrix-postgres/tasks/init.yml similarity index 100% rename from roles/matrix-postgres/tasks/init.yml rename to roles/custom/matrix-postgres/tasks/init.yml diff --git a/roles/matrix-postgres/tasks/main.yml b/roles/custom/matrix-postgres/tasks/main.yml similarity index 100% rename from roles/matrix-postgres/tasks/main.yml rename to roles/custom/matrix-postgres/tasks/main.yml diff --git a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml similarity index 99% rename from roles/matrix-postgres/tasks/migrate_db_to_postgres.yml rename to roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml index 215d36c10..ab387953c 100644 --- a/roles/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -137,7 +137,7 @@ - when: "matrix_postgres_db_migration_request.additional_psql_statements_list | default([]) | length > 0" block: - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: detect_existing_postgres_version - ansible.builtin.set_fact: diff --git a/roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml similarity index 100% rename from roles/matrix-postgres/tasks/migrate_postgres_data_directory.yml rename to roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml diff --git a/roles/matrix-postgres/tasks/run_vacuum.yml b/roles/custom/matrix-postgres/tasks/run_vacuum.yml similarity index 100% rename from roles/matrix-postgres/tasks/run_vacuum.yml rename to roles/custom/matrix-postgres/tasks/run_vacuum.yml diff --git a/roles/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml similarity index 100% rename from roles/matrix-postgres/tasks/setup_postgres.yml rename to roles/custom/matrix-postgres/tasks/setup_postgres.yml diff --git a/roles/matrix-postgres/tasks/upgrade_postgres.yml b/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml similarity index 100% rename from roles/matrix-postgres/tasks/upgrade_postgres.yml rename to roles/custom/matrix-postgres/tasks/upgrade_postgres.yml diff --git a/roles/matrix-postgres/tasks/util/create_additional_database.yml b/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml similarity index 100% rename from roles/matrix-postgres/tasks/util/create_additional_database.yml rename to roles/custom/matrix-postgres/tasks/util/create_additional_database.yml diff --git a/roles/matrix-postgres/tasks/util/create_additional_databases.yml b/roles/custom/matrix-postgres/tasks/util/create_additional_databases.yml similarity index 100% rename from roles/matrix-postgres/tasks/util/create_additional_databases.yml rename to roles/custom/matrix-postgres/tasks/util/create_additional_databases.yml diff --git a/roles/matrix-postgres/tasks/validate_config.yml b/roles/custom/matrix-postgres/tasks/validate_config.yml similarity index 100% rename from roles/matrix-postgres/tasks/validate_config.yml rename to roles/custom/matrix-postgres/tasks/validate_config.yml diff --git a/roles/matrix-postgres/templates/env-postgres-psql.j2 b/roles/custom/matrix-postgres/templates/env-postgres-psql.j2 similarity index 100% rename from roles/matrix-postgres/templates/env-postgres-psql.j2 rename to roles/custom/matrix-postgres/templates/env-postgres-psql.j2 diff --git a/roles/matrix-postgres/templates/env-postgres-server.j2 b/roles/custom/matrix-postgres/templates/env-postgres-server.j2 similarity index 100% rename from roles/matrix-postgres/templates/env-postgres-server.j2 rename to roles/custom/matrix-postgres/templates/env-postgres-server.j2 diff --git a/roles/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 b/roles/custom/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 similarity index 100% rename from roles/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 rename to roles/custom/matrix-postgres/templates/sql/init-additional-db-user-and-role.sql.j2 diff --git a/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 similarity index 100% rename from roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 rename to roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-change-user-admin-status.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli-non-interactive.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-cli.j2 diff --git a/roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 b/roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 similarity index 100% rename from roles/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 rename to roles/custom/matrix-postgres/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2 diff --git a/roles/matrix-prometheus-node-exporter/defaults/main.yml b/roles/custom/matrix-prometheus-node-exporter/defaults/main.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/defaults/main.yml rename to roles/custom/matrix-prometheus-node-exporter/defaults/main.yml diff --git a/roles/matrix-prometheus-node-exporter/tasks/init.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/init.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/tasks/init.yml rename to roles/custom/matrix-prometheus-node-exporter/tasks/init.yml diff --git a/roles/matrix-prometheus-node-exporter/tasks/main.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/main.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/tasks/main.yml rename to roles/custom/matrix-prometheus-node-exporter/tasks/main.yml diff --git a/roles/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/tasks/setup.yml rename to roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml diff --git a/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 similarity index 100% rename from roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 rename to roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 diff --git a/roles/matrix-prometheus-node-exporter/vars/main.yml b/roles/custom/matrix-prometheus-node-exporter/vars/main.yml similarity index 100% rename from roles/matrix-prometheus-node-exporter/vars/main.yml rename to roles/custom/matrix-prometheus-node-exporter/vars/main.yml diff --git a/roles/matrix-prometheus-postgres-exporter/defaults/main.yml b/roles/custom/matrix-prometheus-postgres-exporter/defaults/main.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/defaults/main.yml rename to roles/custom/matrix-prometheus-postgres-exporter/defaults/main.yml diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/init.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/init.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/tasks/init.yml rename to roles/custom/matrix-prometheus-postgres-exporter/tasks/init.yml diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/main.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/main.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/tasks/main.yml rename to roles/custom/matrix-prometheus-postgres-exporter/tasks/main.yml diff --git a/roles/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/tasks/setup.yml rename to roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml diff --git a/roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 rename to roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 diff --git a/roles/matrix-prometheus-postgres-exporter/vars/main.yml b/roles/custom/matrix-prometheus-postgres-exporter/vars/main.yml similarity index 100% rename from roles/matrix-prometheus-postgres-exporter/vars/main.yml rename to roles/custom/matrix-prometheus-postgres-exporter/vars/main.yml diff --git a/roles/matrix-prometheus/defaults/main.yml b/roles/custom/matrix-prometheus/defaults/main.yml similarity index 100% rename from roles/matrix-prometheus/defaults/main.yml rename to roles/custom/matrix-prometheus/defaults/main.yml diff --git a/roles/matrix-prometheus/tasks/init.yml b/roles/custom/matrix-prometheus/tasks/init.yml similarity index 100% rename from roles/matrix-prometheus/tasks/init.yml rename to roles/custom/matrix-prometheus/tasks/init.yml diff --git a/roles/matrix-prometheus/tasks/main.yml b/roles/custom/matrix-prometheus/tasks/main.yml similarity index 100% rename from roles/matrix-prometheus/tasks/main.yml rename to roles/custom/matrix-prometheus/tasks/main.yml diff --git a/roles/matrix-prometheus/tasks/setup_install.yml b/roles/custom/matrix-prometheus/tasks/setup_install.yml similarity index 100% rename from roles/matrix-prometheus/tasks/setup_install.yml rename to roles/custom/matrix-prometheus/tasks/setup_install.yml diff --git a/roles/matrix-prometheus/tasks/setup_uninstall.yml b/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-prometheus/tasks/setup_uninstall.yml rename to roles/custom/matrix-prometheus/tasks/setup_uninstall.yml diff --git a/roles/matrix-prometheus/tasks/validate_config.yml b/roles/custom/matrix-prometheus/tasks/validate_config.yml similarity index 100% rename from roles/matrix-prometheus/tasks/validate_config.yml rename to roles/custom/matrix-prometheus/tasks/validate_config.yml diff --git a/roles/matrix-prometheus/templates/prometheus.yml.j2 b/roles/custom/matrix-prometheus/templates/prometheus.yml.j2 similarity index 100% rename from roles/matrix-prometheus/templates/prometheus.yml.j2 rename to roles/custom/matrix-prometheus/templates/prometheus.yml.j2 diff --git a/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 similarity index 100% rename from roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 rename to roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 diff --git a/roles/matrix-redis/defaults/main.yml b/roles/custom/matrix-redis/defaults/main.yml similarity index 100% rename from roles/matrix-redis/defaults/main.yml rename to roles/custom/matrix-redis/defaults/main.yml diff --git a/roles/matrix-redis/tasks/init.yml b/roles/custom/matrix-redis/tasks/init.yml similarity index 100% rename from roles/matrix-redis/tasks/init.yml rename to roles/custom/matrix-redis/tasks/init.yml diff --git a/roles/matrix-redis/tasks/main.yml b/roles/custom/matrix-redis/tasks/main.yml similarity index 100% rename from roles/matrix-redis/tasks/main.yml rename to roles/custom/matrix-redis/tasks/main.yml diff --git a/roles/matrix-redis/tasks/setup_redis.yml b/roles/custom/matrix-redis/tasks/setup_redis.yml similarity index 100% rename from roles/matrix-redis/tasks/setup_redis.yml rename to roles/custom/matrix-redis/tasks/setup_redis.yml diff --git a/roles/matrix-redis/templates/redis.conf.j2 b/roles/custom/matrix-redis/templates/redis.conf.j2 similarity index 100% rename from roles/matrix-redis/templates/redis.conf.j2 rename to roles/custom/matrix-redis/templates/redis.conf.j2 diff --git a/roles/matrix-redis/templates/systemd/matrix-redis.service.j2 b/roles/custom/matrix-redis/templates/systemd/matrix-redis.service.j2 similarity index 100% rename from roles/matrix-redis/templates/systemd/matrix-redis.service.j2 rename to roles/custom/matrix-redis/templates/systemd/matrix-redis.service.j2 diff --git a/roles/matrix-registration/defaults/main.yml b/roles/custom/matrix-registration/defaults/main.yml similarity index 100% rename from roles/matrix-registration/defaults/main.yml rename to roles/custom/matrix-registration/defaults/main.yml diff --git a/roles/matrix-registration/tasks/generate_token.yml b/roles/custom/matrix-registration/tasks/generate_token.yml similarity index 100% rename from roles/matrix-registration/tasks/generate_token.yml rename to roles/custom/matrix-registration/tasks/generate_token.yml diff --git a/roles/matrix-registration/tasks/init.yml b/roles/custom/matrix-registration/tasks/init.yml similarity index 100% rename from roles/matrix-registration/tasks/init.yml rename to roles/custom/matrix-registration/tasks/init.yml diff --git a/roles/matrix-registration/tasks/list_tokens.yml b/roles/custom/matrix-registration/tasks/list_tokens.yml similarity index 100% rename from roles/matrix-registration/tasks/list_tokens.yml rename to roles/custom/matrix-registration/tasks/list_tokens.yml diff --git a/roles/matrix-registration/tasks/main.yml b/roles/custom/matrix-registration/tasks/main.yml similarity index 100% rename from roles/matrix-registration/tasks/main.yml rename to roles/custom/matrix-registration/tasks/main.yml diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml similarity index 99% rename from roles/matrix-registration/tasks/setup_install.yml rename to roles/custom/matrix-registration/tasks/setup_install.yml index 2f630ef00..cfed9a54c 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/custom/matrix-registration/tasks/setup_install.yml @@ -27,7 +27,7 @@ additional_psql_statements_db_name: "{{ matrix_registration_database_name }}" - ansible.builtin.import_role: - name: matrix-postgres + name: custom/matrix-postgres tasks_from: migrate_db_to_postgres - ansible.builtin.set_fact: diff --git a/roles/matrix-registration/tasks/setup_uninstall.yml b/roles/custom/matrix-registration/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-registration/tasks/setup_uninstall.yml rename to roles/custom/matrix-registration/tasks/setup_uninstall.yml diff --git a/roles/matrix-registration/tasks/validate_config.yml b/roles/custom/matrix-registration/tasks/validate_config.yml similarity index 100% rename from roles/matrix-registration/tasks/validate_config.yml rename to roles/custom/matrix-registration/tasks/validate_config.yml diff --git a/roles/matrix-registration/templates/config.yaml.j2 b/roles/custom/matrix-registration/templates/config.yaml.j2 similarity index 100% rename from roles/matrix-registration/templates/config.yaml.j2 rename to roles/custom/matrix-registration/templates/config.yaml.j2 diff --git a/roles/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 similarity index 100% rename from roles/matrix-registration/templates/systemd/matrix-registration.service.j2 rename to roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 diff --git a/roles/matrix-sygnal/defaults/main.yml b/roles/custom/matrix-sygnal/defaults/main.yml similarity index 100% rename from roles/matrix-sygnal/defaults/main.yml rename to roles/custom/matrix-sygnal/defaults/main.yml diff --git a/roles/matrix-sygnal/tasks/init.yml b/roles/custom/matrix-sygnal/tasks/init.yml similarity index 100% rename from roles/matrix-sygnal/tasks/init.yml rename to roles/custom/matrix-sygnal/tasks/init.yml diff --git a/roles/matrix-sygnal/tasks/main.yml b/roles/custom/matrix-sygnal/tasks/main.yml similarity index 100% rename from roles/matrix-sygnal/tasks/main.yml rename to roles/custom/matrix-sygnal/tasks/main.yml diff --git a/roles/matrix-sygnal/tasks/setup_install.yml b/roles/custom/matrix-sygnal/tasks/setup_install.yml similarity index 100% rename from roles/matrix-sygnal/tasks/setup_install.yml rename to roles/custom/matrix-sygnal/tasks/setup_install.yml diff --git a/roles/matrix-sygnal/tasks/setup_uninstall.yml b/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml similarity index 100% rename from roles/matrix-sygnal/tasks/setup_uninstall.yml rename to roles/custom/matrix-sygnal/tasks/setup_uninstall.yml diff --git a/roles/matrix-sygnal/tasks/validate_config.yml b/roles/custom/matrix-sygnal/tasks/validate_config.yml similarity index 100% rename from roles/matrix-sygnal/tasks/validate_config.yml rename to roles/custom/matrix-sygnal/tasks/validate_config.yml diff --git a/roles/matrix-sygnal/templates/sygnal.yaml.j2 b/roles/custom/matrix-sygnal/templates/sygnal.yaml.j2 similarity index 100% rename from roles/matrix-sygnal/templates/sygnal.yaml.j2 rename to roles/custom/matrix-sygnal/templates/sygnal.yaml.j2 diff --git a/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 similarity index 100% rename from roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 rename to roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 diff --git a/roles/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml similarity index 100% rename from roles/matrix-synapse-admin/defaults/main.yml rename to roles/custom/matrix-synapse-admin/defaults/main.yml diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/custom/matrix-synapse-admin/tasks/init.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/init.yml rename to roles/custom/matrix-synapse-admin/tasks/init.yml diff --git a/roles/matrix-synapse-admin/tasks/main.yml b/roles/custom/matrix-synapse-admin/tasks/main.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/main.yml rename to roles/custom/matrix-synapse-admin/tasks/main.yml diff --git a/roles/matrix-synapse-admin/tasks/setup.yml b/roles/custom/matrix-synapse-admin/tasks/setup.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/setup.yml rename to roles/custom/matrix-synapse-admin/tasks/setup.yml diff --git a/roles/matrix-synapse-admin/tasks/validate_config.yml b/roles/custom/matrix-synapse-admin/tasks/validate_config.yml similarity index 100% rename from roles/matrix-synapse-admin/tasks/validate_config.yml rename to roles/custom/matrix-synapse-admin/tasks/validate_config.yml diff --git a/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 similarity index 100% rename from roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 rename to roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml similarity index 99% rename from roles/matrix-synapse/defaults/main.yml rename to roles/custom/matrix-synapse/defaults/main.yml index 2028d8b77..ebd552115 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -13,7 +13,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s # Feel free to toggle this to `true` yourself and specify build steps in `matrix_synapse_container_image_customizations_dockerfile_body_custom`. # # See: -# - `roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2` +# - `roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2` # - `matrix_synapse_container_image_customizations_dockerfile_body_custom` # - `matrix_synapse_docker_image_customized` # - `matrix_synapse_docker_image_final` diff --git a/roles/matrix-synapse/files/workers-doc-to-yaml.awk b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk similarity index 100% rename from roles/matrix-synapse/files/workers-doc-to-yaml.awk rename to roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk diff --git a/roles/matrix-synapse/files/workers-doc-to-yaml.sh b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh similarity index 100% rename from roles/matrix-synapse/files/workers-doc-to-yaml.sh rename to roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/encryption-disabler/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml b/roles/custom/matrix-synapse/tasks/ext/ldap-auth/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/ldap-auth/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/rest-auth/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/rest-auth/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/init.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/init.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/init.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml rename to roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/validate_config.yml diff --git a/roles/matrix-synapse/tasks/ext/setup.yml b/roles/custom/matrix-synapse/tasks/ext/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml rename to roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup.yml diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml rename to roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/goofys/setup.yml b/roles/custom/matrix-synapse/tasks/goofys/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/goofys/setup.yml rename to roles/custom/matrix-synapse/tasks/goofys/setup.yml diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/goofys/setup_install.yml rename to roles/custom/matrix-synapse/tasks/goofys/setup_install.yml diff --git a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/goofys/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/custom/matrix-synapse/tasks/import_media_store.yml similarity index 100% rename from roles/matrix-synapse/tasks/import_media_store.yml rename to roles/custom/matrix-synapse/tasks/import_media_store.yml diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/custom/matrix-synapse/tasks/init.yml similarity index 100% rename from roles/matrix-synapse/tasks/init.yml rename to roles/custom/matrix-synapse/tasks/init.yml diff --git a/roles/matrix-synapse/tasks/main.yml b/roles/custom/matrix-synapse/tasks/main.yml similarity index 100% rename from roles/matrix-synapse/tasks/main.yml rename to roles/custom/matrix-synapse/tasks/main.yml diff --git a/roles/matrix-synapse/tasks/register_user.yml b/roles/custom/matrix-synapse/tasks/register_user.yml similarity index 100% rename from roles/matrix-synapse/tasks/register_user.yml rename to roles/custom/matrix-synapse/tasks/register_user.yml diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml similarity index 100% rename from roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml rename to roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml similarity index 100% rename from roles/matrix-synapse/tasks/rust-synapse-compress-state/main.yml rename to roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml diff --git a/roles/matrix-synapse/tasks/self_check_client_api.yml b/roles/custom/matrix-synapse/tasks/self_check_client_api.yml similarity index 100% rename from roles/matrix-synapse/tasks/self_check_client_api.yml rename to roles/custom/matrix-synapse/tasks/self_check_client_api.yml diff --git a/roles/matrix-synapse/tasks/self_check_federation_api.yml b/roles/custom/matrix-synapse/tasks/self_check_federation_api.yml similarity index 100% rename from roles/matrix-synapse/tasks/self_check_federation_api.yml rename to roles/custom/matrix-synapse/tasks/self_check_federation_api.yml diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/custom/matrix-synapse/tasks/setup_synapse.yml similarity index 100% rename from roles/matrix-synapse/tasks/setup_synapse.yml rename to roles/custom/matrix-synapse/tasks/setup_synapse.yml diff --git a/roles/matrix-synapse/tasks/synapse/setup.yml b/roles/custom/matrix-synapse/tasks/synapse/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/setup.yml rename to roles/custom/matrix-synapse/tasks/synapse/setup.yml diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/setup_install.yml rename to roles/custom/matrix-synapse/tasks/synapse/setup_install.yml diff --git a/roles/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/init.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/init.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/init.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/init.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/setup.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/setup_install.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml diff --git a/roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml similarity index 100% rename from roles/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml rename to roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/custom/matrix-synapse/tasks/update_user_password.yml similarity index 100% rename from roles/matrix-synapse/tasks/update_user_password.yml rename to roles/custom/matrix-synapse/tasks/update_user_password.yml diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml similarity index 100% rename from roles/matrix-synapse/tasks/validate_config.yml rename to roles/custom/matrix-synapse/tasks/validate_config.yml diff --git a/roles/matrix-synapse/templates/goofys/env-goofys.j2 b/roles/custom/matrix-synapse/templates/goofys/env-goofys.j2 similarity index 100% rename from roles/matrix-synapse/templates/goofys/env-goofys.j2 rename to roles/custom/matrix-synapse/templates/goofys/env-goofys.j2 diff --git a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 rename to roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 b/roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 rename to roles/custom/matrix-synapse/templates/synapse/customizations/Dockerfile.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/database.yaml.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/env.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/media_storage_provider.yaml.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.timer.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 diff --git a/roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 rename to roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 diff --git a/roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 b/roles/custom/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 rename to roles/custom/matrix-synapse/templates/synapse/prometheus/external_prometheus.yml.example.j2 diff --git a/roles/matrix-synapse/templates/synapse/synapse.log.config.j2 b/roles/custom/matrix-synapse/templates/synapse/synapse.log.config.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/synapse.log.config.j2 rename to roles/custom/matrix-synapse/templates/synapse/synapse.log.config.j2 diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 rename to roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 rename to roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 diff --git a/roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 b/roles/custom/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 rename to roles/custom/matrix-synapse/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2 diff --git a/roles/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 similarity index 100% rename from roles/matrix-synapse/templates/synapse/worker.yaml.j2 rename to roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 diff --git a/roles/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml similarity index 100% rename from roles/matrix-synapse/vars/main.yml rename to roles/custom/matrix-synapse/vars/main.yml diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/custom/matrix-synapse/vars/workers.yml similarity index 100% rename from roles/matrix-synapse/vars/workers.yml rename to roles/custom/matrix-synapse/vars/workers.yml diff --git a/roles/matrix-user-creator/defaults/main.yml b/roles/custom/matrix-user-creator/defaults/main.yml similarity index 100% rename from roles/matrix-user-creator/defaults/main.yml rename to roles/custom/matrix-user-creator/defaults/main.yml diff --git a/roles/matrix-user-creator/tasks/main.yml b/roles/custom/matrix-user-creator/tasks/main.yml similarity index 100% rename from roles/matrix-user-creator/tasks/main.yml rename to roles/custom/matrix-user-creator/tasks/main.yml diff --git a/roles/matrix-user-creator/tasks/setup.yml b/roles/custom/matrix-user-creator/tasks/setup.yml similarity index 100% rename from roles/matrix-user-creator/tasks/setup.yml rename to roles/custom/matrix-user-creator/tasks/setup.yml diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml rename to roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_conduit.yml diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml rename to roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml diff --git a/roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml rename to roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml diff --git a/roles/matrix-user-creator/tasks/util/validate_user.yml b/roles/custom/matrix-user-creator/tasks/util/validate_user.yml similarity index 100% rename from roles/matrix-user-creator/tasks/util/validate_user.yml rename to roles/custom/matrix-user-creator/tasks/util/validate_user.yml diff --git a/roles/matrix-user-creator/vars/main.yml b/roles/custom/matrix-user-creator/vars/main.yml similarity index 100% rename from roles/matrix-user-creator/vars/main.yml rename to roles/custom/matrix-user-creator/vars/main.yml diff --git a/setup.yml b/setup.yml index b41793540..906c3bdf4 100755 --- a/setup.yml +++ b/setup.yml @@ -4,73 +4,73 @@ become: true vars_files: - - roles/matrix-synapse/vars/workers.yml + - roles/custom/matrix-synapse/vars/workers.yml roles: - - matrix-base - - matrix-dynamic-dns - - matrix-mailer - - matrix-postgres - - matrix-redis - - matrix-corporal - - matrix-bridge-appservice-discord - - matrix-bridge-appservice-slack - - matrix-bridge-appservice-webhooks - - matrix-bridge-appservice-irc - - matrix-bridge-appservice-kakaotalk - - matrix-bridge-beeper-linkedin - - matrix-bridge-go-skype-bridge - - matrix-bridge-mautrix-facebook - - matrix-bridge-mautrix-twitter - - matrix-bridge-mautrix-hangouts - - matrix-bridge-mautrix-googlechat - - matrix-bridge-mautrix-instagram - - matrix-bridge-mautrix-signal - - matrix-bridge-mautrix-telegram - - matrix-bridge-mautrix-whatsapp - - matrix-bridge-mautrix-discord - - matrix-bridge-mx-puppet-discord - - matrix-bridge-mx-puppet-groupme - - matrix-bridge-mx-puppet-steam - - matrix-bridge-mx-puppet-slack - - matrix-bridge-mx-puppet-twitter - - matrix-bridge-mx-puppet-instagram - - matrix-bridge-sms - - matrix-bridge-heisenbridge - - matrix-bridge-hookshot - - matrix-bot-matrix-reminder-bot - - matrix-bot-matrix-registration-bot - - matrix-bot-maubot - - matrix-bot-buscarron - - matrix-bot-honoroit - - matrix-bot-postmoogle - - matrix-bot-go-neb - - matrix-bot-mjolnir - - matrix-cactus-comments - - matrix-synapse - - matrix-dendrite - - matrix-conduit - - matrix-synapse-admin - - matrix-prometheus-node-exporter - - matrix-prometheus-postgres-exporter - - matrix-prometheus - - matrix-grafana - - matrix-registration - - matrix-client-element - - matrix-client-hydrogen - - matrix-client-cinny - - matrix-jitsi - - matrix-ldap-registration-proxy - - matrix-ma1sd - - matrix-dimension - - matrix-etherpad - - matrix-email2matrix - - matrix-sygnal - - matrix-ntfy - - matrix-nginx-proxy - - matrix-coturn - - matrix-aux - - matrix-postgres-backup - - matrix-backup-borg - - matrix-user-creator - - matrix-common-after + - custom/matrix-base + - custom/matrix-dynamic-dns + - custom/matrix-mailer + - custom/matrix-postgres + - custom/matrix-redis + - custom/matrix-corporal + - custom/matrix-bridge-appservice-discord + - custom/matrix-bridge-appservice-slack + - custom/matrix-bridge-appservice-webhooks + - custom/matrix-bridge-appservice-irc + - custom/matrix-bridge-appservice-kakaotalk + - custom/matrix-bridge-beeper-linkedin + - custom/matrix-bridge-go-skype-bridge + - custom/matrix-bridge-mautrix-facebook + - custom/matrix-bridge-mautrix-twitter + - custom/matrix-bridge-mautrix-hangouts + - custom/matrix-bridge-mautrix-googlechat + - custom/matrix-bridge-mautrix-instagram + - custom/matrix-bridge-mautrix-signal + - custom/matrix-bridge-mautrix-telegram + - custom/matrix-bridge-mautrix-whatsapp + - custom/matrix-bridge-mautrix-discord + - custom/matrix-bridge-mx-puppet-discord + - custom/matrix-bridge-mx-puppet-groupme + - custom/matrix-bridge-mx-puppet-steam + - custom/matrix-bridge-mx-puppet-slack + - custom/matrix-bridge-mx-puppet-twitter + - custom/matrix-bridge-mx-puppet-instagram + - custom/matrix-bridge-sms + - custom/matrix-bridge-heisenbridge + - custom/matrix-bridge-hookshot + - custom/matrix-bot-matrix-reminder-bot + - custom/matrix-bot-matrix-registration-bot + - custom/matrix-bot-maubot + - custom/matrix-bot-buscarron + - custom/matrix-bot-honoroit + - custom/matrix-bot-postmoogle + - custom/matrix-bot-go-neb + - custom/matrix-bot-mjolnir + - custom/matrix-cactus-comments + - custom/matrix-synapse + - custom/matrix-dendrite + - custom/matrix-conduit + - custom/matrix-synapse-admin + - custom/matrix-prometheus-node-exporter + - custom/matrix-prometheus-postgres-exporter + - custom/matrix-prometheus + - custom/matrix-grafana + - custom/matrix-registration + - custom/matrix-client-element + - custom/matrix-client-hydrogen + - custom/matrix-client-cinny + - custom/matrix-jitsi + - custom/matrix-ldap-registration-proxy + - custom/matrix-ma1sd + - custom/matrix-dimension + - custom/matrix-etherpad + - custom/matrix-email2matrix + - custom/matrix-sygnal + - custom/matrix-ntfy + - custom/matrix-nginx-proxy + - custom/matrix-coturn + - custom/matrix-aux + - custom/matrix-postgres-backup + - custom/matrix-backup-borg + - custom/matrix-user-creator + - custom/matrix-common-after From a3319b1dc242b22911fb43fbf523d82f86677b36 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 09:16:54 +0200 Subject: [PATCH 302/349] Adjust .gitignore Related to 410a915a8ab72a2 --- .gitignore | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 36c65bdaa..0b64b8594 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,10 @@ !/inventory/.gitkeep !/inventory/host_vars/.gitkeep !/inventory/scripts -/roles/*/files/scratchpad +/roles/**/files/scratchpad .DS_Store .python-version + +# ignore roles pulled by ansible-galaxy +/roles/galaxy/* +!/roles/galaxy/.gitkeep From 995ef460e73699ea07d48f7e4b260856f2da85e1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 11:46:12 +0200 Subject: [PATCH 303/349] Upgrade appservice-discord (3.0.0 -> 3.1.0) --- roles/custom/matrix-bridge-appservice-discord/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml index 4a3eddabc..9e061d678 100644 --- a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml @@ -5,7 +5,7 @@ matrix_appservice_discord_enabled: false matrix_appservice_discord_container_image_self_build: false -matrix_appservice_discord_version: v3.0.0 +matrix_appservice_discord_version: v3.1.0 matrix_appservice_discord_docker_image: "{{ matrix_appservice_discord_docker_image_name_prefix }}matrix-org/matrix-appservice-discord:{{ matrix_appservice_discord_version }}" matrix_appservice_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_discord_container_image_self_build else 'ghcr.io/' }}" matrix_appservice_discord_docker_image_force_pull: "{{ matrix_appservice_discord_docker_image.endswith(':latest') }}" From 4cbea602dd66844a5ef04953a8b8cfcc67fa13cd Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 3 Nov 2022 11:50:34 +0200 Subject: [PATCH 304/349] Sync appservice-discord configuration with upstream --- .../templates/config.yaml.j2 | 46 ++++++++++++------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 index a530af2e5..2309be443 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/config.yaml.j2 @@ -18,6 +18,9 @@ bridge: disableTypingNotifications: false # Disable deleting messages on Discord if a message is redacted on Matrix. disableDeletionForwarding: false + # Disable portal bridging, where Matrix users can search for unbridged Discord + # rooms on their Matrix server. + disablePortalBridging: {{ matrix_appservice_discord_bridge_disablePortalBridging|to_json }} # Enable users to bridge rooms using !discord commands. See # https://t2bot.io/discord for instructions. enableSelfServiceBridging: {{ matrix_appservice_discord_bridge_enableSelfServiceBridging|to_json }} @@ -28,10 +31,14 @@ bridge: disableJoinLeaveNotifications: false # Disable Invite echos from matrix disableInviteNotifications: false - # Disable portal briding (automatic room creation) - disablePortalBridging: {{ matrix_appservice_discord_bridge_disablePortalBridging|to_json }} + # Disable Room Topic echos from matrix + disableRoomTopicNotifications: false # Auto-determine the language of code blocks (this can be CPU-intensive) determineCodeLanguage: false + # MXID of an admin user that will be PMd if the bridge experiences problems. Optional + adminMxid: {{ matrix_admin | to_json }} + # The message to send to the bridge admin if the Discord token is not valid + invalidTokenMessage: 'Your Discord bot token seems to be invalid, and the bridge cannot function. Please update it in your bridge settings and restart the bridge' # Authentication configuration for the discord bot. auth: clientID: {{ matrix_appservice_discord_client_id | string|to_json }} @@ -75,20 +82,20 @@ channel: namePattern: "[Discord] :guild :name" # Changes made to rooms when a channel is deleted. deleteOptions: - # Prefix the room name with a string. - #namePrefix: "[Deleted]" - # Prefix the room topic with a string. - #topicPrefix: "This room has been deleted" - # Disable people from talking in the room by raising the event PL to 50 - disableMessaging: false - # Remove the discord alias from the room. - unsetRoomAlias: true - # Remove the room from the directory. - unlistFromDirectory: true - # Set the room to be unavaliable for joining without an invite. - setInviteOnly: true - # Make all the discord users leave the room. - ghostsLeave: true + # Prefix the room name with a string. + #namePrefix: "[Deleted]" + # Prefix the room topic with a string. + #topicPrefix: "This room has been deleted" + # Disable people from talking in the room by raising the event PL to 50 + disableMessaging: false + # Remove the discord alias from the room. + unsetRoomAlias: true + # Remove the room from the directory. + unlistFromDirectory: true + # Set the room to be unavailable for joining without an invite. + setInviteOnly: true + # Make all the discord users leave the room. + ghostsLeave: true limits: # Delay in milliseconds between discord users joining a room. roomGhostJoinDelay: 6000 @@ -98,8 +105,15 @@ limits: # echos = (Copies of a sent message may arrive from discord before we've # fininished handling it, causing us to echo it back to the room) discordSendDelay: 1500 + # Set a maximum of rooms to be bridged. + # roomCount: 20 ghosts: # Pattern for the ghosts nick, available is :nick, :username, :tag and :id nickPattern: ":nick" # Pattern for the ghosts username, available is :username, :tag and :id usernamePattern: ":username#:tag" +# Prometheus-compatible metrics endpoint +metrics: + enable: false + port: 9001 + host: "127.0.0.1" From 83c40fce1583787ad5ab2eba996d40eab7f0c87a Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 11:36:10 +0200 Subject: [PATCH 305/349] standalone etherpad --- docs/configuring-dns.md | 3 + docs/configuring-playbook-etherpad.md | 31 ++--- group_vars/matrix_servers | 5 + roles/custom/matrix-base/defaults/main.yml | 3 + .../custom/matrix-etherpad/defaults/main.yml | 1 + roles/custom/matrix-etherpad/tasks/init.yml | 2 +- .../matrix-etherpad/tasks/validate_config.yml | 6 - .../matrix-nginx-proxy/defaults/main.yml | 7 ++ .../tasks/setup_nginx_proxy.yml | 7 ++ .../nginx/conf.d/matrix-etherpad.conf.j2 | 108 ++++++++++++++++++ 10 files changed, 152 insertions(+), 21 deletions(-) create mode 100644 roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 diff --git a/docs/configuring-dns.md b/docs/configuring-dns.md index 3803ba8f6..d7ccf17e7 100644 --- a/docs/configuring-dns.md +++ b/docs/configuring-dns.md @@ -39,6 +39,7 @@ When you're done configuring DNS, proceed to [Configuring the playbook](configur | [Go-NEB](configuring-playbook-bot-go-neb.md) bot | CNAME | `goneb` | - | - | - | `matrix.` | | [Sygnal](configuring-playbook-sygnal.md) push notification gateway | CNAME | `sygnal` | - | - | - | `matrix.` | | [ntfy](configuring-playbook-ntfy.md) push notifications server | CNAME | `ntfy` | - | - | - | `matrix.` | +| [Etherpad](configuring-playbook-etherpad.md) collaborative text editor | CNAME | `etherpad` | - | - | - | `matrix.` | | [Hydrogen](configuring-playbook-client-hydrogen.md) web client | CNAME | `hydrogen` | - | - | - | `matrix.` | | [Cinny](configuring-playbook-client-cinny.md) web client | CNAME | `cinny` | - | - | - | `matrix.` | | [Buscarron](configuring-playbook-bot-buscarron.md) helpdesk bot | CNAME | `buscarron` | - | - | - | `matrix.` | @@ -68,6 +69,8 @@ The `sygnal.` subdomain may be necessary, because this playbook cou The `ntfy.` subdomain may be necessary, because this playbook could install the [ntfy](https://ntfy.sh/) UnifiedPush-compatible push notifications server. The installation of ntfy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring ntfy guide](configuring-playbook-ntfy.md). If you do not wish to set up ntfy, feel free to skip the `ntfy.` DNS record. +The `etherpad.` subdomain may be necessary, because this playbook could install the [Etherpad](https://etherpad.org/) a highly customizable open source online editor providing collaborative editing in really real-time. The installation of etherpad is disabled by default, it is not a core required component. To learn how to install it, see our [configuring etherpad guide](configuring-playbook-etherpad.md). If you do not wish to set up etherpad, feel free to skip the `etherpad.` DNS record. + The `hydrogen.` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/vector-im/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.` DNS record. The `cinny.` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up cinny, feel free to skip the `cinny.` DNS record. diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 4c38bb3ca..3214d8619 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -1,12 +1,14 @@ # Setting up Etherpad (optional) -[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) +[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) or used as standalone web app When enabled together with the Jitsi audio/video conferencing system (see [our docs on Jitsi](configuring-playbook-jitsi.md)), it will be made available as an option during the conferences. ## Prerequisites -For the self-hosted Etherpad instance to be available to your users, you must first enable and configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) +The `etherpad.` DNS record must be created. See [Configuring your DNS server](configuring-dns.md) on how to set up DNS record correctly. + +You may enable and configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) to integrate etherpad with Dimension. ## Installing @@ -16,16 +18,7 @@ For the self-hosted Etherpad instance to be available to your users, you must fi matrix_etherpad_enabled: true ``` -## Set Dimension default to the self-hosted Etherpad - -The Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain. - -### Removing the integrated Etherpad chat - -If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. -Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` - -### Etherpad Admin access (optional) +## Etherpad Admin access (optional) Etherpad comes with a admin web-UI which is disabled by default. You can enable it by setting a username and password in your configuration file (`inventory/host_vars/matrix./vars.yml`): @@ -36,11 +29,21 @@ matrix_etherpad_admin_password: some-password The admin web-UI should then be available on: `https://dimension./etherpad/admin` -### Managing / Deleting old pads +## Managing / Deleting old pads If you want to manage and remove old unused pads from Etherpad, you will first need to able Admin access as described above. -Then from the plugin manager page (`https://dimension./etherpad/admin/plugins`), install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. +Then from the plugin manager page (`https://etherpad./admin/plugins` or `https://dimension./etherpad/admin/plugins`), install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. + +## Set Dimension default to the self-hosted Etherpad (optional) + +If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside with Etherpad, +the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain. + +### Removing the integrated Etherpad chat + +If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. +Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` ## Known issues diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2e3a217c0..26e5b35f5 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1486,6 +1486,8 @@ matrix_etherpad_enabled: false matrix_etherpad_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9001' }}" +matrix_etherpad_base_url: "{{ 'https://'+ matrix_server_fqn_dimension + matrix_etherpad_public_endpoint if matrix_dimension_enabled else 'https://' + matrix_server_fqn_etherpad + '/' }}" + matrix_etherpad_systemd_required_services_list: | {{ ['docker.service'] @@ -1710,6 +1712,7 @@ matrix_nginx_proxy_proxy_hydrogen_enabled: "{{ matrix_client_hydrogen_enabled }} matrix_nginx_proxy_proxy_cinny_enabled: "{{ matrix_client_cinny_enabled }}" matrix_nginx_proxy_proxy_buscarron_enabled: "{{ matrix_bot_buscarron_enabled }}" matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled }}" +matrix_nginx_proxy_proxy_etherpad_enabled: "{{ matrix_etherpad_enabled }}" matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled }}" matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}" matrix_nginx_proxy_proxy_grafana_enabled: "{{ matrix_grafana_enabled }}" @@ -1837,6 +1840,8 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) + + ([matrix_server_fqn_etherpad] if matrix_etherpad_enabled else []) + + ([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else []) + ([matrix_server_fqn_jitsi] if matrix_jitsi_enabled else []) diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 52049ed51..02e26a934 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -62,6 +62,9 @@ matrix_server_fqn_buscarron: "buscarron.{{ matrix_domain }}" # This is where you access the Dimension. matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" +# This is where you access the etherpad (if enabled via matrix_etherpad_enabled; disabled by default). +matrix_server_fqn_etherpad: "etherpad.{{ matrix_domain }}" + # For use with Go-NEB! (github callback url for example) matrix_server_fqn_bot_go_neb: "goneb.{{ matrix_domain }}" diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 8281f27ff..35d24090c 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -28,6 +28,7 @@ matrix_etherpad_container_http_host_bind_port: '' # A list of extra arguments to pass to the container matrix_etherpad_container_extra_arguments: [] +# Used for dimension only matrix_etherpad_public_endpoint: '/etherpad' # By default, the Etherpad app can be accessed within the Dimension domain diff --git a/roles/custom/matrix-etherpad/tasks/init.yml b/roles/custom/matrix-etherpad/tasks/init.yml index cfd127bd1..c787548c7 100644 --- a/roles/custom/matrix-etherpad/tasks/init.yml +++ b/roles/custom/matrix-etherpad/tasks/init.yml @@ -4,7 +4,7 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}" when: matrix_etherpad_enabled | bool -- when: matrix_etherpad_enabled | bool +- when: matrix_etherpad_enabled | bool and matrix_dimension_enabled | default(False) | bool tags: - always block: diff --git a/roles/custom/matrix-etherpad/tasks/validate_config.yml b/roles/custom/matrix-etherpad/tasks/validate_config.yml index bf78c36fc..9832b0b89 100644 --- a/roles/custom/matrix-etherpad/tasks/validate_config.yml +++ b/roles/custom/matrix-etherpad/tasks/validate_config.yml @@ -1,11 +1,5 @@ --- -- name: Fail if Etherpad is enabled without the Dimension integrations manager - ansible.builtin.fail: - msg: >- - To integrate Etherpad notes with Matrix rooms you need to set "matrix_dimension_enabled" to true - when: "not matrix_dimension_enabled | bool" - - name: Fail if no database is configured for Etherpad ansible.builtin.fail: msg: >- diff --git a/roles/custom/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml index ca4a15e72..b7d4819dd 100644 --- a/roles/custom/matrix-nginx-proxy/defaults/main.yml +++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml @@ -192,6 +192,10 @@ matrix_nginx_proxy_proxy_matrix_federation_port: 8448 matrix_nginx_proxy_proxy_dimension_enabled: false matrix_nginx_proxy_proxy_dimension_hostname: "{{ matrix_server_fqn_dimension }}" +# Controls whether proxying the etherpad domain should be done. +matrix_nginx_proxy_proxy_etherpad_enabled: false +matrix_nginx_proxy_proxy_etherpad_hostname: "{{ matrix_server_fqn_etherpad }}" + # Controls whether proxying the goneb domain should be done. matrix_nginx_proxy_proxy_bot_go_neb_enabled: false matrix_nginx_proxy_proxy_bot_go_neb_hostname: "{{ matrix_server_fqn_bot_go_neb }}" @@ -373,6 +377,9 @@ matrix_nginx_proxy_proxy_buscarron_additional_server_configuration_blocks: [] # A list of strings containing additional configuration blocks to add to Dimension's server configuration (matrix-dimension.conf). matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: [] +# A list of strings containing additional configuration blocks to add to etherpad's server configuration (matrix-etherpad.conf). +matrix_nginx_proxy_proxy_etherpad_additional_server_configuration_blocks: [] + # A list of strings containing additional configuration blocks to add to GoNEB's server configuration (matrix-bot-go-neb.conf). matrix_nginx_proxy_proxy_bot_go_neb_additional_server_configuration_blocks: [] diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 11a1cc069..3892550f4 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -123,6 +123,13 @@ mode: 0644 when: matrix_nginx_proxy_proxy_dimension_enabled | bool +- name: Ensure Matrix nginx-proxy configuration for etherpad domain exists + ansible.builtin.template: + src: "{{ role_path }}/templates/nginx/conf.d/matrix-etherpad.conf.j2" + dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-etherpad.conf" + mode: 0644 + when: matrix_nginx_proxy_proxy_etherpad_enabled | bool + - name: Ensure Matrix nginx-proxy configuration for goneb domain exists ansible.builtin.template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2" diff --git a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 new file mode 100644 index 000000000..8cad9ee37 --- /dev/null +++ b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-etherpad.conf.j2 @@ -0,0 +1,108 @@ +#jinja2: lstrip_blocks: "True" + +{% macro render_vhost_directives() %} + gzip on; + gzip_types text/plain application/json application/javascript text/css image/x-icon font/ttf image/gif; + {% if matrix_nginx_proxy_hsts_preload_enabled %} + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + {% else %} + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + {% endif %} + add_header X-XSS-Protection "{{ matrix_nginx_proxy_xss_protection }}"; + add_header X-Content-Type-Options nosniff; + {% if matrix_nginx_proxy_floc_optout_enabled %} + add_header Permissions-Policy interest-cohort=() always; + {% endif %} + +{% for configuration_block in matrix_nginx_proxy_proxy_etherpad_additional_server_configuration_blocks %} + {{- configuration_block }} +{% endfor %} + + location / { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; + set $backend "matrix-etherpad:9001"; + proxy_pass http://$backend; + {# These are proxy directives needed specifically by Etherpad #} + proxy_buffering off; + proxy_http_version 1.1; {# recommended with keepalive connections #} + proxy_pass_header Server; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }}; {# for EP to set secure cookie flag when https is used #} + {# WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html #} + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + {% else %} + {# Generic configuration for use outside of our container setup #} + # A good guide for setting up your Etherpad behind nginx: + # https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html + proxy_pass http://127.0.0.1:9001/; + {% endif %} + } +{% endmacro %} + +server { + listen {{ 8080 if matrix_nginx_proxy_enabled else 80 }}; + listen [::]:{{ 8080 if matrix_nginx_proxy_enabled else 80 }}; + + server_name {{ matrix_nginx_proxy_proxy_etherpad_hostname }}; + + server_tokens off; + root /dev/null; + + {% if matrix_nginx_proxy_https_enabled %} + location /.well-known/acme-challenge { + {% if matrix_nginx_proxy_enabled %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; + set $backend "matrix-certbot:8080"; + proxy_pass http://$backend; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_ssl_lets_encrypt_certbot_standalone_http_port }}; + {% endif %} + } + + location / { + return 301 https://$http_host$request_uri; + } + {% else %} + {{ render_vhost_directives() }} + {% endif %} +} + +{% if matrix_nginx_proxy_https_enabled %} +server { + listen {{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2; + listen [::]:{{ 8443 if matrix_nginx_proxy_enabled else 443 }} ssl http2; + + server_name {{ matrix_nginx_proxy_proxy_etherpad_hostname }}; + + server_tokens off; + root /dev/null; + + ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_etherpad_hostname }}/fullchain.pem; + ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_etherpad_hostname }}/privkey.pem; + + ssl_protocols {{ matrix_nginx_proxy_ssl_protocols }}; + {% if matrix_nginx_proxy_ssl_ciphers != '' %} + ssl_ciphers {{ matrix_nginx_proxy_ssl_ciphers }}; + {% endif %} + ssl_prefer_server_ciphers {{ matrix_nginx_proxy_ssl_prefer_server_ciphers }}; + + {% if matrix_nginx_proxy_ocsp_stapling_enabled %} + ssl_stapling on; + ssl_stapling_verify on; + ssl_trusted_certificate {{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_etherpad_hostname }}/chain.pem; + {% endif %} + + {% if matrix_nginx_proxy_ssl_session_tickets_off %} + ssl_session_tickets off; + {% endif %} + ssl_session_cache {{ matrix_nginx_proxy_ssl_session_cache }}; + ssl_session_timeout {{ matrix_nginx_proxy_ssl_session_timeout }}; + + {{ render_vhost_directives() }} +} +{% endif %} From c3a7237de702b4f4ec26509cb1000f99051a8f83 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 14:58:28 +0200 Subject: [PATCH 306/349] Initial work on using externally defined roles --- CHANGELOG.md | 21 +++++++ Makefile | 1 + docs/installing.md | 3 + docs/maintenance-upgrading-services.md | 4 +- group_vars/matrix_servers | 25 +++++++++ requirements.yml | 13 +++++ roles/custom/matrix-base/defaults/main.yml | 11 ---- .../matrix-base/tasks/setup_matrix_base.yml | 55 ------------------- .../matrix-bridge-hookshot/defaults/main.yml | 4 +- .../matrix_playbook_migration/tasks/main.yml | 5 ++ .../tasks/validate_config.yml | 12 ++++ setup.yml | 17 ++++++ 12 files changed, 101 insertions(+), 70 deletions(-) create mode 100644 requirements.yml create mode 100644 roles/custom/matrix_playbook_migration/tasks/main.yml create mode 100644 roles/custom/matrix_playbook_migration/tasks/validate_config.