Merge pull request #187 from danbob/fix-ansible-deprecations

Fix ansible deprecations

examples/hosts

@@ -7,5 +7,5 @@
 # For improved Ansible performance, SSH pipelining is enabled by default (`ansible_ssh_pipelining=yes`).
 # If this causes SSH connection troubles, feel free to disable it.
 
-[matrix-servers]
+[matrix_servers]
 matrix.<your-domain> ansible_host=<your-server's external IP address> ansible_ssh_user=root ansible_ssh_pipelining=yes

roles/matrix-base/tasks/main.yml

@@ -3,22 +3,22 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
 
 - import_tasks: "{{ role_path }}/tasks/setup_server_base.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
 
 - import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
 
 - import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-mxisd
@@ -28,6 +28,6 @@
 - import_tasks: "{{ role_path }}/tasks/self_check_dns.yml"
   delegate_to: 127.0.0.1
   become: false
-  when: run_self_check
+  when: run_self_check|bool
   tags:
     - self-check

roles/matrix-base/tasks/self_check_dns.yml

@@ -19,7 +19,7 @@
     - name: Determine domains that we require certificates for (mxisd)
       set_fact:
         dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}"
-  when: "matrix_mxisd_enabled"
+  when: matrix_mxisd_enabled|bool
 
 - name: Perform DNS SRV checks
   include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml"

roles/matrix-base/tasks/setup_well_known.yml

@@ -27,10 +27,10 @@
     mode: 0644
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
-  when: matrix_well_known_matrix_server_enabled
+  when: matrix_well_known_matrix_server_enabled|bool
 
 - name: Ensure Matrix /.well-known/matrix/server file deleted
   file:
     path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
     state: absent
-  when: "not matrix_well_known_matrix_server_enabled"
+  when: "not matrix_well_known_matrix_server_enabled|bool"

roles/matrix-bridge-appservice-discord/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}"
-  when: matrix_appservice_discord_enabled
+  when: matrix_appservice_discord_enabled|bool

roles/matrix-bridge-appservice-discord/tasks/main.yml

@@ -3,19 +3,19 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_appservice_discord_enabled"
+  when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
   tags:
     - setup-all
     - setup-appservice-discord
 
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
-  when: "run_setup and matrix_appservice_discord_enabled"
+  when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
   tags:
     - setup-all
     - setup-appservice-discord
 
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
-  when: "run_setup and not matrix_appservice_discord_enabled"
+  when: "run_setup|bool and not matrix_appservice_discord_enabled|bool"
   tags:
     - setup-all
     - setup-appservice-discord

roles/matrix-bridge-appservice-discord/tasks/setup_install.yml

@@ -11,6 +11,7 @@
 - name: Ensure Appservice Discord image is pulled
   docker_image:
     name: "{{ matrix_appservice_discord_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
 
 - name: Ensure Appservice Discord base directory exists
   file:
@@ -90,4 +91,3 @@
       {{ matrix_synapse_app_service_config_files|default([]) }}
       +
       {{ ["{{ matrix_synapse_app_service_config_file_appservice_discord }}"] | to_nice_json  }}
-

roles/matrix-bridge-appservice-irc/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}"
-  when: matrix_appservice_irc_enabled
+  when: matrix_appservice_irc_enabled|bool

roles/matrix-bridge-appservice-irc/tasks/main.yml

@@ -3,19 +3,19 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_appservice_irc_enabled"
+  when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
   tags:
     - setup-all
     - setup-appservice-irc
 
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
-  when: "run_setup and matrix_appservice_irc_enabled"
+  when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
   tags:
     - setup-all
     - setup-appservice-irc
 
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
-  when: "run_setup and not matrix_appservice_irc_enabled"
+  when: "run_setup|bool and not matrix_appservice_irc_enabled|bool"
   tags:
     - setup-all
     - setup-appservice-irc

roles/matrix-bridge-appservice-irc/tasks/setup_install.yml

@@ -11,6 +11,7 @@
 - name: Ensure Appservice IRC image is pulled
   docker_image:
     name: "{{ matrix_appservice_irc_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
 
 - name: Ensure Appservice IRC base directory exists
   file:

roles/matrix-bridge-mautrix-facebook/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}"
-  when: "matrix_mautrix_facebook_enabled"
+  when: matrix_mautrix_facebook_enabled|bool

roles/matrix-bridge-mautrix-facebook/tasks/main.yml

@@ -3,19 +3,19 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_mautrix_facebook_enabled"
+  when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
   tags:
     - setup-all
     - setup-mautrix-facebook
 
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
-  when: "run_setup and matrix_mautrix_facebook_enabled"
+  when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
   tags:
     - setup-all
     - setup-mautrix-facebook
 
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
-  when: "run_setup and not matrix_mautrix_facebook_enabled"
+  when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool"
   tags:
     - setup-all
     - setup-mautrix-facebook

roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml

@@ -11,6 +11,7 @@
 - name: Ensure Mautrix Facebook image is pulled
   docker_image:
     name: "{{ matrix_mautrix_facebook_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
 
 - name: Ensure Mautrix Facebook base directory exists
   file:

roles/matrix-bridge-mautrix-telegram/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}"
-  when: "matrix_mautrix_telegram_enabled"
+  when: matrix_mautrix_telegram_enabled|bool

roles/matrix-bridge-mautrix-telegram/tasks/main.yml

@@ -3,19 +3,19 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_mautrix_telegram_enabled"
+  when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
   tags:
     - setup-all
     - setup-mautrix-telegram
 
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
-  when: "run_setup and matrix_mautrix_telegram_enabled"
+  when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
   tags:
     - setup-all
     - setup-mautrix-telegram
 
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
-  when: "run_setup and not matrix_mautrix_telegram_enabled"
+  when: "run_setup|bool and not matrix_mautrix_telegram_enabled|bool"
   tags:
     - setup-all
     - setup-mautrix-telegram

roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml

@@ -11,6 +11,7 @@
 - name: Ensure Mautrix Telegram image is pulled
   docker_image:
     name: "{{ matrix_mautrix_telegram_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
 
 - name: Ensure Mautrix Telegram base directory exists
   file:
@@ -98,7 +99,7 @@
         but it's pointless since the matrix-nginx-proxy role had already executed.
         To fix this, please change the order of roles in your plabook,
         so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
-    when: "matrix_nginx_proxy_role_executed"
+    when: matrix_nginx_proxy_role_executed|bool
 
   - name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
     set_fact:

roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}"
-  when: "matrix_mautrix_whatsapp_enabled"
+  when: matrix_mautrix_whatsapp_enabled|bool

roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml

@@ -11,6 +11,7 @@
 - name: Ensure Mautrix Whatsapp image is pulled
   docker_image:
     name: "{{ matrix_mautrix_whatsapp_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
 
