Wm Salt Hale
2 years ago
committed by
GitHub
commit
ad8d4740a7
@ -0,0 +1,55 @@
|
||||
# Setting up Honoroit (optional)
|
||||
|
||||
The playbook can install and configure [Honoroit](https://gitlab.com/etke.cc/honoroit) for you.
|
||||
|
||||
It's a bot you can use to setup **your own helpdesk on matrix**
|
||||
|
||||
See the project's [documentation](https://gitlab.com/etke.cc/honoroit#how-it-looks-like) to learn what it does with screenshots and why it might be useful to you.
|
||||
|
||||
|
||||
## Registering the bot user
|
||||
|
||||
By default, the playbook will set up the bot with a username like this: `@honoroit:DOMAIN`.
|
||||
|
||||
(to use a different username, adjust the `matrix_bot_honoroit_login` variable).
|
||||
|
||||
You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md):
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=honoroit password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
|
||||
```
|
||||
|
||||
Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`.
|
||||
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
|
||||
|
||||
```yaml
|
||||
matrix_bot_honoroit_enabled: true
|
||||
|
||||
# Adjust this to whatever password you chose when registering the bot user
|
||||
matrix_bot_honoroit_password: PASSWORD_FOR_THE_BOT
|
||||
|
||||
# Adjust this to your room ID
|
||||
matrix_bot_honoroit_roomid: "!yourRoomID:DOMAIN"
|
||||
```
|
||||
|
||||
|
||||
## Installing
|
||||
|
||||
After configuring the playbook, run the [installation](installing.md) command again:
|
||||
|
||||
```
|
||||
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
||||
```
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
To use the bot, invite the `@honoroit:DOMAIN` to the room you specified in config, after that any matrix user can send a message to the `@honoroit:DOMAIN` to start a new thread in that room.
|
||||
|
||||
Send `!ho help` to the room to see the bot's help menu for additional commands.
|
||||
|
||||
You can also refer to the upstream [documentation](https://gitlab.com/etke.cc/honoroit#features).
|
||||
@ -0,0 +1,35 @@
|
||||
# Setting up Mautrix Twitter (optional)
|
||||
|
||||
**Note**: bridging to [Twitter](https://twitter.com/) can also happen via the [mx-puppet-twitter](configuring-playbook-bridge-mx-puppet-twitter.md) bridge supported by the playbook.
|
||||
|
||||
The playbook can install and configure [mautrix-twitter](https://github.com/mautrix/twitter) for you.
|
||||
|
||||
See the project's [documentation](https://github.com/mautrix/twitter) to learn what it does and why it might be useful to you.
|
||||
|
||||
```yaml
|
||||
matrix_mautrix_twitter_enabled: true
|
||||
```
|
||||
|
||||
|
||||
## Set up Double Puppeting
|
||||
|
||||
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
|
||||
|
||||
### Method 1: automatically, by enabling Shared Secret Auth
|
||||
|
||||
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
|
||||
|
||||
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
|
||||
|
||||
### Method 2: manually, by asking each user to provide a working access token
|
||||
|
||||
This method is currently not available for the Mautrix-Twitter bridge, but is on the [roadmap](https://github.com/mautrix/twitter/blob/master/ROADMAP.md) under Misc/Manual login with `login-matrix`
|
||||
|
||||
## Usage
|
||||
|
||||
1. You then need to start a chat with `@twitterbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
|
||||
2. Send login-cookie to start the login. The bot should respond with instructions on how to proceed.
|
||||
|
||||
You can learn more here about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/twitter/authentication.html).
|
||||
|
||||
After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so.
|
||||
@ -0,0 +1,21 @@
|
||||
# Configuring Cinny (optional)
|
||||
|
||||
This playbook can install the [cinny](https://github.com/ajbura/cinny) Matrix web client for you.
|
||||
cinny is a web client focusing primarily on simple, elegant and secure interface.
|
||||
cinny can be installed alongside or instead of Element.
|
||||
|
||||
If you'd like cinny to be installed, add the following to your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
|
||||
|
||||
```yaml
|
||||
matrix_client_cinny_enabled: true
|
||||
```
|
||||
|
||||
You will also need to add a DNS record so that cinny can be accessed.
|
||||
By default cinny will use https://cinny.DOMAIN so you will need to create an CNAME record
|
||||
for `cinny`. See [Configuring DNS](configuring-dns.md).
|
||||
|
||||
If you would like to use a different domain, add the following to your configuration file (changing it to use your preferred domain):
|
||||
|
||||
```yaml
|
||||
matrix_server_fqn_cinny: "app.{{ matrix_domain }}"
|
||||
```
|
||||
File diff suppressed because it is too large
Load Diff
@ -1 +1,6 @@
|
||||
matrix_awx_enabled: true
|
||||
|
||||
# Defaults for 'Customise Website + Access Export' template
|
||||
awx_sftp_auth_method: 'Disabled'
|
||||
awx_sftp_password: ''
|
||||
awx_sftp_public_key: ''
|
||||
|
||||
@ -1,8 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Rename synapse presence variable
|
||||
delegate_to: 127.0.0.1
|
||||
replace:
|
||||
path: "/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml"
|
||||
regexp: 'matrix_synapse_use_presence'
|
||||
replace: 'matrix_synapse_presence_enabled'
|
||||
@ -0,0 +1,26 @@
|
||||
---
|
||||
|
||||
- name: Rename synapse presence variable
|
||||
delegate_to: 127.0.0.1
|
||||
replace:
|
||||
path: "/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml"
|
||||
regexp: 'matrix_synapse_use_presence'
|
||||
replace: 'matrix_synapse_presence_enabled'
|
||||
|
||||
- name: Generate matrix_homeserver_generic_secret_key variable
|
||||
delegate_to: 127.0.0.1
|
||||
command: |
|
||||
openssl rand -hex 16
|
||||
register: generic_secret
|
||||
no_log: True
|
||||
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
|
||||
|
||||
- name: Add new matrix_homeserver_generic_secret_key variable
|
||||
delegate_to: 127.0.0.1
|
||||
lineinfile:
|
||||
path: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
|
||||
line: "matrix_homeserver_generic_secret_key: {{ generic_secret.stdout }}"
|
||||
insertbefore: '# Basic Settings End'
|
||||
mode: '0600'
|
||||
state: present
|
||||
when: ( matrix_homeserver_generic_secret_key is undefined ) or ( matrix_homeserver_generic_secret_key | length == 0 )
|
||||
@ -0,0 +1,23 @@
|
||||
|
||||
# This is for both CentOS 7 and 8
|
||||
- name: Ensure fuse installed (CentOS)
|
||||
yum:
|
||||
name:
|
||||
- fuse
|
||||
state: latest
|
||||
when: ansible_distribution == 'CentOS'
|
||||
|
||||
# This is for both Debian and Raspbian
|
||||
- name: Ensure fuse installed (Debian/Raspbian)
|
||||
apt:
|
||||
name:
|
||||
- fuse
|
||||
state: latest
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Ensure fuse installed (Archlinux)
|
||||
pacman:
|
||||
name:
|
||||
- fuse3
|
||||
state: latest
|
||||
when: ansible_distribution == 'Archlinux'
|
||||
@ -1,9 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Fail if required Matrix Base settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using this playbook.
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_homeserver_container_url"
