Remove more hardcoded matrix-postgres references

3 лет назад · 7b43ef34b7
--- a/docs/importing-postgres.md
+++ b/docs/importing-postgres.md
@@ -97,9 +97,9 @@ Once the database is clear and the ownership of the tables has been fixed in the
 Check, if `--dbname` is set to `synapse` (not `matrix`) and replace paths (or even better, copy this line from your terminal)

 ```
 /usr/bin/env docker run --rm --name matrix-postgres-import --log-driver=none --user=998:1001 --cap-drop=ALL --network=matrix --env-file=/matrix/postgres/env-postgres-psql --mount type=bind,src=/migration/synapse_dump.sql,dst=/synapse_dump.sql,ro --entrypoint=/bin/sh docker.io/postgres:14.1-alpine -c "cat /synapse_dump.sql | grep -vE '^(CREATE|ALTER) ROLE (matrix)(;| WITH)' | grep -vE '^CREATE DATABASE (matrix)\s' | psql -v ON_ERROR_STOP=1 -h matrix-postgres --dbname=synapse"
 /usr/bin/env docker run --rm --name matrix-postgres-import --log-driver=none --user=998:1001 --cap-drop=ALL --network=matrix --env-file=/matrix/postgres/env-postgres-psql --mount type=bind,src=/migration/synapse_dump.sql,dst=/synapse_dump.sql,ro --entrypoint=/bin/sh docker.io/postgres:15.0-alpine -c "cat /synapse_dump.sql | grep -vE '^(CREATE|ALTER) ROLE (matrix)(;| WITH)' | grep -vE '^CREATE DATABASE (matrix)\s' | psql -v ON_ERROR_STOP=1 -h matrix-postgres --dbname=synapse"
 ```

 ### Hints

 To open psql terminal run `/usr/local/bin/matrix-postgres-cli`
 To open psql terminal run `/matrix/postgres/bin/cli`
--- a/docs/maintenance-postgres.md
+++ b/docs/maintenance-postgres.md
@@ -16,7 +16,7 @@ Table of contents:

 ## Getting a database terminal

 You can use the `/usr/local/bin/matrix-postgres-cli` tool to get interactive terminal access ([psql](https://www.postgresql.org/docs/11/app-psql.html)) to the PostgreSQL server.
 You can use the `/matrix/postgres/bin/cli` tool to get interactive terminal access ([psql](https://www.postgresql.org/docs/11/app-psql.html)) to the PostgreSQL server.

 If you are using an [external Postgres server](configuring-playbook-external-postgres.md), the above tool will not be available.

--- a/docs/updating-users-passwords.md
+++ b/docs/updating-users-passwords.md
@@ -1,6 +1,6 @@
 # Updating users passwords

 ## Option 1 (if you are using the default matrix-postgres container):
 ## Option 1 (if you are using the integrated Postgres database):

 You can reset a user's password via the Ansible playbook (make sure to edit the `<your-username>` and `<your-password>` part below):

--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -429,6 +429,7 @@ matrix_appservice_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_
 # We only make this use Postgres if our own Postgres server is enabled.
 # It's only then (for now) that we can automatically create the necessary database and user for this service.
 matrix_appservice_discord_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_appservice_discord_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_appservice_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.discord.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -511,6 +512,7 @@ matrix_appservice_slack_systemd_required_services_list: |

 # Postgres is the default, except if not using internal Postgres server
 matrix_appservice_slack_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'nedb' }}"
 matrix_appservice_slack_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_appservice_slack_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.slack.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -553,6 +555,7 @@ matrix_appservice_irc_appservice_token: "{{ '%s' | format(matrix_homeserver_gene
 matrix_appservice_irc_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'irc.hs.token', rounds=655555) | to_uuid }}"

 matrix_appservice_irc_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'nedb' }}"
 matrix_appservice_irc_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_appservice_irc_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.irc.db', rounds=655555) | to_uuid }}"


@@ -591,6 +594,7 @@ matrix_appservice_kakaotalk_homeserver_token: "{{ '%s' | format(matrix_homeserve
 matrix_appservice_kakaotalk_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"

 matrix_appservice_kakaotalk_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_appservice_kakaotalk_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_appservice_kakaotalk_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kakao.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -630,6 +634,7 @@ matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_prov

 matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"

 matrix_beeper_linkedin_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_beeper_linkedin_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maulinkedin.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -668,6 +673,7 @@ matrix_go_skype_bridge_login_shared_secret: "{{ matrix_synapse_ext_password_prov

 # Postgres is the default, except if not using internal Postgres server
 matrix_go_skype_bridge_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_go_skype_bridge_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_go_skype_bridge_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'goskype.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -676,6 +682,51 @@ matrix_go_skype_bridge_database_password: "{{ '%s' | format(matrix_homeserver_ge
 #
 ######################################################################


 ######################################################################
 #
 # matrix-bridge-mautrix-discord
 #
 ######################################################################

 # We don't enable bridges by default.
 matrix_mautrix_discord_enabled: false

 matrix_mautrix_discord_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"

 matrix_mautrix_discord_systemd_required_services_list: |
  {{
    ['docker.service']
    +
    ['matrix-' + matrix_homeserver_implementation + '.service']
    +
    ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
    +
    (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
  }}

 matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.as.tok', rounds=655555) | to_uuid }}"

 matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.hs.tok', rounds=655555) | to_uuid }}"

 matrix_mautrix_discord_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"

 # Postgres is the default, except if not using internal Postgres server
 matrix_mautrix_discord_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_discord_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db', rounds=655555) | to_uuid }}"

