This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.

Dendrite uses a lot of databases, but a single (`dendrite`) role, which
leads to `matrix_postgres_import_roles_to_ignore` being something like
`['dendrite', 'dendrite', 'dendrite', ...]` needlessly.

This leads to weird regexes being generated for
`matrix_postgres_import_roles_ignore_regex`.
It's not that it hurts, but it just looks odd.

We were only reporting failures for when the async task didn't finish.
We also need to report a failure for when the task finished, but
returned a non-zero exit code.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2211

Signed-off-by: Sebastian Gumprich <github@gumpri.ch>

We haven't encountered such a problem yet, but it doesn't hurt to
make things more robust.

These values that we were setting also make sense in the context of the
`matrix-postgres` role even when not used within the playbook.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2180

Just specifying `15` means we won't automatically re-pull `15.1` when it comes out.

We're overriding these in the correct way in `group_vars/matrix_servers`
so this wasn't causing any problem in practice.

This allows people to augment the Synapse image with custom tools and
addons without having to rebuild it from scratch.

If customizations are enabled, the playbook will build a new
`localhost/matrixdotorg/synapse:VERSION-customized` image
on top of the default one (`FROM matrixdotorg/synapse:VERSION`)
and with custom Dockerfile build steps.

For servers that self-build the Synapse image, the Synapse image will be
built first, before proceding to extend it the same way.

In the future, we'll also have easy to enable Dockerfile build steps
for modules that the playbook supports.

Fixes a regression introduced in d1b5681ba0.

Looks like `.finished` is a property on the main object, not on some
`.async_result` object.

We were previously trying to reach into `.rc`,
but there's no such thing if `async_result.finished == 0`.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2153

This mostly fixes `key-order` warnings around
`block` statements.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1982

One that doesn't trip up ansible-lint, causing `load-failure` errors.

Reference: https://ansible-lint.readthedocs.io/en/latest/default_rules/#var-spacing

Reference: https://ansible-lint.readthedocs.io/en/latest/default_rules/#no-changed-when

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1939

CVE: https://security-tracker.debian.org/tracker/CVE-2022-1552
Source: https://www.postgresql.org/about/news/postgresql-143-137-1211-1116-and-1021-released-2449/
Postgres 9.6 upgrade (**not a CVE fix, 9.x still vulnerable**): https://www.postgresql.org/docs/release/9.6.24/

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1749

People often report and ask about these "failures".
More-so previously, when the `docker kill/rm` output was collected,
but it still happens now when people do `systemctl status
matrix-something` and notice that it says "FAILURE".

Suppressing to avoid further time being wasted on saying "this is
expected".

Related to:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682
- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1679

Reverts b1b4ba501fdfaa, 90c9801c560b6, a3c84f78ca9c65a, ..

I haven't really traced it (yet), but on some servers, I'm observing
`ansible-playbook ... --tags=start` completing very slowly, waiting
to stop services. I can't reproduce this on all Matrix servers I manage.
I suspect that either the systemd version is to blame or that some
specific service is not responding well to some `docker kill/rm` command.

`ExecStop` seems to work great in all cases and it's what we've been
using for a very long time, so I'm reverting to that.

ExecStopPost should allow us to clean up (docker kill + docker rm)
even if the ExecStart (docker run ..) command failed, and not just after
a graceful service stop was initiated.

Source: https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStopPost=

Official support ends today (2021-11-11).
Synapse still supports v9.6, but we'd better force users to transition
to newer versions anyway.

Until now, we were leaving services "enabled"
(symlinks in /etc/systemd/system/multi-user.target.wants/).

We clean these up now. Broken symlinks may still exist in older
installations that enabled/disabled services. We're not taking care
to fix these up. It's just a cosmetic defect anyway.

docker-ce does not like quotes around the shm-size value