mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-25 01:23:24 +00:00 
			
		
		
		
	
							
								
								
									
										4
									
								
								.github/FUNDING.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								.github/FUNDING.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| # These are supported funding model platforms | ||||
|  | ||||
| # https://liberapay.com/s.pantaleev/ | ||||
| liberapay: s.pantaleev | ||||
							
								
								
									
										88
									
								
								CHANGELOG.md
									
									
									
									
									
								
							
							
						
						
									
										88
									
								
								CHANGELOG.md
									
									
									
									
									
								
							| @@ -1,3 +1,91 @@ | ||||
| # 2020-12-23 | ||||
|  | ||||
| ## The big move to all-on-Postgres (potentially dangerous) | ||||
|  | ||||
| **TLDR**: all your bridges (and other services) will likely be auto-migrated from SQLite/nedb to Postgres, hopefully without trouble. You can opt-out (see how below), if too worried about breakage. | ||||
|  | ||||
| Until now, we've only used Postgres as a database for Synapse. All other services (bridges, bots, etc.) were kept simple and used a file-based database (SQLite or nedb). | ||||
|  | ||||
| Since [this huge pull request](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/740), **all of our services now use Postgres by default**. Thanks to [Johanna Dorothea Reichmann](https://github.com/jdreichmann) for starting the work on it and for providing great input! | ||||
|  | ||||
| Moving all services to Postgres brings a few **benefits** to us: | ||||
|  | ||||
| - **improved performance** | ||||
| - **improved compatibility**. Most bridges are deprecating SQLite/nedb support or offer less features when not on Postgres. | ||||
| - **easier backups**. It's still some effort to take a proper backup (Postgres dump + various files, keys), but a Postgres dump now takes you much further. | ||||
| - we're now **more prepared to introduce other services** that need a Postgres database - [Dendrite](https://github.com/matrix-org/dendrite), the [mautrix-signal](https://github.com/tulir/mautrix-signal) bridge (existing [pull request](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/686)), etc. | ||||
|  | ||||
| ### Key takeway | ||||
|  | ||||
| - existing installations that use an [external Postgres](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-external-postgres.md) server should be unaffected (they remain on SQLite/nedb for all services, except Synapse) | ||||
|  | ||||
| - for existing installations which use our integrated Postgres database server (`matrix-postgres`, which is the default), **we automatically migrate data** from SQLite/nedb to Postgres and **archive the database files** (`something.db` -> `something.db.backup`), so you can restore them if you need to go back (see how below). | ||||
|  | ||||
| ### Opting-out of the Postgres migration | ||||
|  | ||||
| This is a **very large and somewhat untested change** (potentially dangerous), so **if you're not feeling confident/experimental, opt-out** of it for now. Still, it's the new default and what we (and various bridges) will focus on going forward, so don't stick to old ways for too long. | ||||
|  | ||||
| You can remain on SQLite/nedb (at least for now) by adding a variable like this to your `vars.yml` file for each service you use: `matrix_COMPONENT_database_engine: sqlite` (e.g. `matrix_mautrix_facebook_database_engine: sqlite`). | ||||
|  | ||||
| Some services (like `appservice-irc` and `appservice-slack`) don't use SQLite, so use `nedb`, instead of `sqlite` for them. | ||||
|  | ||||
| ### Going back to SQLite/nedb if things went wrong | ||||
|  | ||||
| If you went with the Postgres migration and it went badly for you (some bridge not working as expected or not working at all), do this: | ||||
|  | ||||
| - stop all services (`ansible-playbook -i inventory/hosts setup.yml --tags=stop`) | ||||
| - SSH into the server and rename the old database files (`something.db.backup` -> `something.db`). Example: `mv /matrix/mautrix-facebook/data/mautrix-facebook.db.backup /matrix/mautrix-facebook/data/mautrix-facebook.db` | ||||
| - switch the affected service back to SQLite (e.g. `matrix_mautrix_facebook_database_engine: sqlite`). Some services (like `appservice-irc` and `appservice-slack`) don't use SQLite, so use `nedb`, instead of `sqlite` for them. | ||||
| - re-run the playbook (`ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start`) | ||||
| - [get in touch](README.md#support) with us | ||||
|  | ||||
|  | ||||
| # 2020-12-11 | ||||
|  | ||||
| ## synapse-janitor support removed | ||||
|  | ||||
| We've removed support for the unmaintained [synapse-janitor](https://github.com/xwiki-labs/synapse_scripts) script. There's been past reports of it corrupting the Synapse database. Since there hasn't been any new development on it and it doesn't seem too useful nowadays, there's no point in including it in the playbook. | ||||
|  | ||||
| If you need to clean up or compact your database, consider using the Synapse Admin APIs directly. See our [Synapse maintenance](docs/maintenance-synapse.md) and [Postgres maintenance](docs/maintenance-postgres.md) documentation pages for more details. | ||||
|  | ||||
|  | ||||
| ## Docker 20.10 is here | ||||
|  | ||||
| (No need to do anything special in relation to this. Just something to keep in mind) | ||||
|  | ||||
| Docker 20.10 got released recently and your server will likely get it the next time you update. | ||||
|  | ||||
| This is the first major Docker update in a long time and it packs a lot of changes. | ||||
| Some of them introduced some breakage for us initially (see [here](https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/d08b27784f222effcbce2abf924bf07bbe0893be) and [here](https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/7593d969e316cc0144bce378a5be58c76c2c37ee)), but it should be all good now. | ||||
|  | ||||
|  | ||||
| # 2020-12-08 | ||||
|  | ||||
| ## openid APIs exposed by default on the federation port when federation disabled | ||||
|  | ||||
| We've changed some defaults. People running with our default configuration (federation enabled), are not affected at all. | ||||
|  | ||||
| If you are running an unfederated server (`matrix_synapse_federation_enabled: false`), this may be of interest to you. | ||||
|  | ||||
| When federation is disabled, but ma1sd or Dimension are enabled, we'll now expose the `openid` APIs on the federation port. | ||||
| These APIs are necessary for some ma1sd features to work. If you'd like to prevent this, you can: `matrix_synapse_federation_port_openid_resource_required: false`. | ||||
|  | ||||
|  | ||||
| # 2020-11-27 | ||||
|  | ||||
| ## Recent Jitsi updates may require configuration changes | ||||
|  | ||||
| We've recently [updated from Jitsi build 4857 to build 5142](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/719), which brings a lot of configuration changes. | ||||
|  | ||||
| **If you use our default Jitsi settings, you won't have to do anything.** | ||||
|  | ||||
| People who have [fine-tuned Jitsi](docs/configuring-playbook-jitsi.md#optional-fine-tune-jitsi) may find that some options got renamed now, others are gone and yet others still need to be defined in another way. | ||||
|  | ||||
| The next time you run the playbook [installation](docs/installing.md) command, our validation logic will tell you if you're using some variables like that and will recommend a migration path for each one. | ||||
|  | ||||
| Additionally, we've recently disabled transcriptions (`matrix_jitsi_enable_transcriptions: false`) and recording (`matrix_jitsi_enable_recording: false`) by default. These features did not work anyway, because we don't install the required dependencies for them (Jigasi and Jibri, respectively). If you've been somehow pointing your Jitsi installation to some manually installed Jigasi/Jibri service, you may need to toggle these flags back to enabled to have transcriptions and recordings working. | ||||
|  | ||||
|  | ||||
| # 2020-11-23 | ||||
|  | ||||
| ## Breaking change matrix-sms-bridge | ||||
|   | ||||
| @@ -1,3 +1,5 @@ | ||||
| [](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com) [](https://liberapay.com/s.pantaleev/donate) | ||||
|  | ||||
| # Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker | ||||
|  | ||||
| ## Purpose | ||||
|   | ||||
| @@ -10,13 +10,13 @@ | ||||
|  | ||||
| - [Installing](installing.md) | ||||
|  | ||||
| - **Importing data from another Synapse server installation** | ||||
| - **Importing data from another server installation** | ||||
|  | ||||
|   - [Importing an existing SQLite database (from another installation)](importing-sqlite.md) (optional) | ||||
|   - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional) | ||||
|  | ||||
|   - [Importing an existing Postgres database (from another installation)](importing-postgres.md) (optional) | ||||
|  | ||||
|   - [Importing `media_store` data files from an existing installation](importing-media-store.md) (optional) | ||||
|   - [Importing `media_store` data files from an existing Synapse installation](importing-synapse-media-store.md) (optional) | ||||
|  | ||||
| - [Registering users](registering-users.md) | ||||
|  | ||||
|   | ||||
| @@ -22,10 +22,10 @@ matrix_appservice_discord_client_id: "YOUR DISCORD APP CLIENT ID" | ||||
| matrix_appservice_discord_bot_token: "YOUR DISCORD APP BOT TOKEN" | ||||
| ``` | ||||
|  | ||||
| 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. | ||||
| 5. Retrieve Discord invite link from the `{{ matrix_appservice_discord_config_path }}/invite_link` file on the server (this defaults to `/matrix/appservice-discord/config/invite_link`). You need to peek at the file on the server via SSH, etc., because it's not available via HTTP(S). | ||||
| 6. Invite the Bot to Discord servers you wish to bridge. Administrator permission is recommended. | ||||
| 7. Room addresses follow this syntax: `#_discord_guildid_channelid`. You can easily find the guild and channel ids by logging into Discord in a browser and opening the desired channel. The URL will have this format: `discordapp.com/channels/guild_id/channel_id`. Once you have figured out the appropriate room addrss, you can join by doing `/join #_discord_guildid_channelid` in your Matrix client. | ||||
| 5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. | ||||
| 6. Retrieve Discord invite link from the `{{ matrix_appservice_discord_config_path }}/invite_link` file on the server (this defaults to `/matrix/appservice-discord/config/invite_link`). You need to peek at the file on the server via SSH, etc., because it's not available via HTTP(S). | ||||
| 7. Invite the Bot to Discord servers you wish to bridge. Administrator permission is recommended. | ||||
| 8. Room addresses follow this syntax: `#_discord_guildid_channelid`. You can easily find the guild and channel ids by logging into Discord in a browser and opening the desired channel. The URL will have this format: `discordapp.com/channels/guild_id/channel_id`. Once you have figured out the appropriate room addrss, you can join by doing `/join #_discord_guildid_channelid` in your Matrix client. | ||||
|  | ||||
| Other configuration options are available via the `matrix_appservice_discord_configuration_extension_yaml` variable. | ||||
|  | ||||
|   | ||||
| @@ -3,6 +3,9 @@ | ||||
| **[Dimension](https://dimension.t2bot.io) can only be installed after Matrix services are installed and running.** | ||||
| If you're just installing Matrix services for the first time, please continue with the [Configuration](configuring-playbook.md) / [Installation](installing.md) flow and come back here later. | ||||
|  | ||||
| **Note**: enabling Dimension, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible). | ||||
|  | ||||
|  | ||||
| ## Prerequisites | ||||
|  | ||||
| This playbook now supports running [Dimension](https://dimension.t2bot.io) in both a federated and an [unfederated](https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md) environment. This is handled automatically based on the value of `matrix_synapse_federation_enabled`. | ||||
| @@ -48,7 +51,7 @@ To get an access token for the Dimension user, you can follow one of two options | ||||
| 3. Copy the highlighted text to your configuration. | ||||
| 4. Close the private browsing session. **Do not log out**. Logging out will invalidate the token, making it not work. | ||||
|  | ||||
| *With CURL*  | ||||
| *With CURL* | ||||
|  | ||||
| ``` | ||||
| curl -X POST --header 'Content-Type: application/json' -d '{ | ||||
|   | ||||
| @@ -37,3 +37,13 @@ matrix_synapse_federation_enabled: false | ||||
| ``` | ||||
|  | ||||
| With that, your server's users will only be able to talk among themselves, but not to anyone who is on another server. | ||||
|  | ||||
| **Disabling federation does not necessarily disable the federation port** (`8448`). Services like [Dimension](configuring-playbook-dimension.md) and [ma1sd](configuring-playbook-ma1sd.md) normally rely on `openid` APIs exposed on that port. Even if you disable federation and only if necessary, we may still be exposing the federation port and serving the `openid` APIs there. To override this and completely disable Synapse's federation port use: | ||||
|  | ||||
| ```yaml | ||||
| # This stops the federation port on the Synapse side (normally `matrix-synapse:8048` on the container network). | ||||
| matrix_synapse_federation_port_enabled: false | ||||
|  | ||||
| # This removes the `8448` virtual host from the matrix-nginx-proxy reverse-proxy server. | ||||
| matrix_nginx_proxy_proxy_matrix_federation_api_enabled: false | ||||
| ``` | ||||
|   | ||||
| @@ -99,7 +99,7 @@ matrix_jitsi_web_custom_config_extension: | | ||||
|  | ||||
|   config.disableAudioLevels = true; | ||||
|  | ||||
|   # Limit the number of video feeds forwarded to each client | ||||
|   // Limit the number of video feeds forwarded to each client | ||||
|   config.channelLastN = 4; | ||||
|  | ||||
| matrix_jitsi_web_config_resolution_width_ideal_and_max: 480 | ||||
|   | ||||
| @@ -4,7 +4,9 @@ By default, this playbook configures an [ma1sd](https://github.com/ma1uta/ma1sd) | ||||
|  | ||||
| This server is private by default, potentially at the expense of user discoverability. | ||||
|  | ||||
| ma1sd is a fork of [mxisd](https://github.com/kamax-io/mxisd) which was pronounced end of life 2019-06-21. | ||||
| *ma1sd is a fork of [mxisd](https://github.com/kamax-io/mxisd) which was pronounced end of life 2019-06-21.* | ||||
|  | ||||
| **Note**: enabling ma1sd (which is also the default), means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible). | ||||
|  | ||||
|  | ||||
| ## Disabling ma1sd | ||||
| @@ -50,6 +52,9 @@ To use the [Registration](https://github.com/ma1uta/ma1sd/blob/master/docs/featu | ||||
|  | ||||
| - `matrix_ma1sd_configuration_extension_yaml` - to configure ma1sd as required. See the [Registration feature's docs](https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md) for inspiration. Also see the [Additional features](#additional-features) section below to learn more about how to use `matrix_ma1sd_configuration_extension_yaml`. | ||||
|  | ||||
| **Note**: For this to work, either the homeserver needs to [federate](configuring-playbook-federation.md) or the `openid` APIs need to exposed on the federation port. When federation is disabled and ma1sd is enabled, we automatically expose the `openid` APIs (only!) on the federation port. Make sure the federation port (usually `https://matrix.DOMAIN:8448`) is whitelisted in your firewall (even if you don't actually use/need federation). | ||||
|  | ||||
|  | ||||
| ## Authentication | ||||
|  | ||||
| [Authentication](https://github.com/ma1uta/ma1sd/blob/master/docs/features/authentication.md) provides the possibility to use your own [Identity Stores](https://github.com/ma1uta/ma1sd/blob/master/docs/stores/README.md) (for example LDAP) to authenticate users on your Homeserver. The following configuration can be used to authenticate against an LDAP server: | ||||
|   | ||||
| @@ -24,7 +24,6 @@ matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses: | ||||
| - 1.1.1.1 | ||||
| ``` | ||||
|  | ||||
|  | ||||
| ## Synapse + OpenID Connect for Single-Sign-On | ||||
|  | ||||
| If you want to use OpenID Connect as an SSO provider (as per the [Synapse OpenID docs](https://github.com/matrix-org/synapse/blob/develop/docs/openid.md)), you need to use the following configuration (in your `vars.yml` file) to instruct nginx to forward `/_synapse/oidc` to Synapse: | ||||
| @@ -32,3 +31,11 @@ If you want to use OpenID Connect as an SSO provider (as per the [Synapse OpenID | ||||
| ```yaml | ||||
| matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_oidc_api_enabled: true | ||||
| ``` | ||||
|  | ||||
| ## Disable Nginx access logs | ||||
|  | ||||
| This will disable the access logging for nginx. | ||||
|  | ||||
| ```yaml | ||||
| matrix_nginx_proxy_access_log_enabled: false | ||||
| ``` | ||||
|   | ||||
| @@ -144,7 +144,7 @@ matrix_nginx_proxy_container_extra_arguments: | ||||
|   - '--label "traefik.enable=true"' | ||||
|  | ||||
|   # The Nginx proxy container will receive traffic from these subdomains | ||||
|   - '--label "traefik.http.routers.matrix-nginx-proxy.rule=Host(`{{ matrix_server_fqn_matrix }}`,`{{ matrix_server_fqn_element }}`,`{{ matrix_server_fqn_dimension }},`{{ matrix_server_fqn_jitsi }}`)"' | ||||
|   - '--label "traefik.http.routers.matrix-nginx-proxy.rule=Host(`{{ matrix_server_fqn_matrix }}`,`{{ matrix_server_fqn_element }}`,`{{ matrix_server_fqn_dimension }}`,`{{ matrix_server_fqn_jitsi }}`)"' | ||||
|  | ||||
|   # (The 'web-secure' entrypoint must bind to port 443 in Traefik config) | ||||
|   - '--label "traefik.http.routers.matrix-nginx-proxy.entrypoints=web-secure"' | ||||
|   | ||||
| @@ -67,6 +67,7 @@ By default, it obtains certificates for: | ||||
| - possibly for `element.<your-domain>`, unless you have disabled the [Element client component](configuring-playbook-client-element.md) using `matrix_client_element_enabled: false` | ||||
| - possibly for `riot.<your-domain>`, if you have explicitly enabled Riot to Element redirection (for background compatibility) using `matrix_nginx_proxy_proxy_riot_compat_redirect_enabled: true` | ||||
| - possibly for `dimension.<your-domain>`, if you have explicitly [set up Dimension](configuring-playbook-dimension.md). | ||||
| - possibly for `jitsi.<your-domain>`, if you have explicitly [set up Jitsi](configuring-playbook-jitsi.md). | ||||
| - possibly for your base domain (`<your-domain>`), if you have explicitly configured [Serving the base domain](configuring-playbook-base-domain-serving.md) | ||||
|  | ||||
| If you are hosting other domains on the Matrix machine, you can make the playbook obtain and renew certificates for those other domains too. | ||||
| @@ -80,6 +81,7 @@ matrix_ssl_domains_to_obtain_certificates_for: | ||||
|   - '{{ matrix_server_fqn_matrix }}' | ||||
|   - '{{ matrix_server_fqn_element }}' | ||||
|   - '{{ matrix_server_fqn_dimension }}' | ||||
|   - '{{ matrix_server_fqn_jitsi }}' | ||||
|   - '{{ matrix_domain }}' | ||||
| ``` | ||||
|  | ||||
|   | ||||
| @@ -1,7 +1,7 @@ | ||||
| # Importing an existing Postgres database from another installation (optional) | ||||
|  | ||||
| Run this if you'd like to import your database from a previous installation of Synapse. | ||||
| (don't forget to import your `media_store` files as well - see [the importing-media-store guide](importing-media-store.md)). | ||||
| Run this if you'd like to import your database from a previous installation. | ||||
| (don't forget to import your Synapse `media_store` files as well - see [the importing-synape-media-store guide](importing-synapse-media-store.md)). | ||||
|  | ||||
|  | ||||
| ## Prerequisites | ||||
|   | ||||
| @@ -1,4 +1,4 @@ | ||||
| # Importing `media_store` data files from an existing installation (optional) | ||||
| # Importing `media_store` data files from an existing Synapse installation (optional) | ||||
| 
 | ||||
| Run this if you'd like to import your `media_store` files from a previous installation of Synapse. | ||||
| 
 | ||||
| @@ -17,6 +17,6 @@ As an alternative, you can perform a manual restore using the [AWS CLI tool](htt | ||||
| 
 | ||||
| Run this command (make sure to replace `<server-path-to-media_store>` with a path on your server): | ||||
| 
 | ||||
| 	ansible-playbook -i inventory/hosts setup.yml --extra-vars='server_path_media_store=<server-path-to-media_store>' --tags=import-media-store | ||||
| 	ansible-playbook -i inventory/hosts setup.yml --extra-vars='server_path_media_store=<server-path-to-media_store>' --tags=import-synapse-media-store | ||||
| 
 | ||||
| **Note**: `<server-path-to-media_store>` must be a file path to a `media_store` directory on the server (not on your local machine!). | ||||
| @@ -1,7 +1,7 @@ | ||||
| # Importing an existing SQLite database from another installation (optional) | ||||
| # Importing an existing SQLite database from another Synapse installation (optional) | ||||
| 
 | ||||
| Run this if you'd like to import your database from a previous default installation of Synapse. | ||||
