Parcourir la source
Move wsproxy to the matrix-addons network and adjust its Postgres connectivity
This is a bit of a compatibility break. The role was defaulting the Postgres password to `some-password` and we auto-generate it now. However, rebuilding both Postgres and this service should unify the database credentials and the service configs to the new value.pull/3093/head
Slavi Pantaleev
il y a 2 ans
4 fichiers modifiés avec 27 ajouts et 16 suppressions
-
+14 -11group_vars/matrix_servers
-
+8 -3roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml
-
+3 -0roles/custom/matrix-bridge-mautrix-wsproxy/tasks/validate_config.yml
-
+2 -2roles/custom/matrix-bridge-mautrix-wsproxy/templates/syncproxy-env.j2
+ 14
- 11
group_vars/matrix_servers
Voir le fichier
| @@ -1489,30 +1489,30 @@ matrix_mautrix_gmessages_database_password: "{{ '%s' | format(matrix_homeserver_ | |||||
| # We don't enable bridges by default. | # We don't enable bridges by default. | ||||
| matrix_mautrix_wsproxy_enabled: false | matrix_mautrix_wsproxy_enabled: false | ||||
| matrix_mautrix_wsproxy_systemd_required_services_list: | | |||||
| matrix_mautrix_wsproxy_systemd_required_services_list_default: | | |||||
| {{ | {{ | ||||
| ['docker.service'] | |||||
| + | |||||
| ['matrix-' + matrix_homeserver_implementation + '.service'] | |||||
| + | |||||
| ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) | |||||
| matrix_addons_homeserver_systemd_services_list | |||||
| + | + | ||||
| (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) | |||||
| ([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_mautrix_wsproxy_syncproxy_database_hostname == devture_postgres_connection_hostname) else []) | |||||
| }} | }} | ||||
| matrix_mautrix_wsproxy_homeserver_domain: "{{ matrix_domain }}" | matrix_mautrix_wsproxy_homeserver_domain: "{{ matrix_domain }}" | ||||
| matrix_mautrix_wsproxy_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}" | matrix_mautrix_wsproxy_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}" | ||||
| matrix_mautrix_wsproxy_hostname: "wsproxy.{{ matrix_mautrix_wsproxy_homeserver_domain }}" | matrix_mautrix_wsproxy_hostname: "wsproxy.{{ matrix_mautrix_wsproxy_homeserver_domain }}" | ||||
| matrix_mautrix_wsproxy_syncproxy_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}" | |||||
| matrix_mautrix_wsproxy_container_network: "{{ matrix_addons_container_network }}" | |||||
| matrix_mautrix_wsproxy_container_additional_networks: | | matrix_mautrix_wsproxy_container_additional_networks: | | ||||
| {{ | {{ | ||||
| ( | ( | ||||
| ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else []) | |||||
| ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) | |||||
| + | + | ||||
| ([matrix_nginx_proxy_container_network] if matrix_nginx_proxy_enabled and matrix_nginx_proxy_container_network != matrix_mautrix_wsproxy_container_network else []) | |||||
| ([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else []) | |||||
| + | + | ||||
| ([devture_postgres_container_network] if devture_postgres_enabled and devture_postgres_container_network != matrix_mautrix_wsproxy_container_network else []) | |||||
| ([devture_postgres_container_network] if (devture_postgres_enabled and matrix_mautrix_wsproxy_syncproxy_database_hostname == devture_postgres_connection_hostname and devture_postgres_container_network != matrix_mautrix_wsproxy_container_network) else []) | |||||
| ) | unique | ) | unique | ||||
| }} | }} | ||||
| @@ -1521,6 +1521,9 @@ matrix_mautrix_wsproxy_container_labels_traefik_docker_network: "{{ matrix_playb | |||||
| matrix_mautrix_wsproxy_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" | matrix_mautrix_wsproxy_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" | ||||
| matrix_mautrix_wsproxy_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" | matrix_mautrix_wsproxy_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" | ||||
| matrix_mautrix_wsproxy_syncproxy_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" | |||||
| matrix_mautrix_wsproxy_syncproxy_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wsproxy.db', rounds=655555) | to_uuid }}" | |||||
| ###################################################################### | ###################################################################### | ||||
| # | # | ||||
| # /matrix-bridge-mautrix-wsproxy | # /matrix-bridge-mautrix-wsproxy | ||||
+ 8
- 3
roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml
Voir le fichier
