cqrenet/matrix-docker-ansible-deploy
4
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-05-17 19:18:57 +00:00
Code Issues Wiki Activity
Files
create-pull-request/i18n
matrix-docker-ansible-deploy/roles/custom/matrix-tuwunel/tasks/validate_config.yml
Slavi Pantaleev 8c87f68d5b matrix-tuwunel: adjust SPDX year ranges to 2025 - 2026 
Files in this role were ported from matrix-continuwuity (which carries
2025 attribution), so the year range should reflect that the underlying
content predates 2026.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/5200.
2026-05-07 17:01:55 +03:00

45 lines
2.2 KiB
YAML
Raw Permalink Blame History

# SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors
# SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Fail if required tuwunel settings not defined
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_tuwunel_hostname', when: true}
- {'name': 'matrix_tuwunel_container_network', when: true}
- {'name': 'matrix_tuwunel_container_labels_internal_client_api_traefik_entrypoints', when: "{{ matrix_tuwunel_container_labels_internal_client_api_enabled }}"}
- name: Fail if registration is enabled without a token or explicit acknowledgement
ansible.builtin.fail:
msg: >-
`matrix_tuwunel_config_allow_registration` is true, but neither
`matrix_tuwunel_config_registration_token` nor
`matrix_tuwunel_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`
is set. Set a registration token (recommended) or explicitly opt in to open registration.
when: >-
matrix_tuwunel_config_allow_registration | bool
and (matrix_tuwunel_config_registration_token | length == 0)
and not (matrix_tuwunel_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse | bool)
- name: Fail if a storage provider is missing required fields
ansible.builtin.fail:
msg: >-
Storage provider `{{ item.id | default('?') }}` is missing required fields.
Each entry must define both `id` and `kind` (one of: local, s3).
when: "(item.id | default('') | length == 0) or (item.kind | default('') not in ['local', 's3'])"
with_items: "{{ matrix_tuwunel_config_storage_providers }}"
- name: Fail if an identity provider is missing required fields
ansible.builtin.fail:
msg: >-
Identity provider entry is missing both `client_id` and `brand`.
At minimum one of these is required for tuwunel to identify the provider.
when: "(item.client_id | default('') | length == 0) and (item.brand | default('') | length == 0)"
with_items: "{{ matrix_tuwunel_config_identity_providers }}"
Reference in New Issue View Git Blame Copy Permalink