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index 4d8b9b219..9bd06a8c2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,24 @@ +# 2022-11-04 + +## The playbook now uses external roles for some things + +**TLDR**: when updating the playbook and before running it, you'll need to run `make roles` to make [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) download dependency roles (see the [`requirements.yml` file](requirements.yml)) to the `roles/galaxy` directory. Without this, the playbook won't work. + +We're in the process of trimming the playbook and making it reuse Ansible roles. + +Starting now, the playbook is composed of 2 types of Ansible roles: + +- those that live within the playbook itself (`roles/custom/*`) + +- those downloaded from other sources (using [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to `roles/galaxy`, based on the [`requirements.yml` file](requirements.yml)). These roles are maintained by us or by other people from the Ansible community. + +We're doing this for greater code-reuse (across Ansible playbooks, including our own related playbooks [gitea-docker-ansible-deploy](https://github.com/spantaleev/gitea-docker-ansible-deploy) and [nextcloud-docker-ansible-deploy](https://github.com/spantaleev/nextcloud-docker-ansible-deploy)) and decreased maintenance burden. Until now, certain features were copy-pasted across playbooks or were maintained separately in each one, with improvements often falling behind. We've also tended to do too much by ourselves - installing Docker on the server from our `matrix-base` role, etc. - something that we'd rather not do anymore by switching to the [geerlingguy.docker](https://galaxy.ansible.com/geerlingguy/docker) role. + +Some variable names will change during the transition to having more and more external (galaxy) roles. There's a new `custom/matrix_playbook_migration` role added to the playbook which will tell you about these changes each time you run the playbook. + +From now on, every time you update the playbook (well, every time the `requirements.yml` file changes), it's best to run `make roles` to update the roles downloaded from other sources. + + # 2022-10-14 ## synapse-s3-storage-provider support diff --git a/Makefile b/Makefile index 62419150c..b7fc41bd7 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,7 @@ help: ## Show this help. @grep -F -h "##" $(MAKEFILE_LIST) | grep -v grep | sed -e 's/\\$$//' | sed -e 's/##//' roles: ## Pull roles + rm -rf roles/galaxy ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force lint: ## Runs ansible-lint against all roles in the playbook diff --git a/docs/installing.md b/docs/installing.md index 308e6fe66..7c62cc393 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -2,6 +2,9 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. +**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. + + ## Playbook tags introduction The Ansible playbook's tasks are tagged, so that certain parts of the Ansible playbook can be run without running all other tasks. diff --git a/docs/maintenance-upgrading-services.md b/docs/maintenance-upgrading-services.md index fe289a86f..d1c707fd6 100644 --- a/docs/maintenance-upgrading-services.md +++ b/docs/maintenance-upgrading-services.md @@ -10,8 +10,8 @@ To upgrade services: - take a look at [the changelog](../CHANGELOG.md) to see if there have been any backward-incompatible changes that you need to take care of -- re-run the [playbook setup](installing.md): `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all` +- download the upstream Ansible roles used by the playbook by running `make roles` -- restart the services: `ansible-playbook -i inventory/hosts setup.yml --tags=start` +- re-run the [playbook setup](installing.md) and restart all serivces: `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start` **Note**: major version upgrades to the internal PostgreSQL database are not done automatically. To upgrade it, refer to the [upgrading PostgreSQL guide](maintenance-postgres.md#upgrading-postgresql). diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 2e3a217c0..a75be04a7 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -9,6 +9,31 @@ # You can also override ANY variable (seen here or in any given role), # by re-defining it in your own configuration file (`inventory/host_vars/matrix.`). + + +###################################################################### +# +# com.devture.ansible.role.playbook_state_preserver +# +###################################################################### + +# To completely disable this feature, use `devture_playbook_state_preserver_enabled: false`. + +devture_playbook_state_preserver_uid: "{{ matrix_user_uid }}" +devture_playbook_state_preserver_gid: "{{ matrix_user_gid }}" + +devture_playbook_state_preserver_vars_preservation_dst: "{{ matrix_base_data_path }}/vars.yml" + +devture_playbook_state_preserver_commit_hash_preservation_dst: "{{ matrix_base_data_path }}/git_hash.yml" + +###################################################################### +# +# /com.devture.ansible.role.playbook_state_preserver +# +###################################################################### + + + ###################################################################### # # matrix-base diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 000000000..9d6669af8 --- /dev/null +++ b/requirements.yml @@ -0,0 +1,13 @@ +--- + +- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git + version: c1f40e82b4d6b072b6f0e885239322bdaaaf554f + +- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git + version: 327d2e17f5189ac2480d6012f58cf64a2b46efba + +- src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git + version: 0857450721d525238ca230c9e6f8f8ad3a248564 + +- src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git + version: f1c78d4e85e875129790c58335d0e44385683f6b diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 52049ed51..a18ba6b6b 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -255,12 +255,6 @@ matrix_well_known_matrix_support_configuration: "{{ matrix_well_known_matrix_sup # The Docker network that all services would be put into matrix_docker_network: "matrix" -# Controls whether we'll preserve the vars.yml file on the Matrix server. -# If you have a differently organized inventory, you may wish to disable this feature, -# or to repoint `matrix_vars_yml_snapshotting_src` to the file you'd like to preserve. -matrix_vars_yml_snapshotting_enabled: true -matrix_vars_yml_snapshotting_src: "{{ inventory_dir }}/host_vars/{{ inventory_hostname }}/vars.yml" - # Controls whether a `/.well-known/matrix/server` file is generated and used at all. # # If you wish to rely on DNS SRV records only, you can disable this. @@ -284,11 +278,6 @@ matrix_docker_installation_enabled: true # Possible values are "docker-ce" (default) and "docker.io" (Debian). matrix_docker_package_name: docker-ce -# Controls whether the current playbook's commit hash is saved in `git_hash.yml` on the target -# Set this to false if GIT is not installed on the local system (the system where the ansible command is run on) -# to suppress the warning message. -matrix_playbook_commit_hash_preservation_enabled: true - # Variables to Control which parts of our roles run. run_postgres_import: true run_postgres_upgrade: true diff --git a/roles/custom/matrix-base/tasks/setup_matrix_base.yml b/roles/custom/matrix-base/tasks/setup_matrix_base.yml index 2439fdea3..f954bd796 100644 --- a/roles/custom/matrix-base/tasks/setup_matrix_base.yml +++ b/roles/custom/matrix-base/tasks/setup_matrix_base.yml @@ -10,61 +10,6 @@ with_items: - "{{ matrix_base_data_path }}" -- name: Preserve vars.yml on the server for easily restoring if it gets lost later on - ansible.builtin.copy: - src: "{{ matrix_vars_yml_snapshotting_src }}" - dest: "{{ matrix_base_data_path }}/vars.yml" - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - mode: '0660' - when: "matrix_vars_yml_snapshotting_enabled | bool" - -- name: Save current git-repo status on the target to aid with restoring in case of problems - when: "matrix_playbook_commit_hash_preservation_enabled|bool" - block: - - name: Get local git hash # noqa command-instead-of-module - delegate_to: 127.0.0.1 - become: false - register: git_describe - changed_when: false - ansible.builtin.shell: - git describe - --always - --tags - --dirty - --long - --all - - - ansible.builtin.set_fact: - git_hash: "{{ git_describe.stdout }}" - - - name: Git hash - ansible.builtin.debug: - msg: "Git hash: {{ git_hash }}" - - - name: Save git_hash.yml on target - ansible.builtin.copy: - content: "{{ git_hash }}" - dest: "{{ matrix_base_data_path }}/git_hash.yml" - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - mode: '0660' - - rescue: - - name: GIT not found error - ansible.builtin.debug: - msg: >- - Couldn't find GIT on the local machine. Continuing without saving the GIT hash. - You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('git: not found') != -1" - - - name: Get GIT hash error - ansible.builtin.fail: - msg: >- - Error when trying to get the GIT hash. Please consult the error message above. - You can disable saving the GIT hash by setting 'matrix_playbook_commit_hash_preservation_enabled: false' in vars.yml - when: "git_describe.stderr.find('git: not found') == -1" - - name: Ensure Matrix network is created in Docker community.docker.docker_network: name: "{{ matrix_docker_network }}" diff --git a/roles/custom/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml index 4c39876a2..4e6965847 100644 --- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml @@ -129,8 +129,8 @@ matrix_hookshot_generic_user_id_prefix: '_webhooks_' matrix_hookshot_feeds_enabled: true -matrix_hookshot_feeds_pollIntervalSeconds: 600 # no-qa var-naming -matrix_hookshot_feeds_pollTimeoutSeconds: 10 # no-qa var-naming +matrix_hookshot_feeds_pollIntervalSeconds: 600 # noqa var-naming +matrix_hookshot_feeds_pollTimeoutSeconds: 10 # noqa var-naming # There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead. diff --git a/roles/custom/matrix_playbook_migration/tasks/main.yml b/roles/custom/matrix_playbook_migration/tasks/main.yml new file mode 100644 index 000000000..c346a759b --- /dev/null +++ b/roles/custom/matrix_playbook_migration/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + tags: + - setup-all diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml new file mode 100644 index 000000000..111016c9c --- /dev/null +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -0,0 +1,12 @@ +--- + +- name: (Deprecation) Catch and report renamed Matrix playbook settings + ansible.builtin.fail: + msg: >- + Your configuration contains a variable, which now has a different name. + Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). + when: "item.old in vars" + with_items: + - {'old': 'matrix_vars_yml_snapshotting_enabled', 'new': 'devture_playbook_state_preserver_vars_preservation_enabled'} + - {'old': 'matrix_vars_yml_snapshotting_src', 'new': 'devture_playbook_state_preserver_vars_preservation_src'} + - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} diff --git a/setup.yml b/setup.yml index 906c3bdf4..24f5754bb 100755 --- a/setup.yml +++ b/setup.yml @@ -7,6 +7,14 @@ - roles/custom/matrix-synapse/vars/workers.yml roles: + # This role has no tasks at all + - role: galaxy/com.devture.ansible.role.playbook_help + + # This role has no tasks at all + - role: galaxy/com.devture.ansible.role.systemd_docker_base + + - role: custom/matrix_playbook_migration + - custom/matrix-base - custom/matrix-dynamic-dns - custom/matrix-mailer @@ -74,3 +82,12 @@ - custom/matrix-backup-borg - custom/matrix-user-creator - custom/matrix-common-after + + # This is pretty much last, because we want it to better serve as a "last known good configuration". + # See: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2217#issuecomment-1301487601 + - when: devture_playbook_state_preserver_enabled | bool + role: galaxy/com.devture.ansible.role.playbook_state_preserver + tags: + - setup-all + + - role: galaxy/com.devture.ansible.role.playbook_runtime_messages From db19482d0cc8044093e3d11e785a2c8a8e3f9aaa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:19:17 +0200 Subject: [PATCH 307/349] Replace matrix_playbook_runtime_results with devture_playbook_runtime_messages_list (via com.devture.ansible.role.playbook_runtime_messages) --- .../tasks/migrate_nedb_to_postgres.yml | 4 ++-- .../tasks/migrate_nedb_to_postgres.yml | 4 ++-- .../tasks/validate_config.yml | 4 ++-- .../tasks/dump_runtime_results.yml | 7 ------- roles/custom/matrix-common-after/tasks/main.yml | 4 ---- .../tasks/setup_postgres_backup.yml | 4 ++-- .../tasks/import_generic_sqlite_db.yml | 4 ++-- .../matrix-postgres/tasks/migrate_db_to_postgres.yml | 4 ++-- .../custom/matrix-postgres/tasks/setup_postgres.yml | 12 ++++++------ .../matrix-registration/tasks/generate_token.yml | 6 +++--- .../custom/matrix-registration/tasks/list_tokens.yml | 6 +++--- 11 files changed, 24 insertions(+), 35 deletions(-) delete mode 100644 roles/custom/matrix-common-after/tasks/dump_runtime_results.yml diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index d5f4eefd3..97ae60c53 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -66,9 +66,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your appservice-irc database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_irc_data_path }}/*.db` to `{{ matrix_appservice_irc_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml index b9aca080a..0d0296438 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml @@ -62,9 +62,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your appservice-slack database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_slack_data_path }}/*.db` to `{{ matrix_appservice_slack_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml index 413ea0273..04e45c319 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml @@ -14,9 +14,9 @@ block: - name: Inject warning if on an old SQLite-supporting version ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)" diff --git a/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml b/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml deleted file mode 100644 index 7dba367d2..000000000 --- a/roles/custom/matrix-common-after/tasks/dump_runtime_results.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# Ansible outputs the message in the `item=` field. -# It's unnecessary to output it again in the actual message, so we don't. -- ansible.builtin.debug: - msg: "" - with_items: "{{ matrix_playbook_runtime_results }}" - when: "matrix_playbook_runtime_results is defined and matrix_playbook_runtime_results | length > 0" diff --git a/roles/custom/matrix-common-after/tasks/main.yml b/roles/custom/matrix-common-after/tasks/main.yml index 1b360698d..2cffecb1e 100644 --- a/roles/custom/matrix-common-after/tasks/main.yml +++ b/roles/custom/matrix-common-after/tasks/main.yml @@ -10,10 +10,6 @@ tags: - stop -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/dump_runtime_results.yml" - tags: - - always - - ansible.builtin.import_tasks: "{{ role_path }}/tasks/run_docker_prune.yml" tags: - run-docker-prune diff --git a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index d0335f395..55980d3cd 100644 --- a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -101,9 +101,9 @@ # We just want to notify the user. Deleting data is too destructive. - name: Inject warning if matrix-postgres backup data remains ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: You are not using the local backup service to backup the PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_backup_path }}`. Feel free to delete it." diff --git a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml index 4a515c27d..7fa4a20ae 100644 --- a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -92,9 +92,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your SQLite database file has been imported into Postgres. The original file has been moved from `{{ sqlite_database_path }}` to `{{ sqlite_database_path }}.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete this file." diff --git a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml index ab387953c..168b66ecc 100644 --- a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -166,9 +166,9 @@ - name: Inject result ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your {{ matrix_postgres_db_migration_request.engine_old }} database file has been imported into Postgres. The original database file has been moved from `{{ matrix_postgres_db_migration_request.src }}` to `{{ matrix_postgres_db_migration_request.src }}.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete this file." diff --git a/roles/custom/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml index 9efc73a66..a989e9692 100644 --- a/roles/custom/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/setup_postgres.yml @@ -25,9 +25,9 @@ - name: Inject warning if on an old version of Postgres ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres" @@ -146,9 +146,9 @@ - name: Inject warning if backup data remains ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: You have some Postgres backup data in `{{ matrix_postgres_data_path }}-auto-upgrade-backup`, which was created during the last major Postgres update you ran. If your setup works well after this upgrade, feel free to delete this whole directory." @@ -194,9 +194,9 @@ # We just want to notify the user. Deleting data is too destructive. - name: Inject warning if matrix-postgres local data remains ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [ "NOTE: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it." diff --git a/roles/custom/matrix-registration/tasks/generate_token.yml b/roles/custom/matrix-registration/tasks/generate_token.yml index c910bf63b..aa2b0111f 100644 --- a/roles/custom/matrix-registration/tasks/generate_token.yml +++ b/roles/custom/matrix-registration/tasks/generate_token.yml @@ -41,11 +41,11 @@ {{ matrix_registration_api_result.json }} check_mode: false -- name: Inject result message into matrix_playbook_runtime_results +- name: Inject result message into devture_playbook_runtime_messages_list ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [matrix_registration_api_result_message] }} diff --git a/roles/custom/matrix-registration/tasks/list_tokens.yml b/roles/custom/matrix-registration/tasks/list_tokens.yml index 4bcd14605..1001c4fa2 100644 --- a/roles/custom/matrix-registration/tasks/list_tokens.yml +++ b/roles/custom/matrix-registration/tasks/list_tokens.yml @@ -20,11 +20,11 @@ {{ matrix_registration_api_result.json | to_nice_json }} check_mode: false -- name: Inject result message into matrix_playbook_runtime_results +- name: Inject result message into devture_playbook_runtime_messages_list ansible.builtin.set_fact: - matrix_playbook_runtime_results: | + devture_playbook_runtime_messages_list: | {{ - matrix_playbook_runtime_results | default([]) + devture_playbook_runtime_messages_list | default([]) + [matrix_registration_api_result_message] }} From 04c6c11561f8ace31c377ece2ec7b2a99b6c9290 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:33:22 +0200 Subject: [PATCH 308/349] Install ntpd/systemd-timesync via com.devture.ansible.role.timesync --- group_vars/matrix_servers | 15 +++++++++++++++ requirements.yml | 3 +++ roles/custom/matrix-base/defaults/main.yml | 3 --- .../matrix-base/tasks/server_base/setup.yml | 6 ------ .../tasks/server_base/setup_debian.yml | 7 ------- .../tasks/server_base/setup_fedora.yml | 7 ------- .../tasks/server_base/setup_raspbian.yml | 7 ------- .../tasks/server_base/setup_redhat.yml | 7 ------- .../tasks/server_base/setup_redhat8.yml | 7 ------- .../tasks/validate_config.yml | 2 ++ setup.yml | 6 ++++++ 11 files changed, 26 insertions(+), 44 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a75be04a7..b549dc994 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -10,6 +10,21 @@ # by re-defining it in your own configuration file (`inventory/host_vars/matrix.`). +######################################################################## +# # +# com.devture.ansible.role.timesync # +# # +######################################################################## + +# To completely disable installing systemd-timesyncd/ntpd, use `devture_timesync_installation_enabled: false`. + +######################################################################## +# # +# /com.devture.ansible.role.timesync # +# # +######################################################################## + + ###################################################################### # diff --git a/requirements.yml b/requirements.yml index 9d6669af8..668f973ef 100644 --- a/requirements.yml +++ b/requirements.yml @@ -6,6 +6,9 @@ - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git version: 327d2e17f5189ac2480d6012f58cf64a2b46efba +- src: git+https://github.com/devture/com.devture.ansible.role.timesync.git + version: 461ace97fcf0e36c76747b36fcad8587d9b072f5 + - src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git version: 0857450721d525238ca230c9e6f8f8ad3a248564 diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index a18ba6b6b..40ee9e55a 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -134,9 +134,6 @@ matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_host_command_sh: "/usr/bin/env sh" -matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) else ('systemd' if ansible_os_family == 'Suse' else 'ntp') }}" -matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}" - matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" # Specifies where the homeserver's Client-Server API is on the container network. diff --git a/roles/custom/matrix-base/tasks/server_base/setup.yml b/roles/custom/matrix-base/tasks/server_base/setup.yml index 9e3319f5f..d0b9f0b95 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup.yml @@ -39,9 +39,3 @@ name: docker state: started enabled: true - -- name: "Ensure ntpd is started and autoruns" - ansible.builtin.service: - name: "{{ matrix_ntpd_service }}" - state: started - enabled: true diff --git a/roles/custom/matrix-base/tasks/server_base/setup_debian.yml b/roles/custom/matrix-base/tasks/server_base/setup_debian.yml index 271fab41f..412a11d02 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_debian.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_debian.yml @@ -25,13 +25,6 @@ update_cache: true when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure APT packages are installed - ansible.builtin.apt: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.apt: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml b/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml index 2c7d528fb..19d465718 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_fedora.yml @@ -17,13 +17,6 @@ key: https://download.docker.com/linux/fedora/gpg when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure yum packages are installed - ansible.builtin.yum: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.yum: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml index 18c6eb65e..6959b39c8 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_raspbian.yml @@ -25,13 +25,6 @@ update_cache: true when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure APT packages are installed - ansible.builtin.apt: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.apt: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml index 4e5c97d4d..dbddd9130 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_redhat.yml @@ -15,13 +15,6 @@ key: https://download.docker.com/linux/centos/gpg when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce' -- name: Ensure yum packages are installed - ansible.builtin.yum: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.yum: name: diff --git a/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml b/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml index 932dbab50..c303abb8f 100644 --- a/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml +++ b/roles/custom/matrix-base/tasks/server_base/setup_redhat8.yml @@ -22,13 +22,6 @@ state: present update_cache: true -- name: Ensure yum packages are installed - ansible.builtin.yum: - name: - - "{{ matrix_ntpd_package }}" - state: present - update_cache: true - - name: Ensure Docker is installed ansible.builtin.yum: name: diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 111016c9c..e5a0baddd 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -10,3 +10,5 @@ - {'old': 'matrix_vars_yml_snapshotting_enabled', 'new': 'devture_playbook_state_preserver_vars_preservation_enabled'} - {'old': 'matrix_vars_yml_snapshotting_src', 'new': 'devture_playbook_state_preserver_vars_preservation_src'} - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} + - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} + - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} diff --git a/setup.yml b/setup.yml index 24f5754bb..e3372802b 100755 --- a/setup.yml +++ b/setup.yml @@ -15,6 +15,12 @@ - role: custom/matrix_playbook_migration + - when: devture_timesync_installation_enabled | bool + role: galaxy/com.devture.ansible.role.timesync + tags: + - setup-timesync + - setup-all + - custom/matrix-base - custom/matrix-dynamic-dns - custom/matrix-mailer From f03f716989de07980f1b94f5c1ad7ef1f28f18da Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:37:47 +0200 Subject: [PATCH 309/349] matrix_systemd_unit_home_path -> devture_systemd_docker_base_systemd_unit_home_path (via com.devture.ansible.role.systemd_docker_base) --- .../templates/systemd/matrix-backup-borg.service.j2 | 2 +- roles/custom/matrix-base/defaults/main.yml | 5 ----- .../templates/systemd/matrix-bot-buscarron.service.j2 | 2 +- .../templates/systemd/matrix-bot-go-neb.service.j2 | 2 +- .../templates/systemd/matrix-bot-honoroit.service.j2 | 2 +- .../systemd/matrix-bot-matrix-registration-bot.service.j2 | 2 +- .../systemd/matrix-bot-matrix-reminder-bot.service.j2 | 2 +- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- .../templates/systemd/matrix-bot-mjolnir.service.j2 | 2 +- .../templates/systemd/matrix-bot-postmoogle.service.j2 | 2 +- .../templates/systemd/matrix-appservice-discord.service.j2 | 2 +- .../templates/systemd/matrix-appservice-irc.service.j2 | 2 +- .../systemd/matrix-appservice-kakaotalk-node.service.j2 | 2 +- .../templates/systemd/matrix-appservice-kakaotalk.service.j2 | 2 +- .../templates/systemd/matrix-appservice-slack.service.j2 | 2 +- .../templates/systemd/matrix-appservice-webhooks.service.j2 | 2 +- .../templates/systemd/matrix-beeper-linkedin.service.j2 | 2 +- .../templates/systemd/matrix-go-skype-bridge.service.j2 | 2 +- .../templates/systemd/matrix-heisenbridge.service.j2 | 2 +- .../templates/systemd/matrix-hookshot.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-discord.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-facebook.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-googlechat.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-hangouts.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-instagram.service.j2 | 2 +- .../systemd/matrix-mautrix-signal-daemon.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-signal.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-telegram.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-twitter.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-whatsapp.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-discord.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-groupme.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-instagram.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-slack.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-steam.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-twitter.service.j2 | 2 +- .../templates/systemd/matrix-sms-bridge.service.j2 | 2 +- .../templates/systemd/matrix-cactus-comments.service.j2 | 2 +- .../templates/systemd/matrix-client-cinny.service.j2 | 2 +- .../templates/systemd/matrix-client-element.service.j2 | 2 +- .../templates/systemd/matrix-client-hydrogen.service.j2 | 2 +- .../templates/conduit/systemd/matrix-conduit.service.j2 | 2 +- .../templates/systemd/matrix-corporal.service.j2 | 2 +- .../matrix-coturn/templates/systemd/matrix-coturn.service.j2 | 2 +- .../templates/dendrite/systemd/matrix-dendrite.service.j2 | 2 +- .../templates/systemd/matrix-dimension.service.j2 | 2 +- .../templates/systemd/matrix-dynamic-dns.service.j2 | 2 +- .../templates/systemd/matrix-email2matrix.service.j2 | 2 +- .../templates/systemd/matrix-etherpad.service.j2 | 2 +- .../templates/systemd/matrix-grafana.service.j2 | 2 +- .../templates/jicofo/matrix-jitsi-jicofo.service.j2 | 2 +- .../matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 | 2 +- .../templates/prosody/matrix-jitsi-prosody.service.j2 | 2 +- .../matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 | 2 +- .../systemd/matrix-ldap-registration-proxy.service.j2 | 2 +- .../matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 | 2 +- .../matrix-mailer/templates/systemd/matrix-mailer.service.j2 | 2 +- .../templates/systemd/matrix-nginx-proxy.service.j2 | 2 +- .../matrix-ssl-lets-encrypt-certificates-renew.service.j2 | 2 +- .../matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 | 2 +- .../templates/systemd/matrix-postgres-backup.service.j2 | 2 +- .../templates/systemd/matrix-postgres.service.j2 | 2 +- .../systemd/matrix-prometheus-node-exporter.service.j2 | 2 +- .../systemd/matrix-prometheus-postgres-exporter.service.j2 | 2 +- .../templates/systemd/matrix-prometheus.service.j2 | 2 +- .../templates/systemd/matrix-registration.service.j2 | 2 +- .../matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 | 2 +- .../templates/systemd/matrix-synapse-admin.service.j2 | 2 +- .../templates/goofys/systemd/matrix-goofys.service.j2 | 2 +- .../matrix-synapse-s3-storage-provider-migrate.service.j2 | 2 +- .../synapse/systemd/matrix-synapse-worker.service.j2 | 2 +- .../templates/synapse/systemd/matrix-synapse.service.j2 | 2 +- .../matrix_playbook_migration/tasks/validate_config.yml | 1 + 73 files changed, 72 insertions(+), 76 deletions(-) diff --git a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 index 76217250e..3436ac460 100644 --- a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 +++ b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=oneshot -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 40ee9e55a..1ca45c748 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -115,11 +115,6 @@ matrix_base_data_path_mode: "750" matrix_static_files_base_path: "{{ matrix_base_data_path }}/static-files" matrix_systemd_path: "/etc/systemd/system" -# Specifies the path to use for the `HOME` environment variable for systemd unit files. -# Docker 20.10 complains with `WARNING: Error loading config file: .dockercfg: $HOME is not defined` -# if `$HOME` is not defined, so we define something to make it happy. -matrix_systemd_unit_home_path: /root - # This is now unused. We keep it so that cleanup tasks can use it. # To be removed in the future. matrix_cron_path: "/etc/cron.d" diff --git a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 index fd6d03100..4c3abcba7 100644 --- a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 +++ b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 index 83eb3c7df..73b8175a2 100644 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 index 2bb141099..d5fe3b028 100644 --- a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 index e1aa89548..3fd9619c3 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index a9cf8bb84..19dfc3df5 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index a9e039869..998ec3c65 100644 --- a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 index 7ea6be378..b57951550 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' diff --git a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index fa45a3a4d..355c85a64 100644 --- a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index 0a527c0cd..bc565ec0b 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index 4bbda18eb..144ff6c6c 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 index 1a526ee61..47beccd18 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 index 83a8d4dc9..17076ae53 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index 017f352f3..35c3c9f0a 100644 --- a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index 556467b4b..e9a874574 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 index 37b4f67db..d2f61b189 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 +++ b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 index fe5ab2d6f..bd826d0db 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 index e27b88f1d..ac13e61ec 100644 --- a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 +++ b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-heisenbridge ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-heisenbridge diff --git a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 index 16ff05920..4916e37fa 100644 --- a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 +++ b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }} ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }} diff --git a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 3651840eb..4ee0fc5d4 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index 2103dd052..f15069f35 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 index 930b58c2a..e0bcb2e32 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index 10402a517..e1a6781e8 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ diff --git a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 index d2a6aece8..a15b37293 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index 31e68ea9b..68da20ba3 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -13,7 +13,7 @@ Wants={{ service }} [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 index d1ef85f33..369f1b970 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 @@ -13,7 +13,7 @@ Wants={{ service }} [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index 8b21ee2b4..b96ede6ac 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 index 0ce9a1239..67d68404e 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index ae44d3420..fa4df8010 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index 52b12c3d0..53db632b4 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 index afb46ecb7..d9f29a8a5 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index 262518fc2..21e93a739 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index 118d03696..ea97de7a3 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index f1079e3f7..6fd26b66f 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 5d7cfca61..816cbe34d 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' diff --git a/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 index 46c3463fd..2645d39c1 100644 --- a/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 +++ b/roles/custom/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-/usr/bin/docker kill matrix-sms-bridge ExecStartPre=-/usr/bin/docker rm matrix-sms-bridge diff --git a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 index 068255823..259f141a6 100644 --- a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 +++ b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' diff --git a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 index 3f15ac195..f9250530d 100644 --- a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 +++ b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' diff --git a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index 8d3dec570..aaed84b0f 100644 --- a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null || true' diff --git a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 index 0196d35b4..481ffb8ae 100644 --- a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' diff --git a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index 51b204f6d..90cf30743 100644 --- a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -8,7 +8,7 @@ After={{ service }} [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' diff --git a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 index d5661b5ab..95ab7c803 100644 --- a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 +++ b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null || true' diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 index 54bd015e7..17e0b015e 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null || true' diff --git a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index 69eca497c..941a24058 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' diff --git a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 index e514a74a1..8329f0ca6 100644 --- a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 +++ b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null || true' diff --git a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 index 6f2ff1011..ace0f90f4 100644 --- a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 +++ b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ diff --git a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 index 47c151172..4a098f26c 100644 --- a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 +++ b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' diff --git a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 index d96c42608..4be0f0043 100644 --- a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 +++ b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-etherpad ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-etherpad diff --git a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 index e0f580765..0748f6018 100644 --- a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 +++ b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 index 694fdc7f2..d9f425aa9 100644 --- a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 index f0b141fc0..4dd26c76c 100644 --- a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index 0c3a3932d..efeb31101 100644 --- a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' diff --git a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 index 8f29bfa82..8fa8f58da 100644 --- a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 +++ b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' diff --git a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index 13ada897b..5ffbae90b 100644 --- a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' diff --git a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index 427f6c9ff..394384603 100644 --- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' diff --git a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 index 83cd298ef..44a46a986 100644 --- a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 +++ b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null || true' diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index 74356ea93..49c4c0dd1 100755 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 index c14905ce5..c7f372d9a 100644 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.service.j2 @@ -3,5 +3,5 @@ Description=Renews Let's Encrypt SSL certificates [Service] Type=oneshot -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStart={{ matrix_local_bin_path }}/matrix-ssl-lets-encrypt-certificates-renew diff --git a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index f41598560..47a81dec4 100644 --- a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' diff --git a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 index 4ecf3745e..1622b222c 100644 --- a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 +++ b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} stop matrix-postgres-backup ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' diff --git a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 index b30c5ef21..264e9b9af 100644 --- a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 +++ b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null || true' diff --git a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 index d0bfa4cce..4f0b20091 100644 --- a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' diff --git a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 index ff8c2ce45..f607beaec 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' diff --git a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 index 56e13c134..45b905eb0 100644 --- a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 +++ b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 index 8acbd3a57..ade1bb03f 100644 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null || true' diff --git a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 index ae7e889db..938dcaf41 100644 --- a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 +++ b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' diff --git a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 index 6ed9eaae0..82bf7a2db 100644 --- a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 +++ b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 @@ -12,7 +12,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' diff --git a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 index df4a4f23a..790854468 100644 --- a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 @@ -7,7 +7,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_docker }} kill %n ExecStartPre=-{{ matrix_host_command_docker }} rm %n diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 index ea8f0c8cb..159681a0e 100644 --- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/systemd/matrix-synapse-s3-storage-provider-migrate.service.j2 @@ -3,5 +3,5 @@ Description=Migrates locally-stored Synapse media store files to S3 [Service] Type=oneshot -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStart={{ matrix_local_bin_path }}/matrix-synapse-s3-storage-provider-migrate diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 3855b850c..fdee677ce 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -6,7 +6,7 @@ After=matrix-synapse.service [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index f41cc54c8..d6b8706f5 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -20,7 +20,7 @@ DefaultDependencies=no [Service] Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null || true' {% if matrix_s3_media_store_enabled %} diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index e5a0baddd..ce00ab52f 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -12,3 +12,4 @@ - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} + - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} From 835d2e9581e5c4369e46375ef6811472f67cdcfa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:38:38 +0200 Subject: [PATCH 310/349] matrix_systemd_path -> devture_systemd_docker_base_systemd_path (via com.devture.ansible.role.systemd_docker_base) --- roles/custom/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml | 6 +++--- roles/custom/matrix-base/defaults/main.yml | 1 - .../templates/usr-local-bin/matrix-remove-all.j2 | 4 ++-- roles/custom/matrix-bot-buscarron/tasks/setup_install.yml | 2 +- .../custom/matrix-bot-buscarron/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-go-neb/tasks/setup_install.yml | 2 +- roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-honoroit/tasks/setup_install.yml | 2 +- .../custom/matrix-bot-honoroit/tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-maubot/tasks/setup_install.yml | 2 +- roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml | 2 +- roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-bot-postmoogle/tasks/setup_install.yml | 2 +- .../matrix-bot-postmoogle/tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../matrix-bridge-appservice-irc/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 8 ++++---- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-beeper-linkedin/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-go-skype-bridge/tasks/setup_install.yml | 2 +- .../matrix-bridge-heisenbridge/tasks/setup_install.yml | 2 +- .../matrix-bridge-heisenbridge/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-bridge-hookshot/tasks/setup_install.yml | 2 +- .../matrix-bridge-hookshot/tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-mautrix-discord/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-mautrix-signal/tasks/setup_install.yml | 4 ++-- .../tasks/setup_uninstall.yml | 8 ++++---- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../matrix-bridge-mautrix-twitter/tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-bridge-sms/tasks/setup_install.yml | 2 +- roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-cactus-comments/tasks/setup_install.yml | 2 +- .../matrix-cactus-comments/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-client-cinny/tasks/setup_install.yml | 2 +- .../custom/matrix-client-cinny/tasks/setup_uninstall.yml | 4 ++-- .../matrix-client-element/tasks/migrate_riot_web.yml | 4 ++-- .../custom/matrix-client-element/tasks/setup_install.yml | 2 +- .../matrix-client-element/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-client-hydrogen/tasks/setup_install.yml | 2 +- .../matrix-client-hydrogen/tasks/setup_uninstall.yml | 4 ++-- .../custom/matrix-conduit/tasks/conduit/setup_install.yml | 2 +- .../matrix-conduit/tasks/conduit/setup_uninstall.yml | 4 ++-- roles/custom/matrix-corporal/tasks/setup_corporal.yml | 8 ++++---- roles/custom/matrix-coturn/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-coturn/tasks/setup_uninstall.yml | 4 ++-- .../matrix-dendrite/tasks/dendrite/setup_install.yml | 2 +- .../matrix-dendrite/tasks/dendrite/setup_uninstall.yml | 4 ++-- roles/custom/matrix-dimension/tasks/setup_install.yml | 2 +- roles/custom/matrix-dimension/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-dynamic-dns/tasks/uninstall.yml | 4 ++-- roles/custom/matrix-email2matrix/tasks/setup_install.yml | 2 +- .../custom/matrix-email2matrix/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-etherpad/tasks/setup_install.yml | 2 +- roles/custom/matrix-etherpad/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-grafana/tasks/setup.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml | 6 +++--- roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml | 6 +++--- .../tasks/setup_install.yml | 2 +- .../tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml | 6 +++--- roles/custom/matrix-ma1sd/tasks/setup_install.yml | 2 +- roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-mailer/tasks/setup_mailer.yml | 6 +++--- .../custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 6 +++--- .../tasks/ssl/setup_ssl_lets_encrypt.yml | 4 ++-- roles/custom/matrix-ntfy/tasks/setup_install.yml | 2 +- roles/custom/matrix-ntfy/tasks/setup_uninstall.yml | 4 ++-- .../tasks/setup_postgres_backup.yml | 6 +++--- .../tasks/migrate_postgres_data_directory.yml | 2 +- roles/custom/matrix-postgres/tasks/setup_postgres.yml | 6 +++--- .../matrix-prometheus-node-exporter/tasks/setup.yml | 6 +++--- .../matrix-prometheus-postgres-exporter/tasks/setup.yml | 6 +++--- roles/custom/matrix-prometheus/tasks/setup_install.yml | 2 +- roles/custom/matrix-prometheus/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-redis/tasks/setup_redis.yml | 6 +++--- roles/custom/matrix-registration/tasks/setup_install.yml | 2 +- .../custom/matrix-registration/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-sygnal/tasks/setup_install.yml | 2 +- roles/custom/matrix-sygnal/tasks/setup_uninstall.yml | 4 ++-- roles/custom/matrix-synapse-admin/tasks/setup.yml | 6 +++--- .../tasks/ext/s3-storage-provider/setup_install.yml | 2 +- .../tasks/ext/s3-storage-provider/setup_uninstall.yml | 2 +- .../custom/matrix-synapse/tasks/goofys/setup_install.yml | 2 +- .../matrix-synapse/tasks/goofys/setup_uninstall.yml | 4 ++-- .../custom/matrix-synapse/tasks/synapse/setup_install.yml | 2 +- .../matrix-synapse/tasks/synapse/setup_uninstall.yml | 4 ++-- .../custom/matrix-synapse/tasks/synapse/workers/setup.yml | 2 +- .../tasks/synapse/workers/setup_install.yml | 2 +- .../tasks/synapse/workers/setup_uninstall.yml | 2 +- .../tasks/synapse/workers/util/setup_files_for_worker.yml | 2 +- .../matrix_playbook_migration/tasks/validate_config.yml | 1 + 120 files changed, 208 insertions(+), 208 deletions(-) diff --git a/roles/custom/matrix-backup-borg/tasks/setup_install.yml b/roles/custom/matrix-backup-borg/tasks/setup_install.yml index 9c7429b84..b9b442367 100644 --- a/roles/custom/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_install.yml @@ -96,14 +96,14 @@ - name: Ensure matrix-backup-borg.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-backup-borg.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-backup-borg.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.service" mode: 0644 register: matrix_backup_borg_systemd_service_result - name: Ensure matrix-backup-borg.timer installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-backup-borg.timer.j2" - dest: "{{ matrix_systemd_path }}/matrix-backup-borg.timer" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.timer" mode: 0644 register: matrix_backup_borg_systemd_timer_result diff --git a/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml b/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml index 37832b2b1..c4c1028d4 100644 --- a/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_uninstall.yml @@ -1,7 +1,7 @@ --- - name: Check existence of matrix-backup-borg service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-backup-borg.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.service" register: matrix_backup_borg_service_stat - name: Ensure matrix-backup-borg is stopped @@ -15,13 +15,13 @@ - name: Ensure matrix-backup-borg.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-backup-borg.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.service" state: absent when: "matrix_backup_borg_service_stat.stat.exists | bool" - name: Ensure matrix-backup-borg.timer doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-backup-borg.timer" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-backup-borg.timer" state: absent when: "matrix_backup_borg_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 1ca45c748..ebed1b3a0 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -113,7 +113,6 @@ matrix_base_data_path: "/matrix" matrix_base_data_path_mode: "750" matrix_static_files_base_path: "{{ matrix_base_data_path }}/static-files" -matrix_systemd_path: "/etc/systemd/system" # This is now unused. We keep it so that cleanup tasks can use it. # To be removed in the future. diff --git a/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 b/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 index f4b23b446..f9b174e57 100644 --- a/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 +++ b/roles/custom/matrix-base/templates/usr-local-bin/matrix-remove-all.j2 @@ -16,9 +16,9 @@ if [ "$sure" != "Yes, I really want to remove everything!" ]; then else echo "Stop and remove matrix services" - for s in $(find {{ matrix_systemd_path }}/ -type f -name "matrix-*" -printf "%f\n"); do + for s in $(find {{ devture_systemd_docker_base_systemd_path }}/ -type f -name "matrix-*" -printf "%f\n"); do systemctl disable --now $s - rm -f {{ matrix_systemd_path }}/$s + rm -f {{ devture_systemd_docker_base_systemd_path }}/$s done systemctl daemon-reload diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index 431989f80..fbb05bb13 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -87,7 +87,7 @@ - name: Ensure matrix-bot-buscarron.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-buscarron.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" mode: 0644 register: matrix_bot_buscarron_systemd_service_result diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml index 848d24d2b..cb3333bf2 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-buscarron service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" register: matrix_bot_buscarron_service_stat - name: Ensure matrix-buscarron is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-buscarron.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-buscarron.service" state: absent when: "matrix_bot_buscarron_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml index 522155972..c8345ce38 100644 --- a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml @@ -38,7 +38,7 @@ - name: Ensure matrix-bot-go-neb.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-go-neb.