 - name: Ensure Mautrix Whatsapp base directory exists
   file:

roles/matrix-common-after/tasks/main.yml

@@ -1,9 +1,9 @@
 - import_tasks: "{{ role_path }}/tasks/start.yml"
-  when: run_start
+  when: run_start|bool
   tags:
     - start
 
 - import_tasks: "{{ role_path }}/tasks/stop.yml"
-  when: run_stop
+  when: run_stop|bool
   tags:
     - stop

roles/matrix-corporal/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}"
-  when: "matrix_corporal_enabled"
+  when: matrix_corporal_enabled|bool

roles/matrix-corporal/tasks/main.yml

@@ -3,13 +3,13 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_corporal_enabled"
+  when: "run_setup|bool and matrix_corporal_enabled|bool"
   tags:
     - setup-all
     - setup-corporal
 
 - import_tasks: "{{ role_path }}/tasks/setup_corporal.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-corporal
@@ -17,6 +17,6 @@
 - import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml"
   delegate_to: 127.0.0.1
   become: false
-  when: "run_self_check and matrix_corporal_enabled"
+  when: "run_self_check|bool and matrix_corporal_enabled|bool"
   tags:
-    - self-check
+    - self-check

roles/matrix-corporal/tasks/setup_corporal.yml

@@ -15,19 +15,20 @@
     - "{{ matrix_corporal_config_dir_path }}"
     - "{{ matrix_corporal_cache_dir_path }}"
     - "{{ matrix_corporal_var_dir_path }}"
-  when: "matrix_corporal_enabled"
+  when: matrix_corporal_enabled|bool
 
 - name: Ensure Matrix Corporal Docker image is pulled
   docker_image:
     name: "{{ matrix_corporal_docker_image }}"
-  when: "matrix_corporal_enabled"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_corporal_enabled|bool
 
 - name: Ensure Matrix Corporal config installed
   template:
     src: "{{ role_path }}/templates/config.json.j2"
     dest: "{{ matrix_corporal_config_dir_path }}/config.json"
     mode: 0644
-  when: "matrix_corporal_enabled"
+  when: matrix_corporal_enabled|bool
 
 - name: Ensure matrix-corporal.service installed
   template:
@@ -35,12 +36,12 @@
     dest: "/etc/systemd/system/matrix-corporal.service"
     mode: 0644
   register: matrix_corporal_systemd_service_result
-  when: "matrix_corporal_enabled"
+  when: matrix_corporal_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-corporal.service installation
   service:
     daemon_reload: yes
-  when: "matrix_corporal_enabled and matrix_corporal_systemd_service_result.changed"
+  when: "matrix_corporal_enabled|bool and matrix_corporal_systemd_service_result.changed"
 
 
 #
@@ -51,7 +52,7 @@
   stat:
     path: "/etc/systemd/system/matrix-corporal.service"
   register: matrix_corporal_service_stat
-  when: "not matrix_corporal_enabled"
+  when: "not matrix_corporal_enabled|bool"
 
 - name: Ensure matrix-corporal is stopped
   service:
@@ -59,18 +60,18 @@
     state: stopped
     daemon_reload: yes
   register: stopping_result
-  when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
+  when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
 
 - name: Ensure matrix-corporal.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-corporal.service"
     state: absent
-  when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
+  when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-corporal.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists"
+  when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
 
 - name: Ensure matrix-corporal files don't exist
   file:
@@ -79,10 +80,10 @@
   with_items:
     - /etc/systemd/system/matrix-corporal.service
     - "{{ matrix_corporal_config_dir_path }}/config.json"
-  when: "not matrix_corporal_enabled"
+  when: "not matrix_corporal_enabled|bool"
 
 - name: Ensure Matrix Corporal Docker image doesn't exist
   docker_image:
     name: "{{ matrix_corporal_docker_image }}"
     state: absent
-  when: "not matrix_corporal_enabled"
+  when: "not matrix_corporal_enabled|bool"

roles/matrix-corporal/tasks/validate_config.yml

@@ -14,4 +14,4 @@
 - name: Fail if HTTP API enabled, but no token set
   fail:
     msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`"
-  when: "matrix_corporal_http_api_enabled and matrix_corporal_http_api_auth_token == ''"
+  when: "matrix_corporal_http_api_enabled|bool and matrix_corporal_http_api_auth_token == ''"

roles/matrix-coturn/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}"
-  when: "matrix_coturn_enabled"
+  when: matrix_coturn_enabled|bool

roles/matrix-coturn/tasks/main.yml

@@ -3,13 +3,13 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_coturn_enabled"
+  when: "run_setup|bool and matrix_coturn_enabled|bool"
   tags:
     - setup-all
     - setup-coturn
 
 - import_tasks: "{{ role_path }}/tasks/setup_coturn.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
-    - setup-coturn
+    - setup-coturn

roles/matrix-coturn/tasks/setup_coturn.yml

@@ -7,7 +7,8 @@
 - name: Ensure Coturn image is pulled
   docker_image:
     name: "{{ matrix_coturn_docker_image }}"
-  when: matrix_coturn_enabled
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_coturn_enabled|bool
 
 - name: Ensure Coturn configuration path exists
   file:
@@ -16,14 +17,14 @@
     mode: 0750
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
-  when: matrix_coturn_enabled
+  when: matrix_coturn_enabled|bool
 
 - name: Ensure turnserver.conf installed
   template:
     src: "{{ role_path }}/templates/turnserver.conf.j2"
     dest: "{{ matrix_coturn_config_path }}"
     mode: 0644
-  when: matrix_coturn_enabled
+  when: matrix_coturn_enabled|bool
 
 # `docker_network` doesn't work as expected when the given network
 # is a substring of a network that already exists.
@@ -34,12 +35,12 @@
     cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'"
   register: matrix_coturn_result_docker_network
   changed_when: false
-  when: matrix_coturn_enabled
+  when: matrix_coturn_enabled|bool
 
 - name: Create Coturn network in Docker
   shell:
     cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}"
-  when: "matrix_coturn_enabled and matrix_coturn_result_docker_network.stdout == ''"
+  when: "matrix_coturn_enabled|bool and matrix_coturn_result_docker_network.stdout == ''"
 
 - name: Ensure matrix-coturn.service installed
   template:
@@ -47,12 +48,12 @@
     dest: "/etc/systemd/system/matrix-coturn.service"
     mode: 0644
   register: matrix_coturn_systemd_service_result
-  when: matrix_coturn_enabled
+  when: matrix_coturn_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-coturn.service installation
   service:
     daemon_reload: yes
-  when: "matrix_coturn_enabled and matrix_coturn_systemd_service_result.changed"
+  when: "matrix_coturn_enabled|bool and matrix_coturn_systemd_service_result.changed"
 
