From cdd8dfffee328262130cdd5532197897c3a09389 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 12:22:37 +0000 Subject: [PATCH 01/30] chore(deps): update dependency etherpad to v2.1.0-0 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 716f371d0..2d3f291b7 100644 --- a/requirements.yml +++ b/requirements.yml @@ -16,7 +16,7 @@ version: 129c8590e106b83e6f4c259649a613c6279e937a name: docker_sdk_for_python - src: git+https://gitlab.com/etke.cc/roles/etherpad.git - version: v2.0.3-0 + version: v2.1.0-0 name: etherpad - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git version: v4.97.1-r0-0-2 From 70fd20cef52fdf5ef38afbce28f0bf34f5cf432f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 3 Jun 2024 21:06:19 +0300 Subject: [PATCH 02/30] Add support for WeChat bridging This is based on the PR (https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3241) by Tobias Diez (https://github.com/tobiasdiez). I've refactored some parts, made it more configurable, polished it up, and it's integrated into the playbook now. Both the WeChat bridge and WeChat agent appear to be working. The WeChat bridge joins rooms and responds as expected. That said, end-to-end testing (actually bridging to a WeChat account) has not been done yet. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/701 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3092 This is sponsored https://etke.cc/ work related to https://gitlab.com/etke.cc/ansible/-/issues/2 Squashed commit of the following: commit fdd37f02472a0b83d61b4fac80650442f90e7629 Author: Slavi Pantaleev Date: Mon Jun 3 21:05:53 2024 +0300 Add documentation for WeChat bridge commit 8426fc8b95bb160ea7f9659bd45bc59cf1326614 Author: Slavi Pantaleev Date: Mon Jun 3 20:59:42 2024 +0300 Rename directory for matrix_wechat_agent_container_src_files_path commit da200df82bbc9153d307095dd90e4769c400ea1e Author: Slavi Pantaleev Date: Mon Jun 3 20:58:26 2024 +0300 Make WeChat listen_secret configurable and auto-configured via matrix_homeserver_generic_secret_key commit 4022cb1355828ac16af7d9228cb1066962bb35f5 Author: Slavi Pantaleev Date: Mon Jun 3 20:54:56 2024 +0300 Refactor install.yml for WeChat a bit (using blocks, etc.) commit d07a39b4c4f6b93d04204e13e384086d5a242d52 Author: Slavi Pantaleev Date: Mon Jun 3 20:52:35 2024 +0300 Rename WeChat Agent configuration file This makes it more clear that it belongs to the agent. Otherwise, `config.yaml` and `configure.yaml` make you wonder. commit ccca72f8d1e602f7c42f4bd552193afa153c9b9d Author: Slavi Pantaleev Date: Mon Jun 3 20:49:06 2024 +0300 Move WeChat agent configuration to a template commit a4047d94d8877b4095712dfc76ac3082a1edca28 Author: Slavi Pantaleev Date: Mon Jun 3 20:47:17 2024 +0300 Mount WeChat config as readonly and instruct bridge to not update it commit bc0e89f345bf14bbdbfd574bb60d93918c2ac053 Author: Slavi Pantaleev Date: Mon Jun 3 20:46:33 2024 +0300 Sync WeChat config with upstream Brings up-to-date with: https://github.com/duo/matrix-wechat/commits/0.2.4/example-config.yaml commit a46f5b9cbc8bf16042685a18c77d25a606bc8232 Author: Slavi Pantaleev Date: Mon Jun 3 19:48:17 2024 +0300 Rename some files commit 3877679040cffc4ca6cccfa21a7335f8f796f06e Author: Slavi Pantaleev Date: Mon Jun 3 19:47:10 2024 +0300 Update WeChat logging config This brings it up-to-date with what mautrix-go uses. Otherwise, on startup we see: > Migrating legacy log config .. and it gets migrated to what we've done here. commit e3e95ab234651867c7a975a08455549b31db4172 Author: Slavi Pantaleev Date: Mon Jun 3 19:43:37 2024 +0300 Make sure matrix-wechat-agent runs as 1000:1000 It needs to write stuff to `/home/user/.vnc`. `/home/user` is owned by `user:group` (`1000:1000`), so it cannot run any other way. Previously, if the `matrix` user was uid=1000 by chance, it would work, but that's pure luck. commit 4d5748ae9b84c81d6b48b0a41b790339d9ac4724 Author: Slavi Pantaleev Date: Mon Jun 3 18:57:09 2024 +0300 Pin wechat and wechat-agent versions commit 40d40009f19ebceed4126146cbb510a2c95af671 Author: Slavi Pantaleev Date: Mon Jun 3 18:53:58 2024 +0300 docker_image -> container_image for WeChat bridge commit cc33aff592541913070d13288d17b04ed6243176 Author: Slavi Pantaleev Date: Mon Jun 3 18:00:25 2024 +0300 docker_src -> container_src in WeChat bridge commit 42e6ae9a6483c8ca6d53b8052058d41d90d93797 Author: Slavi Pantaleev Date: Mon Jun 3 17:54:24 2024 +0300 matrix_go_wechat_ -> matrix_wechat_ The bridge is written in Go, but does not include Go anywhere in its name. As such, it's mostly useless to use `matrix_go_wechat` as the prefix. commit d6662a69d1916d215d5184320c36d2ef73afd3e9 Author: Tobias Diez Date: Mon Mar 25 10:55:16 2024 +0800 Add wechat bridge --- docs/configuring-playbook-bridge-wechat.md | 17 ++ docs/configuring-playbook.md | 2 + group_vars/matrix_servers | 65 +++++ .../matrix-bridge-wechat/defaults/main.yml | 152 ++++++++++ .../matrix-bridge-wechat/tasks/install.yml | 129 +++++++++ .../matrix-bridge-wechat/tasks/main.yml | 20 ++ .../matrix-bridge-wechat/tasks/uninstall.yml | 39 +++ .../tasks/validate_config.yml | 19 ++ .../templates/agent-config.yaml.j2 | 13 + .../templates/config.yaml.j2 | 265 ++++++++++++++++++ .../systemd/matrix-wechat-agent.service.j2 | 49 ++++ .../systemd/matrix-wechat.service.j2 | 47 ++++ setup.yml | 1 + 13 files changed, 818 insertions(+) create mode 100644 docs/configuring-playbook-bridge-wechat.md create mode 100644 roles/custom/matrix-bridge-wechat/defaults/main.yml create mode 100644 roles/custom/matrix-bridge-wechat/tasks/install.yml create mode 100644 roles/custom/matrix-bridge-wechat/tasks/main.yml create mode 100644 roles/custom/matrix-bridge-wechat/tasks/uninstall.yml create mode 100644 roles/custom/matrix-bridge-wechat/tasks/validate_config.yml create mode 100644 roles/custom/matrix-bridge-wechat/templates/agent-config.yaml.j2 create mode 100644 roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 create mode 100644 roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat-agent.service.j2 create mode 100644 roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat.service.j2 diff --git a/docs/configuring-playbook-bridge-wechat.md b/docs/configuring-playbook-bridge-wechat.md new file mode 100644 index 000000000..fe4a3b6b2 --- /dev/null +++ b/docs/configuring-playbook-bridge-wechat.md @@ -0,0 +1,17 @@ +# Setting up the WeChat Bridge (optional) + +The playbook can install and configure the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge for you (for bridging to the [WeChat](https://www.wechat.com/) network). + +See the project page to learn what it does and why it might be useful to you. + +To enable the bridge, use the following playbook configuration and re-run the playbook's [installation](./installing.md) procedure: + +```yaml +matrix_wechat_enabled: true +``` + +## Usage + +Once the bridge is installed, start a chat with `@wechatbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). + +Send `help` to the bot to see the available commands. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 86139e1a4..708367083 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -178,6 +178,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Heisenbridge bouncer-style IRC bridging](configuring-playbook-bridge-heisenbridge.md) (optional) +- [Setting up WeChat bridging](configuring-playbook-bridge-wechat.md) (optional) + ### Bots diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 3030110e2..a93926366 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -93,6 +93,8 @@ matrix_homeserver_container_extra_arguments_auto: | + (['--mount type=bind,src=' + matrix_go_skype_bridge_config_path + '/registration.yaml,dst=/matrix-go-skype-bridge-registration.yaml,ro'] if matrix_go_skype_bridge_enabled else []) + + (['--mount type=bind,src=' + matrix_wechat_config_path + '/registration.yaml,dst=/matrix-wechat-registration.yaml,ro'] if matrix_wechat_enabled else []) + + (['--mount type=bind,src=' + matrix_heisenbridge_base_path + '/registration.yaml,dst=/heisenbridge-registration.yaml,ro'] if matrix_heisenbridge_enabled else []) + (['--mount type=bind,src=' + matrix_hookshot_base_path + '/registration.yml,dst=/hookshot-registration.yml,ro'] if matrix_hookshot_enabled else []) @@ -162,6 +164,8 @@ matrix_homeserver_app_service_config_files_auto: | + (['/matrix-go-skype-bridge-registration.yaml'] if matrix_go_skype_bridge_enabled else []) + + (['/matrix-wechat-registration.yaml'] if matrix_wechat_enabled else []) + + (['/heisenbridge-registration.yaml'] if matrix_heisenbridge_enabled else []) + (['/hookshot-registration.yml'] if matrix_hookshot_enabled else []) @@ -298,6 +302,10 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': 'matrix-go-skype-bridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'go-skype']}] if matrix_go_skype_bridge_enabled else []) + + ([{'name': 'matrix-wechat.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'wechat']}] if matrix_wechat_enabled else []) + + + ([{'name': 'matrix-wechat-agent.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'wechat']}] if matrix_wechat_enabled else []) + + ([{'name': 'matrix-heisenbridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'heisenbridge']}] if matrix_heisenbridge_enabled else []) + ([{'name': 'matrix-hookshot.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'hookshot', 'bridge-hookshot']}] if matrix_hookshot_enabled else []) @@ -1713,6 +1721,57 @@ matrix_mautrix_wsproxy_syncproxy_database_password: "{{ '%s' | format(matrix_hom # ###################################################################### +###################################################################### +# +# matrix-bridge-wechat +# +###################################################################### + +# We don't enable bridges by default. +matrix_wechat_enabled: false + +matrix_wechat_systemd_required_services_list_auto: | + {{ + matrix_addons_homeserver_systemd_services_list + + + ([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_wechat_database_hostname == devture_postgres_connection_hostname) else []) + }} + +matrix_wechat_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" + +matrix_wechat_agent_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" + +matrix_wechat_container_network: "{{ matrix_addons_container_network }}" + +matrix_wechat_container_additional_networks_auto: |- + {{ + ( + ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) + + + ([devture_postgres_container_network] if (devture_postgres_enabled and matrix_wechat_database_hostname == devture_postgres_connection_hostname and matrix_wechat_container_network != devture_postgres_container_network) else []) + ) | unique + }} + +matrix_wechat_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.as.token', rounds=655555) | to_uuid }}" + +matrix_wechat_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}" +matrix_wechat_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.hs.token', rounds=655555) | to_uuid }}" + +matrix_wechat_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" + +matrix_wechat_bridge_listen_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.lstn', rounds=655555) | to_uuid }}" + +# Postgres is the default, except if not using internal Postgres server +matrix_wechat_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}" +matrix_wechat_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" +matrix_wechat_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gowechat.db', rounds=655555) | to_uuid }}" + +###################################################################### +# +# /matrix-bridge-wechat +# +###################################################################### + ###################################################################### # # matrix-bridge-mautrix-whatsapp @@ -3694,6 +3753,12 @@ devture_postgres_managed_databases_auto: | 'password': matrix_go_skype_bridge_database_password, }] if (matrix_go_skype_bridge_enabled and matrix_go_skype_bridge_database_engine == 'postgres' and matrix_go_skype_bridge_database_hostname == devture_postgres_connection_hostname) else []) + + ([{ + 'name': matrix_wechat_database_name, + 'username': matrix_wechat_database_username, + 'password': matrix_wechat_database_password, + }] if (matrix_wechat_enabled and matrix_wechat_database_engine == 'postgres' and matrix_wechat_database_hostname == devture_postgres_connection_hostname) else []) + + ([{ 'name': matrix_mautrix_facebook_database_name, 'username': matrix_mautrix_facebook_database_username, diff --git a/roles/custom/matrix-bridge-wechat/defaults/main.yml b/roles/custom/matrix-bridge-wechat/defaults/main.yml new file mode 100644 index 000000000..acd65f407 --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/defaults/main.yml @@ -0,0 +1,152 @@ +--- + +# WeChat Bridge is a Matrix <-> WeChat bridge +# Project source code URL: https://github.com/duo/matrix-wechat + +matrix_wechat_enabled: true + +# renovate: datasource=docker depName=lxduo/matrix-wechat +matrix_wechat_version: 0.2.4 +matrix_wechat_container_image: "{{ matrix_wechat_container_image_name_prefix }}lxduo/matrix-wechat:{{ matrix_wechat_version }}" +matrix_wechat_container_image_name_prefix: "{{ 'localhost/' if matrix_wechat_container_image_self_build else matrix_container_global_registry_prefix }}" +matrix_wechat_container_image_force_pull: "{{ matrix_wechat_container_image.endswith(':latest') }}" + +matrix_wechat_container_image_self_build: false +matrix_wechat_container_image_self_build_repo: "https://github.com/duo/matrix-wechat.git" +matrix_wechat_container_image_self_build_branch: "{{ 'master' if matrix_wechat_version == 'latest' else matrix_wechat_version }}" + +# renovate: datasource=docker depName=lxduo/matrix-wechat-agent +matrix_wechat_agent_version: 0.0.1 +matrix_wechat_agent_container_image: "{{ matrix_wechat_agent_container_image_name_prefix }}lxduo/matrix-wechat-agent:{{ matrix_wechat_agent_version }}" +matrix_wechat_agent_container_image_name_prefix: "{{ 'localhost/' if matrix_wechat_agent_container_image_self_build else matrix_container_global_registry_prefix }}" +matrix_wechat_agent_container_image_force_pull: "{{ matrix_wechat_agent_container_image.endswith(':latest') }}" + +# The agent needs to write to /home/user/.vnc. +# `/home/user` is owned by `user:group` (`1000:1000`), so it needs to run with that user/group. +matrix_wechat_agent_container_user_uid: 1000 +matrix_wechat_agent_container_user_gid: 1000 + +matrix_wechat_agent_container_image_self_build: false +matrix_wechat_agent_container_image_self_build_repo: "https://github.com/duo/matrix-wechat-agent.git" +matrix_wechat_agent_container_image_self_build_branch: "{{ 'master' if matrix_wechat_agent_version == 'latest' else matrix_wechat_agent_version }}" + +matrix_wechat_base_path: "{{ matrix_base_data_path }}/wechat" +matrix_wechat_config_path: "{{ matrix_wechat_base_path }}/config" +matrix_wechat_data_path: "{{ matrix_wechat_base_path }}/data" +matrix_wechat_container_src_files_path: "{{ matrix_wechat_base_path }}/container-src" +matrix_wechat_agent_container_src_files_path: "{{ matrix_wechat_base_path }}/agent-container-src" + +matrix_wechat_homeserver_address: "" +matrix_wechat_homeserver_domain: "{{ matrix_domain }}" +matrix_wechat_appservice_address: 'http://matrix-wechat:8080' + +matrix_wechat_container_network: "" + +matrix_wechat_container_additional_networks: "{{ matrix_wechat_container_additional_networks_auto + matrix_wechat_container_additional_networks_custom }}" +matrix_wechat_container_additional_networks_auto: [] +matrix_wechat_container_additional_networks_custom: [] + +# A list of extra arguments to pass to the container +matrix_wechat_container_extra_arguments: [] + +# List of systemd services that matrix-wechat.service depends on. +matrix_wechat_systemd_required_services_list: "{{ matrix_wechat_systemd_required_services_list_default + matrix_wechat_systemd_required_services_list_auto + matrix_wechat_systemd_required_services_list_custom }}" +matrix_wechat_systemd_required_services_list_default: ['docker.service'] +matrix_wechat_systemd_required_services_list_auto: [] +matrix_wechat_systemd_required_services_list_custom: [] + +# List of systemd services that matrix-wechat.service wants +matrix_wechat_systemd_wanted_services_list: [] + +matrix_wechat_appservice_token: '' +matrix_wechat_homeserver_token: '' + +matrix_wechat_appservice_bot_username: wechatbot + +matrix_wechat_command_prefix: "!wechat" + +# Whether or not created rooms should have federation enabled. +# If false, created portal rooms will never be federated. +matrix_wechat_federate_rooms: true + +# Database-related configuration fields. +matrix_wechat_database_engine: 'postgres' +matrix_wechat_database_username: 'matrix_wechat' +matrix_wechat_database_password: 'some-password' +matrix_wechat_database_hostname: '' +matrix_wechat_database_port: 5432 +matrix_wechat_database_name: 'matrix_wechat' +matrix_wechat_database_sslmode: disable +matrix_wechat_database_connection_string: 'postgresql://{{ matrix_wechat_database_username }}:{{ matrix_wechat_database_password }}@{{ matrix_wechat_database_hostname }}:{{ matrix_wechat_database_port }}/{{ matrix_wechat_database_name }}?sslmode={{ matrix_wechat_database_sslmode }}' + +matrix_wechat_bridge_listen_secret: '' + +# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). +matrix_wechat_login_shared_secret: '' +matrix_wechat_login_shared_secret_map: + "{{ {matrix_wechat_homeserver_domain: matrix_wechat_login_shared_secret} if matrix_wechat_login_shared_secret else {} }}" + +# Servers to always allow double puppeting from +matrix_wechat_double_puppet_server_map: + "{{ matrix_wechat_homeserver_domain: matrix_wechat_homeserver_address }}" + +# Enable End-to-bridge encryption +matrix_wechat_encryption_allow: "{{ matrix_bridges_encryption_enabled }}" +matrix_wechat_encryption_default: "{{ matrix_wechat_encryption_allow }}" + +# Minimum severity of journal log messages. +# Options: debug, info, warn, error, fatal +matrix_wechat_log_level: 'warn' + +matrix_wechat_permissions: | + {{ + {matrix_wechat_homeserver_domain: 'user'} + | combine({matrix_admin: 'admin'} if matrix_admin else {}) + }} + +# Default Wechat configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_wechat_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_wechat_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" + +matrix_wechat_configuration_extension_yaml: | + # Your custom YAML configuration goes here. + # This configuration extends the default starting configuration (`matrix_wechat_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_wechat_configuration_yaml`. + +matrix_wechat_configuration_extension: "{{ matrix_wechat_configuration_extension_yaml | from_yaml if matrix_wechat_configuration_extension_yaml | from_yaml is mapping else {} }}" + +# Holds the final configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_wechat_configuration_yaml`. +matrix_wechat_configuration: "{{ matrix_wechat_configuration_yaml | from_yaml | combine(matrix_wechat_configuration_extension, recursive=True) }}" + +matrix_wechat_registration_yaml: | + id: wechat + url: {{ matrix_wechat_appservice_address }} + as_token: "{{ matrix_wechat_appservice_token }}" + hs_token: "{{ matrix_wechat_homeserver_token }}" + # See https://github.com/mautrix/signal/issues/43 + sender_localpart: _bot_{{ matrix_wechat_appservice_bot_username }} + rate_limited: false + namespaces: + users: + - regex: '^@_wechat_(.*):{{ matrix_wechat_homeserver_domain | regex_escape }}$' + exclusive: true + - exclusive: true + regex: '^@{{ matrix_wechat_appservice_bot_username | regex_escape }}:{{ matrix_wechat_homeserver_domain | regex_escape }}$' + de.sorunome.msc2409.push_ephemeral: true + +matrix_wechat_registration: "{{ matrix_wechat_registration_yaml | from_yaml }}" + + +matrix_wechat_agent_service_secret: "{{ matrix_wechat_bridge_listen_secret }}" + +matrix_wechat_agent_configuration_yaml: "{{ lookup('template', 'templates/agent-config.yaml.j2') }}" + +matrix_wechat_agent_configuration: "{{ matrix_wechat_agent_configuration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-wechat/tasks/install.yml b/roles/custom/matrix-bridge-wechat/tasks/install.yml new file mode 100644 index 000000000..8a2d0694b --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/tasks/install.yml @@ -0,0 +1,129 @@ +--- + +- name: Ensure WeChat Bridge paths exists + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_wechat_base_path }}", when: true} + - {path: "{{ matrix_wechat_config_path }}", when: true} + - {path: "{{ matrix_wechat_data_path }}", when: true} + - {path: "{{ matrix_wechat_container_src_files_path }}", when: "{{ matrix_wechat_container_image_self_build }}"} + - {path: "{{ matrix_wechat_agent_container_src_files_path }}", when: "{{ matrix_wechat_agent_container_image_self_build }}"} + when: item.when | bool + +- name: Ensure WeChat Bridge image is pulled + community.docker.docker_image: + name: "{{ matrix_wechat_container_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_wechat_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_container_image_force_pull }}" + when: not matrix_wechat_container_image_self_build + register: result + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" + until: result is not failed + +- when: matrix_wechat_container_image_self_build | bool + block: + - name: Ensure WeChat Bridge repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_wechat_container_image_self_build_repo }}" + dest: "{{ matrix_wechat_container_src_files_path }}" + version: "{{ matrix_wechat_container_image_self_build_branch }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_wechat_git_pull_results + + - name: Ensure WeChat Bridge container image is built + community.docker.docker_image: + name: "{{ matrix_wechat_container_image }}" + source: build + force_source: "{{ matrix_wechat_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_wechat_container_src_files_path }}" + pull: true + +- name: Ensure WeChat Agent image is pulled + community.docker.docker_image: + name: "{{ matrix_wechat_agent_container_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_wechat_agent_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_agent_container_image_force_pull }}" + when: not matrix_wechat_agent_container_image_self_build + register: result + retries: "{{ devture_playbook_help_container_retries_count }}" + delay: "{{ devture_playbook_help_container_retries_delay }}" + until: result is not failed + +- when: matrix_wechat_agent_container_image_self_build | bool + block: + - name: Ensure WeChat Agent repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_wechat_agent_container_image_self_build_repo }}" + dest: "{{ matrix_wechat_agent_container_src_files_path }}" + version: "{{ matrix_wechat_agent_container_image_self_build_branch }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_wechat_agent_git_pull_results + + - name: Ensure WeChat Agent container image is built + community.docker.docker_image: + name: "{{ matrix_wechat_agent_container_image }}" + source: build + force_source: "{{ matrix_wechat_agent_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_agent_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_wechat_agent_container_src_files_path }}" + pull: true + +- name: Ensure WeChat configuration installed + ansible.builtin.copy: + content: "{{ matrix_wechat_configuration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_wechat_config_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure WeChat registration.yaml installed + ansible.builtin.copy: + content: "{{ matrix_wechat_registration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_wechat_config_path }}/registration.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure Wechat Agent configuration installed + ansible.builtin.copy: + content: "{{ matrix_wechat_agent_configuration | to_nice_yaml(indent=2, width=999999) }}" + dest: "{{ matrix_wechat_config_path }}/agent-config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-wechat container network is created + community.general.docker_network: + name: "{{ matrix_wechat_container_network }}" + driver: bridge + +- name: Ensure matrix-wechat.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-wechat.service.j2" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-wechat.service" + mode: 0644 + register: matrix_wechat_systemd_service_result + +- name: Ensure matrix-wechat-agent.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-wechat-agent.service.j2" + dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-wechat-agent.service" + mode: 0644 + register: matrix_wechat_agent_systemd_service_result diff --git a/roles/custom/matrix-bridge-wechat/tasks/main.yml b/roles/custom/matrix-bridge-wechat/tasks/main.yml new file mode 100644 index 000000000..effcd7d5e --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/tasks/main.yml @@ -0,0 +1,20 @@ +--- + +- tags: + - setup-all + - setup-wechat + - install-all + - install-wechat + block: + - when: matrix_wechat_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml" + + - when: matrix_wechat_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml" + +- tags: + - setup-all + - setup-wechat + block: + - when: not matrix_wechat_enabled | bool + ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml" diff --git a/roles/custom/matrix-bridge-wechat/tasks/uninstall.yml b/roles/custom/matrix-bridge-wechat/tasks/uninstall.yml new file mode 100644 index 000000000..cf19203fa --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/tasks/uninstall.yml @@ -0,0 +1,39 @@ +--- + +- name: Check existence of matrix-wechat service + ansible.builtin.stat: + path: "/etc/systemd/system/matrix-wechat.service" + register: matrix_wechat_service_stat + +- when: matrix_wechat_service_stat.stat.exists | bool + block: + - name: Ensure matrix-wechat is stopped + ansible.builtin.service: + name: matrix-wechat + state: stopped + enabled: false + daemon_reload: true + + - name: Ensure matrix-wechat.service doesn't exist + ansible.builtin.file: + path: "/etc/systemd/system/matrix-wechat.service" + state: absent + +- name: Check existence of matrix-wechat-agent service + ansible.builtin.stat: + path: "/etc/systemd/system/matrix-wechat-agent.service" + register: matrix_wechat_agent_service_stat + +- when: matrix_wechat_agent_service_stat.stat.exists | bool + block: + - name: Ensure matrix-wechat-agent is stopped + ansible.builtin.service: + name: matrix-wechat-agent + state: stopped + enabled: false + daemon_reload: true + + - name: Ensure matrix-wechat-agent.service doesn't exist + ansible.builtin.file: + path: "/etc/systemd/system/matrix-wechat-agent.service" + state: absent diff --git a/roles/custom/matrix-bridge-wechat/tasks/validate_config.yml b/roles/custom/matrix-bridge-wechat/tasks/validate_config.yml new file mode 100644 index 000000000..49159be21 --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/tasks/validate_config.yml @@ -0,0 +1,19 @@ +--- + +- name: Fail if required WeChat settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item.name }}`). + when: "item.when | bool and vars[item.name] == ''" + with_items: + - {'name': 'matrix_wechat_appservice_token', when: true} + - {'name': 'matrix_wechat_homeserver_address', when: true} + - {'name': 'matrix_wechat_homeserver_token', when: true} + - {'name': 'matrix_wechat_database_hostname', when: "{{ matrix_wechat_database_engine == 'postgres' }}"} + - {'name': 'matrix_wechat_container_network', when: true} + - {'name': 'matrix_wechat_bridge_listen_secret', when: true} + +- name: Fail if WeChat enabled on ARM64 (not supported by the wechat agent, even with self-building) + when: matrix_architecture not in ['amd64'] + ansible.builtin.fail: + msg: "The WeChat Agent does not support the '{{ matrix_architecture }}' architecture yet. Its Dockerfile downloads amd64 binaries and does not work on arm64." diff --git a/roles/custom/matrix-bridge-wechat/templates/agent-config.yaml.j2 b/roles/custom/matrix-bridge-wechat/templates/agent-config.yaml.j2 new file mode 100644 index 000000000..19c1d1ad9 --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/templates/agent-config.yaml.j2 @@ -0,0 +1,13 @@ +wechat: + version: 3.8.1.26 + listen_port: 22222 + init_timeout: 10s + request_timeout: 30s + +service: + addr: ws://matrix-wechat:20002 + secret: {{ matrix_wechat_bridge_listen_secret | to_json }} + ping_interval: 30s + +log: + level: info diff --git a/roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 b/roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 new file mode 100644 index 000000000..3a5091894 --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 @@ -0,0 +1,265 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details. +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_wechat_homeserver_address | to_json }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_wechat_homeserver_domain | to_json }} + + # What software is the homeserver running? + # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. + software: standard + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null + # Endpoint for reporting per-message status. + message_send_checkpoint_endpoint: null + # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? + async_media: false + + # Should the bridge use a websocket for connecting to the homeserver? + # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, + # mautrix-asmux (deprecated), and hungryserv (proprietary). + websocket: false + # How often should the websocket be pinged? Pinging will be disabled if this is zero. + ping_interval_seconds: 0 + +# Application service host/registration related details. +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_wechat_appservice_address | to_json }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 8080 + + # Database config. + database: + # The database type. "sqlite3" and "postgres" are supported. + type: postgres + # The database URI. + # SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string + # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable + # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql + uri: {{ matrix_wechat_database_connection_string | to_json }} + # Maximum number of connections. Mostly relevant for Postgres. + max_open_conns: 20 + max_idle_conns: 2 + # Maximum connection idle time and lifetime before they're closed. Disabled if null. + # Parsed with https://pkg.go.dev/time#ParseDuration + max_conn_idle_time: null + max_conn_lifetime: null + + # The unique ID of this appservice. + id: wechat + # Appservice bot details. + bot: + # Username of the appservice bot. + username: {{ matrix_wechat_appservice_bot_username | to_json }} + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + displayname: WeChat bridge bot + avatar: mxc://matrix.org/rddVQBTjOOmNkNLXWfYJNfPW + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + ephemeral_events: true + + # Should incoming events be handled asynchronously? + # This may be necessary for large public instances with lots of messages going through. + # However, messages will not be guaranteed to be bridged in the same order they were sent in. + async_transactions: false + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: {{ matrix_wechat_appservice_token | to_json }} + hs_token: {{ matrix_wechat_homeserver_token | to_json }} + +# Bridge config +bridge: + # Localpart template of MXIDs for WeChat users. + # {% raw %}{{.}}{% endraw %} is replaced with the uin of the WeChat user. + username_template: {% raw %}_wechat_{{.}}{% endraw %} + # Displayname template for WeChat users. + displayname_template: "{% raw %}{{if .Name}}{{.Name}}{{else}}{{.Uin}}{{end}} (WeChat){% endraw %}" + # WeChat listen address (for agent connection) + listen_address: "0.0.0.0:20002" + listen_secret: {{ matrix_wechat_bridge_listen_secret | to_json }} + # Should the bridge create a space for each logged-in user and add bridged rooms to it? + # Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time. + personal_filtering_spaces: false + # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + message_status_events: false + # Whether the bridge should send error notices via m.notice events when a message fails to bridge. + message_error_notices: true + portal_message_buffer: 128 + # Enable redaction + allow_redaction: false + # Should puppet avatars be fetched from the server even if an avatar is already set? + user_avatar_sync: true + # Should the bridge update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # When double puppeting is enabled, users can use `!wa toggle` to change whether + # presence is bridged. These settings set the default values. + # Existing users won't be affected when these are changed. + default_bridge_presence: false + # Send the presence as "available" to WeChat when users start typing on a portal. + # This works as a workaround for homeservers that do not support presence, and allows + # users to see when the WeChat user on the other side is typing during a conversation. + send_presence_on_typing: false + # Servers to always allow double puppeting from + double_puppet_server_map: + "{{ matrix_wechat_homeserver_domain }}": {{ matrix_wechat_homeserver_address }} + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, double puppeting will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret_map: {{ matrix_wechat_login_shared_secret_map | to_json }} + # Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default + # Should group members be synced in parallel? This makes member sync faster + parallel_member_sync: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, except if the config file is not writable. + resend_bridge_info: false + # When using double puppeting, should muted chats be muted in Matrix? + mute_bridging: false + # Allow invite permission for user. User can invite any bots to room with WeChat + # users (private chat and groups) + allow_user_invite: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Should the bridge never send alerts to the bridge management room? + # These are mostly things like the user being logged out. + disable_bridge_alerts: false + # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration + # Null means there's no enforced timeout. + message_handling_timeout: + # Send an error message after this timeout, but keep waiting for the response until the deadline. + # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay. + # If the message is older than this when it reaches the bridge, the message won't be handled at all. + error_after: null + # Drop messages after this timeout. They may still go through if the message got sent to the servers. + # This is counted from the time the bridge starts handling the message. + deadline: 120s + + # The prefix for commands. Only required in non-management rooms. + command_prefix: {{ matrix_wechat_command_prefix | to_json }} + + # Messages sent upon joining a management room. + # Markdown is supported. The defaults are listed below. + management_room_text: + # Sent when joining a room. + welcome: "Hello, I'm a WeChat bridge bot." + # Sent when joining a management room and the user is already logged in. + welcome_connected: "Use `help` for help." + # Sent when joining a management room and the user is not logged in. + welcome_unconnected: "Use `help` for help or `login` to log in." + # Optional extra text sent when joining a management room. + additional_help: "" + + # End-to-bridge encryption support options. + # + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: {{ matrix_wechat_encryption_allow | to_json }} + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: {{ matrix_wechat_encryption_default | to_json }} + # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false + # Require encryption, drop any unencrypted messages. + require: false + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # Should users mentions be in the event wire content to enable the server to send push notifications? + plaintext_mentions: false + # Options for deleting megolm sessions from the bridge. + delete_keys: + # Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # Delete inbound megolm sessions that don't have the received_at field used for + # automatic ratcheting and expired session deletion. This is meant as a migration + # to delete old keys prior to the bridge update. + delete_outdated_inbound: false + # What level of device verification should be required from users? + # + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # Minimum level for which the bridge should send keys to when bridging messages from WeChat to Matrix. + receive: unverified + # Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 + + # Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false + + + # Permissions for using the bridge. + # Permitted values: + # user - Access to use the bridge to chat with a WeChat account. + # admin - User level and some additional administration tools + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: {{ matrix_wechat_permissions | to_json }} + +# Logging config. See https://github.com/tulir/zeroconfig for details. +logging: + min_level: {{ matrix_wechat_log_level }} + writers: + - type: stdout + format: pretty-colored diff --git a/roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat-agent.service.j2 b/roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat-agent.service.j2 new file mode 100644 index 000000000..8e5ea5239 --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat-agent.service.j2 @@ -0,0 +1,49 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix WeChat Agent +{% for service in matrix_wechat_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_wechat_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat-agent 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat-agent 2>/dev/null || true' + +{# + The agent needs to write to /home/user/.vnc. + `/home/user` is owned by `user:group` (`1000:1000`), so it needs to run with that user/group. +#} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ + --rm \ + --name=matrix-wechat-agent \ + --log-driver=none \ + --user={{ matrix_wechat_agent_container_user_uid }}:{{ matrix_wechat_agent_container_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_wechat_container_network }} \ + --mount type=bind,src={{ matrix_wechat_config_path }}/agent-config.yaml,dst=/home/user/matrix-wechat-agent/configure.yaml,ro \ + {% for arg in matrix_wechat_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_wechat_agent_container_image }} + +{% for network in matrix_wechat_container_additional_networks %} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-wechat-agent +{% endfor %} + +ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-wechat-agent + +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat-agent 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat-agent 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-wechat-agent + +[Install] +WantedBy=multi-user.target diff --git a/roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat.service.j2 b/roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat.service.j2 new file mode 100644 index 000000000..96f87e9bb --- /dev/null +++ b/roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat.service.j2 @@ -0,0 +1,47 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix WeChat Bridge +{% for service in matrix_wechat_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_wechat_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}" +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat 2>/dev/null || true' +ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat 2>/dev/null || true' + +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \ + --rm \ + --name=matrix-wechat \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_wechat_container_network }} \ + --mount type=bind,src={{ matrix_wechat_config_path }},dst=/config,ro \ + --mount type=bind,src={{ matrix_wechat_data_path }},dst=/data \ + --workdir=/data \ + {% for arg in matrix_wechat_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_wechat_container_image }} \ + /usr/bin/matrix-wechat -c /config/config.yaml -r /config/registration.yaml --no-update +{% for network in matrix_wechat_container_additional_networks %} +ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-wechat +{% endfor %} + +ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-wechat + +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat 2>/dev/null || true' +ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-wechat + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index d93a71a2e..f284ec88c 100644 --- a/setup.yml +++ b/setup.yml @@ -58,6 +58,7 @@ - custom/matrix-bridge-appservice-kakaotalk - custom/matrix-bridge-beeper-linkedin - custom/matrix-bridge-go-skype-bridge + - custom/matrix-bridge-wechat - custom/matrix-bridge-mautrix-facebook - custom/matrix-bridge-mautrix-twitter - custom/matrix-bridge-mautrix-hangouts From cc2521d594738c7c77a3a6f2c6e5751e376f3b4c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 3 Jun 2024 21:28:14 +0300 Subject: [PATCH 03/30] Announce WeChat bridging support --- CHANGELOG.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 372a27be3..b84d36230 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2024-06-03 + +## WeChat bridging support + +Thanks to [Tobias Diez](https://github.com/tobiasdiez)'s [efforts](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3241), the playbook now supports bridging to [WeChat](https://www.wechat.com/) via the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge. + +See our [Setting up WeChat bridging](docs/configuring-playbook-bridge-wechat.md) documentation page for getting started. + + # 2024-03-26 ## (Backward Compatibility Break) The playbook now defaults to KeyDB, instead of Redis From e33b43e4a62e5f09dc5de8a8c85e2884d2d3830d Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 3 Jun 2024 23:24:06 +0300 Subject: [PATCH 04/30] wechat: enable spaces by default --- roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 b/roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 index 3a5091894..e81583a11 100644 --- a/roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-wechat/templates/config.yaml.j2 @@ -88,7 +88,7 @@ bridge: listen_secret: {{ matrix_wechat_bridge_listen_secret | to_json }} # Should the bridge create a space for each logged-in user and add bridged rooms to it? # Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time. - personal_filtering_spaces: false + personal_filtering_spaces: true # Whether the bridge should send the message status as a custom com.beeper.message_send_status event. message_status_events: false # Whether the bridge should send error notices via m.notice events when a message fails to bridge. From f97e8490182a99c2a1c11a4c0f262da12ac3961a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 4 Jun 2024 10:47:04 +0300 Subject: [PATCH 05/30] Switch matrix-media-repo to Github Container Registry (supports multi-arch) Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3349 `docker.io/turt2live/matrix-media-repo:v1.3.4` is amd64-only. `ghcr.io/t2bot/matrix-media-repo:v1.3.4` is a multi-arch image which works on arm64. --- roles/custom/matrix-media-repo/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index 63a225674..cb4de902b 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -17,7 +17,7 @@ matrix_media_repo_container_image_self_build_repo: "https://github.com/turt2live matrix_media_repo_docker_image_path: "turt2live/matrix-media-repo" matrix_media_repo_docker_image: "{{ matrix_media_repo_docker_image_name_prefix }}{{ matrix_media_repo_docker_image_path }}:{{ matrix_media_repo_docker_image_tag }}" -matrix_media_repo_docker_image_name_prefix: "{{ 'localhost/' if matrix_media_repo_container_image_self_build else matrix_container_global_registry_prefix }}" +matrix_media_repo_docker_image_name_prefix: "{{ 'localhost/' if matrix_media_repo_container_image_self_build else 'ghcr.io/' }}" # renovate: datasource=docker depName=turt2live/matrix-media-repo matrix_media_repo_docker_image_tag: "v1.3.4" matrix_media_repo_docker_image_force_pull: "{{ matrix_media_repo_docker_image.endswith(':latest') }}" From 9f2eff2ac799b9144cc2b1809760e1681a8a5b9f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 4 Jun 2024 13:14:34 +0300 Subject: [PATCH 06/30] Respect `devture_systemd_docker_base_docker_service_name` Related to https://github.com/devture/com.devture.ansible.role.systemd_docker_base/commit/0241c71a4c08ff5e203b55d50a424387e3b077c8 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3270#issuecomment-2143782962 With this change, it should be possible for people to adjust the Docker dependency from `docker.service` to something else (e.g. `pkg-ContainerManager-dockerd.service`), or to completely eliminate it by setting `devture_systemd_docker_base_docker_service_name` to an empty string. This makes it easier for people to use the playbook against a Synology DSM server. --- requirements.yml | 32 +++++++++---------- .../defaults/main.yml | 2 +- .../matrix-bot-buscarron/defaults/main.yml | 2 +- .../matrix-bot-chatgpt/defaults/main.yml | 2 +- .../matrix-bot-draupnir/defaults/main.yml | 2 +- .../matrix-bot-go-neb/defaults/main.yml | 2 +- .../matrix-bot-honoroit/defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../matrix-bot-maubot/defaults/main.yml | 2 +- .../matrix-bot-mjolnir/defaults/main.yml | 2 +- .../matrix-bot-postmoogle/defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../matrix-bridge-hookshot/defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../matrix-bridge-sms/defaults/main.yml | 2 +- .../matrix-bridge-wechat/defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../matrix-cactus-comments/defaults/main.yml | 2 +- .../matrix-client-cinny/defaults/main.yml | 2 +- .../matrix-client-element/defaults/main.yml | 2 +- .../matrix-client-hydrogen/defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../custom/matrix-corporal/defaults/main.yml | 2 +- roles/custom/matrix-coturn/defaults/main.yml | 2 +- .../custom/matrix-dimension/defaults/main.yml | 2 +- .../matrix-dynamic-dns/defaults/main.yml | 2 +- .../matrix-email2matrix/defaults/main.yml | 2 +- .../defaults/main.yml | 4 +-- roles/custom/matrix-ma1sd/defaults/main.yml | 2 +- .../matrix-pantalaimon/defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../matrix-registration/defaults/main.yml | 2 +- .../matrix-static-files/defaults/main.yml | 2 +- roles/custom/matrix-sygnal/defaults/main.yml | 2 +- .../matrix-synapse-admin/defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- .../defaults/main.yml | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 65 files changed, 81 insertions(+), 81 deletions(-) diff --git a/requirements.yml b/requirements.yml index 2d3f291b7..24135bbc5 100644 --- a/requirements.yml +++ b/requirements.yml @@ -4,10 +4,10 @@ version: v1.0.0-3 name: auxiliary - src: git+https://gitlab.com/etke.cc/roles/backup_borg.git - version: v1.2.8-1.8.9-0 + version: v1.2.8-1.8.11-1 name: backup_borg - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git - version: v0.1.2-1 + version: v0.1.2-2 name: container_socket_proxy - src: git+https://github.com/geerlingguy/ansible-role-docker version: 7.2.0 @@ -16,22 +16,22 @@ version: 129c8590e106b83e6f4c259649a613c6279e937a name: docker_sdk_for_python - src: git+https://gitlab.com/etke.cc/roles/etherpad.git - version: v2.1.0-0 + version: v2.1.0-1 name: etherpad - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git version: v4.97.1-r0-0-2 name: exim_relay - src: git+https://gitlab.com/etke.cc/roles/grafana.git - version: v11.0.0-0 + version: v11.0.0-1 name: grafana - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git - version: v9457-3 + version: v9457-5 name: jitsi - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-keydb.git - version: v6.3.4-1 + version: v6.3.4-2 name: keydb - src: git+https://gitlab.com/etke.cc/roles/ntfy.git - version: v2.10.0-0 + version: v2.10.0-1 name: ntfy - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git version: 201c939eed363de269a83ba29784fc3244846048 @@ -43,25 +43,25 @@ version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16 name: playbook_state_preserver - src: git+https://github.com/devture/com.devture.ansible.role.postgres.git - version: v16.3-0 + version: v16.3-1 name: postgres - src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git - version: 046004a8cb9946979b72ce81c2526c8033ea8067 + version: 8c3585fb4857dbac026b2974bb6525289240effb name: postgres_backup - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git - version: v2.52.0-0 + version: v2.52.0-1 name: prometheus - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git - version: v1.8.1-0 + version: v1.8.1-1 name: prometheus_node_exporter - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git - version: v0.14.0-4 + version: v0.14.0-5 name: prometheus_postgres_exporter - src: git+https://gitlab.com/etke.cc/roles/redis.git - version: v7.2.4-0 + version: v7.2.4-1 name: redis - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git - version: v1.1.0-0 + version: v1.2.0-0 name: systemd_docker_base - src: git+https://github.com/devture/com.devture.ansible.role.systemd_service_manager.git version: v1.0.0-4 @@ -70,8 +70,8 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/devture/com.devture.ansible.role.traefik.git - version: v2.11.2-0 + version: v2.11.2-1 name: traefik - src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git - version: v2.8.3-1 + version: v2.8.3-2 name: traefik_certs_dumper diff --git a/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml b/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml index 21c98ee1b..0242edbda 100644 --- a/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml +++ b/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml @@ -30,7 +30,7 @@ matrix_appservice_draupnir_for_all_container_extra_arguments: [] # List of systemd services that matrix-bot-draupnir.service depends on matrix_appservice_draupnir_for_all_systemd_required_services_list: "{{ matrix_appservice_draupnir_for_all_systemd_required_services_list_default + matrix_appservice_draupnir_for_all_systemd_required_services_list_auto + matrix_appservice_draupnir_for_all_systemd_required_services_list_custom }}" -matrix_appservice_draupnir_for_all_systemd_required_services_list_default: ['docker.service'] +matrix_appservice_draupnir_for_all_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_appservice_draupnir_for_all_systemd_required_services_list_auto: [] matrix_appservice_draupnir_for_all_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-buscarron/defaults/main.yml b/roles/custom/matrix-bot-buscarron/defaults/main.yml index a10974754..56defb34f 100644 --- a/roles/custom/matrix-bot-buscarron/defaults/main.yml +++ b/roles/custom/matrix-bot-buscarron/defaults/main.yml @@ -88,7 +88,7 @@ matrix_bot_buscarron_container_extra_arguments: [] # List of systemd services that matrix-bot-buscarron.service depends on matrix_bot_buscarron_systemd_required_services_list: "{{ matrix_bot_buscarron_systemd_required_services_list_default + matrix_bot_buscarron_systemd_required_services_list_auto + matrix_bot_buscarron_systemd_required_services_list_custom }}" -matrix_bot_buscarron_systemd_required_services_list_default: ['docker.service'] +matrix_bot_buscarron_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_buscarron_systemd_required_services_list_auto: [] matrix_bot_buscarron_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-chatgpt/defaults/main.yml b/roles/custom/matrix-bot-chatgpt/defaults/main.yml index 957501b01..09d73a602 100644 --- a/roles/custom/matrix-bot-chatgpt/defaults/main.yml +++ b/roles/custom/matrix-bot-chatgpt/defaults/main.yml @@ -37,7 +37,7 @@ matrix_bot_chatgpt_container_extra_arguments: [] # List of systemd services that matrix-bot-chatgpt.service depends on matrix_bot_chatgpt_systemd_required_services_list: "{{ matrix_bot_chatgpt_systemd_required_services_list_default + matrix_bot_chatgpt_systemd_required_services_list_auto + matrix_bot_chatgpt_systemd_required_services_list_custom }}" -matrix_bot_chatgpt_systemd_required_services_list_default: ['docker.service'] +matrix_bot_chatgpt_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_chatgpt_systemd_required_services_list_auto: [] matrix_bot_chatgpt_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-draupnir/defaults/main.yml b/roles/custom/matrix-bot-draupnir/defaults/main.yml index 03204f1b9..53dd53e43 100644 --- a/roles/custom/matrix-bot-draupnir/defaults/main.yml +++ b/roles/custom/matrix-bot-draupnir/defaults/main.yml @@ -30,7 +30,7 @@ matrix_bot_draupnir_container_extra_arguments: [] # List of systemd services that matrix-bot-draupnir.service depends on matrix_bot_draupnir_systemd_required_services_list: "{{ matrix_bot_draupnir_systemd_required_services_list_default + matrix_bot_draupnir_systemd_required_services_list_auto + matrix_bot_draupnir_systemd_required_services_list_custom }}" -matrix_bot_draupnir_systemd_required_services_list_default: ['docker.service'] +matrix_bot_draupnir_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_draupnir_systemd_required_services_list_auto: [] matrix_bot_draupnir_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-go-neb/defaults/main.yml b/roles/custom/matrix-bot-go-neb/defaults/main.yml index 67d368965..39622b398 100644 --- a/roles/custom/matrix-bot-go-neb/defaults/main.yml +++ b/roles/custom/matrix-bot-go-neb/defaults/main.yml @@ -87,7 +87,7 @@ matrix_bot_go_neb_container_extra_arguments: [] # List of systemd services that matrix-bot-go-neb.service depends on matrix_bot_go_neb_systemd_required_services_list: "{{ matrix_bot_go_neb_systemd_required_services_list_default + matrix_bot_go_neb_systemd_required_services_list_auto + matrix_bot_go_neb_systemd_required_services_list_custom }}" -matrix_bot_go_neb_systemd_required_services_list_default: ['docker.service'] +matrix_bot_go_neb_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_go_neb_systemd_required_services_list_auto: [] matrix_bot_go_neb_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-honoroit/defaults/main.yml b/roles/custom/matrix-bot-honoroit/defaults/main.yml index d11f2a769..670e8499b 100644 --- a/roles/custom/matrix-bot-honoroit/defaults/main.yml +++ b/roles/custom/matrix-bot-honoroit/defaults/main.yml @@ -84,7 +84,7 @@ matrix_bot_honoroit_container_extra_arguments: [] # List of systemd services that matrix-bot-honoroit.service depends on matrix_bot_honoroit_systemd_required_services_list: "{{ matrix_bot_honoroit_systemd_required_services_list_default + matrix_bot_honoroit_systemd_required_services_list_auto + matrix_bot_honoroit_systemd_required_services_list_custom }}" -matrix_bot_honoroit_systemd_required_services_list_default: ['docker.service'] +matrix_bot_honoroit_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_honoroit_systemd_required_services_list_auto: [] matrix_bot_honoroit_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml index 9de29091b..ed199a34a 100644 --- a/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -45,7 +45,7 @@ matrix_bot_matrix_registration_bot_container_extra_arguments: [] # List of systemd services that matrix-bot-matrix-registration-bot.service depends on matrix_bot_matrix_registration_bot_systemd_required_services_list: "{{ matrix_bot_matrix_registration_bot_systemd_required_services_list_default + matrix_bot_matrix_registration_bot_systemd_required_services_list_auto + matrix_bot_matrix_registration_bot_systemd_required_services_list_custom }}" -matrix_bot_matrix_registration_bot_systemd_required_services_list_default: ['docker.service'] +matrix_bot_matrix_registration_bot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_matrix_registration_bot_systemd_required_services_list_auto: [] matrix_bot_matrix_registration_bot_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml b/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml index 20395e8b6..66ec34fbd 100644 --- a/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml +++ b/roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml @@ -33,7 +33,7 @@ matrix_bot_matrix_reminder_bot_container_additional_networks_custom: [] # List of systemd services that matrix-bot-matrix-reminder-bot.service depends on matrix_bot_matrix_reminder_bot_systemd_required_services_list: "{{ matrix_bot_matrix_reminder_bot_systemd_required_services_list_default + matrix_bot_matrix_reminder_bot_systemd_required_services_list_auto + matrix_bot_matrix_reminder_bot_systemd_required_services_list_custom }}" -matrix_bot_matrix_reminder_bot_systemd_required_services_list_default: ['docker.service'] +matrix_bot_matrix_reminder_bot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_matrix_reminder_bot_systemd_required_services_list_auto: [] matrix_bot_matrix_reminder_bot_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-maubot/defaults/main.yml b/roles/custom/matrix-bot-maubot/defaults/main.yml index d12dd20a0..183ceabcb 100644 --- a/roles/custom/matrix-bot-maubot/defaults/main.yml +++ b/roles/custom/matrix-bot-maubot/defaults/main.yml @@ -114,7 +114,7 @@ matrix_bot_maubot_container_extra_arguments: [] # List of systemd services that matrix-bot-maubot.service depends on matrix_bot_maubot_systemd_required_services_list: "{{ matrix_bot_maubot_systemd_required_services_list_default + matrix_bot_maubot_systemd_required_services_list_auto + matrix_bot_maubot_systemd_required_services_list_custom }}" -matrix_bot_maubot_systemd_required_services_list_default: ['docker.service'] +matrix_bot_maubot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_maubot_systemd_required_services_list_auto: [] matrix_bot_maubot_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-mjolnir/defaults/main.yml b/roles/custom/matrix-bot-mjolnir/defaults/main.yml index 950f791fa..d674f62c2 100644 --- a/roles/custom/matrix-bot-mjolnir/defaults/main.yml +++ b/roles/custom/matrix-bot-mjolnir/defaults/main.yml @@ -30,7 +30,7 @@ matrix_bot_mjolnir_container_extra_arguments: [] # List of systemd services that matrix-bot-mjolnir.service depends on matrix_bot_mjolnir_systemd_required_services_list: "{{ matrix_bot_mjolnir_systemd_required_services_list_default + matrix_bot_mjolnir_systemd_required_services_list_auto + matrix_bot_mjolnir_systemd_required_services_list_custom }}" -matrix_bot_mjolnir_systemd_required_services_list_default: ['docker.service'] +matrix_bot_mjolnir_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_mjolnir_systemd_required_services_list_auto: [] matrix_bot_mjolnir_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bot-postmoogle/defaults/main.yml b/roles/custom/matrix-bot-postmoogle/defaults/main.yml index 08799a7e8..7673d85e6 100644 --- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/custom/matrix-bot-postmoogle/defaults/main.yml @@ -30,7 +30,7 @@ matrix_bot_postmoogle_container_extra_arguments: [] # List of systemd services that matrix-bot-postmoogle.service depends on matrix_bot_postmoogle_systemd_required_services_list: "{{ matrix_bot_postmoogle_systemd_required_services_list_default + matrix_bot_postmoogle_systemd_required_services_list_auto + matrix_bot_postmoogle_systemd_required_services_list_custom }}" -matrix_bot_postmoogle_systemd_required_services_list_default: ['docker.service'] +matrix_bot_postmoogle_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_bot_postmoogle_systemd_required_services_list_auto: [] matrix_bot_postmoogle_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml index c32897007..1ca26ee01 100644 --- a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml @@ -40,7 +40,7 @@ matrix_appservice_discord_container_extra_arguments: [] # List of systemd services that matrix-appservice-discord.service depends on. matrix_appservice_discord_systemd_required_services_list: "{{ matrix_appservice_discord_systemd_required_services_list_default + matrix_appservice_discord_systemd_required_services_list_auto + matrix_appservice_discord_systemd_required_services_list_custom }}" -matrix_appservice_discord_systemd_required_services_list_default: ['docker.service'] +matrix_appservice_discord_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_appservice_discord_systemd_required_services_list_auto: [] matrix_appservice_discord_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml index 6a2d35006..2beff97bf 100644 --- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml @@ -382,7 +382,7 @@ matrix_appservice_irc_container_extra_arguments: [] # List of systemd services that matrix-appservice-irc.service depends on. matrix_appservice_irc_systemd_required_services_list: "{{ matrix_appservice_irc_systemd_required_services_list_default + matrix_appservice_irc_systemd_required_services_list_auto + matrix_appservice_irc_systemd_required_services_list_custom }}" -matrix_appservice_irc_systemd_required_services_list_default: ['docker.service'] +matrix_appservice_irc_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_appservice_irc_systemd_required_services_list_auto: [] matrix_appservice_irc_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml index 1dc7e6b96..448211d36 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml @@ -72,7 +72,7 @@ matrix_appservice_kakaotalk_container_additional_networks_custom: [] matrix_appservice_kakaotalk_node_container_extra_arguments: [] # List of systemd services that matrix-appservice-kakaotalk-node.service depends on. -matrix_appservice_kakaotalk_node_systemd_required_services_list: ['docker.service'] +matrix_appservice_kakaotalk_node_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # List of systemd services that matrix-appservice-kakaotalk-node.service wants matrix_appservice_kakaotalk_node_systemd_wanted_services_list: [] diff --git a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml index 73449d729..131137996 100644 --- a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml @@ -81,7 +81,7 @@ matrix_appservice_slack_container_extra_arguments: [] # List of systemd services that matrix-appservice-slack.service depends on. matrix_appservice_slack_systemd_required_services_list: "{{ matrix_appservice_slack_systemd_required_services_list_default + matrix_appservice_slack_systemd_required_services_list_auto + matrix_appservice_slack_systemd_required_services_list_custom }}" -matrix_appservice_slack_systemd_required_services_list_default: ['docker.service'] +matrix_appservice_slack_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_appservice_slack_systemd_required_services_list_auto: [] matrix_appservice_slack_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml b/roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml index 22bbd45c3..840c0b214 100644 --- a/roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml @@ -77,7 +77,7 @@ matrix_appservice_webhooks_container_extra_arguments: [] # List of systemd services that matrix-appservice-webhooks.service depends on. matrix_appservice_webhooks_systemd_required_services_list: "{{ matrix_appservice_webhooks_systemd_required_services_list_default + matrix_appservice_webhooks_systemd_required_services_list_auto + matrix_appservice_webhooks_systemd_required_services_list_custom }}" -matrix_appservice_webhooks_systemd_required_services_list_default: ['docker.service'] +matrix_appservice_webhooks_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_appservice_webhooks_systemd_required_services_list_auto: [] matrix_appservice_webhooks_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml index 9c84d9ba6..4eb7ef91e 100644 --- a/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -49,7 +49,7 @@ matrix_beeper_linkedin_container_extra_arguments: [] # List of systemd services that matrix-beeper-linkedin.service depends on. matrix_beeper_linkedin_systemd_required_services_list: "{{ matrix_beeper_linkedin_systemd_required_services_list_default + matrix_beeper_linkedin_systemd_required_services_list_auto + matrix_beeper_linkedin_systemd_required_services_list_custom }}" -matrix_beeper_linkedin_systemd_required_services_list_default: ['docker.service'] +matrix_beeper_linkedin_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_beeper_linkedin_systemd_required_services_list_auto: [] matrix_beeper_linkedin_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml b/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml index 1100a8790..d0cead0e3 100644 --- a/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml +++ b/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml @@ -34,7 +34,7 @@ matrix_go_skype_bridge_container_extra_arguments: [] # List of systemd services that matrix-go-skype-bridge.service depends on. matrix_go_skype_bridge_systemd_required_services_list: "{{ matrix_go_skype_bridge_systemd_required_services_list_default + matrix_go_skype_bridge_systemd_required_services_list_auto + matrix_go_skype_bridge_systemd_required_services_list_custom }}" -matrix_go_skype_bridge_systemd_required_services_list_default: ['docker.service'] +matrix_go_skype_bridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_go_skype_bridge_systemd_required_services_list_auto: [] matrix_go_skype_bridge_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml b/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml index 31c313abc..7913bf124 100644 --- a/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml +++ b/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml @@ -32,7 +32,7 @@ matrix_heisenbridge_container_extra_arguments: [] # List of systemd services that service depends on. matrix_heisenbridge_systemd_required_services_list: "{{ matrix_heisenbridge_systemd_required_services_list_default + matrix_heisenbridge_systemd_required_services_list_auto + matrix_heisenbridge_systemd_required_services_list_custom }}" -matrix_heisenbridge_systemd_required_services_list_default: ['docker.service'] +matrix_heisenbridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_heisenbridge_systemd_required_services_list_auto: [] matrix_heisenbridge_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml index 63a6dab91..38d7603c6 100644 --- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml @@ -295,7 +295,7 @@ matrix_hookshot_container_labels_additional_labels: '' # List of systemd services that service depends on. matrix_hookshot_systemd_required_services_list: "{{ matrix_hookshot_systemd_required_services_list_default + matrix_hookshot_systemd_required_services_list_auto + matrix_hookshot_systemd_required_services_list_custom }}" -matrix_hookshot_systemd_required_services_list_default: ['docker.service'] +matrix_hookshot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_hookshot_systemd_required_services_list_auto: [] matrix_hookshot_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml index 3f981af04..28a1d84bd 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml @@ -45,7 +45,7 @@ matrix_mautrix_discord_container_extra_arguments: [] # List of systemd services that matrix-mautrix-discord.service depends on. matrix_mautrix_discord_systemd_required_services_list: "{{ matrix_mautrix_discord_systemd_required_services_list_default + matrix_mautrix_discord_systemd_required_services_list_auto + matrix_mautrix_discord_systemd_required_services_list_custom }}" -matrix_mautrix_discord_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_discord_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_discord_systemd_required_services_list_auto: [] matrix_mautrix_discord_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml index b8130315e..dacd2e24a 100644 --- a/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -80,7 +80,7 @@ matrix_mautrix_facebook_container_extra_arguments: [] # List of systemd services that matrix-mautrix-facebook.service depends on. matrix_mautrix_facebook_systemd_required_services_list: "{{ matrix_mautrix_facebook_systemd_required_services_list_default + matrix_mautrix_facebook_systemd_required_services_list_auto + matrix_mautrix_facebook_systemd_required_services_list_custom }}" -matrix_mautrix_facebook_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_facebook_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_facebook_systemd_required_services_list_auto: [] matrix_mautrix_facebook_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml index b067222aa..b6c6cb416 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml @@ -67,7 +67,7 @@ matrix_mautrix_gmessages_container_extra_arguments: [] # List of systemd services that matrix-mautrix-gmessages.service depends on. matrix_mautrix_gmessages_systemd_required_services_list: "{{ matrix_mautrix_gmessages_systemd_required_services_list_default + matrix_mautrix_gmessages_systemd_required_services_list_auto + matrix_mautrix_gmessages_systemd_required_services_list_custom }}" -matrix_mautrix_gmessages_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_gmessages_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_gmessages_systemd_required_services_list_auto: [] matrix_mautrix_gmessages_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml index 93f10de93..8d793405c 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml @@ -83,7 +83,7 @@ matrix_mautrix_googlechat_container_extra_arguments: [] # List of systemd services that matrix-mautrix-googlechat.service depends on. matrix_mautrix_googlechat_systemd_required_services_list: "{{ matrix_mautrix_googlechat_systemd_required_services_list_default + matrix_mautrix_googlechat_systemd_required_services_list_auto + matrix_mautrix_googlechat_systemd_required_services_list_custom }}" -matrix_mautrix_googlechat_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_googlechat_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_googlechat_systemd_required_services_list_auto: [] matrix_mautrix_googlechat_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml index 1aa5e5a71..764854017 100644 --- a/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml @@ -89,7 +89,7 @@ matrix_mautrix_hangouts_container_extra_arguments: [] # List of systemd services that matrix-mautrix-hangouts.service depends on. matrix_mautrix_hangouts_systemd_required_services_list: "{{ matrix_mautrix_hangouts_systemd_required_services_list_default + matrix_mautrix_hangouts_systemd_required_services_list_auto + matrix_mautrix_hangouts_systemd_required_services_list_custom }}" -matrix_mautrix_hangouts_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_hangouts_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_hangouts_systemd_required_services_list_auto: [] matrix_mautrix_hangouts_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml index 3814220bf..566a01bb5 100644 --- a/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -72,7 +72,7 @@ matrix_mautrix_instagram_container_extra_arguments: [] # List of systemd services that matrix-mautrix-instagram.service depends on. matrix_mautrix_instagram_systemd_required_services_list: "{{ matrix_mautrix_instagram_systemd_required_services_list_default + matrix_mautrix_instagram_systemd_required_services_list_auto + matrix_mautrix_instagram_systemd_required_services_list_custom }}" -matrix_mautrix_instagram_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_instagram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_instagram_systemd_required_services_list_auto: [] matrix_mautrix_instagram_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index 078b53062..fe2509909 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -69,7 +69,7 @@ matrix_mautrix_meta_instagram_container_extra_arguments: [] # List of systemd services that the systemd service depends on. matrix_mautrix_meta_instagram_systemd_required_services_list: "{{ matrix_mautrix_meta_instagram_systemd_required_services_list_default + matrix_mautrix_meta_instagram_systemd_required_services_list_auto + matrix_mautrix_meta_instagram_systemd_required_services_list_custom }}" -matrix_mautrix_meta_instagram_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_meta_instagram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_meta_instagram_systemd_required_services_list_auto: [] matrix_mautrix_meta_instagram_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index 67ca3cb1c..ce31d21aa 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -69,7 +69,7 @@ matrix_mautrix_meta_messenger_container_extra_arguments: [] # List of systemd services that the systemd service depends on. matrix_mautrix_meta_messenger_systemd_required_services_list: "{{ matrix_mautrix_meta_messenger_systemd_required_services_list_default + matrix_mautrix_meta_messenger_systemd_required_services_list_auto + matrix_mautrix_meta_messenger_systemd_required_services_list_custom }}" -matrix_mautrix_meta_messenger_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_meta_messenger_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_meta_messenger_systemd_required_services_list_auto: [] matrix_mautrix_meta_messenger_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml index d3bc23a78..ca209ea30 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml @@ -80,7 +80,7 @@ matrix_mautrix_signal_container_extra_arguments: [] # List of systemd services that matrix-mautrix-signal.service depends on. matrix_mautrix_signal_systemd_required_services_list: "{{ matrix_mautrix_signal_systemd_required_services_list_default + matrix_mautrix_signal_systemd_required_services_list_auto + matrix_mautrix_signal_systemd_required_services_list_custom }}" -matrix_mautrix_signal_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_signal_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_signal_systemd_required_services_list_auto: [] matrix_mautrix_signal_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml index dfe41b9e2..de2323fb5 100644 --- a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml @@ -43,7 +43,7 @@ matrix_mautrix_slack_container_extra_arguments: [] # List of systemd services that matrix-mautrix-slack.service depends on. matrix_mautrix_slack_systemd_required_services_list: "{{ matrix_mautrix_slack_systemd_required_services_list_default + matrix_mautrix_slack_systemd_required_services_list_auto + matrix_mautrix_slack_systemd_required_services_list_custom }}" -matrix_mautrix_slack_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_slack_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_slack_systemd_required_services_list_auto: [] matrix_mautrix_slack_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml index faa4d101f..742ccc847 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -131,7 +131,7 @@ matrix_mautrix_telegram_container_extra_arguments: [] # List of systemd services that matrix-mautrix-telegram.service depends on. matrix_mautrix_telegram_systemd_required_services_list: "{{ matrix_mautrix_telegram_systemd_required_services_list_default + matrix_mautrix_telegram_systemd_required_services_list_auto + matrix_mautrix_telegram_systemd_required_services_list_custom }}" -matrix_mautrix_telegram_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_telegram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_telegram_systemd_required_services_list_auto: [] matrix_mautrix_telegram_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml index 30e8d153d..dba30e2ce 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -72,7 +72,7 @@ matrix_mautrix_twitter_container_extra_arguments: [] # List of systemd services that matrix-mautrix-twitter.service depends on. matrix_mautrix_twitter_systemd_required_services_list: "{{ matrix_mautrix_twitter_systemd_required_services_list_default + matrix_mautrix_twitter_systemd_required_services_list_auto + matrix_mautrix_twitter_systemd_required_services_list_custom }}" -matrix_mautrix_twitter_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_twitter_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_twitter_systemd_required_services_list_auto: [] matrix_mautrix_twitter_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 1be65f4a9..dc2e45704 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -69,7 +69,7 @@ matrix_mautrix_whatsapp_container_extra_arguments: [] # List of systemd services that matrix-mautrix-whatsapp.service depends on. matrix_mautrix_whatsapp_systemd_required_services_list: "{{ matrix_mautrix_whatsapp_systemd_required_services_list_default + matrix_mautrix_whatsapp_systemd_required_services_list_auto + matrix_mautrix_whatsapp_systemd_required_services_list_custom }}" -matrix_mautrix_whatsapp_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_whatsapp_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_whatsapp_systemd_required_services_list_auto: [] matrix_mautrix_whatsapp_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml index aab0070cf..e378c87ed 100644 --- a/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml @@ -63,7 +63,7 @@ matrix_mautrix_wsproxy_container_extra_arguments: [] # List of systemd services that matrix-mautrix-wsproxy.service depends on. matrix_mautrix_wsproxy_systemd_required_services_list: "{{ matrix_mautrix_wsproxy_systemd_required_services_list_default + matrix_mautrix_wsproxy_systemd_required_services_list_auto + matrix_mautrix_wsproxy_systemd_required_services_list_custom }}" -matrix_mautrix_wsproxy_systemd_required_services_list_default: ['docker.service'] +matrix_mautrix_wsproxy_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mautrix_wsproxy_systemd_required_services_list_auto: [] matrix_mautrix_wsproxy_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml index 27d32e8f6..8d328521d 100644 --- a/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -55,7 +55,7 @@ matrix_mx_puppet_discord_container_extra_arguments: [] # List of systemd services that matrix-puppet-discord.service depends on. matrix_mx_puppet_discord_systemd_required_services_list: "{{ matrix_mx_puppet_discord_systemd_required_services_list_default + matrix_mx_puppet_discord_systemd_required_services_list_auto + matrix_mx_puppet_discord_systemd_required_services_list_custom }}" -matrix_mx_puppet_discord_systemd_required_services_list_default: ['docker.service'] +matrix_mx_puppet_discord_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mx_puppet_discord_systemd_required_services_list_auto: [] matrix_mx_puppet_discord_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml index a9bdf3354..c8277aa6a 100644 --- a/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml @@ -51,7 +51,7 @@ matrix_mx_puppet_groupme_container_extra_arguments: [] # List of systemd services that matrix-puppet-groupme.service depends on. matrix_mx_puppet_groupme_systemd_required_services_list: "{{ matrix_mx_puppet_groupme_systemd_required_services_list_default + matrix_mx_puppet_groupme_systemd_required_services_list_auto + matrix_mx_puppet_groupme_systemd_required_services_list_custom }}" -matrix_mx_puppet_groupme_systemd_required_services_list_default: ['docker.service'] +matrix_mx_puppet_groupme_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mx_puppet_groupme_systemd_required_services_list_auto: [] matrix_mx_puppet_groupme_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml index 8816b6707..9d86b5d08 100644 --- a/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml @@ -46,7 +46,7 @@ matrix_mx_puppet_instagram_container_extra_arguments: [] # List of systemd services that matrix-puppet-instagram.service depends on. matrix_mx_puppet_instagram_systemd_required_services_list: "{{ matrix_mx_puppet_instagram_systemd_required_services_list_default + matrix_mx_puppet_instagram_systemd_required_services_list_auto + matrix_mx_puppet_instagram_systemd_required_services_list_custom }}" -matrix_mx_puppet_instagram_systemd_required_services_list_default: ['docker.service'] +matrix_mx_puppet_instagram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mx_puppet_instagram_systemd_required_services_list_auto: [] matrix_mx_puppet_instagram_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml index e684876c4..322f16031 100644 --- a/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -92,7 +92,7 @@ matrix_mx_puppet_slack_container_extra_arguments: [] # List of systemd services that matrix-puppet-slack.service depends on. matrix_mx_puppet_slack_systemd_required_services_list: "{{ matrix_mx_puppet_slack_systemd_required_services_list_default + matrix_mx_puppet_slack_systemd_required_services_list_auto + matrix_mx_puppet_slack_systemd_required_services_list_custom }}" -matrix_mx_puppet_slack_systemd_required_services_list_default: ['docker.service'] +matrix_mx_puppet_slack_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mx_puppet_slack_systemd_required_services_list_auto: [] matrix_mx_puppet_slack_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml index f54e484a4..73cb131f0 100644 --- a/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml @@ -52,7 +52,7 @@ matrix_mx_puppet_steam_container_extra_arguments: [] # List of systemd services that matrix-puppet-steam.service depends on. matrix_mx_puppet_steam_systemd_required_services_list: "{{ matrix_mx_puppet_steam_systemd_required_services_list_default + matrix_mx_puppet_steam_systemd_required_services_list_auto + matrix_mx_puppet_steam_systemd_required_services_list_custom }}" -matrix_mx_puppet_steam_systemd_required_services_list_default: ['docker.service'] +matrix_mx_puppet_steam_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mx_puppet_steam_systemd_required_services_list_auto: [] matrix_mx_puppet_steam_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml index dda042f33..1ba4a9920 100644 --- a/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml +++ b/roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml @@ -92,7 +92,7 @@ matrix_mx_puppet_twitter_container_extra_arguments: [] # List of systemd services that mx-puppet-twitter.service depends on. matrix_mx_puppet_twitter_systemd_required_services_list: "{{ matrix_mx_puppet_twitter_systemd_required_services_list_default + matrix_mx_puppet_twitter_systemd_required_services_list_auto + matrix_mx_puppet_twitter_systemd_required_services_list_custom }}" -matrix_mx_puppet_twitter_systemd_required_services_list_default: ['docker.service'] +matrix_mx_puppet_twitter_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_mx_puppet_twitter_systemd_required_services_list_auto: [] matrix_mx_puppet_twitter_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-sms/defaults/main.yml b/roles/custom/matrix-bridge-sms/defaults/main.yml index 50337ed17..048bc85c2 100644 --- a/roles/custom/matrix-bridge-sms/defaults/main.yml +++ b/roles/custom/matrix-bridge-sms/defaults/main.yml @@ -28,7 +28,7 @@ matrix_sms_bridge_container_extra_arguments: [] # List of systemd services that service depends on. matrix_sms_bridge_systemd_required_services_list: "{{ matrix_sms_bridge_systemd_required_services_list_default + matrix_sms_bridge_systemd_required_services_list_auto + matrix_sms_bridge_systemd_required_services_list_custom }}" -matrix_sms_bridge_systemd_required_services_list_default: ['docker.service'] +matrix_sms_bridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_sms_bridge_systemd_required_services_list_auto: [] matrix_sms_bridge_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-wechat/defaults/main.yml b/roles/custom/matrix-bridge-wechat/defaults/main.yml index acd65f407..1ca0c910f 100644 --- a/roles/custom/matrix-bridge-wechat/defaults/main.yml +++ b/roles/custom/matrix-bridge-wechat/defaults/main.yml @@ -51,7 +51,7 @@ matrix_wechat_container_extra_arguments: [] # List of systemd services that matrix-wechat.service depends on. matrix_wechat_systemd_required_services_list: "{{ matrix_wechat_systemd_required_services_list_default + matrix_wechat_systemd_required_services_list_auto + matrix_wechat_systemd_required_services_list_custom }}" -matrix_wechat_systemd_required_services_list_default: ['docker.service'] +matrix_wechat_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_wechat_systemd_required_services_list_auto: [] matrix_wechat_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-cactus-comments-client/defaults/main.yml b/roles/custom/matrix-cactus-comments-client/defaults/main.yml index 8c49abaa2..66052a49d 100644 --- a/roles/custom/matrix-cactus-comments-client/defaults/main.yml +++ b/roles/custom/matrix-cactus-comments-client/defaults/main.yml @@ -94,7 +94,7 @@ matrix_cactus_comments_client_webclient_css_url: "https://gateway.pinata.cloud/i matrix_cactus_comments_client_local_dir: '' # List of systemd services that matrix-cactus-comments-client.service depends on -matrix_cactus_comments_client_systemd_required_services_list: ['docker.service'] +matrix_cactus_comments_client_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # List of systemd services that matrix-cactus-comments-client.service wants matrix_cactus_comments_client_systemd_wanted_services_list: "{{ matrix_cactus_comments_client_systemd_wanted_services_list_auto + matrix_cactus_comments_client_systemd_wanted_services_list_custom }}" diff --git a/roles/custom/matrix-cactus-comments/defaults/main.yml b/roles/custom/matrix-cactus-comments/defaults/main.yml index 5f6a0a478..a31ae1a1d 100644 --- a/roles/custom/matrix-cactus-comments/defaults/main.yml +++ b/roles/custom/matrix-cactus-comments/defaults/main.yml @@ -40,7 +40,7 @@ matrix_cactus_comments_container_additional_networks_custom: [] matrix_cactus_comments_container_extra_arguments: [] # List of systemd services that matrix-cactus-comments.service depends on -matrix_cactus_comments_systemd_required_services_list: ['docker.service'] +matrix_cactus_comments_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # List of systemd services that matrix-cactus-comments.service wants matrix_cactus_comments_systemd_wanted_services_list: [] diff --git a/roles/custom/matrix-client-cinny/defaults/main.yml b/roles/custom/matrix-client-cinny/defaults/main.yml index 735e663a4..bd3da6166 100644 --- a/roles/custom/matrix-client-cinny/defaults/main.yml +++ b/roles/custom/matrix-client-cinny/defaults/main.yml @@ -72,7 +72,7 @@ matrix_client_cinny_container_labels_additional_labels: '' matrix_client_cinny_container_extra_arguments: [] # List of systemd services that matrix-client-cinny.service depends on -matrix_client_cinny_systemd_required_services_list: ['docker.service'] +matrix_client_cinny_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # Specifies the value of the `X-XSS-Protection` header # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index 46f20f85c..5b2a33392 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -76,7 +76,7 @@ matrix_client_element_container_labels_additional_labels: '' matrix_client_element_container_extra_arguments: [] # List of systemd services that matrix-client-element.service depends on -matrix_client_element_systemd_required_services_list: ['docker.service'] +matrix_client_element_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # Specifies the value of the `X-XSS-Protection` header # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index c3a1050b6..a70adc5ac 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -71,7 +71,7 @@ matrix_client_hydrogen_container_labels_additional_labels: '' matrix_client_hydrogen_container_extra_arguments: [] # List of systemd services that matrix-client-hydrogen.service depends on -matrix_client_hydrogen_systemd_required_services_list: ['docker.service'] +matrix_client_hydrogen_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # Specifies the value of the `X-XSS-Protection` header # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. diff --git a/roles/custom/matrix-client-schildichat/defaults/main.yml b/roles/custom/matrix-client-schildichat/defaults/main.yml index 2e253df7d..65cfffbf6 100644 --- a/roles/custom/matrix-client-schildichat/defaults/main.yml +++ b/roles/custom/matrix-client-schildichat/defaults/main.yml @@ -70,7 +70,7 @@ matrix_client_schildichat_container_labels_additional_labels: '' matrix_client_schildichat_container_extra_arguments: [] # List of systemd services that matrix-client-schildichat.service depends on -matrix_client_schildichat_systemd_required_services_list: ['docker.service'] +matrix_client_schildichat_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # Specifies the value of the `X-XSS-Protection` header # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. diff --git a/roles/custom/matrix-corporal/defaults/main.yml b/roles/custom/matrix-corporal/defaults/main.yml index e3f0189e0..93120843b 100644 --- a/roles/custom/matrix-corporal/defaults/main.yml +++ b/roles/custom/matrix-corporal/defaults/main.yml @@ -77,7 +77,7 @@ matrix_corporal_container_labels_additional_labels: '' # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: "{{ matrix_corporal_systemd_required_services_list_default + matrix_corporal_systemd_required_services_list_auto + matrix_corporal_systemd_required_services_list_custom }}" -matrix_corporal_systemd_required_services_list_default: ['docker.service'] +matrix_corporal_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_corporal_systemd_required_services_list_auto: [] matrix_corporal_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-coturn/defaults/main.yml b/roles/custom/matrix-coturn/defaults/main.yml index d99849080..897b4a963 100644 --- a/roles/custom/matrix-coturn/defaults/main.yml +++ b/roles/custom/matrix-coturn/defaults/main.yml @@ -39,7 +39,7 @@ matrix_coturn_docker_src_files_path: "{{ matrix_coturn_base_path }}/docker-src" matrix_coturn_config_path: "{{ matrix_coturn_base_path }}/turnserver.conf" # List of systemd services that matrix-coturn.service depends on -matrix_coturn_systemd_required_services_list: ['docker.service'] +matrix_coturn_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # A list of additional "volumes" to mount in the container. # This list gets populated dynamically at runtime. You can provide a different default value, diff --git a/roles/custom/matrix-dimension/defaults/main.yml b/roles/custom/matrix-dimension/defaults/main.yml index 7acdacf03..7629115c5 100644 --- a/roles/custom/matrix-dimension/defaults/main.yml +++ b/roles/custom/matrix-dimension/defaults/main.yml @@ -37,7 +37,7 @@ matrix_dimension_docker_image_force_pull: "{{ matrix_dimension_docker_image.ends # List of systemd services that matrix-dimension.service depends on. matrix_dimension_systemd_required_services_list: "{{ matrix_dimension_systemd_required_services_list_default + matrix_dimension_systemd_required_services_list_auto + matrix_dimension_systemd_required_services_list_custom }}" -matrix_dimension_systemd_required_services_list_default: ['docker.service'] +matrix_dimension_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_dimension_systemd_required_services_list_auto: [] matrix_dimension_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-dynamic-dns/defaults/main.yml b/roles/custom/matrix-dynamic-dns/defaults/main.yml index 72b0cfa29..c2810e3d9 100644 --- a/roles/custom/matrix-dynamic-dns/defaults/main.yml +++ b/roles/custom/matrix-dynamic-dns/defaults/main.yml @@ -31,7 +31,7 @@ matrix_dynamic_dns_container_extra_arguments: [] matrix_dynamic_dns_systemd_wanted_services_list: [] # List of required services when running in mode -matrix_dynamic_dns_systemd_required_services_list: ['docker.service'] +matrix_dynamic_dns_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # Build the container from source when running in mode matrix_dynamic_dns_container_image_self_build: false diff --git a/roles/custom/matrix-email2matrix/defaults/main.yml b/roles/custom/matrix-email2matrix/defaults/main.yml index 8ea7637c7..d05eb6d43 100644 --- a/roles/custom/matrix-email2matrix/defaults/main.yml +++ b/roles/custom/matrix-email2matrix/defaults/main.yml @@ -28,7 +28,7 @@ matrix_email2matrix_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_email2matrix_systemd_required_services_list: "{{ matrix_email2matrix_systemd_required_services_list_default + matrix_email2matrix_systemd_required_services_list_auto + matrix_email2matrix_systemd_required_services_list_custom }}" -matrix_email2matrix_systemd_required_services_list_default: ['docker.service'] +matrix_email2matrix_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_email2matrix_systemd_required_services_list_auto: [] matrix_email2matrix_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-ldap-registration-proxy/defaults/main.yml b/roles/custom/matrix-ldap-registration-proxy/defaults/main.yml index 89b121836..ce9ba1259 100644 --- a/roles/custom/matrix-ldap-registration-proxy/defaults/main.yml +++ b/roles/custom/matrix-ldap-registration-proxy/defaults/main.yml @@ -73,13 +73,13 @@ matrix_ldap_registration_proxy_container_extra_arguments: [] # List of systemd services that matrix-ldap-registration-proxy.service depends on. matrix_ldap_registration_proxy_systemd_required_services_list: "{{ matrix_ldap_registration_proxy_systemd_required_services_list_default + matrix_ldap_registration_proxy_systemd_required_services_list_auto + matrix_ldap_registration_proxy_systemd_required_services_list_custom }}" -matrix_ldap_registration_proxy_systemd_required_services_list_default: ['docker.service'] +matrix_ldap_registration_proxy_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_ldap_registration_proxy_systemd_required_services_list_auto: [] matrix_ldap_registration_proxy_systemd_required_services_list_custom: [] # List of systemd services that matrix-ldap-registration-proxy.service wants matrix_ldap_registration_proxy_systemd_wanted_services_list: "{{ matrix_ldap_registration_proxy_systemd_wanted_services_list_default + matrix_ldap_registration_proxy_systemd_wanted_services_list_auto + matrix_ldap_registration_proxy_systemd_wanted_services_list_custom }}" -matrix_ldap_registration_proxy_systemd_wanted_services_list_default: ['docker.service'] +matrix_ldap_registration_proxy_systemd_wanted_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_ldap_registration_proxy_systemd_wanted_services_list_auto: [] matrix_ldap_registration_proxy_systemd_wanted_services_list_custom: [] diff --git a/roles/custom/matrix-ma1sd/defaults/main.yml b/roles/custom/matrix-ma1sd/defaults/main.yml index cbe68c625..6b593b67a 100644 --- a/roles/custom/matrix-ma1sd/defaults/main.yml +++ b/roles/custom/matrix-ma1sd/defaults/main.yml @@ -35,7 +35,7 @@ matrix_ma1sd_container_extra_arguments: [] # List of systemd services that matrix-ma1sd.service depends on matrix_ma1sd_systemd_required_services_list: "{{ matrix_ma1sd_systemd_required_services_list_default + matrix_ma1sd_systemd_required_services_list_auto + matrix_ma1sd_systemd_required_services_list_custom }}" -matrix_ma1sd_systemd_required_services_list_default: ['docker.service'] +matrix_ma1sd_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_ma1sd_systemd_required_services_list_auto: [] matrix_ma1sd_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-pantalaimon/defaults/main.yml b/roles/custom/matrix-pantalaimon/defaults/main.yml index b8f5c0d4c..22d9a6a32 100644 --- a/roles/custom/matrix-pantalaimon/defaults/main.yml +++ b/roles/custom/matrix-pantalaimon/defaults/main.yml @@ -32,7 +32,7 @@ matrix_pantalaimon_container_extra_arguments: [] # List of systemd services that matrix-pantalaimon.service depends on matrix_pantalaimon_systemd_required_services_list: "{{ matrix_pantalaimon_systemd_required_services_list_default + matrix_pantalaimon_systemd_required_services_list_auto + matrix_pantalaimon_systemd_required_services_list_custom }}" -matrix_pantalaimon_systemd_required_services_list_default: ['docker.service'] +matrix_pantalaimon_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_pantalaimon_systemd_required_services_list_auto: [] matrix_pantalaimon_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml b/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml index 409f70b80..a22787961 100644 --- a/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml +++ b/roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml @@ -72,7 +72,7 @@ matrix_prometheus_nginxlog_exporter_container_extra_arguments: [] # List of systemd services that matrix-prometheus_nginxlog_exporter.service depends on matrix_prometheus_nginxlog_exporter_systemd_required_services_list: "{{ matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom }}" -matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default: ['docker.service'] +matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto: [] matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-registration/defaults/main.yml b/roles/custom/matrix-registration/defaults/main.yml index 6446b5aac..f2b87d942 100644 --- a/roles/custom/matrix-registration/defaults/main.yml +++ b/roles/custom/matrix-registration/defaults/main.yml @@ -66,7 +66,7 @@ matrix_registration_container_extra_arguments: [] # List of systemd services that matrix-registration.service depends on matrix_registration_systemd_required_services_list: "{{ matrix_registration_systemd_required_services_list_default + matrix_registration_systemd_required_services_list_auto + matrix_registration_systemd_required_services_list_custom }}" -matrix_registration_systemd_required_services_list_default: ['docker.service'] +matrix_registration_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_registration_systemd_required_services_list_auto: [] matrix_registration_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 3552dfd7e..a84f956d9 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -17,7 +17,7 @@ matrix_static_files_public_well_known_path: "{{ matrix_static_files_public_path matrix_static_files_public_well_known_matrix_path: "{{ matrix_static_files_public_well_known_path }}/matrix" # List of systemd services that matrix-static-files.service depends on -matrix_static_files_systemd_required_services_list: ['docker.service'] +matrix_static_files_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # List of systemd services that matrix-static-files.service wants matrix_static_files_systemd_wanted_services_list: "{{ matrix_static_files_systemd_wanted_services_list_auto + matrix_static_files_systemd_wanted_services_list_custom }}" diff --git a/roles/custom/matrix-sygnal/defaults/main.yml b/roles/custom/matrix-sygnal/defaults/main.yml index 4efd14721..079dee066 100644 --- a/roles/custom/matrix-sygnal/defaults/main.yml +++ b/roles/custom/matrix-sygnal/defaults/main.yml @@ -20,7 +20,7 @@ matrix_sygnal_config_path: "{{ matrix_sygnal_base_path }}/config" matrix_sygnal_data_path: "{{ matrix_sygnal_base_path }}/data" # List of systemd services that matrix-sygnal.service depends on. -matrix_sygnal_systemd_required_services_list: ['docker.service'] +matrix_sygnal_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # List of systemd services that matrix-sygnal.service wants matrix_sygnal_systemd_wanted_services_list: [] diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index cb20be673..c439c9133 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -73,7 +73,7 @@ matrix_synapse_admin_container_labels_traefik_additional_response_headers_custom matrix_synapse_admin_container_labels_additional_labels: '' # List of systemd services that matrix-synapse-admin.service depends on -matrix_synapse_admin_systemd_required_services_list: ['docker.service'] +matrix_synapse_admin_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # List of systemd services that matrix-synapse-admin.service wants matrix_synapse_admin_systemd_wanted_services_list: [] diff --git a/roles/custom/matrix-synapse-auto-compressor/defaults/main.yml b/roles/custom/matrix-synapse-auto-compressor/defaults/main.yml index 347d9eecb..a321d888f 100644 --- a/roles/custom/matrix-synapse-auto-compressor/defaults/main.yml +++ b/roles/custom/matrix-synapse-auto-compressor/defaults/main.yml @@ -32,7 +32,7 @@ matrix_synapse_auto_compressor_container_extra_arguments: [] # List of systemd services that matrix-synapse-auto-compressor.service depends on matrix_synapse_auto_compressor_systemd_required_services_list: "{{ matrix_synapse_auto_compressor_systemd_required_services_list_default + matrix_synapse_auto_compressor_systemd_required_services_list_auto + matrix_synapse_auto_compressor_systemd_required_services_list_custom }}" -matrix_synapse_auto_compressor_systemd_required_services_list_default: ['docker.service'] +matrix_synapse_auto_compressor_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_synapse_auto_compressor_systemd_required_services_list_auto: [] matrix_synapse_auto_compressor_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml index b3d7d1694..d3db776c8 100644 --- a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml +++ b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml @@ -20,7 +20,7 @@ matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_pr # List of systemd services that matrix-synapse-reverse-proxy-companion.service depends on matrix_synapse_reverse_proxy_companion_systemd_required_services_list: "{{ matrix_synapse_reverse_proxy_companion_systemd_required_services_list_default + matrix_synapse_reverse_proxy_companion_systemd_required_services_list_auto + matrix_synapse_reverse_proxy_companion_systemd_required_services_list_custom }}" -matrix_synapse_reverse_proxy_companion_systemd_required_services_list_default: ['docker.service'] +matrix_synapse_reverse_proxy_companion_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_synapse_reverse_proxy_companion_systemd_required_services_list_auto: [] matrix_synapse_reverse_proxy_companion_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index dba53fdfa..f4364458c 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -310,7 +310,7 @@ matrix_synapse_container_master_extra_arguments: [] # List of systemd services that matrix-synapse.service depends on matrix_synapse_systemd_required_services_list: "{{ matrix_synapse_systemd_required_services_list_default + matrix_synapse_systemd_required_services_list_auto + matrix_synapse_systemd_required_services_list_custom }}" -matrix_synapse_systemd_required_services_list_default: ['docker.service'] +matrix_synapse_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_synapse_systemd_required_services_list_auto: [] matrix_synapse_systemd_required_services_list_custom: [] From b357597a6f0e10deaa382a36c7e877acddab8b91 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 4 Jun 2024 20:57:12 +0300 Subject: [PATCH 07/30] Upgrade Element (v1.11.67 -> v1.11.68) --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index 5b2a33392..633c659f1 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.67 +matrix_client_element_version: v1.11.68 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From 7749048bf807d5fd08e7b00e067d70b06e0526b1 Mon Sep 17 00:00:00 2001 From: CKSit Date: Wed, 5 Jun 2024 23:12:34 +0800 Subject: [PATCH 08/30] Change the hardcoded 'docker.service' to variable name --- group_vars/matrix_servers | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a93926366..6067008ef 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2873,7 +2873,7 @@ backup_borg_location_exclude_patterns: | backup_borg_systemd_required_services_list: | {{ - ['docker.service'] + [devture_systemd_docker_base_docker_service_name] + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) }} @@ -3090,7 +3090,7 @@ matrix_coturn_container_additional_volumes: | matrix_coturn_systemd_required_services_list: | {{ - ['docker.service'] + [devture_systemd_docker_base_docker_service_name] + ([devture_traefik_certs_dumper_identifier + '-wait-for-domain@' + matrix_server_fqn_matrix + '.service'] if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and devture_traefik_certs_dumper_enabled and matrix_coturn_tls_enabled else []) }} @@ -3208,7 +3208,7 @@ etherpad_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certReso etherpad_systemd_required_services_list: | {{ - ['docker.service'] + [devture_systemd_docker_base_docker_service_name] + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else []) }} @@ -5184,7 +5184,7 @@ matrix_user_verification_service_enabled: false matrix_user_verification_service_systemd_required_services_list: | {{ - ['docker.service'] + [devture_systemd_docker_base_docker_service_name] + (['matrix-' + matrix_homeserver_implementation + '.service']) }} @@ -5325,7 +5325,7 @@ devture_traefik_container_additional_networks_auto: | devture_traefik_systemd_required_services_list: | {{ - (['docker.service']) + ([devture_systemd_docker_base_docker_service_name]) + ([devture_container_socket_proxy_identifier + '.service'] if devture_container_socket_proxy_enabled else []) }} From 42247411308bd301b1c093ed132be0512368b885 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 5 Jun 2024 21:22:21 +0300 Subject: [PATCH 09/30] Remove a few remaining hardcoded docker.service references Continuation of 9f2eff2ac799b9144cc2b1809760e1681a8a5b9f Provoked by 7749048bf807d5fd08e7b00e067d70b06e0526b1 (https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3353) --- .../matrix-bridge-appservice-kakaotalk/defaults/main.yml | 7 ++++++- .../custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml | 7 ++++++- roles/custom/matrix-conduit/defaults/main.yml | 2 +- roles/custom/matrix-dendrite/defaults/main.yml | 4 ++-- roles/custom/matrix-media-repo/defaults/main.yml | 2 +- roles/custom/matrix-rageshake/defaults/main.yml | 2 +- roles/custom/matrix-sliding-sync/defaults/main.yml | 2 +- roles/custom/matrix-synapse/defaults/main.yml | 6 ++++++ .../templates/goofys/systemd/matrix-goofys.service.j2 | 5 +++-- 9 files changed, 27 insertions(+), 10 deletions(-) diff --git a/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml index 448211d36..09d6daa2b 100644 --- a/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml @@ -55,7 +55,12 @@ matrix_appservice_kakaotalk_container_extra_arguments: [] # List of systemd services that matrix-appservice-kakaotalk.service depends on. matrix_appservice_kakaotalk_systemd_required_services_list: "{{ matrix_appservice_kakaotalk_systemd_required_services_list_default + matrix_appservice_kakaotalk_systemd_required_services_list_auto + matrix_appservice_kakaotalk_systemd_required_services_list_custom }}" -matrix_appservice_kakaotalk_systemd_required_services_list_default: ['docker.service', 'matrix-appservice-kakaotalk-node.service'] +matrix_appservice_kakaotalk_systemd_required_services_list_default: |- + {{ + ([devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else []) + + + ['matrix-appservice-kakaotalk-node.service'] + }} matrix_appservice_kakaotalk_systemd_required_services_list_auto: [] matrix_appservice_kakaotalk_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml index e378c87ed..51ad2a990 100644 --- a/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml @@ -141,7 +141,12 @@ matrix_mautrix_wsproxy_syncproxy_docker_image: "dock.mau.dev/mautrix/syncproxy:{ matrix_mautrix_wsproxy_syncproxy_docker_image_force_pull: "{{ matrix_mautrix_wsproxy_syncproxy_docker_image.endswith(':latest') }}" matrix_mautrix_wsproxy_syncproxy_container_extra_arguments: [] -matrix_mautrix_wsproxy_syncproxy_systemd_required_services_list: ['docker.service', 'matrix-mautrix-wsproxy.service'] +matrix_mautrix_wsproxy_syncproxy_systemd_required_services_list: |- + {{ + ([devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else []) + + + ['matrix-mautrix-wsproxy.service'] + }} matrix_mautrix_wsproxy_syncproxy_systemd_wanted_services_list: [] matrix_mautrix_wsproxy_syncproxy_homeserver_url: '' diff --git a/roles/custom/matrix-conduit/defaults/main.yml b/roles/custom/matrix-conduit/defaults/main.yml index 215ee4a2a..972471dd0 100644 --- a/roles/custom/matrix-conduit/defaults/main.yml +++ b/roles/custom/matrix-conduit/defaults/main.yml @@ -23,7 +23,7 @@ matrix_conduit_tmp_directory_size_mb: 500 # List of systemd services that matrix-conduit.service depends on matrix_conduit_systemd_required_services_list: "{{ matrix_conduit_systemd_required_services_list_default + matrix_conduit_systemd_required_services_list_auto + matrix_conduit_systemd_required_services_list_custom }}" -matrix_conduit_systemd_required_services_list_default: ["docker.service"] +matrix_conduit_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_conduit_systemd_required_services_list_auto: [] matrix_conduit_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-dendrite/defaults/main.yml b/roles/custom/matrix-dendrite/defaults/main.yml index 356860a04..0d78ebbea 100644 --- a/roles/custom/matrix-dendrite/defaults/main.yml +++ b/roles/custom/matrix-dendrite/defaults/main.yml @@ -178,13 +178,13 @@ matrix_dendrite_process_extra_arguments: [] # List of systemd services that matrix-dendrite.service depends on matrix_dendrite_systemd_required_services_list: "{{ matrix_dendrite_systemd_required_services_list_default + matrix_dendrite_systemd_required_services_list_auto + matrix_dendrite_systemd_required_services_list_custom }}" -matrix_dendrite_systemd_required_services_list_default: ["docker.service"] +matrix_dendrite_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_dendrite_systemd_required_services_list_auto: [] matrix_dendrite_systemd_required_services_list_custom: [] # List of systemd services that matrix-dendrite.service wants matrix_dendrite_systemd_wanted_services_list: "{{ matrix_dendrite_systemd_wanted_services_list_default + matrix_dendrite_systemd_wanted_services_list_auto + matrix_dendrite_systemd_wanted_services_list_custom }}" -matrix_dendrite_systemd_wanted_services_list_default: ["docker.service"] +matrix_dendrite_systemd_wanted_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_dendrite_systemd_wanted_services_list_auto: [] matrix_dendrite_systemd_wanted_services_list_custom: [] diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index cb4de902b..e2f6a71a9 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -29,7 +29,7 @@ matrix_media_repo_docker_src_files_path: "{{ matrix_media_repo_base_path }}/dock # List of systemd services that matrix-media-repo.service depends on matrix_media_repo_systemd_required_services_list: "{{ matrix_media_repo_systemd_required_services_list_default + matrix_media_repo_systemd_required_services_list_auto + matrix_media_repo_systemd_required_services_list_custom }}" -matrix_media_repo_systemd_required_services_list_default: ["docker.service"] +matrix_media_repo_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_media_repo_systemd_required_services_list_auto: [] matrix_media_repo_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-rageshake/defaults/main.yml b/roles/custom/matrix-rageshake/defaults/main.yml index 9289f0dd9..bbd271ec0 100644 --- a/roles/custom/matrix-rageshake/defaults/main.yml +++ b/roles/custom/matrix-rageshake/defaults/main.yml @@ -81,7 +81,7 @@ matrix_rageshake_container_labels_additional_labels: '' matrix_rageshake_container_extra_arguments: [] # List of systemd services that matrix-rageshake.service depends on -matrix_rageshake_systemd_required_services_list: ["docker.service"] +matrix_rageshake_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" # List of systemd services that matrix-rageshake.service wants matrix_rageshake_systemd_wanted_services_list: [] diff --git a/roles/custom/matrix-sliding-sync/defaults/main.yml b/roles/custom/matrix-sliding-sync/defaults/main.yml index 2311c1835..d0f0b3028 100644 --- a/roles/custom/matrix-sliding-sync/defaults/main.yml +++ b/roles/custom/matrix-sliding-sync/defaults/main.yml @@ -73,7 +73,7 @@ matrix_sliding_sync_container_extra_arguments: [] # List of systemd services that matrix-sliding-sync-proxy.service depends on matrix_sliding_sync_systemd_required_services_list: "{{ matrix_sliding_sync_systemd_required_services_list_default + matrix_sliding_sync_systemd_required_services_list_auto + matrix_sliding_sync_systemd_required_services_list_custom }}" -matrix_sliding_sync_systemd_required_services_list_default: ["docker.service"] +matrix_sliding_sync_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" matrix_sliding_sync_systemd_required_services_list_auto: [] matrix_sliding_sync_systemd_required_services_list_custom: [] diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index f4364458c..29021ddf1 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -320,6 +320,12 @@ matrix_synapse_systemd_wanted_services_list_default: [] matrix_synapse_systemd_wanted_services_list_auto: [] matrix_synapse_systemd_wanted_services_list_custom: [] +# List of systemd services that matrix-goofys.service depends on +matrix_synapse_goofys_systemd_required_services_list: "{{ matrix_synapse_goofys_systemd_required_services_list_default + matrix_synapse_goofys_systemd_required_services_list_auto + matrix_synapse_goofys_systemd_required_services_list_custom }}" +matrix_synapse_goofys_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}" +matrix_synapse_goofys_systemd_required_services_list_auto: [] +matrix_synapse_goofys_systemd_required_services_list_custom: [] + # Controls how long to sleep for after starting the matrix-synapse container. # # Delaying, so that the homeserver can manage to fully start and various services diff --git a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 index d6094815e..a4b74e67f 100644 --- a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 @@ -1,8 +1,9 @@ #jinja2: lstrip_blocks: "True" [Unit] Description=Matrix Goofys media store -After=docker.service -Requires=docker.service +{% for service in matrix_synapse_goofys_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} DefaultDependencies=no [Service] From 42b00fdff41308af363256e95b47e43bedfc8c81 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 6 Jun 2024 09:01:17 +0300 Subject: [PATCH 10/30] Fix container image repository name for matrix-media-repo Fixup for f97e8490182a99c2a1c11a4c0f262da12ac3961a Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3354 --- roles/custom/matrix-media-repo/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index e2f6a71a9..a09744401 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -15,10 +15,10 @@ matrix_media_repo_identifier: matrix-media-repo matrix_media_repo_container_image_self_build: false matrix_media_repo_container_image_self_build_repo: "https://github.com/turt2live/matrix-media-repo.git" -matrix_media_repo_docker_image_path: "turt2live/matrix-media-repo" +matrix_media_repo_docker_image_path: "t2bot/matrix-media-repo" matrix_media_repo_docker_image: "{{ matrix_media_repo_docker_image_name_prefix }}{{ matrix_media_repo_docker_image_path }}:{{ matrix_media_repo_docker_image_tag }}" matrix_media_repo_docker_image_name_prefix: "{{ 'localhost/' if matrix_media_repo_container_image_self_build else 'ghcr.io/' }}" -# renovate: datasource=docker depName=turt2live/matrix-media-repo +# renovate: datasource=docker depName=ghcr.io/t2bot/matrix-media-repo matrix_media_repo_docker_image_tag: "v1.3.4" matrix_media_repo_docker_image_force_pull: "{{ matrix_media_repo_docker_image.endswith(':latest') }}" From 247daf962fb2aeb1f0c0f5d48bab5a82c6b3462b Mon Sep 17 00:00:00 2001 From: Jim Myhrberg Date: Mon, 10 Jun 2024 22:14:29 +0100 Subject: [PATCH 11/30] fix(synapse/goofys): resolve Jinja2 syntax error in systemd service template Commit 42247411308bd301b1c093ed132be0512368b885 missed a endfor statement in the goofys systemd service unit template. This adds it, avoiding a Jinja2 syntax error when using goofys. --- .../templates/goofys/systemd/matrix-goofys.service.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 index a4b74e67f..0f7a83620 100644 --- a/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ b/roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 @@ -4,6 +4,7 @@ Description=Matrix Goofys media store {% for service in matrix_synapse_goofys_systemd_required_services_list %} Requires={{ service }} After={{ service }} +{% endfor %} DefaultDependencies=no [Service] From 222d0c4604a3936c706bedc899db0413523dc377 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 11 Jun 2024 08:24:20 +0300 Subject: [PATCH 12/30] Upgrade Traefik (v2.11.2-1 -> v2.11.4-0) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 24135bbc5..66868afd6 100644 --- a/requirements.yml +++ b/requirements.yml @@ -70,7 +70,7 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/devture/com.devture.ansible.role.traefik.git - version: v2.11.2-1 + version: v2.11.4-0 name: traefik - src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git version: v2.8.3-2 From 3a0cb01d6cf7180802d43cab4ffc180e6d9d9a35 Mon Sep 17 00:00:00 2001 From: Kim Brose <2803622+HarHarLinks@users.noreply.github.com> Date: Tue, 11 Jun 2024 19:25:28 +0200 Subject: [PATCH 13/30] Fix docs typo --- docs/maintenance-postgres.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/maintenance-postgres.md b/docs/maintenance-postgres.md index 1c162cb0e..4350a6a50 100644 --- a/docs/maintenance-postgres.md +++ b/docs/maintenance-postgres.md @@ -111,7 +111,7 @@ You can manually influence some of the tuning variables . These parameters (vari Most users should be fine with the automatically-done tuning. However, you may wish to: -- **adjust the automatically-deterimned tuning parameters manually**: change the values for the tuning variables defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) (see `devture_postgres_max_connections`, `devture_postgres_data_storage` etc). These variables are ultimately passed to Postgres via a `devture_postgres_postgres_process_extra_arguments_auto` variable +- **adjust the automatically-determined tuning parameters manually**: change the values for the tuning variables defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) (see `devture_postgres_max_connections`, `devture_postgres_data_storage` etc). These variables are ultimately passed to Postgres via a `devture_postgres_postgres_process_extra_arguments_auto` variable - **turn automatically-performed tuning off**: override it like this: `devture_postgres_postgres_process_extra_arguments_auto: []` From 7f47ba4b3dfba258c953e6e0126729509b08abeb Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 12 Jun 2024 19:56:03 +0000 Subject: [PATCH 14/30] chore(deps): update matrixconduit/matrix-conduit docker tag to v0.8.0 --- roles/custom/matrix-conduit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-conduit/defaults/main.yml b/roles/custom/matrix-conduit/defaults/main.yml index 972471dd0..9e75820d8 100644 --- a/roles/custom/matrix-conduit/defaults/main.yml +++ b/roles/custom/matrix-conduit/defaults/main.yml @@ -10,7 +10,7 @@ matrix_conduit_hostname: '' matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix }}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}" matrix_conduit_docker_image_name_prefix: "docker.io/" # renovate: datasource=docker depName=matrixconduit/matrix-conduit -matrix_conduit_docker_image_tag: "v0.7.0" +matrix_conduit_docker_image_tag: "v0.8.0" matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}" matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit" From cc70ece99b4723ce4d78c6641d13b0b72da7c8c2 Mon Sep 17 00:00:00 2001 From: HarHarLinks Date: Mon, 10 Jun 2024 23:30:22 +0200 Subject: [PATCH 15/30] sliding sync metrics support --- ...configuring-playbook-prometheus-grafana.md | 2 ++ group_vars/matrix_servers | 11 ++++++- .../matrix-sliding-sync/defaults/main.yml | 25 +++++++++++++++ .../tasks/validate_config.yml | 16 +++++----- .../matrix-sliding-sync/templates/env.j2 | 4 +++ .../matrix-sliding-sync/templates/labels.j2 | 31 +++++++++++++++++++ 6 files changed, 81 insertions(+), 8 deletions(-) diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 8b01009b7..6f127ca36 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -79,6 +79,8 @@ Name | Description `prometheus_postgres_exporter_enabled`|Set this to `true` to enable the [Postgres exporter](configuring-playbook-prometheus-postgres.md) (locally, on the container network) `prometheus_postgres_exporter_container_labels_traefik_enabled`|Set this to `true` to expose the [Postgres exporter](configuring-playbook-prometheus-postgres.md) metrics on `https://matrix.DOMAIN/metrics/postgres-exporter`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `matrix_prometheus_nginxlog_exporter_enabled`|Set this to `true` to enable the [NGINX Log exporter](configuring-playbook-prometheus-nginxlog.md) (locally, on the container network) +`matrix_sliding_sync_metrics_enabled`|Set this to `true` to make [Sliding Sync](configuring-playbook-sliding-sync-proxy.md) expose metrics (locally, on the container network) +`matrix_sliding_sync_metrics_proxying_enabled`|Set this to `true` to expose the [Sliding Sync](configuring-playbook-sliding-sync-proxy.md) metrics on `https://matrix.DOMAIN/metrics/sliding-sync`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `matrix_bridge_hookshot_metrics_enabled`|Set this to `true` to make [Hookshot](configuring-playbook-bridge-hookshot.md) expose metrics (locally, on the container network) `matrix_bridge_hookshot_metrics_proxying_enabled`|Set this to `true` to expose the [Hookshot](configuring-playbook-bridge-hookshot.md) metrics on `https://matrix.DOMAIN/metrics/hookshot`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above. `matrix_SERVICE_metrics_proxying_enabled`|Various other services/roles may provide similar `_metrics_enabled` and `_metrics_proxying_enabled` variables for exposing their metrics. Refer to each role for details. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above or `matrix_SERVICE_container_labels_metrics_middleware_basic_auth_enabled`/`matrix_SERVICE_container_labels_metrics_middleware_basic_auth_users` variables provided by each role. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 6067008ef..284ed497a 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4941,6 +4941,9 @@ matrix_sliding_sync_container_labels_traefik_docker_network: "{{ matrix_playbook matrix_sliding_sync_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" matrix_sliding_sync_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" +matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}" +matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}" + matrix_sliding_sync_systemd_required_services_list_auto: | {{ matrix_homeserver_systemd_services_list @@ -4954,7 +4957,13 @@ matrix_sliding_sync_environment_variable_syncv3_secret: "{{ '%s' | format(matrix matrix_sliding_sync_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}" matrix_sliding_sync_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ss.db', rounds=655555) | to_uuid }}" -###################################################################### +matrix_sliding_sync_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}" + +matrix_sliding_sync_metrics_proxying_enabled: "{{ matrix_sliding_sync_metrics_enabled and matrix_metrics_exposure_enabled }}" +matrix_sliding_sync_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}" +matrix_sliding_sync_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/sliding-sync" + +##################################################################### # # /matrix-sliding-sync # diff --git a/roles/custom/matrix-sliding-sync/defaults/main.yml b/roles/custom/matrix-sliding-sync/defaults/main.yml index d0f0b3028..3594e90ff 100644 --- a/roles/custom/matrix-sliding-sync/defaults/main.yml +++ b/roles/custom/matrix-sliding-sync/defaults/main.yml @@ -38,6 +38,16 @@ matrix_sliding_sync_container_network: '' # Use this to expose this container to another reverse proxy, which runs in a different container network. matrix_sliding_sync_container_additional_networks: [] +# Enable the exposure of metrics to Prometheus +# See https://github.com/matrix-org/sliding-sync/tree/main/grafana +matrix_sliding_sync_metrics_enabled: false +matrix_sliding_sync_metrics_port: 2112 + +# Controls whether Sliding Sync metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/sliding-sync` +matrix_sliding_sync_metrics_proxying_enabled: false +matrix_sliding_sync_metrics_proxying_hostname: '' +matrix_sliding_sync_metrics_proxying_path: /metrics/sliding-sync + # matrix_sliding_sync_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container. # See `../templates/labels.j2` for details. # @@ -53,6 +63,18 @@ matrix_sliding_sync_container_labels_traefik_entrypoints: web-secure matrix_sliding_sync_container_labels_traefik_tls: "{{ matrix_sliding_sync_container_labels_traefik_entrypoints != 'web' }}" matrix_sliding_sync_container_labels_traefik_tls_certResolver: default # noqa var-naming +# Controls whether labels will be added that expose metrics (see `matrix_sliding_sync_metrics_proxying_enabled`) for Sliding Sync +matrix_sliding_sync_container_labels_public_metrics_enabled: "{{ matrix_sliding_sync_metrics_enabled and matrix_sliding_sync_metrics_proxying_enabled }}" +matrix_sliding_sync_container_labels_public_metrics_traefik_path: "{{ matrix_sliding_sync_metrics_proxying_path }}" +matrix_sliding_sync_container_labels_public_metrics_traefik_rule: "Host(`{{ matrix_sliding_sync_metrics_proxying_hostname }}`) && Path(`{{ matrix_sliding_sync_container_labels_public_metrics_traefik_path }}`)" +matrix_sliding_sync_container_labels_public_metrics_traefik_priority: 0 +matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints: "{{ matrix_sliding_sync_container_labels_traefik_entrypoints }}" +matrix_sliding_sync_container_labels_public_metrics_traefik_tls: "{{ matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints != 'web' }}" +matrix_sliding_sync_container_labels_public_metrics_traefik_tls_certResolver: "{{ matrix_sliding_sync_container_labels_traefik_tls_certResolver }}" # noqa var-naming +matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled: false +# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users +matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users: '' + # Controls which additional headers to attach to all HTTP responses. # To add your own headers, use `matrix_sliding_sync_container_labels_traefik_additional_response_headers_custom` matrix_sliding_sync_container_labels_traefik_additional_response_headers: "{{ matrix_sliding_sync_container_labels_traefik_additional_response_headers_auto | combine(matrix_sliding_sync_container_labels_traefik_additional_response_headers_custom) }}" @@ -89,6 +111,9 @@ matrix_sliding_sync_environment_variable_syncv3_secret: '' # Controls the SYNCV3_DB environment variable matrix_sliding_sync_environment_variable_syncv3_db: 'user={{ matrix_sliding_sync_database_username }} password={{ matrix_sliding_sync_database_password }} host={{ matrix_sliding_sync_database_hostname }} port={{ matrix_sliding_sync_database_port }} dbname={{ matrix_sliding_sync_database_name }} sslmode={{ matrix_sliding_sync_database_sslmode }}' +# Controls the SYNCV3_PROM environment variable +matrix_sliding_sync_environment_variable_syncv3_prom: ':{{ matrix_sliding_sync_metrics_port }}' + # Additional environment variables. matrix_sliding_sync_environment_variables_additional_variables: '' diff --git a/roles/custom/matrix-sliding-sync/tasks/validate_config.yml b/roles/custom/matrix-sliding-sync/tasks/validate_config.yml index 08a6e409a..8b1fee201 100644 --- a/roles/custom/matrix-sliding-sync/tasks/validate_config.yml +++ b/roles/custom/matrix-sliding-sync/tasks/validate_config.yml @@ -3,11 +3,13 @@ ansible.builtin.fail: msg: > You need to define a required configuration setting (`{{ item.name }}`). - when: "vars[item] == ''" + when: "item.when | bool and vars[item.name] == ''" with_items: - - matrix_sliding_sync_hostname - - matrix_sliding_sync_path_prefix - - matrix_sliding_sync_database_hostname - - matrix_sliding_sync_environment_variable_syncv3_server - - matrix_sliding_sync_environment_variable_syncv3_secret - - matrix_sliding_sync_container_network + - {'name': 'matrix_sliding_sync_hostname', when: true} + - {'name': 'matrix_sliding_sync_path_prefix', when: true} + - {'name': 'matrix_sliding_sync_database_hostname', when: true} + - {'name': 'matrix_sliding_sync_environment_variable_syncv3_server', when: true} + - {'name': 'matrix_sliding_sync_environment_variable_syncv3_secret', when: true} + - {'name': 'matrix_sliding_sync_container_network', when: true} + - {'name': 'matrix_sliding_sync_metrics_proxying_hostname', when: "{{ matrix_sliding_sync_metrics_proxying_enabled }}"} + - {'name': 'matrix_sliding_sync_metrics_proxying_path_prefix', when: "{{ matrix_sliding_sync_metrics_proxying_enabled }}"} diff --git a/roles/custom/matrix-sliding-sync/templates/env.j2 b/roles/custom/matrix-sliding-sync/templates/env.j2 index 5d800a1b3..352e7d958 100644 --- a/roles/custom/matrix-sliding-sync/templates/env.j2 +++ b/roles/custom/matrix-sliding-sync/templates/env.j2 @@ -3,4 +3,8 @@ SYNCV3_SECRET={{ matrix_sliding_sync_environment_variable_syncv3_secret }} SYNCV3_BINDADDR=:8008 SYNCV3_DB={{ matrix_sliding_sync_environment_variable_syncv3_db }} +{% if matrix_sliding_sync_metrics_enabled %} +SYNCV3_PROM={{ matrix_sliding_sync_environment_variable_syncv3_prom }} +{% endif %} + {{ matrix_sliding_sync_environment_variables_additional_variables }} diff --git a/roles/custom/matrix-sliding-sync/templates/labels.j2 b/roles/custom/matrix-sliding-sync/templates/labels.j2 index aecc5a8a9..736a94354 100644 --- a/roles/custom/matrix-sliding-sync/templates/labels.j2 +++ b/roles/custom/matrix-sliding-sync/templates/labels.j2 @@ -6,6 +6,7 @@ traefik.docker.network={{ matrix_sliding_sync_container_labels_traefik_docker_ne {% endif %} traefik.http.services.matrix-sliding-sync.loadbalancer.server.port=8008 +traefik.http.services.matrix-sliding-sync-metrics.loadbalancer.server.port={{ matrix_sliding_sync_metrics_port }} {% set middlewares = [] %} @@ -41,6 +42,36 @@ traefik.http.routers.matrix-sliding-sync.tls={{ matrix_sliding_sync_container_la traefik.http.routers.matrix-sliding-sync.tls.certResolver={{ matrix_sliding_sync_container_labels_traefik_tls_certResolver }} {% endif %} +{% if matrix_sliding_sync_container_labels_public_metrics_enabled %} +{% set metrics_middlewares = [] %} + +{% if matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled %} +{% set metrics_middlewares = metrics_middlewares + ['matrix-sliding-sync-metrics-basic-auth'] %} +traefik.http.middlewares.matrix-sliding-sync-metrics-basic-auth.basicauth.users={{ matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users }} +{% endif %} + +{% set metrics_middlewares = metrics_middlewares + ['matrix-sliding-sync-metrics-replacepath'] %} +traefik.http.middlewares.matrix-sliding-sync-metrics-replacepath.replacepath.path=/metrics + +traefik.http.routers.matrix-sliding-sync-metrics.rule={{ matrix_sliding_sync_container_labels_public_metrics_traefik_rule }} + +{% if metrics_middlewares | length > 0 %} +traefik.http.routers.matrix-sliding-sync-metrics.middlewares={{ metrics_middlewares | join(',') }} +{% endif %} + +{% if matrix_sliding_sync_container_labels_public_metrics_traefik_priority | int > 0 %} +traefik.http.routers.matrix-sliding-sync-metrics.priority={{ matrix_sliding_sync_container_labels_public_metrics_traefik_priority }} +{% endif %} + +traefik.http.routers.matrix-sliding-sync-metrics.service=matrix-sliding-sync-metrics +traefik.http.routers.matrix-sliding-sync-metrics.entrypoints={{ matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints }} + +traefik.http.routers.matrix-sliding-sync-metrics.tls={{ matrix_sliding_sync_container_labels_public_metrics_traefik_tls | to_json }} +{% if matrix_sliding_sync_container_labels_public_metrics_traefik_tls %} +traefik.http.routers.matrix-sliding-sync-metrics.tls.certResolver={{ matrix_sliding_sync_container_labels_public_metrics_traefik_tls_certResolver }} +{% endif %} +{% endif %} + {% endif %} {{ matrix_sliding_sync_container_labels_additional_labels }} From 58a99502aba0ba87e527cec34a79c56883f5a04c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 16 Jun 2024 21:59:30 +0000 Subject: [PATCH 16/30] chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.4.2 --- roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml index b6c6cb416..8bed67c8f 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages -matrix_mautrix_gmessages_version: v0.4.1 +matrix_mautrix_gmessages_version: v0.4.2 # See: https://mau.dev/mautrix/gmessages/container_registry matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_name_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}" From 9b9a8e67cfd7b612c00030089aa2b8107f6f1278 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 16 Jun 2024 21:59:34 +0000 Subject: [PATCH 17/30] chore(deps): update dock.mau.dev/mautrix/signal docker tag to v0.6.2 --- roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml index ca209ea30..8f944c909 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/ matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal -matrix_mautrix_signal_version: v0.6.1 +matrix_mautrix_signal_version: v0.6.2 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}" From 846a90e7919e0b922f9bc8c0f44512a6aa1ab880 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 01:12:09 +0000 Subject: [PATCH 18/30] chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.10.8 --- roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml index dc2e45704..d3ebe5c76 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp -matrix_mautrix_whatsapp_version: v0.10.7 +matrix_mautrix_whatsapp_version: v0.10.8 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" From 9af4b491fab92d57fd63f6e60a23c14b4c1b2658 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 18 Jun 2024 15:19:22 +0300 Subject: [PATCH 19/30] Upgrade Synapse (v1.108.0 -> v1.109.0) --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 29021ddf1..99249e077 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -16,7 +16,7 @@ matrix_synapse_enabled: true matrix_synapse_github_org_and_repo: element-hq/synapse # renovate: datasource=docker depName=ghcr.io/element-hq/synapse -matrix_synapse_version: v1.108.0 +matrix_synapse_version: v1.109.0 matrix_synapse_username: '' matrix_synapse_uid: '' From 09d9db561718aa8a8d60f2ebaaae56e2acb52df7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 18 Jun 2024 15:40:07 +0300 Subject: [PATCH 20/30] Add variables for controlling the native auto-accept-invites Synapse feature Related to https://github.com/element-hq/synapse/pull/17147 --- ...ing-playbook-synapse-auto-accept-invite.md | 31 ++++++++++++++++--- roles/custom/matrix-synapse/defaults/main.yml | 25 +++++++++++++++ .../matrix-synapse/tasks/validate_config.yml | 12 +++++++ .../templates/synapse/homeserver.yaml.j2 | 8 ++++- 4 files changed, 71 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-synapse-auto-accept-invite.md b/docs/configuring-playbook-synapse-auto-accept-invite.md index ccc4b0c33..e380d4f93 100644 --- a/docs/configuring-playbook-synapse-auto-accept-invite.md +++ b/docs/configuring-playbook-synapse-auto-accept-invite.md @@ -5,7 +5,12 @@ The playbook can install and configure [synapse-auto-invite-accept](https://gith See that project's [documentation](https://github.com/matrix-org/synapse-auto-accept-invite) to learn what it does and why it might be useful to you. In short, it automatically accepts room invites. You can specify that only 1:1 room invites are auto-accepted. Defaults to false if not specified. -If you decide that you'd like to let this playbook install it for you, you need a configuration like this: +**NOTE**: Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the same feature [has been merged](https://github.com/element-hq/synapse/pull/17147) into Synapse (see the [Native alternative](#native-alternative) section below). You'd better use the native feature, instead of the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module. + + +## Configuration + +If you decide that you'd like to let this playbook install the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite module for you, you need a configuration like this: ```yaml matrix_synapse_ext_synapse_auto_accept_invite_enabled: true @@ -13,12 +18,30 @@ matrix_synapse_ext_synapse_auto_accept_invite_enabled: true matrix_synapse_ext_synapse_auto_accept_invite_accept_invites_only_direct_messages: true ``` -## Synapse worker deployments +### Synapse worker deployments -In a [workerized Synapse deployment](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/c9a842147e09647c355799ca024d65a5de66b099/docs/configuring-playbook-synapse.md#load-balancing-with-workers) it is possible to run this module on a worker to reduce the load on the main process (Default is 'null'). For example add this to your configuration: +In a [workerized Synapse deployment](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/c9a842147e09647c355799ca024d65a5de66b099/docs/configuring-playbook-synapse.md#load-balancing-with-workers) it is possible to run this module on a worker to reduce the load on the main process (Default is `null`). For example, add this to your configuration: ```yaml matrix_synapse_ext_synapse_auto_accept_invite_worker_to_run_on: 'matrix-synapse-worker-generic-0' ``` -There might be an [issue with federation](https://github.com/matrix-org/synapse-auto-accept-invite/issues/18). \ No newline at end of file +There might be an [issue with federation](https://github.com/matrix-org/synapse-auto-accept-invite/issues/18). + + +## Native alternative + +Since Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the functionality provided by the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module [has been made](https://github.com/element-hq/synapse/pull/17147) part of Synapse. + +Here's example configuration for using the **native** Synapse feature: + +```yml +matrix_synapse_auto_accept_invites_enabled: true + +# Default settings below. Uncomment and adjust if necessary. +# matrix_synapse_auto_accept_invites_only_for_direct_messages: false +# matrix_synapse_auto_accept_invites_only_from_local_users: false + +# If workers are enabled, you may delegate usage to a specific worker. +# matrix_synapse_auto_accept_invites_worker_to_run_on: 'matrix-synapse-worker-generic-0' +``` diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 99249e077..4c8465077 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -543,6 +543,27 @@ matrix_synapse_auto_join_rooms: [] # automatically if they don't already exist. matrix_synapse_autocreate_auto_join_rooms: true +# Controls whether room invites will be accepted on behalf of users. +# See: https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#auto-accept-invites +# This should not be used together with the `synapse_auto_accept_invite` module (see `matrix_synapse_ext_synapse_auto_accept_invite_enabled`). +# Also see: +# - `matrix_synapse_auto_accept_invites_only_for_direct_messages` +# - `matrix_synapse_auto_accept_invites_only_from_local_users` +# - `matrix_synapse_auto_accept_invites_worker_to_run_on` +matrix_synapse_auto_accept_invites_enabled: false + +# Controls whether auto-invite acceptance should only be done for direct messages. +# Related to: `matrix_synapse_auto_accept_invites_enabled` +matrix_synapse_auto_accept_invites_only_for_direct_messages: false + +# Controls whether auto-invite acceptance should only be done when the invitatio nis coming from a local user. +# Related to: `matrix_synapse_auto_accept_invites_enabled` +matrix_synapse_auto_accept_invites_only_from_local_users: false + +# When Synapse workers enabled it is possible (but not required) to assign a worker to run the auto-accept-invites feature on (null = main process). +# Related to: `matrix_synapse_auto_accept_invites_enabled` +matrix_synapse_auto_accept_invites_worker_to_run_on: null + # Controls whether password authentication is allowed # It may be useful when you've configured OAuth, SAML or CAS and want authentication # to happen only through them @@ -1228,6 +1249,10 @@ matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count: 0 matrix_synapse_ext_synapse_s3_storage_provider_periodic_migration_schedule: '*-*-* 05:00:00' # Synapse module to automatically accept room invites. +# +# Since Synapse v1.109.0 (https://github.com/element-hq/synapse/pull/17147), +# this functionality has been merged into Synapse. See `matrix_synapse_auto_accept_invites_enabled`. +# # See: https://github.com/matrix-org/synapse-auto-accept-invite # Installing it requires building a customized Docker image for Synapse (see `matrix_synapse_container_image_customizations_enabled`). # Enabling this will enable customizations and inject the appropriate Dockerfile clauses for installing synapse-auto-accept-invite. diff --git a/roles/custom/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml index d29a70b1d..4a3727733 100644 --- a/roles/custom/matrix-synapse/tasks/validate_config.yml +++ b/roles/custom/matrix-synapse/tasks/validate_config.yml @@ -121,3 +121,15 @@ when: "matrix_synapse_container_image_customizations_templates_git_repository_keyscan_enabled | bool and vars[item] == ''" with_items: - matrix_synapse_container_image_customizations_templates_git_repository_keyscan_hostname + + +- name: Fail when auto-accept-invite enabled as a native feature and a module at the same time + ansible.builtin.fail: + msg: >- + Your configuration enables the auto-accept invites feature both as a native Synapse feature (`matrix_synapse_auto_accept_invites_enabled`) and a 3rd party module (`matrix_synapse_ext_synapse_auto_accept_invite_enabled`). + This is unnecessary, since they both do the same and the native feature is built on top of the 3rd party module anyway. + Enabling both at the same time will lead to issues. + We recommend leaving `matrix_synapse_auto_accept_invites_enabled` in your configuration and removing `matrix_synapse_ext_synapse_auto_accept_invite_enabled`. + when: + - matrix_synapse_auto_accept_invites_enabled + - matrix_synapse_ext_synapse_auto_accept_invite_enabled diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 7193f9529..dc9970ec9 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1550,6 +1550,12 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json # #auto_join_rooms_for_guests: false +auto_accept_invites: + enabled: {{ matrix_synapse_auto_accept_invites_enabled | to_json }} + only_for_direct_messages: {{ matrix_synapse_auto_accept_invites_only_for_direct_messages | to_json }} + only_from_local_users: {{ matrix_synapse_auto_accept_invites_only_from_local_users | to_json }} + worker_to_run_on: {{ matrix_synapse_auto_accept_invites_worker_to_run_on | to_json }} + # Whether to inhibit errors raised when registering a new account if the user ID # already exists. If turned on, that requests to /register/available will always # show a user ID as available, and Synapse won't raise an error when starting @@ -1565,7 +1571,7 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json # Enable collection and rendering of performance metrics # -enable_metrics: {{ matrix_synapse_metrics_enabled|to_json }} +enable_metrics: {{ matrix_synapse_metrics_enabled|to_json }} # Enable sentry integration # NOTE: While attempts are made to ensure that the logs don't contain From 145acb228e98dba8a7bc11b61e2f79ead3765cab Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 12:48:02 +0000 Subject: [PATCH 21/30] chore(deps): update vectorim/element-web docker tag to v1.11.69 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index 633c659f1..1444dd114 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.68 +matrix_client_element_version: v1.11.69 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From 3b15a0100bf70e7110a099522f13041baac2323a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 19 Jun 2024 08:26:15 +0000 Subject: [PATCH 22/30] chore(deps): update joseluisq/static-web-server docker tag to v2.32.0 --- roles/custom/matrix-cactus-comments-client/defaults/main.yml | 2 +- roles/custom/matrix-static-files/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-cactus-comments-client/defaults/main.yml b/roles/custom/matrix-cactus-comments-client/defaults/main.yml index 66052a49d..b366f4386 100644 --- a/roles/custom/matrix-cactus-comments-client/defaults/main.yml +++ b/roles/custom/matrix-cactus-comments-client/defaults/main.yml @@ -13,7 +13,7 @@ matrix_cactus_comments_client_public_path: "{{ matrix_cactus_comments_client_bas matrix_cactus_comments_client_public_path_file_permissions: "0644" # renovate: datasource=docker depName=joseluisq/static-web-server -matrix_cactus_comments_client_version: 2.31.1 +matrix_cactus_comments_client_version: 2.32.0 matrix_cactus_comments_client_container_image: "{{ matrix_container_global_registry_prefix }}joseluisq/static-web-server:{{ matrix_cactus_comments_client_container_image_tag }}" matrix_cactus_comments_client_container_image_tag: "{{ 'latest' if matrix_cactus_comments_client_version == 'latest' else (matrix_cactus_comments_client_version + '-alpine') }}" diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index a84f956d9..9e867df16 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -8,7 +8,7 @@ matrix_static_files_enabled: true matrix_static_files_identifier: matrix-static-files # renovate: datasource=docker depName=joseluisq/static-web-server -matrix_static_files_version: 2.31.1 +matrix_static_files_version: 2.32.0 matrix_static_files_base_path: "{{ matrix_base_data_path }}/{{ 'static-files' if matrix_static_files_identifier == 'matrix-static-files' else matrix_static_files_identifier }}" matrix_static_files_config_path: "{{ matrix_static_files_base_path }}/config" From 3140d56e159bd3b235ec345f01f143047537b722 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 19 Jun 2024 10:56:31 +0000 Subject: [PATCH 23/30] chore(deps): update dependency prometheus to v2.53.0-0 --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 66868afd6..c9dc95760 100644 --- a/requirements.yml +++ b/requirements.yml @@ -49,7 +49,7 @@ version: 8c3585fb4857dbac026b2974bb6525289240effb name: postgres_backup - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git - version: v2.52.0-1 + version: v2.53.0-0 name: prometheus - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git version: v1.8.1-1 From a508d2a069a11eb15bafeb73e2a38505dc89275f Mon Sep 17 00:00:00 2001 From: Fabio Bonelli Date: Wed, 19 Jun 2024 13:58:10 +0200 Subject: [PATCH 24/30] Make maubot automatically create its own user. --- docs/configuring-playbook-bot-maubot.md | 10 +++++++++- group_vars/matrix_servers | 6 ++++++ roles/custom/matrix-bot-maubot/defaults/main.yml | 5 +++++ 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index bf2b1d14b..a8c6dcb61 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -27,9 +27,17 @@ maubot administration interface. After configuring the playbook, run the [installation](installing.md) command again: ``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start ``` +**Notes**: + +- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account + +- if you change the bot password (`matrix_bot_maubot_initial_password` in your `vars.yml` file) subsequently, + the bot user's credentials on the homeserver won't be updated automatically. + If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it. + ## Usage You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 284ed497a..f84bf4e55 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -5174,6 +5174,12 @@ matrix_user_creator_users_auto: | 'initial_password': matrix_bot_buscarron_password, 'initial_type': 'bot', }] if matrix_bot_buscarron_enabled else []) + + + ([{ + 'username': matrix_bot_maubot_login, + 'initial_password': matrix_bot_maubot_initial_password, + 'initial_type': 'bot', + }] if matrix_bot_maubot_enabled else []) }} ###################################################################### diff --git a/roles/custom/matrix-bot-maubot/defaults/main.yml b/roles/custom/matrix-bot-maubot/defaults/main.yml index 183ceabcb..c0b6ca519 100644 --- a/roles/custom/matrix-bot-maubot/defaults/main.yml +++ b/roles/custom/matrix-bot-maubot/defaults/main.yml @@ -5,6 +5,11 @@ matrix_bot_maubot_enabled: true +matrix_bot_maubot_login: bot.maubot +# This is just initial password and it will not manage subsequent password changes. +# Use a tool like synapse-admin if you need to change it. +matrix_bot_maubot_initial_password: "{{ lookup('password', '/dev/null', length=64 }}" + matrix_bot_maubot_scheme: https matrix_bot_maubot_hostname: '' matrix_bot_maubot_path_prefix: /_matrix/maubot From d00410966fa4b5193e0167bd83801ad2abc2cbaa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 20 Jun 2024 17:16:11 +0000 Subject: [PATCH 25/30] chore(deps): update halfshot/matrix-hookshot docker tag to v5.4.0 --- roles/custom/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml index 38d7603c6..0492571d7 100644 --- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml @@ -17,7 +17,7 @@ matrix_hookshot_container_additional_networks_auto: [] matrix_hookshot_container_additional_networks_custom: [] # renovate: datasource=docker depName=halfshot/matrix-hookshot -matrix_hookshot_version: 5.3.0 +matrix_hookshot_version: 5.4.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From d6aa98e57d670656815fc91c43f091a4496080f5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 21 Jun 2024 09:17:23 +0300 Subject: [PATCH 26/30] Upgrade Coturn (4.6.2-r9 -> 4.6.2-r10) --- roles/custom/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-coturn/defaults/main.yml b/roles/custom/matrix-coturn/defaults/main.yml index 897b4a963..1a702791d 100644 --- a/roles/custom/matrix-coturn/defaults/main.yml +++ b/roles/custom/matrix-coturn/defaults/main.yml @@ -9,7 +9,7 @@ matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_ matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" # renovate: datasource=docker depName=coturn/coturn -matrix_coturn_version: 4.6.2-r9 +matrix_coturn_version: 4.6.2-r10 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From 9c9b2a8d385f193908c3554483816a01ceadd307 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 21 Jun 2024 19:14:12 +0000 Subject: [PATCH 27/30] chore(deps): update halfshot/matrix-hookshot docker tag to v5.4.1 --- roles/custom/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-hookshot/defaults/main.yml b/roles/custom/matrix-bridge-hookshot/defaults/main.yml index 0492571d7..8bd0a1b8b 100644 --- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml @@ -17,7 +17,7 @@ matrix_hookshot_container_additional_networks_auto: [] matrix_hookshot_container_additional_networks_custom: [] # renovate: datasource=docker depName=halfshot/matrix-hookshot -matrix_hookshot_version: 5.4.0 +matrix_hookshot_version: 5.4.1 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From fb3745a7b28cf232d4412f003265971b44253a2e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 22 Jun 2024 14:40:35 +0300 Subject: [PATCH 28/30] Update maubot docs (explicit password, other clarification) --- docs/configuring-playbook-bot-maubot.md | 37 +++++++++---------------- 1 file changed, 13 insertions(+), 24 deletions(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index a8c6dcb61..d2b7dbc27 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -14,26 +14,26 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. ```yaml matrix_bot_maubot_enabled: true + +# Uncomment and adjust this part if you'd like to use a username different than the default +# matrix_bot_maubot_login: bot.maubot + +# Generate a strong password here. Consider generating it with `pwgen -s 64 1` +matrix_bot_maubot_initial_password: PASSWORD_FOR_THE_BOT + matrix_bot_maubot_admins: - yourusername: securepassword ``` -You can add multiple admins. The admin accounts are not connected to any matrix ID and are only used to access the -maubot administration interface. +You can add multiple admins. The admin accounts are only used to access the maubot administration interface. ## Installing -After configuring the playbook, run the [installation](installing.md) command again: - -``` -ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start -``` +After configuring the playbook, run the [installation](installing.md) command again (`just install-all`): **Notes**: -- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account - - if you change the bot password (`matrix_bot_maubot_initial_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it. @@ -43,24 +43,13 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-use You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. You should start in the following order -1. **Create one or more clients:** A client is a matrix account which the bot will use to message. +1. **Create one or more clients:** A client is a matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it 2. **Upload some Plugins:** Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. 3. **Create an instance:** An instance is the actual bot. You have to specify a client which the bot instance will use and the plugin (how the bot will behave) -To add a client you first need to create an account and obtain a valid access token. - -## Registering the bot user - -You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): - -``` -ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.maubot password=PASSWORD_FOR_THE_BOT admin=yes' --tags=register-user -``` - -Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. +## Obtaining an access token -## Obtaining an admin access token +This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands, you'll first need to `exec` into the maubot container with `docker exec -it matrix-bot-maubot sh`. -This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands you'll need to open the bot docker container with `docker exec -it matrix-bot-maubot sh` -Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md). +Alternatively, you can follow our generic [obtain an access token](obtaining-access-tokens.md) documentation. From 5a40e99d1148e93a9d08ade4f8f112a328f4ee4e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 22 Jun 2024 14:43:04 +0300 Subject: [PATCH 29/30] Explicitly ask for matrix_bot_maubot_initial_password --- roles/custom/matrix-bot-maubot/defaults/main.yml | 3 ++- roles/custom/matrix-bot-maubot/tasks/validate_config.yml | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/custom/matrix-bot-maubot/defaults/main.yml b/roles/custom/matrix-bot-maubot/defaults/main.yml index c0b6ca519..cef180f18 100644 --- a/roles/custom/matrix-bot-maubot/defaults/main.yml +++ b/roles/custom/matrix-bot-maubot/defaults/main.yml @@ -6,9 +6,10 @@ matrix_bot_maubot_enabled: true matrix_bot_maubot_login: bot.maubot + # This is just initial password and it will not manage subsequent password changes. # Use a tool like synapse-admin if you need to change it. -matrix_bot_maubot_initial_password: "{{ lookup('password', '/dev/null', length=64 }}" +matrix_bot_maubot_initial_password: '' matrix_bot_maubot_scheme: https matrix_bot_maubot_hostname: '' diff --git a/roles/custom/matrix-bot-maubot/tasks/validate_config.yml b/roles/custom/matrix-bot-maubot/tasks/validate_config.yml index 4247c8b58..297cec952 100644 --- a/roles/custom/matrix-bot-maubot/tasks/validate_config.yml +++ b/roles/custom/matrix-bot-maubot/tasks/validate_config.yml @@ -25,3 +25,4 @@ - {'name': 'matrix_bot_maubot_container_network', when: true} - {'name': 'matrix_bot_maubot_homeserver_name', when: true} - {'name': 'matrix_bot_maubot_homeserver_url', when: true} + - {'name': 'matrix_bot_maubot_initial_password', when: true} From 639a4454c048f2b4794c9731d2ca4ae7b7c6e6ba Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 22 Jun 2024 14:48:30 +0300 Subject: [PATCH 30/30] Add changelog entry for maubot user management --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b84d36230..cf92179aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +# 2024-06-22 + +## The maubot user is now managed by the playbook + +To make things easier and to be consistent with other roles, the [maubot](./docs/configuring-playbook-bot-maubot.md) user (`bot.maubot` by default) is [now](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3376) automatically created be the playbook. + +If you have an existing maubot installation, you will need to specify `matrix_bot_maubot_initial_password` in your `vars.yml` file to make the playbook not complain about it being undefined. +Since the bot is already registered in your installation, there's nothing for the playbook to do anyway. In case you don't remember the password you've registered your maubot user account with, you can specify any value for this variable. + +If you've registered another username for the bot (other than the recommended default of `bot.maubot`), consider adjusting the `matrix_bot_maubot_login` variable (e.g. `matrix_bot_maubot_login: my.maubot.username`). + + # 2024-06-03 ## WeChat bridging support