 # Enabling bridge.restricted_rooms for this bridge does not work well with Conduit, so we disable it by default.
 # This will be fixed in the upcoming `0.5.0` release of conduit.
 matrix_mautrix_discord_bridge_restricted_rooms: "{{ false if matrix_homeserver_implementation == 'conduit' else true }}"

 ######################################################################
 #
 # /matrix-bridge-mautrix-discord
 #
 ######################################################################


 ######################################################################
 #
 # matrix-bridge-mautrix-facebook
@@ -713,6 +764,7 @@ matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if
 # We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
 # and point them to a migration path.
 matrix_mautrix_facebook_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_facebook_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_facebook_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.fb.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -724,16 +776,16 @@ matrix_mautrix_facebook_database_password: "{{ '%s' | format(matrix_homeserver_g

 ######################################################################
 #
 # matrix-bridge-mautrix-hangouts
 # matrix-bridge-mautrix-googlechat
 #
 ######################################################################

 # We don't enable bridges by default.
 matrix_mautrix_hangouts_enabled: false
 matrix_mautrix_googlechat_enabled: false

 matrix_mautrix_hangouts_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
 matrix_mautrix_googlechat_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"

 matrix_mautrix_hangouts_systemd_required_services_list: |
 matrix_mautrix_googlechat_systemd_required_services_list: |
  {{
    ['docker.service']
    +
@@ -744,37 +796,38 @@ matrix_mautrix_hangouts_systemd_required_services_list: |
    (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
  }}

 matrix_mautrix_hangouts_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ho.as.token', rounds=655555) | to_uuid }}"
 matrix_mautrix_googlechat_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gc.as.token', rounds=655555) | to_uuid }}"

 matrix_mautrix_hangouts_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ho.hs.token', rounds=655555) | to_uuid }}"
 matrix_mautrix_googlechat_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gc.hs.token', rounds=655555) | to_uuid }}"

 matrix_mautrix_hangouts_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9007' }}"
 matrix_mautrix_googlechat_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9007' }}"

 matrix_mautrix_hangouts_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
 matrix_mautrix_googlechat_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"

 # Postgres is the default, except if not using internal Postgres server
 matrix_mautrix_hangouts_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_hangouts_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.hangouts.db', rounds=655555) | to_uuid }}"
 matrix_mautrix_googlechat_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_googlechat_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_googlechat_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.gc.db', rounds=655555) | to_uuid }}"

 ######################################################################
 #
 # /matrix-bridge-mautrix-hangouts
 # /matrix-bridge-mautrix-googlechat
 #
 ######################################################################


 ######################################################################
 #
 # matrix-bridge-mautrix-googlechat
 # matrix-bridge-mautrix-hangouts
 #
 ######################################################################

 # We don't enable bridges by default.
 matrix_mautrix_googlechat_enabled: false
 matrix_mautrix_hangouts_enabled: false

 matrix_mautrix_googlechat_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
 matrix_mautrix_hangouts_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"

 matrix_mautrix_googlechat_systemd_required_services_list: |
 matrix_mautrix_hangouts_systemd_required_services_list: |
  {{
    ['docker.service']
    +
@@ -785,21 +838,22 @@ matrix_mautrix_googlechat_systemd_required_services_list: |
    (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
  }}

 matrix_mautrix_googlechat_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gc.as.token', rounds=655555) | to_uuid }}"
 matrix_mautrix_hangouts_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ho.as.token', rounds=655555) | to_uuid }}"

 matrix_mautrix_googlechat_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gc.hs.token', rounds=655555) | to_uuid }}"
 matrix_mautrix_hangouts_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ho.hs.token', rounds=655555) | to_uuid }}"

 matrix_mautrix_googlechat_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9007' }}"
 matrix_mautrix_hangouts_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9007' }}"

 matrix_mautrix_googlechat_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
 matrix_mautrix_hangouts_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"

 # Postgres is the default, except if not using internal Postgres server
 matrix_mautrix_googlechat_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_googlechat_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.gc.db', rounds=655555) | to_uuid }}"
 matrix_mautrix_hangouts_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_hangouts_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_hangouts_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.hangouts.db', rounds=655555) | to_uuid }}"

 ######################################################################
 #
 # /matrix-bridge-mautrix-googlechat
 # /matrix-bridge-mautrix-hangouts
 #
 ######################################################################

@@ -837,6 +891,7 @@ matrix_mautrix_instagram_bridge_presence: "{{ matrix_synapse_presence_enabled if
 # We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
 # and point them to a migration path.
 matrix_mautrix_instagram_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_instagram_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_instagram_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.ig.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -879,6 +934,7 @@ matrix_mautrix_signal_appservice_token: "{{ '%s' | format(matrix_homeserver_gene
 matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"

 matrix_mautrix_signal_database_engine: 'postgres'
 matrix_mautrix_signal_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_signal_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signal.db', rounds=655555) | to_uuid }}"

 matrix_mautrix_signal_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
@@ -927,6 +983,7 @@ matrix_mautrix_telegram_login_shared_secret: "{{ matrix_synapse_ext_password_pro

 # Postgres is the default, except if not using internal Postgres server
 matrix_mautrix_telegram_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_telegram_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_telegram_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.telegram.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -1002,6 +1059,7 @@ matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_pro

 # Postgres is the default, except if not using internal Postgres server
 matrix_mautrix_whatsapp_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_whatsapp_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_mautrix_whatsapp_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mauwhatsapp.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -1010,48 +1068,6 @@ matrix_mautrix_whatsapp_database_password: "{{ '%s' | format(matrix_homeserver_g
 #
 ######################################################################

 ######################################################################
 #
 # matrix-bridge-mautrix-discord
 #
 ######################################################################