| (don't forget to import your `media_store` files as well - see [the importing-media-store guide](importing-media-store.md)). | ||||
| (don't forget to import your `media_store` files as well - see [the importing-synapse-media-store guide](importing-synapse-media-store.md)). | ||||
| 
 | ||||
| While this playbook always sets up PostgreSQL, by default a Synapse installation would run | ||||
| using an SQLite database. | ||||
| @@ -18,7 +18,7 @@ Before doing the actual import, **you need to upload your SQLite database file t | ||||
| 
 | ||||
| Run this command (make sure to replace `<server-path-to-homeserver.db>` with a file path on your server): | ||||
| 
 | ||||
| 	ansible-playbook -i inventory/hosts setup.yml --extra-vars='server_path_homeserver_db=<server-path-to-homeserver.db>' --tags=import-sqlite-db | ||||
| 	ansible-playbook -i inventory/hosts setup.yml --extra-vars='server_path_homeserver_db=<server-path-to-homeserver.db>' --tags=import-synapse-sqlite-db | ||||
| 
 | ||||
| **Notes**: | ||||
| 
 | ||||
| @@ -21,11 +21,11 @@ Feel free to **re-run this setup command any time** you think something is off w | ||||
|  | ||||
| After installing, but before starting the services, you may want to do additional things like: | ||||
|  | ||||
| - [Importing an existing SQLite database (from another installation)](importing-sqlite.md) (optional) | ||||
| - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional) | ||||
|  | ||||
| - [Importing an existing Postgres database (from another installation)](importing-postgres.md) (optional) | ||||
|  | ||||
| - [Importing `media_store` data files from an existing installation](importing-media-store.md) (optional) | ||||
| - [Importing `media_store` data files from an existing Synapse installation](importing-synapse-media-store.md) (optional) | ||||
|  | ||||
|  | ||||
| ## Starting the services | ||||
|   | ||||
| @@ -4,14 +4,11 @@ This document shows you how to perform various maintenance tasks related to the | ||||
|  | ||||
| Table of contents: | ||||
|  | ||||
| - [Purging unused data with synapse-janitor](#purging-unused-data-with-synapse-janitor), for when you wish to delete unused data from the Synapse database | ||||
|  | ||||
| - [Purging old data with the Purge History API](#purging-old-data-with-the-purge-history-api), for when you wish to delete in-use (but old) data from the Synapse database | ||||
|  | ||||
| - [Synapse maintenance](#synapse-maintenance) | ||||
| 	- [Purging old data with the Purge History API](#purging-old-data-with-the-purge-history-api) | ||||
| 	- [Compressing state with rust-synapse-compress-state](#compressing-state-with-rust-synapse-compress-state) | ||||
| 	- [Purging unused data with synapse-janitor](#purging-unused-data-with-synapse-janitor) | ||||
| 	- [Browse and manipulate the database](#browse-and-manipulate-the-database) | ||||
|  | ||||
| - [Browse and manipulate the database](#browse-and-manipulate-the-database), for when you really need to take matters into your own hands | ||||
| @@ -57,27 +54,6 @@ If you need to adjust this, pass: `--extra-vars='matrix_synapse_rust_synapse_com | ||||
| After state compression, you may wish to run a [`FULL` Postgres `VACUUM`](./maintenance-postgres.md#vacuuming-postgresql). | ||||
|  | ||||
|  | ||||
| ## Purging unused data with synapse-janitor | ||||
|  | ||||
| **NOTE**: There are [reports](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/465) that **synapse-janitor is dangerous to use and causes database corruption**. You may wish to refrain from using it. | ||||
|  | ||||
| When you **leave** and **forget** a room, Synapse can clean up its data, but currently doesn't. | ||||
| This **unused and unreachable data** remains in your database forever. | ||||
|  | ||||
| There are external tools (like [synapse-janitor](https://github.com/xwiki-labs/synapse_scripts)), which are meant to solve this problem. | ||||
|  | ||||
| To ask the playbook to run synapse-janitor, execute: | ||||
|  | ||||
| ```bash | ||||
| ansible-playbook -i inventory/hosts setup.yml --tags=run-postgres-synapse-janitor,start | ||||
| ``` | ||||
|  | ||||
| **Note**: this will automatically stop Synapse temporarily and restart it later. | ||||
|  | ||||
| Running synapse-janitor potentially deletes a lot of data from the Postgres database. | ||||
| You may wish to run a [`FULL` Postgres `VACUUM`](./maintenance-postgres.md#vacuuming-postgresql) after that. | ||||
|  | ||||
|  | ||||
| ## Browse and manipulate the database | ||||
|  | ||||
| When the [matrix admin API](https://github.com/matrix-org/synapse/tree/master/docs/admin_api) and the other tools do not provide a more convenient way, having a look at synapse's postgresql database can satisfy a lot of admins' needs. | ||||
|   | ||||
| @@ -10,7 +10,7 @@ This playbook doesn't support running on ARM (see [this issue](https://github.co | ||||
|  | ||||
| - `root` access to your server (or a user capable of elevating to `root` via `sudo`). | ||||
|  | ||||
| - [Python](https://www.python.org/) being installed on the server. Most distributions install Python by default, but some don't (e.g. Ubuntu 18.04) and require manual installation (something like `apt-get install python`). | ||||
| - [Python](https://www.python.org/) being installed on the server. Most distributions install Python by default, but some don't (e.g. Ubuntu 18.04) and require manual installation (something like `apt-get install python3`). On some distros, Ansible may incorrectly [detect the Python version](https://docs.ansible.com/ansible/latest/reference_appendices/interpreter_discovery.html) (2 vs 3) and you may need to explicitly specify the interpreter path in `inventory/hosts` during installation (e.g. `ansible_python_interpreter=/usr/bin/python3`) | ||||
|  | ||||
| - A `cron`-like tool installed on the server such as `cron` or `anacron` to automatically schedule the Let's Encrypt SSL certificates's renewal. *This can be ignored if you use your own SSL certificates.* | ||||
|  | ||||
| @@ -22,6 +22,17 @@ This playbook doesn't support running on ARM (see [this issue](https://github.co | ||||
|  | ||||
| - Properly configured DNS records for `<your-domain>` (details in [Configuring DNS](configuring-dns.md)). | ||||
|  | ||||
| - Some TCP/UDP ports open. This playbook configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: `80/tcp` (HTTP webserver), `443/tcp` (HTTPS webserver), `3478/tcp` (TURN over TCP), `3478/udp` (TURN over UDP), `5349/tcp` (TURN over TCP), `5349/udp` (TURN over UDP), `8448/tcp` (Matrix Federation API HTTPS webserver), the range `49152-49172/udp` (TURN over UDP), `4443/tcp` (Jitsi Harvester fallback), `10000/udp` (Jitsi video RTP). Depending on your firewall/NAT setup, incoming RTP packets on port 10000 may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/matrix-jitsi/defaults/main.yml)). | ||||
| - Some TCP/UDP ports open. This playbook configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: | ||||
|  | ||||
|   - `80/tcp`: HTTP webserver | ||||
|   - `443/tcp`: HTTPS webserver | ||||
|   - `3478/tcp`: TURN over TCP (used by Coturn) | ||||
|   - `3478/udp`: TURN over UDP (used by Coturn) | ||||
|   - `5349/tcp`: TURN over TCP (used by Coturn) | ||||
|   - `5349/udp`: TURN over UDP (used by Coturn) | ||||
|   - `8448/tcp`: Matrix Federation API HTTPS webserver. In some cases, this **may necessary even with federation disabled**. Integration Servers (like Dimension) and Identity Servers (like ma1sd) may need to access `openid` APIs on the federation port. | ||||
|   - the range `49152-49172/udp`: TURN over UDP | ||||
|   - `4443/tcp`: Jitsi Harvester fallback | ||||
|   - `10000/udp`: Jitsi video RTP. Depending on your firewall/NAT setup, incoming RTP packets on port `10000` may have the external IP of your firewall as destination address, due to the usage of STUN in JVB (see [`matrix_jitsi_jvb_stun_servers`](../roles/matrix-jitsi/defaults/main.yml)). | ||||
|  | ||||
| When ready to proceed, continue with [Configuring DNS](configuring-dns.md). | ||||
|   | ||||
| @@ -15,6 +15,7 @@ List of roles where self-building the Docker image is currently possible: | ||||
| - `matrix-client-element` | ||||
| - `matrix-registration` | ||||
| - `matrix-coturn` | ||||
| - `matrix-corporal` | ||||
| - `matrix-ma1sd` | ||||
| - `matrix-mailer` | ||||
| - `matrix-bridge-mautrix-facebook` | ||||
|   | ||||
| @@ -26,7 +26,7 @@ and then connecting to the postgres server and executing: | ||||
| ``` | ||||
| UPDATE users SET password_hash = '<password-hash>' WHERE name = '@someone:server.com' | ||||
| ``` | ||||
| ` | ||||
|  | ||||
| where `<password-hash>` is the hash returned by the docker command above. | ||||
|  | ||||
|  | ||||
|   | ||||
| @@ -10,6 +10,9 @@ | ||||
| # | ||||
| # If you're running this Ansible playbook on the same server as the one you're installing to, | ||||
| # consider adding an additional `ansible_connection=local` argument below. | ||||
| # | ||||
| # Ansible may fail to discover which Python interpreter to use on the host for some distros (like Ubuntu 20.04). | ||||
| # You may sometimes need to explicitly add `ansible_python_interpreter=/usr/bin/python3` to lines below. | ||||
|  | ||||
| [matrix_servers] | ||||
| matrix.<your-domain> ansible_host=<your-server's external IP address> ansible_ssh_user=root | ||||
|   | ||||
| @@ -24,20 +24,6 @@ matrix_identity_server_url: "{{ ('https://' + matrix_server_fqn_matrix) if matri | ||||
| # | ||||
| ###################################################################### | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # matrix-architecture | ||||
| # | ||||
| ###################################################################### | ||||
|  | ||||
| matrix_architecture: "amd64" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-architecture | ||||
| # | ||||
| ###################################################################### | ||||
|  | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| @@ -61,12 +47,19 @@ matrix_appservice_discord_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_appservice_discord_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'discord.as.token') | to_uuid }}" | ||||
|  | ||||
| matrix_appservice_discord_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'discord.hs.token') | to_uuid }}" | ||||
|  | ||||
| # We only make this use Postgres if our own Postgres server is enabled. | ||||
| # It's only then (for now) that we can automatically create the necessary database and user for this service. | ||||
| matrix_appservice_discord_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_appservice_discord_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'as.discord.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-appservice-discord | ||||
| @@ -135,6 +128,10 @@ matrix_appservice_slack_systemd_required_services_list: | | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|   }} | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_appservice_slack_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_appservice_slack_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'as.slack.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-appservice-slack | ||||
| @@ -170,6 +167,10 @@ matrix_appservice_irc_appservice_token: "{{ matrix_synapse_macaroon_secret_key | | ||||
|  | ||||
| matrix_appservice_irc_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'irc.hs.token') | to_uuid }}" | ||||
|  | ||||
| matrix_appservice_irc_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'nedb' }}" | ||||
| matrix_appservice_irc_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'as.irc.db') | to_uuid }}" | ||||
|  | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-appservice-irc | ||||
| @@ -193,6 +194,8 @@ matrix_mautrix_facebook_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mautrix_facebook_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'fb.as.token') | to_uuid }}" | ||||
| @@ -201,6 +204,12 @@ matrix_mautrix_facebook_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | ||||
|  | ||||
| matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_use_presence if matrix_synapse_enabled else true }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mautrix_facebook_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mautrix_facebook_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.fb.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mautrix-facebook | ||||
| @@ -224,6 +233,8 @@ matrix_mautrix_hangouts_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mautrix_hangouts_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'ho.as.token') | to_uuid }}" | ||||
| @@ -234,6 +245,10 @@ matrix_mautrix_hangouts_container_http_host_bind_port: "{{ '' if matrix_nginx_pr | ||||
|  | ||||
| matrix_mautrix_hangouts_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mautrix_hangouts_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mautrix_hangouts_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.hangouts.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mautrix-hangouts | ||||
| @@ -258,6 +273,8 @@ matrix_mautrix_telegram_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mautrix_telegram_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'telegr.as.token') | to_uuid }}" | ||||
| @@ -270,6 +287,10 @@ matrix_mautrix_telegram_container_http_host_bind_port: "{{ '' if matrix_nginx_pr | ||||
|  | ||||
| matrix_mautrix_telegram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mautrix_telegram_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mautrix_telegram_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.telegram.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mautrix-telegram | ||||
| @@ -290,6 +311,8 @@ matrix_mautrix_whatsapp_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mautrix_whatsapp_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'whats.as.token') | to_uuid }}" | ||||
| @@ -298,6 +321,10 @@ matrix_mautrix_whatsapp_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | ||||
|  | ||||
| matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mautrix_whatsapp_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mautrix_whatsapp_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mauwhatsapp.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mautrix-whatsapp | ||||
| @@ -346,6 +373,8 @@ matrix_mx_puppet_skype_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mx_puppet_skype_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'skype.as.tok') | to_uuid }}" | ||||
| @@ -354,6 +383,10 @@ matrix_mx_puppet_skype_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | ||||
|  | ||||
| matrix_mx_puppet_skype_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mx_puppet_skype_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mx_puppet_skype_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxpup.skype.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mx-puppet-skype | ||||
| @@ -377,6 +410,8 @@ matrix_mx_puppet_slack_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mx_puppet_slack_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxslk.as.tok') | to_uuid }}" | ||||
| @@ -385,6 +420,10 @@ matrix_mx_puppet_slack_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | ||||
|  | ||||
| matrix_mx_puppet_slack_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mx_puppet_slack_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mx_puppet_slack_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxpup.slack.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mx-puppet-slack | ||||
| @@ -407,6 +446,8 @@ matrix_mx_puppet_twitter_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mx_puppet_twitter_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxtwt.as.tok') | to_uuid }}" | ||||
| @@ -417,6 +458,10 @@ matrix_mx_puppet_twitter_login_shared_secret: "{{ matrix_synapse_ext_password_pr | ||||
|  | ||||
| matrix_mx_puppet_twitter_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else ('127.0.0.1:' ~ matrix_mx_puppet_twitter_appservice_port) }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mx_puppet_twitter_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mx_puppet_twitter_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxpup.twitter.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mx-puppet-twitter | ||||
| @@ -440,6 +485,8 @@ matrix_mx_puppet_instagram_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mx_puppet_instagram_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxig.as.tok') | to_uuid }}" | ||||
| @@ -448,6 +495,10 @@ matrix_mx_puppet_instagram_homeserver_token: "{{ matrix_synapse_macaroon_secret_ | ||||
|  | ||||
| matrix_mx_puppet_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mx_puppet_instagram_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mx_puppet_instagram_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxpup.ig.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mx-puppet-instagram | ||||
| @@ -470,6 +521,8 @@ matrix_mx_puppet_discord_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mx_puppet_discord_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxdsc.as.tok') | to_uuid }}" | ||||
| @@ -478,6 +531,10 @@ matrix_mx_puppet_discord_homeserver_token: "{{ matrix_synapse_macaroon_secret_ke | ||||
|  | ||||
| matrix_mx_puppet_discord_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mx_puppet_discord_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mx_puppet_discord_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxpup.dsc.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mx-puppet-discord | ||||
| @@ -500,6 +557,8 @@ matrix_mx_puppet_steam_systemd_required_services_list: | | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-synapse.service'] if matrix_synapse_enabled else []) | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_mx_puppet_steam_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxste.as.tok') | to_uuid }}" | ||||
| @@ -508,6 +567,10 @@ matrix_mx_puppet_steam_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | ||||
|  | ||||
| matrix_mx_puppet_steam_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_mx_puppet_steam_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_mx_puppet_steam_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mxpup.steam.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bridge-mx-puppet-steam | ||||
| @@ -524,6 +587,17 @@ matrix_mx_puppet_steam_login_shared_secret: "{{ matrix_synapse_ext_password_prov | ||||
| # We don't enable bots by default. | ||||
| matrix_bot_matrix_reminder_bot_enabled: false | ||||
|  | ||||
| matrix_bot_matrix_reminder_bot_systemd_required_services_list: | | ||||
|   {{ | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_bot_matrix_reminder_bot_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_bot_matrix_reminder_bot_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'reminder.bot.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-bot-matrix-reminder-bot | ||||
| @@ -539,6 +613,8 @@ matrix_bot_matrix_reminder_bot_enabled: false | ||||
|  | ||||
| matrix_corporal_enabled: false | ||||
|  | ||||
| matrix_corporal_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" | ||||
|  | ||||
| # Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-corporal over the container network. | ||||
| # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose | ||||
| # matrix-corporal's web-server ports to the local host. | ||||
| @@ -616,7 +692,16 @@ matrix_dimension_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_ena | ||||
| matrix_integration_manager_rest_url: "{{ matrix_dimension_integrations_rest_url if matrix_dimension_enabled else None }}" | ||||
| matrix_integration_manager_ui_url: "{{ matrix_dimension_integrations_ui_url if matrix_dimension_enabled else None }}" | ||||
|  | ||||
| matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:{{ 8048 if matrix_synapse_federation_enabled|bool else 8008 }}" | ||||
| matrix_dimension_systemd_required_services_list: | | ||||
|   {{ | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_dimension_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_dimension_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'dimension.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| @@ -762,6 +847,11 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_tls: 0 | ||||
|  | ||||
| matrix_ma1sd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}" | ||||
|  | ||||
| matrix_ma1sd_systemd_required_services_list: | | ||||
|   {{ | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| matrix_ma1sd_systemd_wanted_services_list: | | ||||
|   {{ | ||||
|     (['matrix-corporal.service'] if matrix_corporal_enabled else ['matrix-synapse.service']) | ||||
| @@ -771,6 +861,10 @@ matrix_ma1sd_systemd_wanted_services_list: | | ||||
|     (['matrix-mailer.service'] if matrix_mailer_enabled else []) | ||||
|   }} | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_ma1sd_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_ma1sd_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'ma1sd.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-ma1sd | ||||
| @@ -812,7 +906,8 @@ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container: "matrix-ma1sd: | ||||
| matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container: "127.0.0.1:8090" | ||||
|  | ||||
| # By default, we do TLS termination for the Matrix Federation API (port 8448) at matrix-nginx-proxy. | ||||
| matrix_nginx_proxy_proxy_matrix_federation_api_enabled: true | ||||
| # Unless this is handled there OR Synapse's federation listener port is disabled, we'll reverse-proxy. | ||||
| matrix_nginx_proxy_proxy_matrix_federation_api_enabled: "{{ matrix_synapse_federation_port_enabled and not matrix_synapse_tls_federation_listener_enabled }}" | ||||
| matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container: "matrix-synapse:8048" | ||||
| matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:8048" | ||||
|  | ||||
| @@ -886,6 +981,133 @@ matrix_postgres_connection_username: "synapse" | ||||
| matrix_postgres_connection_password: "synapse-password" | ||||
| matrix_postgres_db_name: "homeserver" | ||||
|  | ||||
| matrix_postgres_pgloader_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" | ||||
|  | ||||
| matrix_postgres_additional_databases: | | ||||
|   {{ | ||||
|     ([{ | ||||
|       'name': matrix_ma1sd_database_name, | ||||
|       'username': matrix_ma1sd_database_username, | ||||
|       'password': matrix_ma1sd_database_password, | ||||
|     }] if (matrix_ma1sd_enabled and matrix_ma1sd_database_engine == 'postgres' and matrix_ma1sd_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_bot_matrix_reminder_bot_database_name, | ||||
|       'username': matrix_bot_matrix_reminder_bot_database_username, | ||||
|       'password': matrix_bot_matrix_reminder_bot_database_password, | ||||
|     }] if (matrix_bot_matrix_reminder_bot_enabled and matrix_bot_matrix_reminder_bot_database_engine == 'postgres' and matrix_bot_matrix_reminder_bot_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_registration_database_name, | ||||
|       'username': matrix_registration_database_username, | ||||
|       'password': matrix_registration_database_password, | ||||
|     }] if (matrix_registration_enabled and matrix_registration_database_engine == 'postgres' and matrix_registration_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_appservice_discord_database_name, | ||||
|       'username': matrix_appservice_discord_database_username, | ||||
|       'password': matrix_appservice_discord_database_password, | ||||
|     }] if (matrix_appservice_discord_enabled and matrix_appservice_discord_database_engine == 'postgres' and matrix_appservice_discord_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_appservice_slack_database_name, | ||||
|       'username': matrix_appservice_slack_database_username, | ||||
|       'password': matrix_appservice_slack_database_password, | ||||
|     }] if (matrix_appservice_slack_enabled and matrix_appservice_slack_database_engine == 'postgres' and matrix_appservice_slack_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_appservice_irc_database_name, | ||||
|       'username': matrix_appservice_irc_database_username, | ||||
|       'password': matrix_appservice_irc_database_password, | ||||
|     }] if (matrix_appservice_irc_enabled and matrix_appservice_irc_database_engine == 'postgres' and matrix_appservice_irc_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mautrix_facebook_database_name, | ||||
|       'username': matrix_mautrix_facebook_database_username, | ||||
|       'password': matrix_mautrix_facebook_database_password, | ||||
|     }] if (matrix_mautrix_facebook_enabled and matrix_mautrix_facebook_database_engine == 'postgres' and matrix_mautrix_facebook_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mautrix_hangouts_database_name, | ||||
|       'username': matrix_mautrix_hangouts_database_username, | ||||
|       'password': matrix_mautrix_hangouts_database_password, | ||||
|     }] if (matrix_mautrix_hangouts_enabled and matrix_mautrix_hangouts_database_engine == 'postgres' and matrix_mautrix_hangouts_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mautrix_telegram_database_name, | ||||
|       'username': matrix_mautrix_telegram_database_username, | ||||
|       'password': matrix_mautrix_telegram_database_password, | ||||
|     }] if (matrix_mautrix_telegram_enabled and matrix_mautrix_telegram_database_engine == 'postgres' and matrix_mautrix_telegram_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mautrix_whatsapp_database_name, | ||||
|       'username': matrix_mautrix_whatsapp_database_username, | ||||
|       'password': matrix_mautrix_whatsapp_database_password, | ||||
|     }] if (matrix_mautrix_whatsapp_enabled and matrix_mautrix_whatsapp_database_engine == 'postgres' and matrix_mautrix_whatsapp_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': 'matrix_bridge_sms', | ||||
|       'username': 'matrix_bridge_sms', | ||||
|       'password': matrix_synapse_macaroon_secret_key | password_hash('sha512', 'bridge.sms.db') | to_uuid, | ||||
|     }] if matrix_sms_bridge_enabled else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mx_puppet_skype_database_name, | ||||
|       'username': matrix_mx_puppet_skype_database_username, | ||||
|       'password': matrix_mx_puppet_skype_database_password, | ||||
|     }] if (matrix_mx_puppet_skype_enabled and matrix_mx_puppet_skype_database_engine == 'postgres' and matrix_mx_puppet_skype_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mx_puppet_slack_database_name, | ||||
|       'username': matrix_mx_puppet_slack_database_username, | ||||
|       'password': matrix_mx_puppet_slack_database_password, | ||||
|     }] if (matrix_mx_puppet_slack_enabled and matrix_mx_puppet_slack_database_engine == 'postgres' and matrix_mx_puppet_slack_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mx_puppet_twitter_database_name, | ||||
|       'username': matrix_mx_puppet_twitter_database_username, | ||||
|       'password': matrix_mx_puppet_twitter_database_password, | ||||
|     }] if (matrix_mx_puppet_twitter_enabled and matrix_mx_puppet_twitter_database_engine == 'postgres' and matrix_mx_puppet_twitter_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mx_puppet_instagram_database_name, | ||||
|       'username': matrix_mx_puppet_instagram_database_username, | ||||
|       'password': matrix_mx_puppet_instagram_database_password, | ||||
|     }] if (matrix_mx_puppet_instagram_enabled and matrix_mx_puppet_instagram_database_engine == 'postgres' and matrix_mx_puppet_instagram_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mx_puppet_discord_database_name, | ||||
|       'username': matrix_mx_puppet_discord_database_username, | ||||
|       'password': matrix_mx_puppet_discord_database_password, | ||||
|     }] if (matrix_mx_puppet_discord_enabled  and matrix_mx_puppet_discord_database_engine == 'postgres' and matrix_mx_puppet_discord_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_mx_puppet_steam_database_name, | ||||
|       'username': matrix_mx_puppet_steam_database_username, | ||||
|       'password': matrix_mx_puppet_steam_database_password, | ||||
|     }] if (matrix_mx_puppet_steam_enabled and matrix_mx_puppet_steam_database_engine == 'postgres' and matrix_mx_puppet_steam_database_hostname == 'matrix-postgres') else []) | ||||
|     + | ||||
|     ([{ | ||||
|       'name': matrix_dimension_database_name, | ||||
|       'username': matrix_dimension_database_username, | ||||
|       'password': matrix_dimension_database_password, | ||||
|     }] if (matrix_dimension_enabled and matrix_dimension_database_engine == 'postgres' and matrix_dimension_database_hostname == 'matrix-postgres') else []) | ||||
|    }} | ||||
|  | ||||
| matrix_postgres_import_roles_to_ignore: | | ||||
|   {{ | ||||
|     [matrix_postgres_connection_username] | ||||
|     + | ||||
|     matrix_postgres_additional_databases|map(attribute='username')|list | ||||
|   }} | ||||
|  | ||||
| matrix_postgres_import_databases_to_ignore: | | ||||
|   {{ | ||||
|     [matrix_postgres_db_name] | ||||
|     + | ||||
|     matrix_postgres_additional_databases|map(attribute='name')|list | ||||
|   }} | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-postgres | ||||
| @@ -986,12 +1208,7 @@ matrix_synapse_tls_federation_listener_enabled: false | ||||
| matrix_synapse_tls_certificate_path: ~ | ||||
| matrix_synapse_tls_private_key_path: ~ | ||||
|  | ||||
| matrix_synapse_http_listener_resource_names: | | ||||
|   {{ | ||||
|     ["client"] | ||||
|     + | ||||
|     ( ["openid"] if matrix_dimension_enabled and not matrix_synapse_federation_enabled else [] ) | ||||
|   }} | ||||
| matrix_synapse_federation_port_openid_resource_required: "{{ not matrix_synapse_federation_enabled and (matrix_dimension_enabled or matrix_ma1sd_enabled) }}" | ||||
|  | ||||
| matrix_synapse_email_enabled: "{{ matrix_mailer_enabled }}" | ||||
| matrix_synapse_email_smtp_host: "matrix-mailer" | ||||
| @@ -1087,6 +1304,17 @@ matrix_registration_api_validate_certs: "{{ false if matrix_ssl_retrieval_method | ||||
|  | ||||
| matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" | ||||
|  | ||||
| matrix_registration_systemd_required_services_list: | | ||||
|   {{ | ||||
|     ['docker.service'] | ||||
|     + | ||||
|     (['matrix-postgres.service'] if matrix_postgres_enabled else []) | ||||
|   }} | ||||
|  | ||||
| # Postgres is the default, except if not using `matrix_postgres` (internal postgres) | ||||
| matrix_registration_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" | ||||
| matrix_registration_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mx.registr.db') | to_uuid }}" | ||||
|  | ||||
| ###################################################################### | ||||
| # | ||||
| # /matrix-registration | ||||
|   | ||||
| @@ -23,6 +23,17 @@ matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}" | ||||
|  | ||||
| matrix_federation_public_port: 8448 | ||||
|  | ||||
| # The architecture that your server runs. | ||||
| # Recognized values by us are 'amd64', 'arm32' and 'arm64'. | ||||
| # Not all architectures support all services, so your experience (on non-amd64) may vary. | ||||
| # See docs/alternative-architectures.md | ||||
| matrix_architecture: amd64 | ||||
|  | ||||
| # The architecture for Debian packages. | ||||
| # See: https://wiki.debian.org/SupportedArchitectures | ||||
| # We just remap from our `matrix_architecture` values to what Debian and possibly other distros call things. | ||||
| matrix_debian_arch: "{{ 'armhf' if matrix_architecture == 'arm32' else matrix_architecture }}" | ||||
|  | ||||
| matrix_user_username: "matrix" | ||||
| matrix_user_groupname: "matrix" | ||||
|  | ||||
| @@ -106,7 +117,6 @@ matrix_docker_package_name: docker-ce | ||||
| run_postgres_import: true | ||||
| run_postgres_upgrade: true | ||||
| run_postgres_import_sqlite_db: true | ||||
| run_postgres_synapse_janitor: true | ||||
| run_postgres_vacuum: true | ||||
| run_synapse_register_user: true | ||||
| run_synapse_update_user_password: true | ||||
|   | ||||
| @@ -1,62 +1,62 @@ | ||||
| [docker-ce-stable] | ||||
| name=Docker CE Stable - $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/7/$basearch/stable | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/$basearch/stable | ||||
| enabled=1 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-stable-debuginfo] | ||||
| name=Docker CE Stable - Debuginfo $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/stable | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/debug-$basearch/stable | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-stable-source] | ||||
| name=Docker CE Stable - Sources | ||||
| baseurl=https://download.docker.com/linux/centos/7/source/stable | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-edge] | ||||
| name=Docker CE Edge - $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/7/$basearch/edge | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-edge-debuginfo] | ||||
| name=Docker CE Edge - Debuginfo $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/edge | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-edge-source] | ||||
| name=Docker CE Edge - Sources | ||||
| baseurl=https://download.docker.com/linux/centos/7/source/edge | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/source/stable | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-test] | ||||
| name=Docker CE Test - $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/7/$basearch/test | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/$basearch/test | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-test-debuginfo] | ||||
| name=Docker CE Test - Debuginfo $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/7/debug-$basearch/test | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/debug-$basearch/test | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-test-source] | ||||
| name=Docker CE Test - Sources | ||||
| baseurl=https://download.docker.com/linux/centos/7/source/test | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/source/test | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-nightly] | ||||
| name=Docker CE Nightly - $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/$basearch/nightly | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-nightly-debuginfo] | ||||
| name=Docker CE Nightly - Debuginfo $basearch | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/debug-$basearch/nightly | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|  | ||||
| [docker-ce-nightly-source] | ||||
| name=Docker CE Nightly - Sources | ||||
| baseurl=https://download.docker.com/linux/centos/$releasever/source/nightly | ||||
| enabled=0 | ||||
| gpgcheck=1 | ||||
| gpgkey=https://download.docker.com/linux/centos/gpg | ||||
|   | ||||
| @@ -11,7 +11,7 @@ | ||||
|  | ||||
| - name: Ensure Docker's APT key is trusted | ||||
|   apt_key: | ||||
|     url: https://download.docker.com/linux/ubuntu/gpg | ||||
|     url: "https://download.docker.com/linux/{{ ansible_distribution|lower }}/gpg" | ||||
|     id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 | ||||
|     state: present | ||||
|   register: add_repository_key | ||||
| @@ -20,7 +20,7 @@ | ||||
|  | ||||
| - name: Ensure Docker repository is enabled | ||||
|   apt_repository: | ||||
|     repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" | ||||
|     repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" | ||||
|     state: present | ||||
|     update_cache: yes | ||||
|   when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' | ||||
|   | ||||
| @@ -5,6 +5,7 @@ | ||||
|     name: | ||||
|       - apt-transport-https | ||||
|       - ca-certificates | ||||
|       - gnupg | ||||
|     state: present | ||||
|     update_cache: yes | ||||
|  | ||||
| @@ -19,7 +20,7 @@ | ||||
|  | ||||
| - name: Ensure Docker repository is enabled | ||||
|   apt_repository: | ||||
|     repo: "deb [arch=armhf] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" | ||||
|     repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable" | ||||
|     state: present | ||||
|     update_cache: yes | ||||
|   when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' | ||||
| @@ -27,7 +28,6 @@ | ||||
| - name: Ensure APT packages are installed | ||||
|   apt: | ||||
|     name: | ||||
|       - python-docker | ||||
|       - "{{ matrix_ntpd_package }}" | ||||
|       - fuse | ||||
|     state: latest | ||||
| @@ -37,5 +37,6 @@ | ||||
|   apt: | ||||
|     name: | ||||
|       - "{{ matrix_docker_package_name }}" | ||||
|       - "python{{'3' if ansible_python.version.major == 3 else ''}}-docker" | ||||
|     state: latest | ||||
|   when: matrix_docker_installation_enabled|bool | ||||
|   | ||||
| @@ -21,6 +21,34 @@ matrix_bot_matrix_reminder_bot_systemd_required_services_list: ['docker.service' | ||||
| matrix_bot_matrix_reminder_bot_systemd_wanted_services_list: [] | ||||
|  | ||||
|  | ||||
| # Database-related configuration fields. | ||||
| # | ||||
| # To use SQLite, stick to these defaults. | ||||
| # | ||||
| # To use Postgres: | ||||
| # - change the engine (`matrix_bot_matrix_reminder_bot_database_engine: 'postgres'`) | ||||
| # - adjust your database credentials via the `matrix_bot_matrix_reminder_bot_database_*` variables | ||||
| matrix_bot_matrix_reminder_bot_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_bot_matrix_reminder_bot_sqlite_database_path_local: "{{ matrix_bot_matrix_reminder_bot_data_path }}/bot.db" | ||||
| matrix_bot_matrix_reminder_bot_sqlite_database_path_in_container: "/data/bot.db" | ||||
|  | ||||
| matrix_bot_matrix_reminder_bot_database_username: 'matrix_reminder_bot' | ||||
| matrix_bot_matrix_reminder_bot_database_password: 'some-password' | ||||
| matrix_bot_matrix_reminder_bot_database_hostname: 'matrix-postgres' | ||||
| matrix_bot_matrix_reminder_bot_database_port: 5432 | ||||
| matrix_bot_matrix_reminder_bot_database_name: 'matrix_reminder_bot' | ||||
|  | ||||
| matrix_bot_matrix_reminder_bot_database_connection_string: 'postgres://{{ matrix_bot_matrix_reminder_bot_database_username }}:{{ matrix_bot_matrix_reminder_bot_database_password }}@{{ matrix_bot_matrix_reminder_bot_database_hostname }}:{{ matrix_bot_matrix_reminder_bot_database_port }}/{{ matrix_bot_matrix_reminder_bot_database_name }}' | ||||
|  | ||||
| matrix_bot_matrix_reminder_bot_storage_database: "{{ | ||||
| 	{ | ||||
| 		'sqlite': ('sqlite://' + matrix_bot_matrix_reminder_bot_sqlite_database_path_in_container), | ||||
| 		'postgres': matrix_bot_matrix_reminder_bot_database_connection_string, | ||||
| 	}[matrix_bot_matrix_reminder_bot_database_engine] | ||||
| }}" | ||||
|  | ||||
|  | ||||
| # The bot's username. This user needs to be created manually beforehand. | ||||
| # Also see `matrix_bot_matrix_reminder_bot_user_password`. | ||||
| matrix_bot_matrix_reminder_bot_matrix_user_id_localpart: "bot.matrix-reminder-bot" | ||||
|   | ||||
| @@ -8,7 +8,14 @@ | ||||
|     - setup-all | ||||
|     - setup-bot-matrix-reminder-bot | ||||
|  | ||||
| - import_tasks: "{{ role_path }}/tasks/setup.yml" | ||||
| - import_tasks: "{{ role_path }}/tasks/setup_install.yml" | ||||
|   when: "run_setup|bool and matrix_bot_matrix_reminder_bot_enabled|bool" | ||||
|   tags: | ||||
|     - setup-all | ||||
|     - setup-bot-matrix-reminder-bot | ||||
|  | ||||
| - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" | ||||
|   when: "run_setup|bool and not matrix_bot_matrix_reminder_bot_enabled|bool" | ||||
|   tags: | ||||
|     - setup-all | ||||
|     - setup-bot-matrix-reminder-bot | ||||
|   | ||||
| @@ -1,88 +0,0 @@ | ||||
| --- | ||||
|  | ||||
| # | ||||
| # Tasks related to setting up matrix-reminder-bot | ||||
| # | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot paths exist | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
|     state: directory | ||||
|     mode: 0750 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_groupname }}" | ||||
|   with_items: | ||||
|     - { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true } | ||||
|     - { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true } | ||||
|     - { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true } | ||||
|   when: matrix_bot_matrix_reminder_bot_enabled|bool and item.when | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}" | ||||
|   when: matrix_bot_matrix_reminder_bot_enabled|bool | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot config installed | ||||
|   copy: | ||||
|     content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml }}" | ||||
|     dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml" | ||||
|     mode: 0644 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_groupname }}" | ||||
|   when: matrix_bot_matrix_reminder_bot_enabled|bool | ||||
|  | ||||
| - name: Ensure matrix-matrix-reminder-bot.service installed | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2" | ||||
|     dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" | ||||
|     mode: 0644 | ||||
|   register: matrix_bot_matrix_reminder_bot_systemd_service_result | ||||
|   when: matrix_bot_matrix_reminder_bot_enabled|bool | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service installation | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_systemd_service_result.changed" | ||||
|  | ||||
| # | ||||
| # Tasks related to getting rid of matrix-reminder-bot (if it was previously enabled) | ||||
| # | ||||
|  | ||||
| - name: Check existence of matrix-matrix-reminder-bot service | ||||
|   stat: | ||||
|     path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service" | ||||
|   register: matrix_bot_matrix_reminder_bot_service_stat | ||||
|  | ||||
| - name: Ensure matrix-matrix-reminder-bot is stopped | ||||
|   service: | ||||
|     name: matrix-matrix-reminder-bot | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   register: stopping_result | ||||
|   when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure matrix-matrix-reminder-bot.service doesn't exist | ||||
|   file: | ||||
|     path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service" | ||||
|     state: absent | ||||
|   when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service removal | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists" | ||||
|  | ||||
| - name: Ensure Matrix matrix-reminder-bot paths don't exist | ||||
|   file: | ||||
|     path: "{{ matrix_bot_matrix_reminder_bot_base_path }}" | ||||
|     state: absent | ||||
|   when: "not matrix_bot_matrix_reminder_bot_enabled|bool" | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot Docker image doesn't exist | ||||
|   docker_image: | ||||
|     name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" | ||||
|     state: absent | ||||
|   when: "not matrix_bot_matrix_reminder_bot_enabled|bool" | ||||
							
								
								
									
										73
									
								
								roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										73
									
								
								roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,73 @@ | ||||
| --- | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_bot_matrix_reminder_bot_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" | ||||
|       register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_bot_matrix_reminder_bot_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_bot_matrix_reminder_bot_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-bot-matrix-reminder-bot.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_bot_matrix_reminder_bot_requires_restart: true | ||||
|       when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot paths exist | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
|     state: directory | ||||
|     mode: 0750 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_groupname }}" | ||||
|   with_items: | ||||
|     - { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true } | ||||
|     - { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true } | ||||
|     - { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true } | ||||
|   when: "item.when|bool" | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}" | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot config installed | ||||
|   copy: | ||||
|     content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml }}" | ||||
|     dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml" | ||||
|     mode: 0644 | ||||
|     owner: "{{ matrix_user_username }}" | ||||
|     group: "{{ matrix_user_groupname }}" | ||||
|  | ||||
| - name: Ensure matrix-bot-matrix-reminder-bot.service installed | ||||
|   template: | ||||
|     src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2" | ||||
|     dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" | ||||
|     mode: 0644 | ||||
|   register: matrix_bot_matrix_reminder_bot_systemd_service_result | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool" | ||||
|  | ||||
| - name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-bot-matrix-reminder-bot.service" | ||||
|     state: restarted | ||||
|   when: "matrix_bot_matrix_reminder_bot_requires_restart|bool" | ||||
| @@ -0,0 +1,35 @@ | ||||
| --- | ||||
|  | ||||
| - name: Check existence of matrix-matrix-reminder-bot service | ||||
|   stat: | ||||
|     path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" | ||||
|   register: matrix_bot_matrix_reminder_bot_service_stat | ||||
|  | ||||
| - name: Ensure matrix-matrix-reminder-bot is stopped | ||||
|   service: | ||||
|     name: matrix-matrix-reminder-bot | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   register: stopping_result | ||||
|   when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" | ||||
|  | ||||
| - name: Ensure matrix-bot-matrix-reminder-bot.service doesn't exist | ||||
|   file: | ||||
|     path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service" | ||||
|     state: absent | ||||
|   when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" | ||||
|  | ||||
| - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool" | ||||
|  | ||||
| - name: Ensure Matrix matrix-reminder-bot paths don't exist | ||||
|   file: | ||||
|     path: "{{ matrix_bot_matrix_reminder_bot_base_path }}" | ||||
|     state: absent | ||||
|  | ||||
| - name: Ensure matrix-reminder-bot Docker image doesn't exist | ||||
|   docker_image: | ||||
|     name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" | ||||
|     state: absent | ||||
| @@ -23,7 +23,7 @@ storage: | ||||
|   # For Postgres, this would look like: | ||||
|   #     database: "postgres://username:password@localhost/dbname?sslmode=disable" | ||||
|   #database: "postgres://matrix-reminder-bot:remindme@localhost/matrix-reminder-bot?sslmode=disable" | ||||
|   database: "sqlite:///data/bot.db" | ||||
|   database: {{ matrix_bot_matrix_reminder_bot_storage_database|to_json }} | ||||
|   # The path to a directory for internal bot storage | ||||
|   # containing encryption keys, sync tokens, etc. | ||||
|   store_path: "/data/store" | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_bot_matrix_reminder_bot_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -3,7 +3,7 @@ | ||||
|  | ||||
| matrix_appservice_discord_enabled: true | ||||
|  | ||||
| matrix_appservice_discord_docker_image: "docker.io/halfshot/matrix-appservice-discord:latest" | ||||
| matrix_appservice_discord_docker_image: "docker.io/halfshot/matrix-appservice-discord:v1.0.0" | ||||
| matrix_appservice_discord_docker_image_force_pull: "{{ matrix_appservice_discord_docker_image.endswith(':latest') }}" | ||||
|  | ||||
| matrix_appservice_discord_base_path: "{{ matrix_base_data_path }}/appservice-discord" | ||||
| @@ -17,6 +17,8 @@ matrix_appservice_discord_bot_token: '' | ||||
| matrix_appservice_discord_appservice_token: '' | ||||
| matrix_appservice_discord_homeserver_token: '' | ||||
|  | ||||
| matrix_appservice_discord_homeserver_domain: "{{ matrix_domain }}" | ||||
|  | ||||
| # Controls whether the matrix-appservice-discord container exposes its HTTP port (tcp/9005 in the container). | ||||
| # | ||||
| # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9005"), or empty string to not expose. | ||||
| @@ -39,6 +41,38 @@ matrix_appservice_discord_bridge_homeserverUrl: "{{ matrix_homeserver_url }}" | ||||
| matrix_appservice_discord_bridge_disablePresence: false | ||||
| matrix_appservice_discord_bridge_enableSelfServiceBridging: false | ||||
|  | ||||
| # Database-related configuration fields. | ||||
| # | ||||
| # To use SQLite, stick to these defaults. | ||||
| # | ||||
| # To use Postgres: | ||||
| # - change the engine (`matrix_appservice_discord_database_engine: 'postgres'`) | ||||
| # - adjust your database credentials via the `matrix_appservice_discord_postgres_*` variables | ||||
| matrix_appservice_discord_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_appservice_discord_sqlite_database_path_local: "{{ matrix_appservice_discord_data_path }}/discord.db" | ||||
| matrix_appservice_discord_sqlite_database_path_in_container: "/data/discord.db" | ||||
|  | ||||
| matrix_appservice_discord_database_username: 'matrix_appservice_discord' | ||||
| matrix_appservice_discord_database_password: 'some-password' | ||||
| matrix_appservice_discord_database_hostname: 'matrix-postgres' | ||||
| matrix_appservice_discord_database_port: 5432 | ||||
| matrix_appservice_discord_database_name: 'matrix_appservice_discord' | ||||
|  | ||||
| # These 2 variables are what actually ends up in the bridge configuration. | ||||
| # It's best if you don't change them directly, but rather redefine the sub-variables that constitute them. | ||||
| matrix_appservice_discord_database_filename: "{{ matrix_appservice_discord_sqlite_database_path_in_container }}" | ||||
| matrix_appservice_discord_database_connString: 'postgresql://{{ matrix_appservice_discord_database_username }}:{{ matrix_appservice_discord_database_password }}@{{ matrix_appservice_discord_database_hostname }}:{{ matrix_appservice_discord_database_port }}/{{ matrix_appservice_discord_database_name }}' | ||||
|  | ||||
|  | ||||
| # Tells whether the bot should make use of "Privileged Gateway Intents". | ||||
| # | ||||
| # Enabling this means that you need to enable it for the bot (Discord application) as well, | ||||
| # by triggering all Intent checkboxes on a page like this: `https://discord.com/developers/applications/694448564151123988/bot` | ||||
| # | ||||
| # Learn more: https://gist.github.com/advaith1/e69bcc1cdd6d0087322734451f15aa2f | ||||
| matrix_appservice_discord_auth_usePrivilegedIntents: false | ||||
|  | ||||
| matrix_appservice_discord_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" | ||||
|  | ||||
| matrix_appservice_discord_configuration_extension_yaml: | | ||||
| @@ -62,10 +96,10 @@ matrix_appservice_discord_registration_yaml: | | ||||
|   namespaces: | ||||
|     users: | ||||
|     - exclusive: true | ||||
|       regex: '^@_discord_.*' | ||||
|       regex: '@_discord_.*:{{ matrix_appservice_discord_homeserver_domain|regex_escape }}' | ||||
|     aliases: | ||||
|     - exclusive: true | ||||
|       regex: '^#_discord_.*' | ||||
|       regex: '#_discord_.*:{{ matrix_appservice_discord_homeserver_domain|regex_escape }}' | ||||
|   url: {{ matrix_appservice_discord_appservice_url }} | ||||
|   sender_localpart: _discord_bot | ||||
|   rate_limited: false | ||||
|   | ||||
| @@ -1,5 +1,31 @@ | ||||
| --- | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_appservice_discord_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_appservice_discord_sqlite_database_path_local }}" | ||||
|       register: matrix_appservice_discord_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_appservice_discord_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_appservice_discord_database_connString }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_appservice_discord_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-appservice-discord.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_appservice_discord_requires_restart: true | ||||
|       when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_appservice_discord_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure Appservice Discord image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_appservice_discord_docker_image }}" | ||||
| @@ -80,3 +106,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_appservice_discord_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-appservice-discord.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-appservice-discord.service" | ||||
|     state: restarted | ||||
|   when: "matrix_appservice_discord_requires_restart|bool" | ||||
|   | ||||
| @@ -10,6 +10,7 @@ | ||||
|     - "matrix_appservice_discord_bot_token" | ||||
|     - "matrix_appservice_discord_appservice_token" | ||||
|     - "matrix_appservice_discord_homeserver_token" | ||||
|     - "matrix_appservice_discord_homeserver_domain" | ||||
|  | ||||
| - name: (Deprecation) Catch and report renamed appservice-discord variables | ||||
|   fail: | ||||
| @@ -19,3 +20,7 @@ | ||||
|   when: "item.old in vars" | ||||
|   with_items: | ||||
|     - {'old': 'matrix_appservice_discord_container_expose_client_server_api_port', 'new': '<superseded by matrix_appservice_discord_container_http_host_bind_port>'} | ||||
|  | ||||
| - name: Require a valid database engine | ||||
|   fail: msg="`matrix_appservice_discord_database_engine` needs to be either 'sqlite' or 'postgres'" | ||||
|   when: "matrix_appservice_discord_database_engine not in ['sqlite', 'postgres']" | ||||
|   | ||||
| @@ -26,10 +26,17 @@ bridge: | ||||
|   disableReadReceipts: false | ||||
|   # Disable Join Leave echos from matrix | ||||
|   disableJoinLeaveNotifications: false | ||||
|   # Disable Invite echos from matrix | ||||
|   disableInviteNotifications: false | ||||
|   # Auto-determine the language of code blocks (this can be CPU-intensive) | ||||
|   determineCodeLanguage: false | ||||
| # Authentication configuration for the discord bot. | ||||
| auth: | ||||
|   clientID: {{ matrix_appservice_discord_client_id|string|to_json }} | ||||
|   botToken: {{ matrix_appservice_discord_bot_token }} | ||||
|   # You must enable "Privileged Gateway Intents" in your bot settings on discord.com (e.g. https://discord.com/developers/applications/12345/bot) | ||||
|   # for this to work | ||||
|   usePrivilegedIntents: {{ matrix_appservice_discord_auth_usePrivilegedIntents|to_json }} | ||||
| logging: | ||||
|   # What level should the logger output to the console at. | ||||
|   console: "warn" #silly, verbose, info, http, warn, error, silent | ||||
| @@ -45,16 +52,17 @@ logging: | ||||
|   #     enable: | ||||
|   #       - "DiscordBot" | ||||
| database: | ||||
|   userStorePath: "/data/user-store.db" | ||||
|   roomStorePath: "/data/room-store.db" | ||||
|   # You may either use SQLite or Postgresql for the bridge database, which contains | ||||
|   # important mappings for events and user puppeting configurations. | ||||
|   # Use the filename option for SQLite, or connString for Postgresql. | ||||
|   # If you are migrating, see https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#migrate-to-postgres-from-sqlite | ||||
|   # WARNING: You will almost certainly be fine with sqlite unless your bridge | ||||
|   # is in heavy demand and you suffer from IO slowness. | ||||
|   filename: "/data/discord.db" | ||||
|   # connString: "postgresql://user:password@localhost/database_name" | ||||
|   {% if matrix_appservice_discord_database_engine == 'sqlite' %} | ||||
|   filename: {{ matrix_appservice_discord_database_filename|to_json }} | ||||
|   {% else %} | ||||
|   connString: {{ matrix_appservice_discord_database_connString|to_json }} | ||||
|   {% endif %} | ||||
| room: | ||||
|   # Set the default visibility of alias rooms, defaults to "public". | ||||
|   # One of: "public", "private" | ||||
| @@ -82,10 +90,12 @@ channel: | ||||
| limits: | ||||
|     # Delay in milliseconds between discord users joining a room. | ||||
|     roomGhostJoinDelay: 6000 | ||||
|     # Delay in milliseconds before sending messages to discord to avoid echos. | ||||
|     # (Copies of a sent message may arrive from discord before we've | ||||
|     # Lock timeout in milliseconds before sending messages to discord to avoid | ||||
|     # echos. Default is rather high as the lock will most likely time out | ||||
|     # before anyways. | ||||
|     # echos = (Copies of a sent message may arrive from discord before we've | ||||
|     # fininished handling it, causing us to echo it back to the room) | ||||
|     discordSendDelay: 750 | ||||
|     discordSendDelay: 1500 | ||||
| ghosts: | ||||
|     # Pattern for the ghosts nick, available is :nick, :username, :tag and :id | ||||
|     nickPattern: ":nick" | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_appservice_discord_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -16,6 +16,25 @@ matrix_appservice_irc_homeserver_domain: '{{ matrix_domain }}' | ||||
| matrix_appservice_irc_homeserver_enablePresence: true | ||||
| matrix_appservice_irc_appservice_address: 'http://matrix-appservice-irc:9999' | ||||
|  | ||||
| matrix_appservice_irc_database_engine: nedb | ||||
| matrix_appservice_irc_database_username: matrix_appservice_irc | ||||
| matrix_appservice_irc_database_password: ~ | ||||
| matrix_appservice_irc_database_hostname: 'matrix-postgres' | ||||
| matrix_appservice_irc_database_port: 5432 | ||||
| matrix_appservice_irc_database_name: matrix_appservice_irc | ||||
|  | ||||
| # This is just the Postgres connection string, if Postgres is used. | ||||
| # Naming clashes with `matrix_appservice_irc_database_connectionString` somewhat. | ||||
| matrix_appservice_irc_database_connection_string: 'postgresql://{{ matrix_appservice_irc_database_username }}:{{ matrix_appservice_irc_database_password }}@{{ matrix_appservice_irc_database_hostname }}:{{ matrix_appservice_irc_database_port }}/{{ matrix_appservice_irc_database_name }}?sslmode=disable' | ||||
|  | ||||
| # This is what actually goes into `database.connectionString` for the bridge. | ||||
| matrix_appservice_irc_database_connectionString: "{{ | ||||
| 	{ | ||||
| 		'nedb': 'nedb:///data', | ||||
| 		'postgres': matrix_appservice_irc_database_connection_string, | ||||
| 	}[matrix_appservice_irc_database_engine] | ||||
| }}" | ||||
|  | ||||
| matrix_appservice_irc_ircService_servers: [] | ||||
|  | ||||
| # Example of `matrix_appservice_irc_ircService_servers` with one server (and all its options): | ||||
|   | ||||
| @@ -0,0 +1,64 @@ | ||||
| - name: Fail if Postgres not enabled | ||||
|   fail: | ||||
|     msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." | ||||
|   when: "not matrix_postgres_enabled|bool" | ||||
|  | ||||
| # Defaults | ||||
|  | ||||
| - name: Set postgres_start_wait_time, if not provided | ||||
|   set_fact: | ||||
|     postgres_start_wait_time: 15 | ||||
|   when: "postgres_start_wait_time|default('') == ''" | ||||
|  | ||||
| # Actual import work | ||||
|  | ||||
| - name: Ensure matrix-postgres is started | ||||
|   service: | ||||
|     name: matrix-postgres | ||||
|     state: started | ||||
|     daemon_reload: yes | ||||
|   register: matrix_postgres_service_start_result | ||||
|  | ||||
| - name: Wait a bit, so that Postgres can start | ||||
|   wait_for: | ||||
|     timeout: "{{ postgres_start_wait_time }}" | ||||
|   delegate_to: 127.0.0.1 | ||||
|   become: false | ||||
|   when: "matrix_postgres_service_start_result.changed|bool" | ||||
|  | ||||
| - name: Ensure matrix-appservice-irc is stopped | ||||
|   service: | ||||
|     name: matrix-appservice-irc | ||||
|     state: stopped | ||||
|  | ||||
| - name: Import appservice-irc NeDB database into Postgres | ||||
|   command: | ||||
|     cmd: >- | ||||
|       {{ matrix_host_command_docker }} run | ||||
|       --rm | ||||
|       --user={{ matrix_user_uid }}:{{ matrix_user_gid }} | ||||
|       --cap-drop=ALL | ||||
|       --network={{ matrix_docker_network }} | ||||
|       --mount type=bind,src={{ matrix_appservice_irc_data_path }},dst=/data | ||||
|       --entrypoint=/bin/sh | ||||
|       {{ matrix_appservice_irc_docker_image }} | ||||
|       -c | ||||
|       '/usr/local/bin/node /app/lib/scripts/migrate-db-to-pgres.js --dbdir /data --privateKey /data/passkey.pem --connectionString {{ matrix_appservice_irc_database_connection_string }}' | ||||
|  | ||||
| - name: Archive NeDB database files | ||||
|   command: | ||||
|     cmd: "mv {{ matrix_appservice_irc_data_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}.backup" | ||||
|   with_items: | ||||
|     - rooms.db | ||||
|     - users.db | ||||
|  | ||||
| - name: Inject result | ||||
|   set_fact: | ||||
|     matrix_playbook_runtime_results: | | ||||
|       {{ | ||||
|         matrix_playbook_runtime_results|default([]) | ||||
|         + | ||||
|         [ | ||||
|           "NOTE: Your appservice-irc database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_irc_data_path }}/*.db` to `{{ matrix_appservice_irc_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." | ||||
|         ] | ||||
|       }} | ||||
| @@ -1,12 +1,5 @@ | ||||
| --- | ||||
|  | ||||
| - name: Ensure Appservice IRC image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_appservice_irc_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}" | ||||
|  | ||||
| - name: Ensure Appservice IRC paths exist | ||||
|   file: | ||||
|     path: "{{ item }}" | ||||
| @@ -24,25 +17,48 @@ | ||||
|     path: "{{ matrix_appservice_irc_base_path }}/passkey.pem" | ||||
|   register: matrix_appservice_irc_stat_passkey | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-appservice-irc.service is stopped | ||||
|   service: | ||||
|     name: matrix-appservice-irc | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
| - block: | ||||
|     - name: (Data relocation) Ensure matrix-appservice-irc.service is stopped | ||||
|       service: | ||||
|         name: matrix-appservice-irc | ||||
|         state: stopped | ||||
|         daemon_reload: yes | ||||
|       failed_when: false | ||||
|  | ||||
|     - name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory | ||||
|       command: "mv {{ matrix_appservice_irc_base_path }}/passkey.pem {{ matrix_appservice_irc_data_path }}/passkey.pem" | ||||
|  | ||||
|     - name: (Data relocation) Move AppService IRC database files to ./data directory | ||||
|       command: "mv {{ matrix_appservice_irc_base_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}" | ||||
|       with_items: | ||||
|         - rooms.db | ||||
|         - users.db | ||||
|       failed_when: false | ||||
|   when: "matrix_appservice_irc_stat_passkey.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory | ||||
|   command: "mv {{ matrix_appservice_irc_base_path }}/passkey.pem {{ matrix_appservice_irc_data_path }}/passkey.pem" | ||||
|   when: "matrix_appservice_irc_stat_passkey.stat.exists" | ||||
| - set_fact: | ||||
|     matrix_appservice_irc_requires_restart: false | ||||
|  | ||||
| - name: (Data relocation) Move AppService IRC database files to ./data directory | ||||
|   command: "mv {{ matrix_appservice_irc_base_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}" | ||||
|   with_items: | ||||
|     - rooms.db | ||||
|     - users.db | ||||
|   failed_when: false | ||||
|   when: "matrix_appservice_irc_stat_passkey.stat.exists" | ||||
| - block: | ||||
|     - name: Check if a nedb database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_appservice_irc_data_path }}/users.db" | ||||
|       register: matrix_appservice_irc_nedb_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_appservice_irc_requires_restart: true | ||||
|       when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_appservice_irc_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure Appservice IRC image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_appservice_irc_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}" | ||||
|  | ||||
| - name: Ensure Matrix Appservice IRC config installed | ||||
|   copy: | ||||
| @@ -147,3 +163,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_appservice_irc_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-appservice-irc.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-appservice-irc.service" | ||||
|     state: restarted | ||||
|   when: "matrix_appservice_irc_requires_restart|bool" | ||||
|   | ||||
| @@ -127,8 +127,8 @@ advanced: | ||||
| # Use an external database to store bridge state. | ||||
| database: | ||||
|   # database engine (must be 'postgres' or 'nedb'). Default: nedb | ||||
|   engine: "nedb" | ||||
|   engine: {{ matrix_appservice_irc_database_engine|to_json }} | ||||
|   # Either a PostgreSQL connection string, or a path to the NeDB storage directory. | ||||
|   # For postgres, it must start with postgres:// | ||||
|   # For NeDB, it must start with nedb://. The path is relative to the project directory. | ||||
|   connectionString: "nedb:///data" | ||||
|   connectionString: {{ matrix_appservice_irc_database_connectionString|to_json }} | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_appservice_irc_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -45,6 +45,26 @@ matrix_appservice_slack_appservice_token: '' | ||||
| matrix_appservice_slack_homeserver_token: '' | ||||
| matrix_appservice_slack_id_token: '' | ||||
|  | ||||
| matrix_appservice_slack_database_engine: nedb | ||||
| matrix_appservice_slack_database_username: matrix_appservice_slack | ||||
| matrix_appservice_slack_database_password: ~ | ||||
| matrix_appservice_slack_database_hostname: 'matrix-postgres' | ||||
| matrix_appservice_slack_database_port: 5432 | ||||
| matrix_appservice_slack_database_name: matrix_appservice_slack | ||||
|  | ||||
| # This is just the Postgres connection string, if Postgres is used. | ||||
| # Naming clashes with `matrix_appservice_slack_database_connectionString` somewhat. | ||||
| matrix_appservice_slack_database_connection_string: 'postgresql://{{ matrix_appservice_slack_database_username }}:{{ matrix_appservice_slack_database_password }}@{{ matrix_appservice_slack_database_hostname }}:{{ matrix_appservice_slack_database_port }}/{{ matrix_appservice_slack_database_name }}?sslmode=disable' | ||||
|  | ||||
| # This is what actually goes into `database.connectionString` for the bridge. | ||||
| matrix_appservice_slack_database_connectionString: "{{ | ||||
| 	{ | ||||
| 		'nedb': 'nedb:///data', | ||||
| 		'postgres': matrix_appservice_slack_database_connection_string, | ||||
| 	}[matrix_appservice_slack_database_engine] | ||||
| }}" | ||||
|  | ||||
|  | ||||
| matrix_appservice_slack_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" | ||||
|  | ||||
| matrix_appservice_slack_configuration_extension_yaml: | | ||||
|   | ||||
| @@ -0,0 +1,66 @@ | ||||
| - name: Fail if Postgres not enabled | ||||
|   fail: | ||||
|     msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate." | ||||
|   when: "not matrix_postgres_enabled|bool" | ||||
|  | ||||
| # Defaults | ||||
|  | ||||
| - name: Set postgres_start_wait_time, if not provided | ||||
|   set_fact: | ||||
|     postgres_start_wait_time: 15 | ||||
|   when: "postgres_start_wait_time|default('') == ''" | ||||
|  | ||||
| # Actual import work | ||||
|  | ||||
| - name: Ensure matrix-postgres is started | ||||
|   service: | ||||
|     name: matrix-postgres | ||||
|     state: started | ||||
|     daemon_reload: yes | ||||
|   register: matrix_postgres_service_start_result | ||||
|  | ||||
| - name: Wait a bit, so that Postgres can start | ||||
|   wait_for: | ||||
|     timeout: "{{ postgres_start_wait_time }}" | ||||
|   delegate_to: 127.0.0.1 | ||||
|   become: false | ||||
|   when: "matrix_postgres_service_start_result.changed|bool" | ||||
|  | ||||
| - name: Ensure matrix-appservice-slack is stopped | ||||
|   service: | ||||
|     name: matrix-appservice-slack | ||||
|     state: stopped | ||||
|  | ||||
| - name: Import appservice-slack NeDB database into Postgres | ||||
|   command: | ||||
|     cmd: >- | ||||
|       {{ matrix_host_command_docker }} run | ||||
|       --rm | ||||
|       --user={{ matrix_user_uid }}:{{ matrix_user_gid }} | ||||
|       --cap-drop=ALL | ||||
|       --network={{ matrix_docker_network }} | ||||
|       --mount type=bind,src={{ matrix_appservice_slack_data_path }},dst=/data | ||||
|       --entrypoint=/bin/sh | ||||
|       {{ matrix_appservice_slack_docker_image }} | ||||
|       -c | ||||
|       '/usr/local/bin/node /usr/src/app/lib/scripts/migrateToPostgres.js --dbdir /data --connectionString {{ matrix_appservice_slack_database_connection_string }}' | ||||
|  | ||||
| - name: Archive NeDB database files | ||||
|   command: | ||||
|     cmd: "mv {{ matrix_appservice_slack_data_path }}/{{ item }} {{ matrix_appservice_slack_data_path }}/{{ item }}.backup" | ||||
|   with_items: | ||||
|     - teams.db | ||||
|     - room-store.db | ||||
|     - user-store.db | ||||
|     - event-store.db | ||||
|  | ||||
| - name: Inject result | ||||
|   set_fact: | ||||
|     matrix_playbook_runtime_results: | | ||||
|       {{ | ||||
|         matrix_playbook_runtime_results|default([]) | ||||
|         + | ||||
|         [ | ||||
|           "NOTE: Your appservice-slack database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_slack_data_path }}/*.db` to `{{ matrix_appservice_slack_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files." | ||||
|         ] | ||||
|       }} | ||||
| @@ -1,12 +1,5 @@ | ||||
| --- | ||||
|  | ||||
| - name: Ensure Appservice Slack image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_appservice_slack_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_appservice_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_slack_docker_image_force_pull }}" | ||||
|  | ||||
| - name: Ensure AppService Slack paths exist | ||||
|   file: | ||||
|     path: "{{ item }}" | ||||
| @@ -19,6 +12,30 @@ | ||||
|     - "{{ matrix_appservice_slack_config_path }}" | ||||
|     - "{{ matrix_appservice_slack_data_path }}" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_appservice_slack_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if a nedb database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_appservice_slack_data_path }}/teams.db" | ||||
|       register: matrix_appservice_slack_nedb_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_appservice_slack_requires_restart: true | ||||
|       when: "matrix_appservice_slack_nedb_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_appservice_slack_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure Appservice Slack image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_appservice_slack_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_appservice_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_slack_docker_image_force_pull }}" | ||||
|  | ||||
| - name: Ensure Matrix Appservice Slack config installed | ||||
|   copy: | ||||
|     content: "{{ matrix_appservice_slack_configuration|to_nice_yaml }}" | ||||
| @@ -46,3 +63,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_appservice_slack_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-appservice-slack.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-appservice-slack.service" | ||||
|     state: restarted | ||||
|   when: "matrix_appservice_slack_requires_restart|bool" | ||||
|   | ||||
| @@ -9,4 +9,4 @@ | ||||
|     - "matrix_appservice_slack_control_room_id" | ||||
|     - "matrix_appservice_slack_appservice_token" | ||||
|     - "matrix_appservice_slack_homeserver_token" | ||||
|     - "matrix_appservice_slack_id_token" | ||||
|     - "matrix_appservice_slack_id_token" | ||||
|   | ||||
| @@ -9,6 +9,12 @@ homeserver: | ||||
|     url: "{{ matrix_appservice_slack_homeserver_url }}" | ||||
|     server_name: "{{ matrix_domain }}" | ||||
|  | ||||
| {% if matrix_appservice_slack_database_engine == 'nedb' %} | ||||
| dbdir: "/data" | ||||
| {% else %} | ||||
| db: | ||||
|     engine: {{ matrix_appservice_slack_database_engine|to_json }} | ||||
|     connectionString: {{ matrix_appservice_slack_database_connectionString|to_json }} | ||||
| {% endif %} | ||||
|  | ||||
| matrix_admin_room: "{{ matrix_appservice_slack_control_room_id }}" | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_appservice_slack_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_appservice_webhooks_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -32,9 +32,42 @@ matrix_mautrix_facebook_systemd_wanted_services_list: [] | ||||
| matrix_mautrix_facebook_appservice_token: '' | ||||
| matrix_mautrix_facebook_homeserver_token: '' | ||||
|  | ||||
|  | ||||
| # Database-related configuration fields. | ||||
| # | ||||
| # To use SQLite, stick to these defaults. | ||||
| # | ||||
| # To use Postgres: | ||||
| # - change the engine (`matrix_mautrix_facebook_database_engine: 'postgres'`) | ||||
| # - adjust your database credentials via the `matrix_mautrix_facebook_postgres_*` variables | ||||
| matrix_mautrix_facebook_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_mautrix_facebook_sqlite_database_path_local: "{{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db" | ||||
| matrix_mautrix_facebook_sqlite_database_path_in_container: "/data/mautrix-facebook.db" | ||||
|  | ||||
| matrix_mautrix_facebook_database_username: 'matrix_mautrix_facebook' | ||||
| matrix_mautrix_facebook_database_password: 'some-password' | ||||
| matrix_mautrix_facebook_database_hostname: 'matrix-postgres' | ||||
| matrix_mautrix_facebook_database_port: 5432 | ||||
| matrix_mautrix_facebook_database_name: 'matrix_mautrix_facebook' | ||||
|  | ||||
| matrix_mautrix_facebook_database_connection_string: 'postgres://{{ matrix_mautrix_facebook_database_username }}:{{ matrix_mautrix_facebook_database_password }}@{{ matrix_mautrix_facebook_database_hostname }}:{{ matrix_mautrix_facebook_database_port }}/{{ matrix_mautrix_facebook_database_name }}' | ||||
|  | ||||
| matrix_mautrix_facebook_appservice_database: "{{ | ||||
| 	{ | ||||
| 		'sqlite': ('sqlite:///' + matrix_mautrix_facebook_sqlite_database_path_in_container), | ||||
| 		'postgres': matrix_mautrix_facebook_database_connection_string, | ||||
| 	}[matrix_mautrix_facebook_database_engine] | ||||
| }}" | ||||
|  | ||||
|  | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mautrix_facebook_login_shared_secret: '' | ||||
|  | ||||
| matrix_mautrix_facebook_bridge_login_shared_secret_map: "{{ {matrix_mautrix_facebook_homeserver_domain: matrix_mautrix_facebook_login_shared_secret} if matrix_mautrix_facebook_login_shared_secret else {} }}" | ||||
|  | ||||
| matrix_mautrix_facebook_bridge_presence: true | ||||
|  | ||||
| # Default configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
| @@ -8,6 +8,32 @@ | ||||
|       The matrix-bridge-mautrix-facebook role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mautrix_facebook_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" | ||||
|       register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mautrix_facebook_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mautrix_facebook_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mautrix-facebook.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mautrix_facebook_requires_restart: true | ||||
|       when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mautrix_facebook_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure Mautrix Facebook image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mautrix_facebook_docker_image }}" | ||||
| @@ -94,3 +120,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mautrix_facebook_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mautrix-facebook.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mautrix-facebook.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mautrix_facebook_requires_restart|bool" | ||||
|   | ||||
| @@ -27,7 +27,7 @@ appservice: | ||||
|     # Format examples: | ||||
|     #   SQLite:   sqlite:///filename.db | ||||
|     #   Postgres: postgres://username:password@hostname/dbname | ||||
|     database: sqlite:////data/mautrix-facebook.db | ||||
|     database: {{ matrix_mautrix_facebook_appservice_database|to_json }} | ||||
|  | ||||
|     # Public part of web server for out-of-Matrix interaction with the bridge. | ||||
|     public: | ||||
| @@ -81,23 +81,32 @@ bridge: | ||||
|     command_prefix: "!fb" | ||||
|  | ||||
|     # Number of chats to sync (and create portals for) on startup/login. | ||||
|     # Maximum 20, set 0 to disable automatic syncing. | ||||
|     # Set 0 to disable automatic syncing. | ||||
|     initial_chat_sync: 10 | ||||
|     # Whether or not the Facebook users of logged in Matrix users should be | ||||
|     # invited to private chats when the user sends a message from another client. | ||||
|     invite_own_puppet_to_pm: false | ||||
|     # Whether or not to use /sync to get presence, read receipts and typing notifications when using | ||||
|     # your own Matrix account as the Matrix puppet for your Facebook account. | ||||
|     # Whether or not to use /sync to get presence, read receipts and typing notifications | ||||
|     # when double puppeting is enabled | ||||
|     sync_with_custom_puppets: true | ||||
|     # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth | ||||
|     # Whether or not to update the m.direct account data event when double puppeting is enabled. | ||||
|     # Note that updating the m.direct event is not atomic (except with mautrix-asmux) | ||||
|     # and is therefore prone to race conditions. | ||||
|     sync_direct_chat_list: false | ||||
|     # Servers to always allow double puppeting from | ||||
|     double_puppet_server_map: {} | ||||
|     #    example.com: https://example.com | ||||
|     # Allow using double puppeting from any server with a valid client .well-known file. | ||||
|     double_puppet_allow_discovery: false | ||||
|     # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth | ||||
|     # | ||||
|     # If set, custom puppets will be enabled automatically for local users | ||||
|     # instead of users having to find an access token and run `login-matrix` | ||||
|     # manually. | ||||
|     login_shared_secret: {{ matrix_mautrix_facebook_login_shared_secret|to_json }} | ||||
|     # Whether or not to bridge presence in both directions. Facebook allows users not to broadcast | ||||
|     # presence, but then it won't send other users' presence to the client. | ||||
|     presence: true | ||||
|     # If using this for other servers than the bridge's server, | ||||
|     # you must also set the URL in the double_puppet_server_map. | ||||
|     login_shared_secret_map: {{ matrix_mautrix_facebook_bridge_login_shared_secret_map|to_json }} | ||||
|     presence: {{ matrix_mautrix_facebook_bridge_presence|to_json }} | ||||
|     # Whether or not to update avatars when syncing all contacts at startup. | ||||
|     update_avatar_initial_sync: true | ||||
|     # End-to-bridge encryption support options. These require matrix-nio to be installed with pip | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mautrix_facebook_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
| @@ -17,6 +18,7 @@ ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-fac | ||||
| 			--log-driver=none \ | ||||
| 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ | ||||
| 			--cap-drop=ALL \ | ||||
| 			--network={{ matrix_docker_network }} \ | ||||
| 			-v {{ matrix_mautrix_facebook_config_path }}:/config:z \ | ||||
| 			-v {{ matrix_mautrix_facebook_data_path }}:/data:z \ | ||||
| 			{{ matrix_mautrix_facebook_docker_image }} \ | ||||
|   | ||||
| @@ -39,6 +39,35 @@ matrix_mautrix_hangouts_systemd_wanted_services_list: [] | ||||
| matrix_mautrix_hangouts_appservice_token: '' | ||||
| matrix_mautrix_hangouts_homeserver_token: '' | ||||
|  | ||||
|  | ||||
| # Database-related configuration fields. | ||||
| # | ||||
| # To use SQLite, stick to these defaults. | ||||
| # | ||||
| # To use Postgres: | ||||
| # - change the engine (`matrix_mautrix_hangouts_database_engine: 'postgres'`) | ||||
| # - adjust your database credentials via the `matrix_mautrix_hangouts_postgres_*` variables | ||||
| matrix_mautrix_hangouts_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_mautrix_hangouts_sqlite_database_path_local: "{{ matrix_mautrix_hangouts_data_path }}/mautrix-hangouts.db" | ||||
| matrix_mautrix_hangouts_sqlite_database_path_in_container: "/data/mautrix-hangouts.db" | ||||
|  | ||||
| matrix_mautrix_hangouts_database_username: 'matrix_mautrix_hangouts' | ||||
| matrix_mautrix_hangouts_database_password: 'some-password' | ||||
| matrix_mautrix_hangouts_database_hostname: 'matrix-postgres' | ||||
| matrix_mautrix_hangouts_database_port: 5432 | ||||
| matrix_mautrix_hangouts_database_name: 'matrix_mautrix_hangouts' | ||||
|  | ||||
| matrix_mautrix_hangouts_database_connection_string: 'postgres://{{ matrix_mautrix_hangouts_database_username }}:{{ matrix_mautrix_hangouts_database_password }}@{{ matrix_mautrix_hangouts_database_hostname }}:{{ matrix_mautrix_hangouts_database_port }}/{{ matrix_mautrix_hangouts_database_name }}' | ||||
|  | ||||
| matrix_mautrix_hangouts_appservice_database: "{{ | ||||
| 	{ | ||||
| 		'sqlite': ('sqlite:///' + matrix_mautrix_hangouts_sqlite_database_path_in_container), | ||||
| 		'postgres': matrix_mautrix_hangouts_database_connection_string, | ||||
| 	}[matrix_mautrix_hangouts_database_engine] | ||||
| }}" | ||||
|  | ||||
|  | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mautrix_hangouts_login_shared_secret: '' | ||||
|  | ||||
|   | ||||
| @@ -8,6 +8,32 @@ | ||||
|       The matrix-bridge-mautrix-hangouts role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mautrix_hangouts_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" | ||||
|       register: matrix_mautrix_hangouts_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mautrix_hangouts_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mautrix_hangouts_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mautrix_hangouts_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mautrix-hangouts.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mautrix_hangouts_requires_restart: true | ||||
|       when: "matrix_mautrix_hangouts_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mautrix_hangouts_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure Mautrix Hangouts image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mautrix_hangouts_docker_image }}" | ||||
| @@ -93,3 +119,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mautrix_hangouts_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mautrix-hangouts.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mautrix-hangouts.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mautrix_hangouts_requires_restart|bool" | ||||
|   | ||||
| @@ -27,7 +27,7 @@ appservice: | ||||
|     # Format examples: | ||||
|     #   SQLite:   sqlite:///filename.db | ||||
|     #   Postgres: postgres://username:password@hostname/dbname | ||||
|     database: sqlite:////data/mautrix-hangouts.db | ||||
|     database: {{ matrix_mautrix_hangouts_appservice_database|to_json }} | ||||
|  | ||||
|     # The unique ID of this appservice. | ||||
|     id: hangouts | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mautrix_hangouts_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
| @@ -17,6 +18,7 @@ ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-han | ||||
| 			--log-driver=none \ | ||||
| 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ | ||||
| 			--cap-drop=ALL \ | ||||
| 			--network={{ matrix_docker_network }} \ | ||||
| 			-v {{ matrix_mautrix_hangouts_config_path }}:/config:z \ | ||||
| 			-v {{ matrix_mautrix_hangouts_data_path }}:/data:z \ | ||||
| 			{{ matrix_mautrix_hangouts_docker_image }} \ | ||||
|   | ||||
| @@ -43,6 +43,35 @@ matrix_mautrix_telegram_systemd_wanted_services_list: [] | ||||
| matrix_mautrix_telegram_appservice_token: '' | ||||
| matrix_mautrix_telegram_homeserver_token: '' | ||||
|  | ||||
|  | ||||
| # Database-related configuration fields. | ||||
| # | ||||
| # To use SQLite, stick to these defaults. | ||||
| # | ||||
| # To use Postgres: | ||||
| # - change the engine (`matrix_mautrix_telegram_database_engine: 'postgres'`) | ||||
| # - adjust your database credentials via the `matrix_mautrix_telegram_postgres_*` variables | ||||
| matrix_mautrix_telegram_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_mautrix_telegram_sqlite_database_path_local: "{{ matrix_mautrix_telegram_data_path }}/mautrix-telegram.db" | ||||
| matrix_mautrix_telegram_sqlite_database_path_in_container: "/data/mautrix-telegram.db" | ||||
|  | ||||
| matrix_mautrix_telegram_database_username: 'matrix_mautrix_telegram' | ||||
| matrix_mautrix_telegram_database_password: 'some-password' | ||||
| matrix_mautrix_telegram_database_hostname: 'matrix-postgres' | ||||
| matrix_mautrix_telegram_database_port: 5432 | ||||
| matrix_mautrix_telegram_database_name: 'matrix_mautrix_telegram' | ||||
|  | ||||
| matrix_mautrix_telegram_database_connection_string: 'postgres://{{ matrix_mautrix_telegram_database_username }}:{{ matrix_mautrix_telegram_database_password }}@{{ matrix_mautrix_telegram_database_hostname }}:{{ matrix_mautrix_telegram_database_port }}/{{ matrix_mautrix_telegram_database_name }}' | ||||
|  | ||||
| matrix_mautrix_telegram_appservice_database: "{{ | ||||
| 	{ | ||||
| 		'sqlite': ('sqlite:///' + matrix_mautrix_telegram_sqlite_database_path_in_container), | ||||
| 		'postgres': matrix_mautrix_telegram_database_connection_string, | ||||
| 	}[matrix_mautrix_telegram_database_engine] | ||||
| }}" | ||||
|  | ||||
|  | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mautrix_telegram_login_shared_secret: '' | ||||
|  | ||||
|   | ||||
| @@ -8,6 +8,32 @@ | ||||
|       The matrix-bridge-mautrix-telegram role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mautrix_telegram_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" | ||||
|       register: matrix_mautrix_telegram_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mautrix_telegram_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mautrix_telegram_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mautrix_telegram_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mautrix-telegram.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mautrix_telegram_requires_restart: true | ||||
|       when: "matrix_mautrix_telegram_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mautrix_telegram_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure Mautrix Telegram image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mautrix_telegram_docker_image }}" | ||||
| @@ -71,3 +97,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mautrix_telegram_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mautrix-telegram.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mautrix-telegram.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mautrix_telegram_requires_restart|bool" | ||||
|   | ||||
| @@ -27,7 +27,7 @@ appservice: | ||||
|     # Format examples: | ||||
|     #   SQLite:   sqlite:///filename.db | ||||
|     #   Postgres: postgres://username:password@hostname/dbname | ||||
|     database: sqlite:////data/mautrix-telegram.db | ||||
|     database: {{ matrix_mautrix_telegram_appservice_database|to_json }} | ||||
|  | ||||
|     # Public part of web server for out-of-Matrix interaction with the bridge. | ||||
|     # Used for things like login if the user wants to make sure the 2FA password isn't stored in | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mautrix_telegram_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -27,6 +27,42 @@ matrix_mautrix_whatsapp_systemd_wanted_services_list: [] | ||||
| matrix_mautrix_whatsapp_appservice_token: '' | ||||
| matrix_mautrix_whatsapp_homeserver_token: '' | ||||
|  | ||||
|  | ||||
| # Database-related configuration fields. | ||||
| # | ||||
| # To use SQLite, stick to these defaults. | ||||
| # | ||||
| # To use Postgres: | ||||
| # - change the engine (`matrix_mautrix_whatsapp_database_engine: 'postgres'`) | ||||
| # - adjust your database credentials via the `matrix_mautrix_whatsapp_postgres_*` variables | ||||
| matrix_mautrix_whatsapp_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_mautrix_whatsapp_sqlite_database_path_local: "{{ matrix_mautrix_whatsapp_data_path }}/mautrix-whatsapp.db" | ||||
| matrix_mautrix_whatsapp_sqlite_database_path_in_container: "/data/mautrix-whatsapp.db" | ||||
|  | ||||
| matrix_mautrix_whatsapp_database_username: 'matrix_mautrix_whatsapp' | ||||
| matrix_mautrix_whatsapp_database_password: 'some-password' | ||||
| matrix_mautrix_whatsapp_database_hostname: 'matrix-postgres' | ||||
| matrix_mautrix_whatsapp_database_port: 5432 | ||||
| matrix_mautrix_whatsapp_database_name: 'matrix_mautrix_whatsapp' | ||||
|  | ||||
| matrix_mautrix_whatsapp_database_connection_string: 'postgresql://{{ matrix_mautrix_whatsapp_database_username }}:{{ matrix_mautrix_whatsapp_database_password }}@{{ matrix_mautrix_whatsapp_database_hostname }}:{{ matrix_mautrix_whatsapp_database_port }}/{{ matrix_mautrix_whatsapp_database_name }}?sslmode=disable' | ||||
|  | ||||
| matrix_mautrix_whatsapp_appservice_database_type: "{{ | ||||
| 	{ | ||||
| 		'sqlite': 'sqlite3', | ||||
| 		'postgres':'postgres', | ||||
| 	}[matrix_mautrix_whatsapp_database_engine] | ||||
| }}" | ||||
|  | ||||
| matrix_mautrix_whatsapp_appservice_database_uri: "{{ | ||||
| 	{ | ||||
| 		'sqlite': matrix_mautrix_whatsapp_sqlite_database_path_in_container, | ||||
| 		'postgres': matrix_mautrix_whatsapp_database_connection_string, | ||||
| 	}[matrix_mautrix_whatsapp_database_engine] | ||||
| }}" | ||||
|  | ||||
|  | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mautrix_whatsapp_login_shared_secret: '' | ||||
|  | ||||
|   | ||||
| @@ -8,6 +8,32 @@ | ||||
|       The matrix-bridge-mautrix-whatsapp role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mautrix_whatsapp_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" | ||||
|       register: matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mautrix_whatsapp_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mautrix_whatsapp_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mautrix_whatsapp_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mautrix-whatsapp.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mautrix_whatsapp_requires_restart: true | ||||
|       when: "matrix_mautrix_whatsapp_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mautrix_whatsapp_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure Mautrix Whatsapp image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mautrix_whatsapp_docker_image }}" | ||||
| @@ -26,12 +52,12 @@ | ||||
|     - "{{ matrix_mautrix_whatsapp_base_path }}" | ||||
|     - "{{ matrix_mautrix_whatsapp_config_path }}" | ||||
|     - "{{ matrix_mautrix_whatsapp_data_path }}" | ||||
|      | ||||
|  | ||||
| - name: Check if an old database file exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mautrix_whatsapp_base_path }}/mautrix-whatsapp.db" | ||||
|   register: matrix_mautrix_whatsapp_stat_database | ||||
|    | ||||
|  | ||||
| - name: Check if an old matrix state file exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mautrix_whatsapp_base_path }}/mx-state.json" | ||||
| @@ -48,7 +74,7 @@ | ||||
| - name: (Data relocation) Move mautrix-whatsapp database file to ./data directory | ||||
|   command: "mv {{ matrix_mautrix_whatsapp_base_path }}/mautrix-whatsapp.db {{ matrix_mautrix_whatsapp_data_path }}/mautrix-whatsapp.db" | ||||
|   when: "matrix_mautrix_whatsapp_stat_database.stat.exists" | ||||
|    | ||||
|  | ||||
| - name: (Data relocation) Move mautrix-whatsapp mx-state file to ./data directory | ||||
|   command: "mv {{ matrix_mautrix_whatsapp_base_path }}/mx-state.json {{ matrix_mautrix_whatsapp_data_path }}/mx-state.json" | ||||
|   when: "matrix_mautrix_whatsapp_stat_mx_state.stat.exists" | ||||
| @@ -80,3 +106,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mautrix_whatsapp_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mautrix-whatsapp.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mautrix-whatsapp.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mautrix_whatsapp_requires_restart|bool" | ||||
|   | ||||
| @@ -19,11 +19,11 @@ appservice: | ||||
|     # Database config. | ||||
|     database: | ||||
|         # The database type. "sqlite3" and "postgres" are supported. | ||||
|         type: sqlite3 | ||||
|         type: {{ matrix_mautrix_whatsapp_appservice_database_type|to_json }} | ||||
|         # The database URI. | ||||
|         #   SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string | ||||
|         #   Postgres: Connection string. For example, postgres://user:password@host/database | ||||
|         uri: mautrix-whatsapp.db | ||||
|         uri: {{ matrix_mautrix_whatsapp_appservice_database_uri|to_json }} | ||||
|         # Maximum number of connections. Mostly relevant for Postgres. | ||||
|         max_open_conns: 20 | ||||
|         max_idle_conns: 2 | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mautrix_whatsapp_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -55,6 +55,20 @@ matrix_mx_puppet_discord_homeserver_token: '' | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mx_puppet_discord_login_shared_secret: '' | ||||
|  | ||||
| # Database configuration | ||||
| matrix_mx_puppet_discord_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_mx_puppet_discord_sqlite_database_path_local: "{{ matrix_mx_puppet_discord_data_path }}/database.db" | ||||
| matrix_mx_puppet_discord_sqlite_database_path_in_container: "/data/database.db" | ||||
|  | ||||
| matrix_mx_puppet_discord_database_username: matrix_mx_puppet_discord | ||||
| matrix_mx_puppet_discord_database_password: ~ | ||||
| matrix_mx_puppet_discord_database_hostname: 'matrix-postgres' | ||||
| matrix_mx_puppet_discord_database_port: 5432 | ||||
| matrix_mx_puppet_discord_database_name: matrix_mx_puppet_discord | ||||
|  | ||||
| matrix_mx_puppet_discord_database_connection_string: 'postgresql://{{ matrix_mx_puppet_discord_database_username }}:{{ matrix_mx_puppet_discord_database_password }}@{{ matrix_mx_puppet_discord_database_hostname }}:{{ matrix_mx_puppet_discord_database_port }}/{{ matrix_mx_puppet_discord_database_name }}?sslmode=disable' | ||||
|  | ||||
| # Default configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
| @@ -8,14 +8,6 @@ | ||||
|       The matrix-bridge-mx-puppet-discord role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - name: Ensure MX Puppet Discord image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_discord_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_discord_enabled|bool and not matrix_mx_puppet_discord_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Discord paths exist | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
| @@ -30,6 +22,57 @@ | ||||
|     - { path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}", when: "{{ matrix_mx_puppet_discord_container_image_self_build }}" } | ||||
|   when: matrix_mx_puppet_discord_enabled|bool and item.when|bool | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_discord_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_discord_stat_database | ||||
|  | ||||
| - block: | ||||
|     - name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped | ||||
|       service: | ||||
|         name: matrix-mx-puppet-discord | ||||
|         state: stopped | ||||
|         daemon_reload: yes | ||||
|       failed_when: False | ||||
|  | ||||
|     - name: (Data relocation) Move mx-puppet-discord database file to ./data directory | ||||
|       command: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_discord_stat_database.stat.exists" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mx_puppet_discord_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" | ||||
|       register: matrix_mx_puppet_discord_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mx_puppet_discord_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mx_puppet_discord_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mx_puppet_discord_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mx-puppet-discord.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mx_puppet_discord_requires_restart: true | ||||
|       when: "matrix_mx_puppet_discord_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mx_puppet_discord_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure MX Puppet Discord image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_discord_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_discord_enabled|bool and not matrix_mx_puppet_discord_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Discord repository is present on self build | ||||
|   git: | ||||
|     repo: "{{ matrix_mx_puppet_discord_container_image_self_build_repo }}" | ||||
| @@ -49,23 +92,6 @@ | ||||
|       pull: yes | ||||
|   when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build|bool" | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_discord_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_discord_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-discord.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-discord | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_discord_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-discord database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_discord_base_path }}/database.db {{ matrix_mx_puppet_discord_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_discord_stat_database.stat.exists" | ||||
|  | ||||
| - name: Ensure mx-puppet-discord config.yaml installed | ||||
|   copy: | ||||
|     content: "{{ matrix_mx_puppet_discord_configuration|to_nice_yaml }}" | ||||
| @@ -93,3 +119,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mx_puppet_discord_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mx-puppet-discord.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mx-puppet-discord.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mx_puppet_discord_requires_restart|bool" | ||||
|   | ||||
| @@ -100,15 +100,18 @@ namePatterns: | ||||
|   group: :name | ||||
|  | ||||
| database: | ||||
| {% if matrix_mx_puppet_discord_database_engine == 'sqlite' %} | ||||
|   # Use SQLite3 as a database backend | ||||
|   # The name of the database file | ||||
|   filename: {{ matrix_mx_puppet_discord_sqlite_database_path_in_container|to_json }} | ||||
| {% else %} | ||||
|   # Use Postgres as a database backend | ||||
|   # If set, will be used instead of SQLite3 | ||||
|   # Connection string to connect to the Postgres instance | ||||
|   # with username "user", password "pass", host "localhost" and database name "dbname". | ||||
|   # Modify each value as necessary | ||||
|   #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" | ||||
|   # Use SQLite3 as a database backend | ||||
|   # The name of the database file | ||||
|   filename: /data/database.db | ||||
|   connString: {{ matrix_mx_puppet_discord_database_connection_string|to_json }} | ||||
| {% endif %} | ||||
|  | ||||
| logging: | ||||
|   # Log level of console output | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mx_puppet_discord_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -46,6 +46,19 @@ matrix_mx_puppet_instagram_homeserver_token: '' | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mx_puppet_instagram_login_shared_secret: '' | ||||
|  | ||||
| matrix_mx_puppet_instagram_database_engine: sqlite | ||||
|  | ||||
| matrix_mx_puppet_instagram_sqlite_database_path_local: "{{ matrix_mx_puppet_instagram_data_path }}/database.db" | ||||
| matrix_mx_puppet_instagram_sqlite_database_path_in_container: "/data/database.db" | ||||
|  | ||||
| matrix_mx_puppet_instagram_database_username: matrix_mx_puppet_instagram | ||||
| matrix_mx_puppet_instagram_database_password: ~ | ||||
| matrix_mx_puppet_instagram_database_hostname: 'matrix-postgres' | ||||
| matrix_mx_puppet_instagram_database_port: 5432 | ||||
| matrix_mx_puppet_instagram_database_name: matrix_mx_puppet_instagram | ||||
|  | ||||
| matrix_mx_puppet_instagram_database_connection_string: 'postgresql://{{ matrix_mx_puppet_instagram_database_username }}:{{ matrix_mx_puppet_instagram_database_password }}@{{ matrix_mx_puppet_instagram_database_hostname }}:{{ matrix_mx_puppet_instagram_database_port }}/{{ matrix_mx_puppet_instagram_database_name }}?sslmode=disable' | ||||
|  | ||||
| # Default configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
| @@ -8,6 +8,33 @@ | ||||
|       The matrix-bridge-mx-puppet-instagram role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mx_puppet_instagram_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" | ||||
|       register: matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mx_puppet_instagram_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mx_puppet_instagram_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mx_puppet_instagram_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mx-puppet-instagram.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mx_puppet_instagram_requires_restart: true | ||||
|       when: "matrix_mx_puppet_instagram_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mx_puppet_instagram_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure mx-puppet-instagram image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_instagram_docker_image }}" | ||||
| @@ -77,4 +104,8 @@ | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mx_puppet_instagram_systemd_service_result.changed" | ||||
|  | ||||
|  | ||||
| - name: Ensure matrix-mx-puppet-instagram.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mx-puppet-instagram.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mx_puppet_instagram_requires_restart|bool" | ||||
|   | ||||
| @@ -44,15 +44,18 @@ provisioning: | ||||
|   apiPrefix: /_matrix/provision | ||||
|  | ||||
| database: | ||||
| {% if matrix_mx_puppet_instagram_database_engine == 'postgres' %} | ||||
|   # Use Postgres as a database backend | ||||
|   # If set, will be used instead of SQLite3 | ||||
|   # Connection string to connect to the Postgres instance | ||||
|   # with username "user", password "pass", host "localhost" and database name "dbname". | ||||
|   # Modify each value as necessary | ||||
|   #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" | ||||
|   connString: {{ matrix_mx_puppet_instagram_database_connection_string|to_json }} | ||||
| {% else %} | ||||
|   # Use SQLite3 as a database backend | ||||
|   # The name of the database file | ||||
|   filename: /data/database.db | ||||
|   filename: {{ matrix_mx_puppet_instagram_sqlite_database_path_in_container|to_json }} | ||||
| {% endif %} | ||||
|  | ||||
| logging: | ||||
|   # Log level of console output | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mx_puppet_instagram_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -53,6 +53,20 @@ matrix_mx_puppet_skype_homeserver_token: '' | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mx_puppet_skype_login_shared_secret: '' | ||||
|  | ||||
| # Database configuration, role default is `sqlite` but playbook default is `postgres` | ||||
| matrix_mx_puppet_skype_database_engine: sqlite | ||||
|  | ||||
| matrix_mx_puppet_skype_sqlite_database_path_local: "{{ matrix_mx_puppet_skype_data_path }}/database.db" | ||||
| matrix_mx_puppet_skype_sqlite_database_path_in_container: "/data/database.db" | ||||
|  | ||||
| matrix_mx_puppet_skype_database_username: matrix_mx_puppet_skype | ||||
| matrix_mx_puppet_skype_database_password: ~ | ||||
| matrix_mx_puppet_skype_database_hostname: 'matrix-postgres' | ||||
| matrix_mx_puppet_skype_database_port: 5432 | ||||
| matrix_mx_puppet_skype_database_name: matrix_mx_puppet_skype | ||||
|  | ||||
| matrix_mx_puppet_skype_database_connection_string: 'postgresql://{{ matrix_mx_puppet_skype_database_username }}:{{ matrix_mx_puppet_skype_database_password }}@{{ matrix_mx_puppet_skype_database_hostname }}:{{ matrix_mx_puppet_skype_database_port }}/{{ matrix_mx_puppet_skype_database_name }}?sslmode=disable' | ||||
|  | ||||
| # Default configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
| @@ -8,14 +8,6 @@ | ||||
|       The matrix-bridge-mx-puppet-skype role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - name: Ensure MX Puppet Skype image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_skype_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_skype_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_skype_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_skype_enabled|bool and not matrix_mx_puppet_skype_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Skype paths exist | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
| @@ -30,6 +22,57 @@ | ||||
|     - { path: "{{ matrix_mx_puppet_skype_docker_src_files_path }}", when: "{{ matrix_mx_puppet_skype_container_image_self_build }}" } | ||||
|   when: matrix_mx_puppet_skype_enabled|bool and item.when|bool | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_skype_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_skype_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-skype.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-skype | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_skype_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-skype database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_skype_base_path }}/database.db {{ matrix_mx_puppet_skype_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_skype_stat_database.stat.exists" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mx_puppet_skype_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mx_puppet_skype_sqlite_database_path_local }}" | ||||
|       register: matrix_mx_puppet_skype_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mx_puppet_skype_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mx_puppet_skype_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mx_puppet_skype_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mx-puppet-skype.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mx_puppet_skype_requires_restart: true | ||||
|       when: "matrix_mx_puppet_skype_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mx_puppet_skype_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure MX Puppet Skype image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_skype_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_skype_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_skype_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_skype_enabled|bool and not matrix_mx_puppet_skype_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Skype repository is present on self build | ||||
|   git: | ||||
|     repo: "{{ matrix_mx_puppet_skype_container_image_self_build_repo }}" | ||||
| @@ -49,23 +92,6 @@ | ||||
|       pull: yes | ||||
|   when: "matrix_mx_puppet_skype_enabled|bool and matrix_mx_puppet_skype_container_image_self_build|bool" | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_skype_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_skype_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-skype.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-skype | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_skype_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-skype database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_skype_base_path }}/database.db {{ matrix_mx_puppet_skype_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_skype_stat_database.stat.exists" | ||||
|  | ||||
| - name: Ensure mx-puppet-skype config.yaml installed | ||||
|   copy: | ||||
|     content: "{{ matrix_mx_puppet_skype_configuration|to_nice_yaml }}" | ||||
| @@ -93,3 +119,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mx_puppet_skype_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mx-puppet-skype.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mx-puppet-skype.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mx_puppet_skype_requires_restart|bool" | ||||
|   | ||||
| @@ -68,15 +68,18 @@ logging: | ||||
|       #  - Store | ||||
|  | ||||
| database: | ||||
| {% if matrix_mx_puppet_skype_database_engine == 'postgres' %} | ||||
|   # Use Postgres as a database backend | ||||
|   # If set, will be used instead of SQLite3 | ||||
|   # Connection string to connect to the Postgres instance | ||||
|   # with username "user", password "pass", host "localhost" and database name "dbname". | ||||
|   # Modify each value as necessary | ||||
|   #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" | ||||
|   connString: {{ matrix_mx_puppet_skype_database_connection_string|to_json }} | ||||
| {% else %} | ||||
|   # Use SQLite3 as a database backend | ||||
|   # The name of the database file | ||||
|   filename: /data/database.db | ||||
|   filename: {{ matrix_mx_puppet_skype_sqlite_database_path_in_container|to_json }} | ||||
| {% endif %} | ||||
|  | ||||
| provisioning: | ||||
|   # Regex of Matrix IDs allowed to use the puppet bridge | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mx_puppet_skype_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -57,6 +57,20 @@ matrix_mx_puppet_slack_homeserver_token: '' | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mx_puppet_slack_login_shared_secret: '' | ||||
|  | ||||
| # Database configuration, role uses 'sqlite' per default but playbook sets up postgres by default | ||||
| matrix_mx_puppet_slack_database_engine: sqlite | ||||
|  | ||||
| matrix_mx_puppet_slack_sqlite_database_path_local: "{{ matrix_mx_puppet_slack_data_path }}/database.db" | ||||
| matrix_mx_puppet_slack_sqlite_database_path_in_container: "/data/database.db" | ||||
|  | ||||
| matrix_mx_puppet_slack_database_username: matrix_mx_puppet_slack | ||||
| matrix_mx_puppet_slack_database_password: ~ | ||||
| matrix_mx_puppet_slack_database_hostname: 'matrix-postgres' | ||||
| matrix_mx_puppet_slack_database_port: 5432 | ||||
| matrix_mx_puppet_slack_database_name: matrix_mx_puppet_slack | ||||
|  | ||||
| matrix_mx_puppet_slack_database_connection_string: 'postgresql://{{ matrix_mx_puppet_slack_database_username }}:{{ matrix_mx_puppet_slack_database_password }}@{{ matrix_mx_puppet_slack_database_hostname }}:{{ matrix_mx_puppet_slack_database_port }}/{{ matrix_mx_puppet_slack_database_name }}?sslmode=disable' | ||||
|  | ||||
| # Default configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
| @@ -8,14 +8,6 @@ | ||||
|       The matrix-bridge-mx-puppet-slack role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - name: Ensure MX Puppet Slack image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_slack_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_slack_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_slack_enabled|bool and not matrix_mx_puppet_slack_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Slack paths exist | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
| @@ -30,6 +22,53 @@ | ||||
|     - { path: "{{ matrix_mx_puppet_slack_docker_src_files_path }}", when: "{{ matrix_mx_puppet_slack_container_image_self_build }}" } | ||||
|   when: matrix_mx_puppet_slack_enabled|bool and item.when|bool | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_slack_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_slack_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-slack.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-slack | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_slack_stat_database.stat.exists" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mx_puppet_slack_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" | ||||
|       register: matrix_mx_puppet_slack_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mx_puppet_slack_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mx_puppet_slack_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mx_puppet_slack_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mx-puppet-slack.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mx_puppet_slack_requires_restart: true | ||||
|       when: "matrix_mx_puppet_slack_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mx_puppet_slack_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure MX Puppet Slack image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_slack_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_slack_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_slack_enabled|bool and not matrix_mx_puppet_slack_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Slack repository is present on self build | ||||
|   git: | ||||
|     repo: "{{ matrix_mx_puppet_slack_container_image_self_build_repo }}" | ||||
| @@ -49,19 +88,6 @@ | ||||
|       pull: yes | ||||
|   when: "matrix_mx_puppet_slack_enabled|bool and matrix_mx_puppet_slack_container_image_self_build" | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_slack_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_slack_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-slack.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-slack | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_slack_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-slack database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_slack_base_path }}/database.db {{ matrix_mx_puppet_slack_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_slack_stat_database.stat.exists" | ||||
| @@ -93,3 +119,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mx_puppet_slack_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mx-puppet-slack.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mx-puppet-slack.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mx_puppet_slack_requires_restart|bool" | ||||
|   | ||||
| @@ -58,15 +58,18 @@ provisioning: | ||||
|   apiPrefix: /_matrix/provision | ||||
|  | ||||
| database: | ||||
| {% if matrix_mx_puppet_slack_database_engine == 'postgres' %} | ||||
|   # Use Postgres as a database backend | ||||
|   # If set, will be used instead of SQLite3 | ||||
|   # Connection string to connect to the Postgres instance | ||||
|   # with username "user", password "pass", host "localhost" and database name "dbname". | ||||
|   # Modify each value as necessary | ||||
|   #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" | ||||
|   connString: {{ matrix_mx_puppet_slack_database_connection_string|to_json }} | ||||
| {% else %} | ||||
|   # Use SQLite3 as a database backend | ||||
|   # The name of the database file | ||||
|   filename: /data/database.db | ||||
|   filename: {{ matrix_mx_puppet_slack_sqlite_database_path_in_container|to_json }} | ||||
| {% endif %} | ||||
|  | ||||
| logging: | ||||
|   # Log level of console output | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mx_puppet_slack_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -55,6 +55,19 @@ matrix_mx_puppet_steam_homeserver_token: '' | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mx_puppet_steam_login_shared_secret: '' | ||||
|  | ||||
| matrix_mx_puppet_steam_database_engine: sqlite | ||||
|  | ||||
| matrix_mx_puppet_steam_sqlite_database_path_local: "{{ matrix_mx_puppet_steam_data_path }}/database.db" | ||||
| matrix_mx_puppet_steam_sqlite_database_path_in_container: "/data/database.db" | ||||
|  | ||||
| matrix_mx_puppet_steam_database_username: matrix_mx_puppet_steam | ||||
| matrix_mx_puppet_steam_database_password: ~ | ||||
| matrix_mx_puppet_steam_database_hostname: 'matrix-postgres' | ||||
| matrix_mx_puppet_steam_database_port: 5432 | ||||
| matrix_mx_puppet_steam_database_name: matrix_mx_puppet_steam | ||||
|  | ||||
| matrix_mx_puppet_steam_database_connection_string: 'postgresql://{{ matrix_mx_puppet_steam_database_username }}:{{ matrix_mx_puppet_steam_database_password }}@{{ matrix_mx_puppet_steam_database_hostname }}:{{ matrix_mx_puppet_steam_database_port }}/{{ matrix_mx_puppet_steam_database_name }}?sslmode=disable' | ||||
|  | ||||
| # Default configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
| @@ -8,14 +8,6 @@ | ||||
|       The matrix-bridge-mx-puppet-steam role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - name: Ensure MX Puppet Steam image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_steam_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_steam_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_steam_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_steam_enabled|bool and not matrix_mx_puppet_steam_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Steam paths exist | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
| @@ -30,6 +22,57 @@ | ||||
|     - { path: "{{ matrix_mx_puppet_steam_docker_src_files_path }}", when: "{{ matrix_mx_puppet_steam_container_image_self_build }}" } | ||||
|   when: matrix_mx_puppet_steam_enabled|bool and item.when|bool | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_steam_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_steam_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-steam.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-steam | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_steam_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-steam database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_steam_base_path }}/database.db {{ matrix_mx_puppet_steam_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_steam_stat_database.stat.exists" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mx_puppet_steam_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" | ||||
|       register: matrix_mx_puppet_steam_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mx_puppet_steam_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mx_puppet_steam_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mx_puppet_steam_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mx-puppet-steam.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mx_puppet_steam_requires_restart: true | ||||
|       when: "matrix_mx_puppet_steam_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mx_puppet_steam_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure MX Puppet Steam image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_steam_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_steam_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_steam_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_steam_enabled|bool and not matrix_mx_puppet_steam_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Steam repository is present on self build | ||||
|   git: | ||||
|     repo: "{{ matrix_mx_puppet_steam_container_image_self_build_repo }}" | ||||
| @@ -49,23 +92,6 @@ | ||||
|       pull: yes | ||||
|   when: "matrix_mx_puppet_steam_enabled|bool and matrix_mx_puppet_steam_container_image_self_build" | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_steam_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_steam_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-steam.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-steam | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_steam_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-steam database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_steam_base_path }}/database.db {{ matrix_mx_puppet_steam_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_steam_stat_database.stat.exists" | ||||
|  | ||||
| - name: Ensure mx-puppet-steam config.yaml installed | ||||
|   copy: | ||||
|     content: "{{ matrix_mx_puppet_steam_configuration|to_nice_yaml }}" | ||||
| @@ -93,3 +119,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mx_puppet_steam_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mx-puppet-steam.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mx-puppet-steam.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mx_puppet_steam_requires_restart|bool" | ||||
|   | ||||
| @@ -61,15 +61,18 @@ selfService: | ||||
|   blacklist: {{ matrix_mx_puppet_steam_provisioning_blacklist|to_json }} | ||||
|  | ||||
| database: | ||||
| {% if matrix_mx_puppet_steam_database_engine == 'postgres' %} | ||||
|   # Use Postgres as a database backend | ||||
|   # If set, will be used instead of SQLite3 | ||||
|   # Connection string to connect to the Postgres instance | ||||
|   # with username "user", password "pass", host "localhost" and database name "dbname". | ||||
|   # Modify each value as necessary | ||||
|   #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" | ||||
|   connString: {{ matrix_mx_puppet_steam_database_connection_string|to_json }} | ||||
| {% else %} | ||||
|   # Use SQLite3 as a database backend | ||||
|   # The name of the database file | ||||
|   filename: /data/database.db | ||||
|   filename: {{ matrix_mx_puppet_steam_sqlite_database_path_in_container|to_json }} | ||||
| {% endif %} | ||||
|  | ||||
| logging: | ||||
|   # Log level of console output | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mx_puppet_steam_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -60,6 +60,20 @@ matrix_mx_puppet_twitter_homeserver_token: '' | ||||
| # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). | ||||
| matrix_mx_puppet_twitter_login_shared_secret: '' | ||||
|  | ||||
| # Database configuration | ||||
| matrix_mx_puppet_twitter_database_engine: sqlite | ||||
|  | ||||
| matrix_mx_puppet_twitter_sqlite_database_path_local: "{{ matrix_mx_puppet_twitter_data_path }}/database.db" | ||||
| matrix_mx_puppet_twitter_sqlite_database_path_in_container: "/data/database.db" | ||||
|  | ||||
| matrix_mx_puppet_twitter_database_username: mx_puppet_twitter | ||||
| matrix_mx_puppet_twitter_database_password: ~ | ||||
| matrix_mx_puppet_twitter_database_hostname: 'matrix-postgres' | ||||
| matrix_mx_puppet_twitter_database_port: 5432 | ||||
| matrix_mx_puppet_twitter_database_name: matrix_mx_puppet_twitter | ||||
|  | ||||
| matrix_mx_puppet_twitter_database_connection_string: 'postgresql://{{ matrix_mx_puppet_twitter_database_username }}:{{ matrix_mx_puppet_twitter_database_password }}@{{ matrix_mx_puppet_twitter_database_hostname }}:{{ matrix_mx_puppet_twitter_database_port }}/{{ matrix_mx_puppet_twitter_database_name }}?sslmode=disable' | ||||
|  | ||||
| # Default configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
| @@ -8,14 +8,6 @@ | ||||
|       The matrix-bridge-mx-puppet-twitter role needs to execute before the matrix-synapse role. | ||||
|   when: "matrix_synapse_role_executed|default(False)" | ||||
|  | ||||
| - name: Ensure MX Puppet Twitter image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_twitter_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_twitter_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_twitter_enabled|bool and not matrix_mx_puppet_twitter_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Twitter paths exist | ||||
|   file: | ||||
|     path: "{{ item.path }}" | ||||
| @@ -30,6 +22,57 @@ | ||||
|     - { path: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}", when: "{{ matrix_mx_puppet_twitter_container_image_self_build }}" } | ||||
|   when: matrix_mx_puppet_twitter_enabled|bool and item.when|bool | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_twitter_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_twitter_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-twitter.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-twitter | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_twitter_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-twitter database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_twitter_base_path }}/database.db {{ matrix_mx_puppet_twitter_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_twitter_stat_database.stat.exists" | ||||
|  | ||||
| - set_fact: | ||||
|     matrix_mx_puppet_twitter_requires_restart: false | ||||
|  | ||||
| - block: | ||||
|     - name: Check if an SQLite database already exists | ||||
|       stat: | ||||
|         path: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" | ||||
|       register: matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result | ||||
|  | ||||
|     - block: | ||||
|         - set_fact: | ||||
|             matrix_postgres_db_migration_request: | ||||
|               src: "{{ matrix_mx_puppet_twitter_sqlite_database_path_local }}" | ||||
|               dst: "{{ matrix_mx_puppet_twitter_database_connection_string }}" | ||||
|               caller: "{{ role_path|basename }}" | ||||
|               engine_variable_name: 'matrix_mx_puppet_twitter_database_engine' | ||||
|               engine_old: 'sqlite' | ||||
|               systemd_services_to_stop: ['matrix-mx-puppet-twitter.service'] | ||||
|  | ||||
|         - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" | ||||
|  | ||||
|         - set_fact: | ||||
|             matrix_mx_puppet_twitter_requires_restart: true | ||||
|       when: "matrix_mx_puppet_twitter_sqlite_database_path_local_stat_result.stat.exists|bool" | ||||
|   when: "matrix_mx_puppet_twitter_database_engine == 'postgres'" | ||||
|  | ||||
| - name: Ensure MX Puppet Twitter image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_mx_puppet_twitter_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_mx_puppet_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_twitter_docker_image_force_pull }}" | ||||
|   when: matrix_mx_puppet_twitter_enabled|bool and not matrix_mx_puppet_twitter_container_image_self_build | ||||
|  | ||||
| - name: Ensure MX Puppet Twitter repository is present on self build | ||||
|   git: | ||||
|     repo: "{{ matrix_mx_puppet_twitter_container_image_self_build_repo }}" | ||||
| @@ -49,23 +92,6 @@ | ||||
|       pull: yes | ||||
|   when: "matrix_mx_puppet_twitter_enabled|bool and matrix_mx_puppet_twitter_container_image_self_build" | ||||
|  | ||||
| - name: Check if an old database file already exists | ||||
|   stat: | ||||
|     path: "{{ matrix_mx_puppet_twitter_base_path }}/database.db" | ||||
|   register: matrix_mx_puppet_twitter_stat_database | ||||
|  | ||||
| - name: (Data relocation) Ensure matrix-mx-puppet-twitter.service is stopped | ||||
|   service: | ||||
|     name: matrix-mx-puppet-twitter | ||||
|     state: stopped | ||||
|     daemon_reload: yes | ||||
|   failed_when: false | ||||
|   when: "matrix_mx_puppet_twitter_stat_database.stat.exists" | ||||
|  | ||||
| - name: (Data relocation) Move mx-puppet-twitter database file to ./data directory | ||||
|   command: "mv {{ matrix_mx_puppet_twitter_base_path }}/database.db {{ matrix_mx_puppet_twitter_data_path }}/database.db" | ||||
|   when: "matrix_mx_puppet_twitter_stat_database.stat.exists" | ||||
|  | ||||
| - name: Ensure mx-puppet-twitter config.yaml installed | ||||
|   copy: | ||||
|     content: "{{ matrix_mx_puppet_twitter_configuration|to_nice_yaml }}" | ||||
| @@ -93,3 +119,9 @@ | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
|   when: "matrix_mx_puppet_twitter_systemd_service_result.changed" | ||||
|  | ||||
| - name: Ensure matrix-mx-puppet-twitter.service restarted, if necessary | ||||
|   service: | ||||
|     name: "matrix-mx-puppet-twitter.service" | ||||
|     state: restarted | ||||
|   when: "matrix_mx_puppet_twitter_requires_restart|bool" | ||||
|   | ||||
| @@ -54,15 +54,18 @@ provisioning: | ||||
|   apiPrefix: /_matrix/provision | ||||
|  | ||||
| database: | ||||
| {% if matrix_mx_puppet_twitter_database_engine == 'postgres' %} | ||||
|   # Use Postgres as a database backend | ||||
|   # If set, will be used instead of SQLite3 | ||||
|   # Connection string to connect to the Postgres instance | ||||
|   # with username "user", password "pass", host "localhost" and database name "dbname". | ||||
|   # Modify each value as necessary | ||||
|   #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" | ||||
|   connString: {{ matrix_mx_puppet_twitter_database_connection_string|to_json }} | ||||
| {% else %} | ||||
|   # Use SQLite3 as a database backend | ||||
|   # The name of the database file | ||||
|   filename: /data/database.db | ||||
|   filename: {{ matrix_mx_puppet_twitter_sqlite_database_path_in_container|to_json }} | ||||
| {% endif %} | ||||
|  | ||||
| logging: | ||||
|   # Log level of console output | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_mx_puppet_twitter_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -3,7 +3,7 @@ | ||||
|  | ||||
| matrix_sms_bridge_enabled: true | ||||
|  | ||||
| matrix_sms_bridge_docker_image: "docker.io/folivonet/matrix-sms-bridge:0.5.4" | ||||
| matrix_sms_bridge_docker_image: "docker.io/folivonet/matrix-sms-bridge:0.5.5" | ||||
|  | ||||
| matrix_sms_bridge_base_path: "{{ matrix_base_data_path }}/matrix-sms-bridge" | ||||
| matrix_sms_bridge_config_path: "{{ matrix_base_data_path }}/matrix-sms-bridge/config" | ||||
|   | ||||
| @@ -8,6 +8,7 @@ After={{ service }} | ||||
| {% for service in matrix_sms_bridge_systemd_wanted_services_list %} | ||||
| Wants={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -3,7 +3,7 @@ matrix_client_element_enabled: true | ||||
| matrix_client_element_container_image_self_build: false | ||||
| matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git" | ||||
|  | ||||
| matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:v1.7.14" | ||||
| matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:v1.7.16" | ||||
| matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else 'docker.io/' }}" | ||||
| matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" | ||||
|  | ||||
|   | ||||
| @@ -5,6 +5,7 @@ Description=Matrix Element server | ||||
| Requires={{ service }} | ||||
| After={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -1,5 +1,9 @@ | ||||
| --- | ||||
|  | ||||
| - name: Deterimne whether we should make services autostart | ||||
|   set_fact: | ||||
|     matrix_services_autostart_enabled_bool: "{{ true if matrix_services_autostart_enabled|default('') == '' else matrix_services_autostart_enabled|bool }}" | ||||
|  | ||||
| - name: Ensure systemd is reloaded | ||||
|   service: | ||||
|     daemon_reload: yes | ||||
| @@ -14,7 +18,7 @@ | ||||
| - name: Ensure Matrix services are started | ||||
|   service: | ||||
|     name: "{{ item }}" | ||||
|     enabled: yes | ||||
|     enabled: "{{ matrix_services_autostart_enabled_bool }}" | ||||
|     state: started | ||||
|   with_items: "{{ matrix_systemd_services_list }}" | ||||
|   when: not ansible_check_mode | ||||
|   | ||||
| @@ -3,6 +3,9 @@ | ||||
|  | ||||
| matrix_corporal_enabled: true | ||||
|  | ||||
| matrix_corporal_container_image_self_build: false | ||||
| matrix_corporal_container_image_self_build_repo: "https://github.com/devture/matrix-corporal.git" | ||||
|  | ||||
| # Controls whether the matrix-corporal container exposes its gateway HTTP port (tcp/41080 in the container). | ||||
| # | ||||
| # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:41080"), or empty string to not expose. | ||||
| @@ -19,10 +22,13 @@ matrix_corporal_container_extra_arguments: [] | ||||
| # List of systemd services that matrix-corporal.service depends on | ||||
| matrix_corporal_systemd_required_services_list: ['docker.service'] | ||||
|  | ||||
| matrix_corporal_docker_image: "docker.io/devture/matrix-corporal:1.11.0" | ||||
| matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" | ||||
| matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else 'docker.io/' }}" | ||||
| matrix_corporal_docker_image_tag: "1.11.0" | ||||
| matrix_corporal_docker_image_force_pull: "{{ matrix_corporal_docker_image.endswith(':latest') }}" | ||||
|  | ||||
| matrix_corporal_base_path: "{{ matrix_base_data_path }}/corporal" | ||||
| matrix_corporal_container_src_files_path: "{{ matrix_corporal_base_path }}/container-src" | ||||
| matrix_corporal_config_dir_path: "{{ matrix_corporal_base_path }}/config" | ||||
| matrix_corporal_cache_dir_path: "{{ matrix_corporal_base_path }}/cache" | ||||
| matrix_corporal_var_dir_path: "{{ matrix_corporal_base_path }}/var" | ||||
|   | ||||
| @@ -17,13 +17,33 @@ | ||||
|     - "{{ matrix_corporal_var_dir_path }}" | ||||
|   when: matrix_corporal_enabled|bool | ||||
|  | ||||
| - name: Ensure Matrix Corporal repository is present on self-build | ||||
|   git: | ||||
|     repo: "{{ matrix_corporal_container_image_self_build_repo }}" | ||||
|     dest: "{{ matrix_corporal_container_src_files_path }}" | ||||
|     version: "{{ matrix_corporal_docker_image.split(':')[1] }}" | ||||
|     force: "yes" | ||||
|   register: matrix_corporal_git_pull_results | ||||
|   when: "matrix_corporal_enabled|bool and matrix_corporal_container_image_self_build|bool" | ||||
|  | ||||
| - name: Ensure Matrix Corporal Docker image is built | ||||
|   docker_image: | ||||
|     name: "{{ matrix_corporal_docker_image }}" | ||||
|     source: build | ||||
|     force_source: "{{ matrix_corporal_git_pull_results.changed }}" | ||||
|     build: | ||||
|       dockerfile: etc/docker/Dockerfile | ||||
|       path: "{{ matrix_corporal_container_src_files_path }}" | ||||
|       pull: yes | ||||
|   when: "matrix_corporal_enabled|bool and matrix_corporal_container_image_self_build|bool" | ||||
|  | ||||
| - name: Ensure Matrix Corporal Docker image is pulled | ||||
|   docker_image: | ||||
|     name: "{{ matrix_corporal_docker_image }}" | ||||
|     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" | ||||
|     force_source: "{{ matrix_corporal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" | ||||
|     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_corporal_docker_image_force_pull }}" | ||||
|   when: matrix_corporal_enabled|bool | ||||
|   when: "matrix_corporal_enabled|bool and not matrix_corporal_container_image_self_build|bool" | ||||
|  | ||||
| - name: Ensure Matrix Corporal config installed | ||||
|   copy: | ||||
|   | ||||
| @@ -5,6 +5,7 @@ Description=Matrix Corporal | ||||
| Requires={{ service }} | ||||
| After={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -5,6 +5,7 @@ Description=Matrix Coturn server | ||||
| Requires={{ service }} | ||||
| After={{ service }} | ||||
| {% endfor %} | ||||
| DefaultDependencies=no | ||||
|  | ||||
| [Service] | ||||
| Type=simple | ||||
|   | ||||
| @@ -15,6 +15,12 @@ matrix_dimension_base_path: "{{ matrix_base_data_path }}/dimension" | ||||
| matrix_dimension_docker_image: "docker.io/turt2live/matrix-dimension:latest" | ||||
| matrix_dimension_docker_image_force_pull: "{{ matrix_dimension_docker_image.endswith(':latest') }}" | ||||
|  | ||||
| # List of systemd services that matrix-dimension.service depends on. | ||||
| matrix_dimension_systemd_required_services_list: ['docker.service'] | ||||
|  | ||||
| # List of systemd services that matrix-dimension.service wants | ||||
| matrix_dimension_systemd_wanted_services_list: [] | ||||
|  | ||||
| # The user and group id correspond to the node user in the `turt2live/matrix-dimension` image. | ||||
| matrix_dimension_user_uid: '1000' | ||||
| matrix_dimension_user_gid: '1000' | ||||
| @@ -34,6 +40,28 @@ matrix_dimension_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_di | ||||
|  | ||||
| matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:8048" | ||||
|  | ||||
|  | ||||
| # Database-related configuration fields. | ||||
| # | ||||
| # To use SQLite, stick to these defaults. | ||||
| # | ||||
| # To use Postgres: | ||||
| # - change the engine (`matrix_dimension_database_engine: 'postgres'`) | ||||
| # - adjust your database credentials via the `matrix_dimension_postgres_*` variables | ||||
| matrix_dimension_database_engine: 'sqlite' | ||||
|  | ||||
| matrix_dimension_sqlite_database_path_local: "{{ matrix_dimension_base_path }}/dimension.db" | ||||
| matrix_dimension_sqlite_database_path_in_container: "dimension.db" | ||||
|  | ||||
| matrix_dimension_database_username: 'matrix_dimension' | ||||
| matrix_dimension_database_password: 'some-password' | ||||
| matrix_dimension_database_hostname: 'matrix-postgres' | ||||
| matrix_dimension_database_port: 5432 | ||||
| matrix_dimension_database_name: 'matrix_dimension' | ||||
|  | ||||
| matrix_dimension_database_connection_string: 'postgres://{{ matrix_dimension_database_username }}:{{ matrix_dimension_database_password }}@{{ matrix_dimension_database_hostname }}:{{ matrix_dimension_database_port }}/{{ matrix_dimension_database_name }}' | ||||
|  | ||||
|  | ||||
| # Default Dimension configuration template which covers the generic use case. | ||||
| # You can customize it by controlling the various variables inside it. | ||||
| # | ||||
|   | ||||
Some files were not shown because too many files have changed in this diff Show More
		Reference in New Issue
	
	Block a user