mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2026-06-30 15:31:18 +00:00
cksit
ee1cd217a8
Adds optional support for running the playbook on Synology DSM 7+, detected automatically via /etc/synoinfo.conf so that non-Synology hosts are unaffected. Includes DSM-native user/group management (synouser/synogroup), a requests version constraint for Docker SDK compatibility, and a boot-fix service that re-shares the volume mount and starts matrix services skipped by DSM's boot ordering. The shared-mount volume path is configurable via matrix_base_synology_volume_path, and the make-shared step only runs when the volume is not already shared. Co-authored-by: CKSit <sitchiuki@gmail.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
70 lines
2.5 KiB
YAML
70 lines
2.5 KiB
YAML
# SPDX-FileCopyrightText: 2026 Chiu Ki Sit
|
|
#
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
---
|
|
|
|
- name: Fail if matrix_synology_user_password is not set
|
|
ansible.builtin.fail:
|
|
msg: >-
|
|
You must set `matrix_synology_user_password` to a non-empty value in your vars.yml.
|
|
This password secures the Matrix service account on Synology DSM.
|
|
The account is created as expired so the password cannot be used to log in.
|
|
when: matrix_synology_user_password == '' or matrix_synology_user_password is none
|
|
|
|
- name: Check if Matrix user exists (Synology)
|
|
ansible.builtin.command: id {{ matrix_user_name }}
|
|
register: matrix_user_check
|
|
changed_when: false
|
|
failed_when: false
|
|
|
|
# Created with expired=1 (cannot log in)
|
|
# as this is a service account. If you pre-create the user, you are responsible
|
|
# for securing it; the playbook will not modify an existing account's settings.
|
|
- name: Ensure Matrix user is created (Synology)
|
|
ansible.builtin.command: >
|
|
/usr/syno/sbin/synouser --add {{ matrix_user_name }}
|
|
"{{ matrix_synology_user_password }}" "{{ matrix_user_name }}" 1 "" 0
|
|
when: matrix_user_check.rc != 0
|
|
changed_when: true
|
|
no_log: true
|
|
|
|
- name: Ensure Matrix user password is up to date (Synology)
|
|
ansible.builtin.command: /usr/syno/sbin/synouser --setpw {{ matrix_user_name }} "{{ matrix_synology_user_password }}"
|
|
when: matrix_user_check.rc == 0
|
|
changed_when: false
|
|
no_log: true
|
|
|
|
- name: Check if Matrix group exists (Synology)
|
|
ansible.builtin.command: /usr/syno/sbin/synogroup --get {{ matrix_group_name }}
|
|
register: matrix_group_check
|
|
changed_when: false
|
|
failed_when: false
|
|
|
|
- name: Ensure Matrix group is created (Synology)
|
|
ansible.builtin.command: /usr/syno/sbin/synogroup --add {{ matrix_group_name }} {{ matrix_user_name }}
|
|
when: matrix_group_check.rc != 0
|
|
changed_when: true
|
|
|
|
- name: Get Matrix user UID (Synology)
|
|
ansible.builtin.command: id -u {{ matrix_user_name }}
|
|
register: matrix_user_uid_result
|
|
changed_when: false
|
|
|
|
- name: Get Matrix group info (Synology)
|
|
ansible.builtin.command: /usr/syno/sbin/synogroup --get {{ matrix_group_name }}
|
|
register: matrix_synogroup_result
|
|
changed_when: false
|
|
|
|
- name: Initialize matrix_user_uid and matrix_user_gid
|
|
ansible.builtin.set_fact:
|
|
matrix_user_uid: "{{ matrix_user_uid_result.stdout }}"
|
|
matrix_user_gid: >-
|
|
{{
|
|
matrix_synogroup_result.stdout_lines
|
|
| select('match', '^Group ID:')
|
|
| first
|
|
| regex_search('\[(\d+)\]', '\1')
|
|
| first
|
|
}}
|