3
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-10-24 17:13:23 +00:00
Commit Graph

41 Commits

Author SHA1 Message Date
Slavi Pantaleev
51e961ce9f Add matrix_user_shell and default it to /sbin/nologin
This is a backward-incompatible change. By default, Ansible creates
users with (e.g.) `/bin/sh` on Linux, so changing to a no shell
leads to different behavior.

That said, it appears that using a shell-less user works OK with regard
to Ansible execution and starting the systemd services/containers later on.
2025-04-29 10:39:41 +03:00
Slavi Pantaleev
3ee7deb2d7 Rename variable (matrix_user_groupname -> matrix_group_name) 2025-04-29 10:39:41 +03:00
Slavi Pantaleev
9fc5cdab33 Rename variable (matrix_user_username -> matrix_user_name) 2025-04-29 10:39:41 +03:00
Slavi Pantaleev
a59383fcc7 Add matrix_group_system to configure whether the matrix group is also created as a system group
We create the `matrix` user as a system user (smaller uid), so it makes
sense to do the same for the `matrix` group.
2025-04-29 10:39:41 +03:00
Slavi Pantaleev
14aef55573 Add matrix_user_system variable for controlling if matrix user is created as a system user
This defaults to `true`, as before.
2025-04-29 10:39:41 +03:00
Virkkunen
bd405c410a Add continuwuity support (#4267)
* continuwuity support

* continuwuity support

* use main instead of commit tag

* fix docker image link

* migration from conduwuit

* fix yaml lint

* backup directories and linter fixes

* linter fixes
2025-04-26 09:12:53 +03:00
Suguru Hirahara
c18fc93a22 Update validate_config.yml files: edit the banner message for variables name
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2025-03-05 13:30:50 +09:00
Suguru Hirahara
c6babc1202 Add license information to files in matrix-base
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2025-03-03 17:57:17 +09:00
Slavi Pantaleev
d6bf789710 Remove matrix_container_global_registry_prefix variable
This is done for a few reasons:

- less globals and more indepdendence for each role is better. We rely
  on various externally-hosted roles and they don't rely on this global
  either.

- `matrix_container_global_registry_prefix` could make people think they
  could just override this variable and have all their images pull from
  elsewhere. This is rarely the case, unless you've taken special care
  to mirror all the various components (from their respective
  registries) to your own. In such a case, you probably know what you're
  mirroring and can adjust individual variables.

- nowadays, various components live on different registries.
  With Docker Inc tightening rate limits for Docker Hub, it's even more
  likely that we'll see increased diversity in where images are hosted
2025-02-23 10:15:41 +02:00
Virkkunen
be586f0f30 initial conduwuit support 2025-01-19 16:06:37 +02:00
Suguru Hirahara
90cfdabb2b Replace DOMAIN with example.com
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2024-10-18 04:02:02 +09:00
Slavi Pantaleev
4ae2e95772 Add validation task for potential conflict between mautrix-instagram and mautrix-meta-instagram
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3138 and 367af472ea
2024-02-19 10:34:09 +02:00
Slavi Pantaleev
f4f3d57520 Remove all traces of matrix-nginx-proxy, add validation & uninstallation tasks 2024-01-14 18:42:14 +02:00
Slavi Pantaleev
49066d41a9 Deprecate matrix_docker_network 2024-01-13 17:49:38 +02:00
Slavi Pantaleev
da48a605bb More progress on matrix-static-files role and cleaning up of matrix-base and matrix-nginx-proxy 2024-01-03 13:46:25 +02:00
Slavi Pantaleev
065b70203d [WIP] Initial work on matrix-static-files role 2024-01-03 13:05:59 +02:00
Slavi Pantaleev
4a6287c528 Initial work on matrix-homeserver-proxy role and eliminating matrix-nginx-proxy
This is still very far from usable.

Various bridges and bots are still talking to
`matrix-nginx-proxy` instead of the new `matrix-homeserver-proxy` role.
These services need to be reworked. While reworking them,
various cleanups are being done as well as adding Traefik-labels to
those that need them.
2024-01-02 16:07:40 +02:00
Slavi Pantaleev
dddfee16bc Fix all 300+ ansible-lint-reported errors 2023-03-07 17:28:15 +02:00
Slavi Pantaleev
71ae825f6a Switch default reverse-proxy to Traefik, force reverse-proxy choice on existing users 2023-02-26 16:14:05 +02:00
Jayesh Nirve
6939a3d6d3 fix: only add element related entries to client well-known if element is enabled (#2453)
* fix: only add element related entries to client well-known if element is enabled

* Fix matrix-base/defaults/main.yml syntax

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2023-02-13 08:36:20 +02:00
Slavi Pantaleev
8309a21303 Rename reverse proxy types and fix Hookshot http/https urlPrefix issue 2023-02-11 08:44:11 +02:00
Slavi Pantaleev
28d2eb593c Add matrix_playbook_reverse_proxy_type variable which influences all other services 2023-02-10 16:04:34 +02:00
Slavi Pantaleev
707e909b9b /usr/local/bin/matrix-ssl-lets-encrypt-certificates-renew -> /matrix/ssl/bin/lets-encrypt-certificates-renew 2022-11-27 09:53:23 +02:00
Slavi Pantaleev
fb86f6d5e7 /usr/local/bin/matrix-remove-all -> /matrix/bin/remove-all 2022-11-27 09:47:02 +02:00
Slavi Pantaleev
61f67d8f0a Add install-* tags for quicker runs 2022-11-25 16:02:51 +02:00
Slavi Pantaleev
9c0cf5481a Try to be more helpful when matrix_homeserver_generic_secret_key appears to be undefined 2022-11-24 18:42:01 +02:00
Slavi Pantaleev
d29b0aeddb Replace even more import_tasks calls with include_tasks 2022-11-24 15:19:42 +02:00
Slavi Pantaleev
787a82d6e8 Combine matrix user/group set_fact calls into one 2022-11-23 17:07:52 +02:00
Slavi Pantaleev
4d881477a3 Add matrix_homeserver_enabled variable
We need this to control whether `('matrix-' + matrix_homeserver_implementation + '.service')`
would get injected into `devture_systemd_service_manager_services_list_auto`
2022-11-23 16:56:39 +02:00
Slavi Pantaleev
d829884642 Remove some old checks 2022-11-23 14:59:05 +02:00
Slavi Pantaleev
b90956069c Fix matrix_architecture sanity check 2022-11-22 09:25:29 +02:00
Slavi Pantaleev
2ad6bd87c7 Determine matrix_architecture automatically 2022-11-22 09:22:56 +02:00
Slavi Pantaleev
a98f249e40 Remove old cleanup tasks 2022-11-22 09:02:37 +02:00
Slavi Pantaleev
d8f2141eb0 Install Docker via geerlingguy.docker Galaxy role 2022-11-22 09:01:26 +02:00
Warren Bailey
84c74136ea Provision extra Jitsi JVB services on additional hosts (#2166)
* Add task to configure a standalone JVB on a different server

* add missing file

* set nginx config

* update prosody file and expose port 5222

* change variable name to server id

* formatting change

* use server id of jvb-1 for the main server

* adding documentation

* adding more jvbs

* rename variable

* revert file

* fix yaml error

* minor doc fixes

* renaming tags and introducing a common tag

* remove duplicates

* add mapping for jvb to hostname/ip

* missed a jvb_server

* Update roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* PR review comments and additional documentation

* iterate on dict items

* Update docs/configuring-playbook-jitsi.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update docs/configuring-playbook-jitsi.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update docs/configuring-playbook-jitsi.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update docs/configuring-playbook-jitsi.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update docs/configuring-playbook-jitsi.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update docs/configuring-playbook-jitsi.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update docs/configuring-playbook-jitsi.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* adding documentation around the xmpp setting

* add common after

* reduce the number of services during init of the additional jvb

* remove rogue i

* revert change to jitsi init as it's needed

* only run the jvb service on the additional jvb host

* updating docs

* reset default and add documentation about the websocket port

* fix issue rather merge with master

* add missing role introduced in master

* this role is required too

* Adding new jitsi jvb playbook, moving setup.yml to matrix.yml and creating soft link

* updating documentation

* revert accidental change to file

* add symlink back to roles to aid running of the jitsi playbook

* Remove extra space

* Delete useless playbooks/roles symlink

* Remove blank lines

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2022-11-18 14:00:27 +02:00
Slavi Pantaleev
663f0bc5ef Install openssl using ansible.builtin.package, not using a distro-specific package manager module
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228
2022-11-05 12:10:59 +02:00
Slavi Pantaleev
2473cd655b Include ensure_openssl_installed and ensure_fuse_installed utils in a more reliable way
This fixes a regression since the change done in c1c152f7ac.
When another role (say `matrix-jitsi`) included `roles/custom/matrix-base/tasks/util/ensure_openssl_installed.yml`,
which then included `{{ role_path }}/tasks/util/ensure_openssl_installed_DISTRO.yml`,
that `role_path` variable would end up being the parent role
(`matrix-jitsi`) and not the `matrix-base` role, so we'd get a failure.

An alternative solution may have been to avoid using `role_path`, but
importing roles properly (like we've done in this patch) sounds like a better way.

Unfortunately, `import_role` fails if `tasks_from` is something like
`util/ensure_openssl_installed` (containing a `/`), so I had to move
these utils out of `util/`.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228
2022-11-05 09:18:58 +02:00
Slavi Pantaleev
c1c152f7ac Include potentially distro-specific tasks at runtime
This avoids Ansible trying to ensure `community.general.pacman` is
available, even if that module will never run (because `when` says so).

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2228
2022-11-05 08:31:22 +02:00
Slavi Pantaleev
04c6c11561 Install ntpd/systemd-timesync via com.devture.ansible.role.timesync 2022-11-04 16:34:23 +02:00
Slavi Pantaleev
c3a7237de7 Initial work on using externally defined roles 2022-11-04 14:58:28 +02:00
Slavi Pantaleev
410a915a8a Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.
2022-11-03 09:11:29 +02:00