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" mode: 0644 register: matrix_bot_go_neb_systemd_service_result diff --git a/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml index 833910942..d5caa86b7 100644 --- a/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-go-neb/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-go-neb service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" register: matrix_bot_go_neb_service_stat - name: Ensure matrix-go-neb is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-go-neb.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-go-neb.service" state: absent when: "matrix_bot_go_neb_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 5ca63186b..197053209 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -87,7 +87,7 @@ - name: Ensure matrix-bot-honoroit.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-honoroit.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-honoroit.service" mode: 0644 register: matrix_bot_honoroit_systemd_service_result diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml index 54869e312..0fa83a02d 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-honoroit service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-honoroit.service" register: matrix_bot_honoroit_service_stat - name: Ensure matrix-honoroit is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-honoroit.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-honoroit.service" state: absent when: "matrix_bot_honoroit_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml index 5896ac620..505f844af 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml @@ -59,7 +59,7 @@ - name: Ensure matrix-bot-matrix-registration-bot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-registration-bot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-registration-bot.service" mode: 0644 register: matrix_bot_matrix_registration_bot_systemd_service_result diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml index 63bc53ad0..c7ee13652 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-matrix-registration-bot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-registration-bot.service" register: matrix_bot_matrix_registration_bot_service_stat - name: Ensure matrix-matrix-registration-bot is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-matrix-registration-bot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-registration-bot.service" state: absent when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 9418892d3..0592cacf2 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -88,7 +88,7 @@ - name: Ensure matrix-bot-matrix-reminder-bot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-reminder-bot.service" mode: 0644 register: matrix_bot_matrix_reminder_bot_systemd_service_result diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml index de9e04271..1b940f32e 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-matrix-reminder-bot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-reminder-bot.service" register: matrix_bot_matrix_reminder_bot_service_stat - name: Ensure matrix-matrix-reminder-bot is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-matrix-reminder-bot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-matrix-reminder-bot.service" state: absent when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml index 50e48254c..0619a47be 100644 --- a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml @@ -63,7 +63,7 @@ - name: Ensure matrix-bot-maubot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-maubot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-maubot.service" mode: 0644 register: matrix_bot_maubot_systemd_service_result diff --git a/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml index 6a5e7fdc4..33b8fc149 100644 --- a/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-maubot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-maubot.service" register: matrix_bot_maubot_service_stat - name: Ensure matrix-bot-maubot is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-maubot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-maubot.service" state: absent when: "matrix_bot_maubot_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml index b9bcf37d8..5e46e223c 100644 --- a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml @@ -62,7 +62,7 @@ - name: Ensure matrix-bot-mjolnir.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-mjolnir.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-mjolnir.service" mode: 0644 register: matrix_bot_mjolnir_systemd_service_result diff --git a/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml index afefcc489..708a7bb01 100644 --- a/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-mjolnir/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-bot-mjolnir service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-mjolnir.service" register: matrix_bot_mjolnir_service_stat - name: Ensure matrix-bot-mjolnir is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-mjolnir.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-mjolnir.service" state: absent when: "matrix_bot_mjolnir_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml index 852b5b1a4..e6bfa60ff 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml @@ -83,7 +83,7 @@ - name: Ensure matrix-bot-postmoogle.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-postmoogle.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" mode: 0644 register: matrix_bot_postmoogle_systemd_service_result diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml index 5502298cd..198df7d78 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-postmoogle service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" register: matrix_bot_postmoogle_service_stat - name: Ensure matrix-postmoogle is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-bot-postmoogle.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-postmoogle.service" state: absent when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index ffba95b69..0a2a89a3a 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -105,7 +105,7 @@ - name: Ensure matrix-appservice-discord.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-discord.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-discord.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-discord.service" mode: 0644 register: matrix_appservice_discord_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml index 83588d1c1..50d108fa5 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-discord service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-discord.service" register: matrix_appservice_discord_service_stat - name: Ensure matrix-appservice-discord is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-discord.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-discord.service" state: absent when: "matrix_appservice_discord_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index 97ae60c53..b6e938b09 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -30,7 +30,7 @@ - name: Check existence of matrix-appservice-irc service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" register: matrix_appservice_irc_service_stat - name: Ensure matrix-appservice-irc is stopped diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index 4b4614b17..f9a817796 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -193,7 +193,7 @@ - name: Ensure matrix-appservice-irc.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-irc.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" mode: 0644 register: matrix_appservice_irc_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml index 176317dec..8921d48e1 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-irc service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" register: matrix_appservice_irc_service_stat - name: Ensure matrix-appservice-irc is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-irc.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-irc.service" state: absent when: "matrix_appservice_irc_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml index 2dd334cb7..3d226e32b 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml @@ -108,14 +108,14 @@ - name: Ensure matrix-appservice-kakaotalk-node.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk-node.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk-node.service" mode: 0644 register: matrix_appservice_kakaotalk_node_systemd_service_result - name: Ensure matrix-appservice-kakaotalk.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk.service" mode: 0644 register: matrix_appservice_kakaotalk_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml index fb11c3833..8e46d80f9 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-kakaotalk service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk.service" register: matrix_appservice_kakaotalk_service_stat - name: Ensure matrix-appservice-kakaotalk is stopped @@ -15,7 +15,7 @@ - name: Check existence of matrix-appservice-kakaotalk-node service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk-node.service" register: matrix_appservice_kakaotalk_node_service_stat - name: Ensure matrix-appservice-kakaotalk-node is stopped @@ -31,8 +31,8 @@ path: "{{ item }}" state: absent with_items: - - "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service" - - "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service" + - "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk-node.service" + - "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-kakaotalk.service" when: "matrix_appservice_kakaotalk_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-appservice-kakaotalk service files removal diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml index d882d27d1..66a0afeeb 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -85,7 +85,7 @@ - name: Ensure matrix-appservice-slack.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-slack.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-slack.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-slack.service" mode: 0644 register: matrix_appservice_slack_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml index fa1aaf269..434f90676 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-slack service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-slack.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-slack.service" register: matrix_appservice_slack_service_stat - name: Ensure matrix-appservice-slack is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-slack.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-slack.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-slack.service" state: absent when: "matrix_appservice_slack_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 824b5b783..9a9bd54fb 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -84,7 +84,7 @@ - name: Ensure matrix-appservice-webhooks.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-appservice-webhooks.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-appservice-webhooks.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service" mode: 0644 register: matrix_appservice_webhooks_systemd_service_result diff --git a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml index 2b3c29d5e..960fe58b0 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-appservice-webhooks service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-appservice-webhooks.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service" register: matrix_appservice_webhooks_service_stat - name: Ensure matrix-appservice-webhooks is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-appservice-webhooks.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-appservice-webhooks.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service" state: absent when: "matrix_appservice_webhooks_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 97464adcf..8ddcb141d 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -93,7 +93,7 @@ - name: Ensure matrix-beeper-linkedin.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-beeper-linkedin.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-beeper-linkedin.service" mode: 0644 register: matrix_beeper_linkedin_systemd_service_result diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml index 25dbf82b0..4a75a4c7a 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-beeper-linkedin service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-beeper-linkedin.service" register: matrix_beeper_linkedin_service_stat - name: Ensure matrix-beeper-linkedin is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-beeper-linkedin.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-beeper-linkedin.service" state: absent when: "matrix_beeper_linkedin_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 001855fd1..5f61f4681 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -132,7 +132,7 @@ - name: Ensure matrix-go-skype-bridge.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-go-skype-bridge.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-go-skype-bridge.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-go-skype-bridge.service" mode: 0644 register: matrix_go_skype_bridge_systemd_service_result diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml index f8e1259bc..8943fab09 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml @@ -32,7 +32,7 @@ - name: Ensure matrix-heisenbridge.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-heisenbridge.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-heisenbridge.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-heisenbridge.service" mode: 0644 register: matrix_heisenbridge_systemd_service_result diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml index a0232295f..688ff9d47 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-heisenbridge service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-heisenbridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-heisenbridge.service" register: matrix_heisenbridge_service_stat - name: Ensure matrix-heisenbridge is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-heisenbridge.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-heisenbridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-heisenbridge.service" state: absent when: "matrix_heisenbridge_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 7c1cdf950..677c41370 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -106,7 +106,7 @@ - name: Ensure matrix-hookshot.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-hookshot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-hookshot.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-hookshot.service" mode: 0644 register: matrix_hookshot_systemd_service_result diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml index 5aba14de6..2028a34e1 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-hookshot service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-hookshot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-hookshot.service" register: matrix_hookshot_service_stat - name: Ensure matrix-hookshot is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-hookshot.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-hookshot.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-hookshot.service" state: absent when: "matrix_hookshot_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml index ef36acf53..ea783df9c 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -105,7 +105,7 @@ - name: Ensure matrix-mautrix-discord.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-discord.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-discord.service" mode: 0644 register: matrix_mautrix_discord_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml index 94fef89a2..d75f51647 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-discord service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-discord.service" register: matrix_mautrix_discord_service_stat - name: Ensure matrix-mautrix-discord is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-discord.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-discord.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-discord.service" state: absent when: "matrix_mautrix_discord_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 9ea0e7a4a..929cd92a0 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -122,7 +122,7 @@ - name: Ensure matrix-mautrix-facebook.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-facebook.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service" mode: 0644 register: matrix_mautrix_facebook_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml index 2635f1f55..fb235b54a 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-facebook service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service" register: matrix_mautrix_facebook_service_stat - name: Ensure matrix-mautrix-facebook is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-facebook.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service" state: absent when: "matrix_mautrix_facebook_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index 27ef80c65..13b380e2f 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -122,7 +122,7 @@ - name: Ensure matrix-mautrix-googlechat.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-googlechat.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-googlechat.service" mode: 0644 register: matrix_mautrix_googlechat_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml index 104e58a5f..37a4e6751 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-googlechat service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-googlechat.service" register: matrix_mautrix_googlechat_service_stat - name: Ensure matrix-mautrix-googlechat is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-googlechat.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-googlechat.service" state: absent when: "matrix_mautrix_googlechat_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 65241a332..f7b037797 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -122,7 +122,7 @@ - name: Ensure matrix-mautrix-hangouts.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-hangouts.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-hangouts.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-hangouts.service" mode: 0644 register: matrix_mautrix_hangouts_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml index 2cb676b5c..b7ff72393 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-hangouts service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-hangouts.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-hangouts.service" register: matrix_mautrix_hangouts_service_stat - name: Ensure matrix-mautrix-hangouts is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-hangouts.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-hangouts.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-hangouts.service" state: absent when: "matrix_mautrix_hangouts_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index 47076eb7e..b4c2bd839 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -75,7 +75,7 @@ - name: Ensure matrix-mautrix-instagram.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-instagram.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-instagram.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service" mode: 0644 register: matrix_mautrix_instagram_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml index 55d882d32..a029a90ac 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml @@ -1,7 +1,7 @@ --- - name: Check existence of matrix-mautrix-instagram service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-instagram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service" register: matrix_mautrix_instagram_service_stat - name: Ensure matrix-mautrix-instagram is stopped @@ -14,7 +14,7 @@ - name: Ensure matrix-mautrix-instagram.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-instagram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service" state: absent when: "matrix_mautrix_instagram_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 577e80a90..4f4aed49f 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -120,14 +120,14 @@ - name: Ensure matrix-mautrix-signal-daemon.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal-daemon.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service" mode: 0644 register: matrix_mautrix_signal_daemon_systemd_service_result - name: Ensure matrix-mautrix-signal.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service" mode: 0644 register: matrix_mautrix_signal_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml index befbcbec2..d98d28ba7 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml @@ -3,7 +3,7 @@ # Signal daemon service - name: Check existence of matrix-mautrix-signal-daemon service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service" register: matrix_mautrix_signal_daemon_service_stat - name: Ensure matrix-mautrix-signal-daemon is stopped @@ -16,14 +16,14 @@ - name: Ensure matrix-mautrix-signal-daemon.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service" state: absent when: "matrix_mautrix_signal_daemon_service_stat.stat.exists" # Bridge service - name: Check existence of matrix-mautrix-signal service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service" register: matrix_mautrix_signal_service_stat - name: Ensure matrix-mautrix-signal is stopped @@ -36,7 +36,7 @@ - name: Ensure matrix-mautrix-signal.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service" state: absent when: "matrix_mautrix_signal_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 05c5121a8..dfb0ec1ec 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -147,7 +147,7 @@ - name: Ensure matrix-mautrix-telegram.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-telegram.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-telegram.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-telegram.service" mode: 0644 register: matrix_mautrix_telegram_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml index f4a5f5690..90ca01951 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-telegram service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-telegram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-telegram.service" register: matrix_mautrix_telegram_service_stat - name: Ensure matrix-mautrix-telegram is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-telegram.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-telegram.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-telegram.service" state: absent when: "matrix_mautrix_telegram_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 485e8be4b..94c9e8e05 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -78,7 +78,7 @@ - name: Ensure matrix-mautrix-twitter.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-twitter.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-twitter.service" mode: 0644 register: matrix_mautrix_twitter_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml index 5ce64906c..5f6b14916 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-twitter service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-twitter.service" register: matrix_mautrix_twitter_service_stat - name: Ensure matrix-mautrix-twitter is stopped @@ -14,7 +14,7 @@ - name: Ensure matrix-mautrix-twitter.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-twitter.service" state: absent when: "matrix_mautrix_twitter_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index d50be0a4a..adf316f16 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -132,7 +132,7 @@ - name: Ensure matrix-mautrix-whatsapp.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mautrix-whatsapp.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-whatsapp.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service" mode: 0644 register: matrix_mautrix_whatsapp_systemd_service_result diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml index c531b530e..ff2150011 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-mautrix-whatsapp service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-whatsapp.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service" register: matrix_mautrix_whatsapp_service_stat - name: Ensure matrix-mautrix-whatsapp is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-mautrix-whatsapp.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-whatsapp.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service" state: absent when: "matrix_mautrix_whatsapp_service_stat.stat.exists" diff --git a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml index b4125e511..1da01b099 100644 --- a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml @@ -49,7 +49,7 @@ - name: Ensure matrix-sms-bridge.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-sms-bridge.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-sms-bridge.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sms-bridge.service" mode: 0644 register: matrix_sms_bridge_systemd_service_result diff --git a/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml b/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml index 322190f91..c7d0011ec 100644 --- a/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-bridge-sms/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-sms-bridge service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-sms-bridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sms-bridge.service" register: matrix_sms_bridge_service_stat - name: Ensure matrix-sms-bridge is stopped @@ -15,6 +15,6 @@ - name: Ensure matrix-sms-bridge.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-sms-bridge.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sms-bridge.service" state: absent when: "matrix_sms_bridge_service_stat.stat.exists" diff --git a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml index 7085290f9..b3ccb1c64 100644 --- a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml @@ -123,7 +123,7 @@ - name: Ensure matrix-cactus-comments.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-cactus-comments.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-cactus-comments.service" mode: 0644 register: matrix_cactus_comments_systemd_service_result diff --git a/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml b/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml index 3491d9125..bd46f252b 100644 --- a/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-cactus-comments/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-cactus-comments service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-cactus-comments.service" register: matrix_cactus_comments_service_stat - name: Ensure cactus comments is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-cactus-comments.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-cactus-comments.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-cactus-comments.service" state: absent when: "matrix_cactus_comments_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-client-cinny/tasks/setup_install.yml b/roles/custom/matrix-client-cinny/tasks/setup_install.yml index a39c7f9dd..a6a7fb25c 100644 --- a/roles/custom/matrix-client-cinny/tasks/setup_install.yml +++ b/roles/custom/matrix-client-cinny/tasks/setup_install.yml @@ -67,7 +67,7 @@ - name: Ensure matrix-client-cinny.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-client-cinny.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-client-cinny.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-cinny.service" mode: 0644 register: matrix_client_cinny_systemd_service_result diff --git a/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml b/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml index 6cc93e1be..5b67e819e 100644 --- a/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-cinny/tasks/setup_uninstall.yml @@ -1,7 +1,7 @@ --- - name: Check existence of matrix-client-cinny.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-client-cinny.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-cinny.service" register: matrix_client_cinny_service_stat - name: Ensure matrix-client-cinny is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-client-cinny.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-client-cinny.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-cinny.service" state: absent when: "matrix_client_cinny_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml b/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml index 23011e93b..bb62b7ce5 100644 --- a/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml +++ b/roles/custom/matrix-client-element/tasks/migrate_riot_web.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-riot-web.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-riot-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-riot-web.service" register: matrix_client_riot_web_service_stat when: "matrix_client_element_enabled | bool" @@ -17,7 +17,7 @@ - name: Ensure matrix-riot-web.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-riot-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-riot-web.service" state: absent when: "matrix_client_element_enabled | bool and matrix_client_riot_web_service_stat.stat.exists" diff --git a/roles/custom/matrix-client-element/tasks/setup_install.yml b/roles/custom/matrix-client-element/tasks/setup_install.yml index 044ed6113..553b144de 100644 --- a/roles/custom/matrix-client-element/tasks/setup_install.yml +++ b/roles/custom/matrix-client-element/tasks/setup_install.yml @@ -93,7 +93,7 @@ - name: Ensure matrix-client-element.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-client-element.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-client-element.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-element.service" mode: 0644 register: matrix_client_element_systemd_service_result diff --git a/roles/custom/matrix-client-element/tasks/setup_uninstall.yml b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml index c40a4fc66..3a1de4094 100644 --- a/roles/custom/matrix-client-element/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-element/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-client-element.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-client-element.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-element.service" register: matrix_client_element_service_stat - name: Ensure matrix-client-element is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-client-element.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-client-element.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-element.service" state: absent when: "matrix_client_element_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml index dfd0607bf..9509a44b1 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml @@ -71,7 +71,7 @@ - name: Ensure matrix-client-hydrogen.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-client-hydrogen.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-hydrogen.service" mode: 0644 register: matrix_client_hydrogen_systemd_service_result diff --git a/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml index 49d2f4cac..090ce5673 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-client-hydrogen.service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-hydrogen.service" register: matrix_client_hydrogen_service_stat - name: Ensure matrix-client-hydrogen is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-client-hydrogen.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-client-hydrogen.service" state: absent when: "matrix_client_hydrogen_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml index cf8c66577..a5177bec4 100644 --- a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml @@ -37,7 +37,7 @@ - name: Ensure matrix-conduit.service installed ansible.builtin.template: src: "{{ role_path }}/templates/conduit/systemd/matrix-conduit.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-conduit.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduit.service" mode: 0644 register: matrix_conduit_systemd_service_result diff --git a/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml index 1bba9a9e0..efe7d40a0 100644 --- a/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml +++ b/roles/custom/matrix-conduit/tasks/conduit/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-conduit service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-conduit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduit.service" register: matrix_conduit_service_stat - name: Ensure matrix-conduit is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-conduit.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-conduit.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-conduit.service" state: absent when: "matrix_conduit_service_stat.stat.exists" diff --git a/roles/custom/matrix-corporal/tasks/setup_corporal.yml b/roles/custom/matrix-corporal/tasks/setup_corporal.yml index e4fce8976..6e9f290c6 100644 --- a/roles/custom/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/custom/matrix-corporal/tasks/setup_corporal.yml @@ -64,7 +64,7 @@ - name: Ensure matrix-corporal.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-corporal.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-corporal.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" mode: 0644 register: matrix_corporal_systemd_service_result when: matrix_corporal_enabled | bool @@ -81,7 +81,7 @@ - name: Check existence of matrix-corporal service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-corporal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" register: matrix_corporal_service_stat when: "not matrix_corporal_enabled | bool" @@ -96,7 +96,7 @@ - name: Ensure matrix-corporal.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-corporal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" state: absent when: "not matrix_corporal_enabled | bool and matrix_corporal_service_stat.stat.exists" @@ -110,7 +110,7 @@ path: "{{ item }}" state: absent with_items: - - "{{ matrix_systemd_path }}/matrix-corporal.service" + - "{{ devture_systemd_docker_base_systemd_path }}/matrix-corporal.service" - "{{ matrix_corporal_config_dir_path }}/config.json" when: "not matrix_corporal_enabled | bool" diff --git a/roles/custom/matrix-coturn/tasks/setup_install.yml b/roles/custom/matrix-coturn/tasks/setup_install.yml index ef44c073f..02e0a26b0 100644 --- a/roles/custom/matrix-coturn/tasks/setup_install.yml +++ b/roles/custom/matrix-coturn/tasks/setup_install.yml @@ -76,7 +76,7 @@ - name: Ensure matrix-coturn.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-coturn.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-coturn.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-coturn.service" mode: 0644 register: matrix_coturn_systemd_service_change_results @@ -86,7 +86,7 @@ - name: Ensure reloading systemd units installed, if necessary ansible.builtin.template: src: "{{ role_path }}/templates/systemd/{{ item }}.j2" - dest: "{{ matrix_systemd_path }}/{{ item }}" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" mode: 0644 register: "matrix_coturn_systemd_service_change_results" when: "matrix_coturn_tls_enabled | bool" diff --git a/roles/custom/matrix-coturn/tasks/setup_uninstall.yml b/roles/custom/matrix-coturn/tasks/setup_uninstall.yml index 5dd2788ef..bf71b90ae 100644 --- a/roles/custom/matrix-coturn/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-coturn/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-coturn service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-coturn.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-coturn.service" register: matrix_coturn_service_stat when: "not matrix_coturn_enabled | bool" @@ -25,7 +25,7 @@ - name: Ensure systemd units don't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/{{ item }}" + path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" state: absent register: matrix_coturn_systemd_unit_uninstallation_result with_items: diff --git a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml index 98090e156..f75b0e10d 100644 --- a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml +++ b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml @@ -65,7 +65,7 @@ - name: Ensure matrix-dendrite.service installed ansible.builtin.template: src: "{{ role_path }}/templates/dendrite/systemd/matrix-dendrite.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-dendrite.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dendrite.service" mode: 0644 register: matrix_dendrite_systemd_service_result diff --git a/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml index 6a2ea5b1d..ce3e34769 100644 --- a/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml +++ b/roles/custom/matrix-dendrite/tasks/dendrite/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-dendrite service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-dendrite.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dendrite.service" register: matrix_dendrite_service_stat - name: Ensure matrix-dendrite is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-dendrite.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-dendrite.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dendrite.service" state: absent when: "matrix_dendrite_service_stat.stat.exists" diff --git a/roles/custom/matrix-dimension/tasks/setup_install.yml b/roles/custom/matrix-dimension/tasks/setup_install.yml index a16d0407a..52507ebb4 100644 --- a/roles/custom/matrix-dimension/tasks/setup_install.yml +++ b/roles/custom/matrix-dimension/tasks/setup_install.yml @@ -124,7 +124,7 @@ - name: Ensure matrix-dimension.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-dimension.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-dimension.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dimension.service" mode: 0644 register: matrix_dimension_systemd_service_result diff --git a/roles/custom/matrix-dimension/tasks/setup_uninstall.yml b/roles/custom/matrix-dimension/tasks/setup_uninstall.yml index c939e66ae..8a5f5c755 100644 --- a/roles/custom/matrix-dimension/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-dimension/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-dimension service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-dimension.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dimension.service" register: matrix_dimension_service_stat - name: Ensure matrix-dimension is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-dimension.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-dimension.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dimension.service" state: absent when: "matrix_dimension_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml b/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml index 5e6b429cf..7b4e76671 100644 --- a/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml +++ b/roles/custom/matrix-dynamic-dns/tasks/uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-dynamic-dns service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-dynamic-dns.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dynamic-dns.service" register: matrix_dynamic_dns_service_stat - name: Ensure matrix-dynamic-dns is stopped @@ -15,7 +15,7 @@ - name: Ensure matrix-dynamic-dns.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-dynamic-dns.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-dynamic-dns.service" state: absent when: "matrix_dynamic_dns_service_stat.stat.exists" diff --git a/roles/custom/matrix-email2matrix/tasks/setup_install.yml b/roles/custom/matrix-email2matrix/tasks/setup_install.yml index a6399a4ef..39fcfdb84 100644 --- a/roles/custom/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/custom/matrix-email2matrix/tasks/setup_install.yml @@ -59,7 +59,7 @@ - name: Ensure matrix-email2matrix.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-email2matrix.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-email2matrix.service" mode: 0644 register: matrix_email2matrix_systemd_service_result diff --git a/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml index 6aec40d2e..c9600d0c9 100644 --- a/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-email2matrix/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-email2matrix service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-email2matrix.service" register: matrix_email2matrix_service_stat - name: Ensure matrix-email2matrix is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-email2matrix.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-email2matrix.service" state: absent when: "matrix_email2matrix_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-etherpad/tasks/setup_install.yml b/roles/custom/matrix-etherpad/tasks/setup_install.yml index 4974bd47b..2dfb39c5b 100644 --- a/roles/custom/matrix-etherpad/tasks/setup_install.yml +++ b/roles/custom/matrix-etherpad/tasks/setup_install.yml @@ -30,7 +30,7 @@ - name: Ensure matrix-etherpad.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-etherpad.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-etherpad.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-etherpad.service" mode: 0644 register: matrix_etherpad_systemd_service_result diff --git a/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml b/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml index 1a5d003e1..7d93b9ab2 100644 --- a/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-etherpad/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-etherpad service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-etherpad.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-etherpad.service" register: matrix_etherpad_service_stat - name: Ensure matrix-etherpad is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-etherpad.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-etherpad.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-etherpad.service" state: absent when: "matrix_etherpad_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-grafana/tasks/setup.yml b/roles/custom/matrix-grafana/tasks/setup.yml index 9198ffd8c..b86316b91 100644 --- a/roles/custom/matrix-grafana/tasks/setup.yml +++ b/roles/custom/matrix-grafana/tasks/setup.yml @@ -78,7 +78,7 @@ - name: Ensure matrix-grafana.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-grafana.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-grafana.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-grafana.service" mode: 0644 register: matrix_grafana_systemd_service_result when: matrix_grafana_enabled | bool @@ -94,7 +94,7 @@ - name: Check existence of matrix-grafana service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-grafana.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-grafana.service" register: matrix_grafana_service_stat - name: Ensure matrix-grafana is stopped @@ -108,7 +108,7 @@ - name: Ensure matrix-grafana.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-grafana.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-grafana.service" state: absent when: "not matrix_grafana_enabled | bool and matrix_grafana_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml index 5654fe3d5..897deceea 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml @@ -52,7 +52,7 @@ - name: Ensure matrix-jitsi-jicofo.service installed ansible.builtin.template: src: "{{ role_path }}/templates/jicofo/matrix-jitsi-jicofo.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-jicofo.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service" mode: 0644 register: matrix_jitsi_jicofo_systemd_service_result when: matrix_jitsi_enabled | bool @@ -68,7 +68,7 @@ - name: Check existence of matrix-jitsi-jicofo service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jicofo.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service" register: matrix_jitsi_jicofo_service_stat when: "not matrix_jitsi_enabled | bool" @@ -83,7 +83,7 @@ - name: Ensure matrix-jitsi-jicofo.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jicofo.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jicofo.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_jicofo_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml index 9a50f8c62..38a7571d0 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml @@ -52,7 +52,7 @@ - name: Ensure matrix-jitsi-jvb.service installed ansible.builtin.template: src: "{{ role_path }}/templates/jvb/matrix-jitsi-jvb.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-jvb.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service" mode: 0644 register: matrix_jitsi_jvb_systemd_service_result when: matrix_jitsi_enabled | bool @@ -68,7 +68,7 @@ - name: Check existence of matrix-jitsi-jvb service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jvb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service" register: matrix_jitsi_jvb_service_stat when: "not matrix_jitsi_enabled | bool" @@ -83,7 +83,7 @@ - name: Ensure matrix-jitsi-jvb.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-jvb.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-jvb.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_jvb_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml index 8ba99f91d..9f76e1e6f 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -41,7 +41,7 @@ - name: Ensure matrix-jitsi-prosody.service file is installed ansible.builtin.template: src: "{{ role_path }}/templates/prosody/matrix-jitsi-prosody.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service" mode: 0644 register: matrix_jitsi_prosody_systemd_service_result when: matrix_jitsi_enabled | bool @@ -65,7 +65,7 @@ - name: Ensure matrix-jitsi-prosody.service file exists ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service" register: matrix_jitsi_prosody_service_stat when: "not matrix_jitsi_enabled | bool" @@ -80,7 +80,7 @@ - name: Ensure matrix-jitsi-prosody.service file doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-prosody.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-prosody.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_prosody_service_stat.stat.exists" diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml index 9326ee610..ae6fa08e8 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml @@ -54,7 +54,7 @@ - name: Ensure matrix-jitsi-web.service installed ansible.builtin.template: src: "{{ role_path }}/templates/web/matrix-jitsi-web.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-jitsi-web.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service" mode: 0644 register: matrix_jitsi_web_systemd_service_result when: matrix_jitsi_enabled | bool @@ -70,7 +70,7 @@ - name: Check existence of matrix-jitsi-web service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-jitsi-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service" register: matrix_jitsi_web_service_stat when: "not matrix_jitsi_enabled | bool" @@ -85,7 +85,7 @@ - name: Ensure matrix-jitsi-web.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-jitsi-web.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-jitsi-web.service" state: absent when: "not matrix_jitsi_enabled | bool and matrix_jitsi_web_service_stat.stat.exists" diff --git a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml index 97b7e8eb0..3ac8f9b8d 100644 --- a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml +++ b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_install.yml @@ -47,7 +47,7 @@ - name: Ensure matrix-ldap-registration-proxy.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-ldap-registration-proxy.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ldap-registration-proxy.service" mode: 0644 register: matrix_ldap_registration_proxy_systemd_service_result diff --git a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml index 96ab0b67a..ed19ad9c1 100644 --- a/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-ldap-registration-proxy/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-matrix_ldap_registration_proxy service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ldap-registration-proxy.service" register: matrix_ldap_registration_proxy_service_stat - name: Ensure matrix-matrix_ldap_registration_proxy is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-ldap-registration-proxy.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-ldap-registration-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ldap-registration-proxy.service" state: absent when: "matrix_ldap_registration_proxy_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml b/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml index 3ba7b14d4..ee7228959 100644 --- a/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml +++ b/roles/custom/matrix-ma1sd/tasks/migrate_mxisd.yml @@ -16,7 +16,7 @@ - name: Check existence of old matrix-mxisd service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mxisd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mxisd.service" register: matrix_mxisd_service_stat - name: Ensure matrix-mxisd is stopped @@ -29,7 +29,7 @@ - name: Check existence of matrix-ma1sd service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" register: matrix_ma1sd_service_stat when: "ma1sd_migrate_mxisd_data_dir_stat.stat.exists" @@ -70,7 +70,7 @@ - name: Ensure outdated matrix-mxisd.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mxisd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mxisd.service" state: absent when: "matrix_mxisd_service_stat.stat.exists" diff --git a/roles/custom/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml index e474d906c..51e34dac4 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -162,7 +162,7 @@ - name: Ensure matrix-ma1sd.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-ma1sd.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" mode: 0644 register: matrix_ma1sd_systemd_service_result diff --git a/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml b/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml index 0349ec32e..c7e8bf633 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-ma1sd service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" register: matrix_ma1sd_service_stat - name: Ensure matrix-ma1sd is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-ma1sd.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-ma1sd.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service" state: absent when: "matrix_ma1sd_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-mailer/tasks/setup_mailer.yml b/roles/custom/matrix-mailer/tasks/setup_mailer.yml index 36ec80164..fbc16a934 100644 --- a/roles/custom/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/custom/matrix-mailer/tasks/setup_mailer.yml @@ -61,7 +61,7 @@ - name: Ensure matrix-mailer.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-mailer.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mailer.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service" mode: 0644 register: matrix_mailer_systemd_service_result when: matrix_mailer_enabled | bool @@ -77,7 +77,7 @@ - name: Check existence of matrix-mailer service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-mailer.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service" register: matrix_mailer_service_stat when: "not matrix_mailer_enabled | bool" @@ -92,7 +92,7 @@ - name: Ensure matrix-mailer.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-mailer.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mailer.service" state: absent when: "not matrix_mailer_enabled | bool and matrix_mailer_service_stat.stat.exists" diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 11a1cc069..04cd8610f 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -207,7 +207,7 @@ - name: Ensure matrix-nginx-proxy.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-nginx-proxy.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service" mode: 0644 register: matrix_nginx_proxy_systemd_service_result when: matrix_nginx_proxy_enabled | bool @@ -224,7 +224,7 @@ - name: Check existence of matrix-nginx-proxy service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service" register: matrix_nginx_proxy_service_stat when: "not matrix_nginx_proxy_enabled | bool" @@ -239,7 +239,7 @@ - name: Ensure matrix-nginx-proxy.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-nginx-proxy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service" state: absent when: "not matrix_nginx_proxy_enabled | bool and matrix_nginx_proxy_service_stat.stat.exists" diff --git a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml index b212752c9..77361f3ff 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml @@ -43,7 +43,7 @@ - name: Ensure SSL renewal systemd units installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/{{ item.name }}.j2" - dest: "{{ matrix_systemd_path }}/{{ item.name }}" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ item.name }}" mode: 0644 when: "item.applicable | bool" with_items: "{{ matrix_ssl_renewal_systemd_units_list }}" @@ -56,7 +56,7 @@ block: - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed ansible.builtin.file: - path: "{{ matrix_systemd_path }}/{{ item.name }}" + path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item.name }}" state: absent when: "not item.applicable | bool" with_items: "{{ matrix_ssl_renewal_systemd_units_list }}" diff --git a/roles/custom/matrix-ntfy/tasks/setup_install.yml b/roles/custom/matrix-ntfy/tasks/setup_install.yml index ef50c42a1..d6b4513f7 100644 --- a/roles/custom/matrix-ntfy/tasks/setup_install.yml +++ b/roles/custom/matrix-ntfy/tasks/setup_install.yml @@ -34,7 +34,7 @@ - name: Ensure matrix-ntfy.