 # We don't enable bridges by default.
 matrix_mautrix_discord_enabled: false

 matrix_mautrix_discord_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"

 matrix_mautrix_discord_systemd_required_services_list: |
  {{
    ['docker.service']
    +
    ['matrix-' + matrix_homeserver_implementation + '.service']
    +
    ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
    +
    (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
  }}

 matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.as.tok', rounds=655555) | to_uuid }}"

 matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.hs.tok', rounds=655555) | to_uuid }}"

 matrix_mautrix_discord_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"

 # Postgres is the default, except if not using internal Postgres server
 matrix_mautrix_discord_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_mautrix_discord_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudiscord.db', rounds=655555) | to_uuid }}"

 # Enabling bridge.restricted_rooms for this bridge does not work well with Conduit, so we disable it by default.
 # This will be fixed in the upcoming `0.5.0` release of conduit.
 matrix_mautrix_discord_bridge_restricted_rooms: "{{ false if matrix_homeserver_implementation == 'conduit' else true }}"

 ######################################################################
 #
 # /matrix-bridge-mautrix-discord
 #
 ######################################################################

 ######################################################################
 #
 # matrix-sms-bridge
@@ -1540,6 +1556,8 @@ matrix_bot_honoroit_container_image_self_build: "{{ matrix_architecture not in [
 # We don't enable bots by default.
 matrix_bot_buscarron_enabled: false

 matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"

 matrix_bot_buscarron_systemd_required_services_list: |
  {{
    ['docker.service']
@@ -1553,8 +1571,8 @@ matrix_bot_buscarron_systemd_required_services_list: |

 # Postgres is the default, except if not using internal Postgres server
 matrix_bot_buscarron_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_bot_buscarron_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_bot_buscarron_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'buscarron.bot.db', rounds=655555) | to_uuid }}"
 matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"

 ######################################################################
 #
@@ -1570,6 +1588,9 @@ matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in

 # We don't enable bots by default.
 matrix_bot_postmoogle_enabled: false

 matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"

 matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}"
 matrix_bot_postmoogle_tls_cert: "{% for domain in matrix_bot_postmoogle_domains %}/ssl/live/{{ domain }}/fullchain.pem {% endfor %}"
 matrix_bot_postmoogle_tls_key: "{% for domain in matrix_bot_postmoogle_domains %}/ssl/live/{{ domain }}/privkey.pem {% endfor %}"
@@ -1585,10 +1606,9 @@ matrix_bot_postmoogle_systemd_required_services_list: |

 # Postgres is the default, except if not using internal Postgres server
 matrix_bot_postmoogle_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_bot_postmoogle_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db', rounds=655555) | to_uuid }}"

 matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"

 ######################################################################
 #
 # /matrix-bot-postmoogle
@@ -1822,6 +1842,7 @@ matrix_dimension_systemd_required_services_list: |

 # Postgres is the default, except if not using internal Postgres server
 matrix_dimension_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_dimension_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_dimension_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'dimension.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -1850,7 +1871,6 @@ matrix_etherpad_systemd_required_services_list: |
  }}

 matrix_etherpad_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"

 matrix_etherpad_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'etherpad.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -2028,6 +2048,7 @@ matrix_ma1sd_systemd_wanted_services_list: |

 # Postgres is the default, except if not using internal Postgres server
 matrix_ma1sd_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_ma1sd_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_ma1sd_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ma1sd.db', rounds=655555) | to_uuid }}"

 ######################################################################
@@ -2845,6 +2866,7 @@ matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url |
 ######################################################################

 matrix_prometheus_postgres_exporter_enabled: false
 matrix_prometheus_postgres_exporter_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_prometheus_postgres_exporter_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'prometheus.pg.db', rounds=655555) | to_uuid }}"

 matrix_prometheus_postgres_exporter_systemd_required_services_list: |
@@ -2943,6 +2965,7 @@ matrix_registration_systemd_required_services_list: |

 # Postgres is the default, except if not using internal Postgres server
 matrix_registration_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
 matrix_registration_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_registration_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mx.registr.db', rounds=655555) | to_uuid }}"

 ######################################################################
--- a/roles/custom/matrix-backup-borg/defaults/main.yml
+++ b/roles/custom/matrix-backup-borg/defaults/main.yml
@@ -39,7 +39,7 @@ matrix_backup_borg_location_source_directories: []
 matrix_backup_borg_postgresql_enabled: true
 matrix_backup_borg_supported_postgres_versions: ['12', '13', '14']
 matrix_backup_borg_postgresql_databases: []
 matrix_backup_borg_postgresql_databases_hostname: "matrix-postgres"
 matrix_backup_borg_postgresql_databases_hostname: ''
 matrix_backup_borg_postgresql_databases_username: "matrix"
 matrix_backup_borg_postgresql_databases_password: ""
 matrix_backup_borg_postgresql_databases_port: 5432
--- a/roles/custom/matrix-backup-borg/tasks/validate_config.yml
+++ b/roles/custom/matrix-backup-borg/tasks/validate_config.yml
@@ -1,12 +1,13 @@
 ---
 - name: Fail if required settings not defined
 - name: Fail if required backup-borg settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_backup_borg_ssh_key_private"
    - "matrix_backup_borg_location_repositories"
    - {'name': 'matrix_backup_borg_ssh_key_private', when: true}
    - {'name': 'matrix_backup_borg_location_repositories', when: true}
    - {'name': 'matrix_backup_borg_postgresql_databases_hostname', when: "{{ matrix_backup_borg_postgresql_enabled }}"}