 # This may be unnecessary when more long-lived certificates are used.
 # We optimize for the common use-case though (short-lived Let's Encrypt certificates).
@@ -63,11 +64,11 @@
     cron_file: matrix-coturn-ssl-reload
     name: matrix-coturn-ssl-reload
     state: present
-    hour: 4
-    minute: 20
+    hour: "4"
+    minute: "20"
     day: "*/5"
     job: /bin/systemctl reload matrix-coturn.service
-  when: matrix_coturn_enabled and matrix_coturn_tls_enabled
+  when: "matrix_coturn_enabled|bool and matrix_coturn_tls_enabled|bool"
 
 
 #
@@ -79,13 +80,13 @@
     user: root
     cron_file: matrix-coturn-ssl-reload
     state: absent
-  when: "not matrix_coturn_enabled or not matrix_coturn_tls_enabled"
+  when: "not matrix_coturn_enabled|bool or not matrix_coturn_tls_enabled|bool"
 
 - name: Check existence of matrix-coturn service
   stat:
     path: "/etc/systemd/system/matrix-coturn.service"
   register: matrix_coturn_service_stat
-  when: "not matrix_coturn_enabled"
+  when: "not matrix_coturn_enabled|bool"
 
 - name: Ensure matrix-coturn is stopped
   service:
@@ -93,27 +94,27 @@
     state: stopped
     daemon_reload: yes
   register: stopping_result
-  when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
+  when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
 
 - name: Ensure matrix-coturn.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-coturn.service"
     state: absent
-  when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
+  when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-coturn.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists"
+  when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
 
 - name: Ensure Matrix coturn paths don't exist
   file:
     path: "{{ matrix_coturn_base_path }}"
     state: absent
-  when: "not matrix_coturn_enabled"
+  when: "not matrix_coturn_enabled|bool"
 
 - name: Ensure coturn Docker image doesn't exist
   docker_image:
     name: "{{ matrix_coturn_docker_image }}"
     state: absent
-  when: "not matrix_coturn_enabled"
+  when: "not matrix_coturn_enabled|bool"

roles/matrix-dimension/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}"
-  when: "matrix_dimension_enabled"
+  when: matrix_dimension_enabled|bool

roles/matrix-dimension/tasks/main.yml

@@ -3,13 +3,13 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-dimension
 
 - import_tasks: "{{ role_path }}/tasks/setup_dimension.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
-    - setup-dimension
+    - setup-dimension

roles/matrix-dimension/tasks/setup_dimension.yml

@@ -11,7 +11,7 @@
     mode: 0770
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_dimension_user_gid }}"
-  when: matrix_dimension_enabled
+  when: matrix_dimension_enabled|bool
 
 - name: Ensure Dimension config installed
   copy:
@@ -20,12 +20,13 @@
     mode: 0640
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_dimension_user_gid }}"
-  when: matrix_dimension_enabled
+  when: matrix_dimension_enabled|bool
 
 - name: Ensure Dimension image is pulled
   docker_image:
     name: "{{ matrix_dimension_docker_image }}"
-  when: matrix_dimension_enabled
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_dimension_enabled|bool
 
 - name: Ensure matrix-dimension.service installed
   template:
@@ -33,12 +34,12 @@
     dest: "/etc/systemd/system/matrix-dimension.service"
     mode: 0644
   register: matrix_dimension_systemd_service_result
-  when: matrix_dimension_enabled
+  when: matrix_dimension_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-dimension.service installation
   service:
     daemon_reload: yes
-  when: "matrix_dimension_enabled and matrix_dimension_systemd_service_result.changed"
+  when: "matrix_dimension_enabled|bool and matrix_dimension_systemd_service_result.changed"
 
 #
 # Tasks related to getting rid of the dimension (if it was previously enabled)
@@ -48,7 +49,7 @@
   stat:
     path: "/etc/systemd/system/matrix-dimension.service"
   register: matrix_dimension_service_stat
-  when: not matrix_dimension_enabled
+  when: "not matrix_dimension_enabled|bool"
 
 - name: Ensure matrix-dimension is stopped
   service:
@@ -56,27 +57,27 @@
     state: stopped
     daemon_reload: yes
   register: stopping_result
-  when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
+  when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
 
 - name: Ensure matrix-dimension.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-dimension.service"
     state: absent
-  when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
+  when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-dimension.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists"
+  when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
 
 - name: Ensure Dimension environment variables path doesn't exist
   file:
     path: "{{ matrix_dimension_base_path }}"
     state: absent
-  when: "not matrix_dimension_enabled"
+  when: "not matrix_dimension_enabled|bool"
 
 - name: Ensure Dimension Docker image doesn't exist
   docker_image:
     name: "{{ matrix_dimension_docker_image }}"
     state: absent
-  when: "not matrix_dimension_enabled"
+  when: "not matrix_dimension_enabled|bool"

roles/matrix-dimension/tasks/validate_config.yml

@@ -12,4 +12,4 @@
       You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'.
   with_items:
     - "matrix_synapse_federation_enabled"
-  when: "matrix_dimension_enabled and matrix_synapse_federation_enabled == false"
+  when: "matrix_dimension_enabled|bool and not matrix_synapse_federation_enabled|bool"

roles/matrix-mailer/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}"
-  when: "matrix_mailer_enabled"
+  when: matrix_mailer_enabled|bool

roles/matrix-mailer/tasks/main.yml

@@ -3,7 +3,7 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/setup_mailer.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
-    - setup-mailer
+    - setup-mailer

roles/matrix-mailer/tasks/setup_mailer.yml

@@ -11,19 +11,20 @@
     mode: 0750
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
-  when: matrix_mailer_enabled
+  when: matrix_mailer_enabled|bool
 
 - name: Ensure mailer environment variables file created
   template:
     src: "{{ role_path }}/templates/env-mailer.j2"
     dest: "{{ matrix_mailer_base_path }}/env-mailer"
     mode: 0640
-  when: matrix_mailer_enabled
+  when: matrix_mailer_enabled|bool
 
 - name: Ensure mailer image is pulled
   docker_image:
     name: "{{ matrix_mailer_docker_image }}"
-  when: matrix_mailer_enabled
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_mailer_enabled|bool
 
 - name: Ensure matrix-mailer.service installed
   template:
@@ -31,12 +32,12 @@
     dest: "/etc/systemd/system/matrix-mailer.service"
     mode: 0644
   register: matrix_mailer_systemd_service_result
-  when: matrix_mailer_enabled
+  when: matrix_mailer_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-mailer.service installation
   service:
     daemon_reload: yes
-  when: "matrix_mailer_enabled and matrix_mailer_systemd_service_result.changed"
+  when: "matrix_mailer_enabled|bool and matrix_mailer_systemd_service_result.changed"
 
 #
 # Tasks related to getting rid of the mailer (if it was previously enabled)
@@ -46,7 +47,7 @@
   stat:
     path: "/etc/systemd/system/matrix-mailer.service"
   register: matrix_mailer_service_stat
-  when: "not matrix_mailer_enabled"
+  when: "not matrix_mailer_enabled|bool"
 
 - name: Ensure matrix-mailer is stopped
   service:
@@ -54,27 +55,27 @@
     state: stopped
     daemon_reload: yes
   register: stopping_result
-  when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
+  when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
 
 - name: Ensure matrix-mailer.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-mailer.service"
     state: absent
-  when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
+  when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-mailer.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists"
+  when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
 
 - name: Ensure Matrix mailer environment variables path doesn't exist
   file:
     path: "{{ matrix_mailer_base_path }}"
     state: absent
-  when: "not matrix_mailer_enabled"
+  when: "not matrix_mailer_enabled|bool"
 
 - name: Ensure mailer Docker image doesn't exist
   docker_image:
     name: "{{ matrix_mailer_docker_image }}"
     state: absent
-  when: "not matrix_mailer_enabled"
+  when: "not matrix_mailer_enabled|bool"

roles/matrix-mxisd/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}"
-  when: "matrix_mxisd_enabled"
+  when: matrix_mxisd_enabled|bool

roles/matrix-mxisd/tasks/main.yml

@@ -3,7 +3,7 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_mxisd_enabled"
+  when: "run_setup|bool and matrix_mxisd_enabled|bool"
   tags:
     - setup-all
     - setup-mxisd
@@ -16,6 +16,6 @@
 - import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml"
   delegate_to: 127.0.0.1
   become: false
-  when: "run_self_check and matrix_mxisd_enabled"
+  when: "run_self_check|bool and matrix_mxisd_enabled|bool"
   tags:
     - self-check

roles/matrix-mxisd/tasks/setup_mxisd.yml

@@ -14,12 +14,13 @@
   with_items:
     - "{{ matrix_mxisd_config_path }}"
     - "{{ matrix_mxisd_data_path }}"
-  when: matrix_mxisd_enabled
+  when: matrix_mxisd_enabled|bool
 
 - name: Ensure mxisd image is pulled
   docker_image:
     name: "{{ matrix_mxisd_docker_image }}"
-  when: matrix_mxisd_enabled
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_mxisd_enabled|bool
 
 - name: Ensure mxisd config installed
   copy:
@@ -28,7 +29,7 @@
     mode: 0644
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
-  when: matrix_mxisd_enabled
+  when: matrix_mxisd_enabled|bool
 
 - name: Ensure custom templates are installed if any
   copy:
@@ -42,7 +43,7 @@
     - {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
     - {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'}
     - {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
-  when: matrix_mxisd_enabled and matrix_mxisd_threepid_medium_email_custom_templates_enabled and item.value
+  when: "matrix_mxisd_enabled|bool and matrix_mxisd_threepid_medium_email_custom_templates_enabled|bool and item.value"
 
 - name: Ensure matrix-mxisd.service installed
   template:
@@ -50,12 +51,12 @@
     dest: "/etc/systemd/system/matrix-mxisd.service"
     mode: 0644
   register: matrix_mxisd_systemd_service_result
-  when: matrix_mxisd_enabled
+  when: matrix_mxisd_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-mxisd.service installation
   service:
     daemon_reload: yes
-  when: "matrix_mxisd_enabled and matrix_mxisd_systemd_service_result.changed"
+  when: "matrix_mxisd_enabled|bool and matrix_mxisd_systemd_service_result.changed"
 
 #
 # Tasks related to getting rid of mxisd (if it was previously enabled)
@@ -72,27 +73,27 @@
     state: stopped
     daemon_reload: yes
   register: stopping_result
-  when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
+  when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
 
 - name: Ensure matrix-mxisd.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-mxisd.service"
     state: absent
-  when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
+  when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-mxisd.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists"
+  when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
 
 - name: Ensure Matrix mxisd paths don't exist
   file:
     path: "{{ matrix_mxisd_base_path }}"
     state: absent
-  when: "not matrix_mxisd_enabled"
+  when: "not matrix_mxisd_enabled|bool"
 
 - name: Ensure mxisd Docker image doesn't exist
   docker_image:
     name: "{{ matrix_mxisd_docker_image }}"
     state: absent
-  when: "not matrix_mxisd_enabled"
+  when: "not matrix_mxisd_enabled|bool"

roles/matrix-nginx-proxy/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}"
-  when: "matrix_nginx_proxy_enabled"
+  when: matrix_nginx_proxy_enabled|bool

roles/matrix-nginx-proxy/tasks/main.yml

@@ -6,20 +6,20 @@
 # This role performs actions even if the role is disabled, so we need
 # to ensure there's a valid configuration in any case.
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-nginx-proxy
 
 - import_tasks: "{{ role_path }}/tasks/ssl/main.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-nginx-proxy
     - setup-ssl
 
 - import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-nginx-proxy
@@ -27,7 +27,7 @@
 - import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"
   delegate_to: 127.0.0.1
   become: false
-  when: run_self_check
+  when: run_self_check|bool
   tags:
     - self-check
 

roles/matrix-nginx-proxy/tasks/self_check_well_known.yml

@@ -21,7 +21,7 @@
     - name: Determine domains that we require certificates for (mxisd)
       set_fact:
         well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
-  when: "matrix_well_known_matrix_server_enabled"
+  when: matrix_well_known_matrix_server_enabled|bool
 
 - name: Perform well-known checks
   include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"

roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml

@@ -27,7 +27,7 @@
     src: "{{ role_path }}/templates/nginx/nginx.conf.j2"
     dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
     mode: 0644
-  when: "matrix_nginx_proxy_enabled"
+  when: matrix_nginx_proxy_enabled|bool
 
 - name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI)
   template:
@@ -36,35 +36,35 @@
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
     mode: 0400
-  when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled and matrix_nginx_proxy_proxy_synapse_metrics"
+  when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool"
 
 - name: Ensure Matrix nginx-proxy configured (generic)
   template:
     src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2"
     dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf"
     mode: 0644
-  when: "matrix_nginx_proxy_enabled"
+  when: matrix_nginx_proxy_enabled|bool
 
 - name: Ensure Matrix nginx-proxy configuration for matrix domain exists
   template:
     src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2"
     dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
     mode: 0644
-  when: "matrix_nginx_proxy_proxy_matrix_enabled"
+  when: matrix_nginx_proxy_proxy_matrix_enabled|bool
 
 - name: Ensure Matrix nginx-proxy configuration for riot domain exists
   template:
     src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2"
     dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
     mode: 0644
-  when: "matrix_nginx_proxy_proxy_riot_enabled"
+  when: matrix_nginx_proxy_proxy_riot_enabled|bool
 
 - name: Ensure Matrix nginx-proxy configuration for dimension domain exists
   template:
     src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2"
     dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
     mode: 0644
-  when: "matrix_nginx_proxy_proxy_dimension_enabled"
+  when: matrix_nginx_proxy_proxy_dimension_enabled|bool
 
 - name: Ensure Matrix nginx-proxy data directory for base domain exists
   file:
@@ -73,7 +73,7 @@
     mode: 0750
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
-  when: "matrix_nginx_proxy_base_domain_serving_enabled"
+  when: matrix_nginx_proxy_base_domain_serving_enabled|bool
 
 - name: Ensure Matrix nginx-proxy homepage for base domain exists
   copy:
@@ -82,14 +82,14 @@
     mode: 0644
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
-  when: "matrix_nginx_proxy_base_domain_serving_enabled"
+  when: matrix_nginx_proxy_base_domain_serving_enabled|bool
 
 - name: Ensure Matrix nginx-proxy configuration for base domain exists
   template:
     src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2"
     dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
     mode: 0644
-  when: "matrix_nginx_proxy_base_domain_serving_enabled"
+  when: matrix_nginx_proxy_base_domain_serving_enabled|bool
 
 #
 # Tasks related to setting up matrix-nginx-proxy
@@ -97,7 +97,8 @@
 - name: Ensure nginx Docker image is pulled
   docker_image:
     name: "{{ matrix_nginx_proxy_docker_image }}"
-  when: matrix_nginx_proxy_enabled
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_nginx_proxy_enabled|bool
 
 - name: Ensure matrix-nginx-proxy.service installed
   template:
@@ -105,7 +106,7 @@
     dest: "/etc/systemd/system/matrix-nginx-proxy.service"
     mode: 0644
   register: matrix_nginx_proxy_systemd_service_result
-  when: matrix_nginx_proxy_enabled
+  when: matrix_nginx_proxy_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-nginx-proxy.service installation
   service:
@@ -121,7 +122,7 @@
   stat:
     path: "/etc/systemd/system/matrix-nginx-proxy.service"
   register: matrix_nginx_proxy_service_stat
-  when: "not matrix_nginx_proxy_enabled"
+  when: "not matrix_nginx_proxy_enabled|bool"
 
 - name: Ensure matrix-nginx-proxy is stopped
   service:
@@ -129,57 +130,57 @@
     state: stopped
     daemon_reload: yes
   register: stopping_result
-  when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
+  when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
 
 - name: Ensure matrix-nginx-proxy.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-nginx-proxy.service"
     state: absent
-  when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
+  when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-nginx-proxy.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists"
+  when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
 
 - name: Ensure Matrix nginx-proxy configuration for matrix domain deleted
   file:
     path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
     state: absent
-  when: "not matrix_nginx_proxy_proxy_matrix_enabled"
+  when: "not matrix_nginx_proxy_proxy_matrix_enabled|bool"
 
 - name: Ensure Matrix nginx-proxy configuration for riot domain deleted
   file:
     path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
     state: absent
-  when: "not matrix_nginx_proxy_proxy_riot_enabled"
+  when: "not matrix_nginx_proxy_proxy_riot_enabled|bool"
 
 - name: Ensure Matrix nginx-proxy configuration for dimension domain deleted
   file:
     path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
     state: absent
-  when: "not matrix_nginx_proxy_proxy_dimension_enabled"
+  when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool"
 
 - name: Ensure Matrix nginx-proxy homepage for base domain deleted
   file:
     path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
     state: absent
-  when: "not matrix_nginx_proxy_base_domain_serving_enabled"
+  when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
 
 - name: Ensure Matrix nginx-proxy configuration for base domain deleted
   file:
     path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
     state: absent
-  when: "not matrix_nginx_proxy_base_domain_serving_enabled"
+  when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
 
 - name: Ensure Matrix nginx-proxy configuration for main config override deleted
   file:
     path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
     state: absent
-  when: "not matrix_nginx_proxy_enabled"
+  when: "not matrix_nginx_proxy_enabled|bool"
 
 - name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI)
   file:
     path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd"
     state: absent
-  when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled or not matrix_nginx_proxy_proxy_synapse_metrics"
+  when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool or not matrix_nginx_proxy_proxy_synapse_metrics|bool"

roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml

@@ -36,6 +36,7 @@
 - name: Ensure certbot Docker image is pulled
   docker_image:
     name: "{{ matrix_ssl_lets_encrypt_certbot_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
   when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
 
 - name: Obtain Let's Encrypt certificates
@@ -67,8 +68,8 @@
       cron_file: matrix-ssl-lets-encrypt
       name: matrix-ssl-lets-encrypt-certificates-renew
       state: present
-      hour: 4
-      minute: 15
+      hour: "4"
+      minute: "15"
       day: "*"
       job: /usr/local/bin/matrix-ssl-lets-encrypt-certificates-renew
 
@@ -78,11 +79,11 @@
       cron_file: matrix-ssl-lets-encrypt
       name: matrix-nginx-proxy-reload
       state: present
-      hour: 5
-      minute: 20
+      hour: "5"
+      minute: "20"
       day: "*"
       job: /bin/systemctl reload matrix-nginx-proxy.service
-    when: matrix_nginx_proxy_enabled
+    when: matrix_nginx_proxy_enabled|bool
   when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
 
 
@@ -98,7 +99,7 @@
     cron_file: matrix-ssl-lets-encrypt
     name: matrix-nginx-proxy-reload
     state: absent
-  when: "not matrix_nginx_proxy_enabled"
+  when: "not matrix_nginx_proxy_enabled|bool"
 
 # When Let's Encrypt is not used at all, remove all cronjobs in that cron file.
 - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed

roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml

@@ -35,7 +35,7 @@
     --agree-tos
     --email={{ matrix_ssl_lets_encrypt_support_email }}
     -d {{ domain_name }}
-  when: "domain_name_needs_cert"
+  when: domain_name_needs_cert|bool
   register: result_certbot_direct
   ignore_errors: true
 

roles/matrix-postgres/tasks/import_postgres.yml

@@ -5,7 +5,7 @@
 - name: Fail if Postgres not enabled
   fail:
     msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
-  when: "not matrix_postgres_enabled"
+  when: "not matrix_postgres_enabled|bool"
 