|
||||
@ -1,3 +1,3 @@
|
||||
# This will contain a list of enabled services that the playbook is managing.
|
||||
# Each component is expected to append its service name to this list.
|
||||
matrix_systemd_services_list: []
|
||||
matrix_systemd_services_list: []
|
||||
|
||||
@ -0,0 +1,103 @@
|
||||
# honoroit is a helpdesk bot
|
||||
# See: https://gitlab.com/etke.cc/honoroit
|
||||
|
||||
matrix_bot_honoroit_enabled: true
|
||||
|
||||
matrix_bot_honoroit_container_image_self_build: false
|
||||
matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git"
|
||||
matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
|
||||
|
||||
matrix_bot_honoroit_version: v0.9.2
|
||||
matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}"
|
||||
matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
||||
matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_bot_honoroit_base_path: "{{ matrix_base_data_path }}/honoroit"
|
||||
matrix_bot_honoroit_config_path: "{{ matrix_bot_honoroit_base_path }}/config"
|
||||
matrix_bot_honoroit_data_path: "{{ matrix_bot_honoroit_base_path }}/data"
|
||||
matrix_bot_honoroit_data_store_path: "{{ matrix_bot_honoroit_data_path }}/store"
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_bot_honoroit_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-bot-honoroit.service depends on
|
||||
matrix_bot_honoroit_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-bot-honoroit.service wants
|
||||
matrix_bot_honoroit_systemd_wanted_services_list: []
|
||||
|
||||
|
||||
# Database-related configuration fields.
|
||||
#
|
||||
# To use SQLite, stick to these defaults.
|
||||
#
|
||||
# To use Postgres:
|
||||
# - change the engine (`matrix_bot_honoroit_database_engine: 'postgres'`)
|
||||
# - adjust your database credentials via the `matrix_bot_honoroit_database_*` variables
|
||||
matrix_bot_honoroit_database_engine: 'sqlite'
|
||||
|
||||
matrix_bot_honoroit_sqlite_database_path_local: "{{ matrix_bot_honoroit_data_path }}/bot.db"
|
||||
matrix_bot_honoroit_sqlite_database_path_in_container: "/data/bot.db"
|
||||
|
||||
matrix_bot_honoroit_database_username: 'honoroit'
|
||||
matrix_bot_honoroit_database_password: 'some-password'
|
||||
matrix_bot_honoroit_database_hostname: 'matrix-postgres'
|
||||
matrix_bot_honoroit_database_port: 5432
|
||||
matrix_bot_honoroit_database_name: 'honoroit'
|
||||
|
||||
matrix_bot_honoroit_database_connection_string: 'postgres://{{ matrix_bot_honoroit_database_username }}:{{ matrix_bot_honoroit_database_password }}@{{ matrix_bot_honoroit_database_hostname }}:{{ matrix_bot_honoroit_database_port }}/{{ matrix_bot_honoroit_database_name }}?sslmode=disable'
|
||||
|
||||
matrix_bot_honoroit_storage_database: "{{
|
||||
{
|
||||
'sqlite': matrix_bot_honoroit_sqlite_database_path_in_container,
|
||||
'postgres': matrix_bot_honoroit_database_connection_string,
|
||||
}[matrix_bot_honoroit_database_engine]
|
||||
}}"
|
||||
|
||||
matrix_bot_honoroit_database_dialect: "{{
|
||||
{
|
||||
'sqlite': 'sqlite3',
|
||||
'postgres': 'postgres',
|
||||
}[matrix_bot_honoroit_database_engine]
|
||||
}}"
|
||||
|
||||
|
||||
# The bot's username. This user needs to be created manually beforehand.
|
||||
# Also see `matrix_bot_honoroit_password`.
|
||||
matrix_bot_honoroit_login: "honoroit"
|
||||
|
||||
# The password that the bot uses to authenticate.
|
||||
matrix_bot_honoroit_password: ''
|
||||
|
||||
matrix_bot_honoroit_homeserver: "{{ matrix_homeserver_container_url }}"
|
||||
|
||||
# The room ID where bot will create threads
|
||||
matrix_bot_honoroit_roomid: ''
|
||||
|
||||
# Command prefix
|
||||
matrix_bot_honoroit_prefix: ''
|
||||
|
||||
# Sentry DSN
|
||||
matrix_bot_honoroit_sentry: ''
|
||||
|
||||
# Log level
|
||||
matrix_bot_honoroit_loglevel: ''
|
||||
|
||||
# Text: greetings
|
||||
matrix_bot_honoroit_text_greetings: ''
|
||||
|
||||
# Text: error
|
||||
matrix_bot_honoroit_text_error: ''
|
||||
|
||||
# Text: empty room
|
||||
matrix_bot_honoroit_text_emptyroom: ''
|
||||
|
||||
# Text: done
|
||||
matrix_bot_honoroit_text_done: ''
|
||||
|
||||
# Additional environment variables to pass to the Honoroit container
|
||||
#
|
||||
# Example:
|
||||
# matrix_bot_honoroit_environment_variables_extension: |
|
||||
# HONOROIT_TEXT_DONE=Done
|
||||
matrix_bot_honoroit_environment_variables_extension: ''
|
||||
@ -0,0 +1,3 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
|
||||
when: matrix_bot_honoroit_enabled|bool
|
||||
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_bot_honoroit_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bot-honoroit
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_bot_honoroit_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bot-honoroit
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_bot_honoroit_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-bot-honoroit
|
||||
@ -0,0 +1,92 @@
|
||||
---
|
||||
- set_fact:
|
||||
matrix_bot_honoroit_requires_restart: false
|
||||
|
||||
- block:
|
||||
- name: Check if an SQLite database already exists
|
||||
stat:
|
||||
path: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
|
||||
register: matrix_bot_honoroit_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_bot_honoroit_database_connection_string }}"
|
||||
caller: "{{ role_path|basename }}"
|
||||
engine_variable_name: 'matrix_bot_honoroit_database_engine'
|
||||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-bot-honoroit.service']
|
||||
|
||||
- import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
|
||||
|
||||
- set_fact:
|
||||
matrix_bot_honoroit_requires_restart: true
|
||||
when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists|bool"
|
||||
when: "matrix_bot_honoroit_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure honoroit paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_honoroit_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_honoroit_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_honoroit_data_store_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
|
||||
when: "item.when|bool"
|
||||
|
||||
- name: Ensure honoroit environment variables file created
|
||||
template:
|
||||
src: "{{ role_path }}/templates/env.j2"
|
||||
dest: "{{ matrix_bot_honoroit_config_path }}/env"
|
||||
mode: 0640
|
||||
|
||||
- name: Ensure honoroit image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_honoroit_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_bot_honoroit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_honoroit_docker_image_force_pull }}"
|
||||
when: "not matrix_bot_honoroit_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure honoroit repository is present on self-build
|
||||
git:
|
||||
repo: "{{ matrix_bot_honoroit_docker_repo }}"
|
||||
dest: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
||||
force: "yes"
|
||||
register: matrix_bot_honoroit_git_pull_results
|
||||
when: "matrix_bot_honoroit_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure honoroit image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_honoroit_docker_image }}"
|
||||
source: build
|
||||
force_source: "{{ matrix_bot_honoroit_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_bot_honoroit_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure matrix-bot-honoroit.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-bot-honoroit.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_honoroit_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-bot-honoroit.service restarted, if necessary
|
||||
service:
|
||||
name: "matrix-bot-honoroit.service"
|
||||
state: restarted
|
||||