 - name: Fail if encryption passphrase is undefined unless repository is unencrypted
  ansible.builtin.fail:
--- a/roles/custom/matrix-bot-buscarron/defaults/main.yml
+++ b/roles/custom/matrix-bot-buscarron/defaults/main.yml
@@ -43,7 +43,7 @@ matrix_bot_buscarron_sqlite_database_path_in_container: "/data/bot.db"

 matrix_bot_buscarron_database_username: 'buscarron'
 matrix_bot_buscarron_database_password: 'some-password'
 matrix_bot_buscarron_database_hostname: 'matrix-postgres'
 matrix_bot_buscarron_database_hostname: ''
 matrix_bot_buscarron_database_port: 5432
 matrix_bot_buscarron_database_name: 'buscarron'

--- a/roles/custom/matrix-bot-buscarron/tasks/validate_config.yml
+++ b/roles/custom/matrix-bot-buscarron/tasks/validate_config.yml
@@ -1,9 +1,10 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required Buscarron settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_bot_buscarron_password"
    - {'name': 'matrix_bot_buscarron_password', when: true}
    - {'name': 'matrix_bot_buscarron_database_hostname', when: "{{ matrix_bot_buscarron_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bot-postmoogle/defaults/main.yml
+++ b/roles/custom/matrix-bot-postmoogle/defaults/main.yml
@@ -42,7 +42,7 @@ matrix_bot_postmoogle_sqlite_database_path_in_container: "/data/bot.db"

 matrix_bot_postmoogle_database_username: 'postmoogle'
 matrix_bot_postmoogle_database_password: 'some-password'
 matrix_bot_postmoogle_database_hostname: 'matrix-postgres'
 matrix_bot_postmoogle_database_hostname: ''
 matrix_bot_postmoogle_database_port: 5432
 matrix_bot_postmoogle_database_name: 'postmoogle'

--- a/roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml
+++ b/roles/custom/matrix-bot-postmoogle/tasks/validate_config.yml
@@ -1,9 +1,10 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required Postmoogle settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_bot_postmoogle_password"
    - {'name': 'matrix_bot_postmoogle_password', when: true}
    - {'name': 'matrix_bot_postmoogle_database_hostname', when: "{{ matrix_bot_postmoogle_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml
+++ b/roles/custom/matrix-bridge-appservice-discord/defaults/main.yml
@@ -60,7 +60,7 @@ matrix_appservice_discord_sqlite_database_path_in_container: "/data/discord.db"

 matrix_appservice_discord_database_username: 'matrix_appservice_discord'
 matrix_appservice_discord_database_password: 'some-password'
 matrix_appservice_discord_database_hostname: 'matrix-postgres'
 matrix_appservice_discord_database_hostname: ''
 matrix_appservice_discord_database_port: 5432
 matrix_appservice_discord_database_name: 'matrix_appservice_discord'

--- a/roles/custom/matrix-bridge-appservice-discord/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-appservice-discord/tasks/validate_config.yml
@@ -1,16 +1,17 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required appservice-discord settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_appservice_discord_client_id"
    - "matrix_appservice_discord_bot_token"
    - "matrix_appservice_discord_appservice_token"
    - "matrix_appservice_discord_homeserver_token"
    - "matrix_appservice_discord_homeserver_domain"
    - {'name': 'matrix_appservice_discord_client_id', when: true}
    - {'name': 'matrix_appservice_discord_bot_token', when: true}
    - {'name': 'matrix_appservice_discord_appservice_token', when: true}
    - {'name': 'matrix_appservice_discord_homeserver_token', when: true}
    - {'name': 'matrix_appservice_discord_homeserver_domain', when: true}
    - {'name': 'matrix_appservice_discord_database_hostname', when: "{{ matrix_appservice_discord_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed appservice-discord variables
  ansible.builtin.fail:
--- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml
+++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml
@@ -29,8 +29,8 @@ matrix_appservice_irc_appservice_address: 'http://matrix-appservice-irc:9999'

 matrix_appservice_irc_database_engine: nedb
 matrix_appservice_irc_database_username: matrix_appservice_irc
 matrix_appservice_irc_database_password: ~
 matrix_appservice_irc_database_hostname: 'matrix-postgres'
 matrix_appservice_irc_database_password: 'some-password'
 matrix_appservice_irc_database_hostname: ''
 matrix_appservice_irc_database_port: 5432
 matrix_appservice_irc_database_name: matrix_appservice_irc

--- a/roles/custom/matrix-bridge-appservice-irc/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-appservice-irc/tasks/validate_config.yml
@@ -3,11 +3,12 @@
 - name: Fail if required settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_appservice_irc_appservice_token"
    - "matrix_appservice_irc_homeserver_token"
    - {'name': 'matrix_appservice_irc_appservice_token', when: true}
    - {'name': 'matrix_appservice_irc_homeserver_token', when: true}
    - {'name': 'matrix_appservice_irc_database_hostname', when: "{{ matrix_appservice_irc_database_engine == 'postgres' }}"}

 # Our base configuration (`matrix_appservice_irc_configuration_yaml`) is not enough to
 # let the playbook run without errors.
--- a/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml
+++ b/roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml
@@ -90,7 +90,7 @@ matrix_appservice_kakaotalk_sqlite_database_path_in_container: "/data/appservice

 matrix_appservice_kakaotalk_database_username: 'matrix_appservice_kakaotalk'
 matrix_appservice_kakaotalk_database_password: 'some-password'
 matrix_appservice_kakaotalk_database_hostname: 'matrix-postgres'
 matrix_appservice_kakaotalk_database_hostname: ''
 matrix_appservice_kakaotalk_database_port: 5432
 matrix_appservice_kakaotalk_database_name: 'matrix_appservice_kakaotalk'