| @@ -58,7 +58,10 @@ matrix_mautrix_wsproxy_container_labels_additional_labels: '' | |||||
| matrix_mautrix_wsproxy_container_extra_arguments: [] | matrix_mautrix_wsproxy_container_extra_arguments: [] | ||||
| # List of systemd services that matrix-mautrix-wsproxy.service depends on. | # List of systemd services that matrix-mautrix-wsproxy.service depends on. | ||||
| matrix_mautrix_wsproxy_systemd_required_services_list: ['docker.service'] | |||||
| matrix_mautrix_wsproxy_systemd_required_services_list: "{{ matrix_mautrix_wsproxy_systemd_required_services_list_default + matrix_mautrix_wsproxy_systemd_required_services_list_auto + matrix_mautrix_wsproxy_systemd_required_services_list_custom }}" | |||||
| matrix_mautrix_wsproxy_systemd_required_services_list_default: ['docker.service'] | |||||
| matrix_mautrix_wsproxy_systemd_required_services_list_auto: [] | |||||
| matrix_mautrix_wsproxy_systemd_required_services_list_custom: [] | |||||
| # List of systemd services that matrix-mautrix-wsproxy.service wants | # List of systemd services that matrix-mautrix-wsproxy.service wants | ||||
| matrix_mautrix_wsproxy_systemd_wanted_services_list: [] | matrix_mautrix_wsproxy_systemd_wanted_services_list: [] | ||||
| @@ -137,6 +140,8 @@ matrix_mautrix_wsproxy_syncproxy_container_extra_arguments: [] | |||||
| matrix_mautrix_wsproxy_syncproxy_systemd_required_services_list: ['docker.service', 'matrix-mautrix-wsproxy.service'] | matrix_mautrix_wsproxy_syncproxy_systemd_required_services_list: ['docker.service', 'matrix-mautrix-wsproxy.service'] | ||||
| matrix_mautrix_wsproxy_syncproxy_systemd_wanted_services_list: [] | matrix_mautrix_wsproxy_syncproxy_systemd_wanted_services_list: [] | ||||
| matrix_mautrix_wsproxy_syncproxy_homeserver_url: '' | |||||
| matrix_mautrix_wsproxy_syncproxy_shared_secret: '' | matrix_mautrix_wsproxy_syncproxy_shared_secret: '' | ||||
| matrix_mautrix_wsproxy_syncproxy_port: 29332 | matrix_mautrix_wsproxy_syncproxy_port: 29332 | ||||
| matrix_mautrix_wsproxy_syncproxy_appservice_address: "http://matrix-mautrix-wsproxy-syncproxy:{{ matrix_mautrix_wsproxy_syncproxy_port }}" | matrix_mautrix_wsproxy_syncproxy_appservice_address: "http://matrix-mautrix-wsproxy-syncproxy:{{ matrix_mautrix_wsproxy_syncproxy_port }}" | ||||
| @@ -148,8 +153,8 @@ matrix_mautrix_wsproxy_syncproxy_appservice_address: "http://matrix-mautrix-wspr | |||||
| matrix_mautrix_wsproxy_syncproxy_database_engine: 'postgres' | matrix_mautrix_wsproxy_syncproxy_database_engine: 'postgres' | ||||
| matrix_mautrix_wsproxy_syncproxy_database_username: 'matrix_mautrix_wsproxy_syncproxy' | matrix_mautrix_wsproxy_syncproxy_database_username: 'matrix_mautrix_wsproxy_syncproxy' | ||||
| matrix_mautrix_wsproxy_syncproxy_database_password: 'some-password' | |||||
| matrix_mautrix_wsproxy_syncproxy_database_hostname: 'matrix-postgres' | |||||
| matrix_mautrix_wsproxy_syncproxy_database_password: '' | |||||
| matrix_mautrix_wsproxy_syncproxy_database_hostname: '' | |||||
| matrix_mautrix_wsproxy_syncproxy_database_port: 5432 | matrix_mautrix_wsproxy_syncproxy_database_port: 5432 | ||||
| matrix_mautrix_wsproxy_syncproxy_database_name: 'matrix_mautrix_wsproxy_syncproxy' | matrix_mautrix_wsproxy_syncproxy_database_name: 'matrix_mautrix_wsproxy_syncproxy' | ||||
+ 3
- 0
roles/custom/matrix-bridge-mautrix-wsproxy/tasks/validate_config.yml
Voir le fichier
| @@ -12,3 +12,6 @@ | |||||
| - "matrix_mautrix_imessage_homeserver_token" | - "matrix_mautrix_imessage_homeserver_token" | ||||
| - "matrix_mautrix_wsproxy_homeserver_address" | - "matrix_mautrix_wsproxy_homeserver_address" | ||||
| - "matrix_mautrix_wsproxy_syncproxy_shared_secret" | - "matrix_mautrix_wsproxy_syncproxy_shared_secret" | ||||
| - "matrix_mautrix_wsproxy_syncproxy_homeserver_url" | |||||
| - "matrix_mautrix_wsproxy_syncproxy_database_hostname" | |||||
| - "matrix_mautrix_wsproxy_syncproxy_database_password" | |||||
+ 2
- 2
roles/custom/matrix-bridge-mautrix-wsproxy/templates/syncproxy-env.j2
Voir le fichier
| @@ -1,3 +1,3 @@ | |||||
| DATABASE_URL={{ matrix_mautrix_signal_wsproxy_syncproxy_connection_string }} | DATABASE_URL={{ matrix_mautrix_signal_wsproxy_syncproxy_connection_string }} | ||||
| HOMESERVER_URL={{ matrix_homeserver_container_url }} | |||||
| SHARED_SECRET={{ matrix_mautrix_wsproxy_syncproxy_shared_secret }} | |||||
| HOMESERVER_URL={{ matrix_mautrix_wsproxy_syncproxy_homeserver_url }} | |||||
| SHARED_SECRET={{ matrix_mautrix_wsproxy_syncproxy_shared_secret }} | |||||