Remove hardcoded command paths in playbook shell usage

roles/matrix-base/defaults/main.yml

@@ -36,6 +36,7 @@ matrix_host_command_docker: "/usr/bin/env docker"
 matrix_host_command_sleep: "/usr/bin/env sleep"
 matrix_host_command_chown: "/usr/bin/env chown"
 matrix_host_command_fusermount: "/usr/bin/env fusermount"
+matrix_host_command_openssl: "/usr/bin/env openssl"
 
 matrix_ntpd_package: "ntp"
 matrix_ntpd_service: "{{ 'ntpd' if ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux' else 'ntp' }}"

roles/matrix-bridge-appservice-discord/tasks/setup_install.yml

@@ -60,7 +60,7 @@
 # We intentionally suppress Ansible changes.
 - name: Generate AppService Discord invite link
   shell: >-
-    /usr/bin/docker run --rm --name matrix-appservice-discord-link-gen
+    {{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
     --cap-drop=ALL
     -v {{ matrix_appservice_discord_config_path }}:/cfg

roles/matrix-bridge-appservice-irc/tasks/setup_install.yml

@@ -58,7 +58,7 @@
   register: irc_passkey_file
 
 - name: Generate Appservice IRC passkey if it doesn't exist
-  shell: /usr/bin/openssl genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048
+  shell: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048"
   become: true
   become_user: "{{ matrix_user_username }}"
   when: "not irc_passkey_file.stat.exists"
@@ -93,7 +93,7 @@
 # to produce a final registration.yaml file, as we desire.
 - name: Generate Appservice IRC registration-template.yaml
   shell: >-
-    /usr/bin/docker run --rm --name matrix-appservice-irc-gen
+    {{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc-gen
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
     --cap-drop=ALL
     -v {{ matrix_appservice_irc_config_path }}:/config:z

roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml

@@ -16,7 +16,7 @@
 # We suppress the error, as we'll try another method below.
 - name: Attempt initial SSL certificate retrieval with standalone authenticator (directly)
   shell: >-
-    /usr/bin/docker run
+    {{ matrix_host_command_docker }} run
     --rm
     --name=matrix-certbot
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
@@ -43,7 +43,7 @@
 # and it's running now, it may be able to proxy requests to `matrix_ssl_lets_encrypt_certbot_standalone_http_port`.
 - name: Attempt initial SSL certificate retrieval with standalone authenticator (via proxy)
   shell: >-
-    /usr/bin/docker run
+    {{ matrix_host_command_docker }} run
     --rm
     --name=matrix-certbot
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}

roles/matrix-postgres/tasks/import_postgres.yml

@@ -63,7 +63,7 @@
 - name: Generate Postgres database import command
   set_fact:
     matrix_postgres_import_command: >-
-      /usr/bin/docker run --rm --name matrix-postgres-import
+      {{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
       --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
       --cap-drop=ALL
       --network={{ matrix_docker_network }}

roles/matrix-postgres/tasks/run_synapse_janitor.yml

@@ -66,7 +66,7 @@
 - name: Generate Postgres database synapse-janitor command
   set_fact:
     matrix_postgres_synapse_janitor_command: >-
-      /usr/bin/docker run --rm --name matrix-postgres-synapse-janitor
+      {{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-janitor
       --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
       --cap-drop=ALL
       --network={{ matrix_docker_network }}

roles/matrix-postgres/tasks/run_vacuum.yml

@@ -45,7 +45,7 @@
 - name: Generate Postgres database vacuum command
   set_fact:
     matrix_postgres_vacuum_command: >-
-      /usr/bin/docker run --rm --name matrix-postgres-synapse-vacuum
+      {{ matrix_host_command_docker }} run --rm --name matrix-postgres-synapse-vacuum
       --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
       --cap-drop=ALL
       --network={{ matrix_docker_network }}

roles/matrix-postgres/tasks/upgrade_postgres.yml

@@ -79,7 +79,7 @@
 # we need to remove these from the dump, or we'll get errors saying these already exist.
 - name: Perform Postgres database dump
   command: >-
-    /usr/bin/docker run --rm --name matrix-postgres-dump
+    {{ matrix_host_command_docker }} run --rm --name matrix-postgres-dump
     --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
     --network={{ matrix_docker_network }}
     --env-file={{ matrix_postgres_base_path }}/env-postgres-psql
@@ -123,7 +123,7 @@
 - name: Generate Postgres database import command
   set_fact:
     matrix_postgres_import_command: >-
-      /usr/bin/docker run --rm --name matrix-postgres-import
+      {{ matrix_host_command_docker }} run --rm --name matrix-postgres-import
       --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
       --cap-drop=ALL
       --network={{ matrix_docker_network }}

roles/matrix-synapse/tasks/update_user_password.yml

@@ -36,7 +36,7 @@
   when: "start_result.changed or postgres_start_result.changed"
 
 - name: Generate password hash
-  shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}"
+  shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}"
   register: password_hash
 
 - name: Update user password hash