overmind
/
matrix-docker-ansible-deploy
зеркало из https://github.com/spantaleev/matrix-docker-ansible-deploy


			
				
					
						
						
							
							# SPDX-FileCopyrightText: 2024 MDAD Team and contributors
#
# SPDX-License-Identifier: AGPL-3.0-or-later

---

- name: Ensure ma1sd paths exist
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
  with_items:
    - {path: "{{ matrix_ma1sd_config_path }}", when: true}
    - {path: "{{ matrix_ma1sd_data_path }}", when: true}
    - {path: "{{ matrix_ma1sd_docker_src_files_path }}", when: "{{ matrix_ma1sd_container_image_self_build }}"}
  when: "item.when | bool"

# These (SQLite -> Postgres) migration tasks are usually at the top,
# but we'd like to run them after `migrate_mxisd.yml`, which requires the ma1sd paths to exist.
- ansible.builtin.set_fact:
    matrix_ma1sd_requires_restart: false

- when: "matrix_ma1sd_database_engine == 'postgres'"
  block:
    - name: Check if an SQLite database already exists
      ansible.builtin.stat:
        path: "{{ matrix_ma1sd_sqlite_database_path_local }}"
      register: matrix_ma1sd_sqlite_database_path_local_stat_result

    - when: "matrix_ma1sd_sqlite_database_path_local_stat_result.stat.exists | bool"
      block:
        - ansible.builtin.include_role:
            name: galaxy/postgres
            tasks_from: migrate_db_to_postgres
          vars:
            postgres_db_migration_request:
              src: "{{ matrix_ma1sd_sqlite_database_path_local }}"
              dst: "{{ matrix_ma1sd_database_connection_string }}"
              caller: "{{ role_path | basename }}"
              engine_variable_name: 'matrix_ma1sd_database_engine'
              engine_old: 'sqlite'
              systemd_services_to_stop: ['matrix-ma1sd.service']
              pgloader_options: ['--with "quote identifiers"']

        - ansible.builtin.set_fact:
            matrix_ma1sd_requires_restart: true

- name: Ensure ma1sd image is pulled
  community.docker.docker_image:
    name: "{{ matrix_ma1sd_docker_image }}"
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_ma1sd_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_ma1sd_docker_image_force_pull }}"
  when: "not matrix_ma1sd_container_image_self_build | bool"
  register: result
  retries: "{{ devture_playbook_help_container_retries_count }}"
  delay: "{{ devture_playbook_help_container_retries_delay }}"
  until: result is not failed

- when: "matrix_ma1sd_container_image_self_build | bool"
  block:
    - name: Ensure ma1sd repository is present on self-build
      ansible.builtin.git:
        repo: "{{ matrix_ma1sd_container_image_self_build_repo }}"
        dest: "{{ matrix_ma1sd_docker_src_files_path }}"
        version: "{{ matrix_ma1sd_container_image_self_build_branch }}"
        force: "yes"
      become: true
      become_user: "{{ matrix_user_username }}"
      register: matrix_ma1sd_git_pull_results

    - name: Ensure ma1sd container image is built
      ansible.builtin.command:
        cmd: |-
          {{ devture_systemd_docker_base_host_command_docker }} buildx build
          --tag={{ matrix_ma1sd_docker_image }}
          --file={{ matrix_ma1sd_docker_src_files_path }}/Dockerfile
          {{ matrix_ma1sd_docker_src_files_path }}
      changed_when: true

- name: Ensure ma1sd config installed
  ansible.builtin.copy:
    content: "{{ matrix_ma1sd_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_ma1sd_config_path }}/ma1sd.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"

- name: Ensure custom view templates are installed, if any
  ansible.builtin.copy:
    content: "{{ item.value }}"
    dest: "{{ matrix_ma1sd_config_path }}/{{ item.location }}"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
  with_items:
    - {value: "{{ matrix_ma1sd_view_session_custom_onTokenSubmit_success_template }}", location: 'tokenSubmitSuccess.html'}
    - {value: "{{ matrix_ma1sd_view_session_custom_onTokenSubmit_failure_template }}", location: 'tokenSubmitFailure.html'}
  when: "matrix_ma1sd_view_session_custom_templates_enabled | bool and item.value"

- name: Ensure custom email templates are installed, if any
  ansible.builtin.copy:
    content: "{{ item.value }}"
    dest: "{{ matrix_ma1sd_config_path }}/{{ item.location }}"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
  with_items:
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_invite_template }}", location: 'invite-template.eml'}
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_session_unbind_notification_template }}", location: 'unbind-notification.eml'}
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
  when: "matrix_ma1sd_threepid_medium_email_custom_templates_enabled | bool and item.value"

# Only cleaning up for people who define the respective templates
- name: (Cleanup) Ensure custom email templates are not in data/ anymore (we've put them in config/)
  ansible.builtin.file:
    path: "{{ matrix_ma1sd_data_path }}/{{ item.location }}"
    state: absent
  with_items:
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_invite_template }}", location: 'invite-template.eml'}
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_session_unbind_notification_template }}", location: 'unbind-notification.eml'}
    - {value: "{{ matrix_ma1sd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
  when: "matrix_ma1sd_threepid_medium_email_custom_templates_enabled | bool and item.value"

- name: Ensure ma1sd support files installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/{{ item }}.j2"
    dest: "{{ matrix_ma1sd_base_path }}/{{ item }}"
    mode: 0640
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
  with_items:
    - labels

- name: Ensure ma1sd container network is created
  community.general.docker_network:
    enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
    name: "{{ matrix_ma1sd_container_network }}"
    driver: bridge
    driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"

- name: Ensure matrix-ma1sd.service installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-ma1sd.service.j2"
    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-ma1sd.service"
    mode: 0644

- name: Ensure matrix-ma1sd.service restarted, if necessary
  ansible.builtin.service:
    name: "matrix-ma1sd.service"
    state: restarted
    daemon_reload: true
  when: "matrix_ma1sd_requires_restart | bool"