diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index d5c2f5f4f..c1ffd5a2a 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1182,9 +1182,9 @@ matrix_backup_borg_systemd_required_services_list: | # ###################################################################### -matrix_maubot_enabled: false +matrix_bot_maubot_enabled: false -matrix_maubot_systemd_required_services_list: | +matrix_bot_maubot_systemd_required_services_list: | {{ ['docker.service'] + @@ -1195,11 +1195,11 @@ matrix_maubot_systemd_required_services_list: | (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} -matrix_maubot_registration_shared_secret: "{{ matrix_synapse_registration_shared_secret }}" -matrix_maubot_shared_secret: true +matrix_bot_maubot_registration_shared_secret: "{{ matrix_synapse_registration_shared_secret }}" +matrix_bot_maubot_shared_secret: true -matrix_maubot_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" -matrix_maubot_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'maubot.db') | to_uuid }}" +matrix_bot_maubot_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_bot_maubot_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'maubot.db') | to_uuid }}" ###################################################################### # @@ -1754,10 +1754,10 @@ matrix_postgres_additional_databases: | }] if (matrix_ma1sd_enabled and matrix_ma1sd_database_engine == 'postgres' and matrix_ma1sd_database_hostname == 'matrix-postgres') else []) + ([{ - 'name': matrix_maubot_database_name, - 'username': matrix_maubot_database_username, - 'password': matrix_maubot_database_password, - }] if (matrix_maubot_enabled and matrix_maubot_database_engine == 'postgres' and matrix_maubot_database_hostname == 'matrix-postgres') else []) + 'name': matrix_bot_maubot_database_name, + 'username': matrix_bot_maubot_database_username, + 'password': matrix_bot_maubot_database_password, + }] if (matrix_bot_maubot_enabled and matrix_bot_maubot_database_engine == 'postgres' and matrix_bot_maubot_database_hostname == 'matrix-postgres') else []) + ([{ 'name': matrix_bot_matrix_reminder_bot_database_name, diff --git a/roles/matrix-maubot/defaults/main.yml b/roles/matrix-maubot/defaults/main.yml index d54db7896..4c4bf9469 100644 --- a/roles/matrix-maubot/defaults/main.yml +++ b/roles/matrix-maubot/defaults/main.yml @@ -1,41 +1,41 @@ -matrix_maubot_enabled: true -matrix_maubot_host_data_dir: "{{ matrix_base_data_path }}/maubot/data" -matrix_maubot_host_config_dir: "{{ matrix_base_data_path }}/maubot/config" -matrix_maubot_container_data_dir: "/data" -matrix_maubot_container_config_dir: "/root/.config/" -matrix_maubot_config_filename: "config.yaml" -matrix_maubot_config_path: "{{ matrix_maubot_host_data_dir + '/' + matrix_maubot_config_filename }}" -matrix_maubot_systemd_required_services_list: ['docker.service'] -matrix_maubot_systemd_wanted_services_list: [] -matrix_maubot_container_extra_arguments: [] - -matrix_maubot_database_engine: "sqlite" - -matrix_maubot_sqlite_database_path_local: "maubot.db" -matrix_maubot_sqlite_database_path_in_container: "/{{ matrix_maubot_container_data_dir }}/{{ matrix_maubot_sqlite_database_path_local }}" - -matrix_maubot_database_username: 'matrix_bot_maubot' -matrix_maubot_database_password: 'some-password' -matrix_maubot_database_hostname: 'matrix-postgres' -matrix_maubot_database_port: 5432 -matrix_maubot_database_name: 'matrix_bot_maubot' - -matrix_maubot_database_connection_string: 'postgres://{{ matrix_maubot_database_username }}:{{ matrix_maubot_database_password }}@{{ matrix_maubot_database_hostname }}:{{ matrix_maubot_database_port }}/{{ matrix_maubot_database_name }}' - -matrix_maubot_storage_database: "{{ +matrix_bot_maubot_enabled: true +matrix_bot_maubot_host_data_dir: "{{ matrix_base_data_path }}/maubot/data" +matrix_bot_maubot_host_config_dir: "{{ matrix_base_data_path }}/maubot/config" +matrix_bot_maubot_container_data_dir: "/data" +matrix_bot_maubot_container_config_dir: "/root/.config/" +matrix_bot_maubot_config_filename: "config.yaml" +matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_host_data_dir + '/' + matrix_bot_maubot_config_filename }}" +matrix_bot_maubot_systemd_required_services_list: ['docker.service'] +matrix_bot_maubot_systemd_wanted_services_list: [] +matrix_bot_maubot_container_extra_arguments: [] + +matrix_bot_maubot_database_engine: "sqlite" + +matrix_bot_maubot_sqlite_database_path_local: "maubot.db" +matrix_bot_maubot_sqlite_database_path_in_container: "/{{ matrix_bot_maubot_container_data_dir }}/{{ matrix_bot_maubot_sqlite_database_path_local }}" + +matrix_bot_maubot_database_username: 'matrix_bot_maubot' +matrix_bot_maubot_database_password: 'some-password' +matrix_bot_maubot_database_hostname: 'matrix-postgres' +matrix_bot_maubot_database_port: 5432 +matrix_bot_maubot_database_name: 'matrix_bot_maubot' + +matrix_bot_maubot_database_connection_string: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}' + +matrix_bot_maubot_storage_database: "{{ { - 'sqlite': ('sqlite://' + matrix_maubot_sqlite_database_path_in_container), - 'postgres': matrix_maubot_database_connection_string, - }[matrix_maubot_database_engine] + 'sqlite': ('sqlite://' + matrix_bot_maubot_sqlite_database_path_in_container), + 'postgres': matrix_bot_maubot_database_connection_string, + }[matrix_bot_maubot_database_engine] }}" -matrix_maubot_management_port: 29316 -matrix_maubot_management_hostname: "0.0.0.0" +matrix_bot_maubot_management_port: 29316 +matrix_bot_maubot_management_hostname: "0.0.0.0" -matrix_maubot_shared_secret: false -matrix_maubot_registration_shared_secret: -matrix_maubot_cs_url: "{{ matrix_homeserver_container_url }}" -matrix_maubot_admins: {} +matrix_bot_maubot_shared_secret: false +matrix_bot_maubot_registration_shared_secret: +matrix_bot_maubot_cs_url: "{{ matrix_homeserver_container_url }}" +matrix_bot_maubot_admins: {} -matrix_maubot_docker_image: dock.mau.dev/maubot/maubot:latest -matrix_maubot_docker_image_force_pull: "{{ matrix_maubot_docker_image.endswith(':latest') }}" +matrix_bot_maubot_docker_image: dock.mau.dev/maubot/maubot:latest +matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-maubot/tasks/main.yml b/roles/matrix-maubot/tasks/main.yml index 6826beea2..d931909e4 100644 --- a/roles/matrix-maubot/tasks/main.yml +++ b/roles/matrix-maubot/tasks/main.yml @@ -1,5 +1,5 @@ - import_tasks: "{{ role_path }}/tasks/setup.yml" - when: "run_setup|bool and matrix_maubot_enabled|bool" + when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - setup-bot-maubot \ No newline at end of file diff --git a/roles/matrix-maubot/tasks/setup.yml b/roles/matrix-maubot/tasks/setup.yml index b3b615a75..eab01c91e 100644 --- a/roles/matrix-maubot/tasks/setup.yml +++ b/roles/matrix-maubot/tasks/setup.yml @@ -1,43 +1,43 @@ --- - name: Create Config Dir file: - path: "{{ matrix_maubot_host_data_dir }}" + path: "{{ matrix_bot_maubot_host_data_dir }}" state: directory mode: 0755 owner: "{{ matrix_user_username }}" - when: matrix_maubot_enabled|bool + when: matrix_bot_maubot_enabled|bool - name: Create User Config Dir file: - path: "{{ matrix_maubot_host_config_dir }}" + path: "{{ matrix_bot_maubot_host_config_dir }}" state: directory mode: 0755 owner: "{{ matrix_user_username }}" - when: matrix_maubot_enabled|bool and matrix_maubot_host_config_dir|bool + when: matrix_bot_maubot_enabled|bool and matrix_bot_maubot_host_config_dir|bool - name: Create Config File template: src: "{{ role_path }}/templates/maubot_config.yaml.j2" - dest: "{{ matrix_maubot_config_path }}" + dest: "{{ matrix_bot_maubot_config_path }}" owner: "{{ matrix_user_username }}" mode: "u=rwx" - when: matrix_maubot_enabled|bool + when: matrix_bot_maubot_enabled|bool - name: Ensure Maubot image is pulled docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_maubot_docker_image_force_pull }}" - when: matrix_maubot_enabled|bool + force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_maubot_docker_image_force_pull }}" + when: matrix_bot_maubot_enabled|bool - name: Ensure matrix-maubot.service installed template: src: "{{ role_path }}/templates/matrix-maubot.service.j2" dest: "/etc/systemd/system/matrix-maubot.service" mode: 0644 - register: matrix_maubot_systemd_service_result - when: matrix_maubot_enabled|bool + register: matrix_bot_maubot_systemd_service_result + when: matrix_bot_maubot_enabled|bool - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-maubot'] }}" @@ -49,27 +49,27 @@ but it's pointless since the matrix-nginx-proxy role had already executed. To fix this, please change the order of roles in your plabook, so that the matrix-nginx-proxy role would run after the matrix-maubot role. - when: matrix_nginx_proxy_role_executed|default(False)|bool and matrix_maubot_enabled|bool + when: matrix_nginx_proxy_role_executed|default(False)|bool and matrix_bot_maubot_enabled|bool - name: Generate Maubot proxying configuration for matrix-nginx-proxy set_fact: - matrix_maubot_matrix_nginx_proxy_configuration: | + matrix_bot_maubot_matrix_nginx_proxy_configuration: | location /_matrix/maubot { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-maubot:{{ matrix_maubot_management_port }}"; + set $backend "matrix-maubot:{{ matrix_bot_maubot_management_port }}"; proxy_pass http://$backend; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_maubot_management_port }}; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_port }}; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} } - when: matrix_maubot_enabled|bool + when: matrix_bot_maubot_enabled|bool - name: Register Maubot's proxying configuration with matrix-nginx-proxy set_fact: @@ -77,9 +77,9 @@ {{ matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + - [matrix_maubot_matrix_nginx_proxy_configuration] + [matrix_bot_maubot_matrix_nginx_proxy_configuration] }} - when: matrix_maubot_enabled|bool + when: matrix_bot_maubot_enabled|bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used debug: @@ -88,7 +88,7 @@ reverse proxy. Please make sure that you're proxying the `/_matrix/maubot` URL endpoint to the matrix-maubot container. - when: "matrix_maubot_enabled|bool and matrix_nginx_proxy_enabled is not defined" + when: "matrix_bot_maubot_enabled|bool and matrix_nginx_proxy_enabled is not defined" # # Tasks related to getting rid of the maubot (if it was previously enabled) @@ -97,8 +97,8 @@ - name: Check existence of matrix-maubot service stat: path: "/etc/systemd/system/matrix-maubot.service" - register: matrix_maubot_service_stat - when: "not matrix_maubot_enabled|bool" + register: matrix_bot_maubot_service_stat + when: "not matrix_bot_maubot_enabled|bool" - name: Ensure matrix-maubot is stopped service: @@ -106,21 +106,21 @@ state: stopped daemon_reload: yes register: stopping_result - when: "not matrix_maubot_enabled|bool and matrix_maubot_service_stat.stat.exists" + when: "not matrix_bot_maubot_enabled|bool and matrix_bot_maubot_service_stat.stat.exists" - name: Ensure matrix-maubot.service doesn't exist file: path: "/etc/systemd/system/matrix-maubot.service" state: absent - when: "not matrix_maubot_enabled|bool and matrix_maubot_service_stat.stat.exists" + when: "not matrix_bot_maubot_enabled|bool and matrix_bot_maubot_service_stat.stat.exists" - name: Ensure systemd reloaded after matrix-maubot.service removal service: daemon_reload: yes - when: "not matrix_maubot_enabled|bool and matrix_maubot_service_stat.stat.exists" + when: "not matrix_bot_maubot_enabled|bool and matrix_bot_maubot_service_stat.stat.exists" - name: Ensure maubot Docker image doesn't exist docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" state: absent - when: "not matrix_maubot_enabled|bool" + when: "not matrix_bot_maubot_enabled|bool" diff --git a/roles/matrix-maubot/templates/matrix-maubot.service.j2 b/roles/matrix-maubot/templates/matrix-maubot.service.j2 index 98a565638..eaded23be 100644 --- a/roles/matrix-maubot/templates/matrix-maubot.service.j2 +++ b/roles/matrix-maubot/templates/matrix-maubot.service.j2 @@ -1,11 +1,11 @@ #jinja2: lstrip_blocks: "True" [Unit] Description=Matrix Maubot -{% for service in matrix_maubot_systemd_required_services_list %} +{% for service in matrix_bot_maubot_systemd_required_services_list %} Requires={{ service }} After={{ service }} {% endfor %} -{% for service in matrix_maubot_systemd_wanted_services_list %} +{% for service in matrix_bot_maubot_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} @@ -23,12 +23,12 @@ ExecStart=/usr/bin/docker run --rm --name matrix-maubot \ -e GID={{ matrix_user_gid }} \ --network={{ matrix_docker_network }} \ -p 29316:29316 \ - -v {{ matrix_maubot_host_data_dir }}:{{ matrix_maubot_container_data_dir }}:z \ - -v {{ matrix_maubot_host_config_dir }}:{{ matrix_maubot_container_config_dir }}:z \ - {% for arg in matrix_maubot_container_extra_arguments %} + -v {{ matrix_bot_maubot_host_data_dir }}:{{ matrix_bot_maubot_container_data_dir }}:z \ + -v {{ matrix_bot_maubot_host_config_dir }}:{{ matrix_bot_maubot_container_config_dir }}:z \ + {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ {% endfor %} - {{ matrix_maubot_docker_image }} + {{ matrix_bot_maubot_docker_image }} ExecStop=-/usr/bin/docker kill matrix-maubot ExecStop=-/usr/bin/docker rm matrix-maubot diff --git a/roles/matrix-maubot/templates/maubot_config.yaml.j2 b/roles/matrix-maubot/templates/maubot_config.yaml.j2 index d60ca84eb..0aacae015 100644 --- a/roles/matrix-maubot/templates/maubot_config.yaml.j2 +++ b/roles/matrix-maubot/templates/maubot_config.yaml.j2 @@ -3,7 +3,7 @@ # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgres://username:password@hostname/dbname -database: {{ matrix_maubot_storage_database|to_json }} +database: {{ matrix_bot_maubot_storage_database|to_json }} # Database for encryption data. crypto_database: @@ -16,26 +16,26 @@ crypto_database: # # WARNING: The pickle database is dangerous and should not be used in production. type: default - postgres_uri: {{ matrix_maubot_storage_database|to_json }} - pickle_dir: {{ matrix_maubot_container_data_dir }}/crypto + postgres_uri: {{ matrix_bot_maubot_storage_database|to_json }} + pickle_dir: {{ matrix_bot_maubot_container_data_dir }}/crypto plugin_directories: # The directory where uploaded new plugins should be stored. - upload: {{ matrix_maubot_container_data_dir }}/plugins + upload: {{ matrix_bot_maubot_container_data_dir }}/plugins # The directories from which plugins should be loaded. # Duplicate plugin IDs will be moved to the trash. load: - - {{ matrix_maubot_container_data_dir }}/plugins + - {{ matrix_bot_maubot_container_data_dir }}/plugins # The directory where old plugin versions and conflicting plugins should be moved. # Set to "delete" to delete files immediately. - trash: {{ matrix_maubot_container_data_dir }}/trash + trash: {{ matrix_bot_maubot_container_data_dir }}/trash # The directory where plugin databases should be stored. - db: {{ matrix_maubot_container_data_dir }}/plugins + db: {{ matrix_bot_maubot_container_data_dir }}/plugins server: # The IP and port to listen to. - hostname: {{ matrix_maubot_management_hostname }} - port: {{ matrix_maubot_management_port }} + hostname: {{ matrix_bot_maubot_management_hostname }} + port: {{ matrix_bot_maubot_management_port }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. @@ -49,19 +49,19 @@ server: # Set to "generate" to generate and save a new token at startup. unshared_secret: generate -{% if matrix_maubot_shared_secret %} +{% if matrix_bot_maubot_shared_secret %} # Shared registration secrets to allow registering new users from the management UI registration_secrets: {{ matrix_domain }}: # Client-server API URL - url: {{ matrix_maubot_cs_url }} + url: {{ matrix_bot_maubot_cs_url }} # registration_shared_secret from synapse config - secret: {{ matrix_maubot_registration_shared_secret }} + secret: {{ matrix_bot_maubot_registration_shared_secret }} {% endif %} # List of administrator users. Plaintext passwords will be bcrypted on startup. Set empty password # to prevent normal login. Root is a special user that can't have a password and will always exist. -admins: {{ matrix_maubot_admins | combine( {"root": ""} ) }} +admins: {{ matrix_bot_maubot_admins | combine( {"root": ""} ) }} # API feature switches. api_features: