overmind
/
matrix-docker-ansible-deploy
miroir de https://github.com/spantaleev/matrix-docker-ansible-deploy


			
				
					
						
						
							
							# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed
  fail:
    msg: >-
      The matrix-bridge-hookshot role needs to execute before the matrix-synapse role.
  when: "matrix_hookshot_enabled and matrix_synapse_role_executed|default(False)"

- set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-hookshot.service'] }}"
  when: matrix_hookshot_enabled|bool

# If the matrix-synapse role is not used, these variables may not exist.
- set_fact:
    matrix_synapse_container_extra_arguments: >
      {{ matrix_synapse_container_extra_arguments|default([]) }}
      +
      ["--mount type=bind,src={{ matrix_hookshot_base_path }}/registration.yaml,dst=/hookshot-registration.yaml,ro"]

    matrix_synapse_app_service_config_files: >
      {{ matrix_synapse_app_service_config_files|default([]) }}
      +
      {{ ["/hookshot-registration.yaml"] }}
  when: matrix_hookshot_enabled|bool

- block:
  - name: Fail if matrix-nginx-proxy role already executed
    fail:
      msg: >-
        Trying to append hookshot's reverse-proxying configuration to matrix-nginx-proxy,
        but it's pointless since the matrix-nginx-proxy role had already executed.
        To fix this, please change the order of roles in your playbook,
        so that the matrix-nginx-proxy role would run after the matrix-bridge-hookshot role.
    when: matrix_nginx_proxy_role_executed|default(False)|bool

  - name: Generate Matrix hookshot proxying configuration for matrix-nginx-proxy
    set_fact:
      matrix_hookshot_matrix_nginx_proxy_configuration: |
        {% if matrix_hookshot_metrics_enabled %}
        location {{ matrix_hookshot_metrics_endpoint }} {
          {% if matrix_nginx_proxy_enabled|default(False) %}
            {# Use the embedded DNS resolver in Docker containers to discover the service #}
            resolver 127.0.0.11 valid=5s;
            set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_metrics_port }}";
            proxy_pass http://$backend/metrics;
          {% else %}
            {# Generic configuration for use outside of our container setup #}
            proxy_pass http://127.0.0.1:{{ matrix_hookshot_metrics_port }}/metrics;
          {% endif %}
          proxy_set_header Host $host;
          {% if matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled %}
            auth_basic "protected";
            auth_basic_user_file /nginx-data/matrix-synapse-metrics-htpasswd;
          {% endif %}
        }
        {% endif %}
        location ~ ^{{ matrix_hookshot_appservice_endpoint }}/(.*)$ {
          {% if matrix_nginx_proxy_enabled|default(False) %}
            {# Use the embedded DNS resolver in Docker containers to discover the service #}
            resolver 127.0.0.11 valid=5s;
            set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}";
            proxy_pass http://$backend/$1;
          {% else %}
            {# Generic configuration for use outside of our container setup #}
            proxy_pass http://127.0.0.1:{{ matrix_hookshot_appservice_port }}/$1;
          {% endif %}
          proxy_set_header Host $host;
        }
        {% if matrix_hookshot_provisioning_enabled %}
        location ~ ^{{ matrix_hookshot_provisioning_endpoint }}/(.*)$ {
          {% if matrix_nginx_proxy_enabled|default(False) %}
            {# Use the embedded DNS resolver in Docker containers to discover the service #}
            resolver 127.0.0.11 valid=5s;
            set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
            proxy_pass http://$backend/$1;
          {% else %}
            {# Generic configuration for use outside of our container setup #}
            proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}/$1;
          {% endif %}
          proxy_set_header Host $host;
        }
        {% endif %}
        location ~ ^{{ matrix_hookshot_webhook_endpoint }}/(.*)$ {
          {% if matrix_nginx_proxy_enabled|default(False) %}
            {# Use the embedded DNS resolver in Docker containers to discover the service #}
            resolver 127.0.0.11 valid=5s;
            set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_webhook_port }}";
            proxy_pass http://$backend/$1;
          {% else %}
            {# Generic configuration for use outside of our container setup #}
            proxy_pass http://127.0.0.1:{{ matrix_hookshot_webhook_port }}/$1;
          {% endif %}
          proxy_set_header Host $host;
        }

  - name: Register hookshot proxying configuration with matrix-nginx-proxy
    set_fact:
      matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
        {{
          matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
          +
          [matrix_hookshot_matrix_nginx_proxy_configuration]
        }}
  tags:
   - always
  when: matrix_hookshot_enabled|bool

- name: Warn about reverse-proxying if matrix-nginx-proxy not used
  debug:
    msg: >-
      NOTE: You've enabled the hookshot bridge but are not using the matrix-nginx-proxy
      reverse proxy.
      Please make sure that you're proxying the `{{ matrix_hookshot_public_endpoint }}`
      URL endpoint to the matrix-hookshot container.
      You can expose the container's ports using the `matrix_hookshot_container_http_host_bind_ports` variable.
  when: "matrix_hookshot_enabled|bool and matrix_nginx_proxy_enabled is not defined"