--- a/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml
@@ -1,10 +1,11 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required appservice-kakaotalk settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_appservice_kakaotalk_appservice_token"
    - "matrix_appservice_kakaotalk_homeserver_token"
    - {'name': 'matrix_appservice_kakaotalk_appservice_token', when: true}
    - {'name': 'matrix_appservice_kakaotalk_homeserver_token', when: true}
    - {'name': 'matrix_appservice_kakaotalk_database_hostname', when: "{{ matrix_appservice_kakaotalk_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml
+++ b/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml
@@ -57,8 +57,8 @@ matrix_appservice_slack_id_token: ''

 matrix_appservice_slack_database_engine: nedb
 matrix_appservice_slack_database_username: matrix_appservice_slack
 matrix_appservice_slack_database_password: ~
 matrix_appservice_slack_database_hostname: 'matrix-postgres'
 matrix_appservice_slack_database_password: 'some-passsword'
 matrix_appservice_slack_database_hostname: ''
 matrix_appservice_slack_database_port: 5432
 matrix_appservice_slack_database_name: matrix_appservice_slack

--- a/roles/custom/matrix-bridge-appservice-slack/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-appservice-slack/tasks/validate_config.yml
@@ -1,16 +1,17 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required appservice-slack settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_appservice_slack_control_room_id"
    - "matrix_appservice_slack_appservice_token"
    - "matrix_appservice_slack_homeserver_url"
    - "matrix_appservice_slack_homeserver_token"
    - "matrix_appservice_slack_id_token"
    - {'name': 'matrix_appservice_slack_control_room_id', when: true}
    - {'name': 'matrix_appservice_slack_appservice_token', when: true}
    - {'name': 'matrix_appservice_slack_homeserver_url', when: true}
    - {'name': 'matrix_appservice_slack_homeserver_token', when: true}
    - {'name': 'matrix_appservice_slack_id_token', when: true}
    - {'name': 'matrix_appservice_slack_database_hostname', when: "{{ matrix_appservice_slack_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed settings
  ansible.builtin.fail:
--- a/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml
+++ b/roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml
@@ -55,8 +55,8 @@ matrix_beeper_linkedin_appservice_bot_username: linkedinbot
 matrix_beeper_linkedin_database_engine: "postgres"

 matrix_beeper_linkedin_database_username: 'matrix_beeper_linkedin'
 matrix_beeper_linkedin_database_password: ""
 matrix_beeper_linkedin_database_hostname: 'matrix-postgres'
 matrix_beeper_linkedin_database_password: 'some-password'
 matrix_beeper_linkedin_database_hostname: ''
 matrix_beeper_linkedin_database_port: 5432
 matrix_beeper_linkedin_database_name: 'matrix_beeper_linkedin'

--- a/roles/custom/matrix-bridge-beeper-linkedin/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-beeper-linkedin/tasks/validate_config.yml
@@ -1,10 +1,11 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required beeper-linkedin settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_beeper_linkedin_appservice_token"
    - "matrix_beeper_linkedin_homeserver_token"
    - {'name': 'matrix_beeper_linkedin_appservice_token', when: true}
    - {'name': 'matrix_beeper_linkedin_homeserver_token', when: true}
    - {'name': 'matrix_beeper_linkedin_database_hostname', when: "{{ matrix_beeper_linkedin_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml
+++ b/roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml
@@ -56,7 +56,7 @@ matrix_go_skype_bridge_sqlite_database_path_in_container: "/data/go-skype-bridge

 matrix_go_skype_bridge_database_username: 'matrix_go_skype_bridge'
 matrix_go_skype_bridge_database_password: 'some-password'
 matrix_go_skype_bridge_database_hostname: 'matrix-postgres'
 matrix_go_skype_bridge_database_hostname: ''
 matrix_go_skype_bridge_database_port: 5432
 matrix_go_skype_bridge_database_name: 'matrix_go_skype_bridge'

--- a/roles/custom/matrix-bridge-go-skype-bridge/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-go-skype-bridge/tasks/validate_config.yml
@@ -1,10 +1,11 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required go-skype-bridge settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_go_skype_bridge_appservice_token"
    - "matrix_go_skype_bridge_homeserver_token"
    - {'name': 'matrix_go_skype_bridge_appservice_token', when: true}
    - {'name': 'matrix_go_skype_bridge_homeserver_token', when: true}
    - {'name': 'matrix_go_skype_bridge_database_hostname', when: "{{ matrix_go_skype_bridge_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml
@@ -67,7 +67,7 @@ matrix_mautrix_discord_sqlite_database_path_in_container: "/data/mautrix-discord

 matrix_mautrix_discord_database_username: 'matrix_mautrix_discord'
 matrix_mautrix_discord_database_password: 'some-password'
 matrix_mautrix_discord_database_hostname: 'matrix-postgres'
 matrix_mautrix_discord_database_hostname: ''
 matrix_mautrix_discord_database_port: 5432
 matrix_mautrix_discord_database_name: 'matrix_mautrix_discord'

--- a/roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-discord/tasks/validate_config.yml
@@ -1,10 +1,11 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required mautrix-discord settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_discord_appservice_token"
    - "matrix_mautrix_discord_homeserver_token"
    - {'name': 'matrix_mautrix_discord_appservice_token', when: true}
    - {'name': 'matrix_mautrix_discord_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_discord_database_hostname', when: "{{ matrix_mautrix_discord_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml
@@ -74,7 +74,7 @@ matrix_mautrix_facebook_sqlite_database_path_in_container: "/data/mautrix-facebo

 matrix_mautrix_facebook_database_username: 'matrix_mautrix_facebook'
 matrix_mautrix_facebook_database_password: 'some-password'
 matrix_mautrix_facebook_database_hostname: 'matrix-postgres'
 matrix_mautrix_facebook_database_hostname: ''
 matrix_mautrix_facebook_database_port: 5432
 matrix_mautrix_facebook_database_name: 'matrix_mautrix_facebook'

--- a/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml
@@ -1,14 +1,15 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required mautrix-facebook settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_facebook_public_endpoint"
    - "matrix_mautrix_facebook_appservice_token"
    - "matrix_mautrix_facebook_homeserver_token"
    - {'name': 'matrix_mautrix_facebook_public_endpoint', when: true}
    - {'name': 'matrix_mautrix_facebook_appservice_token', when: true}
    - {'name': 'matrix_mautrix_facebook_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_facebook_database_hostname', when: "{{ matrix_mautrix_facebook_database_engine == 'postgres' }}"}

 - when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
  block:
--- a/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml
@@ -68,7 +68,7 @@ matrix_mautrix_googlechat_sqlite_database_path_in_container: "/data/mautrix-goog

 matrix_mautrix_googlechat_database_username: 'matrix_mautrix_googlechat'
 matrix_mautrix_googlechat_database_password: 'some-password'
 matrix_mautrix_googlechat_database_hostname: 'matrix-postgres'
 matrix_mautrix_googlechat_database_hostname: ''
 matrix_mautrix_googlechat_database_port: 5432
 matrix_mautrix_googlechat_database_name: 'matrix_mautrix_googlechat'

--- a/roles/custom/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml
@@ -1,14 +1,12 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required mautrix-googlechat settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_googlechat_public_endpoint"
    - "matrix_mautrix_googlechat_appservice_token"
    - "matrix_mautrix_googlechat_homeserver_token"
 - ansible.builtin.debug:
    msg:
      - '`matrix_mautrix_googlechat_homeserver_domain` == {{ matrix_mautrix_googlechat_homeserver_domain }}'
    - {'name': 'matrix_mautrix_googlechat_public_endpoint', when: true}
    - {'name': 'matrix_mautrix_googlechat_appservice_token', when: true}
    - {'name': 'matrix_mautrix_googlechat_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_googlechat_database_hostname', when: "{{ matrix_mautrix_googlechat_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml
@@ -65,7 +65,7 @@ matrix_mautrix_hangouts_sqlite_database_path_in_container: "/data/mautrix-hangou

 matrix_mautrix_hangouts_database_username: 'matrix_mautrix_hangouts'
 matrix_mautrix_hangouts_database_password: 'some-password'
 matrix_mautrix_hangouts_database_hostname: 'matrix-postgres'
 matrix_mautrix_hangouts_database_hostname: ''
 matrix_mautrix_hangouts_database_port: 5432
 matrix_mautrix_hangouts_database_name: 'matrix_mautrix_hangouts'

--- a/roles/custom/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-hangouts/tasks/validate_config.yml
@@ -1,14 +1,12 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required mautrix-hangouts settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_hangouts_public_endpoint"
    - "matrix_mautrix_hangouts_appservice_token"
    - "matrix_mautrix_hangouts_homeserver_token"
 - ansible.builtin.debug:
    msg:
      - '`matrix_mautrix_hangouts_homeserver_domain` == {{ matrix_mautrix_hangouts_homeserver_domain }}'
    - {'name': 'matrix_mautrix_hangouts_public_endpoint', when: true}
    - {'name': 'matrix_mautrix_hangouts_appservice_token', when: true}
    - {'name': 'matrix_mautrix_hangouts_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_hangouts_database_hostname', when: "{{ matrix_mautrix_hangouts_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml
@@ -55,7 +55,7 @@ matrix_mautrix_instagram_database_engine: 'postgres'

 matrix_mautrix_instagram_database_username: 'matrix_mautrix_instagram'
 matrix_mautrix_instagram_database_password: 'some-password'
 matrix_mautrix_instagram_database_hostname: 'matrix-postgres'
 matrix_mautrix_instagram_database_hostname: ''
 matrix_mautrix_instagram_database_port: 5432
 matrix_mautrix_instagram_database_name: 'matrix_mautrix_instagram'

--- a/roles/custom/matrix-bridge-mautrix-instagram/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-instagram/tasks/validate_config.yml
@@ -1,9 +1,10 @@
 ---
 - name: Fail if required settings not defined
 - name: Fail if required mautrix-instagram settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_instagram_appservice_token"
    - "matrix_mautrix_instagram_homeserver_token"
    - {'name': 'matrix_mautrix_instagram_appservice_token', when: true}
    - {'name': 'matrix_mautrix_instagram_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_instagram_database_hostname', when: "{{ matrix_mautrix_instagram_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
@@ -76,7 +76,7 @@ matrix_mautrix_signal_database_engine: 'postgres'

 matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
 matrix_mautrix_signal_database_password: 'some-password'
 matrix_mautrix_signal_database_hostname: 'matrix-postgres'
 matrix_mautrix_signal_database_hostname: ''
 matrix_mautrix_signal_database_port: 5432
 matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'

--- a/roles/custom/matrix-bridge-mautrix-signal/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-signal/tasks/validate_config.yml
@@ -1,15 +1,16 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required mautrix-signal settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_signal_homeserver_domain"
    - "matrix_mautrix_signal_homeserver_address"
    - "matrix_mautrix_signal_homeserver_token"
    - "matrix_mautrix_signal_appservice_token"
    - {'name': 'matrix_mautrix_signal_homeserver_domain', when: true}
    - {'name': 'matrix_mautrix_signal_homeserver_address', when: true}
    - {'name': 'matrix_mautrix_signal_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_signal_appservice_token', when: true}
    - {'name': 'matrix_mautrix_signal_database_hostname', when: "{{ matrix_mautrix_signal_database_engine == 'postgres' }}"}