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-ntfy.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-ntfy.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ntfy.service" mode: 0644 register: matrix_ntfy_systemd_service_result diff --git a/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml b/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml index d5da1d8e6..e0eedfd83 100644 --- a/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-ntfy/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-ntfy service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-ntfy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ntfy.service" register: matrix_ntfy_service_stat - name: Ensure matrix-ntfy is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-ntfy.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-ntfy.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ntfy.service" state: absent when: "matrix_ntfy_service_stat.stat.exists" diff --git a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index 55980d3cd..8d59462d0 100644 --- a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -53,7 +53,7 @@ - name: Ensure matrix-postgres-backup.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-postgres-backup.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-postgres-backup.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres-backup.service" mode: 0644 register: matrix_postgres_backup_systemd_service_result when: matrix_postgres_backup_enabled | bool @@ -69,7 +69,7 @@ - name: Check existence of matrix-postgres-backup service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-postgres-backup.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres-backup.service" register: matrix_postgres_backup_service_stat when: "not matrix_postgres_backup_enabled | bool" @@ -83,7 +83,7 @@ - name: Ensure matrix-postgres-backup.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-postgres-backup.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres-backup.service" state: absent when: "not matrix_postgres_backup_enabled | bool and matrix_postgres_backup_service_stat.stat.exists" diff --git a/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml b/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml index 0e3a606d5..062a05c4a 100644 --- a/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_postgres_data_directory.yml @@ -68,7 +68,7 @@ - name: Ensure outdated matrix-postgres.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-postgres.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" state: absent when: "result_pg_old_data_dir_stat.stat.exists" diff --git a/roles/custom/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml index a989e9692..1435d3615 100644 --- a/roles/custom/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/setup_postgres.yml @@ -121,7 +121,7 @@ - name: Ensure matrix-postgres.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-postgres.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-postgres.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" mode: 0644 register: matrix_postgres_systemd_service_result when: matrix_postgres_enabled | bool @@ -163,7 +163,7 @@ - name: Check existence of matrix-postgres service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-postgres.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" register: matrix_postgres_service_stat when: "not matrix_postgres_enabled | bool" @@ -176,7 +176,7 @@ - name: Ensure matrix-postgres.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-postgres.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-postgres.service" state: absent when: "not matrix_postgres_enabled | bool and matrix_postgres_service_stat.stat.exists" diff --git a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml index 370b23d13..5820e3de6 100644 --- a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml @@ -19,7 +19,7 @@ - name: Ensure matrix-prometheus-node-exporter.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-prometheus-node-exporter.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-prometheus-node-exporter.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-node-exporter.service" mode: 0644 register: matrix_prometheus_node_exporter_systemd_service_result when: matrix_prometheus_node_exporter_enabled | bool @@ -35,7 +35,7 @@ - name: Check existence of matrix-prometheus-node-exporter service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-prometheus-node-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-node-exporter.service" register: matrix_prometheus_node_exporter_service_stat - name: Ensure matrix-prometheus-node-exporter is stopped @@ -49,7 +49,7 @@ - name: Ensure matrix-prometheus-node-exporter.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-prometheus-node-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-node-exporter.service" state: absent when: "not matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_service_stat.stat.exists" diff --git a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml index dda614da8..c322aa4e5 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml @@ -19,7 +19,7 @@ - name: Ensure matrix-prometheus-postgres-exporter.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-prometheus-postgres-exporter.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-prometheus-postgres-exporter.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-postgres-exporter.service" mode: 0644 register: matrix_prometheus_postgres_exporter_systemd_service_result when: matrix_prometheus_postgres_exporter_enabled | bool @@ -35,7 +35,7 @@ - name: Check existence of matrix-prometheus-postgres-exporter service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-prometheus-postgres-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-postgres-exporter.service" register: matrix_prometheus_postgres_exporter_service_stat - name: Ensure matrix-prometheus-postgres-exporter is stopped @@ -49,7 +49,7 @@ - name: Ensure matrix-prometheus-postgres-exporter.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-prometheus-postgres-exporter.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus-postgres-exporter.service" state: absent when: "not matrix_prometheus_postgres_exporter_enabled | bool and matrix_prometheus_postgres_exporter_service_stat.stat.exists" diff --git a/roles/custom/matrix-prometheus/tasks/setup_install.yml b/roles/custom/matrix-prometheus/tasks/setup_install.yml index 928b1ab5f..728bbdde4 100644 --- a/roles/custom/matrix-prometheus/tasks/setup_install.yml +++ b/roles/custom/matrix-prometheus/tasks/setup_install.yml @@ -48,7 +48,7 @@ - name: Ensure matrix-prometheus.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-prometheus.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-prometheus.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus.service" mode: 0644 register: matrix_prometheus_systemd_service_result diff --git a/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml b/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml index 7dd944591..5fe145fc3 100644 --- a/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-prometheus/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-prometheus service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-prometheus.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus.service" register: matrix_prometheus_service_stat - name: Ensure matrix-prometheus is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-prometheus.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-prometheus.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-prometheus.service" state: absent when: "matrix_prometheus_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-redis/tasks/setup_redis.yml b/roles/custom/matrix-redis/tasks/setup_redis.yml index f3b047c09..a09044f4d 100644 --- a/roles/custom/matrix-redis/tasks/setup_redis.yml +++ b/roles/custom/matrix-redis/tasks/setup_redis.yml @@ -52,7 +52,7 @@ - name: Ensure matrix-redis.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-redis.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-redis.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-redis.service" mode: 0644 register: matrix_redis_systemd_service_result when: matrix_redis_enabled | bool @@ -68,7 +68,7 @@ - name: Check existence of matrix-redis service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-redis.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-redis.service" register: matrix_redis_service_stat when: "not matrix_redis_enabled | bool" @@ -82,7 +82,7 @@ - name: Ensure matrix-redis.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-redis.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-redis.service" state: absent when: "not matrix_redis_enabled | bool and matrix_redis_service_stat.stat.exists" diff --git a/roles/custom/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml index cfed9a54c..4d82a2e4c 100644 --- a/roles/custom/matrix-registration/tasks/setup_install.yml +++ b/roles/custom/matrix-registration/tasks/setup_install.yml @@ -101,7 +101,7 @@ - name: Ensure matrix-registration.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-registration.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-registration.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" mode: 0644 register: matrix_registration_systemd_service_result diff --git a/roles/custom/matrix-registration/tasks/setup_uninstall.yml b/roles/custom/matrix-registration/tasks/setup_uninstall.yml index 70e4fe97e..623db421e 100644 --- a/roles/custom/matrix-registration/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-registration/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-registration service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-registration.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" register: matrix_registration_service_stat - name: Ensure matrix-registration is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-registration.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-registration.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-registration.service" state: absent when: "matrix_registration_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-sygnal/tasks/setup_install.yml b/roles/custom/matrix-sygnal/tasks/setup_install.yml index e5c41bf00..64bca58e4 100644 --- a/roles/custom/matrix-sygnal/tasks/setup_install.yml +++ b/roles/custom/matrix-sygnal/tasks/setup_install.yml @@ -34,7 +34,7 @@ - name: Ensure matrix-sygnal.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-sygnal.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-sygnal.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sygnal.service" mode: 0644 register: matrix_sygnal_systemd_service_result diff --git a/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml b/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml index dc752def3..e398f7a99 100644 --- a/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml +++ b/roles/custom/matrix-sygnal/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-sygnal service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-sygnal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sygnal.service" register: matrix_sygnal_service_stat - name: Ensure matrix-sygnal is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-sygnal.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-sygnal.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-sygnal.service" state: absent when: "matrix_sygnal_service_stat.stat.exists | bool" diff --git a/roles/custom/matrix-synapse-admin/tasks/setup.yml b/roles/custom/matrix-synapse-admin/tasks/setup.yml index 1dfa68a24..2dc2769ba 100644 --- a/roles/custom/matrix-synapse-admin/tasks/setup.yml +++ b/roles/custom/matrix-synapse-admin/tasks/setup.yml @@ -42,7 +42,7 @@ - name: Ensure matrix-synapse-admin.service installed ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-synapse-admin.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-synapse-admin.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse-admin.service" mode: 0644 register: matrix_synapse_admin_systemd_service_result when: matrix_synapse_admin_enabled | bool @@ -58,7 +58,7 @@ - name: Check existence of matrix-synapse-admin service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-synapse-admin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse-admin.service" register: matrix_synapse_admin_service_stat - name: Ensure matrix-synapse-admin is stopped @@ -72,7 +72,7 @@ - name: Ensure matrix-synapse-admin.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-synapse-admin.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse-admin.service" state: absent when: "not matrix_synapse_admin_enabled | bool and matrix_synapse_admin_service_stat.stat.exists" diff --git a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml index 796842704..684fb2c99 100644 --- a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_install.yml @@ -39,7 +39,7 @@ - name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer are installed ansible.builtin.template: src: "{{ role_path }}/templates/synapse/ext/s3-storage-provider/systemd/{{ item }}.j2" - dest: "{{ matrix_systemd_path }}/{{ item }}" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" mode: 0640 with_items: - matrix-synapse-s3-storage-provider-migrate.service diff --git a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml index 205a55417..a828070c9 100644 --- a/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/ext/s3-storage-provider/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Ensure matrix-synapse-s3-storage-provider-migrate.service and timer don't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/{{ item }}" + path: "{{ devture_systemd_docker_base_systemd_path }}/{{ item }}" state: absent with_items: - matrix-synapse-s3-storage-provider-migrate.timer diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml index 01eee8b87..6821813ea 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml @@ -39,7 +39,7 @@ - name: Ensure matrix-goofys.service installed ansible.builtin.template: src: "{{ role_path }}/templates/goofys/systemd/matrix-goofys.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-goofys.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-goofys.service" mode: 0644 register: matrix_goofys_systemd_service_result diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml index 1e9f166dc..ddfa5cf60 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-goofys service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-goofys.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-goofys.service" register: matrix_goofys_service_stat - name: Ensure matrix-goofys is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-goofys.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-goofys.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-goofys.service" state: absent when: "matrix_goofys_service_stat.stat.exists" diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml index 86395db2d..111a7a989 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml @@ -125,7 +125,7 @@ - name: Ensure matrix-synapse.service installed ansible.builtin.template: src: "{{ role_path }}/templates/synapse/systemd/matrix-synapse.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-synapse.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service" mode: 0644 register: matrix_synapse_systemd_service_result diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml index ac79f3709..17fa8a4fa 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-synapse service ansible.builtin.stat: - path: "{{ matrix_systemd_path }}/matrix-synapse.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service" register: matrix_synapse_service_stat - name: Ensure matrix-synapse is stopped @@ -16,7 +16,7 @@ - name: Ensure matrix-synapse.service doesn't exist ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-synapse.service" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service" state: absent when: "matrix_synapse_service_stat.stat.exists" diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml index 836d5a668..1458cc0a2 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/setup.yml @@ -4,7 +4,7 @@ # This is a temporary cleanup for people who ran that version. - name: Ensure old matrix-synapse.service.wants directory is gone ansible.builtin.file: - path: "{{ matrix_systemd_path }}/matrix-synapse.service.wants" + path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-synapse.service.wants" state: absent # Same. This was part of a previous version of the worker setup. diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml index c264805ae..74ca6c358 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_install.yml @@ -16,7 +16,7 @@ - name: Determine current worker systemd services ansible.builtin.find: - path: "{{ matrix_systemd_path }}" + path: "{{ devture_systemd_docker_base_systemd_path }}" patterns: "matrix-synapse-worker.*.service" use_regex: true register: matrix_synapse_workers_current_systemd_services diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml index 98c81a2e5..2b0d21df4 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml @@ -25,7 +25,7 @@ - name: Find worker systemd services to be cleaned ansible.builtin.find: - path: "{{ matrix_systemd_path }}" + path: "{{ devture_systemd_docker_base_systemd_path }}" patterns: "matrix-synapse-worker.*.service" use_regex: true register: matrix_synapse_workers_current_systemd_services diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml index d3f309175..6910445e2 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/util/setup_files_for_worker.yml @@ -16,5 +16,5 @@ - name: Ensure systemd service exists for {{ matrix_synapse_worker_systemd_service_name }} ansible.builtin.template: src: "{{ role_path }}/templates/synapse/systemd/matrix-synapse-worker.service.j2" - dest: "{{ matrix_systemd_path }}/{{ matrix_synapse_worker_systemd_service_name }}.service" + dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ matrix_synapse_worker_systemd_service_name }}.service" mode: 0644 diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index ce00ab52f..96e6b84ee 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -13,3 +13,4 @@ - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} + - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} From a9a81460ecbffb56ac3d274ac7ad1fa971908b38 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:39:35 +0200 Subject: [PATCH 311/349] matrix_host_command_docker -> devture_systemd_docker_base_host_command_docker (via com.devture.ansible.role.systemd_docker_base) --- .../systemd/matrix-backup-borg.service.j2 | 12 ++++++------ roles/custom/matrix-base/defaults/main.yml | 1 - .../systemd/matrix-bot-buscarron.service.j2 | 10 +++++----- .../templates/systemd/matrix-bot-go-neb.service.j2 | 10 +++++----- .../systemd/matrix-bot-honoroit.service.j2 | 10 +++++----- .../matrix-bot-matrix-registration-bot.service.j2 | 10 +++++----- .../matrix-bot-matrix-reminder-bot.service.j2 | 10 +++++----- .../templates/systemd/matrix-bot-maubot.service.j2 | 10 +++++----- .../systemd/matrix-bot-mjolnir.service.j2 | 10 +++++----- .../systemd/matrix-bot-postmoogle.service.j2 | 10 +++++----- .../tasks/setup_install.yml | 2 +- .../systemd/matrix-appservice-discord.service.j2 | 10 +++++----- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../tasks/setup_install.yml | 2 +- .../systemd/matrix-appservice-irc.service.j2 | 10 +++++----- .../matrix-appservice-kakaotalk-node.service.j2 | 10 +++++----- .../systemd/matrix-appservice-kakaotalk.service.j2 | 10 +++++----- .../tasks/migrate_nedb_to_postgres.yml | 2 +- .../systemd/matrix-appservice-slack.service.j2 | 10 +++++----- .../systemd/matrix-appservice-webhooks.service.j2 | 10 +++++----- .../tasks/setup_install.yml | 2 +- .../systemd/matrix-beeper-linkedin.service.j2 | 10 +++++----- .../systemd/matrix-go-skype-bridge.service.j2 | 10 +++++----- .../systemd/matrix-heisenbridge.service.j2 | 10 +++++----- .../matrix-bridge-hookshot/tasks/setup_install.yml | 2 +- .../templates/systemd/matrix-hookshot.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-discord.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-facebook.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-googlechat.service.j2 | 6 +++--- .../systemd/matrix-mautrix-hangouts.service.j2 | 12 ++++++------ .../systemd/matrix-mautrix-instagram.service.j2 | 10 +++++----- .../matrix-mautrix-signal-daemon.service.j2 | 12 ++++++------ .../systemd/matrix-mautrix-signal.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-telegram.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-twitter.service.j2 | 10 +++++----- .../systemd/matrix-mautrix-whatsapp.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-discord.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-groupme.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-instagram.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-slack.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-steam.service.j2 | 10 +++++----- .../systemd/matrix-mx-puppet-twitter.service.j2 | 10 +++++----- .../systemd/matrix-cactus-comments.service.j2 | 10 +++++----- .../systemd/matrix-client-cinny.service.j2 | 10 +++++----- .../systemd/matrix-client-element.service.j2 | 10 +++++----- .../systemd/matrix-client-hydrogen.service.j2 | 10 +++++----- .../matrix-common-after/tasks/run_docker_prune.yml | 2 +- .../conduit/systemd/matrix-conduit.service.j2 | 12 ++++++------ .../templates/systemd/matrix-corporal.service.j2 | 10 +++++----- .../templates/systemd/matrix-coturn.service.j2 | 12 ++++++------ .../dendrite/systemd/matrix-dendrite.service.j2 | 12 ++++++------ .../templates/systemd/matrix-dimension.service.j2 | 10 +++++----- .../systemd/matrix-dynamic-dns.service.j2 | 10 +++++----- .../systemd/matrix-email2matrix.service.j2 | 10 +++++----- .../templates/systemd/matrix-etherpad.service.j2 | 10 +++++----- .../templates/systemd/matrix-grafana.service.j2 | 10 +++++----- .../matrix-jitsi/tasks/util/setup_jitsi_auth.yml | 2 +- .../jicofo/matrix-jitsi-jicofo.service.j2 | 10 +++++----- .../templates/jvb/matrix-jitsi-jvb.service.j2 | 10 +++++----- .../prosody/matrix-jitsi-prosody.service.j2 | 10 +++++----- .../templates/web/matrix-jitsi-web.service.j2 | 10 +++++----- .../matrix-ldap-registration-proxy.service.j2 | 10 +++++----- .../templates/systemd/matrix-ma1sd.service.j2 | 10 +++++----- .../templates/systemd/matrix-mailer.service.j2 | 10 +++++----- .../tasks/nginx-proxy/setup_metrics_auth.yml | 2 +- .../setup_ssl_lets_encrypt_obtain_for_domain.yml | 4 ++-- .../systemd/matrix-nginx-proxy.service.j2 | 14 +++++++------- .../templates/systemd/matrix-ntfy.service.j2 | 10 +++++----- .../systemd/matrix-postgres-backup.service.j2 | 10 +++++----- .../tasks/import_generic_sqlite_db.yml | 2 +- .../matrix-postgres/tasks/import_postgres.yml | 2 +- .../tasks/migrate_db_to_postgres.yml | 4 ++-- roles/custom/matrix-postgres/tasks/run_vacuum.yml | 2 +- .../matrix-postgres/tasks/upgrade_postgres.yml | 4 ++-- .../tasks/util/create_additional_database.yml | 2 +- .../templates/systemd/matrix-postgres.service.j2 | 10 +++++----- .../matrix-prometheus-node-exporter.service.j2 | 10 +++++----- .../matrix-prometheus-postgres-exporter.service.j2 | 10 +++++----- .../templates/systemd/matrix-prometheus.service.j2 | 10 +++++----- .../systemd/matrix-registration.service.j2 | 10 +++++----- .../templates/systemd/matrix-sygnal.service.j2 | 10 +++++----- .../systemd/matrix-synapse-admin.service.j2 | 10 +++++----- .../rust-synapse-compress-state/compress_room.yml | 4 ++-- .../tasks/rust-synapse-compress-state/main.yml | 2 +- .../matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- .../matrix-synapse/tasks/update_user_password.yml | 2 +- .../goofys/systemd/matrix-goofys.service.j2 | 12 ++++++------ .../matrix-synapse-s3-storage-provider-migrate.j2 | 2 +- .../matrix-synapse-s3-storage-provider-shell.j2 | 2 +- .../systemd/matrix-synapse-worker.service.j2 | 12 ++++++------ .../synapse/systemd/matrix-synapse.service.j2 | 12 ++++++------ .../tasks/util/ensure_user_registered_dendrite.yml | 2 +- .../tasks/util/ensure_user_registered_synapse.yml | 2 +- .../tasks/validate_config.yml | 1 + 94 files changed, 379 insertions(+), 379 deletions(-) diff --git a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 index 3436ac460..70250f8d0 100644 --- a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 +++ b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 @@ -13,9 +13,9 @@ DefaultDependencies=no [Service] Type=oneshot Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-backup-borg \ --log-driver=none \ --cap-drop=ALL \ --read-only \ @@ -33,7 +33,7 @@ ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-backup-bor {{ matrix_backup_borg_docker_image }} \ sh -c "borgmatic --init --encryption {{ matrix_backup_borg_encryption }}" -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-backup-borg \ --log-driver=none \ --cap-drop=ALL \ --read-only \ @@ -50,8 +50,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-backup-borg \ {% endfor %} {{ matrix_backup_borg_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' SyslogIdentifier=matrix-backup-borg [Install] diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index ebed1b3a0..f6cd06f4d 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -120,7 +120,6 @@ matrix_cron_path: "/etc/cron.d" matrix_local_bin_path: "/usr/local/bin" -matrix_host_command_docker: "/usr/bin/env docker" matrix_host_command_sleep: "/usr/bin/env sleep" matrix_host_command_chown: "/usr/bin/env chown" matrix_host_command_fusermount: "/usr/bin/env fusermount" diff --git a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 index 4c3abcba7..89ffe62e0 100644 --- a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 +++ b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-buscarron \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-buscarron \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-buscarron {% endfor %} {{ matrix_bot_buscarron_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-buscarron diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 index 73b8175a2..a2143963d 100644 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-go-neb \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -39,8 +39,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \ {{ matrix_bot_go_neb_docker_image }} \ -c "go-neb /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-go-neb diff --git a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 index d5fe3b028..d7e53ce97 100644 --- a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-honoroit \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \ {% endfor %} {{ matrix_bot_honoroit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-honoroit diff --git a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 index 3fd9619c3..872a6814f 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-registration-bot \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-registration-bot \ --log-driver=none \ --cap-drop=ALL \ -e "CONFIG_PATH=/config/config.yml" \ @@ -27,8 +27,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reg --network={{ matrix_docker_network }} \ {{ matrix_bot_matrix_registration_bot_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-registration-bot diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index 19dfc3df5..31c6d6107 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem {{ matrix_bot_matrix_reminder_bot_docker_image }} \ -c "matrix-reminder-bot /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-reminder-bot diff --git a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 998ec3c65..fd07d40ce 100644 --- a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-maubot diff --git a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 index b57951550..d4a5b1df1 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-mjolnir \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \ {% endfor %} {{ matrix_bot_mjolnir_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-mjolnir diff --git a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index 355c85a64..e9c6a0c24 100644 --- a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-postmoogle \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle {% endfor %} {{ matrix_bot_postmoogle_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-postmoogle diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index 0a2a89a3a..ac0ad64d0 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -93,7 +93,7 @@ # We intentionally suppress Ansible changes. - name: Generate AppService Discord invite link ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --mount type=bind,src={{ matrix_appservice_discord_config_path }},dst=/cfg diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index bc565ec0b..8cb75b834 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis {{ matrix_appservice_discord_docker_image }} \ node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-discord diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml index b6e938b09..9dda24019 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml @@ -42,7 +42,7 @@ - name: Import appservice-irc NeDB database into Postgres ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index f9a817796..864a2a50c 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -147,7 +147,7 @@ # to produce a final registration.yaml file, as we desire. - name: Generate Appservice IRC registration-template.yaml ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc-gen + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-irc-gen --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL -v {{ matrix_appservice_irc_config_path }}:/config:z diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index 144ff6c6c..3e40b8010 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-irc \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc {{ matrix_appservice_irc_docker_image }} \ -c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-irc diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 index 47beccd18..879fdc87c 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kak {{ matrix_appservice_kakaotalk_node_docker_image }} \ node src/main.js --config /config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk-node diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 index 17076ae53..f08d37fc1 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-kakaotalk \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kak {{ matrix_appservice_kakaotalk_docker_image }} \ python3 -m matrix_appservice_kakaotalk -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml index 0d0296438..0ed3e18b2 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/migrate_nedb_to_postgres.yml @@ -36,7 +36,7 @@ - name: Import appservice-slack NeDB database into Postgres ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index 35c3c9f0a..8e1e350d6 100644 --- a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-slack \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-slack \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla {{ matrix_appservice_slack_docker_image }} \ node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-slack diff --git a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index e9a874574..028d3e7bd 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-webhooks \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-webhooks \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-web {{ matrix_appservice_webhooks_docker_image }} \ node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-webhooks diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 8ddcb141d..3385ebdd3 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -51,7 +51,7 @@ - name: Ensure docker-requirements.txt is generated before building Beeper LinkedIn Docker Image ansible.builtin.command: cmd: | - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --entrypoint=/bin/sh --mount type=bind,src={{ matrix_beeper_linkedin_docker_src_files_path }},dst=/work diff --git a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 index d2f61b189..665ee434e 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 +++ b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-beeper-linkedin \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-beeper-linkedin \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-beeper-linkedi {{ matrix_beeper_linkedin_docker_image }} \ python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-beeper-linkedin diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 index bd826d0db..44aa97dd9 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-go-skype-bridge \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-go-skype-bridge \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-go-skype-bridg {{ matrix_go_skype_bridge_docker_image }} \ /usr/bin/matrix-skype -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-go-skype-bridge diff --git a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 index ac13e61ec..49abaf0a5 100644 --- a/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 +++ b/roles/custom/matrix-bridge-heisenbridge/templates/systemd/matrix-heisenbridge.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-heisenbridge -ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-heisenbridge +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-heisenbridge +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-heisenbridge -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-heisenbridge \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-heisenbridge \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -41,8 +41,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-heisenbridge \ --listen-port 9898 \ {{ matrix_heisenbridge_homeserver_url }} -ExecStop=-{{ matrix_host_command_docker }} kill matrix-heisenbridge -ExecStop=-{{ matrix_host_command_docker }} rm matrix-heisenbridge +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-heisenbridge +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-heisenbridge Restart=always RestartSec=30 SyslogIdentifier=matrix-heisenbridge diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 677c41370..09f2539f4 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -71,7 +71,7 @@ - name: Validate hookshot config.yml ansible.builtin.command: cmd: | - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name={{ matrix_hookshot_container_url }}-validate --user={{ matrix_user_uid }}:{{ matrix_user_gid }} diff --git a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 index 4916e37fa..7ebd08b6c 100644 --- a/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 +++ b/roles/custom/matrix-bridge-hookshot/templates/systemd/matrix-hookshot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }} -ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }} +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_hookshot_container_url }} +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_hookshot_container_url }} -ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_hookshot_container_url }} \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_hookshot_container_url }} \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -30,8 +30,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_hookshot_co {% endfor %} {{ matrix_hookshot_docker_image }} -ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_hookshot_container_url }} -ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_hookshot_container_url }} +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_hookshot_container_url }} +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_hookshot_container_url }} Restart=always RestartSec=30 SyslogIdentifier={{ matrix_hookshot_container_url }} diff --git a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 4ee0fc5d4..452c58b9d 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-discord \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-discor {{ matrix_mautrix_discord_docker_image }} \ /usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-discord diff --git a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index f15069f35..6a8a2c8a3 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebook \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-facebook \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebo {{ matrix_mautrix_facebook_docker_image }} \ python3 -m mautrix_facebook -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-facebook diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 index e0bcb2e32..d640a14fd 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 @@ -17,7 +17,7 @@ Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-googlechat \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-googlechat \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-google {{ matrix_mautrix_googlechat_docker_image }} \ python3 -m mautrix_googlechat -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-googlechat diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index e1a6781e8..f20f20e3b 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -13,9 +13,9 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' -ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -28,7 +28,7 @@ ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-han # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-hangouts \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -44,8 +44,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangou {{ matrix_mautrix_hangouts_docker_image }} \ python3 -m mautrix_hangouts -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-hangouts diff --git a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 index a15b37293..f8979fb69 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instagram \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-instagram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instag {{ matrix_mautrix_instagram_docker_image }} \ python3 -m mautrix_instagram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-instagram diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index 68da20ba3..c67f7e629 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -15,14 +15,14 @@ Wants={{ service }} Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 # Migration task required by the 0.19.0 upgrade -ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,7 +32,7 @@ ExecStartPre=-{{ matrix_host_command_docker }} run --rm --name matrix-mautrix-si --migrate-data # We can't use `--read-only` for this bridge. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ --log-driver=none \ --env-file={{ matrix_mautrix_signal_daemon_path }}/env \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -41,8 +41,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal -v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \ {{ matrix_mautrix_signal_daemon_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 index 369f1b970..1ca46a20a 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 @@ -14,13 +14,13 @@ Wants={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal \ --log-driver=none \ --network={{ matrix_docker_network }} \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal {{ matrix_mautrix_signal_docker_image }} \ python3 -m mautrix_signal -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index b96ede6ac..fae2efcdf 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegram \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-telegram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegr {{ matrix_mautrix_telegram_docker_image }} \ python3 -m mautrix_telegram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-telegram diff --git a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 index 67d68404e..48122b9f4 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-twitter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitte {{ matrix_mautrix_twitter_docker_image }} \ python3 -m mautrix_twitter -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-twitter diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index fa4df8010..f73184758 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsapp \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-whatsapp \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsa {{ matrix_mautrix_whatsapp_docker_image }} \ /usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-whatsapp diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index 53db632b4..ed034d821 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 15 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-discord \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-disc {% endfor %} {{ matrix_mx_puppet_discord_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-discord diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 index d9f29a8a5..0843f44fb 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-groupme \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-groupme \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-grou {% endfor %} {{ matrix_mx_puppet_groupme_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-groupme diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index 21e93a739..94bb5aae3 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-instagram \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-instagram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-inst {% endfor %} {{ matrix_mx_puppet_instagram_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-instagram diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index ea97de7a3..6d55316d1 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slack \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-slack \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slac {% endfor %} {{ matrix_mx_puppet_slack_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-slack diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index 6fd26b66f..fdc9dd1ca 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-steam \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-steam \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-stea {% endfor %} {{ matrix_mx_puppet_steam_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-steam diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 816cbe34d..74a6ed017 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -13,13 +13,13 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twitter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mx-puppet-twitter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twit {% endfor %} {{ matrix_mx_puppet_twitter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-twitter diff --git a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 index 259f141a6..ffc63b68b 100644 --- a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 +++ b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-cactus-comments \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-cactus-comments \ --log-driver=none \ --cap-drop=ALL \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -26,8 +26,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-cactus-comment --network={{ matrix_docker_network }} \ {{ matrix_cactus_comments_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-cactus-comments diff --git a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 index f9250530d..9aa0239f8 100644 --- a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 +++ b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-cinny \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-cinny \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -30,8 +30,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-cinny \ {% endfor %} {{ matrix_client_cinny_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-cinny diff --git a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index aaed84b0f..a5181f59e 100644 --- a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-element \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,8 +35,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element {% endfor %} {{ matrix_client_element_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-element diff --git a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 index 481ffb8ae..70d32bdd1 100644 --- a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-hydrogen \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-hydrogen \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-hydroge {% endfor %} {{ matrix_client_hydrogen_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-hydrogen diff --git a/roles/custom/matrix-common-after/tasks/run_docker_prune.yml b/roles/custom/matrix-common-after/tasks/run_docker_prune.yml index 02dfadc5c..58f0e7933 100644 --- a/roles/custom/matrix-common-after/tasks/run_docker_prune.yml +++ b/roles/custom/matrix-common-after/tasks/run_docker_prune.yml @@ -2,6 +2,6 @@ - name: Run Docker System Prune ansible.builtin.command: - cmd: "{{ matrix_host_command_docker }} system prune -a -f" + cmd: "{{ devture_systemd_docker_base_host_command_docker }} system prune -a -f" register: matrix_common_after_docker_prune_result changed_when: matrix_common_after_docker_prune_result.rc == 0 diff --git a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index 90cf30743..d24acfbea 100644 --- a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -9,10 +9,10 @@ After={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-conduit \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -27,9 +27,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-conduit \ {% endfor %} {{ matrix_conduit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-conduit 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-conduit /bin/sh -c 'kill -HUP 1' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-conduit /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier=matrix-conduit diff --git a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 index 95ab7c803..8ea4dd427 100644 --- a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 +++ b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-corporal \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \ {{ matrix_corporal_docker_image }} \ /matrix-corporal -config=/etc/matrix-corporal/config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-corporal diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 index 17e0b015e..63a42a1b6 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-coturn \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -43,12 +43,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \ {{ matrix_coturn_docker_image }} \ -c /turnserver.conf -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' # This only reloads certificates (not other configuration). # See: https://github.com/coturn/coturn/pull/236 -ExecReload={{ matrix_host_command_docker }} exec matrix-coturn kill -USR2 1 +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-coturn kill -USR2 1 Restart=always RestartSec=30 diff --git a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index 941a24058..b3e15fb04 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' {% if 'matrix-postgres.service' in matrix_dendrite_systemd_required_services_list %} # Dendrite is too quick to start in relation to its matrix-postgres dependency. @@ -22,7 +22,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre={{ matrix_host_command_sleep }} 5 {% endif %} -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dendrite \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -54,9 +54,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \ -https-bind-address {{ matrix_dendrite_https_bind_address }} {% endif %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-dendrite /bin/sh -c 'kill -HUP 1' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier=matrix-dendrite diff --git a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 index 8329f0ca6..58f29cbad 100644 --- a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 +++ b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 @@ -13,15 +13,15 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' # Fixup database ownership if it got changed somehow (during a server migration, etc.) {% if matrix_dimension_database_engine == 'sqlite' %} ExecStartPre=-{{ matrix_host_command_chown }} {{ matrix_dimension_user_uid }}:{{ matrix_dimension_user_gid }} {{ matrix_dimension_sqlite_database_path_local }} {% endif %} -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dimension \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dimension \ --log-driver=none \ --user={{ matrix_dimension_user_uid }}:{{ matrix_dimension_user_gid }} \ --cap-drop=ALL \ @@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dimension \ {% endfor %} {{ matrix_dimension_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dimension diff --git a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 index ace0f90f4..7ab2bf545 100644 --- a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 +++ b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 @@ -13,9 +13,9 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dynamic-dns \ --log-driver=none \ --network={{ matrix_docker_network }} \ -e PUID={{ matrix_user_uid }} \ @@ -26,8 +26,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ {% endfor %} {{ matrix_dynamic_dns_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dynamic-dns diff --git a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 index 4a098f26c..b2bb5862f 100644 --- a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 +++ b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-email2matrix \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -24,8 +24,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \ {% endfor %} {{ matrix_email2matrix_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-email2matrix diff --git a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 index 4be0f0043..e0a104815 100644 --- a/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 +++ b/roles/custom/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-etherpad -ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-etherpad +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-etherpad +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-etherpad -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-etherpad \ --log-driver=none \ --user={{ matrix_etherpad_user_uid }}:{{ matrix_etherpad_user_gid }} \ --cap-drop=ALL \ @@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \ --sessionkey /data/sessionkey.json --apikey /data/apijey.json -ExecStop=-{{ matrix_host_command_docker }} kill matrix-etherpad -ExecStop=-{{ matrix_host_command_docker }} rm matrix-etherpad +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill matrix-etherpad +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm matrix-etherpad Restart=always RestartSec=30 SyslogIdentifier=matrix-etherpad diff --git a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 index 0748f6018..fe2219e71 100644 --- a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 +++ b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-grafana \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-grafana \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-grafana \ {% endfor %} {{ matrix_grafana_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-grafana diff --git a/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml b/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml index d9da9ebe1..4edc5431b 100644 --- a/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml +++ b/roles/custom/matrix-jitsi/tasks/util/setup_jitsi_auth.yml @@ -15,7 +15,7 @@ # - name: Ensure Jitsi internal authentication users are configured - ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register {{ item.username | quote }} meet.jitsi {{ item.password | quote }}" + ansible.builtin.shell: "{{ devture_systemd_docker_base_host_command_docker }} exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register {{ item.username | quote }} meet.jitsi {{ item.password | quote }}" with_items: "{{ matrix_jitsi_prosody_auth_internal_accounts }}" when: - matrix_jitsi_auth_type == "internal" diff --git a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 index d9f425aa9..34749a8be 100644 --- a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ --log-driver=none \ --network={{ matrix_docker_network }} \ --env-file={{ matrix_jitsi_jicofo_base_path }}/env \ @@ -23,8 +23,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ {% endfor %} {{ matrix_jitsi_jicofo_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jicofo diff --git a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 index 4dd26c76c..5d9fc8897 100644 --- a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jvb \ --log-driver=none \ --network={{ matrix_docker_network }} \ --network-alias=jvb.meet.jitsi \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \ {% endfor %} {{ matrix_jitsi_jvb_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jvb diff --git a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index efeb31101..851b3f106 100644 --- a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-prosody \ --log-driver=none \ --network={{ matrix_docker_network }} \ --network-alias={{ matrix_jitsi_xmpp_server }} \ @@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody {% endfor %} {{ matrix_jitsi_prosody_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-prosody diff --git a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 index 8fa8f58da..8e859d122 100644 --- a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 +++ b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 @@ -10,10 +10,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-web \ --log-driver=none \ --network={{ matrix_docker_network }} \ --network-alias={{ matrix_jitsi_xmpp_domain }} \ @@ -29,8 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \ {% endfor %} {{ matrix_jitsi_web_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-web diff --git a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index 5ffbae90b..2520b04a1 100644 --- a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,12 +13,12 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ldap-registration-proxy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ldap-registrat {% endfor %} {{ matrix_ldap_registration_proxy_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ldap-registration-proxy diff --git a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index 394384603..fcb3b5aae 100644 --- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -13,12 +13,12 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' # ma1sd writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ma1sd \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ma1sd \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -38,8 +38,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ma1sd \ {% endfor %} {{ matrix_ma1sd_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ma1sd diff --git a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 index 44a46a986..a501bdd40 100644 --- a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 +++ b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 @@ -8,12 +8,12 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' # --hostname gives us a friendlier hostname than the default. # The real hostname is passed via a `HOSTNAME` environment variable though. -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mailer \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mailer \ --log-driver=none \ --user={{ matrix_mailer_container_user_uid }}:{{ matrix_mailer_container_user_gid }} \ --cap-drop=ALL \ @@ -27,8 +27,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mailer \ {% endfor %} {{ matrix_mailer_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mailer diff --git a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index 6129a49fa..dfb952a87 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -41,7 +41,7 @@ - name: Generate matrix-metrics-htpasswd from username/password (protecting /metrics/* URIs) ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml index 176692ff7..b10791a7f 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml @@ -30,7 +30,7 @@ # We suppress the error, as we'll try another method below. - name: Attempt initial SSL certificate retrieval with standalone authenticator (directly) ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name=matrix-certbot --user={{ matrix_user_uid }}:{{ matrix_user_gid }} @@ -59,7 +59,7 @@ # and it's running now, it may be able to proxy requests to `matrix_ssl_lets_encrypt_certbot_standalone_http_port`. - name: Attempt initial SSL certificate retrieval with standalone authenticator (via proxy) ansible.builtin.shell: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name=matrix-certbot --user={{ matrix_user_uid }}:{{ matrix_user_gid }} diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index 49c4c0dd1..76d080404 100755 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-nginx-proxy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -51,12 +51,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ {{ matrix_nginx_proxy_docker_image }} {% for network in matrix_nginx_proxy_container_additional_networks %} -ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ matrix_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' +ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' {% endfor %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload Restart=always RestartSec=30 SyslogIdentifier=matrix-nginx-proxy diff --git a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index 47a81dec4..d817cb1a4 100644 --- a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ntfy \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -28,8 +28,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ntfy \ {{ matrix_ntfy_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ntfy diff --git a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 index 1622b222c..e5c06b833 100644 --- a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 +++ b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} stop matrix-postgres-backup -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres-backup \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-backup \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -21,8 +21,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres-backu --mount type=bind,src={{ matrix_postgres_backup_path }},dst=/backups \ {{ matrix_postgres_backup_docker_image_to_use }} -ExecStop=-{{ matrix_host_command_docker }} stop matrix-postgres-backup -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres-backup diff --git a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml index 7fa4a20ae..c3fff5208 100644 --- a/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml +++ b/roles/custom/matrix-postgres/tasks/import_generic_sqlite_db.yml @@ -71,7 +71,7 @@ - name: Import SQLite database from {{ sqlite_database_path }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/import_postgres.yml b/roles/custom/matrix-postgres/tasks/import_postgres.yml index d5bfaa86c..d21333adc 100644 --- a/roles/custom/matrix-postgres/tasks/import_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/import_postgres.yml @@ -72,7 +72,7 @@ - name: Generate Postgres database import command ansible.builtin.set_fact: matrix_postgres_import_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-import + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-import --log-driver=none --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml index 168b66ecc..dca284ad1 100644 --- a/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/migrate_db_to_postgres.yml @@ -121,7 +121,7 @@ - name: Import {{ matrix_postgres_db_migration_request.engine_old }} database from {{ matrix_postgres_db_migration_request.src }} into Postgres # noqa name[template] ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL @@ -146,7 +146,7 @@ - name: Execute additional Postgres SQL migration statements ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/run_vacuum.yml b/roles/custom/matrix-postgres/tasks/run_vacuum.yml index c1bf8d762..dfa4be7a3 100644 --- a/roles/custom/matrix-postgres/tasks/run_vacuum.yml +++ b/roles/custom/matrix-postgres/tasks/run_vacuum.yml @@ -47,7 +47,7 @@ - name: Generate Postgres database vacuum command ansible.builtin.set_fact: matrix_postgres_vacuum_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} diff --git a/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml b/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml index 3d22407ca..d5f7e6c37 100644 --- a/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/upgrade_postgres.yml @@ -82,7 +82,7 @@ - name: Perform Postgres database dump ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-dump + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-dump --log-driver=none --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --network={{ matrix_docker_network }} @@ -134,7 +134,7 @@ - name: Generate Postgres database import command ansible.builtin.set_fact: matrix_postgres_import_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-postgres-import + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-import --log-driver=none --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml b/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml index da95b8704..ce441ee13 100644 --- a/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml +++ b/roles/custom/matrix-postgres/tasks/util/create_additional_database.yml @@ -22,7 +22,7 @@ - name: Execute Postgres additional database initialization SQL file for {{ additional_db.name }} ansible.builtin.command: cmd: >- - {{ matrix_host_command_docker }} run + {{ devture_systemd_docker_base_host_command_docker }} run --rm --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL diff --git a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 index 264e9b9af..ebf4bfc22 100644 --- a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 +++ b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 @@ -8,14 +8,14 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' # We need /dev/shm to be larger than the default to allow VACUUM to work. # See: # - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1362 # - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1268 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -36,8 +36,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \ {{ matrix_postgres_docker_image_to_use }} \ postgres {{ matrix_postgres_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres diff --git a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 index 4f0b20091..41655f7e1 100644 --- a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-node-exporter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-node-exporter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -34,8 +34,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-nod {{ matrix_prometheus_node_exporter_docker_image }} \ --path.rootfs=/host {{ matrix_prometheus_node_exporter_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-node-exporter diff --git a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 index f607beaec..4462c5ed3 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-postgres-exporter \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-postgres-exporter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-pos --pid=host \ {{ matrix_prometheus_postgres_exporter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-postgres-exporter diff --git a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 index 45b905eb0..210c193f8 100644 --- a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 +++ b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 @@ -13,11 +13,11 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -33,8 +33,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus \ {% endfor %} {{ matrix_prometheus_docker_image }} {{ matrix_prometheus_process_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 index ade1bb03f..8ddd023f8 100644 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-registration \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-registration \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-registration \ {{ matrix_registration_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-registration diff --git a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 index 938dcaf41..06783b046 100644 --- a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 +++ b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sygnal \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-sygnal \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sygnal \ {% endfor %} {{ matrix_sygnal_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-sygnal diff --git a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 index 82bf7a2db..8338aedb6 100644 --- a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 +++ b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse-admin \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-synapse-admin \ --log-driver=none \ --cap-drop=ALL \ --cap-add=CHOWN \ @@ -32,8 +32,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse-admin {% endfor %} {{ matrix_synapse_admin_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-synapse-admin diff --git a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 88db265d3..e5cf8e8ec 100644 --- a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -6,7 +6,7 @@ - name: Generate rust-synapse-compress-state room compression command ansible.builtin.set_fact: matrix_synapse_rust_synapse_compress_state_compress_room_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-compress-room + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-compress-room --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} @@ -30,7 +30,7 @@ - name: Generate Postgres compression SQL import command ansible.builtin.set_fact: matrix_synapse_rust_synapse_compress_state_psql_import_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-psql-import + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-psql-import --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} diff --git a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index c8138c0bd..b9dd74332 100644 --- a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -56,7 +56,7 @@ - name: Generate rust-synapse-compress-state room find command ansible.builtin.set_fact: matrix_synapse_rust_synapse_compress_state_find_rooms_command: >- - {{ matrix_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-find-rooms + {{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-rust-synapse-compress-state-find-rooms --user={{ matrix_user_uid }}:{{ matrix_user_gid }} --cap-drop=ALL --network={{ matrix_docker_network }} diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml index 111a7a989..1b468f2df 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml @@ -31,7 +31,7 @@ register: matrix_synapse_git_pull_results - name: Check if Synapse Docker image exists - ansible.builtin.command: "{{ matrix_host_command_docker }} images --quiet --filter 'reference={{ matrix_synapse_docker_image }}'" + ansible.builtin.command: "{{ devture_systemd_docker_base_host_command_docker }} images --quiet --filter 'reference={{ matrix_synapse_docker_image }}'" register: matrix_synapse_docker_image_check_result changed_when: false @@ -42,7 +42,7 @@ ansible.builtin.shell: chdir: "{{ matrix_synapse_docker_src_files_path }}" cmd: | - {{ matrix_host_command_docker }} build \ + {{ devture_systemd_docker_base_host_command_docker }} build \ -t "{{ matrix_synapse_docker_image }}" \ -f docker/Dockerfile \ . diff --git a/roles/custom/matrix-synapse/tasks/update_user_password.yml b/roles/custom/matrix-synapse/tasks/update_user_password.yml index f7b404565..3ddc4b8de 100644 --- a/roles/custom/matrix-synapse/tasks/update_user_password.yml +++ b/roles/custom/matrix-synapse/tasks/update_user_password.yml @@ -36,7 +36,7 @@ when: "start_result.changed or postgres_start_result.changed" - name: Generate password hash - ansible.builtin.shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password | quote }}" + ansible.builtin.shell: "{{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password | quote }}" register: password_hash changed_when: false diff --git a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 index 790854468..a1174bced 100644 --- a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 @@ -8,10 +8,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill %n -ExecStartPre=-{{ matrix_host_command_docker }} rm %n +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} kill %n +ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} rm %n -ExecStart={{ matrix_host_command_docker }} run --rm --name %n \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name %n \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --mount type=bind,src=/etc/passwd,dst=/etc/passwd,ro \ @@ -27,9 +27,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name %n \ -c 'goofys -f{% if not matrix_s3_media_store_custom_endpoint_enabled %} --storage-class=STANDARD_IA{% endif %}{% if matrix_s3_media_store_custom_endpoint_enabled %} --endpoint={{ matrix_s3_media_store_custom_endpoint }}{% endif %} --region {{ matrix_s3_media_store_region }} --stat-cache-ttl 60m0s --type-cache-ttl 60m0s --dir-mode 0700 --file-mode 0700 {{ matrix_s3_media_store_bucket_name }} /s3' TimeoutStartSec=5min -ExecStop=-{{ matrix_host_command_docker }} stop %n -ExecStop=-{{ matrix_host_command_docker }} kill %n -ExecStop=-{{ matrix_host_command_docker }} rm %n +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} stop %n +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} kill %n +ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} rm %n ExecStop=-{{ matrix_host_command_fusermount }} -u {{ matrix_s3_media_store_path }} Restart=always RestartSec=5 diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 index e6684e696..d48ae1229 100644 --- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-migrate.j2 @@ -1,7 +1,7 @@ #jinja2: lstrip_blocks: "True" #!/bin/bash -{{ matrix_host_command_docker }} run \ +{{ devture_systemd_docker_base_host_command_docker }} run \ --rm \ --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ --mount type=bind,src={{ matrix_synapse_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \ diff --git a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 index c67a6dda0..b46e89b73 100644 --- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/usr-local-bin/matrix-synapse-s3-storage-provider-shell.j2 @@ -1,7 +1,7 @@ #jinja2: lstrip_blocks: "True" #!/bin/bash -{{ matrix_host_command_docker }} run \ +{{ devture_systemd_docker_base_host_command_docker }} run \ -it \ --rm \ --env-file={{ matrix_synapse_ext_s3_storage_provider_path }}/env \ diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index fdee677ce..00a989297 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -8,13 +8,13 @@ After=matrix-synapse.service Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' # Intentional delay, so that the homeserver can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -46,10 +46,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier={{ matrix_synapse_worker_container_name }} diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index d6b8706f5..c8b80f149 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -21,8 +21,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' {% if matrix_s3_media_store_enabled %} # Allow for some time before starting, so that media store can mount. # Mounting can happen later too, but if we start writing, @@ -30,7 +30,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre={{ matrix_host_command_sleep }} 3 {% endif %} -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ +ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-synapse \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -63,9 +63,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.homeserver -c /data/homeserver.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null || true' -ExecReload={{ matrix_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 SyslogIdentifier=matrix-synapse diff --git a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml index 5fb1636fc..2fede49f8 100644 --- a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml +++ b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_dendrite.yml @@ -3,7 +3,7 @@ - name: Ensure Dendrite user registered - {{ user.username | quote }} ansible.builtin.command: cmd: |- - {{ matrix_host_command_docker }} exec matrix-dendrite + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite create-account -config /data/dendrite.yaml -username {{ user.username | quote }} diff --git a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml index fde82096c..00189e5c5 100644 --- a/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml +++ b/roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_synapse.yml @@ -3,7 +3,7 @@ - name: Ensure Synapse user registered - {{ user.username | quote }} ansible.builtin.command: cmd: |- - {{ matrix_host_command_docker }} exec matrix-synapse + {{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse register_new_matrix_user -u {{ user.username | quote }} -p {{ user.initial_password | quote }} diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 96e6b84ee..ef71a4e0c 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -14,3 +14,4 @@ - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} + - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} From 7086c0ebe3f89726a2dd90e65bc48915d886c0ef Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:40:25 +0200 Subject: [PATCH 312/349] matrix_host_command_sh -> devture_systemd_docker_base_host_command_sh (via com.devture.ansible.role.systemd_docker_base) --- .../templates/systemd/matrix-backup-borg.service.j2 | 8 ++++---- roles/custom/matrix-base/defaults/main.yml | 1 - .../templates/systemd/matrix-bot-buscarron.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-go-neb.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-honoroit.service.j2 | 8 ++++---- .../matrix-bot-matrix-registration-bot.service.j2 | 8 ++++---- .../systemd/matrix-bot-matrix-reminder-bot.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-maubot.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-mjolnir.service.j2 | 8 ++++---- .../templates/systemd/matrix-bot-postmoogle.service.j2 | 8 ++++---- .../systemd/matrix-appservice-discord.service.j2 | 8 ++++---- .../templates/systemd/matrix-appservice-irc.service.j2 | 8 ++++---- .../matrix-appservice-kakaotalk-node.service.j2 | 8 ++++---- .../systemd/matrix-appservice-kakaotalk.service.j2 | 8 ++++---- .../systemd/matrix-appservice-slack.service.j2 | 8 ++++---- .../systemd/matrix-appservice-webhooks.service.j2 | 8 ++++---- .../systemd/matrix-beeper-linkedin.service.j2 | 8 ++++---- .../systemd/matrix-go-skype-bridge.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-discord.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-facebook.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-googlechat.service.j2 | 4 ++-- .../systemd/matrix-mautrix-hangouts.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-instagram.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-signal-daemon.service.j2 | 8 ++++---- .../templates/systemd/matrix-mautrix-signal.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-telegram.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-twitter.service.j2 | 8 ++++---- .../systemd/matrix-mautrix-whatsapp.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-discord.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-groupme.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-instagram.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-slack.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-steam.service.j2 | 8 ++++---- .../systemd/matrix-mx-puppet-twitter.service.j2 | 8 ++++---- .../systemd/matrix-cactus-comments.service.j2 | 8 ++++---- .../templates/systemd/matrix-client-cinny.service.j2 | 8 ++++---- .../templates/systemd/matrix-client-element.service.j2 | 8 ++++---- .../systemd/matrix-client-hydrogen.service.j2 | 8 ++++---- .../conduit/systemd/matrix-conduit.service.j2 | 8 ++++---- .../templates/systemd/matrix-corporal.service.j2 | 8 ++++---- .../templates/systemd/matrix-coturn.service.j2 | 8 ++++---- .../dendrite/systemd/matrix-dendrite.service.j2 | 8 ++++---- .../templates/systemd/matrix-dimension.service.j2 | 8 ++++---- .../templates/systemd/matrix-dynamic-dns.service.j2 | 8 ++++---- .../templates/systemd/matrix-email2matrix.service.j2 | 8 ++++---- .../templates/systemd/matrix-grafana.service.j2 | 8 ++++---- .../templates/jicofo/matrix-jitsi-jicofo.service.j2 | 8 ++++---- .../templates/jvb/matrix-jitsi-jvb.service.j2 | 8 ++++---- .../templates/prosody/matrix-jitsi-prosody.service.j2 | 8 ++++---- .../templates/web/matrix-jitsi-web.service.j2 | 8 ++++---- .../systemd/matrix-ldap-registration-proxy.service.j2 | 8 ++++---- .../templates/systemd/matrix-ma1sd.service.j2 | 8 ++++---- .../templates/systemd/matrix-mailer.service.j2 | 8 ++++---- .../templates/systemd/matrix-nginx-proxy.service.j2 | 10 +++++----- .../templates/systemd/matrix-ntfy.service.j2 | 8 ++++---- .../systemd/matrix-postgres-backup.service.j2 | 4 ++-- .../templates/systemd/matrix-postgres.service.j2 | 8 ++++---- .../systemd/matrix-prometheus-node-exporter.service.j2 | 8 ++++---- .../matrix-prometheus-postgres-exporter.service.j2 | 8 ++++---- .../templates/systemd/matrix-prometheus.service.j2 | 8 ++++---- .../templates/systemd/matrix-registration.service.j2 | 8 ++++---- .../templates/systemd/matrix-sygnal.service.j2 | 8 ++++---- .../templates/systemd/matrix-synapse-admin.service.j2 | 8 ++++---- .../synapse/systemd/matrix-synapse-worker.service.j2 | 8 ++++---- .../synapse/systemd/matrix-synapse.service.j2 | 8 ++++---- .../tasks/validate_config.yml | 1 + 66 files changed, 254 insertions(+), 254 deletions(-) diff --git a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 index 70250f8d0..533f6e42f 100644 --- a/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 +++ b/roles/custom/matrix-backup-borg/templates/systemd/matrix-backup-borg.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=oneshot Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-backup-borg \ --log-driver=none \ --cap-drop=ALL \ @@ -50,8 +50,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_backup_borg_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-backup-borg 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-backup-borg 2>/dev/null || true' SyslogIdentifier=matrix-backup-borg [Install] diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index f6cd06f4d..c66192b1b 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -125,7 +125,6 @@ matrix_host_command_chown: "/usr/bin/env chown" matrix_host_command_fusermount: "/usr/bin/env fusermount" matrix_host_command_openssl: "/usr/bin/env openssl" matrix_host_command_systemctl: "/usr/bin/env systemctl" -matrix_host_command_sh: "/usr/bin/env sh" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 index 89ffe62e0..60909dc91 100644 --- a/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 +++ b/roles/custom/matrix-bot-buscarron/templates/systemd/matrix-bot-buscarron.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-buscarron \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_buscarron_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-buscarron 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-buscarron 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-buscarron diff --git a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 index a2143963d..a57df57e2 100644 --- a/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ b/roles/custom/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-go-neb \ --log-driver=none \ @@ -39,8 +39,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_bot_go_neb_docker_image }} \ -c "go-neb /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-go-neb diff --git a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 index d7e53ce97..2cce62da5 100644 --- a/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 +++ b/roles/custom/matrix-bot-honoroit/templates/systemd/matrix-bot-honoroit.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-honoroit \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_honoroit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-honoroit diff --git a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 index 872a6814f..704c512f0 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-registration-bot/templates/systemd/matrix-bot-matrix-registration-bot.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-registration-bot \ --log-driver=none \ @@ -27,8 +27,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --network={{ matrix_docker_network }} \ {{ matrix_bot_matrix_registration_bot_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-registration-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-registration-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-registration-bot diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index 31c6d6107..71598232a 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/custom/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_bot_matrix_reminder_bot_docker_image }} \ -c "matrix-reminder-bot /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-reminder-bot diff --git a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index fd07d40ce..34c856350 100644 --- a/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-maubot diff --git a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 index d4a5b1df1..8ac872b72 100644 --- a/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 +++ b/roles/custom/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_mjolnir_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-mjolnir diff --git a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index e9c6a0c24..f2610600c 100644 --- a/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/custom/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-bot-postmoogle \ --log-driver=none \ @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_bot_postmoogle_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-postmoogle diff --git a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index 8cb75b834..8a7935731 100644 --- a/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/custom/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_discord_docker_image }} \ node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-discord diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index 3e40b8010..bd5cbbe3c 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_irc_docker_image }} \ -c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-irc 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-irc 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-irc diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 index 879fdc87c..4161241aa 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \ --log-driver=none \ @@ -28,8 +28,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_kakaotalk_node_docker_image }} \ node src/main.js --config /config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk-node diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 index f08d37fc1..0c85e7ba6 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_kakaotalk_docker_image }} \ python3 -m matrix_appservice_kakaotalk -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-kakaotalk diff --git a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index 8e1e350d6..0d1009faa 100644 --- a/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/custom/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_slack_docker_image }} \ node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-slack diff --git a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index 028d3e7bd..a50173690 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_appservice_webhooks_docker_image }} \ node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-webhooks diff --git a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 index 665ee434e..1a63311b9 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 +++ b/roles/custom/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_beeper_linkedin_docker_image }} \ python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-beeper-linkedin diff --git a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 index 44aa97dd9..f7ab10f86 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 +++ b/roles/custom/matrix-bridge-go-skype-bridge/templates/systemd/matrix-go-skype-bridge.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_go_skype_bridge_docker_image }} \ /usr/bin/matrix-skype -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-go-skype-bridge 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-go-skype-bridge 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-go-skype-bridge diff --git a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 index 452c58b9d..43a166071 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-discord/templates/systemd/matrix-mautrix-discord.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_discord_docker_image }} \ /usr/bin/mautrix-discord -c /config/config.yaml -r /config/registration.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-discord diff --git a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index 6a8a2c8a3..4097111e2 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_facebook_docker_image }} \ python3 -m mautrix_facebook -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-facebook diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 index d640a14fd..d52e5d6b5 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_googlechat_docker_image }} \ python3 -m mautrix_googlechat -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-googlechat diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index f20f20e3b..a24bcf868 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null || true' ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -44,8 +44,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_hangouts_docker_image }} \ python3 -m mautrix_hangouts -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-hangouts diff --git a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 index f8979fb69..808ace40d 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_instagram_docker_image }} \ python3 -m mautrix_instagram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-instagram diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index c67f7e629..11a34d8f2 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -15,8 +15,8 @@ Wants={{ service }} Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -41,8 +41,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name -v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \ {{ matrix_mautrix_signal_daemon_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 index 1ca46a20a..7b70cbe44 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 @@ -14,8 +14,8 @@ Wants={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -38,8 +38,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_signal_docker_image }} \ python3 -m mautrix_signal -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index fae2efcdf..2948a711c 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_telegram_docker_image }} \ python3 -m mautrix_telegram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-telegram diff --git a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 index 48122b9f4..c167eb067 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_twitter_docker_image }} \ python3 -m mautrix_twitter -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-twitter diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index f73184758..effa086dc 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_mautrix_whatsapp_docker_image }} \ /usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-whatsapp diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index ed034d821..7304054e5 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 15 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_discord_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-discord diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 index 0843f44fb..d9fd49295 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_groupme_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-groupme diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index 94bb5aae3..5e3ad3eaa 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_instagram_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-instagram diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index 6d55316d1..06d5e10ad 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_slack_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-slack diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index fdc9dd1ca..31dd2fae5 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_steam_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-steam diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 74a6ed017..918b06d79 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mx_puppet_twitter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-twitter diff --git a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 index ffc63b68b..1ad84d5b7 100644 --- a/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 +++ b/roles/custom/matrix-cactus-comments/templates/systemd/matrix-cactus-comments.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-cactus-comments \ --log-driver=none \ @@ -26,8 +26,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --network={{ matrix_docker_network }} \ {{ matrix_cactus_comments_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-cactus-comments 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-cactus-comments 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-cactus-comments diff --git a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 index 9aa0239f8..b9a66c74b 100644 --- a/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 +++ b/roles/custom/matrix-client-cinny/templates/systemd/matrix-client-cinny.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-cinny \ --log-driver=none \ @@ -30,8 +30,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_client_cinny_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-cinny 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-cinny 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-cinny diff --git a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index a5181f59e..52f3249a9 100644 --- a/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-element \ --log-driver=none \ @@ -35,8 +35,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_client_element_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-element 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-element diff --git a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 index 70d32bdd1..92bfadcb9 100644 --- a/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/systemd/matrix-client-hydrogen.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-client-hydrogen \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_client_hydrogen_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-client-hydrogen 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-hydrogen 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-hydrogen diff --git a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 index d24acfbea..cdaead01d 100644 --- a/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 +++ b/roles/custom/matrix-conduit/templates/conduit/systemd/matrix-conduit.service.j2 @@ -9,8 +9,8 @@ After={{ service }} [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-conduit \ --log-driver=none \ @@ -27,8 +27,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_conduit_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-conduit 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-conduit 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-conduit /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 index 8ea4dd427..b5ad685a7 100644 --- a/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 +++ b/roles/custom/matrix-corporal/templates/systemd/matrix-corporal.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-corporal \ --log-driver=none \ @@ -34,8 +34,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_corporal_docker_image }} \ /matrix-corporal -config=/etc/matrix-corporal/config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-corporal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-corporal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-corporal diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 index 63a42a1b6..3a0782bf8 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-coturn \ --log-driver=none \ @@ -43,8 +43,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_coturn_docker_image }} \ -c /turnserver.conf -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-coturn 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-coturn 2>/dev/null || true' # This only reloads certificates (not other configuration). # See: https://github.com/coturn/coturn/pull/236 diff --git a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index b3e15fb04..b83f00bc4 100644 --- a/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/custom/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' {% if 'matrix-postgres.service' in matrix_dendrite_systemd_required_services_list %} # Dendrite is too quick to start in relation to its matrix-postgres dependency. @@ -54,8 +54,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name -https-bind-address {{ matrix_dendrite_https_bind_address }} {% endif %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dendrite 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dendrite 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-dendrite /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 diff --git a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 index 58f29cbad..07428ffa5 100644 --- a/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 +++ b/roles/custom/matrix-dimension/templates/systemd/matrix-dimension.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' # Fixup database ownership if it got changed somehow (during a server migration, etc.) {% if matrix_dimension_database_engine == 'sqlite' %} @@ -38,8 +38,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_dimension_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dimension 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dimension 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dimension diff --git a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 index 7ab2bf545..39cb94ca5 100644 --- a/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 +++ b/roles/custom/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-dynamic-dns \ --log-driver=none \ --network={{ matrix_docker_network }} \ @@ -26,8 +26,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_dynamic_dns_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-dynamic-dns diff --git a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 index b2bb5862f..270a0c530 100644 --- a/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 +++ b/roles/custom/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-email2matrix \ --log-driver=none \ @@ -24,8 +24,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_email2matrix_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-email2matrix 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-email2matrix 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-email2matrix diff --git a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 index fe2219e71..fd48b01eb 100644 --- a/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 +++ b/roles/custom/matrix-grafana/templates/systemd/matrix-grafana.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-grafana \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_grafana_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-grafana 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-grafana 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-grafana diff --git a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 index 34749a8be..1cf08234c 100644 --- a/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ --log-driver=none \ @@ -23,8 +23,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_jicofo_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jicofo diff --git a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 index 5d9fc8897..922d201a7 100644 --- a/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 +++ b/roles/custom/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-jvb \ --log-driver=none \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_jvb_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jvb diff --git a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index 851b3f106..0b2592aed 100644 --- a/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/custom/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-prosody \ --log-driver=none \ @@ -28,8 +28,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_prosody_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-prosody diff --git a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 index 8e859d122..fcb5f2213 100644 --- a/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 +++ b/roles/custom/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 @@ -10,8 +10,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-jitsi-web \ --log-driver=none \ @@ -29,8 +29,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_jitsi_web_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-jitsi-web 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-jitsi-web 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-web diff --git a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 index 2520b04a1..641e321e2 100644 --- a/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 +++ b/roles/custom/matrix-ldap-registration-proxy/templates/systemd/matrix-ldap-registration-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' # matrix_ldap_registration_proxy writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_ldap_registration_proxy_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ldap-registration-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ldap-registration-proxy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ldap-registration-proxy diff --git a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index fcb3b5aae..9dbddbbf1 100644 --- a/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/custom/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' # ma1sd writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, # so /tmp needs to be mounted with an exec option. @@ -38,8 +38,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_ma1sd_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ma1sd 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ma1sd 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ma1sd diff --git a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 index a501bdd40..469d08172 100644 --- a/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 +++ b/roles/custom/matrix-mailer/templates/systemd/matrix-mailer.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' # --hostname gives us a friendlier hostname than the default. # The real hostname is passed via a `HOSTNAME` environment variable though. @@ -27,8 +27,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_mailer_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-mailer 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mailer 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-mailer diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index 76d080404..ee32be38e 100755 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-nginx-proxy \ --log-driver=none \ @@ -51,11 +51,11 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_nginx_proxy_docker_image }} {% for network in matrix_nginx_proxy_container_additional_networks %} -ExecStartPost={{ matrix_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' +ExecStartPost={{ devture_systemd_docker_base_host_command_sh }} -c 'attempt=0; while [ $attempt -le 29 ]; do attempt=$(( $attempt + 1 )); if [ "`docker inspect -f {{ '{{.State.Running}}' }} matrix-nginx-proxy 2> /dev/null`" = "true" ]; then break; fi; sleep 1; done; {{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-nginx-proxy' {% endfor %} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload Restart=always RestartSec=30 diff --git a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 index d817cb1a4..a10cb5844 100644 --- a/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 +++ b/roles/custom/matrix-ntfy/templates/systemd/matrix-ntfy.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-ntfy \ --log-driver=none \ @@ -28,8 +28,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_ntfy_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-ntfy 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-ntfy 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-ntfy diff --git a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 index e5c06b833..618eb548e 100644 --- a/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 +++ b/roles/custom/matrix-postgres-backup/templates/systemd/matrix-postgres-backup.service.j2 @@ -9,7 +9,7 @@ DefaultDependencies=no Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-postgres-backup \ --log-driver=none \ @@ -22,7 +22,7 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_postgres_backup_docker_image_to_use }} ExecStop=-{{ devture_systemd_docker_base_host_command_docker }} stop matrix-postgres-backup -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres-backup 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres-backup diff --git a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 index ebf4bfc22..e63267a3e 100644 --- a/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 +++ b/roles/custom/matrix-postgres/templates/systemd/matrix-postgres.service.j2 @@ -8,8 +8,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' # We need /dev/shm to be larger than the default to allow VACUUM to work. # See: @@ -36,8 +36,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_postgres_docker_image_to_use }} \ postgres {{ matrix_postgres_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-postgres 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-postgres 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres diff --git a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 index 41655f7e1..82aca453f 100644 --- a/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-node-exporter \ @@ -34,8 +34,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_prometheus_node_exporter_docker_image }} \ --path.rootfs=/host {{ matrix_prometheus_node_exporter_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-node-exporter diff --git a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 index 4462c5ed3..5c3fbac6f 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 +++ b/roles/custom/matrix-prometheus-postgres-exporter/templates/systemd/matrix-prometheus-postgres-exporter.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus-postgres-exporter \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name --pid=host \ {{ matrix_prometheus_postgres_exporter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus-postgres-exporter 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus-postgres-exporter 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-postgres-exporter diff --git a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 index 210c193f8..584557344 100644 --- a/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 +++ b/roles/custom/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-prometheus \ @@ -33,8 +33,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_prometheus_docker_image }} {{ matrix_prometheus_process_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-prometheus 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-prometheus 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus diff --git a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 index 8ddd023f8..f51d9fb95 100644 --- a/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ b/roles/custom/matrix-registration/templates/systemd/matrix-registration.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-registration \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_registration_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-registration 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-registration 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-registration diff --git a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 index 06783b046..646314dfb 100644 --- a/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 +++ b/roles/custom/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-sygnal \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_sygnal_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-sygnal 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-sygnal 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-sygnal diff --git a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 index 8338aedb6..9bae6e03f 100644 --- a/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 +++ b/roles/custom/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 @@ -13,8 +13,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-synapse-admin \ --log-driver=none \ @@ -32,8 +32,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {% endfor %} {{ matrix_synapse_admin_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse-admin 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse-admin 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-synapse-admin diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 00a989297..3d50ac9bc 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -8,8 +8,8 @@ After=matrix-synapse.service Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' # Intentional delay, so that the homeserver can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 @@ -46,8 +46,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name run -m synapse.app.{{ matrix_synapse_worker_details.app }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' Restart=always diff --git a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index c8b80f149..7f6c2336a 100644 --- a/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -21,8 +21,8 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' {% if matrix_s3_media_store_enabled %} # Allow for some time before starting, so that media store can mount. # Mounting can happen later too, but if we start writing, @@ -63,8 +63,8 @@ ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name {{ matrix_synapse_docker_image_final }} \ run -m synapse.app.homeserver -c /data/homeserver.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} kill matrix-synapse 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-synapse 2>/dev/null || true' ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1' Restart=always RestartSec=30 diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index ef71a4e0c..2dda794bc 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -15,3 +15,4 @@ - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} + - {'old': 'matrix_host_command_sh', 'new': 'devture_systemd_docker_base_host_command_sh'} From 4f4c856e43b119c401c1169e649de2a52593aed0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:41:23 +0200 Subject: [PATCH 313/349] matrix_host_command_systemctl -> devture_systemd_docker_base_host_command_systemctl (via com.devture.ansible.role.systemd_docker_base) --- roles/custom/matrix-base/defaults/main.yml | 1 - .../templates/systemd/matrix-coturn-reload.service.j2 | 2 +- .../templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 | 2 +- .../custom/matrix_playbook_migration/tasks/validate_config.yml | 3 +++ 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index c66192b1b..5a171ad60 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -124,7 +124,6 @@ matrix_host_command_sleep: "/usr/bin/env sleep" matrix_host_command_chown: "/usr/bin/env chown" matrix_host_command_fusermount: "/usr/bin/env fusermount" matrix_host_command_openssl: "/usr/bin/env openssl" -matrix_host_command_systemctl: "/usr/bin/env systemctl" matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 index e006e5a06..7d12f6ec8 100644 --- a/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 +++ b/roles/custom/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 @@ -3,4 +3,4 @@ Description=Reloads matrix-coturn so that new SSL certificates can kick in [Service] Type=oneshot -ExecStart={{ matrix_host_command_systemctl }} reload matrix-coturn.service +ExecStart={{ devture_systemd_docker_base_host_command_systemctl }} reload matrix-coturn.service diff --git a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 index 851655baa..025c5e2d1 100644 --- a/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.service.j2 @@ -3,4 +3,4 @@ Description=Reloads matrix-nginx-proxy so that new SSL certificates can kick in [Service] Type=oneshot -ExecStart={{ matrix_host_command_systemctl }} reload matrix-nginx-proxy.service +ExecStart={{ devture_systemd_docker_base_host_command_systemctl }} reload matrix-nginx-proxy.service diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index 2dda794bc..e6235ee48 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -10,9 +10,12 @@ - {'old': 'matrix_vars_yml_snapshotting_enabled', 'new': 'devture_playbook_state_preserver_vars_preservation_enabled'} - {'old': 'matrix_vars_yml_snapshotting_src', 'new': 'devture_playbook_state_preserver_vars_preservation_src'} - {'old': 'matrix_playbook_commit_hash_preservation_enabled', 'new': 'devture_playbook_state_preserver_commit_hash_preservation_enabled'} + - {'old': 'matrix_ntpd_package', 'new': 'devture_timesync_ntpd_package'} - {'old': 'matrix_ntpd_service', 'new': 'devture_timesync_ntpd_service'} + - {'old': 'matrix_systemd_unit_home_path', 'new': 'devture_systemd_docker_base_systemd_unit_home_path'} - {'old': 'matrix_systemd_path', 'new': 'devture_systemd_docker_base_systemd_path'} - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} - {'old': 'matrix_host_command_sh', 'new': 'devture_systemd_docker_base_host_command_sh'} + - {'old': 'matrix_host_command_systemctl', 'new': 'devture_systemd_docker_base_host_command_systemctl'} From d3bd1ca02429138aca0540fa56def042782c40e0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 16:44:29 +0200 Subject: [PATCH 314/349] matrix_*_retries_{count,delay} -> devture_playbook_help_*_retries_{count,delay} --- roles/custom/matrix-backup-borg/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-base/defaults/main.yml | 8 -------- roles/custom/matrix-bot-buscarron/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-go-neb/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-honoroit/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-maubot/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml | 4 ++-- .../custom/matrix-bot-postmoogle/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-appservice-irc/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-beeper-linkedin/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-go-skype-bridge/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-heisenbridge/tasks/setup_install.yml | 4 ++-- .../custom/matrix-bridge-hookshot/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-discord/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-signal/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mautrix-twitter/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-slack/tasks/setup_install.yml | 4 ++-- .../matrix-bridge-mx-puppet-steam/tasks/setup_install.yml | 4 ++-- .../tasks/setup_install.yml | 4 ++-- roles/custom/matrix-bridge-sms/tasks/setup_install.yml | 4 ++-- .../custom/matrix-cactus-comments/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-client-cinny/tasks/setup_install.yml | 4 ++-- .../custom/matrix-client-element/tasks/setup_install.yml | 4 ++-- .../custom/matrix-client-hydrogen/tasks/setup_install.yml | 4 ++-- .../custom/matrix-conduit/tasks/conduit/setup_install.yml | 4 ++-- roles/custom/matrix-corporal/tasks/setup_corporal.yml | 4 ++-- roles/custom/matrix-coturn/tasks/setup_install.yml | 4 ++-- .../matrix-dendrite/tasks/dendrite/setup_install.yml | 4 ++-- roles/custom/matrix-dimension/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-dynamic-dns/tasks/install.yml | 4 ++-- roles/custom/matrix-email2matrix/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-etherpad/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-grafana/tasks/setup.yml | 8 ++++---- roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml | 4 ++-- roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml | 4 ++-- roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml | 4 ++-- roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml | 4 ++-- roles/custom/matrix-ma1sd/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-mailer/tasks/setup_mailer.yml | 4 ++-- .../tasks/nginx-proxy/setup_metrics_auth.yml | 4 ++-- .../custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 4 ++-- roles/custom/matrix-ntfy/tasks/setup_install.yml | 4 ++-- .../tasks/setup_postgres_backup.yml | 4 ++-- roles/custom/matrix-postgres/tasks/setup_postgres.yml | 4 ++-- .../matrix-prometheus-node-exporter/tasks/setup.yml | 4 ++-- .../matrix-prometheus-postgres-exporter/tasks/setup.yml | 4 ++-- roles/custom/matrix-prometheus/tasks/setup_install.yml | 8 ++++---- roles/custom/matrix-redis/tasks/setup_redis.yml | 4 ++-- roles/custom/matrix-registration/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-sygnal/tasks/setup_install.yml | 4 ++-- roles/custom/matrix-synapse-admin/tasks/setup.yml | 4 ++-- .../tasks/ext/encryption-disabler/setup_install.yml | 4 ++-- .../matrix-synapse/tasks/ext/rest-auth/setup_install.yml | 4 ++-- .../tasks/ext/shared-secret-auth/setup_install.yml | 4 ++-- .../custom/matrix-synapse/tasks/goofys/setup_install.yml | 4 ++-- .../tasks/rust-synapse-compress-state/main.yml | 4 ++-- .../custom/matrix-synapse/tasks/synapse/setup_install.yml | 4 ++-- .../matrix_playbook_migration/tasks/validate_config.yml | 5 +++++ 73 files changed, 153 insertions(+), 156 deletions(-) diff --git a/roles/custom/matrix-backup-borg/tasks/setup_install.yml b/roles/custom/matrix-backup-borg/tasks/setup_install.yml index b9b442367..d12229e20 100644 --- a/roles/custom/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/custom/matrix-backup-borg/tasks/setup_install.yml @@ -66,8 +66,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_backup_borg_docker_image_force_pull }}" when: "not matrix_backup_borg_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure borg repository is present on self-build diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 5a171ad60..f3f45f7be 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -92,14 +92,6 @@ matrix_debian_arch: "{{ 'armhf' if matrix_architecture == 'arm32' else matrix_ar matrix_container_global_registry_prefix: "docker.io/" -# Each docker pull will retry on failed attempt 10 times with delay of 10 seconds between each attempt. -matrix_container_retries_count: 10 -matrix_container_retries_delay: 10 - -# Each get_url will retry on failed attempt 10 times with delay of 10 seconds between each attempt. -matrix_geturl_retries_count: 10 -matrix_geturl_retries_delay: 10 - matrix_user_username: "matrix" matrix_user_groupname: "matrix" diff --git a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml index fbb05bb13..156813def 100644 --- a/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-buscarron/tasks/setup_install.yml @@ -57,8 +57,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_buscarron_docker_image_force_pull }}" when: "not matrix_bot_buscarron_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure buscarron repository is present on self-build diff --git a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml index c8345ce38..70aec14ad 100644 --- a/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-go-neb/tasks/setup_install.yml @@ -23,8 +23,8 @@ force_source: "{{ matrix_bot_go_neb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_go_neb_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure go-neb config installed diff --git a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml index 197053209..05dcd7c7c 100644 --- a/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-honoroit/tasks/setup_install.yml @@ -57,8 +57,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_honoroit_docker_image_force_pull }}" when: "not matrix_bot_honoroit_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure honoroit repository is present on self-build diff --git a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml index 505f844af..3838fa079 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml @@ -29,8 +29,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_registration_bot_docker_image_force_pull }}" when: "not matrix_bot_matrix_registration_bot_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-registration-bot repository is present on self-build diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 0592cacf2..00e25c361 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -50,8 +50,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}" when: "not matrix_bot_matrix_reminder_bot_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-reminder-bot repository is present on self-build diff --git a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml index 0619a47be..22f53b6fe 100644 --- a/roles/custom/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-maubot/tasks/setup_install.yml @@ -33,8 +33,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_maubot_docker_image_force_pull }}" when: "not matrix_bot_maubot_container_image_self_build|bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure maubot repository is present on self-build diff --git a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml index 5e46e223c..995e3b2be 100644 --- a/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml @@ -25,8 +25,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_mjolnir_docker_image_force_pull }}" when: "not matrix_bot_mjolnir_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure mjolnir repository is present on self-build diff --git a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml index e6bfa60ff..993cf8e5b 100644 --- a/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml @@ -53,8 +53,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_docker_image_force_pull }}" when: "not matrix_bot_postmoogle_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure postmoogle repository is present on self-build diff --git a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml index ac0ad64d0..f04e7f69e 100644 --- a/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml @@ -35,8 +35,8 @@ force_source: "{{ matrix_appservice_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_discord_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure AppService Discord paths exist diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index 864a2a50c..468dbd7a8 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -71,8 +71,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}" when: "matrix_appservice_irc_enabled | bool and not matrix_appservice_irc_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-irc repository is present when self-building diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml index 3d226e32b..2f5b6be15 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml @@ -16,8 +16,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_docker_image_force_pull }}" when: not matrix_appservice_kakaotalk_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-kakaotalk-node image is pulled @@ -28,8 +28,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_node_docker_image_force_pull }}" when: not matrix_appservice_kakaotalk_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-kakaotalk paths exist diff --git a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml index 66a0afeeb..2c7140851 100644 --- a/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -39,8 +39,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_slack_docker_image_force_pull }}" when: "not matrix_appservice_slack_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-appservice-slack repository is present when self-building diff --git a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 9a9bd54fb..734b6e60c 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -22,8 +22,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_webhooks_docker_image_force_pull }}" when: "not matrix_appservice_webhooks_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_appservice_webhooks_container_image_self_build | bool" diff --git a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 3385ebdd3..8784b6311 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -30,8 +30,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_beeper_linkedin_docker_image_force_pull }}" when: "not matrix_beeper_linkedin_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_beeper_linkedin_container_image_self_build | bool" diff --git a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml index 5f61f4681..68718ccf3 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml @@ -59,8 +59,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_go_skype_bridge_docker_image_force_pull }}" when: not matrix_go_skype_bridge_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Go Skype Bridge repository is present on self-build diff --git a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml index 8943fab09..9a0cac354 100644 --- a/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_heisenbridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_heisenbridge_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure heisenbridge paths exist diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 09f2539f4..15209d2ca 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -22,8 +22,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_hookshot_docker_image_force_pull }}" when: not matrix_hookshot_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure hookshot repository is present on self-build diff --git a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml index ea783df9c..06bae8dd0 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml @@ -59,8 +59,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_discord_docker_image_force_pull }}" when: not matrix_mautrix_discord_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix discord repository is present on self-build diff --git a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 929cd92a0..50a024270 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}" when: not matrix_mautrix_facebook_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Facebook paths exist diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index 13b380e2f..daadcba24 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_googlechat_docker_image_force_pull }}" when: not matrix_mautrix_googlechat_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix googlechat paths exist diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index f7b037797..a846a7b06 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_hangouts_docker_image_force_pull }}" when: not matrix_mautrix_hangouts_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Hangouts paths exist diff --git a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index b4c2bd839..19a2ff9ae 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -15,8 +15,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_instagram_docker_image_force_pull }}" when: not matrix_mautrix_instagram_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix instagram paths exist diff --git a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 4f4aed49f..f5a162a3c 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -16,8 +16,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}" when: "not matrix_mautrix_signal_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed diff --git a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index dfb0ec1ec..ba9c450fa 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -58,8 +58,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_telegram_docker_image_force_pull }}" when: "not matrix_mautrix_telegram_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure lottieconverter is present when self-building diff --git a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 94c9e8e05..c3ab2d4e7 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -19,8 +19,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_twitter_docker_image_force_pull }}" when: matrix_mautrix_twitter_enabled | bool and not matrix_mautrix_twitter_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Twitter paths exist diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index adf316f16..6b376946d 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -59,8 +59,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_whatsapp_docker_image_force_pull }}" when: not matrix_mautrix_whatsapp_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Mautrix Whatsapp repository is present on self-build diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index d9b330bb7..3b119745c 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -78,8 +78,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_docker_image_force_pull }}" when: matrix_mx_puppet_discord_enabled | bool and not matrix_mx_puppet_discord_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Discord repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index cee7f41e3..400de9c58 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -76,8 +76,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_groupme_docker_image_force_pull }}" when: matrix_mx_puppet_groupme_enabled | bool and not matrix_mx_puppet_groupme_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Groupme repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index 9f0468c17..c98535e3b 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -45,8 +45,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_instagram_docker_image_force_pull }}" when: matrix_mx_puppet_instagram_enabled | bool and not matrix_mx_puppet_instagram_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure mx-puppet-instagram paths exist diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 78ac6f082..e5d837633 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -72,8 +72,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_slack_docker_image_force_pull }}" when: matrix_mx_puppet_slack_enabled | bool and not matrix_mx_puppet_slack_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Slack repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index 0cccd7fe6..988544691 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -76,8 +76,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_steam_docker_image_force_pull }}" when: matrix_mx_puppet_steam_enabled | bool and not matrix_mx_puppet_steam_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Steam repository is present on self build diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 167a62bb2..d5ebec74e 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -76,8 +76,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_twitter_docker_image_force_pull }}" when: matrix_mx_puppet_twitter_enabled | bool and not matrix_mx_puppet_twitter_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure MX Puppet Twitter repository is present on self build diff --git a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml index 1da01b099..2050797af 100644 --- a/roles/custom/matrix-bridge-sms/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-sms/tasks/setup_install.yml @@ -5,8 +5,8 @@ name: "{{ matrix_sms_bridge_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-sms-bridge paths exist diff --git a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml index b3ccb1c64..8de14d19b 100644 --- a/roles/custom/matrix-cactus-comments/tasks/setup_install.yml +++ b/roles/custom/matrix-cactus-comments/tasks/setup_install.yml @@ -38,8 +38,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_cactus_comments_docker_image_force_pull }}" when: "not matrix_cactus_comments_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure cactus comments repository is present on self-build diff --git a/roles/custom/matrix-client-cinny/tasks/setup_install.yml b/roles/custom/matrix-client-cinny/tasks/setup_install.yml index a6a7fb25c..09b117be8 100644 --- a/roles/custom/matrix-client-cinny/tasks/setup_install.yml +++ b/roles/custom/matrix-client-cinny/tasks/setup_install.yml @@ -19,8 +19,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_cinny_docker_image_force_pull }}" when: "not matrix_client_cinny_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Cinny repository is present on self-build diff --git a/roles/custom/matrix-client-element/tasks/setup_install.yml b/roles/custom/matrix-client-element/tasks/setup_install.yml index 553b144de..0edb0b50e 100644 --- a/roles/custom/matrix-client-element/tasks/setup_install.yml +++ b/roles/custom/matrix-client-element/tasks/setup_install.yml @@ -20,8 +20,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_element_docker_image_force_pull }}" when: "not matrix_client_element_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Element repository is present on self-build diff --git a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml index 9509a44b1..6905081ad 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/setup_install.yml @@ -20,8 +20,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_hydrogen_docker_image_force_pull }}" when: "not matrix_client_hydrogen_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Hydrogen repository is present on self-build diff --git a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml index a5177bec4..ebc5447b2 100644 --- a/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml +++ b/roles/custom/matrix-conduit/tasks/conduit/setup_install.yml @@ -6,8 +6,8 @@ force_source: "{{ matrix_conduit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_conduit_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Conduit config path exists diff --git a/roles/custom/matrix-corporal/tasks/setup_corporal.yml b/roles/custom/matrix-corporal/tasks/setup_corporal.yml index 6e9f290c6..3f6ac86cd 100644 --- a/roles/custom/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/custom/matrix-corporal/tasks/setup_corporal.yml @@ -48,8 +48,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_corporal_docker_image_force_pull }}" when: "matrix_corporal_enabled | bool and not matrix_corporal_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Matrix Corporal config installed diff --git a/roles/custom/matrix-coturn/tasks/setup_install.yml b/roles/custom/matrix-coturn/tasks/setup_install.yml index 02e0a26b0..31b5446cb 100644 --- a/roles/custom/matrix-coturn/tasks/setup_install.yml +++ b/roles/custom/matrix-coturn/tasks/setup_install.yml @@ -25,8 +25,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_coturn_docker_image_force_pull }}" when: "not matrix_coturn_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_coturn_container_image_self_build | bool" diff --git a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml index f75b0e10d..aec7f77b4 100644 --- a/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml +++ b/roles/custom/matrix-dendrite/tasks/dendrite/setup_install.yml @@ -24,8 +24,8 @@ force_source: "{{ matrix_dendrite_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dendrite_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Check if a Dendrite signing key exists diff --git a/roles/custom/matrix-dimension/tasks/setup_install.yml b/roles/custom/matrix-dimension/tasks/setup_install.yml index 52507ebb4..2aeb1e2a7 100644 --- a/roles/custom/matrix-dimension/tasks/setup_install.yml +++ b/roles/custom/matrix-dimension/tasks/setup_install.yml @@ -94,8 +94,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_docker_image_force_pull }}" when: "not matrix_dimension_container_image_self_build | bool" register: matrix_dimension_pull_results - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: matrix_dimension_pull_results is not failed - name: Ensure dimension repository is present on self-build diff --git a/roles/custom/matrix-dynamic-dns/tasks/install.yml b/roles/custom/matrix-dynamic-dns/tasks/install.yml index 4be6d9f07..2367e9cb1 100644 --- a/roles/custom/matrix-dynamic-dns/tasks/install.yml +++ b/roles/custom/matrix-dynamic-dns/tasks/install.yml @@ -8,8 +8,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dynamic_dns_docker_image_force_pull }}" when: matrix_dynamic_dns_enabled | bool and not matrix_dynamic_dns_container_image_self_build register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Dynamic DNS paths exist diff --git a/roles/custom/matrix-email2matrix/tasks/setup_install.yml b/roles/custom/matrix-email2matrix/tasks/setup_install.yml index 39fcfdb84..740506338 100644 --- a/roles/custom/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/custom/matrix-email2matrix/tasks/setup_install.yml @@ -29,8 +29,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_email2matrix_docker_image_force_pull }}" when: "not matrix_email2matrix_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Email2Matrix repository is present on self-build diff --git a/roles/custom/matrix-etherpad/tasks/setup_install.yml b/roles/custom/matrix-etherpad/tasks/setup_install.yml index 2dfb39c5b..bb5e0e53e 100644 --- a/roles/custom/matrix-etherpad/tasks/setup_install.yml +++ b/roles/custom/matrix-etherpad/tasks/setup_install.yml @@ -23,8 +23,8 @@ force_source: "{{ matrix_etherpad_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_etherpad_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-etherpad.service installed diff --git a/roles/custom/matrix-grafana/tasks/setup.yml b/roles/custom/matrix-grafana/tasks/setup.yml index b86316b91..eabd25e5f 100644 --- a/roles/custom/matrix-grafana/tasks/setup.yml +++ b/roles/custom/matrix-grafana/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_grafana_docker_image_force_pull }}" when: "matrix_grafana_enabled | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure grafana paths exists @@ -71,8 +71,8 @@ with_items: "{{ matrix_grafana_dashboard_download_urls }}" when: matrix_grafana_enabled | bool register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - name: Ensure matrix-grafana.service installed diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml index 897deceea..d93953086 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jicofo.yml @@ -24,8 +24,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jicofo_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-jicofo environment variables file created diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml index 38a7571d0..966572af5 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_jvb.yml @@ -24,8 +24,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jvb_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-jvb configuration files created diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml index 9f76e1e6f..1a1656b2c 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_prosody.yml @@ -25,8 +25,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_prosody_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-prosody environment variables file is created diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml index ae6fa08e8..b6d3241b5 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_web.yml @@ -26,8 +26,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_web_docker_image_force_pull }}" when: matrix_jitsi_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure jitsi-web environment variables file created diff --git a/roles/custom/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml index 51e34dac4..70f7937ae 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -55,8 +55,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_ma1sd_docker_image_force_pull }}" when: "not matrix_ma1sd_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_ma1sd_container_image_self_build | bool" diff --git a/roles/custom/matrix-mailer/tasks/setup_mailer.yml b/roles/custom/matrix-mailer/tasks/setup_mailer.yml index fbc16a934..5d81565a2 100644 --- a/roles/custom/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/custom/matrix-mailer/tasks/setup_mailer.yml @@ -54,8 +54,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_docker_image_force_pull }}" when: "matrix_mailer_enabled | bool and not matrix_mailer_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-mailer.service installed diff --git a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml index dfb952a87..a72d26f68 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml @@ -24,8 +24,8 @@ force_source: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed # We store the password in a file and make the `htpasswd` tool read it from there, diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 04cd8610f..5fedd6629 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -200,8 +200,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_nginx_proxy_docker_image_force_pull }}" when: matrix_nginx_proxy_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-nginx-proxy.service installed diff --git a/roles/custom/matrix-ntfy/tasks/setup_install.yml b/roles/custom/matrix-ntfy/tasks/setup_install.yml index d6b4513f7..5ad8e507d 100644 --- a/roles/custom/matrix-ntfy/tasks/setup_install.yml +++ b/roles/custom/matrix-ntfy/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_ntfy_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_ntfy_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-ntfy paths exists diff --git a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml index 8d59462d0..6066ee491 100644 --- a/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml +++ b/roles/custom/matrix-postgres-backup/tasks/setup_postgres_backup.yml @@ -24,8 +24,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_postgres_backup_docker_image_force_pull }}" when: matrix_postgres_backup_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Postgres backup paths exist diff --git a/roles/custom/matrix-postgres/tasks/setup_postgres.yml b/roles/custom/matrix-postgres/tasks/setup_postgres.yml index 1435d3615..bba0d7989 100644 --- a/roles/custom/matrix-postgres/tasks/setup_postgres.yml +++ b/roles/custom/matrix-postgres/tasks/setup_postgres.yml @@ -44,8 +44,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_postgres_docker_image_force_pull }}" when: matrix_postgres_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Postgres paths exist diff --git a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml index 5820e3de6..0b0c5704a 100644 --- a/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-node-exporter/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_prometheus_node_exporter_docker_image_force_pull }}" when: "matrix_prometheus_node_exporter_enabled | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-prometheus-node-exporter.service installed diff --git a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml index c322aa4e5..1ab157994 100644 --- a/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml +++ b/roles/custom/matrix-prometheus-postgres-exporter/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_prometheus_postgres_exporter_docker_image_force_pull }}" when: "matrix_prometheus_postgres_exporter_enabled | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-prometheus-postgres-exporter.service installed diff --git a/roles/custom/matrix-prometheus/tasks/setup_install.yml b/roles/custom/matrix-prometheus/tasks/setup_install.yml index 728bbdde4..8c18ce664 100644 --- a/roles/custom/matrix-prometheus/tasks/setup_install.yml +++ b/roles/custom/matrix-prometheus/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_prometheus_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_prometheus_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Prometheus paths exists @@ -33,8 +33,8 @@ group: "{{ matrix_user_groupname }}" when: "matrix_prometheus_scraper_synapse_rules_enabled | bool" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - name: Ensure prometheus.yml installed diff --git a/roles/custom/matrix-redis/tasks/setup_redis.yml b/roles/custom/matrix-redis/tasks/setup_redis.yml index a09044f4d..b1b4c0b5c 100644 --- a/roles/custom/matrix-redis/tasks/setup_redis.yml +++ b/roles/custom/matrix-redis/tasks/setup_redis.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_redis_docker_image_force_pull }}" when: matrix_redis_enabled | bool register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure redis paths exist diff --git a/roles/custom/matrix-registration/tasks/setup_install.yml b/roles/custom/matrix-registration/tasks/setup_install.yml index 4d82a2e4c..04b2db3ef 100644 --- a/roles/custom/matrix-registration/tasks/setup_install.yml +++ b/roles/custom/matrix-registration/tasks/setup_install.yml @@ -55,8 +55,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_registration_docker_image_force_pull }}" when: "not matrix_registration_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-registration repository is present when self-building diff --git a/roles/custom/matrix-sygnal/tasks/setup_install.yml b/roles/custom/matrix-sygnal/tasks/setup_install.yml index 64bca58e4..27424314f 100644 --- a/roles/custom/matrix-sygnal/tasks/setup_install.yml +++ b/roles/custom/matrix-sygnal/tasks/setup_install.yml @@ -7,8 +7,8 @@ force_source: "{{ matrix_sygnal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_sygnal_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure Sygnal paths exists diff --git a/roles/custom/matrix-synapse-admin/tasks/setup.yml b/roles/custom/matrix-synapse-admin/tasks/setup.yml index 2dc2769ba..56cee4987 100644 --- a/roles/custom/matrix-synapse-admin/tasks/setup.yml +++ b/roles/custom/matrix-synapse-admin/tasks/setup.yml @@ -12,8 +12,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_admin_docker_image_force_pull }}" when: "matrix_synapse_admin_enabled | bool and not matrix_synapse_admin_container_image_self_build | bool" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Ensure matrix-synapse-admin repository is present when self-building diff --git a/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml index 00cc1650c..6ba5946d9 100644 --- a/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml @@ -9,8 +9,8 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - ansible.builtin.set_fact: diff --git a/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml index 489f11405..3c4d8cb5d 100644 --- a/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/rest-auth/setup_install.yml @@ -14,8 +14,8 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - ansible.builtin.set_fact: diff --git a/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml index 055d671ac..6dead7360 100644 --- a/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml @@ -19,8 +19,8 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" register: result - retries: "{{ matrix_geturl_retries_count }}" - delay: "{{ matrix_geturl_retries_delay }}" + retries: "{{ devture_playbook_help_geturl_retries_count }}" + delay: "{{ devture_playbook_help_geturl_retries_delay }}" until: result is not failed - ansible.builtin.set_fact: diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml index 6821813ea..7eb7e46cc 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml @@ -9,8 +9,8 @@ force_source: "{{ matrix_s3_goofys_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_s3_goofys_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed # This will throw a Permission Denied error if already mounted diff --git a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml index b9dd74332..17124e251 100644 --- a/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml +++ b/roles/custom/matrix-synapse/tasks/rust-synapse-compress-state/main.yml @@ -49,8 +49,8 @@ force_source: "{{ matrix_synapse_rust_synapse_compress_state_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_rust_synapse_compress_state_docker_image_force_pull }}" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - name: Generate rust-synapse-compress-state room find command diff --git a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml index 1b468f2df..429179de4 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/setup_install.yml @@ -58,8 +58,8 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_synapse_docker_image_force_pull }}" when: "not matrix_synapse_container_image_self_build" register: result - retries: "{{ matrix_container_retries_count }}" - delay: "{{ matrix_container_retries_delay }}" + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" until: result is not failed - when: "matrix_synapse_container_image_customizations_enabled | bool" diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index e6235ee48..0b738a57a 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -19,3 +19,8 @@ - {'old': 'matrix_host_command_docker', 'new': 'devture_systemd_docker_base_host_command_docker'} - {'old': 'matrix_host_command_sh', 'new': 'devture_systemd_docker_base_host_command_sh'} - {'old': 'matrix_host_command_systemctl', 'new': 'devture_systemd_docker_base_host_command_systemctl'} + + - {'old': 'matrix_container_retries_count', 'new': 'devture_playbook_help_container_retries_count'} + - {'old': 'matrix_container_retries_delay', 'new': 'devture_playbook_help_container_retries_delay'} + - {'old': 'matrix_geturl_retries_count', 'new': 'devture_playbook_help_geturl_retries_count'} + - {'old': 'matrix_geturl_retries_delay', 'new': 'devture_playbook_help_geturl_retries_delay'} From a4e2a3bc0746c8b8d4775f08cbdbc3e174d95d6d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 4 Nov 2022 17:07:29 +0200 Subject: [PATCH 315/349] Upgrade Hydrogen (v0.3.2 -> v0.3.3) --- roles/custom/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index bd2917d2b..d207df742 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.3.2 +matrix_client_hydrogen_version: v0.3.3 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From a86cb2336a7d7ccab919812e8f63c3218ecdfc6b Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 17:16:29 +0200 Subject: [PATCH 316/349] etherpad - do not request ssl cert for subdomain if dimension is installed --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 26e5b35f5..4a3c1193c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1840,7 +1840,7 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) + - ([matrix_server_fqn_etherpad] if matrix_etherpad_enabled else []) + ([matrix_server_fqn_etherpad] if (matrix_etherpad_enabled and not matrix_dimension_enabled) else []) + ([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else []) + From 37d4bf0d1c06175e1a2bb91e14f8f1c34481cc9c Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 18:55:57 +0200 Subject: [PATCH 317/349] fix workers-doc-to-yaml --- .../files/workers-doc-to-yaml.sh | 5 +- roles/custom/matrix-synapse/vars/main.yml | 458 ++++++++++++++++++ 2 files changed, 461 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh index 5981523b5..50a526bc8 100755 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh +++ b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh @@ -1,6 +1,7 @@ #!/bin/sh # Fetch the synapse worker documentation and extract endpoint URLs # matrix-org/synapse master branch points to current stable release +# and put it between `workers:start` and `workers:end` tokens in ../vars/main.yml -URL=https://github.com/matrix-org/synapse/raw/master/docs/workers.md -curl -L ${URL} | awk -f workers-doc-to-yaml.awk > ../vars/workers.yml +snippet="$(curl -L https://github.com/matrix-org/synapse/raw/master/docs/workers.md | awk -f workers-doc-to-yaml.awk)" +awk -v snippet="$snippet" -i inplace '/workers:start/{f=1;print;print snippet}/workers:end/{f=0}!f' ../vars/main.yml diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index a4d43e784..e68ed25d3 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -110,3 +110,461 @@ matrix_synapse_known_worker_types: | # matrix_synapse_known_instance_map_eligible_worker_types contains the list of worker types that are to be injected into `matrix_synapse_instance_map`. matrix_synapse_known_instance_map_eligible_worker_types: - stream_writer + +# the following section contains semi-automatic generated content +### workers:start +matrix_synapse_workers_generic_worker_endpoints: + # This worker can handle API requests matching the following regular expressions. + # These endpoints can be routed to any worker. If a worker is set up to handle a + # stream then, for maximum efficiency, additional endpoints should be routed to that + # worker: refer to the [stream writers](#stream-writers) section below for further + # information. + + # Sync requests + - ^/_matrix/client/(r0|v3)/sync$ + - ^/_matrix/client/(api/v1|r0|v3)/events$ + - ^/_matrix/client/(api/v1|r0|v3)/initialSync$ + - ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ + + # Federation requests + - ^/_matrix/federation/v1/event/ + - ^/_matrix/federation/v1/state/ + - ^/_matrix/federation/v1/state_ids/ + - ^/_matrix/federation/v1/backfill/ + - ^/_matrix/federation/v1/get_missing_events/ + - ^/_matrix/federation/v1/publicRooms + - ^/_matrix/federation/v1/query/ + - ^/_matrix/federation/v1/make_join/ + - ^/_matrix/federation/v1/make_leave/ + - ^/_matrix/federation/(v1|v2)/send_join/ + - ^/_matrix/federation/(v1|v2)/send_leave/ + - ^/_matrix/federation/(v1|v2)/invite/ + - ^/_matrix/federation/v1/event_auth/ + - ^/_matrix/federation/v1/exchange_third_party_invite/ + - ^/_matrix/federation/v1/user/devices/ + - ^/_matrix/key/v2/query + - ^/_matrix/federation/v1/hierarchy/ + + # Inbound federation transaction request + - ^/_matrix/federation/v1/send/ + + # Client API requests + - ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ + - ^/_matrix/client/v1/rooms/.*/hierarchy$ + - ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ + - ^/_matrix/client/v1/rooms/.*/threads$ + - ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ + - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ + - ^/_matrix/client/(r0|v3|unstable)/account/3pid$ + - ^/_matrix/client/(r0|v3|unstable)/account/whoami$ + - ^/_matrix/client/(r0|v3|unstable)/devices$ + - ^/_matrix/client/versions$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ + + # Encryption requests + # Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri` + - ^/_matrix/client/(r0|v3|unstable)/keys/query$ + - ^/_matrix/client/(r0|v3|unstable)/keys/changes$ + - ^/_matrix/client/(r0|v3|unstable)/keys/claim$ + - ^/_matrix/client/(r0|v3|unstable)/room_keys/ + - ^/_matrix/client/(r0|v3|unstable)/keys/upload/ + + # Registration/login requests + - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ + - ^/_matrix/client/(r0|v3|unstable)/register$ + - ^/_matrix/client/v1/register/m.login.registration_token/validity$ + + # Event sending requests + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ + - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ + +# These appear to be conditional and should not be enabled by default. +# We need to fix up our workers-doc-to-yaml.awk parsing script to exclude them. +# For now, they've been commented out manually. +# # Account data requests +# - ^/_matrix/client/(r0|v3|unstable)/.*/tags +# - ^/_matrix/client/(r0|v3|unstable)/.*/account_data +# +# # Receipts requests +# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt +# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers +# +# # Presence requests +# - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + + # User directory search requests + # Any worker can handle these, but we have a dedicated user_dir worker for this, + # so we'd like for other generic workers to not try and capture these requests. + # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + + # Additionally, the following REST endpoints can be handled for GET requests: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/ + + # Pagination requests can also be handled, but all requests for a given + # room must be routed to the same instance. Additionally, care must be taken to + # ensure that the purge history admin API is not used while pagination requests + # for the room are in flight: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$ + + # Additionally, the following endpoints should be included if Synapse is configured + # to use SSO (you only need to include the ones for whichever SSO provider you're + # using): + + # for all SSO providers + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect + # ^/_synapse/client/pick_idp$ + # ^/_synapse/client/pick_username + # ^/_synapse/client/new_user_consent$ + # ^/_synapse/client/sso_register$ + + # OpenID Connect requests. + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_synapse/client/oidc/callback$ + + # SAML requests. + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_synapse/client/saml2/authn_response$ + + # CAS requests. + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$ + + # Ensure that all SSO logins go to a single process. + # For multiple workers not handling the SSO endpoints properly, see + # [#7530](https://github.com/matrix-org/synapse/issues/7530) and + # [#9427](https://github.com/matrix-org/synapse/issues/9427). + + # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) + # with `client` and `federation` `resources` must be configured in the `worker_listeners` + # option in the worker config. + + # #### Load balancing + + # It is possible to run multiple instances of this worker app, with incoming requests + # being load-balanced between them by the reverse-proxy. However, different endpoints + # have different characteristics and so admins + # may wish to run multiple groups of workers handling different endpoints so that + # load balancing can be done in different ways. + + # For `/sync` and `/initialSync` requests it will be more efficient if all + # requests from a particular user are routed to a single instance. Extracting a + # user ID from the access token or `Authorization` header is currently left as an + # exercise for the reader. Admins may additionally wish to separate out `/sync` + # requests that have a `since` query parameter from those that don't (and + # `/initialSync`), as requests that don't are known as "initial sync" that happens + # when a user logs in on a new device and can be *very* resource intensive, so + # isolating these requests will stop them from interfering with other users ongoing + # syncs. + + # Federation and client requests can be balanced via simple round robin. + + # The inbound federation transaction request `^/_matrix/federation/v1/send/` + # should be balanced by source IP so that transactions from the same remote server + # go to the same process. + + # Registration/login requests can be handled separately purely to help ensure that + # unexpected load doesn't affect new logins and sign ups. + + # Finally, event sending requests can be balanced by the room ID in the URI (or + # the full URI, or even just round robin), the room ID is the path component after + # `/rooms/`. If there is a large bridge connected that is sending or may send lots + # of events, then a dedicated set of workers can be provisioned to limit the + # effects of bursts of events from that bridge on events sent by normal users. + + # #### Stream writers + + # Additionally, the writing of specific streams (such as events) can be moved off + # of the main process to a particular worker. + + # To enable this, the worker must have a + # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, + # have a `worker_name` and be listed in the `instance_map` config. The same worker + # can handle multiple streams, but unless otherwise documented, each stream can only + # have a single writer. + + # For example, to move event persistence off to a dedicated worker, the shared + # configuration would include: + + # ```yaml + # instance_map: + # event_persister1: + # host: localhost + # port: 8034 + + # stream_writers: + # events: event_persister1 + # ``` + + # An example for a stream writer instance: + + # ```yaml + # {{#include systemd-with-workers/workers/event_persister.yaml}} + # ``` + + # Some of the streams have associated endpoints which, for maximum efficiency, should + # be routed to the workers handling that stream. See below for the currently supported + # streams and the endpoints associated with them: + + # ##### The `events` stream + + # The `events` stream experimentally supports having multiple writers, where work + # is sharded between them by room ID. Note that you *must* restart all worker + # instances when adding or removing event persisters. An example `stream_writers` + # configuration with multiple writers: + + # ```yaml + # stream_writers: + # events: + # - event_persister1 + # - event_persister2 + # ``` + + # ##### The `typing` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `typing` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing + + # ##### The `to_device` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `to_device` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ + + # ##### The `account_data` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `account_data` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/.*/tags + # ^/_matrix/client/(r0|v3|unstable)/.