 - name: Fail if playbook called incorrectly
   fail:
@@ -20,7 +20,7 @@
 - name: Fail if provided Postgres dump file doesn't exists
   fail:
     msg: "File cannot be found on the server at {{ server_path_postgres_dump }}"
-  when: not result_server_path_postgres_dump_stat.stat.exists
+  when: "not result_server_path_postgres_dump_stat.stat.exists"
 
 
 # Defaults
@@ -54,7 +54,7 @@
 - name: Abort, if no existing Postgres version detected
   fail:
     msg: "Could not find existing Postgres installation"
-  when: "not matrix_postgres_detected_existing"
+  when: "not matrix_postgres_detected_existing|bool"
 
 - name: Generate Postgres database import command
   set_fact:

roles/matrix-postgres/tasks/import_sqlite_db.yml

@@ -5,7 +5,7 @@
 - name: Fail if Postgres not enabled
   fail:
     msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
-  when: "not matrix_postgres_enabled"
+  when: "not matrix_postgres_enabled|bool"
 
 - name: Fail if playbook called incorrectly
   fail:
@@ -20,7 +20,7 @@
 - name: Fail if provided SQLite homeserver.db file doesn't exist
   fail:
     msg: "File cannot be found on the server at {{ server_path_homeserver_db }}"
-  when: not result_server_path_homeserver_db_stat.stat.exists
+  when: "not result_server_path_homeserver_db_stat.stat.exists"
 
 
 # Defaults

roles/matrix-postgres/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}"
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool

roles/matrix-postgres/tasks/main.yml

@@ -3,28 +3,28 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_postgres_enabled"
+  when: "run_setup|bool and matrix_postgres_enabled|bool"
   tags:
     - setup-all
     - setup-postgres
 
 - import_tasks: "{{ role_path }}/tasks/setup_postgres.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-postgres
 
 - import_tasks: "{{ role_path }}/tasks/import_postgres.yml"
-  when: run_import_postgres
+  when: run_import_postgres|bool
   tags:
     - import-postgres
 
 - import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml"
-  when: run_import_sqlite_db
+  when: run_import_sqlite_db|bool
   tags:
     - import-sqlite-db
 
 - import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml"
-  when: run_upgrade_postgres
+  when: run_upgrade_postgres|bool
   tags:
     - upgrade-postgres

roles/matrix-postgres/tasks/setup_postgres.yml

@@ -5,10 +5,10 @@
 #
 
 - import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml"
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 - import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml"
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 # If we have found an existing version (installed from before), we use its corresponding Docker image.
 # If not, we install using the latest Postgres.
@@ -16,18 +16,19 @@
 # Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
 - set_fact:
     matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 - name: Warn if on an old version of Postgres
   debug:
     msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres"
-  when: "matrix_postgres_enabled and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
+  when: "matrix_postgres_enabled|bool and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
 
 # Even if we don't run the internal server, we still need this for running the CLI
 - name: Ensure postgres Docker image is pulled
   docker_image:
     name: "{{ matrix_postgres_docker_image_to_use }}"
-  when: matrix_postgres_enabled
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_postgres_enabled|bool
 
 # We always create these directories, even if an external Postgres is used,
 # because we store environment variable files there.
@@ -41,7 +42,7 @@
   with_items:
     - "{{ matrix_postgres_base_path }}"
     - "{{ matrix_postgres_data_path }}"
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 - name: Ensure Postgres environment variables file created
   template:
@@ -51,21 +52,21 @@
   with_items:
     - "env-postgres-psql"
     - "env-postgres-server"
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 - name: Ensure matrix-postgres-cli script created
   template:
     src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
     dest: "/usr/local/bin/matrix-postgres-cli"
     mode: 0750
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 - name: Ensure matrix-make-user-admin script created
   template:
     src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2"
     dest: "/usr/local/bin/matrix-make-user-admin"
     mode: 0750
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 #
 # Tasks related to setting up an internal postgres server
@@ -77,12 +78,12 @@
     dest: "/etc/systemd/system/matrix-postgres.service"
     mode: 0644
   register: matrix_postgres_systemd_service_result
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-postgres.service installation
   service:
     daemon_reload: yes
-  when: "matrix_postgres_enabled and matrix_postgres_systemd_service_result.changed"
+  when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
 
 #
 # Tasks related to getting rid of the internal postgres server (if it was previously enabled)
@@ -92,41 +93,41 @@
   stat:
     path: "/etc/systemd/system/matrix-postgres.service"
   register: matrix_postgres_service_stat
-  when: "not matrix_postgres_enabled"
+  when: "not matrix_postgres_enabled|bool"
 
 - name: Ensure matrix-postgres is stopped
   service:
     name: matrix-postgres
     state: stopped
     daemon_reload: yes
-  when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
+  when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
 
 - name: Ensure matrix-postgres.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-postgres.service"
     state: absent
-  when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
+  when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-postgres.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists"
+  when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
 
 - name: Check existence of matrix-postgres local data path
   stat:
     path: "{{ matrix_postgres_data_path }}"
   register: matrix_postgres_data_path_stat
-  when: "not matrix_postgres_enabled"
+  when: "not matrix_postgres_enabled|bool"
 
 # We just want to notify the user. Deleting data is too destructive.
 - name: Notify if matrix-postgres local data remains
   debug:
     msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
-  when: "not matrix_postgres_enabled and matrix_postgres_data_path_stat.stat.exists"
+  when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
 
 - name: Ensure matrix-postgres-update-user-password-hash script created
   template:
     src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
     dest: "/usr/local/bin/matrix-postgres-update-user-password-hash"
     mode: 0750
-  when: matrix_postgres_enabled
+  when: matrix_postgres_enabled|bool

roles/matrix-postgres/tasks/upgrade_postgres.yml

@@ -23,7 +23,7 @@
 - name: Fail, if trying to upgrade external Postgres database
   fail:
     msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade."
-  when: "not matrix_postgres_enabled"
+  when: "not matrix_postgres_enabled|bool"
 
 - name: Check Postgres auto-upgrade backup data directory
   stat:
@@ -40,7 +40,7 @@
 - name: Abort, if no existing Postgres version detected
   fail:
     msg: "Could not find existing Postgres installation"
-  when: "not matrix_postgres_detected_existing"
+  when: "not matrix_postgres_detected_existing|bool"
 