when: "matrix_bot_honoroit_requires_restart|bool"
|
||||
@ -0,0 +1,36 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-honoroit service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service"
|
||||
register: matrix_bot_honoroit_service_stat
|
||||
|
||||
- name: Ensure matrix-honoroit is stopped
|
||||
service:
|
||||
name: matrix-bot-honoroit
|
||||
state: stopped
|
||||
enabled: no
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure matrix-bot-honoroit.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service"
|
||||
state: absent
|
||||
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Matrix honoroit paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_bot_honoroit_base_path }}"
|
||||
state: absent
|
||||
|
||||
- name: Ensure honoroit Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_honoroit_docker_image }}"
|
||||
state: absent
|
||||
@ -0,0 +1,10 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_honoroit_password"
|
||||
- "matrix_bot_honoroit_roomid"
|
||||
@ -0,0 +1,15 @@
|
||||
HONOROIT_LOGIN={{ matrix_bot_honoroit_login }}
|
||||
HONOROIT_PASSWORD={{ matrix_bot_honoroit_password }}
|
||||
HONOROIT_HOMESERVER={{ matrix_bot_honoroit_homeserver }}
|
||||
HONOROIT_ROOMID={{ matrix_bot_honoroit_roomid }}
|
||||
HONOROIT_DB_DSN={{ matrix_bot_honoroit_database_connection_string }}
|
||||
HONOROIT_DB_DIALECT={{ matrix_bot_honoroit_database_dialect }}
|
||||
HONOROIT_PREFIX={{ matrix_bot_honoroit_prefix }}
|
||||
HONOROIT_SENTRY={{ matrix_bot_honoroit_sentry }}
|
||||
HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }}
|
||||
HONOROIT_TEXT_GREETINGS={{ matrix_bot_honoroit_text_greetings }}
|
||||
HONOROIT_TEXT_ERROR={{ matrix_bot_honoroit_text_error }}
|
||||
HONOROIT_TEXT_EMPTYROOM={{ matrix_bot_honoroit_text_emptyroom }}
|
||||
HONOROIT_TEXT_DONE={{ matrix_bot_honoroit_text_done }}
|
||||
|
||||
{{ matrix_bot_honoroit_environment_variables_extension }}
|
||||
@ -0,0 +1,39 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix helpdesk bot
|
||||
{% for service in matrix_bot_honoroit_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_bot_honoroit_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
DefaultDependencies=no
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-honoroit \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--read-only \
|
||||
--network={{ matrix_docker_network }} \
|
||||
--env-file={{ matrix_bot_honoroit_config_path }}/env \
|
||||
--mount type=bind,src={{ matrix_bot_honoroit_data_path }},dst=/data \
|
||||
{% for arg in matrix_bot_honoroit_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_bot_honoroit_docker_image }}
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-honoroit 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-honoroit 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-bot-honoroit
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
@ -0,0 +1,103 @@
|
||||
# mautrix-twitter is a Matrix <-> Twitter bridge
|
||||
# See: https://github.com/mautrix/twitter
|
||||
|
||||
matrix_mautrix_twitter_enabled: true
|
||||
|
||||
matrix_mautrix_twitter_container_image_self_build: false
|
||||
matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/mautrix/twitter.git"
|
||||
|
||||
matrix_mautrix_twitter_version: v0.1.3
|
||||
# See: https://mau.dev/tulir/mautrix-twitter/container_registry
|
||||
matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}"
|
||||
matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}"
|
||||
matrix_mautrix_twitter_docker_image_force_pull: "{{ matrix_mautrix_twitter_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mautrix_twitter_base_path: "{{ matrix_base_data_path }}/mautrix-twitter"
|
||||
matrix_mautrix_twitter_config_path: "{{ matrix_mautrix_twitter_base_path }}/config"
|
||||
matrix_mautrix_twitter_data_path: "{{ matrix_mautrix_twitter_base_path }}/data"
|
||||
matrix_mautrix_twitter_docker_src_files_path: "{{ matrix_mautrix_twitter_base_path }}/docker-src"
|
||||
|
||||
matrix_mautrix_twitter_homeserver_address: "{{ matrix_homeserver_container_url }}"
|
||||
matrix_mautrix_twitter_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29327'
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mautrix_twitter_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-mautrix-twitter.service depends on.
