3
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-10-26 01:53:24 +00:00
Commit Graph

48 Commits

Author SHA1 Message Date
Slavi Pantaleev
bf0918ae58 Merge branch 'master' into patch-2 2025-03-05 08:29:35 +02:00
Suguru Hirahara
c18fc93a22 Update validate_config.yml files: edit the banner message for variables name
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2025-03-05 13:30:50 +09:00
Suguru Hirahara
c385bee7af Re-run "reuse annotate" to sort statements
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2025-03-05 12:43:41 +09:00
Slavi Pantaleev
c47eca389b Rework all roles to include component_(docker|container)_image_registry_prefix* variables
This:

- brings consistency - no more mixing `_name_prefix` and `_registry_prefix`
- adds extensibility - a future patch will allow reconfiguring all registry prefixes for all roles in the playbook

We still have `_docker_` vs `_container_` inconsistencies.
These may be worked on later.
2025-02-24 11:38:47 +02:00
Slavi Pantaleev
d6bf789710 Remove matrix_container_global_registry_prefix variable
This is done for a few reasons:

- less globals and more indepdendence for each role is better. We rely
  on various externally-hosted roles and they don't rely on this global
  either.

- `matrix_container_global_registry_prefix` could make people think they
  could just override this variable and have all their images pull from
  elsewhere. This is rarely the case, unless you've taken special care
  to mirror all the various components (from their respective
  registries) to your own. In such a case, you probably know what you're
  mirroring and can adjust individual variables.

- nowadays, various components live on different registries.
  With Docker Inc tightening rate limits for Docker Hub, it's even more
  likely that we'll see increased diversity in where images are hosted
2025-02-23 10:15:41 +02:00
Slavi Pantaleev
7249274511 Merge pull request #4092 from luixxiul/tribute-to-mx-bridges
Add license information to files for MX bridges
2025-02-23 08:11:55 +02:00
Suguru Hirahara
807da74334 Add license information to files for MX bridges
As the future for the MX bridges in this playbook and by themselves seems uncertain, this commit adds license information in SPDX format to the files for those bridges, before the bridges would be deprecated and possibly get removed from the project.

Please note that .license files are added for the files which would be broken if such information are added as header, following the REUSE's specification.

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2025-02-23 13:33:30 +09:00
Slavi Pantaleev
d12643eb91 Do not use docker stop --time (deprecated in Docker v28 in favor of --timeout or just -t)
`-t` works on both old and new Docker versions, so it's best to use that.
2025-02-22 21:42:18 +02:00
Suguru Hirahara
f0cc5da229 Edit user identifier examples: to @alice and @bob
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2024-12-09 14:40:41 +09:00
Suguru Hirahara
d8a638f518 Update roles/custom/matrix-bridge-mx-puppet-*: fix domain names and use same comments
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2024-10-19 14:03:44 +09:00
Suguru Hirahara
9089963fa8 Replace server.com with example.com
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2024-10-18 04:02:45 +09:00
Suguru Hirahara
ff4155e033 Replace yourserver.com with example.com
Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2024-10-18 04:02:31 +09:00
Slavi Pantaleev
ec5e379672 Update old references to com.devture.ansible.role.postgres & com.devture.ansible.role.traefik
Provoked by https://github.com/mother-of-all-self-hosting/mash-playbook/pull/280
2024-10-07 08:46:33 +03:00
Slavi Pantaleev
8445843562 Switch postgres/postgres-backup Ansible role sources and adjust variable names (devture_postgres_ -> postgres_) 2024-09-27 09:37:24 +03:00
David Mehren
c89c356e53 Add a global config option for Docker network MTU (#3502)
* Add a global config option for Docker network MTU

* Upgrade systemd_docker_base (v1.2.0-0 -> v1.3.0-0)

The new version includes `devture_systemd_docker_base_container_networks_driver_options`
due to 3cc7d12396

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3502

* Switch from passing matrix_playbook_docker_network_mtu to respecting devture_systemd_docker_base_container_networks_driver_options

Related to:
- 3cc7d12396
- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3502

* Update all roles to versions that respect `devture_systemd_docker_base_container_networks_driver_options`

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-09-18 16:20:27 +03:00
Slavi Pantaleev
9f2eff2ac7 Respect devture_systemd_docker_base_docker_service_name
Related to 0241c71a4c

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3270#issuecomment-2143782962

With this change, it should be possible for people to adjust the Docker
dependency from `docker.service` to something else (e.g. `pkg-ContainerManager-dockerd.service`),
or to completely eliminate it by setting `devture_systemd_docker_base_docker_service_name` to an empty string.

