Add support for Debian (9+) and Ubuntu (16.04+)
This commit is contained in:
parent
13ab9eb238
commit
ded7c274f6
@ -31,6 +31,8 @@ This is similar to the [EMnify/matrix-synapse-auto-deploy](https://github.com/EM
|
||||
|
||||
- this one **can be re-ran many times** without causing trouble
|
||||
|
||||
- works on both **CentOS** (7.0+) and Debian-based distributions (**Debian** 9/Stretch+, **Ubuntu** 16.04+)
|
||||
|
||||
- this one **runs everything in Docker containers** (like [silviof/docker-matrix](https://hub.docker.com/r/silviof/docker-matrix/) and [silviof/matrix-riot-docker](https://hub.docker.com/r/silviof/matrix-riot-docker/)), so it's likely more predictable
|
||||
|
||||
- this one retrieves and automatically renews free [Let's Encrypt](https://letsencrypt.org/) **SSL certificates** for you
|
||||
@ -50,7 +52,7 @@ Special thanks goes to:
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- **CentOS server** with no services running on port 80/443 (making this run on non-CentOS servers should be possible in the future)
|
||||
- **CentOS** (7.0+), **Debian** (9/Stretch+) or **Ubuntu** (16.04+) server with no services running on port 80/443
|
||||
|
||||
- the [Ansible](http://ansible.com/) program, which is used to run this playbook and configures everything for you
|
||||
|
||||
|
@ -17,7 +17,7 @@
|
||||
key: https://download.docker.com/linux/centos/gpg
|
||||
when: ansible_distribution == 'CentOS'
|
||||
|
||||
- name: Ensure yum packages are installed (base)
|
||||
- name: Ensure yum packages are installed (CentOS)
|
||||
yum: name="{{ item }}" state=latest update_cache=yes
|
||||
with_items:
|
||||
- bash-completion
|
||||
@ -27,14 +27,54 @@
|
||||
- ntp
|
||||
when: ansible_distribution == 'CentOS'
|
||||
|
||||
- name: Ensure APT usage dependencies are installed (Debian)
|
||||
apt:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
update_cache: yes
|
||||
with_items:
|
||||
- apt-transport-https
|
||||
- ca-certificates
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Ensure Docker's APT key is trusted (Debian)
|
||||
apt_key:
|
||||
url: https://download.docker.com/linux/ubuntu/gpg
|
||||
id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
||||
state: present
|
||||
register: add_repository_key
|
||||
ignore_errors: true
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Ensure Docker repository is enabled (Debian)
|
||||
apt_repository:
|
||||
repo: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
|
||||
state: present
|
||||
update_cache: yes
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Ensure APT packages are installed (Debian)
|
||||
apt: name="{{ item }}" state=latest update_cache=yes
|
||||
with_items:
|
||||
- bash-completion
|
||||
- docker-ce
|
||||
- python-docker
|
||||
- ntp
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Ensure firewalld is started and autoruns
|
||||
service: name=firewalld state=started enabled=yes
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- name: Ensure Docker is started and autoruns
|
||||
service: name=docker state=started enabled=yes
|
||||
|
||||
- name: Ensure ntpd is started and autoruns
|
||||
service: name=ntpd state=started enabled=yes
|
||||
service:
|
||||
name: "{{ 'ntpd' if ansible_os_family == 'RedHat' else 'ntp' }}"
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: Ensure SELinux disabled
|
||||
selinux: state=disabled
|
||||
when: ansible_os_family == 'RedHat'
|
@ -33,6 +33,7 @@
|
||||
with_items:
|
||||
- "http"
|
||||
- "https"
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- name: Ensure matrix-nginx-proxy.service installed
|
||||
template:
|
||||
|
@ -9,6 +9,7 @@
|
||||
with_items:
|
||||
- http
|
||||
- https
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- name: Ensure acmetool Docker image is pulled
|
||||
docker_image:
|
||||
|
@ -136,6 +136,7 @@
|
||||
- '3478/tcp' # STUN
|
||||
- '3478/udp' # STUN
|
||||
- "{{ matrix_coturn_turn_udp_min_port }}-{{ matrix_coturn_turn_udp_max_port }}/udp" # TURN
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- name: Ensure matrix-synapse.service installed
|
||||
template:
|
||||
|
@ -15,7 +15,7 @@ Requires=matrix-s3fs.service
|
||||
Type=simple
|
||||
ExecStartPre=-/usr/bin/docker kill matrix-synapse
|
||||
ExecStartPre=-/usr/bin/docker rm matrix-synapse
|
||||
ExecStartPre=-/usr/bin/chown {{ matrix_user_username }}:{{ matrix_user_username }} {{ ssl_certs_path }} -R
|
||||
ExecStartPre=-{{ '/usr/bin/chown' if ansible_os_family == 'RedHat' else '/bin/chown' }} {{ matrix_user_username }}:{{ matrix_user_username }} {{ ssl_certs_path }} -R
|
||||
ExecStart=/usr/bin/docker run --rm --name matrix-synapse \
|
||||
{% if not matrix_postgres_use_external %}
|
||||
--link matrix-postgres:{{ matrix_postgres_connection_hostname }} \
|
||||
|
Loading…
Reference in New Issue
Block a user