|
||||
matrix_mautrix_twitter_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-mautrix-twitter.service wants
|
||||
matrix_mautrix_twitter_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mautrix_twitter_appservice_token: ''
|
||||
matrix_mautrix_twitter_homeserver_token: ''
|
||||
|
||||
|
||||
# Database-related configuration fields.
|
||||
#
|
||||
# To use Postgres:
|
||||
# - adjust your database credentials via the `matrix_mautrix_twitter_postgres_*` variables
|
||||
matrix_mautrix_twitter_database_engine: 'postgres'
|
||||
|
||||
matrix_mautrix_twitter_database_username: 'matrix_mautrix_twitter'
|
||||
matrix_mautrix_twitter_database_password: 'some-password'
|
||||
matrix_mautrix_twitter_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_twitter_database_port: 5432
|
||||
matrix_mautrix_twitter_database_name: 'matrix_mautrix_twitter'
|
||||
|
||||
matrix_mautrix_twitter_database_connection_string: 'postgres://{{ matrix_mautrix_twitter_database_username }}:{{ matrix_mautrix_twitter_database_password }}@{{ matrix_mautrix_twitter_database_hostname }}:{{ matrix_mautrix_twitter_database_port }}/{{ matrix_mautrix_twitter_database_name }}'
|
||||
|
||||
matrix_mautrix_twitter_appservice_database: "{{
|
||||
{
|
||||
'postgres': matrix_mautrix_twitter_database_connection_string,
|
||||
}[matrix_mautrix_twitter_database_engine]
|
||||
}}"
|
||||
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mautrix_twitter_login_shared_secret: ''
|
||||
|
||||
matrix_mautrix_twitter_bridge_login_shared_secret_map: "{{ {matrix_mautrix_twitter_homeserver_domain: matrix_mautrix_twitter_login_shared_secret} if matrix_mautrix_twitter_login_shared_secret else {} }}"
|
||||
|
||||
matrix_mautrix_twitter_appservice_bot_username: twitterbot
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mautrix_twitter_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mautrix_twitter_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mautrix_twitter_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mautrix_twitter_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mautrix_twitter_configuration_yaml`.
|
||||
|
||||
matrix_mautrix_twitter_configuration_extension: "{{ matrix_mautrix_twitter_configuration_extension_yaml|from_yaml if matrix_mautrix_twitter_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_twitter_configuration_yaml`.
|
||||
matrix_mautrix_twitter_configuration: "{{ matrix_mautrix_twitter_configuration_yaml|from_yaml|combine(matrix_mautrix_twitter_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mautrix_twitter_registration_yaml: |
|
||||
id: twitter
|
||||
as_token: "{{ matrix_mautrix_twitter_appservice_token }}"
|
||||
hs_token: "{{ matrix_mautrix_twitter_homeserver_token }}"
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '^@twitter_.+:{{ matrix_mautrix_twitter_homeserver_domain|regex_escape }}$'
|
||||
- exclusive: true
|
||||
regex: '^@{{ matrix_mautrix_twitter_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_twitter_homeserver_domain|regex_escape }}$'
|
||||
url: {{ matrix_mautrix_twitter_appservice_address }}
|
||||
# See https://github.com/tulir/mautrix-signal/issues/43
|
||||
sender_localpart: _bot_{{ matrix_mautrix_twitter_appservice_bot_username }}
|
||||
rate_limited: false
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
|
||||
matrix_mautrix_twitter_registration: "{{ matrix_mautrix_twitter_registration_yaml|from_yaml }}"
|
||||
@ -0,0 +1,23 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-twitter.service'] }}"
|
||||
when: matrix_mautrix_twitter_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mautrix_twitter_config_path }}/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mautrix-twitter-registration.yaml"] }}
|
||||
when: matrix_mautrix_twitter_enabled|bool
|
||||
|
||||
# ansible lower than 2.8, does not support docker_image build parameters
|
||||
# for self buildig it is explicitly needed, so we rather fail here
|
||||
- name: Fail if running on Ansible lower than 2.8 and trying self building
|
||||
fail:
|
||||
msg: "To self build Mautrix Twitter image, you should usa ansible 2.8 or higher. E.g. pip contains such packages."
