677a2fc503
Details here: https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_6.html#id36 Basically: ```yaml - name: Prior to 2.13 debug: msg: '[1] + {{ [2] }}' - name: 2.13 and forward debug: msg: '{{ [1] + [2] }}' ``` Interestingly, we had been using the new/safe syntax in lofs of places. We were using the broken one in many others though. Hopefully all instances were fixed by this patch.
149 lines
7.2 KiB
YAML
149 lines
7.2 KiB
YAML
---
|
|
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
|
# We don't want to fail in such cases.
|
|
- name: Fail if matrix-synapse role already executed
|
|
fail:
|
|
msg: >-
|
|
The matrix-bridge-hookshot role needs to execute before the matrix-synapse role.
|
|
when: "matrix_hookshot_enabled and matrix_synapse_role_executed|default(False)"
|
|
|
|
- set_fact:
|
|
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-hookshot.service'] }}"
|
|
when: matrix_hookshot_enabled|bool
|
|
|
|
# If the matrix-synapse role is not used, these variables may not exist.
|
|
- set_fact:
|
|
matrix_synapse_container_extra_arguments: >
|
|
{{
|
|
matrix_synapse_container_extra_arguments|default([])
|
|
+
|
|
["--mount type=bind,src={{ matrix_hookshot_base_path }}/registration.yml,dst=/hookshot-registration.yml,ro"]
|
|
}}
|
|
|
|
matrix_synapse_app_service_config_files: >
|
|
{{
|
|
matrix_synapse_app_service_config_files|default([])
|
|
+
|
|
["/hookshot-registration.yml"]
|
|
}}
|
|
when: matrix_hookshot_enabled|bool
|
|
|
|
- block:
|
|
- name: Fail if matrix-nginx-proxy role already executed
|
|
fail:
|
|
msg: >-
|
|
Trying to append hookshot's reverse-proxying configuration to matrix-nginx-proxy,
|
|
but it's pointless since the matrix-nginx-proxy role had already executed.
|
|
To fix this, please change the order of roles in your playbook,
|
|
so that the matrix-nginx-proxy role would run after the matrix-bridge-hookshot role.
|
|
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
|
|
|
- name: Generate Matrix hookshot proxying configuration for matrix-nginx-proxy
|
|
set_fact:
|
|
matrix_hookshot_matrix_nginx_proxy_configuration: |
|
|
location ~ ^{{ matrix_hookshot_appservice_endpoint }}/(.*)$ {
|
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
|
resolver 127.0.0.11 valid=5s;
|
|
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}";
|
|
proxy_pass http://$backend/$1;
|
|
{% else %}
|
|
{# Generic configuration for use outside of our container setup #}
|
|
proxy_pass http://127.0.0.1:{{ matrix_hookshot_appservice_port }}/$1;
|
|
{% endif %}
|
|
proxy_set_header Host $host;
|
|
}
|
|
{% if matrix_hookshot_provisioning_enabled %}
|
|
location ~ ^{{ matrix_hookshot_provisioning_endpoint }}/(.*)$ {
|
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
|
resolver 127.0.0.11 valid=5s;
|
|
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
|
|
proxy_pass http://$backend{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
|
{% else %}
|
|
{# Generic configuration for use outside of our container setup #}
|
|
proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
|
{% endif %}
|
|
proxy_set_header Host $host;
|
|
}
|
|
{% endif %}
|
|
{% if matrix_hookshot_widgets_enabled %}
|
|
location ~ ^{{ matrix_hookshot_widgets_endpoint }}/(.*)$ {
|
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
|
resolver 127.0.0.11 valid=5s;
|
|
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_widgets_port }}";
|
|
proxy_pass http://$backend{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
|
{% else %}
|
|
{# Generic configuration for use outside of our container setup #}
|
|
proxy_pass http://127.0.0.1:{{ matrix_hookshot_widgets_port }}{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
|
{% endif %}
|
|
proxy_set_header Host $host;
|
|
}
|
|
{% endif %}
|
|
location ~ ^{{ matrix_hookshot_webhook_endpoint }}/(.*)$ {
|
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
|
resolver 127.0.0.11 valid=5s;
|
|
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_webhook_port }}";
|
|
proxy_pass http://$backend/$1$is_args$args;
|
|
{% else %}
|
|
{# Generic configuration for use outside of our container setup #}
|
|
proxy_pass http://127.0.0.1:{{ matrix_hookshot_webhook_port }}/$1$is_args$args;
|
|
{% endif %}
|
|
proxy_set_header Host $host;
|
|
}
|
|
|
|
- name: Register hookshot proxying configuration with matrix-nginx-proxy
|
|
set_fact:
|
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
|
{{
|
|
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
|
+
|
|
[matrix_hookshot_matrix_nginx_proxy_configuration]
|
|
}}
|
|
|
|
- name: Generate Matrix hookshot proxying configuration for matrix-nginx-proxy
|
|
set_fact:
|
|
matrix_hookshot_matrix_nginx_proxy_metrics_configuration: |
|
|
{% if matrix_hookshot_metrics_enabled and matrix_hookshot_proxy_metrics %}
|
|
location {{ matrix_hookshot_metrics_endpoint }} {
|
|
{% if matrix_nginx_proxy_enabled|default(False) %}
|
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
|
resolver 127.0.0.11 valid=5s;
|
|
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_metrics_port }}";
|
|
proxy_pass http://$backend/metrics;
|
|
{% else %}
|
|
{# Generic configuration for use outside of our container setup #}
|
|
proxy_pass http://127.0.0.1:{{ matrix_hookshot_metrics_port }}/metrics;
|
|
{% endif %}
|
|
proxy_set_header Host $host;
|
|
{% if matrix_hookshot_proxy_metrics_basic_auth_enabled %}
|
|
auth_basic "protected";
|
|
auth_basic_user_file /nginx-data/matrix-synapse-metrics-htpasswd;
|
|
{% endif %}
|
|
}
|
|
{% endif %}
|
|
|
|
- name: Register hookshot metrics proxying configuration with matrix-nginx-proxy
|
|
set_fact:
|
|
matrix_nginx_proxy_proxy_grafana_additional_server_configuration_blocks: |
|
|
{{
|
|
matrix_nginx_proxy_proxy_grafana_additional_server_configuration_blocks|default([])
|
|
+
|
|
[matrix_hookshot_matrix_nginx_proxy_metrics_configuration]
|
|
}}
|
|
tags:
|
|
- always
|
|
when: matrix_hookshot_enabled|bool
|
|
|
|
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
|
debug:
|
|
msg: >-
|
|
NOTE: You've enabled the hookshot bridge but are not using the matrix-nginx-proxy
|
|
reverse proxy.
|
|
Please make sure that you're proxying the `{{ matrix_hookshot_public_endpoint }}`
|
|
URL endpoint to the matrix-hookshot container.
|
|
You can expose the container's ports using the `matrix_hookshot_container_http_host_bind_ports` variable.
|
|
when: "matrix_hookshot_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"
|