 - name: Abort, if already at latest Postgres version
   fail:

roles/matrix-postgres/tasks/util/detect_existing_postgres_version.yml

@@ -23,12 +23,12 @@
   slurp:
     src: "{{ matrix_postgres_detection_pg_version_path }}"
   register: result_pg_version
-  when: "matrix_postgres_detected_existing"
+  when: matrix_postgres_detected_existing|bool
 
 - name: Determine existing Postgres version (make sense of PG_VERSION file)
   set_fact:
     matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}"
-  when: "matrix_postgres_detected_existing"
+  when: matrix_postgres_detected_existing|bool
 
 - name: Determine corresponding Docker image to detected version (assume default of latest)
   set_fact:
@@ -43,4 +43,4 @@
 - name: Determine corresponding Docker image to detected version (use 10.x, if detected)
   set_fact:
     matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v10 }}"
-  when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"
+  when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"

roles/matrix-riot-web/tasks/init.yml

@@ -1,3 +1,3 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
-  when: matrix_riot_web_enabled
+  when: matrix_riot_web_enabled|bool

roles/matrix-riot-web/tasks/main.yml

@@ -3,13 +3,13 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: "run_setup and matrix_riot_web_enabled"
+  when: "run_setup|bool and matrix_riot_web_enabled|bool"
   tags:
     - setup-all
     - setup-riot-web
 
 - import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-riot-web
@@ -17,6 +17,6 @@
 - import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml"
   delegate_to: 127.0.0.1
   become: false
-  when: "run_self_check and matrix_riot_web_enabled"
+  when: "run_self_check|bool and matrix_riot_web_enabled|bool"
   tags:
-    - self-check
+    - self-check

roles/matrix-riot-web/tasks/setup_riot_web.yml

@@ -11,12 +11,13 @@
     mode: 0750
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
-  when: matrix_riot_web_enabled
+  when: matrix_riot_web_enabled|bool
 
 - name: Ensure riot-web Docker image is pulled
   docker_image:
     name: "{{ matrix_riot_web_docker_image }}"
-  when: matrix_riot_web_enabled
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+  when: matrix_riot_web_enabled|bool
 
 - name: Ensure Matrix riot-web config files installed
   template:
@@ -30,7 +31,7 @@
     - {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
     - {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
     - {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
-  when: "matrix_riot_web_enabled and item.src is not none"
+  when: "matrix_riot_web_enabled|bool and item.src is not none"
 
 - name: Ensure Matrix riot-web config files removed
   file:
@@ -38,7 +39,7 @@
     state: absent
   with_items:
     - {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
-  when: "matrix_riot_web_enabled and item.src is none"
+  when: "matrix_riot_web_enabled|bool and item.src is none"
 
 - name: Ensure matrix-riot-web.service installed
   template:
@@ -46,7 +47,7 @@
     dest: "/etc/systemd/system/matrix-riot-web.service"
     mode: 0644
   register: matrix_riot_web_systemd_service_result
-  when: matrix_riot_web_enabled
+  when: matrix_riot_web_enabled|bool
 
 - name: Ensure systemd reloaded after matrix-riot-web.service installation
   service:
@@ -61,7 +62,7 @@
   stat:
     path: "/etc/systemd/system/matrix-riot-web.service"
   register: matrix_riot_web_service_stat
-  when: "not matrix_riot_web_enabled"
+  when: "not matrix_riot_web_enabled|bool"
 
 - name: Ensure matrix-riot-web is stopped
   service:
@@ -69,27 +70,27 @@
     state: stopped
     daemon_reload: yes
   register: stopping_result
-  when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
+  when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
 
 - name: Ensure matrix-riot-web.service doesn't exist
   file:
     path: "/etc/systemd/system/matrix-riot-web.service"
     state: absent
-  when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
+  when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
 
 - name: Ensure systemd reloaded after matrix-riot-web.service removal
   service:
     daemon_reload: yes
-  when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists"
+  when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
 
 - name: Ensure Matrix riot-web paths doesn't exist
   file:
     path: "{{ matrix_riot_web_data_path }}"
     state: absent
-  when: "not matrix_riot_web_enabled"
+  when: "not matrix_riot_web_enabled|bool"
 
 - name: Ensure riot-web Docker image doesn't exist
   docker_image:
     name: "{{ matrix_riot_web_docker_image }}"
     state: absent
-  when: "not matrix_riot_web_enabled"
+  when: "not matrix_riot_web_enabled|bool"

roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml

@@ -1,11 +1,10 @@
 - set_fact:
     matrix_synapse_password_providers_enabled: true
-  when: "matrix_synapse_ext_password_provider_ldap_enabled"
+  when: matrix_synapse_ext_password_provider_ldap_enabled|bool
 
 - set_fact:
     matrix_synapse_additional_loggers: >
       {{ matrix_synapse_additional_loggers }}
       +
       {{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
-  when: "matrix_synapse_ext_password_provider_ldap_enabled"
-
+  when: matrix_synapse_ext_password_provider_ldap_enabled|bool

roles/matrix-synapse/tasks/ext/rest-auth/setup.yml

@@ -1,7 +1,7 @@
 ---
 
 - import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml"
-  when: matrix_synapse_ext_password_provider_rest_auth_enabled
+  when: matrix_synapse_ext_password_provider_rest_auth_enabled|bool
 
 - import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml"
-  when: "not matrix_synapse_ext_password_provider_rest_auth_enabled"
+  when: "not matrix_synapse_ext_password_provider_rest_auth_enabled|bool"

roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml

@@ -1,7 +1,7 @@
 ---
 
 - import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml"
-  when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled
+  when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool
 
 - import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml"
-  when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled"
+  when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool"

roles/matrix-synapse/tasks/goofys/setup.yml

@@ -1,7 +1,7 @@
 ---
 
 - import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml"
-  when: matrix_s3_media_store_enabled
+  when: matrix_s3_media_store_enabled|bool
 
 - import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml"
-  when: "not matrix_s3_media_store_enabled"
+  when: "not matrix_s3_media_store_enabled|bool"

roles/matrix-synapse/tasks/goofys/setup_install.yml

@@ -1,6 +1,7 @@
 - name: Ensure Goofys Docker image is pulled
   docker_image:
     name: "{{ matrix_s3_goofys_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
 
 # This will throw a Permission Denied error if already mounted
 - name: Check Matrix Goofys external storage mountpoint path

roles/matrix-synapse/tasks/import_media_store.yml

@@ -10,7 +10,7 @@
 - name: Fail if media store is on Amazon S3
   fail:
     msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported."
-  when: "matrix_s3_media_store_enabled"
+  when: matrix_s3_media_store_enabled|bool
 
 - name: Check if the provided media store directory exists
   stat:
@@ -68,7 +68,7 @@
     owner: "{{ matrix_user_username }}"
     group: "{{ matrix_user_username }}"
     recurse: yes
-  when: "not matrix_s3_media_store_enabled"
+  when: "not matrix_s3_media_store_enabled|bool"
 
 # We don't chown for Goofys, because due to the way it's mounted,
 # all files become owned by whoever needs to own them.
@@ -78,6 +78,6 @@
     name: "{{ item }}"
     state: started
     daemon_reload: yes
-  when: stopping_result.changed
+  when: "stopping_result.changed"
   with_items:
     - matrix-synapse

roles/matrix-synapse/tasks/init.yml

@@ -1,7 +1,7 @@
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}"
-  when: matrix_synapse_enabled
+  when: matrix_synapse_enabled|bool
 
 - set_fact:
     matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}"
-  when: matrix_s3_media_store_enabled
+  when: matrix_s3_media_store_enabled|bool

roles/matrix-synapse/tasks/main.yml

@@ -3,43 +3,43 @@
     - always
 
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-synapse
 
 - import_tasks: "{{ role_path }}/tasks/setup_synapse.yml"
-  when: run_setup
+  when: run_setup|bool
   tags:
     - setup-all
     - setup-synapse
 
 - import_tasks: "{{ role_path }}/tasks/import_media_store.yml"
-  when: run_import_media_store
+  when: run_import_media_store|bool
   tags:
     - import-media-store
 
 - import_tasks: "{{ role_path }}/tasks/register_user.yml"
-  when: run_register_user
+  when: run_register_user|bool
   tags:
     - register-user
 
 - import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
   delegate_to: 127.0.0.1
   become: false
-  when: run_self_check
+  when: run_self_check|bool
   tags:
     - self-check
 
 - import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
   delegate_to: 127.0.0.1
   become: false
-  when: run_self_check
+  when: run_self_check|bool
   tags:
     - self-check
 
 - import_tasks: "{{ role_path }}/tasks/update_user_password.yml"
-  when: run_update_user_password
+  when: run_update_user_password|bool
   tags:
     - update-user-password
 

roles/matrix-synapse/tasks/register_user.yml

@@ -25,7 +25,7 @@
 - name: Wait a while, so that Synapse can manage to start
   pause:
     seconds: 7
-  when: start_result.changed
+  when: "start_result.changed"
 
 - name: Register user
   shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}"

roles/matrix-synapse/tasks/self_check_client_api.yml

@@ -7,14 +7,14 @@
     validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
   register: result_matrix_synapse_client_api
   ignore_errors: true
-  when: matrix_synapse_enabled
+  when: matrix_synapse_enabled|bool
 
 - name: Fail if Matrix Client API not working
   fail:
     msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}"
-  when: "matrix_synapse_enabled and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
+  when: "matrix_synapse_enabled|bool and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
 
 - name: Report working Matrix Client API
   debug:
     msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working"
-  when: matrix_synapse_enabled
+  when: matrix_synapse_enabled|bool

roles/matrix-synapse/tasks/self_check_federation_api.yml

@@ -7,19 +7,19 @@
     validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
   register: result_matrix_synapse_federation_api
   ignore_errors: true
-  when: matrix_synapse_enabled
+  when: matrix_synapse_enabled|bool
 
 - name: Fail if Matrix Federation API not working
   fail:
     msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
-  when: "matrix_synapse_enabled and matrix_synapse_federation_enabled and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
+  when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
 
 - name: Fail if Matrix Federation API unexpectedly enabled
   fail:
       msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
-  when: "matrix_synapse_enabled and not matrix_synapse_federation_enabled and not result_matrix_synapse_federation_api.failed"
+  when: "matrix_synapse_enabled|bool and not matrix_synapse_federation_enabled|bool and not result_matrix_synapse_federation_api.failed"
 
 - name: Report working Matrix Federation API
   debug:
     msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
-  when: "matrix_synapse_enabled and matrix_synapse_federation_enabled"
+  when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool"

roles/matrix-synapse/tasks/setup_synapse.yml

@@ -18,7 +18,7 @@
     # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
     # because if it's using Goofys and it's already mounted (from before),
     # trying to chown/chmod it here will cause trouble.
-  when: "matrix_synapse_enabled or matrix_s3_media_store_enabled"
+  when: "matrix_synapse_enabled|bool or matrix_s3_media_store_enabled|bool"
 
 - import_tasks: "{{ role_path }}/tasks/ext/setup.yml"
 

roles/matrix-synapse/tasks/synapse/setup.yml

@@ -1,7 +1,7 @@
 ---
 
 - import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml"
-  when: matrix_synapse_enabled
+  when: matrix_synapse_enabled|bool
 
 - import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml"
-  when: "not matrix_synapse_enabled"
+  when: "not matrix_synapse_enabled|bool"

roles/matrix-synapse/tasks/synapse/setup_install.yml

@@ -21,6 +21,7 @@
 - name: Ensure Synapse Docker image is pulled
   docker_image:
     name: "{{ matrix_synapse_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
 
 - name: Check if a Synapse signing key exists
   stat:
@@ -71,11 +72,10 @@
 - name: Ensure systemd reloaded after matrix-synapse.service installation
   service:
     daemon_reload: yes
-  when: matrix_synapse_systemd_service_result.changed
+  when: "matrix_synapse_systemd_service_result.changed"
 
 - name: Ensure matrix-synapse-register-user script created
   template:
     src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
     dest: "/usr/local/bin/matrix-synapse-register-user"
     mode: 0750
-

roles/matrix-synapse/tasks/update_user_password.yml

@@ -13,7 +13,7 @@
 - name: Fail if not using matrix-postgres container
   fail:
     msg: "This command is working only when matrix-postgres container is being used"
-  when: "not matrix_postgres_enabled"
+  when: "not matrix_postgres_enabled|bool"
 
 - name: Ensure matrix-synapse is started
   service:
@@ -33,12 +33,12 @@
 - name: Wait a while, so that Matrix Synapse can manage to start
   pause:
     seconds: 7
-  when: start_result.changed
+  when: "start_result.changed"
 
 - name: Wait a while, so that Matrix Postgres can manage to start
   pause:
     seconds: 7
-  when: postgres_start_result.changed
+  when: "postgres_start_result.changed"
 
 - name: Generate password hash
   shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}"

setup.yml

@@ -1,6 +1,6 @@
 ---
 - name: "Set up a Matrix server"
-  hosts: "{{ target if target is defined else 'matrix-servers' }}"
+  hosts: "{{ target if target is defined else 'matrix_servers' }}"
   become: true
 
   roles: