diff --git a/CHANGELOG.md b/CHANGELOG.md index 0196a1b06..9c68ed63d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,16 @@ +# 2022-04-14 + +## (Compatibility Break) Changes to `docker-src` permissions necessitating manual action + +Users who build container images from source will need to manually correct file permissions of some directories on the server. + +When self-building, the playbook used to `git clone` repositories (into `/matrix/SERVICE/docker-src`) using the `root` user, but now uses `matrix` instead to work around [the following issue with git 2.35.2](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1749). + +If you're on a non-`amd64` architecture (that is, you're overriding `matrix_architecture` in your `vars.yml` file) or you have enabled self-building for some service (e.g. `matrix_*_self_build: true`), you're certainly building some container images from source and have `docker-src` directories with mixed permissions lying around in various `/matrix/SERVICE` directories. + +The playbook *could* correct these permissions automatically, but that requires additional Ansible tasks in some ~45 different places - something that takes considerable effort. So we ask users observing errors related to `docker-src` directories to correct the problem manually by **running this command on the Matrix server** (which deletes all `/matrix/*/docker-src` directories): `find /matrix -maxdepth 2 -name 'docker-src' | xargs rm -rf` + + # 2022-03-17 ## (Compatibility Break) ma1sd identity server no longer installed by default diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 7ca962c87..70466a6e6 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -4,17 +4,23 @@ The playbook can install and configure [borgbackup](https://www.borgbackup.org/) BorgBackup is a deduplicating backup program with optional compression and encryption. That means your daily incremental backups can be stored in a fraction of the space and is safe whether you store it at home or on a cloud service. -The backup will run based on `matrix_backup_borg_schedule` var (systemd timer calendar), default: 4am every day +You will need a remote server where borg will store the backups. There are hosted, borg compatible solutions available, such as [BorgBase](https://www.borgbase.com). + +The backup will run based on `matrix_backup_borg_schedule` var (systemd timer calendar), default: 4am every day. ## Prerequisites -1. Create ssh key on any machine: +1. Create a new SSH key: ```bash ssh-keygen -t ed25519 -N '' -f matrix-borg-backup -C matrix ``` -2. Add public part of that ssh key to your borg provider / server: +This can be done on any machine and you don't need to place the key in the `.ssh` folder. It will be added to the Ansible config later. + +2. Add the **public** part of this SSH key (the `matrix-borg-backup.pub` file) to your borg provider/server: + +If you plan to use a hosted solution, follow their instructions. If you have your own server, copy the key over: ```bash # example to append the new PUBKEY contents, where: @@ -39,13 +45,15 @@ matrix_backup_borg_ssh_key_private: | where: -* USER - ssh user of a provider / server -* HOST - ssh host of a provider / server +* USER - SSH user of a provider/server +* HOST - SSH host of a provider/server * REPO - borg repository name, it will be initialized on backup start, eg: `matrix` -* PASSPHRASE - super-secret borg passphrase, you may generate it with `pwgen -s 64 1` or use any password manager -* PRIVATE KEY - the content of the public part of the ssh key you created before +* PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager +* PRIVATE KEY - the content of the **private** part of the SSH key you created before + +`matrix_backup_borg_location_source_directories` defines the list of directories to back up: it's set to `{{ matrix_base_data_path }}` by default, which is the base directory for every service's data, such as Synapse, Postgres and the bridges. You might want to exclude certain directories or file patterns from the backup using the `matrix_backup_borg_location_exclude_patterns` variable. -Check the `roles/matrix-backup-borg/defaults/main.yml` for the full list of available options +Check the `roles/matrix-backup-borg/defaults/main.yml` file for the full list of available options. ## Installing diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 53223aaaf..50e79ce61 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1119,13 +1119,33 @@ matrix_bot_mjolnir_systemd_required_services_list: | ###################################################################### matrix_backup_borg_enabled: false +matrix_backup_borg_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" +matrix_backup_borg_postgresql_enabled: "{{ matrix_postgres_enabled }}" +matrix_backup_borg_postgresql_databases_hostname: "{{ matrix_postgres_connection_hostname }}" +matrix_backup_borg_postgresql_databases_username: "{{ matrix_postgres_connection_username }}" +matrix_backup_borg_postgresql_databases_password: "{{ matrix_postgres_connection_password }}" +matrix_backup_borg_postgresql_databases_port: "{{ matrix_postgres_connection_port }}" +matrix_backup_borg_postgresql_databases: | + {{ + (([{ + 'name': matrix_synapse_database_database + }] if (matrix_synapse_enabled and matrix_synapse_database_database == matrix_postgres_db_name and matrix_synapse_database_host == 'matrix-postgres') else []) + + + matrix_postgres_additional_databases)|map(attribute='name')|list + }} matrix_backup_borg_location_source_directories: - "{{ matrix_base_data_path }}" matrix_backup_borg_location_exclude_patterns: | {{ - { - 'synapse': ["{{ matrix_synapse_media_store_path }}/local_thumbnails", "{{ matrix_synapse_media_store_path }}/remote_thumbnail", "{{ matrix_synapse_media_store_path }}/url_cache", "{{ matrix_synapse_media_store_path }}/url_cache_thumbnails"], - }[matrix_homeserver_implementation] + ([matrix_synapse_media_store_path + '/local_thumbnails', matrix_synapse_media_store_path + '/remote_thumbnail', matrix_synapse_media_store_path + '/url_cache', matrix_synapse_media_store_path + '/url_cache_thumbnails'] if matrix_homeserver_implementation == 'synapse' else []) + + + ([matrix_postgres_data_path] if matrix_postgres_enabled else []) + }} +matrix_backup_borg_systemd_required_services_list: | + {{ + ['docker.service'] + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) }} ###################################################################### diff --git a/roles/matrix-backup-borg/defaults/main.yml b/roles/matrix-backup-borg/defaults/main.yml index c8a09f7f4..189b6042b 100644 --- a/roles/matrix-backup-borg/defaults/main.yml +++ b/roles/matrix-backup-borg/defaults/main.yml @@ -1,17 +1,18 @@ --- matrix_backup_borg_enabled: true +matrix_backup_borg_base_path: "{{ matrix_base_data_path }}/backup-borg" +matrix_backup_borg_config_path: "{{ matrix_backup_borg_base_path }}/config" + matrix_backup_borg_container_image_self_build: false -matrix_backup_borg_docker_repo: "https://github.com/borgmatic-collective/docker-borgmatic" -matrix_backup_borg_docker_src_files_path: "{{ matrix_base_data_path }}/borg/docker-src" +matrix_backup_borg_docker_repo: "https://gitlab.com/etke.cc/borgmatic" +matrix_backup_borg_docker_src_files_path: "{{ matrix_backup_borg_base_path }}/docker-src" -matrix_backup_borg_version: latest +# version determined automatically, based on postgres server version (if enabled), otherwise latest is used +matrix_backup_borg_version: "" matrix_backup_borg_docker_image: "{{ matrix_backup_borg_docker_image_name_prefix }}etke.cc/borgmatic:{{ matrix_backup_borg_version }}" matrix_backup_borg_docker_image_name_prefix: "{{ 'localhost/' if matrix_backup_borg_container_image_self_build else 'registry.gitlab.com/' }}" -matrix_backup_borg_docker_image_force_pull: "{{ matrix_backup_borg_docker_image.endswith(':latest') }}" - -matrix_backup_borg_base_path: "{{ matrix_base_data_path }}/backup-borg" -matrix_backup_borg_config_path: "{{ matrix_backup_borg_base_path }}/config" +matrix_backup_borg_docker_image_force_pull: "{{ matrix_backup_borg_docker_image.endswith(':latest') or matrix_backup_borg_version|default('') == '' }}" # A list of extra arguments to pass to the container matrix_backup_borg_container_extra_arguments: [] @@ -28,6 +29,15 @@ matrix_backup_borg_schedule: "*-*-* 04:00:00" # what directories should be added to backup matrix_backup_borg_location_source_directories: [] +# postgres db backup +matrix_backup_borg_postgresql_enabled: true +matrix_backup_borg_supported_postgres_versions: ['12', '13', '14'] +matrix_backup_borg_postgresql_databases: [] +matrix_backup_borg_postgresql_databases_hostname: "matrix-postgres" +matrix_backup_borg_postgresql_databases_username: "matrix" +matrix_backup_borg_postgresql_databases_password: "" +matrix_backup_borg_postgresql_databases_port: 5432 + # target repositories matrix_backup_borg_location_repositories: [] @@ -47,7 +57,7 @@ matrix_backup_borg_storage_ssh_command: ssh -o "StrictHostKeyChecking accept-new matrix_backup_borg_storage_compression: lz4 # archive name format -matrix_backup_borg_storage_archive_name_format: "matrix-{now:%Y-%m-%d-%H%M%S}" +matrix_backup_borg_storage_archive_name_format: matrix-{now:%Y-%m-%d-%H%M%S} # repository passphrase matrix_backup_borg_storage_encryption_passphrase: "" @@ -60,4 +70,26 @@ matrix_backup_borg_retention_keep_monthly: 12 matrix_backup_borg_retention_keep_yearly: 2 # retention prefix -matrix_backup_borg_retention_prefix: "matrix-" +matrix_backup_borg_retention_prefix: matrix- + +# Default borgmatic configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_backup_borg_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_backup_borg_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" + +matrix_backup_borg_configuration_extension_yaml: | + # Your custom YAML configuration for borgmatic goes here. + # This configuration extends the default starting configuration (`matrix_borg_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_backup_borg_configuration_yaml`. + +matrix_backup_borg_configuration_extension: "{{ matrix_backup_borg_configuration_extension_yaml|from_yaml if matrix_backup_borg_configuration_extension_yaml|from_yaml is mapping else {} }}" + +# Holds the final borgmatic configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_backup_borg_configuration_yaml`. +matrix_backup_borg_configuration: "{{ matrix_backup_borg_configuration_yaml|from_yaml|combine(matrix_backup_borg_configuration_extension, recursive=True) }}" diff --git a/roles/matrix-backup-borg/tasks/setup_install.yml b/roles/matrix-backup-borg/tasks/setup_install.yml index f2c65a164..6ef398631 100644 --- a/roles/matrix-backup-borg/tasks/setup_install.yml +++ b/roles/matrix-backup-borg/tasks/setup_install.yml @@ -1,4 +1,17 @@ --- +- block: + - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/detect_existing_postgres_version.yml" + + - name: Fail if detected Postgres version is unsupported + fail: + msg: "You cannot use borg backup with such an old version ({{ matrix_postgres_detected_version }}) of Postgres. Consider upgrading - link to docs for upgrading Postgres: docs/maintenance-postgres.md#upgrading-postgresql" + when: "matrix_postgres_detected_version not in matrix_backup_borg_supported_postgres_versions" + + - name: Set the correct borg backup version to use + set_fact: + matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}" + when: matrix_backup_borg_postgresql_enabled|bool and matrix_backup_borg_version == '' + - name: Ensure borg paths exist file: path: "{{ item.path }}" @@ -11,9 +24,9 @@ - {path: "{{ matrix_backup_borg_docker_src_files_path }}", when: true} when: "item.when|bool" -- name: Ensure borg config is created - template: - src: "{{ role_path }}/templates/config.yaml.j2" +- name: Ensure borgmatic config is created + copy: + content: "{{ matrix_backup_borg_configuration|to_nice_yaml(indent=2, width=999999) }}" dest: "{{ matrix_backup_borg_config_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" @@ -52,6 +65,8 @@ repo: "{{ matrix_backup_borg_docker_repo }}" dest: "{{ matrix_backup_borg_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_backup_borg_git_pull_results when: "matrix_backup_borg_container_image_self_build|bool" diff --git a/roles/matrix-backup-borg/templates/config.yaml.j2 b/roles/matrix-backup-borg/templates/config.yaml.j2 index 89b6ab7d4..2929db8b1 100644 --- a/roles/matrix-backup-borg/templates/config.yaml.j2 +++ b/roles/matrix-backup-borg/templates/config.yaml.j2 @@ -7,18 +7,18 @@ location: exclude_patterns: {{ matrix_backup_borg_location_exclude_patterns|to_json }} storage: - compression: {{ matrix_backup_borg_storage_compression }} - ssh_command: {{ matrix_backup_borg_storage_ssh_command }} - archive_name_format: '{{ matrix_backup_borg_storage_archive_name_format }}' - encryption_passphrase: {{ matrix_backup_borg_storage_encryption_passphrase }} + compression: {{ matrix_backup_borg_storage_compression|to_json }} + ssh_command: {{ matrix_backup_borg_storage_ssh_command|to_json }} + archive_name_format: {{ matrix_backup_borg_storage_archive_name_format|to_json }} + encryption_passphrase: {{ matrix_backup_borg_storage_encryption_passphrase|to_json }} retention: - keep_hourly: {{ matrix_backup_borg_retention_keep_hourly }} - keep_daily: {{ matrix_backup_borg_retention_keep_daily }} - keep_weekly: {{ matrix_backup_borg_retention_keep_weekly }} - keep_monthly: {{ matrix_backup_borg_retention_keep_monthly }} - keep_yearly: {{ matrix_backup_borg_retention_keep_yearly }} - prefix: '{{ matrix_backup_borg_retention_prefix }}' + keep_hourly: {{ matrix_backup_borg_retention_keep_hourly|to_json }} + keep_daily: {{ matrix_backup_borg_retention_keep_daily|to_json }} + keep_weekly: {{ matrix_backup_borg_retention_keep_weekly|to_json }} + keep_monthly: {{ matrix_backup_borg_retention_keep_monthly|to_json }} + keep_yearly: {{ matrix_backup_borg_retention_keep_yearly|to_json }} + prefix: {{ matrix_backup_borg_retention_prefix|to_json }} consistency: checks: @@ -26,6 +26,16 @@ consistency: - archives hooks: +{% if matrix_backup_borg_postgresql_enabled and matrix_backup_borg_postgresql_databases|length > 0 %} + postgresql_databases: + {% for database in matrix_backup_borg_postgresql_databases %} + - name: {{ database|to_json }} + hostname: {{ matrix_backup_borg_postgresql_databases_hostname|to_json }} + username: {{ matrix_backup_borg_postgresql_databases_username|to_json }} + password: {{ matrix_backup_borg_postgresql_databases_password|to_json }} + port: {{ matrix_backup_borg_postgresql_databases_port|to_json }} + {% endfor %} +{% endif %} after_backup: - echo "Backup created." on_error: diff --git a/roles/matrix-bot-honoroit/tasks/setup_install.yml b/roles/matrix-bot-honoroit/tasks/setup_install.yml index f3ad9b630..584df9b71 100644 --- a/roles/matrix-bot-honoroit/tasks/setup_install.yml +++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml @@ -64,6 +64,8 @@ repo: "{{ matrix_bot_honoroit_docker_repo }}" dest: "{{ matrix_bot_honoroit_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_bot_honoroit_git_pull_results when: "matrix_bot_honoroit_container_image_self_build|bool" diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index ffb38ffc8..d7f4706fb 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -57,6 +57,8 @@ repo: "{{ matrix_bot_matrix_reminder_bot_docker_repo }}" dest: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_bot_matrix_reminder_bot_git_pull_results when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool" diff --git a/roles/matrix-bot-mjolnir/tasks/setup_install.yml b/roles/matrix-bot-mjolnir/tasks/setup_install.yml index f3b031fa9..66f2806a8 100644 --- a/roles/matrix-bot-mjolnir/tasks/setup_install.yml +++ b/roles/matrix-bot-mjolnir/tasks/setup_install.yml @@ -35,6 +35,8 @@ dest: "{{ matrix_bot_mjolnir_docker_src_files_path }}" version: "{{ matrix_bot_mjolnir_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_bot_mjolnir_git_pull_results when: "matrix_bot_mjolnir_container_image_self_build|bool" diff --git a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml index 1b317464e..1ae0b3fa3 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml @@ -74,6 +74,8 @@ repo: "{{ matrix_appservice_irc_docker_repo }}" dest: "{{ matrix_appservice_irc_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_appservice_irc_git_pull_results when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool" diff --git a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml index 2dcc23c61..42aa020c5 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/setup_install.yml @@ -48,6 +48,8 @@ repo: "{{ matrix_appservice_slack_docker_repo }}" dest: "{{ matrix_appservice_slack_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_appservice_slack_git_pull_results when: "matrix_appservice_slack_container_image_self_build|bool" diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml index 6759bca86..274f54c53 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml @@ -33,6 +33,8 @@ dest: "{{ matrix_appservice_webhooks_docker_src_files_path }}" version: "{{ matrix_appservice_webhooks_container_image_self_build_repo_version }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_appservice_webhooks_git_pull_results - name: Ensure Appservice webhooks Docker image is built diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index 575b22c16..74f80314b 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -41,6 +41,8 @@ dest: "{{ matrix_beeper_linkedin_docker_src_files_path }}" version: "{{ matrix_beeper_linkedin_container_image_self_build_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_beeper_linkedin_git_pull_results # Building the container image (using the default Dockerfile) requires that a docker-requirements.txt file be generated. diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index a55b995d1..45807ba9c 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.4.0 +matrix_hookshot_version: 1.5.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" diff --git a/roles/matrix-bridge-hookshot/tasks/setup_install.yml b/roles/matrix-bridge-hookshot/tasks/setup_install.yml index 38dc62a3b..25f2978cd 100644 --- a/roles/matrix-bridge-hookshot/tasks/setup_install.yml +++ b/roles/matrix-bridge-hookshot/tasks/setup_install.yml @@ -32,6 +32,8 @@ dest: "{{ matrix_hookshot_docker_src_files_path }}" version: "{{ matrix_hookshot_container_image_self_build_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_hookshot_git_pull_results when: "matrix_hookshot_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index c37b9e10c..699ed88a0 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -66,6 +66,8 @@ dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}" version: "{{ matrix_mautrix_facebook_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_facebook_git_pull_results when: "matrix_mautrix_facebook_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml index daab10e31..bf04e834c 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml @@ -65,6 +65,8 @@ repo: "{{ matrix_mautrix_googlechat_container_image_self_build_repo }}" dest: "{{ matrix_mautrix_googlechat_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_googlechat_git_pull_results when: "matrix_mautrix_googlechat_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index d2b7157ec..6a8808159 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -65,6 +65,8 @@ repo: "{{ matrix_mautrix_hangouts_container_image_self_build_repo }}" dest: "{{ matrix_mautrix_hangouts_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_hangouts_git_pull_results when: "matrix_mautrix_hangouts_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index 4e531615f..5e30adbe4 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -38,6 +38,8 @@ repo: "{{ matrix_mautrix_instagram_container_image_self_build_repo }}" dest: "{{ matrix_mautrix_instagram_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_instagram_git_pull_results when: "matrix_mautrix_instagram_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 840cbd6e4..c7202f05a 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -26,6 +26,8 @@ repo: "{{ matrix_mautrix_signal_docker_repo }}" dest: "{{ matrix_mautrix_signal_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_signal_git_pull_results when: "matrix_mautrix_signal_container_image_self_build|bool" @@ -56,6 +58,8 @@ repo: "{{ matrix_mautrix_signal_daemon_docker_repo }}" dest: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_signal_daemon_git_pull_results when: "matrix_mautrix_signal_daemon_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 1960288d6..55e7d016f 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -65,6 +65,8 @@ repo: "{{ matrix_telegram_lottieconverter_docker_repo }}" dest: "{{ matrix_telegram_lottieconverter_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_telegram_lottieconverter_git_pull_results when: "matrix_telegram_lottieconverter_container_image_self_build|bool and matrix_mautrix_telegram_container_image_self_build|bool" @@ -85,6 +87,8 @@ repo: "{{ matrix_mautrix_telegram_docker_repo }}" dest: "{{ matrix_mautrix_telegram_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_telegram_git_pull_results when: "matrix_mautrix_telegram_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 6e587900d..552c9d525 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -43,6 +43,8 @@ dest: "{{ matrix_mautrix_twitter_docker_src_files_path }}" # version: "{{ matrix_coturn_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_twitter_git_pull_results when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build" diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index 8f27ac2a3..f47675b58 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -68,6 +68,8 @@ dest: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}" version: "{{ matrix_mautrix_whatsapp_container_image_self_build_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mautrix_whatsapp_git_pull_results when: "matrix_mautrix_whatsapp_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml index 26a7c0c3f..3ddfa39d5 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml @@ -83,6 +83,8 @@ dest: "{{ matrix_mx_puppet_discord_docker_src_files_path }}" force: "yes" version: "{{ matrix_mx_puppet_discord_container_image_self_build_version }}" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mx_puppet_discord_git_pull_results when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build" diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml index 0d43a0d02..286c5611c 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml @@ -83,6 +83,8 @@ repo: "{{ matrix_mx_puppet_groupme_container_image_self_build_repo }}" dest: "{{ matrix_mx_puppet_groupme_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mx_puppet_groupme_git_pull_results when: "matrix_mx_puppet_groupme_enabled|bool and matrix_mx_puppet_groupme_container_image_self_build" diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml index cb613074c..2e74c059e 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml @@ -66,6 +66,8 @@ repo: "{{ matrix_mx_puppet_instagram_container_image_self_build_repo }}" dest: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mx_puppet_instagram_git_pull_results when: "matrix_mx_puppet_instagram_enabled|bool and matrix_mx_puppet_instagram_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml index c3776c708..96ae82e61 100644 --- a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml @@ -83,6 +83,8 @@ repo: "{{ matrix_mx_puppet_skype_container_image_self_build_repo }}" dest: "{{ matrix_mx_puppet_skype_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mx_puppet_skype_git_pull_results when: "matrix_mx_puppet_skype_enabled|bool and matrix_mx_puppet_skype_container_image_self_build|bool" diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index b064ee838..3a7dfb409 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -80,6 +80,8 @@ dest: "{{ matrix_mx_puppet_slack_docker_src_files_path }}" force: "yes" version: "{{ matrix_mx_puppet_slack_container_image_self_build_version }}" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mx_puppet_slack_git_pull_results when: "matrix_mx_puppet_slack_enabled|bool and matrix_mx_puppet_slack_container_image_self_build" diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml index b8b3f737d..ac2a2fda9 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml @@ -83,6 +83,8 @@ repo: "{{ matrix_mx_puppet_steam_container_image_self_build_repo }}" dest: "{{ matrix_mx_puppet_steam_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mx_puppet_steam_git_pull_results when: "matrix_mx_puppet_steam_enabled|bool and matrix_mx_puppet_steam_container_image_self_build" diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml index 485900a85..6336b0a08 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml @@ -83,6 +83,8 @@ repo: "{{ matrix_mx_puppet_twitter_container_image_self_build_repo }}" dest: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mx_puppet_twitter_git_pull_results when: "matrix_mx_puppet_twitter_enabled|bool and matrix_mx_puppet_twitter_container_image_self_build" diff --git a/roles/matrix-client-cinny/tasks/setup_install.yml b/roles/matrix-client-cinny/tasks/setup_install.yml index 48865008f..da979f565 100644 --- a/roles/matrix-client-cinny/tasks/setup_install.yml +++ b/roles/matrix-client-cinny/tasks/setup_install.yml @@ -29,6 +29,8 @@ dest: "{{ matrix_client_cinny_docker_src_files_path }}" version: "{{ matrix_client_cinny_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_client_cinny_git_pull_results when: "matrix_client_cinny_container_image_self_build|bool" diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 34cf22a74..205f3480a 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -9,7 +9,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.10.9 +matrix_client_element_version: v1.10.10 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/matrix-client-element/tasks/setup_install.yml index e9c7096e9..4d0af82d6 100644 --- a/roles/matrix-client-element/tasks/setup_install.yml +++ b/roles/matrix-client-element/tasks/setup_install.yml @@ -30,6 +30,8 @@ dest: "{{ matrix_client_element_docker_src_files_path }}" version: "{{ matrix_client_element_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_client_element_git_pull_results when: "matrix_client_element_container_image_self_build|bool" diff --git a/roles/matrix-client-hydrogen/tasks/setup_install.yml b/roles/matrix-client-hydrogen/tasks/setup_install.yml index 0e4868f6b..db866178e 100644 --- a/roles/matrix-client-hydrogen/tasks/setup_install.yml +++ b/roles/matrix-client-hydrogen/tasks/setup_install.yml @@ -30,6 +30,8 @@ dest: "{{ matrix_client_hydrogen_docker_src_files_path }}" version: "{{ matrix_client_hydrogen_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_client_hydrogen_git_pull_results when: "matrix_client_hydrogen_container_image_self_build|bool" diff --git a/roles/matrix-corporal/tasks/setup_corporal.yml b/roles/matrix-corporal/tasks/setup_corporal.yml index 6c520ee00..a3582592c 100644 --- a/roles/matrix-corporal/tasks/setup_corporal.yml +++ b/roles/matrix-corporal/tasks/setup_corporal.yml @@ -23,6 +23,8 @@ dest: "{{ matrix_corporal_container_src_files_path }}" version: "{{ matrix_corporal_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_corporal_git_pull_results when: "matrix_corporal_enabled|bool and matrix_corporal_container_image_self_build|bool" diff --git a/roles/matrix-coturn/tasks/setup_install.yml b/roles/matrix-coturn/tasks/setup_install.yml index 621177e52..a721f186b 100644 --- a/roles/matrix-coturn/tasks/setup_install.yml +++ b/roles/matrix-coturn/tasks/setup_install.yml @@ -36,6 +36,8 @@ dest: "{{ matrix_coturn_docker_src_files_path }}" version: "{{ matrix_coturn_container_image_self_build_repo_version }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_coturn_git_pull_results - name: Ensure Coturn Docker image is built diff --git a/roles/matrix-dimension/tasks/setup_install.yml b/roles/matrix-dimension/tasks/setup_install.yml index 1ba4f2d4c..b999383e1 100644 --- a/roles/matrix-dimension/tasks/setup_install.yml +++ b/roles/matrix-dimension/tasks/setup_install.yml @@ -102,6 +102,8 @@ dest: "{{ matrix_dimension_docker_src_files_path }}" version: "{{ matrix_dimension_container_image_self_build_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" when: "matrix_dimension_container_image_self_build|bool" register: matrix_dimension_git_pull_results diff --git a/roles/matrix-dynamic-dns/tasks/install.yml b/roles/matrix-dynamic-dns/tasks/install.yml index 4dffe6819..60f079374 100644 --- a/roles/matrix-dynamic-dns/tasks/install.yml +++ b/roles/matrix-dynamic-dns/tasks/install.yml @@ -30,6 +30,8 @@ repo: "{{ matrix_dynamic_dns_container_image_self_build_repo }}" dest: "{{ matrix_dynamic_dns_docker_src_files_path }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_dynamic_dns_git_pull_results when: "matrix_dynamic_dns_enabled|bool and matrix_dynamic_dns_container_image_self_build|bool" diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/matrix-email2matrix/tasks/setup_install.yml index 74e7c6764..a2470728e 100644 --- a/roles/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/matrix-email2matrix/tasks/setup_install.yml @@ -39,6 +39,8 @@ dest: "{{ matrix_email2matrix_docker_src_files_path }}" version: "{{ matrix_email2matrix_container_image_self_build_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_email2matrix_git_pull_results when: "matrix_email2matrix_container_image_self_build|bool" diff --git a/roles/matrix-ma1sd/tasks/setup_install.yml b/roles/matrix-ma1sd/tasks/setup_install.yml index c56c81f98..e3347a4db 100644 --- a/roles/matrix-ma1sd/tasks/setup_install.yml +++ b/roles/matrix-ma1sd/tasks/setup_install.yml @@ -85,6 +85,8 @@ dest: "{{ matrix_ma1sd_docker_src_files_path }}" version: "{{ matrix_ma1sd_container_image_self_build_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_ma1sd_git_pull_results - name: Ensure ma1sd Docker image is built diff --git a/roles/matrix-mailer/tasks/setup_mailer.yml b/roles/matrix-mailer/tasks/setup_mailer.yml index 5ad02a577..d2f8f9171 100644 --- a/roles/matrix-mailer/tasks/setup_mailer.yml +++ b/roles/matrix-mailer/tasks/setup_mailer.yml @@ -29,6 +29,8 @@ dest: "{{ matrix_mailer_container_image_self_build_src_files_path }}" version: "{{ matrix_mailer_container_image_self_build_version }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_mailer_git_pull_results when: "matrix_mailer_enabled|bool and matrix_mailer_container_image_self_build|bool" diff --git a/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml b/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml index 73acb4330..90f73dba8 100644 --- a/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml +++ b/roles/matrix-postgres/tasks/util/migrate_db_to_postgres.yml @@ -38,6 +38,8 @@ dest: "{{ matrix_postgres_pgloader_container_image_self_build_src_path }}" version: "{{ matrix_postgres_pgloader_container_image_self_build_repo_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_postgres_pgloader_git_pull_results # If `stable` is used, we hit an error when processing /opt/src/pgloader/build/quicklisp/dists/quicklisp/software/uax-15-20201220-git/data/CompositionExclusions.txt: diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index 2b5beafa0..6ff2de302 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -63,6 +63,8 @@ dest: "{{ matrix_registration_docker_src_files_path }}" version: "{{ matrix_registration_container_image_self_build_branch }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_registration_git_pull_results when: "matrix_registration_container_image_self_build|bool" diff --git a/roles/matrix-synapse-admin/tasks/setup.yml b/roles/matrix-synapse-admin/tasks/setup.yml index 2243706be..f83ccdc3f 100644 --- a/roles/matrix-synapse-admin/tasks/setup.yml +++ b/roles/matrix-synapse-admin/tasks/setup.yml @@ -22,6 +22,8 @@ dest: "{{ matrix_synapse_admin_docker_src_files_path }}" version: "{{ matrix_synapse_admin_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_synapse_admin_git_pull_results when: "matrix_synapse_admin_enabled|bool and matrix_synapse_admin_container_image_self_build|bool" diff --git a/roles/matrix-synapse/tasks/synapse/setup_install.yml b/roles/matrix-synapse/tasks/synapse/setup_install.yml index deedd7bde..2302a6f23 100644 --- a/roles/matrix-synapse/tasks/synapse/setup_install.yml +++ b/roles/matrix-synapse/tasks/synapse/setup_install.yml @@ -25,6 +25,8 @@ dest: "{{ matrix_synapse_docker_src_files_path }}" version: "{{ matrix_synapse_docker_image.split(':')[1] }}" force: "yes" + become: true + become_user: "{{ matrix_user_username }}" register: matrix_synapse_git_pull_results - name: Check if Synapse Docker image exists diff --git a/setup.yml b/setup.yml index e134a87d4..d8b01671a 100755 --- a/setup.yml +++ b/setup.yml @@ -13,7 +13,6 @@ - matrix-postgres - matrix-redis - matrix-corporal - - matrix-backup-borg - matrix-bridge-appservice-discord - matrix-bridge-appservice-slack - matrix-bridge-appservice-webhooks @@ -63,4 +62,5 @@ - matrix-aux - matrix-postgres-backup - matrix-prometheus-postgres-exporter + - matrix-backup-borg - matrix-common-after