 - name: (Deprecation) Fail if matrix_mautrix_signal_bridge_permissions specified as YAML string, instead of a dictionary
  ansible.builtin.fail:
--- a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
@@ -95,7 +95,7 @@ matrix_mautrix_telegram_sqlite_database_path_in_container: "/data/mautrix-telegr

 matrix_mautrix_telegram_database_username: 'matrix_mautrix_telegram'
 matrix_mautrix_telegram_database_password: 'some-password'
 matrix_mautrix_telegram_database_hostname: 'matrix-postgres'
 matrix_mautrix_telegram_database_hostname: ''
 matrix_mautrix_telegram_database_port: 5432
 matrix_mautrix_telegram_database_name: 'matrix_mautrix_telegram'

--- a/roles/custom/matrix-bridge-mautrix-telegram/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-telegram/tasks/validate_config.yml
@@ -1,16 +1,17 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required mautrix-telegram settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_telegram_api_id"
    - "matrix_mautrix_telegram_api_hash"
    - "matrix_mautrix_telegram_public_endpoint"
    - "matrix_mautrix_telegram_appservice_token"
    - "matrix_mautrix_telegram_homeserver_token"
    - {'name': 'matrix_mautrix_telegram_api_id', when: true}
    - {'name': 'matrix_mautrix_telegram_api_hash', when: true}
    - {'name': 'matrix_mautrix_telegram_public_endpoint', when: true}
    - {'name': 'matrix_mautrix_telegram_appservice_token', when: true}
    - {'name': 'matrix_mautrix_telegram_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_telegram_database_hostname', when: "{{ matrix_mautrix_telegram_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed Telegram variables
  ansible.builtin.fail:
--- a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml
@@ -54,7 +54,7 @@ matrix_mautrix_twitter_federate_rooms: true
 matrix_mautrix_twitter_database_engine: 'postgres'

 matrix_mautrix_twitter_database_username: 'matrix_mautrix_twitter'
 matrix_mautrix_twitter_database_password: ''
 matrix_mautrix_twitter_database_password: 'some-password'
 matrix_mautrix_twitter_database_hostname: ''
 matrix_mautrix_twitter_database_port: 5432
 matrix_mautrix_twitter_database_name: 'matrix_mautrix_twitter'
--- a/roles/custom/matrix-bridge-mautrix-twitter/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-twitter/tasks/validate_config.yml
@@ -3,10 +3,9 @@
 - name: Fail if required mautrix-twitter settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_twitter_appservice_token"
    - "matrix_mautrix_twitter_homeserver_token"
    - "matrix_mautrix_twitter_database_hostname"
    - "matrix_mautrix_twitter_database_password"
    - {'name': 'matrix_mautrix_twitter_appservice_token', when: true}
    - {'name': 'matrix_mautrix_twitter_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_twitter_database_hostname', when: "{{ matrix_mautrix_twitter_database_engine == 'postgres' }}"}
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
@@ -61,7 +61,7 @@ matrix_mautrix_whatsapp_sqlite_database_path_in_container: "/data/mautrix-whatsa

 matrix_mautrix_whatsapp_database_username: 'matrix_mautrix_whatsapp'
 matrix_mautrix_whatsapp_database_password: 'some-password'
 matrix_mautrix_whatsapp_database_hostname: 'matrix-postgres'
 matrix_mautrix_whatsapp_database_hostname: ''
 matrix_mautrix_whatsapp_database_port: 5432
 matrix_mautrix_whatsapp_database_name: 'matrix_mautrix_whatsapp'

--- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
@@ -1,14 +1,14 @@
 ---

 - name: Fail if required settings not defined
 - name: Fail if required mautrix-whatsapp settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_mautrix_whatsapp_appservice_token"
    - "matrix_mautrix_whatsapp_homeserver_token"

    - {'name': 'matrix_mautrix_whatsapp_appservice_token', when: true}
    - {'name': 'matrix_mautrix_whatsapp_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_whatsapp_database_hostname', when: "{{ matrix_mautrix_whatsapp_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed settings
  ansible.builtin.fail:
--- a/roles/custom/matrix-dimension/defaults/main.yml
+++ b/roles/custom/matrix-dimension/defaults/main.yml
@@ -65,7 +65,7 @@ matrix_dimension_sqlite_database_path_in_container: "dimension.db"

 matrix_dimension_database_username: 'matrix_dimension'
 matrix_dimension_database_password: 'some-password'
 matrix_dimension_database_hostname: 'matrix-postgres'
 matrix_dimension_database_hostname: ''
 matrix_dimension_database_port: 5432
 matrix_dimension_database_name: 'matrix_dimension'

--- a/roles/custom/matrix-dimension/tasks/validate_config.yml
+++ b/roles/custom/matrix-dimension/tasks/validate_config.yml
@@ -1,11 +1,13 @@
 ---

 - name: Fail if required Dimension settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`) for using Dimension.
    msg: >
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_dimension_access_token"
  when: "matrix_dimension_enabled and vars[item] == ''"
    - {'name': 'matrix_dimension_access_token', when: true}
    - {'name': 'matrix_dimension_database_hostname', when: "{{ matrix_dimension_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed Dimension variables
  ansible.builtin.fail:
--- a/roles/custom/matrix-etherpad/defaults/main.yml
+++ b/roles/custom/matrix-etherpad/defaults/main.yml
@@ -45,7 +45,7 @@ matrix_etherpad_database_engine: 'postgres'

 matrix_etherpad_database_username: 'matrix_etherpad'
 matrix_etherpad_database_password: 'some-password'
 matrix_etherpad_database_hostname: 'matrix-postgres'
 matrix_etherpad_database_hostname: ''
 matrix_etherpad_database_port: 5432
 matrix_etherpad_database_name: 'matrix_etherpad'