|
||||
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_twitter_container_image_self_build"
|
||||
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mautrix_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-twitter
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mautrix_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-twitter
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mautrix_twitter_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-twitter
|
||||
@ -0,0 +1,88 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mautrix-twitter role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- set_fact:
|
||||
matrix_mautrix_twitter_requires_restart: false
|
||||
|
||||
- name: Ensure Mautrix Twitter image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mautrix_twitter_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mautrix_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_twitter_docker_image_force_pull }}"
|
||||
when: matrix_mautrix_twitter_enabled|bool and not matrix_mautrix_twitter_container_image_self_build
|
||||
|
||||
- name: Ensure Mautrix Twitter paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_mautrix_twitter_base_path }}", when: true }
|
||||
- { path: "{{ matrix_mautrix_twitter_config_path }}", when: true }
|
||||
- { path: "{{ matrix_mautrix_twitter_data_path }}", when: true }
|
||||
- { path: "{{ matrix_mautrix_twitter_docker_src_files_path }}", when: "{{ matrix_mautrix_twitter_container_image_self_build }}" }
|
||||
when: item.when|bool
|
||||
|
||||
- name: Ensure Mautrix Twitter repository is present on self-build
|
||||
git:
|
||||
repo: "{{ matrix_mautrix_twitter_container_image_self_build_repo }}"
|
||||
dest: "{{ matrix_mautrix_twitter_docker_src_files_path }}"
|
||||
# version: "{{ matrix_coturn_docker_image.split(':')[1] }}"
|
||||
force: "yes"
|
||||
register: matrix_mautrix_twitter_git_pull_results
|
||||
when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build"
|
||||
|
||||
- name: Ensure Mautrix Twitter Docker image is built
|
||||
docker_image:
|
||||
name: "{{ matrix_mautrix_twitter_docker_image }}"
|
||||
source: build
|
||||
force_source: "{{ matrix_mautrix_twitter_git_pull_results.changed }}"
|
||||
build:
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_mautrix_twitter_docker_src_files_path }}"
|
||||
pull: yes
|
||||
when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build|bool"
|
||||
|
||||
- name: Ensure mautrix-twitter config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mautrix_twitter_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mautrix_twitter_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mautrix-twitter registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mautrix_twitter_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mautrix_twitter_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mautrix-twitter.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-twitter.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_twitter_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-twitter.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mautrix_twitter_systemd_service_result.changed"
|
||||
|
||||
- name: Ensure matrix-mautrix-twitter.service restarted, if necessary
|
||||
service:
|
||||
name: "matrix-mautrix-twitter.service"
|
||||
state: restarted
|
||||
when: "matrix_mautrix_twitter_requires_restart|bool"
|
||||
@ -0,0 +1,24 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-mautrix-twitter service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service"
|
||||
register: matrix_mautrix_twitter_service_stat
|
||||
|
||||
- name: Ensure matrix-mautrix-twitter is stopped
|
||||
service:
|
||||
name: matrix-mautrix-twitter
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mautrix_twitter_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mautrix-twitter.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service"
|
||||
state: absent
|
||||
when: "matrix_mautrix_twitter_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-twitter.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mautrix_twitter_service_stat.stat.exists"
|
||||
@ -0,0 +1,18 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_twitter_appservice_token"
|
||||
- "matrix_mautrix_twitter_homeserver_token"
|
||||
|
||||
- name: Fail if database is not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a need to set `matrix_mautrix_twitter_database_engine: postgres` and redefine the other `matrix_mautrix_twitter_database_*` variables
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_twitter_database_engine"
|
||||
@ -0,0 +1,42 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mautrix Twitter bridge
|
||||
{% for service in matrix_mautrix_twitter_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
{% for service in matrix_mautrix_twitter_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
DefaultDependencies=no
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Environment="HOME={{ matrix_systemd_unit_home_path }}"
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null'
|
||||
ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null'
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitter \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-v {{ matrix_mautrix_twitter_config_path }}:/config:z \
|
||||
-v {{ matrix_mautrix_twitter_data_path }}:/data:z \
|
||||
{% for arg in matrix_mautrix_twitter_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mautrix_twitter_docker_image }} \
|
||||
python3 -m mautrix_twitter -c /config/config.yaml --no-update
|
||||
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null'
|
||||
ExecStopPost=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null'
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mautrix-twitter
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue