overmind
/
matrix-docker-ansible-deploy
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Matrix Docker Ansible eploy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2539 Commits
13 Branches
1.3 GiB
 
 
Tree: 6a3433fbad
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6a3433fbad'
${ noResults }
matrix-docker-ansible-deploy/roles/matrix-awx/tasks/set_variables_ma1sd.yml

130 lines
5.6 KiB
Raw Blame History 

  1. 

  2. - name: Record ma1sd variables locally on AWX

  3.   delegate_to: 127.0.0.1

  4.   lineinfile:

  5.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  6.     regexp: "^#? *{{ item.key | regex_escape() }}:"

  7.     line: "{{ item.key }}: {{ item.value }}"

  8.     insertafter: '# ma1sd Settings'

  9.   with_dict:

  10.     'matrix_ma1sd_enabled': '{{ matrix_ma1sd_enabled }}'

  11. 

  12. - name: Disable REST auth (matrix-corporal/ma1sd) if using internal auth

  13.   delegate_to: 127.0.0.1

  14.   lineinfile:

  15.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  16.     regexp: "^#? *{{ item.key | regex_escape() }}:"

  17.     line: "{{ item.key }}: {{ item.value }}"

  18.     insertafter: '# Synapse Extension'

  19.   with_dict:

  20.     'matrix_synapse_ext_password_provider_rest_auth_enabled': 'false'

  21.   when: ext_matrix_ma1sd_auth_store == 'Synapse Internal'

  22. 

  23. - name: Enable REST auth if using external LDAP/AD with ma1sd

  24.   delegate_to: 127.0.0.1

  25.   lineinfile:

  26.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  27.     regexp: "^#? *{{ item.key | regex_escape() }}:"

  28.     line: "{{ item.key }}: {{ item.value }}"

  29.     insertafter: '# Synapse Extension'

  30.   with_dict:

  31.     'matrix_synapse_ext_password_provider_rest_auth_enabled': 'true'

  32.     'matrix_synapse_ext_password_provider_rest_auth_endpoint': 'http://matrix-ma1sd:8090'

  33.   when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'

  34. 

  35. - name: Strip header from ma1sd configuration extension if using internal auth

  36.   set_fact:

  37.     ext_matrix_ma1sd_configuration_extension_yaml_parsed: "{{ ext_matrix_ma1sd_configuration_extension_yaml.splitlines() | reject('search', '^matrix_client_element_configuration_extension_json:') | list }}"

  38.   when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'

  39. 

  40. - name: Remove entire ma1sd configuration extension

  41.   delegate_to: 127.0.0.1

  42.   replace:

  43.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  44.     regexp: '^.*\n'

  45.     after: '# Start ma1sd Extension'

  46.     before: '# End ma1sd Extension'

  47. 

  48. - name: Replace conjoined ma1sd configuration extension limiters

  49.   delegate_to: 127.0.0.1

  50.   replace:

  51.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  52.     regexp: '^# Start ma1sd Extension# End ma1sd Extension'

  53.     replace: '# Start ma1sd Extension\n# End ma1sd Extension'

  54. 

  55. - name: Insert ma1sd configuration extension header if using external LDAP/AD with ma1sd

  56.   delegate_to: 127.0.0.1

  57.   lineinfile:

  58.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  59.     line: "matrix_ma1sd_configuration_extension_yaml: |"

  60.     insertafter: '# Start ma1sd Extension'

  61.   when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'

  62. 

  63. - name: Set ma1sd configuration extension if using external LDAP/AD with ma1sd

  64.   delegate_to: 127.0.0.1

  65.   lineinfile:

  66.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  67.     insertbefore: '# End ma1sd Extension'

  68.     line: '{{ item }}'

  69.   with_items: "{{ ext_matrix_ma1sd_configuration_extension_yaml_parsed }}"

  70.   when: ext_matrix_ma1sd_auth_store == 'LDAP/AD'

  71. 

  72. - name: Record ma1sd Custom variables locally on AWX

  73.   delegate_to: 127.0.0.1

  74.   lineinfile:

  75.     path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  76.     regexp: "^#? *{{ item.key | regex_escape() }}:"

  77.     line: "{{ item.key }}: {{ item.value }}"

  78.     insertbefore: '# Custom Settings'

  79.   with_dict:

  80.     'ext_matrix_ma1sd_auth_store': '{{ ext_matrix_ma1sd_auth_store }}'

  81.     'ext_matrix_ma1sd_configuration_extension_yaml': '{{ ext_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}'

  82. 

  83. - name: Copy new 'matrix_vars.yml' to target machine

  84.   copy:

  85.     src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'

  86.     dest: '/matrix/awx/matrix_vars.yml'

  87.     mode: '0660'

  88. 

  89. - name: Save new 'Configure ma1sd' survey.json to the AWX tower, template

  90.   delegate_to: 127.0.0.1

  91.   template:

  92.     src: 'roles/matrix-awx/surveys/configure_ma1sd.json.j2'

  93.     dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'

  94. 

  95. - name: Copy new 'Configure ma1sd' survey.json to target machine

  96.   copy:

  97.     src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json'

  98.     dest:  '/matrix/awx/configure_ma1sd.json'

  99.     mode: '0660'

  100. 

  101. - name: Collect AWX admin token the hard way!

  102.   delegate_to: 127.0.0.1

  103.   shell: |

  104.       curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g'

  105.   register: tower_token

  106.   no_log: True

  107. 

  108. - name: Recreate 'Configure ma1sd (Advanced)' job template

  109.   delegate_to: 127.0.0.1

  110.   awx.awx.tower_job_template:

  111.     name: "{{ matrix_domain }} - 1 - Configure ma1sd (Advanced)"

  112.     description: "Configure Jitsi conferencing settings."

  113.     extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"

  114.     job_type: run

  115.     job_tags: "start,setup-ma1sd"

  116.     inventory: "{{ member_id }}"

  117.     project: "{{ member_id }} - Matrix Docker Ansible Deploy"

  118.     playbook: setup.yml

  119.     credential: "{{ member_id }} - AWX SSH Key"

  120.     survey_enabled: true

  121.     survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_ma1sd.json') }}"

  122.     become_enabled: yes

  123.     state: present

  124.     verbosity: 1

  125.     tower_host: "https://{{ tower_host }}"

  126.     tower_oauthtoken: "{{ tower_token.stdout }}"

  127.     validate_certs: yes

  128. 

  129. # ^ This playbook isn't executing so the survey isn't being updated! :P