--- a/roles/custom/matrix-etherpad/tasks/validate_config.yml
+++ b/roles/custom/matrix-etherpad/tasks/validate_config.yml
@@ -1,10 +1,12 @@
 ---

 - name: Fail if no database is configured for Etherpad
 - name: Fail if required Etherpad settings not defined
  ansible.builtin.fail:
    msg: >-
      Etherpad requires a dedicated Postgres database. Please enable the built in one, or configure an external DB by redefining "matrix_etherpad_database_hostname"
  when: matrix_etherpad_database_hostname == ''
    msg: >
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - {'name': 'matrix_etherpad_database_hostname', when: true}

 - name: Fail if wrong mode selected
  ansible.builtin.fail:
--- a/roles/custom/matrix-ma1sd/defaults/main.yml
+++ b/roles/custom/matrix-ma1sd/defaults/main.yml
@@ -64,7 +64,7 @@ matrix_ma1sd_sqlite_database_path_in_container: "/var/ma1sd/ma1sd.db"

 matrix_ma1sd_database_username: 'matrix_ma1sd'
 matrix_ma1sd_database_password: 'some-password'
 matrix_ma1sd_database_hostname: 'matrix-postgres'
 matrix_ma1sd_database_hostname: ''
 matrix_ma1sd_database_port: 5432
 matrix_ma1sd_database_name: 'matrix_ma1sd'

--- a/roles/custom/matrix-ma1sd/tasks/validate_config.yml
+++ b/roles/custom/matrix-ma1sd/tasks/validate_config.yml
@@ -42,11 +42,12 @@
 - name: Fail if required ma1sd settings not defined
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item }}`) for using ma1sd.
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_ma1sd_threepid_medium_email_connectors_smtp_host"
    - "matrix_ma1sd_dns_overwrite_homeserver_client_value"
    - {'name': 'matrix_ma1sd_threepid_medium_email_connectors_smtp_host', when: true}
    - {'name': 'matrix_ma1sd_dns_overwrite_homeserver_client_value', when: true}
    - {'name': 'matrix_ma1sd_database_hostname', when: "{{ matrix_ma1sd_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed ma1sd variables
  ansible.builtin.fail:
--- a/roles/custom/matrix-postgres-backup/tasks/validate_config.yml
+++ b/roles/custom/matrix-postgres-backup/tasks/validate_config.yml
@@ -1,6 +1,6 @@
 ---

 - name: Fail if required Postgres settings not defined
 - name: Fail if required postgres-backup settings not defined
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
--- a/roles/custom/matrix-prometheus-postgres-exporter/defaults/main.yml
+++ b/roles/custom/matrix-prometheus-postgres-exporter/defaults/main.yml
@@ -24,7 +24,7 @@ matrix_prometheus_postgres_exporter_systemd_wanted_services_list: []
 # details for connecting to the database
 matrix_prometheus_postgres_exporter_database_username: 'matrix_prometheus_postgres_exporter'
 matrix_prometheus_postgres_exporter_database_password: 'some-password'
 matrix_prometheus_postgres_exporter_database_hostname: 'matrix-postgres'
 matrix_prometheus_postgres_exporter_database_hostname: ''
 matrix_prometheus_postgres_exporter_database_port: 5432
 matrix_prometheus_postgres_exporter_database_name: 'matrix_prometheus_postgres_exporter'

--- a/roles/custom/matrix-prometheus-postgres-exporter/tasks/main.yml
+++ b/roles/custom/matrix-prometheus-postgres-exporter/tasks/main.yml
@@ -10,6 +10,9 @@
    - install-nginx-proxy

 - block:
    - when: matrix_prometheus_postgres_exporter_enabled | bool
      ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"

    - when: matrix_prometheus_postgres_exporter_enabled | bool
      ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
  tags:
--- a/roles/custom/matrix-prometheus-postgres-exporter/tasks/validate_config.yml
+++ b/roles/custom/matrix-prometheus-postgres-exporter/tasks/validate_config.yml
@@ -0,0 +1,9 @@
 ---

 - name: Fail if required prometheus-postgres-exporter settings not defined
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
  with_items:
    - matrix_prometheus_postgres_exporter_database_hostname
--- a/roles/custom/matrix-registration/defaults/main.yml
+++ b/roles/custom/matrix-registration/defaults/main.yml
@@ -52,7 +52,7 @@ matrix_registration_sqlite_database_path_in_container: "/data/db.sqlite3"

 matrix_registration_database_username: 'matrix_registration'
 matrix_registration_database_password: 'some-password'
 matrix_registration_database_hostname: 'matrix-postgres'
 matrix_registration_database_hostname: ''
 matrix_registration_database_port: 5432
 matrix_registration_database_name: 'matrix_registration'

--- a/roles/custom/matrix-registration/tasks/validate_config.yml
+++ b/roles/custom/matrix-registration/tasks/validate_config.yml
@@ -3,12 +3,13 @@
 - name: Fail if required matrix-registration settings not defined
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item }}`) for using matrix-registration.
  when: "vars[item] == ''"
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and vars[item.name] == ''"
  with_items:
    - "matrix_registration_shared_secret"
    - "matrix_registration_admin_secret"
    - "matrix_registration_server_location"
    - {'name': 'matrix_registration_shared_secret', when: true}
    - {'name': 'matrix_registration_admin_secret', when: true}
    - {'name': 'matrix_registration_server_location', when: true}
    - {'name': 'matrix_registration_database_hostname', when: "{{ matrix_registration_database_engine == 'postgres' }}"}

 - name: (Deprecation) Catch and report renamed settings
  ansible.builtin.fail: