mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-26 10:03:25 +00:00 
			
		
		
		
	Merge branch 'master' into feature/dendrite
This commit is contained in:
		
							
								
								
									
										19
									
								
								.github/workflows/ansible-lint.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								.github/workflows/ansible-lint.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| name: Ansible Lint | ||||
|  | ||||
| on: [push, pull_request] | ||||
|  | ||||
| jobs: | ||||
|   build: | ||||
|    | ||||
|     runs-on: ubuntu-latest | ||||
|  | ||||
|     steps: | ||||
|     - uses: actions/checkout@v2 | ||||
|  | ||||
|     - name: Lint Ansible Playbook | ||||
|       uses: ansible/ansible-lint-action@master | ||||
|       with: | ||||
|         # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) | ||||
|         targets: "./" | ||||
|  | ||||
|         args: "-x metadata, formatting" | ||||
| @@ -1 +1,6 @@ | ||||
| matrix_awx_enabled: true | ||||
|  | ||||
| # Defaults for 'Customise Website + Access Export' template | ||||
| awx_sftp_auth_method: 'Disabled' | ||||
| awx_sftp_password: '' | ||||
| awx_sftp_public_key: '' | ||||
|   | ||||
| @@ -29,9 +29,9 @@ | ||||
|   when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) | ||||
|   register: awx_synapse_container_ip | ||||
|  | ||||
| - name: Collect access token for @_janitor user | ||||
| - name: Collect access token for @admin-janitor user | ||||
|   shell: | | ||||
|     curl -X POST -d '{"type":"m.login.password", "user":"_janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' | ||||
|     curl -X POST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' | ||||
|   when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) | ||||
|   register: awx_janitors_token | ||||
|   no_log: True | ||||
|   | ||||
| @@ -21,9 +21,9 @@ | ||||
|   shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse" | ||||
|   register: awx_synapse_container_ip | ||||
|  | ||||
| - name: Collect access token for @_janitor user | ||||
| - name: Collect access token for @admin-janitor user | ||||
|   shell: | | ||||
|     curl -XPOST -d '{"type":"m.login.password", "user":"_janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' | ||||
|     curl -XPOST -d '{"type":"m.login.password", "user":"admin-janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token' | ||||
|   register: awx_janitors_token | ||||
|   no_log: True | ||||
|  | ||||
|   | ||||
| @@ -50,12 +50,14 @@ | ||||
| - name: Calculate size of local media repository | ||||
|   shell: du -sh /matrix/synapse/storage/media-store/local* | ||||
|   register: awx_local_media_size_stat | ||||
|   async: 600 | ||||
|   ignore_errors: yes | ||||
|   no_log: True | ||||
|  | ||||
| - name: Calculate size of remote media repository | ||||
|   shell: du -sh /matrix/synapse/storage/media-store/remote* | ||||
|   register: awx_remote_media_size_stat | ||||
|   async: 600 | ||||
|   ignore_errors: yes | ||||
|   no_log: True | ||||
|  | ||||
|   | ||||
| @@ -12,9 +12,9 @@ | ||||
|       - curl | ||||
|     state: present | ||||
|  | ||||
| - name: Collect access token of @_dimension user | ||||
| - name: Collect access token of @admin-dimension user | ||||
|   shell: | | ||||
|     curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "_dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//' | ||||
|     curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "admin-dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//' | ||||
|   register: awx_dimension_user_access_token | ||||
|  | ||||
| - name: Record Synapse variables locally on AWX | ||||
|   | ||||
| @@ -1,11 +1,11 @@ | ||||
| --- | ||||
|  | ||||
| - name: Create user account @_janitor | ||||
| - name: Create user account @admin-janitor | ||||
|   command: | | ||||
|     /usr/local/bin/matrix-synapse-register-user _janitor {{ awx_janitor_user_password | quote }} 1 | ||||
|     /usr/local/bin/matrix-synapse-register-user admin-janitor {{ awx_janitor_user_password | quote }} 1 | ||||
|   register: cmd | ||||
|   when: not awx_janitor_user_created|bool | ||||
|   no_log: True | ||||
|   no_log: false | ||||
|      | ||||
| - name: Update AWX janitor user created variable | ||||
|   delegate_to: 127.0.0.1 | ||||
| @@ -18,12 +18,12 @@ | ||||
|     'awx_janitor_user_created': 'true' | ||||
|   when: not awx_janitor_user_created|bool | ||||
|  | ||||
| - name: Create user account @_dimension | ||||
| - name: Create user account @admin-dimension | ||||
|   command: | | ||||
|     /usr/local/bin/matrix-synapse-register-user _dimension {{ awx_dimension_user_password | quote }} 0 | ||||
|     /usr/local/bin/matrix-synapse-register-user admin-dimension {{ awx_dimension_user_password | quote }} 0 | ||||
|   register: cmd | ||||
|   when: not awx_dimension_user_created|bool | ||||
|   no_log: True | ||||
|   no_log: false | ||||
|    | ||||
| - name: Update AWX dimension user created variable | ||||
|   delegate_to: 127.0.0.1 | ||||
| @@ -36,12 +36,12 @@ | ||||
|     'awx_dimension_user_created': 'true' | ||||
|   when: not awx_dimension_user_created|bool | ||||
|  | ||||
| - name: Create user account @_mjolnir | ||||
| - name: Create user account @admin-mjolnir | ||||
|   command: | | ||||
|     /usr/local/bin/matrix-synapse-register-user _mjolnir {{ awx_mjolnir_user_password | quote }} 0 | ||||
|     /usr/local/bin/matrix-synapse-register-user admin-mjolnir {{ awx_mjolnir_user_password | quote }} 0 | ||||
|   register: cmd | ||||
|   when: not awx_mjolnir_user_created|bool | ||||
|   no_log: True | ||||
|   no_log: false | ||||
|    | ||||
| - name: Update AWX dimension user created variable | ||||
|   delegate_to: 127.0.0.1 | ||||
|   | ||||
| @@ -25,7 +25,7 @@ COLIBRI_REST_ENABLED | ||||
| SHUTDOWN_REST_ENABLED | ||||
| TZ={{ matrix_jitsi_timezone }} | ||||
| XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }} | ||||
| XMPP_INTERNAL_MUC_DOMAIN= {{ matrix_jitsi_xmpp_internal_muc_domain }} | ||||
| XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }} | ||||
| XMPP_SERVER={{ matrix_jitsi_xmpp_server }} | ||||
|  | ||||
| {{ matrix_jitsi_jvb_environment_variables_extension }} | ||||
|   | ||||
| @@ -442,7 +442,14 @@ matrix_ssl_domains_to_obtain_certificates_for: "{{ matrix_ssl_additional_domains | ||||
| matrix_ssl_additional_domains_to_obtain_certificates_for: [] | ||||
|  | ||||
| # Controls whether to obtain production or staging certificates from Let's Encrypt. | ||||
| # If you'd like to use another ACME Certificate Authority server (not Let's Encrypt), use `matrix_ssl_lets_encrypt_server` | ||||
| matrix_ssl_lets_encrypt_staging: false | ||||
|  | ||||
| # Controls from which Certificate Authority server to retrieve the SSL certificates (passed as a `--server` flag to Certbot). | ||||
| # By default, we use the Let's Encrypt production environment (use `matrix_ssl_lets_encrypt_staging` for using the staging environment). | ||||
| # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server | ||||
| matrix_ssl_lets_encrypt_server: '' | ||||
|  | ||||
| matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.21.0" | ||||
| matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" | ||||
| matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 | ||||
|   | ||||
| @@ -42,6 +42,7 @@ | ||||
|     --non-interactive | ||||
|     --work-dir=/tmp | ||||
|     --http-01-port 8080 | ||||
|     {% if matrix_ssl_lets_encrypt_server %}--server={{ matrix_ssl_lets_encrypt_server|quote }}{% endif %} | ||||
|     {% if matrix_ssl_lets_encrypt_staging %}--staging{% endif %} | ||||
|     --standalone | ||||
|     --preferred-challenges http | ||||
| @@ -70,6 +71,7 @@ | ||||
|     --non-interactive | ||||
|     --work-dir=/tmp | ||||
|     --http-01-port 8080 | ||||
|     {% if matrix_ssl_lets_encrypt_server %}--server={{ matrix_ssl_lets_encrypt_server|quote }}{% endif %} | ||||
|     {% if matrix_ssl_lets_encrypt_staging %}--staging{% endif %} | ||||
|     --standalone | ||||
|     --preferred-challenges http | ||||
|   | ||||
| @@ -8,6 +8,7 @@ | ||||
|     name: "{{ item.key }}" | ||||
|     state: stopped | ||||
|   with_dict: "{{ ansible_facts.services|default({})|dict2items|selectattr('key', 'match', 'matrix-synapse-worker-.+\\.service')|list|items2dict }}" | ||||
|   when: "item.value['status'] != 'not-found'" # see https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1461 | ||||
|  | ||||
| - name: Find worker configs to be cleaned | ||||
|   find: | ||||
|   | ||||
		Reference in New Issue
	
	Block a user