*/account_data + + # ##### The `receipts` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `receipts` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt + # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers + + # ##### The `presence` stream + + # The following endpoints should be routed directly to the worker configured as + # the stream writer for the `presence` stream: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + + # #### Background tasks + + # There is also support for moving background tasks to a separate + # worker. Background tasks are run periodically or started via replication. Exactly + # which tasks are configured to run depends on your Synapse configuration (e.g. if + # stats is enabled). This worker doesn't handle any REST endpoints itself. + + # To enable this, the worker must have a `worker_name` and can be configured to run + # background tasks. For example, to move background tasks to a dedicated worker, + # the shared configuration would include: + + # ```yaml + # run_background_tasks_on: background_worker + # ``` + + # You might also wish to investigate the `update_user_directory_from_worker` and + # `media_instance_running_background_jobs` settings. + + # An example for a dedicated background worker instance: + + # ```yaml + # {{#include systemd-with-workers/workers/background_worker.yaml}} + # ``` + + # #### Updating the User Directory + + # You can designate one generic worker to update the user directory. + + # Specify its name in the shared configuration as follows: + + # ```yaml + # update_user_directory_from_worker: worker_name + # ``` + + # This work cannot be load-balanced; please ensure the main process is restarted + # after setting this option in the shared configuration! + + # User directory updates allow REST endpoints matching the following regular + # expressions to work: + + # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually + # ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + + # The above endpoints can be routed to any worker, though you may choose to route + # it to the chosen user directory worker. + + # This style of configuration supersedes the legacy `synapse.app.user_dir` + # worker application type. + + + # #### Notifying Application Services + + # You can designate one generic worker to send output traffic to Application Services. + # Doesn't handle any REST endpoints itself, but you should specify its name in the + # shared configuration as follows: + + # ```yaml + # notify_appservices_from_worker: worker_name + # ``` + + # This work cannot be load-balanced; please ensure the main process is restarted + # after setting this option in the shared configuration! + + # This style of configuration supersedes the legacy `synapse.app.appservice` + # worker application type. + + +# pusher worker (no API endpoints) [ + # Handles sending push notifications to sygnal and email. Doesn't handle any + # REST endpoints itself, but you should set `start_pushers: False` in the + # shared configuration file to stop the main synapse sending push notifications. + + # To run multiple instances at once the `pusher_instances` option should list all + # pusher instances by their worker name, e.g.: + + # ```yaml + # pusher_instances: + # - pusher_worker1 + # - pusher_worker2 + # ``` + + # An example for a pusher instance: + + # ```yaml + # {{#include systemd-with-workers/workers/pusher_worker.yaml}} + # ``` + +# ] + +# appservice worker (no API endpoints) [ + # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the + # `notify_appservices_from_worker` option instead.](#notifying-application-services) + + # Handles sending output traffic to Application Services. Doesn't handle any + # REST endpoints itself, but you should set `notify_appservices: False` in the + # shared configuration file to stop the main synapse sending appservice notifications. + + # Note this worker cannot be load-balanced: only one instance should be active. + +# ] + +# federation_sender worker (no API endpoints) [ + # Handles sending federation traffic to other servers. Doesn't handle any + # REST endpoints itself, but you should set `send_federation: False` in the + # shared configuration file to stop the main synapse sending this traffic. + + # If running multiple federation senders then you must list each + # instance in the `federation_sender_instances` option by their `worker_name`. + # All instances must be stopped and started when adding or removing instances. + # For example: + + # ```yaml + # federation_sender_instances: + # - federation_sender1 + # - federation_sender2 + # ``` + + # An example for a federation sender instance: + + # ```yaml + # {{#include systemd-with-workers/workers/federation_sender.yaml}} + # ``` +# ] + +matrix_synapse_workers_media_repository_endpoints: + # Handles the media repository. It can handle all endpoints starting with: + + - ^/_matrix/media/ + + # ... and the following regular expressions matching media-specific administration APIs: + + - ^/_synapse/admin/v1/purge_media_cache$ + - ^/_synapse/admin/v1/room/.*/media.*$ + - ^/_synapse/admin/v1/user/.*/media.*$ + - ^/_synapse/admin/v1/media/.*$ + - ^/_synapse/admin/v1/quarantine_media/.*$ + - ^/_synapse/admin/v1/users/.*/media$ + + # You should also set `enable_media_repo: False` in the shared configuration + # file to stop the main synapse running background jobs related to managing the + # media repository. Note that doing so will prevent the main process from being + # able to handle the above endpoints. + + # In the `media_repository` worker configuration file, configure the + # [HTTP listener](usage/configuration/config_documentation.md#listeners) to + # expose the `media` resource. For example: + + # ```yaml + # {{#include systemd-with-workers/workers/media_worker.yaml}} + # ``` + + # Note that if running multiple media repositories they must be on the same server + # and you must configure a single instance to run the background tasks, e.g.: + + # ```yaml + # media_instance_running_background_jobs: "media-repository-1" + # ``` + + # Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately). + +matrix_synapse_workers_user_dir_endpoints: + # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the + # `update_user_directory_from_worker` option instead.](#updating-the-user-directory) + + # Handles searches in the user directory. It can handle REST endpoints matching + # the following regular expressions: + + - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + + # When using this worker you must also set `update_user_directory: false` in the + # shared configuration file to stop the main synapse running background + # jobs related to updating the user directory. + + # Above endpoint is not *required* to be routed to this worker. By default, + # `update_user_directory` is set to `true`, which means the main process + # will handle updates. All workers configured with `client` can handle the above + # endpoint as long as either this worker or the main process are configured to + # handle it, and are online. + + # If `update_user_directory` is set to `false`, and this worker is not running, + # the above endpoint may give outdated results. + +matrix_synapse_workers_avail_list: + - appservice + - federation_sender + - generic_worker + - media_repository + - pusher + - user_dir +### workers:end From da4a82c48b799afa235acc096c81d855a52939b5 Mon Sep 17 00:00:00 2001 From: Aine Date: Fri, 4 Nov 2022 19:02:24 +0200 Subject: [PATCH 318/349] remove old workers.yml (already saved into main.yml) --- .yamllint | 3 - .../files/workers-doc-to-yaml.awk | 1 - roles/custom/matrix-synapse/vars/main.yml | 1 + roles/custom/matrix-synapse/vars/workers.yml | 456 ------------------ setup.yml | 3 - 5 files changed, 1 insertion(+), 463 deletions(-) delete mode 100644 roles/custom/matrix-synapse/vars/workers.yml diff --git a/.yamllint b/.yamllint index 6f10a36da..75da2b702 100644 --- a/.yamllint +++ b/.yamllint @@ -1,8 +1,5 @@ --- extends: default -ignore: | - roles/custom/matrix-synapse/vars/workers.yml - rules: line-length: disable diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk index 5b99d3964..1911690f1 100755 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk +++ b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk @@ -18,7 +18,6 @@ function line_is_endpoint_url(line) { # Put YAML marker at beginning of file. BEGIN { - print "---" endpoint_conditional_comment = " # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually\n" } diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index e68ed25d3..d2f45126e 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -113,6 +113,7 @@ matrix_synapse_known_instance_map_eligible_worker_types: # the following section contains semi-automatic generated content ### workers:start + matrix_synapse_workers_generic_worker_endpoints: # This worker can handle API requests matching the following regular expressions. # These endpoints can be routed to any worker. If a worker is set up to handle a diff --git a/roles/custom/matrix-synapse/vars/workers.yml b/roles/custom/matrix-synapse/vars/workers.yml deleted file mode 100644 index 2598caa68..000000000 --- a/roles/custom/matrix-synapse/vars/workers.yml +++ /dev/null @@ -1,456 +0,0 @@ ---- - -matrix_synapse_workers_generic_worker_endpoints: - # This worker can handle API requests matching the following regular expressions. - # These endpoints can be routed to any worker. If a worker is set up to handle a - # stream then, for maximum efficiency, additional endpoints should be routed to that - # worker: refer to the [stream writers](#stream-writers) section below for further - # information. - - # Sync requests - - ^/_matrix/client/(r0|v3)/sync$ - - ^/_matrix/client/(api/v1|r0|v3)/events$ - - ^/_matrix/client/(api/v1|r0|v3)/initialSync$ - - ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ - - # Federation requests - - ^/_matrix/federation/v1/event/ - - ^/_matrix/federation/v1/state/ - - ^/_matrix/federation/v1/state_ids/ - - ^/_matrix/federation/v1/backfill/ - - ^/_matrix/federation/v1/get_missing_events/ - - ^/_matrix/federation/v1/publicRooms - - ^/_matrix/federation/v1/query/ - - ^/_matrix/federation/v1/make_join/ - - ^/_matrix/federation/v1/make_leave/ - - ^/_matrix/federation/(v1|v2)/send_join/ - - ^/_matrix/federation/(v1|v2)/send_leave/ - - ^/_matrix/federation/(v1|v2)/invite/ - - ^/_matrix/federation/v1/event_auth/ - - ^/_matrix/federation/v1/exchange_third_party_invite/ - - ^/_matrix/federation/v1/user/devices/ - - ^/_matrix/key/v2/query - - ^/_matrix/federation/v1/hierarchy/ - - # Inbound federation transaction request - - ^/_matrix/federation/v1/send/ - - # Client API requests - - ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ - - ^/_matrix/client/v1/rooms/.*/hierarchy$ - - ^/_matrix/client/(v1|unstable)/rooms/.*/relations/ - - ^/_matrix/client/v1/rooms/.*/threads$ - - ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$ - - ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ - - ^/_matrix/client/(r0|v3|unstable)/account/3pid$ - - ^/_matrix/client/(r0|v3|unstable)/account/whoami$ - - ^/_matrix/client/(r0|v3|unstable)/devices$ - - ^/_matrix/client/versions$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ - - # Encryption requests - # Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri` - - ^/_matrix/client/(r0|v3|unstable)/keys/query$ - - ^/_matrix/client/(r0|v3|unstable)/keys/changes$ - - ^/_matrix/client/(r0|v3|unstable)/keys/claim$ - - ^/_matrix/client/(r0|v3|unstable)/room_keys/ - - ^/_matrix/client/(r0|v3|unstable)/keys/upload/ - - # Registration/login requests - - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ - - ^/_matrix/client/(r0|v3|unstable)/register$ - - ^/_matrix/client/v1/register/m.login.registration_token/validity$ - - # Event sending requests - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ - - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ - -# These appear to be conditional and should not be enabled by default. -# We need to fix up our workers-doc-to-yaml.awk parsing script to exclude them. -# For now, they've been commented out manually. -# # Account data requests -# - ^/_matrix/client/(r0|v3|unstable)/.*/tags -# - ^/_matrix/client/(r0|v3|unstable)/.*/account_data -# -# # Receipts requests -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers -# -# # Presence requests -# - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # User directory search requests - # Any worker can handle these, but we have a dedicated user_dir worker for this, - # so we'd like for other generic workers to not try and capture these requests. - # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # Additionally, the following REST endpoints can be handled for GET requests: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/ - - # Pagination requests can also be handled, but all requests for a given - # room must be routed to the same instance. Additionally, care must be taken to - # ensure that the purge history admin API is not used while pagination requests - # for the room are in flight: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$ - - # Additionally, the following endpoints should be included if Synapse is configured - # to use SSO (you only need to include the ones for whichever SSO provider you're - # using): - - # for all SSO providers - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect - # ^/_synapse/client/pick_idp$ - # ^/_synapse/client/pick_username - # ^/_synapse/client/new_user_consent$ - # ^/_synapse/client/sso_register$ - - # OpenID Connect requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/oidc/callback$ - - # SAML requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/saml2/authn_response$ - - # CAS requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$ - - # Ensure that all SSO logins go to a single process. - # For multiple workers not handling the SSO endpoints properly, see - # [#7530](https://github.com/matrix-org/synapse/issues/7530) and - # [#9427](https://github.com/matrix-org/synapse/issues/9427). - - # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) - # with `client` and `federation` `resources` must be configured in the `worker_listeners` - # option in the worker config. - - # #### Load balancing - - # It is possible to run multiple instances of this worker app, with incoming requests - # being load-balanced between them by the reverse-proxy. However, different endpoints - # have different characteristics and so admins - # may wish to run multiple groups of workers handling different endpoints so that - # load balancing can be done in different ways. - - # For `/sync` and `/initialSync` requests it will be more efficient if all - # requests from a particular user are routed to a single instance. Extracting a - # user ID from the access token or `Authorization` header is currently left as an - # exercise for the reader. Admins may additionally wish to separate out `/sync` - # requests that have a `since` query parameter from those that don't (and - # `/initialSync`), as requests that don't are known as "initial sync" that happens - # when a user logs in on a new device and can be *very* resource intensive, so - # isolating these requests will stop them from interfering with other users ongoing - # syncs. - - # Federation and client requests can be balanced via simple round robin. - - # The inbound federation transaction request `^/_matrix/federation/v1/send/` - # should be balanced by source IP so that transactions from the same remote server - # go to the same process. - - # Registration/login requests can be handled separately purely to help ensure that - # unexpected load doesn't affect new logins and sign ups. - - # Finally, event sending requests can be balanced by the room ID in the URI (or - # the full URI, or even just round robin), the room ID is the path component after - # `/rooms/`. If there is a large bridge connected that is sending or may send lots - # of events, then a dedicated set of workers can be provisioned to limit the - # effects of bursts of events from that bridge on events sent by normal users. - - # #### Stream writers - - # Additionally, the writing of specific streams (such as events) can be moved off - # of the main process to a particular worker. - - # To enable this, the worker must have a - # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, - # have a `worker_name` and be listed in the `instance_map` config. The same worker - # can handle multiple streams, but unless otherwise documented, each stream can only - # have a single writer. - - # For example, to move event persistence off to a dedicated worker, the shared - # configuration would include: - - # ```yaml - # instance_map: - # event_persister1: - # host: localhost - # port: 8034 - - # stream_writers: - # events: event_persister1 - # ``` - - # An example for a stream writer instance: - - # ```yaml - # {{#include systemd-with-workers/workers/event_persister.yaml}} - # ``` - - # Some of the streams have associated endpoints which, for maximum efficiency, should - # be routed to the workers handling that stream. See below for the currently supported - # streams and the endpoints associated with them: - - # ##### The `events` stream - - # The `events` stream experimentally supports having multiple writers, where work - # is sharded between them by room ID. Note that you *must* restart all worker - # instances when adding or removing event persisters. An example `stream_writers` - # configuration with multiple writers: - - # ```yaml - # stream_writers: - # events: - # - event_persister1 - # - event_persister2 - # ``` - - # ##### The `typing` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `typing` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing - - # ##### The `to_device` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `to_device` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ - - # ##### The `account_data` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `account_data` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/.*/tags - # ^/_matrix/client/(r0|v3|unstable)/.*/account_data - - # ##### The `receipts` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `receipts` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers - - # ##### The `presence` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `presence` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # #### Background tasks - - # There is also support for moving background tasks to a separate - # worker. Background tasks are run periodically or started via replication. Exactly - # which tasks are configured to run depends on your Synapse configuration (e.g. if - # stats is enabled). This worker doesn't handle any REST endpoints itself. - - # To enable this, the worker must have a `worker_name` and can be configured to run - # background tasks. For example, to move background tasks to a dedicated worker, - # the shared configuration would include: - - # ```yaml - # run_background_tasks_on: background_worker - # ``` - - # You might also wish to investigate the `update_user_directory_from_worker` and - # `media_instance_running_background_jobs` settings. - - # An example for a dedicated background worker instance: - - # ```yaml - # {{#include systemd-with-workers/workers/background_worker.yaml}} - # ``` - - # #### Updating the User Directory - - # You can designate one generic worker to update the user directory. - - # Specify its name in the shared configuration as follows: - - # ```yaml - # update_user_directory_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # User directory updates allow REST endpoints matching the following regular - # expressions to work: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # The above endpoints can be routed to any worker, though you may choose to route - # it to the chosen user directory worker. - - # This style of configuration supersedes the legacy `synapse.app.user_dir` - # worker application type. - - - # #### Notifying Application Services - - # You can designate one generic worker to send output traffic to Application Services. - # Doesn't handle any REST endpoints itself, but you should specify its name in the - # shared configuration as follows: - - # ```yaml - # notify_appservices_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # This style of configuration supersedes the legacy `synapse.app.appservice` - # worker application type. - - -# pusher worker (no API endpoints) [ - # Handles sending push notifications to sygnal and email. Doesn't handle any - # REST endpoints itself, but you should set `start_pushers: False` in the - # shared configuration file to stop the main synapse sending push notifications. - - # To run multiple instances at once the `pusher_instances` option should list all - # pusher instances by their worker name, e.g.: - - # ```yaml - # pusher_instances: - # - pusher_worker1 - # - pusher_worker2 - # ``` - - # An example for a pusher instance: - - # ```yaml - # {{#include systemd-with-workers/workers/pusher_worker.yaml}} - # ``` - -# ] - -# appservice worker (no API endpoints) [ - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `notify_appservices_from_worker` option instead.](#notifying-application-services) - - # Handles sending output traffic to Application Services. Doesn't handle any - # REST endpoints itself, but you should set `notify_appservices: False` in the - # shared configuration file to stop the main synapse sending appservice notifications. - - # Note this worker cannot be load-balanced: only one instance should be active. - -# ] - -# federation_sender worker (no API endpoints) [ - # Handles sending federation traffic to other servers. Doesn't handle any - # REST endpoints itself, but you should set `send_federation: False` in the - # shared configuration file to stop the main synapse sending this traffic. - - # If running multiple federation senders then you must list each - # instance in the `federation_sender_instances` option by their `worker_name`. - # All instances must be stopped and started when adding or removing instances. - # For example: - - # ```yaml - # federation_sender_instances: - # - federation_sender1 - # - federation_sender2 - # ``` - - # An example for a federation sender instance: - - # ```yaml - # {{#include systemd-with-workers/workers/federation_sender.yaml}} - # ``` -# ] - -matrix_synapse_workers_media_repository_endpoints: - # Handles the media repository. It can handle all endpoints starting with: - - - ^/_matrix/media/ - - # ... and the following regular expressions matching media-specific administration APIs: - - - ^/_synapse/admin/v1/purge_media_cache$ - - ^/_synapse/admin/v1/room/.*/media.*$ - - ^/_synapse/admin/v1/user/.*/media.*$ - - ^/_synapse/admin/v1/media/.*$ - - ^/_synapse/admin/v1/quarantine_media/.*$ - - ^/_synapse/admin/v1/users/.*/media$ - - # You should also set `enable_media_repo: False` in the shared configuration - # file to stop the main synapse running background jobs related to managing the - # media repository. Note that doing so will prevent the main process from being - # able to handle the above endpoints. - - # In the `media_repository` worker configuration file, configure the - # [HTTP listener](usage/configuration/config_documentation.md#listeners) to - # expose the `media` resource. For example: - - # ```yaml - # {{#include systemd-with-workers/workers/media_worker.yaml}} - # ``` - - # Note that if running multiple media repositories they must be on the same server - # and you must configure a single instance to run the background tasks, e.g.: - - # ```yaml - # media_instance_running_background_jobs: "media-repository-1" - # ``` - - # Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately). - -matrix_synapse_workers_user_dir_endpoints: - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `update_user_directory_from_worker` option instead.](#updating-the-user-directory) - - # Handles searches in the user directory. It can handle REST endpoints matching - # the following regular expressions: - - - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # When using this worker you must also set `update_user_directory: false` in the - # shared configuration file to stop the main synapse running background - # jobs related to updating the user directory. - - # Above endpoint is not *required* to be routed to this worker. By default, - # `update_user_directory` is set to `true`, which means the main process - # will handle updates. All workers configured with `client` can handle the above - # endpoint as long as either this worker or the main process are configured to - # handle it, and are online. - - # If `update_user_directory` is set to `false`, and this worker is not running, - # the above endpoint may give outdated results. - -matrix_synapse_workers_avail_list: - - appservice - - federation_sender - - generic_worker - - media_repository - - pusher - - user_dir diff --git a/setup.yml b/setup.yml index e3372802b..c11c75afc 100755 --- a/setup.yml +++ b/setup.yml @@ -3,9 +3,6 @@ hosts: "{{ target if target is defined else 'matrix_servers' }}" become: true - vars_files: - - roles/custom/matrix-synapse/vars/workers.yml - roles: # This role has no tasks at all - role: galaxy/com.devture.ansible.role.playbook_help From 1c643263ddc5b96947b49e4f260de4ca8aeeb572 Mon Sep 17 00:00:00 2001 From: Darren Rambaud Date: Fri, 4 Nov 2022 15:16:14 -0500 Subject: [PATCH 319/349] dendrite: update image tag to latest release (0.10.7) - https://github.com/matrix-org/dendrite/releases/tag/v0.10.7 --- roles/custom/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-dendrite/defaults/main.yml b/roles/custom/matrix-dendrite/defaults/main.yml index a1d03960c..b9dddfe9b 100644 --- a/roles/custom/matrix-dendrite/defaults/main.yml +++ b/roles/custom/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.10.6" +matrix_dendrite_docker_image_tag: "v0.10.7" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite" From 5ff59eb31a6f1296b8d850d61749447ffbc46973 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 06:56:10 +0200 Subject: [PATCH 320/349] Upgrade com.devture.ansible.role.playbook_state_preserver --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 668f973ef..a57b63a9b 100644 --- a/requirements.yml +++ b/requirements.yml @@ -10,7 +10,7 @@ version: 461ace97fcf0e36c76747b36fcad8587d9b072f5 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git - version: 0857450721d525238ca230c9e6f8f8ad3a248564 + version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git version: f1c78d4e85e875129790c58335d0e44385683f6b From c165bf0a9504f21ad7a695e573c18d7ef6f60bd1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:02:10 +0200 Subject: [PATCH 321/349] Try to make setup.yml more helpful when galaxy roles haven't been downloaded With this change, trying to run the playbook should report an error that looks like this: > The offending line appears to be: > > # Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `make roles` command (see `Makefile`). > - role: galaxy/com.devture.ansible.role.playbook_help > ^ here .. with that comment included, which might help some people who missed the `make roles` part. Improves https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2232 --- setup.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/setup.yml b/setup.yml index e3372802b..8c71ac4b2 100755 --- a/setup.yml +++ b/setup.yml @@ -7,10 +7,9 @@ - roles/custom/matrix-synapse/vars/workers.yml roles: - # This role has no tasks at all + # Most of the roles below are not distributed with the playbook, but downloaded separately using `ansible-galaxy` via the `make roles` command (see `Makefile`). - role: galaxy/com.devture.ansible.role.playbook_help - # This role has no tasks at all - role: galaxy/com.devture.ansible.role.systemd_docker_base - role: custom/matrix_playbook_migration From 7289992dba30223df073a4d37b63b937b5d6addb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:10:04 +0200 Subject: [PATCH 322/349] Document `make roles` some more Improves: - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2232 - https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2217#issuecomment-1304366791 --- CHANGELOG.md | 2 +- docs/installing.md | 2 +- docs/prerequisites.md | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9bd06a8c2..f773d9992 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,7 +16,7 @@ We're doing this for greater code-reuse (across Ansible playbooks, including our Some variable names will change during the transition to having more and more external (galaxy) roles. There's a new `custom/matrix_playbook_migration` role added to the playbook which will tell you about these changes each time you run the playbook. -From now on, every time you update the playbook (well, every time the `requirements.yml` file changes), it's best to run `make roles` to update the roles downloaded from other sources. +**From now on**, every time you update the playbook (well, every time the `requirements.yml` file changes), it's best to run `make roles` to update the roles downloaded from other sources. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the commands seen in the `Makefile`. # 2022-10-14 diff --git a/docs/installing.md b/docs/installing.md index 7c62cc393..19506e331 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -2,7 +2,7 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. -**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. +**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the commands seen in the `Makefile`. ## Playbook tags introduction diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 74954648d..c0a906408 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -22,6 +22,8 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you - [`git`](https://git-scm.com/) is the recommended way to download the playbook to your computer. `git` may also be required on the server if you will be [self-building](self-building.md) components. +- [`make`](https://www.gnu.org/software/make/) for running `make roles`, etc. (see [`Makefile`](../Makefile)), although you can also run these commands manually (without `make`) + - An HTTPS-capable web server at the base domain name (``) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). - Properly configured DNS records for `` (details in [Configuring DNS](configuring-dns.md)). From a9e2607d80e612339e143bc59f817ee6e9d3b104 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:29:47 +0200 Subject: [PATCH 323/349] Fix yaml[comments-indentation] in workers config and remove automation --- .../files/workers-doc-to-yaml.awk | 145 ------- .../files/workers-doc-to-yaml.sh | 7 - roles/custom/matrix-synapse/vars/main.yml | 361 +----------------- 3 files changed, 4 insertions(+), 509 deletions(-) delete mode 100755 roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk delete mode 100755 roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk deleted file mode 100755 index 1911690f1..000000000 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.awk +++ /dev/null @@ -1,145 +0,0 @@ -#!/usr/bin/awk -# Hackish approach to get a machine-readable list of current matrix -# synapse REST API endpoints from the official documentation at -# https://github.com/matrix-org/synapse/raw/master/docs/workers.md -# -# invoke in shell with: -# URL=https://github.com/matrix-org/synapse/raw/master/docs/workers.md -# curl -L ${URL} | awk -f workers-doc-to-yaml.awk - - -function worker_stanza_append(string) { - worker_stanza = worker_stanza string -} - -function line_is_endpoint_url(line) { - # probably API endpoint if it starts with white-space and ^ or / - return (line ~ /^ +[\^\/].*\//) -} - -# Put YAML marker at beginning of file. -BEGIN { - endpoint_conditional_comment = " # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually\n" -} - -# Enable further processing after the introductory text. -# Read each synapse worker section as record and its lines as fields. -/Available worker applications/ { - enable_parsing = 1 - # set record separator to markdown section header - RS = "\n### " - # set field separator to newline - FS = "\n" -} - -# Once parsing is active, this will process each section as record. -enable_parsing { - # Each worker section starts with a synapse.app.X headline - if ($1 ~ /synapse\.app\./) { - - # get rid of the backticks and extract worker type from headline - gsub("`", "", $1) - gsub("synapse.app.", "", $1) - worker_type = $1 - - # initialize empty worker stanza - worker_stanza = "" - - # track if any endpoints are mentioned in a specific section - worker_has_urls = 0 - - # some endpoint descriptions contain flag terms - endpoints_seem_conditional = 0 - - # also, collect a list of available workers - workers = (workers ? workers "\n" : "") " - " worker_type - - # loop through the lines (2 - number of fields in record) - for (i = 2; i < NF + 1; i++) { - # copy line for gsub replacements - line = $i - - # end all lines but the last with a linefeed - linefeed = (i < NF - 1) ? "\n" : "" - - # line starts with white-space and a hash: endpoint block headline - if (line ~ /^ +#/) { - - # copy to output verbatim, normalizing white-space - gsub(/^ +/, "", line) - worker_stanza_append(" " line linefeed) - - } else if (line_is_endpoint_url(line)) { - - # mark section for special output formatting - worker_has_urls = 1 - - # remove leading white-space - gsub(/^ +/, "", line) - api_endpoint_regex = line - - # FIXME: https://github.com/matrix-org/synapse/issues/new - # munge inconsistent media_repository endpoint notation - if (api_endpoint_regex == "/_matrix/media/") { - api_endpoint_regex = "^" line - } - - # FIXME: https://github.com/matrix-org/synapse/issues/7530 - # https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456#issuecomment-719015911 - if (api_endpoint_regex == "^/_matrix/client/(r0|v3|unstable)/auth/.*/fallback/web$") { - worker_stanza_append(" # FIXME: possible bug with SSO and multiple generic workers\n") - worker_stanza_append(" # see https://github.com/matrix-org/synapse/issues/7530\n") - worker_stanza_append(" # " api_endpoint_regex linefeed) - continue - } - - # disable endpoints which specify complications - if (endpoints_seem_conditional) { - # only add notice if previous line didn't match - if (!line_is_endpoint_url($(i - 1))) { - worker_stanza_append(endpoint_conditional_comment) - } - worker_stanza_append(" # " api_endpoint_regex linefeed) - } else { - # output endpoint regex - worker_stanza_append(" - " api_endpoint_regex linefeed) - } - - # white-space only line? - } else if (line ~ /^ *$/) { - - if (i > 3 && i < NF) { - # print white-space lines unless 1st or last line in section - worker_stanza_append(line linefeed) - } - - # nothing of the above: the line is regular documentation text - } else { - - # include this text line as comment - worker_stanza_append(" # " line linefeed) - - # and take note of words hinting at additional conditions to be met - if (line ~ /(^[Ii]f|care must be taken|can be handled for)/) { - endpoints_seem_conditional = 1 - } - } - } - - if (worker_has_urls) { - print "\nmatrix_synapse_workers_" worker_type "_endpoints:" - print worker_stanza - } else { - # include workers without endpoints as well for reference - print "\n# " worker_type " worker (no API endpoints) [" - print worker_stanza - print "# ]" - } - } -} - -END { - print "\nmatrix_synapse_workers_avail_list:" - print workers | "sort" -} - -# vim: tabstop=4 shiftwidth=4 expandtab autoindent diff --git a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh b/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh deleted file mode 100755 index 50a526bc8..000000000 --- a/roles/custom/matrix-synapse/files/workers-doc-to-yaml.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh -# Fetch the synapse worker documentation and extract endpoint URLs -# matrix-org/synapse master branch points to current stable release -# and put it between `workers:start` and `workers:end` tokens in ../vars/main.yml - -snippet="$(curl -L https://github.com/matrix-org/synapse/raw/master/docs/workers.md | awk -f workers-doc-to-yaml.awk)" -awk -v snippet="$snippet" -i inplace '/workers:start/{f=1;print;print snippet}/workers:end/{f=0}!f' ../vars/main.yml diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index d2f45126e..69c0ce46f 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -111,16 +111,12 @@ matrix_synapse_known_worker_types: | matrix_synapse_known_instance_map_eligible_worker_types: - stream_writer -# the following section contains semi-automatic generated content +# The following section contains content that had previously been generated by a script (`workers-doc-to-yaml.awk`) processing https://github.com/matrix-org/synapse/raw/master/docs/workers.md, +# but is now maintained manually due to: +# - the script being tripped up by the content and generating somewhat inaccurate definitions, which had to be fixed up manually. +# - the script being complicated and unmaintainable ### workers:start - matrix_synapse_workers_generic_worker_endpoints: - # This worker can handle API requests matching the following regular expressions. - # These endpoints can be routed to any worker. If a worker is set up to handle a - # stream then, for maximum efficiency, additional endpoints should be routed to that - # worker: refer to the [stream writers](#stream-writers) section below for further - # information. - # Sync requests - ^/_matrix/client/(r0|v3)/sync$ - ^/_matrix/client/(api/v1|r0|v3)/events$ @@ -191,317 +187,6 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ -# These appear to be conditional and should not be enabled by default. -# We need to fix up our workers-doc-to-yaml.awk parsing script to exclude them. -# For now, they've been commented out manually. -# # Account data requests -# - ^/_matrix/client/(r0|v3|unstable)/.*/tags -# - ^/_matrix/client/(r0|v3|unstable)/.*/account_data -# -# # Receipts requests -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt -# - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers -# -# # Presence requests -# - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # User directory search requests - # Any worker can handle these, but we have a dedicated user_dir worker for this, - # so we'd like for other generic workers to not try and capture these requests. - # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # Additionally, the following REST endpoints can be handled for GET requests: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/ - - # Pagination requests can also be handled, but all requests for a given - # room must be routed to the same instance. Additionally, care must be taken to - # ensure that the purge history admin API is not used while pagination requests - # for the room are in flight: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/messages$ - - # Additionally, the following endpoints should be included if Synapse is configured - # to use SSO (you only need to include the ones for whichever SSO provider you're - # using): - - # for all SSO providers - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect - # ^/_synapse/client/pick_idp$ - # ^/_synapse/client/pick_username - # ^/_synapse/client/new_user_consent$ - # ^/_synapse/client/sso_register$ - - # OpenID Connect requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/oidc/callback$ - - # SAML requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_synapse/client/saml2/authn_response$ - - # CAS requests. - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/login/cas/ticket$ - - # Ensure that all SSO logins go to a single process. - # For multiple workers not handling the SSO endpoints properly, see - # [#7530](https://github.com/matrix-org/synapse/issues/7530) and - # [#9427](https://github.com/matrix-org/synapse/issues/9427). - - # Note that a [HTTP listener](usage/configuration/config_documentation.md#listeners) - # with `client` and `federation` `resources` must be configured in the `worker_listeners` - # option in the worker config. - - # #### Load balancing - - # It is possible to run multiple instances of this worker app, with incoming requests - # being load-balanced between them by the reverse-proxy. However, different endpoints - # have different characteristics and so admins - # may wish to run multiple groups of workers handling different endpoints so that - # load balancing can be done in different ways. - - # For `/sync` and `/initialSync` requests it will be more efficient if all - # requests from a particular user are routed to a single instance. Extracting a - # user ID from the access token or `Authorization` header is currently left as an - # exercise for the reader. Admins may additionally wish to separate out `/sync` - # requests that have a `since` query parameter from those that don't (and - # `/initialSync`), as requests that don't are known as "initial sync" that happens - # when a user logs in on a new device and can be *very* resource intensive, so - # isolating these requests will stop them from interfering with other users ongoing - # syncs. - - # Federation and client requests can be balanced via simple round robin. - - # The inbound federation transaction request `^/_matrix/federation/v1/send/` - # should be balanced by source IP so that transactions from the same remote server - # go to the same process. - - # Registration/login requests can be handled separately purely to help ensure that - # unexpected load doesn't affect new logins and sign ups. - - # Finally, event sending requests can be balanced by the room ID in the URI (or - # the full URI, or even just round robin), the room ID is the path component after - # `/rooms/`. If there is a large bridge connected that is sending or may send lots - # of events, then a dedicated set of workers can be provisioned to limit the - # effects of bursts of events from that bridge on events sent by normal users. - - # #### Stream writers - - # Additionally, the writing of specific streams (such as events) can be moved off - # of the main process to a particular worker. - - # To enable this, the worker must have a - # [HTTP `replication` listener](usage/configuration/config_documentation.md#listeners) configured, - # have a `worker_name` and be listed in the `instance_map` config. The same worker - # can handle multiple streams, but unless otherwise documented, each stream can only - # have a single writer. - - # For example, to move event persistence off to a dedicated worker, the shared - # configuration would include: - - # ```yaml - # instance_map: - # event_persister1: - # host: localhost - # port: 8034 - - # stream_writers: - # events: event_persister1 - # ``` - - # An example for a stream writer instance: - - # ```yaml - # {{#include systemd-with-workers/workers/event_persister.yaml}} - # ``` - - # Some of the streams have associated endpoints which, for maximum efficiency, should - # be routed to the workers handling that stream. See below for the currently supported - # streams and the endpoints associated with them: - - # ##### The `events` stream - - # The `events` stream experimentally supports having multiple writers, where work - # is sharded between them by room ID. Note that you *must* restart all worker - # instances when adding or removing event persisters. An example `stream_writers` - # configuration with multiple writers: - - # ```yaml - # stream_writers: - # events: - # - event_persister1 - # - event_persister2 - # ``` - - # ##### The `typing` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `typing` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing - - # ##### The `to_device` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `to_device` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ - - # ##### The `account_data` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `account_data` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/.*/tags - # ^/_matrix/client/(r0|v3|unstable)/.*/account_data - - # ##### The `receipts` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `receipts` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt - # ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers - - # ##### The `presence` stream - - # The following endpoints should be routed directly to the worker configured as - # the stream writer for the `presence` stream: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ - - # #### Background tasks - - # There is also support for moving background tasks to a separate - # worker. Background tasks are run periodically or started via replication. Exactly - # which tasks are configured to run depends on your Synapse configuration (e.g. if - # stats is enabled). This worker doesn't handle any REST endpoints itself. - - # To enable this, the worker must have a `worker_name` and can be configured to run - # background tasks. For example, to move background tasks to a dedicated worker, - # the shared configuration would include: - - # ```yaml - # run_background_tasks_on: background_worker - # ``` - - # You might also wish to investigate the `update_user_directory_from_worker` and - # `media_instance_running_background_jobs` settings. - - # An example for a dedicated background worker instance: - - # ```yaml - # {{#include systemd-with-workers/workers/background_worker.yaml}} - # ``` - - # #### Updating the User Directory - - # You can designate one generic worker to update the user directory. - - # Specify its name in the shared configuration as follows: - - # ```yaml - # update_user_directory_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # User directory updates allow REST endpoints matching the following regular - # expressions to work: - - # FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually - # ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - - # The above endpoints can be routed to any worker, though you may choose to route - # it to the chosen user directory worker. - - # This style of configuration supersedes the legacy `synapse.app.user_dir` - # worker application type. - - - # #### Notifying Application Services - - # You can designate one generic worker to send output traffic to Application Services. - # Doesn't handle any REST endpoints itself, but you should specify its name in the - # shared configuration as follows: - - # ```yaml - # notify_appservices_from_worker: worker_name - # ``` - - # This work cannot be load-balanced; please ensure the main process is restarted - # after setting this option in the shared configuration! - - # This style of configuration supersedes the legacy `synapse.app.appservice` - # worker application type. - - -# pusher worker (no API endpoints) [ - # Handles sending push notifications to sygnal and email. Doesn't handle any - # REST endpoints itself, but you should set `start_pushers: False` in the - # shared configuration file to stop the main synapse sending push notifications. - - # To run multiple instances at once the `pusher_instances` option should list all - # pusher instances by their worker name, e.g.: - - # ```yaml - # pusher_instances: - # - pusher_worker1 - # - pusher_worker2 - # ``` - - # An example for a pusher instance: - - # ```yaml - # {{#include systemd-with-workers/workers/pusher_worker.yaml}} - # ``` - -# ] - -# appservice worker (no API endpoints) [ - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `notify_appservices_from_worker` option instead.](#notifying-application-services) - - # Handles sending output traffic to Application Services. Doesn't handle any - # REST endpoints itself, but you should set `notify_appservices: False` in the - # shared configuration file to stop the main synapse sending appservice notifications. - - # Note this worker cannot be load-balanced: only one instance should be active. - -# ] - -# federation_sender worker (no API endpoints) [ - # Handles sending federation traffic to other servers. Doesn't handle any - # REST endpoints itself, but you should set `send_federation: False` in the - # shared configuration file to stop the main synapse sending this traffic. - - # If running multiple federation senders then you must list each - # instance in the `federation_sender_instances` option by their `worker_name`. - # All instances must be stopped and started when adding or removing instances. - # For example: - - # ```yaml - # federation_sender_instances: - # - federation_sender1 - # - federation_sender2 - # ``` - - # An example for a federation sender instance: - - # ```yaml - # {{#include systemd-with-workers/workers/federation_sender.yaml}} - # ``` -# ] matrix_synapse_workers_media_repository_endpoints: # Handles the media repository. It can handle all endpoints starting with: @@ -517,50 +202,12 @@ matrix_synapse_workers_media_repository_endpoints: - ^/_synapse/admin/v1/quarantine_media/.*$ - ^/_synapse/admin/v1/users/.*/media$ - # You should also set `enable_media_repo: False` in the shared configuration - # file to stop the main synapse running background jobs related to managing the - # media repository. Note that doing so will prevent the main process from being - # able to handle the above endpoints. - - # In the `media_repository` worker configuration file, configure the - # [HTTP listener](usage/configuration/config_documentation.md#listeners) to - # expose the `media` resource. For example: - - # ```yaml - # {{#include systemd-with-workers/workers/media_worker.yaml}} - # ``` - - # Note that if running multiple media repositories they must be on the same server - # and you must configure a single instance to run the background tasks, e.g.: - - # ```yaml - # media_instance_running_background_jobs: "media-repository-1" - # ``` - - # Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately). - matrix_synapse_workers_user_dir_endpoints: - # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the - # `update_user_directory_from_worker` option instead.](#updating-the-user-directory) - # Handles searches in the user directory. It can handle REST endpoints matching # the following regular expressions: - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ - # When using this worker you must also set `update_user_directory: false` in the - # shared configuration file to stop the main synapse running background - # jobs related to updating the user directory. - - # Above endpoint is not *required* to be routed to this worker. By default, - # `update_user_directory` is set to `true`, which means the main process - # will handle updates. All workers configured with `client` can handle the above - # endpoint as long as either this worker or the main process are configured to - # handle it, and are online. - - # If `update_user_directory` is set to `false`, and this worker is not running, - # the above endpoint may give outdated results. - matrix_synapse_workers_avail_list: - appservice - federation_sender From 6c524302d6a0ae646da05b7a2e39abdd2390bbef Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 07:40:56 +0200 Subject: [PATCH 324/349] Add intentionally-ignored-endpoints to intentionally-ignored-endpoints for completeness --- roles/custom/matrix-synapse/vars/main.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index 69c0ce46f..4da284106 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -187,6 +187,29 @@ matrix_synapse_workers_generic_worker_endpoints: - ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ + # Start of intentionally-ignored-endpoints + # + # We ignore these below, because they're better sent to dedicated workers (various stream writers). + # If a stream writer is enabled, the endpoint should be routed to the stream writer, not to a generic worker. + # If a stream writer of a given type is not enabled, then a generic worker may process it. + # Because it's difficult to handle these individually based on which stream writer is enabled and which isn't, + # we just disable them here. + # + # # Account data requests + # - ^/_matrix/client/(r0|v3|unstable)/.*/tags + # - ^/_matrix/client/(r0|v3|unstable)/.*/account_data + # + # # Receipts requests + # - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt + # - ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers + # + # # Presence requests + # - ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ + # + # # User directory search requests + # - ^/_matrix/client/(r0|v3|unstable)/user_directory/search$ + # End of intentionally-ignored-endpoints + matrix_synapse_workers_media_repository_endpoints: # Handles the media repository. It can handle all endpoints starting with: From c1c152f7acb931021acb3854a070958ca636c540 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 08:31:22 +0200 Subject: [PATCH 325/349] Include potentially distro-specific tasks at runtime This avoids Ansible trying to ensure `community.general.pacman` is available, even if that module will never run (because `when` says so). Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../tasks/util/ensure_fuse_installed.yml | 21 +++++-------------- .../util/ensure_fuse_installed_archlinux.yml | 6 ++++++ .../util/ensure_fuse_installed_debian.yml | 6 ++++++ .../util/ensure_fuse_installed_redhat.yml | 6 ++++++ .../tasks/util/ensure_openssl_installed.yml | 21 +++++-------------- .../ensure_openssl_installed_archlinux.yml | 6 ++++++ .../util/ensure_openssl_installed_debian.yml | 6 ++++++ .../util/ensure_openssl_installed_redhat.yml | 6 ++++++ 8 files changed, 46 insertions(+), 32 deletions(-) create mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml create mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml index 240a5c625..a23c77e1c 100644 --- a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml @@ -1,23 +1,12 @@ --- + # This is for both RedHat 7 and 8 -- name: Ensure fuse installed (RedHat) - ansible.builtin.yum: - name: - - fuse - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_redhat.yml" when: ansible_os_family == 'RedHat' # This is for both Debian and Raspbian -- name: Ensure fuse installed (Debian/Raspbian) - ansible.builtin.apt: - name: - - fuse - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_debian.yml" when: ansible_os_family == 'Debian' -- name: Ensure fuse installed (Archlinux) - community.general.pacman: - name: - - fuse3 - state: present - when: ansible_distribution == 'Archlinux' +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml new file mode 100644 index 000000000..676543d83 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure fuse installed (Archlinux) + community.general.pacman: + name: fuse3 + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml new file mode 100644 index 000000000..b9491eb49 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure fuse installed (Debian/Raspbian) + ansible.builtin.apt: + name: fuse + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml new file mode 100644 index 000000000..878fb5682 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure fuse installed (RedHat) + ansible.builtin.yum: + name: fuse + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml index a5bdf21a5..a3b73d680 100644 --- a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml @@ -1,23 +1,12 @@ --- + # This is for both RedHat 7 and 8 -- name: Ensure openssl installed (RedHat) - ansible.builtin.yum: - name: - - openssl - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_redhat.yml" when: ansible_os_family == 'RedHat' # This is for both Debian and Raspbian -- name: Ensure openssl installed (Debian/Raspbian) - ansible.builtin.apt: - name: - - openssl - state: present +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_debian.yml" when: ansible_os_family == 'Debian' -- name: Ensure openssl installed (Archlinux) - community.general.pacman: - name: - - openssl - state: present - when: ansible_distribution == 'Archlinux' +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml new file mode 100644 index 000000000..ce70c5624 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure openssl installed (Archlinux) + community.general.pacman: + name: openssl + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml new file mode 100644 index 000000000..18f1cb95e --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure openssl installed (Debian/Raspbian) + ansible.builtin.apt: + name: openssl + state: present diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml new file mode 100644 index 000000000..b8809cf55 --- /dev/null +++ b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure openssl installed (RedHat) + ansible.builtin.yum: + name: openssl + state: present From 06eb186729c7d53a5627e2463f3f7a38cdc67664 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 09:17:47 +0200 Subject: [PATCH 326/349] add matrix_etherpad_mode --- docs/configuring-playbook-etherpad.md | 8 ++++++-- group_vars/matrix_servers | 8 ++++---- roles/custom/matrix-etherpad/defaults/main.yml | 8 ++++++-- roles/custom/matrix-etherpad/tasks/init.yml | 12 +----------- 4 files changed, 17 insertions(+), 19 deletions(-) diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 3214d8619..4c5df6fa8 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -38,14 +38,18 @@ Then from the plugin manager page (`https://etherpad./admin/plugins ## Set Dimension default to the self-hosted Etherpad (optional) If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside with Etherpad, -the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain. +the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain and add the following to your vars.yml: + +```yaml +matrix_etherpad_mode: dimension +``` ### Removing the integrated Etherpad chat If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` -## Known issues +### Known issues If your Etherpad widget fails to load, this might be due to Dimension generating a Pad name so long, the Etherpad app rejects it. `$roomId_$padName` can end up being longer than 50 characters. You can avoid having this problem by altering the template so it only contains the three word random identifier `$padName`. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index fcdff5ace..7df712479 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1526,7 +1526,7 @@ matrix_etherpad_enabled: false matrix_etherpad_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9001' }}" -matrix_etherpad_base_url: "{{ 'https://'+ matrix_server_fqn_dimension + matrix_etherpad_public_endpoint if matrix_dimension_enabled else 'https://' + matrix_server_fqn_etherpad + '/' }}" +matrix_etherpad_base_url: "{{ 'https://'+ matrix_server_fqn_dimension + matrix_etherpad_public_endpoint if matrix_etherpad_mode == 'dimension' else 'https://' + matrix_server_fqn_etherpad + '/' }}" matrix_etherpad_systemd_required_services_list: | {{ @@ -1752,7 +1752,7 @@ matrix_nginx_proxy_proxy_hydrogen_enabled: "{{ matrix_client_hydrogen_enabled }} matrix_nginx_proxy_proxy_cinny_enabled: "{{ matrix_client_cinny_enabled }}" matrix_nginx_proxy_proxy_buscarron_enabled: "{{ matrix_bot_buscarron_enabled }}" matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled }}" -matrix_nginx_proxy_proxy_etherpad_enabled: "{{ matrix_etherpad_enabled }}" +matrix_nginx_proxy_proxy_etherpad_enabled: "{{ matrix_etherpad_enabled and matrix_etherpad_mode == 'standalone' }}" matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled }}" matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}" matrix_nginx_proxy_proxy_grafana_enabled: "{{ matrix_grafana_enabled }}" @@ -1859,7 +1859,7 @@ matrix_nginx_proxy_systemd_wanted_services_list: | + (['matrix-bot-go-neb.service'] if matrix_bot_go_neb_enabled else []) + - (['matrix-etherpad.service'] if matrix_etherpad_enabled and matrix_dimension_enabled else []) + (['matrix-etherpad.service'] if matrix_etherpad_enabled else []) + (['matrix-hookshot.service'] if matrix_hookshot_enabled else []) }} @@ -1880,7 +1880,7 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) + - ([matrix_server_fqn_etherpad] if (matrix_etherpad_enabled and not matrix_dimension_enabled) else []) + ([matrix_server_fqn_etherpad] if (matrix_etherpad_enabled and matrix_etherpad_mode == 'standalone') else []) + ([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else []) + diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 35d24090c..2a8d24e87 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -3,6 +3,10 @@ matrix_etherpad_enabled: false +# standalone = etherpad installed on subdomain (etherpad.DOMAIN) and can be used as-is +# dimension = etherpad installed in subdir of dimension (dimension.DOMAIN/etherpad) and can be used with dimension +matrix_etherpad_mode: standalone + matrix_etherpad_base_path: "{{ matrix_base_data_path }}/etherpad" matrix_etherpad_version: 1.8.18 @@ -31,8 +35,8 @@ matrix_etherpad_container_extra_arguments: [] # Used for dimension only matrix_etherpad_public_endpoint: '/etherpad' -# By default, the Etherpad app can be accessed within the Dimension domain -matrix_etherpad_base_url: "https://{{ matrix_server_fqn_dimension }}{{ matrix_etherpad_public_endpoint }}" +# By default, the Etherpad app can be accessed on etherpad subdomain +matrix_etherpad_base_url: "https://{{ matrix_server_fqn_etherpad }}/" # Database-related configuration fields. # diff --git a/roles/custom/matrix-etherpad/tasks/init.yml b/roles/custom/matrix-etherpad/tasks/init.yml index c787548c7..d35ed375e 100644 --- a/roles/custom/matrix-etherpad/tasks/init.yml +++ b/roles/custom/matrix-etherpad/tasks/init.yml @@ -4,7 +4,7 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-etherpad.service'] }}" when: matrix_etherpad_enabled | bool -- when: matrix_etherpad_enabled | bool and matrix_dimension_enabled | default(False) | bool +- when: matrix_etherpad_enabled | bool and matrix_etherpad_mode == 'dimension' tags: - always block: @@ -52,13 +52,3 @@ + [matrix_etherpad_matrix_nginx_proxy_configuration] }} - -- name: Warn about reverse-proxying if matrix-nginx-proxy not used - ansible.builtin.debug: - msg: >- - NOTE: You've enabled the Etherpad tool but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `{{ matrix_etherpad_public_endpoint }}` - URL endpoint to the matrix-etherpad container. - You can expose the container's port using the `matrix_etherpad_container_http_host_bind_port` variable. - when: "matrix_etherpad_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool" From 2473cd655b15791d4942ec2c473fbd9acdb0c508 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 09:15:35 +0200 Subject: [PATCH 327/349] Include ensure_openssl_installed and ensure_fuse_installed utils in a more reliable way This fixes a regression since the change done in c1c152f7acb931021acb3. When another role (say `matrix-jitsi`) included `roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml`, which then included `{{ role_path }}/tasks/util/ensure_openssl_installed_DISTRO.yml`, that `role_path` variable would end up being the parent role (`matrix-jitsi`) and not the `matrix-base` role, so we'd get a failure. An alternative solution may have been to avoid using `role_path`, but importing roles properly (like we've done in this patch) sounds like a better way. Unfortunately, `import_role` fails if `tasks_from` is something like `util/ensure_openssl_installed` (containing a `/`), so I had to move these utils out of `util/`. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../matrix-base/tasks/ensure_fuse_installed.yml | 12 ++++++++++++ .../{util => }/ensure_fuse_installed_archlinux.yml | 0 .../{util => }/ensure_fuse_installed_debian.yml | 0 .../{util => }/ensure_fuse_installed_redhat.yml | 0 .../matrix-base/tasks/ensure_openssl_installed.yml | 12 ++++++++++++ .../ensure_openssl_installed_archlinux.yml | 0 .../{util => }/ensure_openssl_installed_debian.yml | 0 .../{util => }/ensure_openssl_installed_redhat.yml | 0 .../matrix-base/tasks/util/ensure_fuse_installed.yml | 12 ------------ .../tasks/util/ensure_openssl_installed.yml | 12 ------------ .../tasks/setup_install.yml | 4 +++- .../matrix-bridge-hookshot/tasks/setup_install.yml | 4 +++- roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml | 4 +++- .../tasks/ssl/setup_ssl_self_signed.yml | 4 +++- .../matrix-synapse/tasks/goofys/setup_install.yml | 4 +++- 15 files changed, 39 insertions(+), 29 deletions(-) create mode 100644 roles/custom/matrix-base/tasks/ensure_fuse_installed.yml rename roles/custom/matrix-base/tasks/{util => }/ensure_fuse_installed_archlinux.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_fuse_installed_debian.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_fuse_installed_redhat.yml (100%) create mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed.yml rename roles/custom/matrix-base/tasks/{util => }/ensure_openssl_installed_archlinux.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_openssl_installed_debian.yml (100%) rename roles/custom/matrix-base/tasks/{util => }/ensure_openssl_installed_redhat.yml (100%) delete mode 100644 roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml delete mode 100644 roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml diff --git a/roles/custom/matrix-base/tasks/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed.yml new file mode 100644 index 000000000..8f768bd13 --- /dev/null +++ b/roles/custom/matrix-base/tasks/ensure_fuse_installed.yml @@ -0,0 +1,12 @@ +--- + +# This is for both RedHat 7 and 8 +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_fuse_installed_redhat.yml" + when: ansible_os_family == 'RedHat' + +# This is for both Debian and Raspbian +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_fuse_installed_debian.yml" + when: ansible_os_family == 'Debian' + +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_fuse_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed_archlinux.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_fuse_installed_archlinux.yml rename to roles/custom/matrix-base/tasks/ensure_fuse_installed_archlinux.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed_debian.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_fuse_installed_debian.yml rename to roles/custom/matrix-base/tasks/ensure_fuse_installed_debian.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml b/roles/custom/matrix-base/tasks/ensure_fuse_installed_redhat.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_fuse_installed_redhat.yml rename to roles/custom/matrix-base/tasks/ensure_fuse_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml new file mode 100644 index 000000000..889531f9e --- /dev/null +++ b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml @@ -0,0 +1,12 @@ +--- + +# This is for both RedHat 7 and 8 +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_redhat.yml" + when: ansible_os_family == 'RedHat' + +# This is for both Debian and Raspbian +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_debian.yml" + when: ansible_os_family == 'Debian' + +- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_archlinux.yml" + when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_openssl_installed_archlinux.yml rename to roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_openssl_installed_debian.yml rename to roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml similarity index 100% rename from roles/custom/matrix-base/tasks/util/ensure_openssl_installed_redhat.yml rename to roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml deleted file mode 100644 index a23c77e1c..000000000 --- a/roles/custom/matrix-base/tasks/util/ensure_fuse_installed.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -# This is for both RedHat 7 and 8 -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_redhat.yml" - when: ansible_os_family == 'RedHat' - -# This is for both Debian and Raspbian -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_debian.yml" - when: ansible_os_family == 'Debian' - -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_fuse_installed_archlinux.yml" - when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml deleted file mode 100644 index a3b73d680..000000000 --- a/roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -# This is for both RedHat 7 and 8 -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_redhat.yml" - when: ansible_os_family == 'RedHat' - -# This is for both Debian and Raspbian -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_debian.yml" - when: ansible_os_family == 'Debian' - -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_openssl_installed_archlinux.yml" - when: ansible_os_family == 'Archlinux' diff --git a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml index 468dbd7a8..32d87408d 100644 --- a/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed - name: Ensure Appservice IRC paths exist ansible.builtin.file: diff --git a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml index 15209d2ca..e13af1986 100644 --- a/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed - name: Ensure hookshot paths exist ansible.builtin.file: diff --git a/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml b/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml index a91949e11..c52c19021 100644 --- a/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml +++ b/roles/custom/matrix-jitsi/tasks/setup_jitsi_base.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed # # Tasks related to setting up jitsi diff --git a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml index 918b74db3..7ebdec790 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_openssl_installed when: "matrix_ssl_retrieval_method == 'self-signed'" - name: Generate self-signed certificates diff --git a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml index 7eb7e46cc..7649beb4c 100644 --- a/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/goofys/setup_install.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_fuse_installed.yml" +- ansible.builtin.import_role: + name: custom/matrix-base + tasks_from: ensure_fuse_installed - name: Ensure Goofys Docker image is pulled community.docker.docker_image: From 39e4b419dd62d6c62609d51de32dd40ebabc82a5 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 09:29:53 +0200 Subject: [PATCH 328/349] matrix-etherpad: fail when mode is 'dimension', but dimension is disabled --- roles/custom/matrix-etherpad/tasks/main.yml | 10 +++++----- roles/custom/matrix-etherpad/tasks/validate_config.yml | 6 ++++++ 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/roles/custom/matrix-etherpad/tasks/main.yml b/roles/custom/matrix-etherpad/tasks/main.yml index b1c8ab557..caf0dda50 100644 --- a/roles/custom/matrix-etherpad/tasks/main.yml +++ b/roles/custom/matrix-etherpad/tasks/main.yml @@ -4,20 +4,20 @@ tags: - always -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" when: run_setup | bool and matrix_etherpad_enabled | bool tags: - setup-all - setup-etherpad -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: run_setup | bool and not matrix_etherpad_enabled | bool +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: run_setup | bool and matrix_etherpad_enabled | bool tags: - setup-all - setup-etherpad -- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: run_setup | bool and matrix_etherpad_enabled | bool +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: run_setup | bool and not matrix_etherpad_enabled | bool tags: - setup-all - setup-etherpad diff --git a/roles/custom/matrix-etherpad/tasks/validate_config.yml b/roles/custom/matrix-etherpad/tasks/validate_config.yml index 9832b0b89..10ddc5843 100644 --- a/roles/custom/matrix-etherpad/tasks/validate_config.yml +++ b/roles/custom/matrix-etherpad/tasks/validate_config.yml @@ -5,3 +5,9 @@ msg: >- Etherpad requires a dedicated Postgres database. Please enable the built in one, or configure an external DB by redefining "matrix_etherpad_database_hostname" when: matrix_etherpad_database_hostname == "matrix-postgres" and not matrix_postgres_enabled + +- name: Fail if wrong mode selected + ansible.builtin.fail: + msg: >- + You're using Etherpad in 'dimension' mode (`matrix_etherpad_serving_mode: dimension`), which tries to host Etherpad at the Dimension subdomain - `{{ matrix_server_fqn_dimension }}`. However, this isn't possible because Dimension is not enabled. To resolve the problem, either enable Dimension (`matrix_dimension_enabled: true`) or switch Etherpad to standalone mode (`matrix_etherpad_mode: standalone`) and have it served on its own domain (`{{ matrix_server_fqn_etherpad }}`). + when: matrix_etherpad_enabled | bool and matrix_etherpad_mode == 'dimension' and not matrix_dimension_enabled | default(False) | bool From 805b70bfa3f521ff486e3191108e0798fc6676ba Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 11:47:47 +0200 Subject: [PATCH 329/349] Announce standalone Etherpad --- CHANGELOG.md | 15 +++++++ docs/configuring-playbook-etherpad.md | 42 +++++++++++-------- .../custom/matrix-etherpad/defaults/main.yml | 2 +- 3 files changed, 40 insertions(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9bd06a8c2..bd38e1a95 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,18 @@ +# 2022-11-05 + +## (Backward Compatibility Break) A new default standalone mode for Etherpad + +Until now, [Etherpad](https://etherpad.org/) (which [the playbook could install for you](docs/configuring-playbook-etherpad.md)) required the [Dimension integration manager](docs/configuring-playbook-dimension.md) to also be installed, because Etherpad was hosted on the Dimension domain (at `dimension.DOMAIN/etherpad`). + +From now on, Etherpad can be installed in `standalone` mode on `etherpad.DOMAIN` and used even without Dimension. This is much more versatile, so the playbook now defaults to this new mode (`matrix_etherpad_mode: standalone`). + +If you've already got both Etherpad and Dimension in use you could: + +- **either** keep hosting Etherpad under the Dimension domain by adding `matrix_etherpad_mode: dimension` to your `vars.yml` file. All your existing room widgets will continue working at the same URLs and no other changes will be necessary. + +- **or**, you could change to hosting Etherpad separately on `etherpad.DOMAIN`. You will need to [configure a DNS record](docs/configuring-dns.md) for this new domain. You will also need to reconfigure Dimension to use the new pad URLs (`https://etherpad.DOMAIN/...`) going forward (refer to our [configuring Etherpad documentation](docs/configuring-playbook-etherpad.md)). All your existing room widgets (which still use `https://dimension.DOMAIN/etherpad/...`) will break as Etherpad is not hosted there anymore. You will need to re-add them or to consider not using `standalone` mode + + # 2022-11-04 ## The playbook now uses external roles for some things diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 4c5df6fa8..2ea423ef7 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -1,14 +1,20 @@ # Setting up Etherpad (optional) -[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) or used as standalone web app +[Etherpad](https://etherpad.org) is is an open source collaborative text editor that can be embedded in a Matrix chat room using the [Dimension integrations manager](https://dimension.t2bot.io) or used as standalone web app. When enabled together with the Jitsi audio/video conferencing system (see [our docs on Jitsi](configuring-playbook-jitsi.md)), it will be made available as an option during the conferences. + ## Prerequisites -The `etherpad.` DNS record must be created. See [Configuring your DNS server](configuring-dns.md) on how to set up DNS record correctly. +Etherpad can be installed in 2 modes: + +- (default) `standalone` mode (`matrix_etherpad_mode: standalone`) - Etherpad will be hosted on `etherpad.` (`matrix_server_fqn_etherpad`), so the DNS record for this domian must be created. See [Configuring your DNS server](configuring-dns.md) on how to set up the `etherpad` DNS record correctly + +- `dimension` mode (`matrix_etherpad_mode: dimension`) - Etherpad will be hosted on `dimension./etherpad` (`matrix_server_fqn_dimension`). This requires that you **first** configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) + +We recomend that you go with the default (`standalone`) mode, which makes Etherpad independent and allows it to be used with or without Dimension. -You may enable and configure the **Dimension integrations manager** as described in [the playbook documentation](configuring-playbook-dimension.md) to integrate etherpad with Dimension. ## Installing @@ -16,18 +22,17 @@ You may enable and configure the **Dimension integrations manager** as described ```yaml matrix_etherpad_enabled: true -``` - -## Etherpad Admin access (optional) -Etherpad comes with a admin web-UI which is disabled by default. You can enable it by setting a username and password in your configuration file (`inventory/host_vars/matrix./vars.yml`): +# Uncomment below if you'd like to install Etherpad on the Dimension domain (not recommended) +# matrix_etherpad_mode: dimension -```yaml -matrix_etherpad_admin_username: admin -matrix_etherpad_admin_password: some-password +# Uncomment below to enable the admin web UI +# matrix_etherpad_admin_username: admin +# matrix_etherpad_admin_password: some-password ``` -The admin web-UI should then be available on: `https://dimension./etherpad/admin` +If enabled, the admin web-UI should then be available on `https://etherpad./admin` (or `https://dimension./etherpad/admin`, if `matrix_etherpad_mode: dimension`) + ## Managing / Deleting old pads @@ -35,19 +40,20 @@ If you want to manage and remove old unused pads from Etherpad, you will first n Then from the plugin manager page (`https://etherpad./admin/plugins` or `https://dimension./etherpad/admin/plugins`), install the `adminpads2` plugin. Once installed, you should have a "Manage pads" section in the Admin web-UI. + ## Set Dimension default to the self-hosted Etherpad (optional) -If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside with Etherpad, -the Dimension administrator users can configure the default URL template. The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. Replace `scalar.vector.im` with your own Dimension domain and add the following to your vars.yml: +If you decided to install [Dimension integration manager](configuring-playbook-dimension.md) alongside Etherpad, the Dimension administrator users can configure the default URL template. +The Dimension configuration menu can be accessed with the sprocket icon as you begin to add a widget to a room in Element. There you will find the Etherpad Widget Configuration action beneath the _Widgets_ tab. -```yaml -matrix_etherpad_mode: dimension -``` ### Removing the integrated Etherpad chat -If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. -Example: `https://dimension./etherpad/p/$roomId_$padName?showChat=false` +If you wish to disable the Etherpad chat button, you can do it by appending `?showChat=false` to the end of the pad URL, or the template. Examples: +- `https://etherpad./p/$roomId_$padName?showChat=false` (for the default - `matrix_etherpad_mode: standalone`) + +- `https://dimension./etherpad/p/$roomId_$padName?showChat=false` (for `matrix_etherpad_mode: dimension`) + ### Known issues diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 2a8d24e87..505c9c4b6 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -32,7 +32,7 @@ matrix_etherpad_container_http_host_bind_port: '' # A list of extra arguments to pass to the container matrix_etherpad_container_extra_arguments: [] -# Used for dimension only +# Used only when `matrix_etherpad_mode: dimension` matrix_etherpad_public_endpoint: '/etherpad' # By default, the Etherpad app can be accessed on etherpad subdomain From 5ef70015cbaaaa6ff91651ceb52b19870106463b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 12:09:32 +0200 Subject: [PATCH 330/349] Ensure git is installed using ansible.builtin.package, not using a distro-specific package manager module Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../ext/mjolnir-antispam/setup_install.yml | 25 +++---------------- .../synapse-simple-antispam/setup_install.yml | 25 +++---------------- 2 files changed, 6 insertions(+), 44 deletions(-) diff --git a/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml index 117fb7576..5d36a2348 100644 --- a/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml @@ -1,28 +1,9 @@ --- -- name: Ensure git installed (RedHat) - ansible.builtin.yum: - name: - - git +- name: Ensure git installed + ansible.builtin.package: + name: git state: present - update_cache: false - when: "ansible_os_family == 'RedHat'" - -- name: Ensure git installed (Debian) - ansible.builtin.apt: - name: - - git - state: present - update_cache: false - when: "ansible_os_family == 'Debian'" - -- name: Ensure git installed (Archlinux) - community.general.pacman: - name: - - git - state: present - update_cache: false - when: "ansible_distribution == 'Archlinux'" - name: Clone mjolnir-antispam git repository ansible.builtin.git: diff --git a/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index dd3ff2d3f..15fe220ab 100644 --- a/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/custom/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -5,29 +5,10 @@ msg: "Synapse Simple Antispam is enabled, but no blocked homeservers have been set in matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers" when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers | length == 0" -- name: Ensure git installed (RedHat) - ansible.builtin.yum: - name: - - git +- name: Ensure git installed + ansible.builtin.package: + name: git state: present - update_cache: false - when: "ansible_os_family == 'RedHat'" - -- name: Ensure git installed (Debian) - ansible.builtin.apt: - name: - - git - state: present - update_cache: false - when: "ansible_os_family == 'Debian'" - -- name: Ensure git installed (Archlinux) - community.general.pacman: - name: - - git - state: present - update_cache: false - when: "ansible_distribution == 'Archlinux'" - name: Clone synapse-simple-antispam git repository ansible.builtin.git: From 663f0bc5efd51c1fd198c5a87e2f278cbe180756 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 5 Nov 2022 12:10:59 +0200 Subject: [PATCH 331/349] Install openssl using ansible.builtin.package, not using a distro-specific package manager module Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228 --- .../matrix-base/tasks/ensure_openssl_installed.yml | 14 ++++---------- .../tasks/ensure_openssl_installed_archlinux.yml | 6 ------ .../tasks/ensure_openssl_installed_debian.yml | 6 ------ .../tasks/ensure_openssl_installed_redhat.yml | 6 ------ 4 files changed, 4 insertions(+), 28 deletions(-) delete mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml delete mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml delete mode 100644 roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml index 889531f9e..d0cd8edea 100644 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml +++ b/roles/custom/matrix-base/tasks/ensure_openssl_installed.yml @@ -1,12 +1,6 @@ --- -# This is for both RedHat 7 and 8 -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_redhat.yml" - when: ansible_os_family == 'RedHat' - -# This is for both Debian and Raspbian -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_debian.yml" - when: ansible_os_family == 'Debian' - -- ansible.builtin.include_tasks: "{{ role_path }}/tasks/ensure_openssl_installed_archlinux.yml" - when: ansible_os_family == 'Archlinux' +- name: Ensure openssl installed + ansible.builtin.package: + name: openssl + state: present diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml deleted file mode 100644 index ce70c5624..000000000 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed_archlinux.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Ensure openssl installed (Archlinux) - community.general.pacman: - name: openssl - state: present diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml deleted file mode 100644 index 18f1cb95e..000000000 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed_debian.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Ensure openssl installed (Debian/Raspbian) - ansible.builtin.apt: - name: openssl - state: present diff --git a/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml b/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml deleted file mode 100644 index b8809cf55..000000000 --- a/roles/custom/matrix-base/tasks/ensure_openssl_installed_redhat.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: Ensure openssl installed (RedHat) - ansible.builtin.yum: - name: openssl - state: present From e3b3f076077036773a5c670f33d86543d943a833 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 13:19:00 +0200 Subject: [PATCH 332/349] etherpad: add abiword and soffice config options --- roles/custom/matrix-etherpad/defaults/main.yml | 2 ++ roles/custom/matrix-etherpad/templates/settings.json.j2 | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/roles/custom/matrix-etherpad/defaults/main.yml b/roles/custom/matrix-etherpad/defaults/main.yml index 505c9c4b6..540b2a518 100644 --- a/roles/custom/matrix-etherpad/defaults/main.yml +++ b/roles/custom/matrix-etherpad/defaults/main.yml @@ -58,6 +58,8 @@ matrix_etherpad_database_connection_string: 'postgres://{{ matrix_etherpad_datab # Variables configuring the etherpad matrix_etherpad_title: 'Etherpad' +matrix_etherpad_abiword: null +matrix_etherpad_soffice: null matrix_etherpad_default_pad_text: | Welcome to Etherpad! diff --git a/roles/custom/matrix-etherpad/templates/settings.json.j2 b/roles/custom/matrix-etherpad/templates/settings.json.j2 index 0a240f3e0..cc45d1905 100644 --- a/roles/custom/matrix-etherpad/templates/settings.json.j2 +++ b/roles/custom/matrix-etherpad/templates/settings.json.j2 @@ -20,8 +20,8 @@ "editOnly": false, "minify": true, "maxAge": 21600, - "abiword": null, - "soffice": null, + "abiword": {{ matrix_etherpad_abiword|to_json }}, + "soffice": {{ matrix_etherpad_soffice|to_json }}, "tidyHtml": null, "allowUnknownFileEnds": true, "requireAuthentication": false, @@ -103,7 +103,7 @@ "pageUp": true, "pageDown": true }, - "loglevel": "INFO", + "loglevel": "WARN", "logconfig" : { "appenders": [ { "type": "console", From 5e1bcf3f76bfeef44723d2016b1bdddf7c45571a Mon Sep 17 00:00:00 2001 From: mouse Date: Sun, 6 Nov 2022 00:20:44 +1100 Subject: [PATCH 333/349] stop gradle pacman error on ubuntu --- roles/custom/matrix-ma1sd/tasks/setup_install.yml | 9 ++------- .../tasks/util/ensure_gradle_installed_archlinux.yml | 6 ++++++ 2 files changed, 8 insertions(+), 7 deletions(-) create mode 100644 roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml diff --git a/roles/custom/matrix-ma1sd/tasks/setup_install.yml b/roles/custom/matrix-ma1sd/tasks/setup_install.yml index 70f7937ae..b9668a053 100644 --- a/roles/custom/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/custom/matrix-ma1sd/tasks/setup_install.yml @@ -74,13 +74,8 @@ msg: "Installing gradle on RedHat ({{ ansible_distribution }}) is currently not supported, so self-building ma1sd cannot happen at this time" when: ansible_os_family == 'RedHat' - - name: Ensure gradle is installed for self-building (Archlinux) - community.general.pacman: - name: - - gradle - state: present - update_cache: true - when: ansible_distribution == 'Archlinux' + - ansible.builtin.include_tasks: "{{ role_path }}/tasks/util/ensure_gradle_installed_archlinux.yml" + when: "ansible_distribution == 'Archlinux'" - name: Ensure ma1sd repository is present on self-build ansible.builtin.git: diff --git a/roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml b/roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml new file mode 100644 index 000000000..cfe38a8d4 --- /dev/null +++ b/roles/custom/matrix-ma1sd/tasks/util/ensure_gradle_installed_archlinux.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure gradle installed (Archlinux) + community.general.pacman: + name: gradle + state: present From a4dbc27f34d640829ac84f045e83a346f10086f2 Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 5 Nov 2022 19:40:09 +0200 Subject: [PATCH 334/349] remove etherpad nginx config automatically --- roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 6585de595..4a74d3991 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -321,6 +321,12 @@ state: absent when: "not matrix_nginx_proxy_proxy_ntfy_enabled | bool" +- name: Ensure Matrix nginx-proxy configuration for etherpad domain deleted + ansible.builtin.file: + path: "{{ matrix_nginx_proxy_confd_path }}/matrix-etherpad.conf" + state: absent + when: "not matrix_nginx_proxy_proxy_etherpad_enabled | bool" + - name: Ensure Matrix nginx-proxy homepage for base domain deleted ansible.builtin.file: path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html" From a93d733bd3144589f8ba82c9cfb6d73620ee18dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ab=C3=ADlio=20Costa?= Date: Sun, 6 Nov 2022 21:38:27 +0000 Subject: [PATCH 335/349] Remove repeated quote in mautrix-discord docs --- docs/configuring-playbook-bridge-mautrix-discord.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-discord.md b/docs/configuring-playbook-bridge-mautrix-discord.md index 439113fd4..68e5ce33d 100644 --- a/docs/configuring-playbook-bridge-mautrix-discord.md +++ b/docs/configuring-playbook-bridge-mautrix-discord.md @@ -3,7 +3,6 @@ **Note**: bridging to [Discord](https://discordapp.com/) can also happen via the [mx-puppet-discord](configuring-playbook-bridge-mx-puppet-discord.md) and [matrix-appservice-discord](configuring-playbook-bridge-appservice-discord.md) bridges supported by the playbook. - For using as a Bot we recommend the [Appservice Discord](configuring-playbook-bridge-appservice-discord.md), because it supports plumbing. - For personal use with a discord account we recommend the `mautrix-discord` bridge (the one being discussed here), because it is the most fully-featured and stable of the 3 Discord bridges supported by the playbook. -The `mautrix-discord` bridge (the one being discussed here) is the most fully-featured and stable of the 3 Discord bridges supported by the playbook, so it's the one we recommend. The playbook can install and configure [mautrix-discord](https://github.com/mautrix/discord) for you. From 7871a92b049e6a0c849e8977e91d6f61678f62a5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 8 Nov 2022 16:25:52 +0200 Subject: [PATCH 336/349] Upgrade Synapse (v1.70.1 -> v1.71.0) --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index ebd552115..54351256a 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -36,7 +36,7 @@ matrix_synapse_container_image_customizations_dockerfile_body_custom: '' matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.70.1 +matrix_synapse_version: v1.71.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 67d0709ea67e968e3fd5b1cdc13961e5efeda29c Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 8 Nov 2022 14:28:37 +0000 Subject: [PATCH 337/349] Update Grafana 9.2.3 -> 9.2.4 --- roles/custom/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-grafana/defaults/main.yml b/roles/custom/matrix-grafana/defaults/main.yml index 43b29c94a..7c5e8d993 100644 --- a/roles/custom/matrix-grafana/defaults/main.yml +++ b/roles/custom/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: true -matrix_grafana_version: 9.2.3 +matrix_grafana_version: 9.2.4 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 6c2612a1a6e24110cb5ab5dfaa38a612774062bc Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 8 Nov 2022 14:29:37 +0000 Subject: [PATCH 338/349] Update prometheus 2.39.1 -> 2.40.0 --- roles/custom/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-prometheus/defaults/main.yml b/roles/custom/matrix-prometheus/defaults/main.yml index cbd3575e4..0b4dd3e26 100644 --- a/roles/custom/matrix-prometheus/defaults/main.yml +++ b/roles/custom/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.39.1 +matrix_prometheus_version: v2.40.0 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From 51674887ffa1dd07d678d861159b3c9859537fe1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 8 Nov 2022 17:39:56 +0200 Subject: [PATCH 339/349] Fix Synapse pusher_instances not being populated correctly This caused push notifications to be delivered more than once if multiple `pusher` workers were enabled. --- .../tasks/synapse/workers/util/inject_worker.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml b/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml index b69529b9b..4542f19c1 100644 --- a/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml +++ b/roles/custom/matrix-synapse/tasks/synapse/workers/util/inject_worker.yml @@ -63,3 +63,8 @@ - ansible.builtin.set_fact: matrix_synapse_instance_map: "{{ matrix_synapse_instance_map | combine({matrix_synapse_worker_details.name: {'host': matrix_synapse_worker_details.name, 'port': matrix_synapse_worker_details.replication_port}}) }}" when: matrix_synapse_worker_details.type in matrix_synapse_known_instance_map_eligible_worker_types + +# Inject pusher instances. +- ansible.builtin.set_fact: + matrix_synapse_federation_pusher_instances: "{{ matrix_synapse_federation_pusher_instances + [matrix_synapse_worker_details.name] }}" + when: matrix_synapse_worker_details.type == 'pusher' From 65e340519d7acb6476a525e004a62d86464ea28d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 8 Nov 2022 16:24:33 +0000 Subject: [PATCH 340/349] Update element v1.11.13 -> v1.11.14 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index b2ffd05da..a1543b5bb 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -10,7 +10,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.11.13 +matrix_client_element_version: v1.11.14 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 32e5c814e48293048e80229240392ef39a13f735 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 9 Nov 2022 08:43:28 +0200 Subject: [PATCH 341/349] Update containerized Ansible tag and make documentation about "make roles" clearer `devture/ansible:2.13.6-r0` contains the `make` utility. (https://github.com/devture/docker-ansible/commit/8597fd82720bf3aa1d1f3a6b9ea30ae45120e12f) Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2248 --- docs/ansible.md | 9 +++------ docs/installing.md | 2 +- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/docs/ansible.md b/docs/ansible.md index bd1fe9273..6afc98c8c 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -45,10 +45,7 @@ Alternatively, you can run Ansible inside a Docker container (powered by the [de This ensures that you're using a very recent Ansible version, which is less likely to be incompatible with the playbook. -There are 2 ways to go about it: - -- [Running Ansible in a container on the Matrix server itself](#running-ansible-in-a-container-on-the-matrix-server-itself) -- [Running Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server) +You can either [run Ansible in a container on the Matrix server itself](#running-ansible-in-a-container-on-the-matrix-server-itself) or [run Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server). ### Running Ansible in a container on the Matrix server itself @@ -73,7 +70,7 @@ docker run -it --rm \ -w /work \ -v `pwd`:/work \ --entrypoint=/bin/sh \ -docker.io/devture/ansible:2.13.0-r0 +docker.io/devture/ansible:2.13.6-r0 ``` Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. @@ -92,7 +89,7 @@ docker run -it --rm \ -v `pwd`:/work \ -v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro \ --entrypoint=/bin/sh \ -docker.io/devture/ansible:2.13.0-r0 +docker.io/devture/ansible:2.13.6-r0 ``` The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`). diff --git a/docs/installing.md b/docs/installing.md index 19506e331..53a86585c 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -2,7 +2,7 @@ If you've [configured your DNS](configuring-dns.md) and have [configured the playbook](configuring-playbook.md), you can start the installation procedure. -**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the commands seen in the `Makefile`. +**Before installing** and each time you update the playbook in the future, you will need to update the Ansible roles in this playbook by running `make roles`. `make roles` is a shortcut (a `roles` target defined in [`Makefile`](Makefile) and executed by the [`make`](https://www.gnu.org/software/make/) utility) which ultimately runs [ansible-galaxy](https://docs.ansible.com/ansible/latest/cli/ansible-galaxy.html) to download Ansible roles. If you don't have `make`, you can also manually run the `roles` commands seen in the `Makefile`. ## Playbook tags introduction From 06df2df9e90fd09ac50fcab3f88c85fea5116dae Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 9 Nov 2022 09:01:56 +0200 Subject: [PATCH 342/349] Mention playbook ownership issues when running Ansible in a container and potential workarounds Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2248 --- docs/ansible.md | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/docs/ansible.md b/docs/ansible.md index 6afc98c8c..e8a0ddb21 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -76,7 +76,9 @@ docker.io/devture/ansible:2.13.6-r0 Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. The `/work` directory contains the playbook's code. -You can execute `ansible-playbook ...` (or `ansible-playbook --connection=community.docker.nsenter ...`) commands as per normal now. +First, consider running `git config --global --add safe.directory /work` to [resolve directory ownership issues](#resolve-directory-ownership-issues). + +Finally, you can execute `ansible-playbook ...` (or `ansible-playbook --connection=community.docker.nsenter ...`) commands as per normal now. ### Running Ansible in a container on another computer (not the Matrix server) @@ -98,7 +100,10 @@ If your SSH key is at a different path (not in `$HOME/.ssh/id_rsa`), adjust that Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. The `/work` directory contains the playbook's code. -You can execute `ansible-playbook ...` commands as per normal now. +First, consider running `git config --global --add safe.directory /work` to [resolve directory ownership issues](#resolve-directory-ownership-issues). + +Finally, you execute `ansible-playbook ...` commands as per normal now. + #### If you don't use SSH keys for authentication @@ -109,3 +114,13 @@ apk add sshpass ``` Then, to be asked for the password whenever running an `ansible-playbook` command add `--ask-pass` to the arguments of the command. + +#### Resolve directory ownership issues + +Because you're `root` in the container running Ansible and this likely differs fom the owner (your regular user account) of the playbook directory outside of the container, certain playbook features which use `git` locally may report warnings such as: + +> fatal: unsafe repository ('/work' is owned by someone else) +> To add an exception for this directory, call: +> git config --global --add safe.directory /work + +These errors can be resolved by making `git` trust the playbook directory by running `git config --global --add safe.directory /work` From ea0c7e27e3ba517c9d7b48ea19066bd5b7c3b9c1 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 9 Nov 2022 15:32:09 +0000 Subject: [PATCH 343/349] Update prometheus 2.40.0 -> 2.40.1 --- roles/custom/matrix-prometheus/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-prometheus/defaults/main.yml b/roles/custom/matrix-prometheus/defaults/main.yml index 0b4dd3e26..adc903872 100644 --- a/roles/custom/matrix-prometheus/defaults/main.yml +++ b/roles/custom/matrix-prometheus/defaults/main.yml @@ -5,7 +5,7 @@ matrix_prometheus_enabled: false -matrix_prometheus_version: v2.40.0 +matrix_prometheus_version: v2.40.1 matrix_prometheus_docker_image: "{{ matrix_container_global_registry_prefix }}prom/prometheus:{{ matrix_prometheus_version }}" matrix_prometheus_docker_image_force_pull: "{{ matrix_prometheus_docker_image.endswith(':latest') }}" From 83e38d59239863454dfeebfb3edfb1abf288d146 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Nov 2022 16:03:21 +0000 Subject: [PATCH 344/349] Bump frenck/action-yamllint from 1.3.0 to 1.3.1 Bumps [frenck/action-yamllint](https://github.com/frenck/action-yamllint) from 1.3.0 to 1.3.1. - [Release notes](https://github.com/frenck/action-yamllint/releases) - [Commits](https://github.com/frenck/action-yamllint/compare/v1.3.0...v1.3.1) --- updated-dependencies: - dependency-name: frenck/action-yamllint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/matrix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/matrix.yml b/.github/workflows/matrix.yml index f63eade4c..8da5b9690 100644 --- a/.github/workflows/matrix.yml +++ b/.github/workflows/matrix.yml @@ -13,7 +13,7 @@ jobs: - name: Check out uses: actions/checkout@v3 - name: Run yamllint - uses: frenck/action-yamllint@v1.3.0 + uses: frenck/action-yamllint@v1.3.1 ansible-lint: name: ansible-lint runs-on: ubuntu-latest From 19b59f9ded388923d73afbd61c4849cb62666a68 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 10 Nov 2022 17:56:59 +0000 Subject: [PATCH 345/349] Update Hydrogen 0.3.3 -> 0.3.4 --- roles/custom/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index d207df742..80bdb021e 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -8,7 +8,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.3.3 +matrix_client_hydrogen_version: v0.3.4 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From adbc09f152c390af8f272a0580a1810983ae592f Mon Sep 17 00:00:00 2001 From: throny Date: Sat, 12 Nov 2022 11:20:43 +0100 Subject: [PATCH 346/349] warn users about upgrading to pg15 when using borg --- docs/maintenance-postgres.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/maintenance-postgres.md b/docs/maintenance-postgres.md index 52d2d9eed..fce6ad4d0 100644 --- a/docs/maintenance-postgres.md +++ b/docs/maintenance-postgres.md @@ -76,6 +76,8 @@ This is because newer Postgres versions cannot start with data generated by olde Upgrades must be performed manually. +**Warning: If you're using Borg Backup you probably don't want to upgrade to Postgres 15 yet as there is currently no support.** + This playbook can upgrade your existing Postgres setup with the following command: ansible-playbook -i inventory/hosts setup.yml --tags=upgrade-postgres From c68def0809aa68cf8a7c0c70b1e3ddad39db105a Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 12 Nov 2022 22:01:31 +0000 Subject: [PATCH 347/349] Update ntfy 1.28.0 -> 1.29.0 --- roles/custom/matrix-ntfy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-ntfy/defaults/main.yml b/roles/custom/matrix-ntfy/defaults/main.yml index 762439806..8b8a89539 100644 --- a/roles/custom/matrix-ntfy/defaults/main.yml +++ b/roles/custom/matrix-ntfy/defaults/main.yml @@ -7,7 +7,7 @@ matrix_ntfy_base_path: "{{ matrix_base_data_path }}/ntfy" matrix_ntfy_config_dir_path: "{{ matrix_ntfy_base_path }}/config" matrix_ntfy_data_path: "{{ matrix_ntfy_base_path }}/data" -matrix_ntfy_version: v1.28.0 +matrix_ntfy_version: v1.29.0 matrix_ntfy_docker_image: "{{ matrix_container_global_registry_prefix }}binwiederhier/ntfy:{{ matrix_ntfy_version }}" matrix_ntfy_docker_image_force_pull: "{{ matrix_ntfy_docker_image.endswith(':latest') }}" From b12cdbd99d381acc587cef7b895cd3ac814a230c Mon Sep 17 00:00:00 2001 From: throny Date: Sat, 12 Nov 2022 23:40:46 +0100 Subject: [PATCH 348/349] Update maintenance-postgres.md --- docs/maintenance-postgres.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/docs/maintenance-postgres.md b/docs/maintenance-postgres.md index fce6ad4d0..751fb7986 100644 --- a/docs/maintenance-postgres.md +++ b/docs/maintenance-postgres.md @@ -76,12 +76,17 @@ This is because newer Postgres versions cannot start with data generated by olde Upgrades must be performed manually. -**Warning: If you're using Borg Backup you probably don't want to upgrade to Postgres 15 yet as there is currently no support.** - This playbook can upgrade your existing Postgres setup with the following command: ansible-playbook -i inventory/hosts setup.yml --tags=upgrade-postgres +**Warning: If you're using Borg Backup keep in mind that there is no official Postgres 15 support yet.** +However, it is possible to use the `latest` or `14` image. Edit `roles/custom/matrix-backup-borg/defaults/main.yml` and adjust the variables accordingly. +```bash +matrix_backup_borg_version: "latest" # or 14 +matrix_backup_borg_supported_postgres_versions: ['12', '13', '14', '15'] +``` + **The old Postgres data directory is backed up** automatically, by renaming it to `/matrix/postgres/data-auto-upgrade-backup`. To rename to a different path, pass some extra flags to the command above, like this: `--extra-vars="postgres_auto_upgrade_backup_data_path=/another/disk/matrix-postgres-before-upgrade"` From f5a09f30b746f1c19dbec3b077f9d3a612ba15e7 Mon Sep 17 00:00:00 2001 From: throny Date: Sat, 12 Nov 2022 23:48:57 +0100 Subject: [PATCH 349/349] Update maintenance-postgres.md --- docs/maintenance-postgres.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/docs/maintenance-postgres.md b/docs/maintenance-postgres.md index 751fb7986..d22b1648d 100644 --- a/docs/maintenance-postgres.md +++ b/docs/maintenance-postgres.md @@ -81,11 +81,8 @@ This playbook can upgrade your existing Postgres setup with the following comman ansible-playbook -i inventory/hosts setup.yml --tags=upgrade-postgres **Warning: If you're using Borg Backup keep in mind that there is no official Postgres 15 support yet.** -However, it is possible to use the `latest` or `14` image. Edit `roles/custom/matrix-backup-borg/defaults/main.yml` and adjust the variables accordingly. -```bash -matrix_backup_borg_version: "latest" # or 14 -matrix_backup_borg_supported_postgres_versions: ['12', '13', '14', '15'] -``` +As long as Alpine Linux is missing packages for postgres15, it is possible to use the `latest` or `14` image of borgmatic. Edit your `vars.yml` and add: +`matrix_backup_borg_version: "latest"` **The old Postgres data directory is backed up** automatically, by renaming it to `/matrix/postgres/data-auto-upgrade-backup`. To rename to a different path, pass some extra flags to the command above, like this: `--extra-vars="postgres_auto_upgrade_backup_data_path=/another/disk/matrix-postgres-before-upgrade"`