* feat: support container_network=host across all roles + systemd templates
Mirror the pattern Slavi introduced for matrix-coturn (aafa8f0) across the
fork: every 'Ensure X container network is created' task gets a
'when: <var> not in ["", "host"]' guard so MDAD does not try to
docker_network create a network literally named 'host' (returns 403,
since host is a pre-defined Docker network).
Mirror the same guard in every systemd unit template that does
'ExecStartPre=docker network connect <addnet> <container>' loops over
matrix_<role>_container_additional_networks: skip the connects when the
container is on host networking (where additional --network attaches
are invalid).
Unblocks DiD setups where MDAD-managed containers share their host's
network namespace (matrix-mdad outer compose service joined to central
postgres/openldap networks) to reach external services on the outer
Docker daemon.
* Simplify container network guards (!= 'host') and fix duplicate when
Guarding on the empty string ('') as well was misleading: systemd unit
templates still render an unconditional --network= flag, so an empty
network value produces a broken docker create command. Only 'host' is
actually supported, so only guard on that. This also matches the
existing convention in the Traefik role
(when: traefik_container_network != 'host').
Also fix a duplicate when key in the meshtastic-relay role, where the
network-creation task already had a when condition - the two are now
combined into a list.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
---------
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Co-authored-by: Claude Fable 5 <noreply@anthropic.com>
* Update D4A Configuration
D4A had some breaking config changes so this commit fixes them and gets us back into compliance with upstream. And since we run in a docker container we can use the /data/storage default.
* Update D4A Configuration to harmonise with bot mode
Change the default config for D4A to align with bot mode default in mdad. This should also avert a bit of a mess of a potential bug.
* Change D4A Room State Backing Store variable name and fix SPDX Headers
* Align D4A config with new schema
* Fix D4A Config Lint Error
* Update D4A SPDX Entries
* Do not use double quotes around `to_json` values
---------
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
* Draupnir 2.0.0
The config getting changes all over the place is because of 2.0 having removed a lot of config options due to the code being removed.
* Update Draupnir Documentation to reflect state as of 2.0.0
* Apply Review Feedback
Co-authored-by: Suguru Hirahara <luixxiul@users.noreply.github.com>
* Change Room IDs found in code review to not conform to playbook standard.
Co-authored-by: Suguru Hirahara <luixxiul@users.noreply.github.com>
* Further Integrate Code Review Feedback
* Apply remaining suggestions from code review.
Co-authored-by: Suguru Hirahara <luixxiul@users.noreply.github.com>
* Apply Configuration Review Feedback
Co-authored-by: Suguru Hirahara <luixxiul@users.noreply.github.com>
* Add Self Registration and Native Login to Draupnir
* Rework Draupnir Documentation to Remove Pantalaimon
* Set bot.draupnir as default username for the bot in config
* Draupnir 2.0.1
* Integrate Review Feedback on Structure of Docs
Co-authored-by: Suguru Hirahara <luixxiul@users.noreply.github.com>
* Further Restructure Docs and tweak variables in response.
* Only auto-create draupnir user if a password has been set
The Draupnir role supports configuring it with either an access token or with a password.
When a password is not assigned (which means the access token mode is used), the user is to be created manually.
* Add ensure-matrix-users-created tag
Now that the Draupnir user may be auto-created in certain configurations (if a password is assigned), it's useful to have the tag there.
---------
Co-authored-by: Suguru Hirahara <luixxiul@users.noreply.github.com>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
* Draupnir for all Role
* Draupnir for all Documentation
* Pin D4A to Develop until D4A patches are in a release.
* Update D4A Docs to mention pros and cons of D4A mode compared to normal
* Change Documentation to mention a fixed simpler provisioning flow.
Use of /plain allows us to bypass the bugs encountered during the development of this role with clients attempting to escape our wildcards causing the grief that led to using curl.
This reworded commit does still explain you can automatically inject stuff into the room if you wanted to.
* Emphasise the State of D4A mode
* Link to Draupnir-for-all docs and tweak the docs some
* Link to Draupnir-for-all from Draupnir documentation page
* Announce Draupnir-for-all
---------
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
Kevin Veen-Birkenbach
Catalan Lover
Slavi Pantaleev
Suguru Hirahara