refactoring

group_vars/matrix_servers

@@ -113,6 +113,7 @@ matrix_appservice_webhooks_container_http_host_bind_port: "{{ '' if matrix_nginx
 
 matrix_appservice_webhooks_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.as.token') | to_uuid }}"
 
+matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
 matrix_appservice_webhooks_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.hs.token') | to_uuid }}"
 
 matrix_appservice_webhooks_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.id.token') | to_uuid }}"
@@ -151,6 +152,7 @@ matrix_appservice_slack_container_http_host_bind_port: "{{ '' if matrix_nginx_pr
 
 matrix_appservice_slack_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.as.token') | to_uuid }}"
 
+matrix_appservice_slack_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
 matrix_appservice_slack_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.hs.token') | to_uuid }}"
 
 matrix_appservice_slack_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.id.token') | to_uuid }}"
@@ -567,6 +569,7 @@ matrix_sms_bridge_systemd_required_services_list: |
 
 matrix_sms_bridge_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.as.token') | to_uuid }}"
 
+matrix_sms_bridge_homeserver_port: "{{ matrix_synapse_container_client_api_port }}"
 matrix_sms_bridge_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.hs.token') | to_uuid }}"
 
 ######################################################################
@@ -1216,6 +1219,7 @@ matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
 # ma1sd's web-server port.
 matrix_ma1sd_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_ma1sd_default_port|string }}"
 
+
 # We enable Synapse integration via its Postgres database by default.
 # When using another Identity store, you might wish to disable this and define
 # your own configuration in `matrix_ma1sd_configuration_extension_yaml`.
@@ -1308,6 +1312,9 @@ matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:1
 # Settings controlling matrix-synapse-proxy.conf
 matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}"
 
+matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
+matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:{{ matrix_synapse_container_client_api_port }}"
+
 matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:{{matrix_synapse_container_federation_api_plain_port|string}}"
 matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_api_plain_port|string}}"
 

roles/matrix-base/defaults/main.yml

@@ -91,7 +91,7 @@ matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
 # Specifies where the homeserver is on the container network.
 # Where this is depends on whether there's a reverse-proxy in front of it, etc.
 # This likely gets overriden elsewhere.
-matrix_homeserver_container_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
+matrix_homeserver_container_url: ""
 
 matrix_identity_server_url: ~
 

roles/matrix-base/tasks/validate_config.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Fail if required Matrix Base settings not defined
+  fail:
+    msg: >-
+      You need to define a required configuration setting (`{{ item }}`) for using this playbook.
+  when: "vars[item] == ''"
+  with_items:
+    - "matrix_homeserver_container_url"

roles/matrix-bridge-appservice-slack/defaults/main.yml

@@ -33,7 +33,7 @@ matrix_appservice_slack_slack_port: 9003
 matrix_appservice_slack_container_http_host_bind_port: ''
 
 matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
-matrix_appservice_slack_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
+matrix_appservice_slack_homeserver_url: ""
 matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}"
 matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack'
 

roles/matrix-bridge-appservice-slack/tasks/validate_config.yml

@@ -8,5 +8,6 @@
   with_items:
     - "matrix_appservice_slack_control_room_id"
     - "matrix_appservice_slack_appservice_token"
+    - "matrix_appservice_slack_homeserver_url"
     - "matrix_appservice_slack_homeserver_token"
     - "matrix_appservice_slack_id_token"

roles/matrix-bridge-appservice-webhooks/defaults/main.yml

@@ -36,7 +36,7 @@ matrix_appservice_webhooks_matrix_port: 6789
 matrix_appservice_webhooks_container_http_host_bind_port: ''
 
 matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
-matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
+matrix_appservice_webhooks_homeserver_url: ""
 matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}"
 matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks'
 

roles/matrix-bridge-appservice-webhooks/tasks/validate_config.yml

@@ -7,6 +7,7 @@
   when: "vars[item] == ''"
   with_items:
     - "matrix_appservice_webhooks_appservice_token"
+    - "matrix_appservice_webhooks_homeserver_url"
     - "matrix_appservice_webhooks_homeserver_token"
     - "matrix_appservice_webhooks_id_token"
     - "matrix_appservice_webhooks_api_secret"

roles/matrix-bridge-sms/defaults/main.yml

@@ -26,7 +26,7 @@ matrix_sms_bridge_systemd_wanted_services_list: []
 
 matrix_sms_bridge_appservice_url: 'http://matrix-sms-bridge:8080'
 matrix_sms_bridge_homeserver_hostname: 'matrix-synapse'
-matrix_sms_bridge_homeserver_port: "{{ matrix_synapse_container_client_api_port }}"
+matrix_sms_bridge_homeserver_port: ""
 
 matrix_sms_bridge_homserver_domain: "{{ matrix_domain }}"
 matrix_sms_bridge_default_room: ''

roles/matrix-bridge-sms/tasks/validate_config.yml

@@ -7,6 +7,7 @@
   when: "vars[item] == ''"
   with_items:
     - "matrix_sms_bridge_appservice_token"
+    - "matrix_sms_bridge_homeserver_port"
     - "matrix_sms_bridge_homeserver_token"
     - "matrix_sms_bridge_default_region"
     - "matrix_sms_bridge_default_timezone"

roles/matrix-ma1sd/defaults/main.yml

@@ -83,7 +83,7 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_password: ""
 # so that ma1sd can rewrite the original URL to one that would reach the homeserver.
 matrix_ma1sd_dns_overwrite_enabled: false
 matrix_ma1sd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix }}"
-matrix_ma1sd_dns_overwrite_homeserver_client_value: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
+matrix_ma1sd_dns_overwrite_homeserver_client_value: ""
 
 # Override the default session templates
 # To use this, fill in the template variables with the full desired template as a multi-line YAML variable

roles/matrix-ma1sd/tasks/validate_config.yml

@@ -46,6 +46,7 @@
   when: "vars[item] == ''"
   with_items:
     - "matrix_ma1sd_threepid_medium_email_connectors_smtp_host"
+    - "matrix_ma1sd_dns_overwrite_homeserver_client_value"
 
 - name: (Deprecation) Catch and report renamed ma1sd variables
   fail:

roles/matrix-nginx-proxy/defaults/main.yml

@@ -197,8 +197,8 @@ matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container: "matrix-nginx-pr
 matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container: "127.0.0.1:12080"
 
 # The addresses where the Matrix Client API is, when using Synapse.
-matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
-matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:{{ matrix_synapse_container_client_api_port }}"
+matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: ""
+matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: ""
 
 # This needs to be equal or higher than the maximum upload size accepted by Synapse.
 matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: 50

roles/matrix-nginx-proxy/tasks/validate_config.yml

@@ -45,5 +45,7 @@
         - "matrix_ssl_lets_encrypt_support_email"
         - "matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container"
         - "matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container"
+        - "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container"
+        - "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container"
       when: "vars[item] == '' or vars[item] is none"
   when: "matrix_ssl_retrieval_method == 'lets-encrypt'"

roles/matrix-synapse/templates/synapse/homeserver.yaml.j2

@@ -289,7 +289,7 @@ listeners:
 
   # Unsecure HTTP listener (Client API): for when matrix traffic passes through a reverse proxy
   # that unwraps TLS.
-  - port: {{ matrix_synapse_container_client_api_port|tojson }}
+  - port: {{ matrix_synapse_container_client_api_port|to_json }}
     tls: false
     bind_addresses: ['::']
     type: http