matrix-docker-ansible-deploy/roles/matrix-awx/tasks/set_variables_synapse.yml

- name: Limit max upload size to 200MB part 1
  set_fact:
    matrix_synapse_max_upload_size_mb: "200"
  when: matrix_synapse_max_upload_size_mb_raw|int >= 200

- name: Limit max upload size to 200MB part 2
  set_fact:
    matrix_synapse_max_upload_size_mb: "{{ matrix_synapse_max_upload_size_mb_raw }}"
  when: matrix_synapse_max_upload_size_mb_raw|int < 200

- name: Record Synapse variables locally on AWX
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertafter: '# Synapse Settings Start'
  with_dict:
    'matrix_synapse_allow_public_rooms_over_federation': '{{ matrix_synapse_allow_public_rooms_over_federation }}'
    'matrix_synapse_enable_registration': '{{ matrix_synapse_enable_registration }}'
    'matrix_synapse_federation_enabled': '{{ matrix_synapse_federation_enabled }}'
    'matrix_synapse_enable_group_creation': '{{ matrix_synapse_enable_group_creation }}'
    'matrix_synapse_presence_enabled': '{{ matrix_synapse_presence_enabled }}'
    'matrix_synapse_max_upload_size_mb': '{{ matrix_synapse_max_upload_size_mb }}'
    'matrix_synapse_url_preview_enabled': '{{ matrix_synapse_url_preview_enabled }}'
    'matrix_synapse_allow_guest_access': '{{ matrix_synapse_allow_guest_access }}'

- name: Empty Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if raw inputs empty
  delegate_to: 127.0.0.1
  replace:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^matrix_synapse_auto_join_rooms: .*$"
    replace: "matrix_synapse_auto_join_rooms: []"
  when: matrix_synapse_auto_join_rooms_raw|length == 0

- name: If the raw inputs is not empty start constructing parsed auto_join_rooms list
  set_fact:
    matrix_synapse_auto_join_rooms_array: |-
      {{ matrix_synapse_auto_join_rooms_raw.splitlines() | to_json }}
  when: matrix_synapse_auto_join_rooms_raw|length > 0

- name: Record Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if it's not blank
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertafter: '# Synapse Settings Start'
  with_dict:
    "matrix_synapse_auto_join_rooms": "{{ matrix_synapse_auto_join_rooms_array }}"
  when: matrix_synapse_auto_join_rooms_raw|length > 0

- name: Record Synapse Shared Secret if it's defined
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertafter: '# Synapse Settings Start'
  with_dict:
    'matrix_synapse_registration_shared_secret': '{{ ext_matrix_synapse_registration_shared_secret }}'
  when: ext_matrix_synapse_registration_shared_secret|length > 0

- name: Record registations_require_3pid extra variable if true
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "{{ item }}"
    line: "{{ item }}"
    insertbefore: '# Synapse Extension End'
  with_items:
    - "  registrations_require_3pid:"
    - "    - email"
  when: ext_registrations_require_3pid|bool

- name: Remove registrations_require_3pid extra variable if false
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "{{ item }}"
    line: "{{ item }}"
    insertbefore: '# Synapse Extension End'
    state: absent
  with_items:
    - "  registrations_require_3pid:"
    - "    - email"
  when: not ext_registrations_require_3pid|bool

- name: Remove URL Languages
  delegate_to: 127.0.0.1
  replace:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: '^(?!.*\bemail\b)    - [a-zA-Z\-]{2,5}\n'
    after: '  url_preview_accept_language:'
    before: '# Synapse Extension End'

- name: Set URL languages default if raw inputs empty
  set_fact:
    ext_url_preview_accept_language_default: 'en'
  when: ext_url_preview_accept_language_raw|length == 0

- name: Set URL languages default if raw inputs not empty
  set_fact:
    ext_url_preview_accept_language_default: "{{ ext_url_preview_accept_language_raw }}"
  when: ext_url_preview_accept_language_raw|length > 0

- name: Set URL languages if raw inputs empty
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^  url_preview_accept_language:'
    line: "    - {{ ext_url_preview_accept_language_default }}"
  when: ext_url_preview_accept_language_raw|length == 0

- name: Set URL languages if raw inputs not empty
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^  url_preview_accept_language:'
    line: "    - {{ item }}"
  with_items: "{{ ext_url_preview_accept_language_raw.splitlines() }}"
  when: ext_url_preview_accept_language_raw|length > 0

- name: Remove Federation Whitelisting 1
  delegate_to: 127.0.0.1
  replace:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: '^    - [a-z0-9]+\.[a-z0-9.]+\n'
    after: '  federation_domain_whitelist:'
    before: '# Synapse Extension End'

- name: Remove Federation Whitelisting 2
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    line: "  federation_domain_whitelist:"
    state: absent

- name: Set Federation Whitelisting 1
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^matrix_synapse_configuration_extension_yaml: \|'
    line: "  federation_domain_whitelist:"
  when: ext_federation_whitelist_raw|length > 0

- name: Set Federation Whitelisting 2
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    insertafter: '^  federation_domain_whitelist:'
    line: "    - {{ item }}"
  with_items: "{{ ext_federation_whitelist_raw.splitlines() }}"
  when: ext_federation_whitelist_raw|length > 0

- name: Set ext_recaptcha_public_key to a 'public-key' if undefined
  set_fact: ext_recaptcha_public_key="public-key"
  when: (ext_recaptcha_public_key is not defined) or (ext_recaptcha_public_key|length == 0)

- name: Set ext_recaptcha_private_key to a 'private-key' if undefined
  set_fact: ext_recaptcha_private_key="private-key"
  when: (ext_recaptcha_private_key is not defined) or (ext_recaptcha_private_key|length == 0)

- name: Record Synapse Extension variables locally on AWX
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertbefore: '# Synapse Extension End'
  with_dict:
    '  enable_registration_captcha': '{{ ext_enable_registration_captcha }}'
    '  recaptcha_public_key': '{{ ext_recaptcha_public_key }}'
    '  recaptcha_private_key': '{{ ext_recaptcha_private_key }}'

- name: Record Synapse Custom variables locally on AWX
  delegate_to: 127.0.0.1
  lineinfile:
    path: '{{ awx_cached_matrix_vars }}'
    regexp: "^#? *{{ item.key | regex_escape() }}:"
    line: "{{ item.key }}: {{ item.value }}"
    insertafter: '# Custom Settings Start'
  with_dict:
    'ext_federation_whitelist_raw': '{{ ext_federation_whitelist_raw.splitlines() | to_json }}'
    'ext_url_preview_accept_language_default': '{{ ext_url_preview_accept_language_default.splitlines() | to_json }}'
    'ext_enable_registration_captcha': '{{ ext_enable_registration_captcha }}'
    'ext_recaptcha_public_key': '"{{ ext_recaptcha_public_key }}"'
    'ext_recaptcha_private_key': '"{{ ext_recaptcha_private_key }}"'

- name: Save new 'Configure Synapse' survey.json to the AWX tower, template
  delegate_to: 127.0.0.1
  template:
    src: 'roles/matrix-awx/surveys/configure_synapse.json.j2'
    dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}//configure_synapse.json'

- name: Copy new 'Configure Synapse' survey.json to target machine
  copy:
    src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
    dest:  '/matrix/awx/configure_synapse.json'
    mode: '0660'

- name: Collect AWX admin token the hard way!
  delegate_to: 127.0.0.1
  shell: |
      curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g'
  register: tower_token
  no_log: True

- name: Recreate 'Configure Synapse' job template
  delegate_to: 127.0.0.1
  awx.awx.tower_job_template:
    name: "{{ matrix_domain }} - 1 - Configure Synapse"
    description: "Configure Synapse (homeserver) settings."
    extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
    job_type: run
    job_tags: "start,setup-synapse"
    inventory: "{{ member_id }}"
    project: "{{ member_id }} - Matrix Docker Ansible Deploy"
    playbook: setup.yml
    credential: "{{ member_id }} - AWX SSH Key"
    survey_enabled: true
    survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
    become_enabled: yes
    state: present
    verbosity: 1
    tower_host: "https://{{ tower_host }}"
    tower_oauthtoken: "{{ tower_token.stdout }}"
    validate_certs: yes