This makes it easier for people to use the playbook against a Synology DSM server.
2024-06-04 13:14:34 +03:00
Slavi Pantaleev
7891268873 Do not hardcode https:// in all remaining places, refer to matrix_static_files_scheme
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3333
2024-05-25 16:14:26 +03:00
Slavi Pantaleev
3758b0cfeb Squashed commit of the following:
commit cf8637efaca0a0be3609fd6add0dff893a0a9194
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sun Mar 24 19:14:57 2024 +0200

    Make devture_systemd_docker_base_ipv6_enabled automatically reconfigure geerlingguy/ansible-role-docker

    Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3218

commit dc7af3bc7d25f321bf409477d823e43ea8a05803
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sun Mar 24 19:10:31 2024 +0200

    Replace matrix_ipv6_enabled with devture_systemd_docker_base_ipv6_enabled

    Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3218

commit 07e900d6a2
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sun Mar 24 19:01:51 2024 +0200

    Improve matrix_ipv6_enabled comments

commit 3f03ca7f69
Author: Tilo Spannagel <development@tilosp.de>
Date:   Sat Mar 9 19:27:50 2024 +0000

    Add setting to enable ipv6
2024-03-24 19:15:43 +02:00
Slavi Pantaleev
51df34e7ae Ensure each container labels file defines at least one service
Most of these files were defining a service, usually toward the end.
These lines have been moved upward.

Some components (mautrix-signal, mautrix-gmessages, etc.) were defining
a service conditionally (only if metrics are exposed, etc). This was
causing issues like these in the Traefik logs:

> level=error msg="service \"matrix-mautrix-twitter\" error: port is missing" providerName=docker container=matrix-mautrix-twitter-..
2024-01-17 17:56:45 +02:00
Slavi Pantaleev
fe13d7d010 Fix additional-networks connectivity for a few services 2024-01-15 11:13:47 +02:00
Slavi Pantaleev
48a4afb114 Make Traefik labels files look better
This moves the comments from being just in Jinja,
to actually ending up in the generated `labels` file,
which makes inspection of the final result easier.

Also, some new lines were added here and there to make labels
more legible.

The generated file may still include weird new-lines due to
various `if` statements yielding content or not, but that's not so ugly
anymore - now that we have proper start/end sections that are visible in
the final `labels` file.
2024-01-15 10:41:15 +02:00
Slavi Pantaleev
142a307af9 Fix more variable name typos in mx-puppet-twitter
Like 4f9b7ba656.
Regression since 8e8c9cc03.
2024-01-14 21:26:22 +02:00
Slavi Pantaleev
fe38c616c3 Fix variable name typo in matrix-bridge-mx-puppet-twitter 2024-01-14 21:21:11 +02:00
Slavi Pantaleev
75f8a879de Remove matrix_docker_network references from matrix-bridge-mx-puppet-twitter 2024-01-13 17:18:22 +02:00
Slavi Pantaleev
c0308307e2 Make homeserver services sleep after startup, instead of all dependencies sleeping separately
This is an attempt at optimizing service startup.

The effect is most pronounced when many services are restarted one by one.
The systemd service manager role sometimes does this - for example when `just install-service synapse` runs.
In such cases, a 5-second delay for each Synapse worker service
(or other bridge/bot service that waits on the homeserver) quickly adds up to a lot.

When services are all stopped fully and then started, the effect is not so pronounced, because
`matrix-synapse.service` starts first and pulls all worker services (defined as `Wants=` for it).
Later on, when the systemd service manager role "starts" these worker services, they're started already.
Even if they had a 5-second wait each, it would have happened in parallel.
2024-01-12 12:45:18 +02:00
Slavi Pantaleev
ce2f541deb Switch all remaining container volume mounting from -v to --mount
`--mount` is safer, as `-v` has the side-effect of creating the "source"
destination as a directory if it doesn't exist yet.
We don't need such magic.
2024-01-11 12:16:27 +02:00
Slavi Pantaleev
8e8c9cc03b Move matrix-bridge-mx-puppet-twitter to its own container network and add native Traefik support 2024-01-08 17:56:37 +02:00
Slavi Pantaleev
7ec6fd3dfe Make bridges/bots use matrix_addons_homeserver_client_api_url (instead of matrix_homeserver_container_url) 2024-01-07 17:04:23 +02:00
Slavi Pantaleev
2511b34a7c Stop containers gracefully, instead of outright killing them 2023-12-06 11:52:23 +02:00
Samuel Meenzen
c846ed199b Annotate version numbers with renovate metadata 2023-10-06 14:14:03 +02:00
Slavi Pantaleev
6427397486 Do not hardcode sslmode=disable to Postgres connection strings - make it configurable
This is backward-compatible with what we had before. We're not changing
the SSL mode - just making it configurable.

Most components are defaulting to `sslmode=disable`, while some
(`matrix-bot-matrix-reminder-bot` and others) do not specify an `sslmode` at all.

We're making sslmode configurable, because certain external Postgres
servers may be configured to require SSL encryption.
In such cases `sslmode=disable` does not work and needs to be changed to
`sslmode=require` or something else (`verify-ca`, `verify-full`, etc).
2023-08-22 19:40:50 +03:00
Slavi Pantaleev
dddfee16bc Fix all 300+ ansible-lint-reported errors 2023-03-07 17:28:15 +02:00
Slavi Pantaleev
4b111d05d5 Pass devture_postgres_db_migration_request to com.devture.ansible.role.postgres in a cleaner way 2022-11-28 07:44:59 +02:00
Slavi Pantaleev
910cd9adf0 Replace import_role calls with include_role calls 2022-11-27 11:27:01 +02:00
Slavi Pantaleev
2688e8bfc3 Optimize initial installation by not reloading systemd after each .service install
We expect `--tags=start` to handle systemd reloading, so we don't need
to do it manually each time we install/uninstall a .service file.
2022-11-27 10:02:45 +02:00
Slavi Pantaleev
eedf5ad94d Remove some hardcoded matrix-postgres references 2022-11-27 08:23:43 +02:00
Slavi Pantaleev
04b9483f0d Switch from matrix-postgres to com.devture.ansible.role.postgres 2022-11-27 08:04:31 +02:00
Slavi Pantaleev
a04f6f4e3d Optimize uninstall tasks a bit
- forego removing Docker images - it's not effective anyway, because it
  only removes the last version.. which is a drop in the bucket, usually

- do not reload systemd - it's none of our business. `--tags=start`,
  etc., handle this

- combine all uninstall tasks under a single block, which only runs if
  we detect traces (a leftover systemd .service file) of the component.
  If no such .service is detected, we skip them all. This may lead to
  incorect cleanup in rare cases, but is good enough for the most part.
2022-11-25 17:28:57 +02:00
Slavi Pantaleev
61f67d8f0a Add install-* tags for quicker runs 2022-11-25 16:02:51 +02:00
Slavi Pantaleev
7c2a7a8eb6 Replace most import_tasks calls with include_tasks for improved performance 2022-11-24 11:33:45 +02:00
Slavi Pantaleev
07c23b7cb0 Remove matrix_synapse_role_executed and various tasks that check it
This was useful when the order of these roles in relation to Synapse
mattered (when we were injecting stuff into Synapse variables during
runtime). This is no longer the case since 0ea7cb5d18, so all of
this can be removed.
2022-11-23 16:13:07 +02:00
Slavi Pantaleev
735bacca89 Do not run matrix-nginx-proxy config injection tasks unless necessary
These `init.yml` (now `inject_into_nginx_proxy.yml`) tasks do not need
to `always` run. They only need to run for `setup-all` and
`setup-nginx-proxy`. Unless we're dealing with these 2 tags, we can
spare ourselves a lot of work.

This patch also moves the `when` statement from `init.yml` into
`main.yml` in an effort to further optimize things by potentially
avoiding the extra file include.
2022-11-23 15:52:58 +02:00
Slavi Pantaleev
0ea7cb5d18 Remove various init.yml files - initialize systemd services, etc., statically (not at runtime) 2022-11-23 11:45:46 +02:00
Slavi Pantaleev
d3bd1ca024 matrix_*_retries_{count,delay} -> devture_playbook_help_*_retries_{count,delay} 2022-11-04 16:44:29 +02:00
Slavi Pantaleev
7086c0ebe3 matrix_host_command_sh -> devture_systemd_docker_base_host_command_sh (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:40:25 +02:00
Slavi Pantaleev
a9a81460ec matrix_host_command_docker -> devture_systemd_docker_base_host_command_docker (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:39:35 +02:00
Slavi Pantaleev
f03f716989 matrix_systemd_unit_home_path -> devture_systemd_docker_base_systemd_unit_home_path (via com.devture.ansible.role.systemd_docker_base) 2022-11-04 16:37:47 +02:00
Slavi Pantaleev
410a915a8a Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.
2022-11-03 09:11:29 +02:00