Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy
Agustin Ferrario
3 years ago
commit
3cb71e7e84
@ -0,0 +1,46 @@
|
||||
# Setting up Mautrix Signal (optional)
|
||||
|
||||
The playbook can install and configure [mautrix-signal](https://github.com/tulir/mautrix-signal) for you.
|
||||
|
||||
See the project's [documentation](https://github.com/tulir/mautrix-signal/wiki) to learn what it does and why it might be useful to you.
|
||||
|
||||
**Note/Prerequisite**: If you're running with the Postgres database server integrated by the playbook (which is the default), you don't need to do anything special and can easily proceed with installing. However, if you're [using an external Postgres server](configuring-playbook-external-postgres.md), you'd need to manually prepare a Postgres database for this bridge and adjust the variables related to that (`matrix_mautrix_signal_database_*`).
|
||||
|
||||
Use the following playbook configuration:
|
||||
|
||||
```yaml
|
||||
matrix_mautrix_signal_enabled: true
|
||||
```
|
||||
|
||||
## Set up Double Puppeting
|
||||
|
||||
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-whatsapp/wiki/Authentication#replacing-whatsapp-accounts-matrix-puppet-with-matrix-account) (hint: you most likely do), you have 2 ways of going about it.
|
||||
|
||||
### Method 1: automatically, by enabling Shared Secret Auth
|
||||
|
||||
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
|
||||
|
||||
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
|
||||
|
||||
### Method 2: manually, by asking each user to provide a working access token
|
||||
|
||||
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. You can use the following command:
|
||||
|
||||
```
|
||||
curl \
|
||||
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Signal", "initial_device_display_name": "Mautrix-Signal"}' \
|
||||
https://matrix.DOMAIN/_matrix/client/r0/login
|
||||
```
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
- make sure you don't log out the `Mautrix-Signal` device some time in the future, as that would break the Double Puppeting feature
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
You then need to start a chat with `@signalbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
|
||||
@ -0,0 +1,12 @@
|
||||
# Caddyfile
|
||||
|
||||
This directory contains sample files that show you how to do reverse-proxying using Caddy2.
|
||||
|
||||
## Config
|
||||
|
||||
| Variable | Function |
|
||||
| ------------------ | -------- |
|
||||
| tls your@email.com | Specify an email address for your [ACME account](https://caddyserver.com/docs/caddyfile/directives/tls) (but if only one email is used for all sites, we recommend the email [global option](https://caddyserver.com/docs/caddyfile/options) instead) |
|
||||
| tls | To enable [tls](https://caddyserver.com/docs/caddyfile/directives/tls) support uncomment the lines for tls |
|
||||
| Dimnension | To enable Dimension support uncomment the lines for Dimension and set your data |
|
||||
| Jitsi | To enable Jitsi support uncomment the lines for Jitsi and set your data |
|
||||
@ -1,88 +0,0 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up matrix-reminder-bot
|
||||
#
|
||||
|
||||
- name: Ensure matrix-reminder-bot paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true }
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool and item.when
|
||||
|
||||
- name: Ensure matrix-reminder-bot image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure matrix-reminder-bot config installed
|
||||
copy:
|
||||
content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_matrix_reminder_bot_systemd_service_result
|
||||
when: matrix_bot_matrix_reminder_bot_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of matrix-reminder-bot (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-matrix-reminder-bot service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service"
|
||||
register: matrix_bot_matrix_reminder_bot_service_stat
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot is stopped
|
||||
service:
|
||||
name: matrix-matrix-reminder-bot
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-matrix-reminder-bot.service"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-matrix-reminder-bot.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Matrix matrix-reminder-bot paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_bot_matrix_reminder_bot_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-reminder-bot Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_bot_matrix_reminder_bot_enabled|bool"
|
||||
@ -0,0 +1,73 @@
|
||||
---
|
||||
|
||||
- set_fact:
|
||||
matrix_bot_matrix_reminder_bot_requires_restart: false
|
||||
|
||||
- block:
|
||||
- name: Check if an SQLite database already exists
|
||||
stat:
|
||||
path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
|
||||
register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
- set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_bot_matrix_reminder_bot_database_connection_string }}"
|
||||
caller: "{{ role_path|basename }}"
|
||||
engine_variable_name: 'matrix_bot_matrix_reminder_bot_database_engine'
|
||||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-bot-matrix-reminder-bot.service']
|
||||
|
||||
- import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
|
||||
|
||||
- set_fact:
|
||||
matrix_bot_matrix_reminder_bot_requires_restart: true
|
||||
when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists|bool"
|
||||
when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure matrix-reminder-bot paths exist
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true }
|
||||
- { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true }
|
||||
when: "item.when|bool"
|
||||
|
||||
- name: Ensure matrix-reminder-bot image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}"
|
||||
|
||||
- name: Ensure matrix-reminder-bot config installed
|
||||
copy:
|
||||
content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-bot-matrix-reminder-bot.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
|
||||
mode: 0644
|
||||
register: matrix_bot_matrix_reminder_bot_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary
|
||||
service:
|
||||
name: "matrix-bot-matrix-reminder-bot.service"
|
||||
state: restarted
|
||||
when: "matrix_bot_matrix_reminder_bot_requires_restart|bool"
|
||||
@ -0,0 +1,35 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-matrix-reminder-bot service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
|
||||
register: matrix_bot_matrix_reminder_bot_service_stat
|
||||
|
||||
- name: Ensure matrix-matrix-reminder-bot is stopped
|
||||
service:
|
||||
name: matrix-matrix-reminder-bot
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure matrix-bot-matrix-reminder-bot.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
|
||||
state: absent
|
||||
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Matrix matrix-reminder-bot paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_bot_matrix_reminder_bot_base_path }}"
|
||||
state: absent
|
||||
|
||||
- name: Ensure matrix-reminder-bot Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}"
|
||||
state: absent
|
||||
@ -0,0 +1,64 @@
|
||||
- name: Fail if Postgres not enabled
|
||||
fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
# Defaults
|
||||
|
||||
- name: Set postgres_start_wait_time, if not provided
|
||||
set_fact:
|
||||
postgres_start_wait_time: 15
|
||||
when: "postgres_start_wait_time|default('') == ''"
|
||||
|
||||
# Actual import work
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
service:
|
||||
name: matrix-postgres
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
register: matrix_postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
wait_for:
|
||||
timeout: "{{ postgres_start_wait_time }}"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "matrix_postgres_service_start_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-appservice-irc is stopped
|
||||
service:
|
||||
name: matrix-appservice-irc
|
||||
state: stopped
|
||||
|
||||
- name: Import appservice-irc NeDB database into Postgres
|
||||
command:
|
||||
cmd: >-
|
||||
{{ matrix_host_command_docker }} run
|
||||
--rm
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||
--cap-drop=ALL
|
||||
--network={{ matrix_docker_network }}
|
||||
--mount type=bind,src={{ matrix_appservice_irc_data_path }},dst=/data
|
||||
--entrypoint=/bin/sh
|
||||
{{ matrix_appservice_irc_docker_image }}
|
||||
-c
|
||||
'/usr/local/bin/node /app/lib/scripts/migrate-db-to-pgres.js --dbdir /data --privateKey /data/passkey.pem --connectionString {{ matrix_appservice_irc_database_connection_string }}'
|
||||
|
||||
- name: Archive NeDB database files
|
||||
command:
|
||||
cmd: "mv {{ matrix_appservice_irc_data_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}.backup"
|
||||
with_items:
|
||||
- rooms.db
|
||||
- users.db
|
||||
|
||||
- name: Inject result
|
||||
set_fact:
|
||||
matrix_playbook_runtime_results: |
|
||||
{{
|
||||
matrix_playbook_runtime_results|default([])
|
||||
+
|
||||
[
|
||||
"NOTE: Your appservice-irc database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_irc_data_path }}/*.db` to `{{ matrix_appservice_irc_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files."
|
||||
]
|
||||
}}
|
||||
@ -0,0 +1,66 @@
|
||||
- name: Fail if Postgres not enabled
|
||||
fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
# Defaults
|
||||
|
||||
- name: Set postgres_start_wait_time, if not provided
|
||||
set_fact:
|
||||
postgres_start_wait_time: 15
|
||||
when: "postgres_start_wait_time|default('') == ''"
|
||||
|
||||
# Actual import work
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
service:
|
||||
name: matrix-postgres
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
register: matrix_postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
wait_for:
|
||||
timeout: "{{ postgres_start_wait_time }}"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "matrix_postgres_service_start_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-appservice-slack is stopped
|
||||
service:
|
||||
name: matrix-appservice-slack
|
||||
state: stopped
|
||||
|
||||
- name: Import appservice-slack NeDB database into Postgres
|
||||
command:
|
||||
cmd: >-
|
||||
{{ matrix_host_command_docker }} run
|
||||
--rm
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||
--cap-drop=ALL
|
||||
--network={{ matrix_docker_network }}
|
||||
--mount type=bind,src={{ matrix_appservice_slack_data_path }},dst=/data
|
||||
--entrypoint=/bin/sh
|
||||
{{ matrix_appservice_slack_docker_image }}
|
||||
-c
|
||||
'/usr/local/bin/node /usr/src/app/lib/scripts/migrateToPostgres.js --dbdir /data --connectionString {{ matrix_appservice_slack_database_connection_string }}'
|
||||
|
||||
- name: Archive NeDB database files
|
||||
command:
|
||||
cmd: "mv {{ matrix_appservice_slack_data_path }}/{{ item }} {{ matrix_appservice_slack_data_path }}/{{ item }}.backup"
|
||||
with_items:
|
||||
- teams.db
|
||||
- room-store.db
|
||||
- user-store.db
|
||||
- event-store.db
|
||||
|
||||
- name: Inject result
|
||||
set_fact:
|
||||
matrix_playbook_runtime_results: |
|
||||
{{
|
||||
matrix_playbook_runtime_results|default([])
|
||||
+
|
||||
[
|
||||
"NOTE: Your appservice-slack database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_slack_data_path }}/*.db` to `{{ matrix_appservice_slack_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files."
|
||||
]
|
||||
}}
|
||||
@ -0,0 +1,95 @@
|
||||
# mautrix-signal is a Matrix <-> Signal bridge
|
||||
# See: https://github.com/tulir/mautrix-signal
|
||||
|
||||
matrix_mautrix_signal_enabled: true
|
||||
|
||||
# See: https://mau.dev/tulir/mautrix-signal/container_registry
|
||||
matrix_mautrix_signal_docker_image: "dock.mau.dev/tulir/mautrix-signal:latest"
|
||||
matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mautrix_signal_daemon_docker_image: "dock.mau.dev/maunium/signald:latest"
|
||||
matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image.endswith(':latest') }}"
|
||||
|
||||
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"
|
||||
matrix_mautrix_signal_config_path: "{{ matrix_mautrix_signal_base_path }}/bridge"
|
||||
matrix_mautrix_signal_daemon_path: "{{ matrix_mautrix_signal_base_path }}/signald"
|
||||
|
||||
matrix_mautrix_signal_homeserver_address: ''
|
||||
matrix_mautrix_signal_homeserver_domain: ''
|
||||
matrix_mautrix_signal_appservice_address: 'http://matrix-mautrix-signal:29328'
|
||||
|
||||
# Controls whether the matrix-mautrix-signal container exposes its port (tcp/29328 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9006"), or empty string to not expose.
|
||||
matrix_mautrix_signal_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mautrix_signal_container_extra_arguments: []
|
||||
|
||||
# List of systemd services that matrix-mautrix-signal.service depends on.
|
||||
matrix_mautrix_signal_systemd_required_services_list:
|
||||
- 'docker.service'
|
||||
- 'matrix-mautrix-signal-daemon.service'
|
||||
|
||||
# List of systemd services that matrix-mautrix-signal.service wants
|
||||
matrix_mautrix_signal_systemd_wanted_services_list: []
|
||||
|
||||
# List of systemd services that matrix-mautrix-signal-daemon.service depends on.
|
||||
matrix_mautrix_signal_daemon_systemd_required_services_list: ['docker.service']
|
||||
|
||||
# List of systemd services that matrix-mautrix-signal-daemon.service wants
|
||||
matrix_mautrix_signal_daemon_systemd_wanted_services_list: []
|
||||
|
||||
matrix_mautrix_signal_appservice_token: ''
|
||||
matrix_mautrix_signal_homeserver_token: ''
|
||||
|
||||
# Database-related configuration fields
|
||||
#
|
||||
# This bridge only supports postgres.
|
||||
#
|
||||
matrix_mautrix_signal_database_engine: 'postgres'
|
||||
|
||||
matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
|
||||
matrix_mautrix_signal_database_password: 'some-password'
|
||||
matrix_mautrix_signal_database_hostname: 'matrix-postgres'
|
||||
matrix_mautrix_signal_database_port: 5432
|
||||
matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
|
||||
|
||||
matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}'
|
||||
|
||||
matrix_mautrix_signal_appservice_database: "{{
|
||||
{
|
||||
'postgres': matrix_mautrix_facebook_database_connection_string,
|
||||
}[matrix_mautrix_signal_database_engine]
|
||||
}}"
|
||||
|
||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||
matrix_mautrix_signal_login_shared_secret: ''
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
# For a more advanced customization, you can extend the default (see `matrix_mautrix_signal_configuration_extension_yaml`)
|
||||
# or completely replace this variable with your own template.
|
||||
matrix_mautrix_signal_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
||||
|
||||
matrix_mautrix_signal_configuration_extension_yaml: |
|
||||
# Your custom YAML configuration goes here.
|
||||
# This configuration extends the default starting configuration (`matrix_mautrix_signal_configuration_yaml`).
|
||||
#
|
||||
# You can override individual variables from the default configuration, or introduce new ones.
|
||||
#
|
||||
# If you need something more special, you can take full control by
|
||||
# completely redefining `matrix_mautrix_signal_configuration_yaml`.
|
||||
|
||||
matrix_mautrix_signal_configuration_extension: "{{ matrix_mautrix_signal_configuration_extension_yaml|from_yaml if matrix_mautrix_signal_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
||||
|
||||
# Holds the final configuration (a combination of the default and its extension).
|
||||
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_signal_configuration_yaml`.
|
||||
matrix_mautrix_signal_configuration: "{{ matrix_mautrix_signal_configuration_yaml|from_yaml|combine(matrix_mautrix_signal_configuration_extension, recursive=True) }}"
|
||||
|
||||
matrix_mautrix_signal_registration_yaml: "{{ lookup('template', 'templates/registration.yaml.j2') }}"
|
||||
|
||||
matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml|from_yaml }}"
|
||||
|
||||
matrix_mautrix_signal_log_level: 'DEBUG'
|
||||
@ -0,0 +1,16 @@
|
||||
- set_fact:
|
||||
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-signal', 'matrix-mautrix-signal-daemon'] }}"
|
||||
when: matrix_mautrix_signal_enabled|bool
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
["--mount type=bind,src={{ matrix_mautrix_signal_config_path }}/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro"]
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["/matrix-mautrix-signal-registration.yaml"] }}
|
||||
when: matrix_mautrix_signal_enabled|bool
|
||||
@ -0,0 +1,21 @@
|
||||
- import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mautrix_signal_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-signal
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mautrix_signal_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-signal
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
||||
when: "run_setup|bool and not matrix_mautrix_signal_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-signal
|
||||
@ -0,0 +1,72 @@
|
||||
---
|
||||
|
||||
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
|
||||
# We don't want to fail in such cases.
|
||||
- name: Fail if matrix-synapse role already executed
|
||||
fail:
|
||||
msg: >-
|
||||
The matrix-bridge-mautrix-signal role needs to execute before the matrix-synapse role.
|
||||
when: "matrix_synapse_role_executed|default(False)"
|
||||
|
||||
- name: Ensure Mautrix Signal image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mautrix_signal_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
|
||||
when: matrix_mautrix_signal_enabled|bool
|
||||
|
||||
- name: Ensure Mautrix Signal Daemon image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_mautrix_signal_daemon_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
|
||||
when: matrix_mautrix_signal_enabled|bool
|
||||
|
||||
- name: Ensure Mautrix Signal paths exist
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
mode: 0750
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- "{{ matrix_mautrix_signal_base_path }}"
|
||||
- "{{ matrix_mautrix_signal_config_path }}"
|
||||
- "{{ matrix_mautrix_signal_daemon_path }}"
|
||||
|
||||
- name: Ensure mautrix-signal config.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mautrix_signal_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mautrix_signal_config_path }}/config.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mautrix-signal registration.yaml installed
|
||||
copy:
|
||||
content: "{{ matrix_mautrix_signal_registration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_mautrix_signal_config_path }}/registration.yaml"
|
||||
mode: 0644
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure matrix-mautrix-signal-daemon.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal-daemon.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_signal_daemon_systemd_service_result
|
||||
|
||||
- name: Ensure matrix-mautrix-signal.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service"
|
||||
mode: 0644
|
||||
register: matrix_mautrix_signal_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-signal.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mautrix_signal_systemd_service_result.changed or matrix_mautrix_signal_daemon_systemd_service_result.changed"
|
||||
@ -0,0 +1,45 @@
|
||||
---
|
||||
|
||||
# Signal daemon service
|
||||
- name: Check existence of matrix-mautrix-signal-daemon service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service"
|
||||
register: matrix_mautrix_signal_daemon_service_stat
|
||||
|
||||
- name: Ensure matrix-mautrix-signal-daemon is stopped
|
||||
service:
|
||||
name: matrix-mautrix-signal-daemon
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mautrix_signal_daemon_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mautrix-signal-daemon.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-mautrix-signal-daemon.service"
|
||||
state: absent
|
||||
when: "matrix_mautrix_signal_daemon_service_stat.stat.exists"
|
||||
|
||||
# Bridge service
|
||||
- name: Check existence of matrix-mautrix-signal service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service"
|
||||
register: matrix_mautrix_signal_service_stat
|
||||
|
||||
- name: Ensure matrix-mautrix-signal is stopped
|
||||
service:
|
||||
name: matrix-mautrix-signal
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
when: "matrix_mautrix_signal_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-mautrix-signal.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-mautrix-signal.service"
|
||||
state: absent
|
||||
when: "matrix_mautrix_signal_service_stat.stat.exists"
|
||||
|
||||
# All services
|
||||
- name: Ensure systemd reloaded after matrix-mautrix-signal_X.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_mautrix_signal_service_stat.stat.exists or matrix_mautrix_signal_daemon_service_stat.stat.exists"
|
||||
@ -0,0 +1,28 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_signal_homeserver_domain"
|
||||
- "matrix_mautrix_signal_homeserver_address"
|
||||
- "matrix_mautrix_signal_homeserver_token"
|
||||
- "matrix_mautrix_signal_appservice_token"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed Signal variables
|
||||
fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_mautrix_signal_container_exposed_port_number', 'new': '<superseded by matrix_mautrix_signal_container_http_host_bind_port>'}
|
||||
- {'old': 'matrix_mautrix_signal_db_user', 'new': 'matrix_mautrix_signal_database_username'}
|
||||
- {'old': 'matrix_mautrix_signal_db_password', 'new': 'matrix_mautrix_signal_database_password'}
|
||||
- {'old': 'matrix_mautrix_signal_db_database', 'new': 'matrix_mautrix_signal_database_name'}
|
||||
- {'old': 'matrix_mautrix_signal_db_host', 'new': 'matrix_mautrix_signal_database_hostname'}
|
||||
- {'old': 'matrix_mautrix_signal_db_port', 'new': 'matrix_mautrix_signal_database_port'}
|
||||
- {'old': 'matrix_mautrix_signal_db_url', 'new': 'matrix_mautrix_signal_database_connection_string'}
|
||||
- {'old': 'matrix_mautrix_signal_configuration_permissions', 'new': '<superseded by matrix_mautrix_signal_configuration_extension_yaml>'}
|
||||
@ -0,0 +1,202 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
# Homeserver details
|
||||
homeserver:
|
||||
# The address that this appservice can use to connect to the homeserver.
|
||||
address: {{ matrix_mautrix_signal_homeserver_address }}
|
||||
# The domain of the homeserver (for MXIDs, etc).
|
||||
domain: {{ matrix_mautrix_signal_homeserver_domain }}
|
||||
# Whether or not to verify the SSL certificate of the homeserver.
|
||||
# Only applies if address starts with https://
|
||||
verify_ssl: true
|
||||
asmux: false
|
||||
|
||||
# Application service host/registration related details
|
||||
# Changing these values requires regeneration of the registration.
|
||||
appservice:
|
||||
# The address that the homeserver can use to connect to this appservice.
|
||||
address: {{ matrix_mautrix_signal_appservice_address }}
|
||||
# When using https:// the TLS certificate and key files for the address.
|
||||
tls_cert: false
|
||||
tls_key: false
|
||||
|
||||
# The hostname and port where this appservice should listen.
|
||||
hostname: 0.0.0.0
|
||||
port: 29328
|
||||
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
|
||||
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
|
||||
max_body_size: 1
|
||||
|
||||
# The full URI to the database. Only Postgres is currently supported.
|
||||
database: {{ matrix_mautrix_signal_database_connection_string }}
|
||||
|
||||
# Provisioning API part of the web server for automated portal creation and fetching information.
|
||||
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
|
||||
provisioning:
|
||||
# Whether or not the provisioning API should be enabled.
|
||||
enabled: true
|
||||
# The prefix to use in the provisioning API endpoints.
|
||||
prefix: /_matrix/provision/v1
|
||||
# The shared secret to authorize users of the API.
|
||||
# Set to "generate" to generate and save a new token.
|
||||
shared_secret: generate
|
||||
|
||||
# The unique ID of this appservice.
|
||||
id: signal
|
||||
# Username of the appservice bot.
|
||||
bot_username: signalbot
|
||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||
# to leave display name/avatar as-is.
|
||||
bot_displayname: Signal bridge bot
|
||||
bot_avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
|
||||
|
||||
# Community ID for bridged users (changes registration file) and rooms.
|
||||
# Must be created manually.
|
||||
#
|
||||
# Example: "+signal:example.com". Set to false to disable.
|
||||
community_id: false
|
||||
|
||||
# Authentication tokens for AS <-> HS communication.
|
||||
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
|
||||
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
|
||||
|
||||
# Prometheus telemetry config. Requires prometheus-client to be installed.
|
||||
metrics:
|
||||
enabled: false
|
||||
listen_port: 8000
|
||||
|
||||
signal:
|
||||
# Path to signald unix socket
|
||||
socket_path: /signald/signald.sock
|
||||
# Directory for temp files when sending files to Signal. This should be an
|
||||
# absolute path that signald can read. For attachments in the other direction,
|
||||
# make sure signald is configured to use an absolute path as the data directory.
|
||||
outgoing_attachment_dir: /signald/attachments
|
||||
# Directory where signald stores avatars for groups.
|
||||
avatar_dir: /signald/avatars
|
||||
# Directory where signald stores auth data. Used to delete data when logging out.
|
||||
data_dir: /signald/data
|
||||
# Whether or not message attachments should be removed from disk after they're bridged.
|
||||
remove_file_after_handling: true
|
||||
|
||||
# Bridge config
|
||||
bridge:
|
||||
# Localpart template of MXIDs for Signal users.
|
||||
# {userid} is replaced with an identifier for the Signal user.
|
||||
username_template: "signal_{userid}"
|
||||
# Displayname template for Signal users.
|
||||
# {displayname} is replaced with the displayname of the Signal user, which is the first
|
||||
# available variable in displayname_preference. The variables in displayname_preference
|
||||
# can also be used here directly.
|
||||
displayname_template: "{displayname} (Signal)"
|
||||
# Whether or not contact list displaynames should be used.
|
||||
# Using this isn't recommended on multi-user instances.
|
||||
allow_contact_list_name_updates: false
|
||||
# Available variables: full_name, first_name, last_name, phone, uuid
|
||||
displayname_preference:
|
||||
- full_name
|
||||
- phone
|
||||
|
||||
# Whether or not to create portals for all groups on login/connect.
|
||||
autocreate_group_portal: true
|
||||
# Whether or not to create portals for all contacts on login/connect.
|
||||
autocreate_contact_portal: false
|
||||
# Whether or not to use /sync to get read receipts and typing notifications
|
||||
# when double puppeting is enabled
|
||||
sync_with_custom_puppets: true
|
||||
# Whether or not to update the m.direct account data event when double puppeting is enabled.
|
||||
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
|
||||
# and is therefore prone to race conditions.
|
||||
sync_direct_chat_list: false
|
||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
||||
double_puppet_allow_discovery: false
|
||||
# Servers to allow double puppeting from, even if double_puppet_allow_discovery is false.
|
||||
double_puppet_server_map: {}
|
||||
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
|
||||
#
|
||||
# If set, custom puppets will be enabled automatically for local users
|
||||
# instead of users having to find an access token and run `login-matrix`
|
||||
# manually.
|
||||
# If using this for other servers than the bridge's server,
|
||||
# you must also set the URL in the double_puppet_server_map.
|
||||
login_shared_secret_map:
|
||||
{{ matrix_mautrix_signal_homeserver_domain }}: {{ matrix_mautrix_signal_login_shared_secret|to_json }}
|
||||
# Whether or not created rooms should have federation enabled.
|
||||
# If false, created portal rooms will never be federated.
|
||||
federate_rooms: true
|
||||
# End-to-bridge encryption support options. These require matrix-nio to be installed with pip
|
||||
# and login_shared_secret to be configured in order to get a device for the bridge bot.
|
||||
#
|
||||
# Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
|
||||
# application service.
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: false
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: false
|
||||
# Options for automatic key sharing.
|
||||
key_sharing:
|
||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
||||
# You must use a client that supports requesting keys from other users to use this feature.
|
||||
allow: false
|
||||
# Require the requesting device to have a valid cross-signing signature?
|
||||
# This doesn't require that the bridge has verified the device, only that the user has verified it.
|
||||
# Not yet implemented.
|
||||
require_cross_signing: false
|
||||
# Require devices to be verified by the bridge?
|
||||
# Verification by the bridge is not yet implemented.
|
||||
require_verification: true
|
||||
# Whether or not to explicitly set the avatar and room name for private
|
||||
# chat portal rooms. This will be implicitly enabled if encryption.default is true.
|
||||
private_chat_portal_meta: false
|
||||
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
|
||||
# been sent to Signal. This let's you check manually whether the bridge is receiving your
|
||||
# messages.
|
||||
# Note that this is not related to Signal delivery receipts.
|
||||
delivery_receipts: false
|
||||
# Whether or not delivery errors should be reported as messages in the Matrix room. (not yet implemented)
|
||||
delivery_error_reports: false
|
||||
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
|
||||
# This field will automatically be changed back to false after it,
|
||||
# except if the config file is not writable.
|
||||
resend_bridge_info: false
|
||||
|
||||
# The prefix for commands. Only required in non-management rooms.
|
||||
command_prefix: "!signal"
|
||||
|
||||
# Permissions for using the bridge.
|
||||
# Permitted values:
|
||||
# user - Use the bridge with puppeting.
|
||||
# admin - Use and administrate the bridge.
|
||||
# Permitted keys:
|
||||
# * - All Matrix users
|
||||
# domain - All users on that homeserver
|
||||
# mxid - Specific user
|
||||
permissions:
|
||||
'{{ matrix_mautrix_signal_homeserver_domain }}': user
|
||||
|
||||
|
||||
# Python logging configuration.
|
||||
#
|
||||
# See section 16.7.2 of the Python documentation for more info:
|
||||
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
|
||||
logging:
|
||||
version: 1
|
||||
formatters:
|
||||
colored:
|
||||
(): mautrix_signal.util.ColorFormatter
|
||||
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
|
||||
normal:
|
||||
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
|
||||
handlers:
|
||||
console:
|
||||
class: logging.StreamHandler
|
||||
formatter: colored
|
||||
loggers:
|
||||
mau:
|
||||
level: {{ matrix_mautrix_signal_log_level }}
|
||||
aiohttp:
|
||||
level: INFO
|
||||
root:
|
||||
level: {{ matrix_mautrix_signal_log_level }}
|
||||
handlers: [console]
|
||||
@ -0,0 +1,14 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
id: signal
|
||||
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
|
||||
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
|
||||
namespaces:
|
||||
users:
|
||||
- exclusive: true
|
||||
regex: '^@signal_.+:{{ matrix_mautrix_signal_homeserver_domain|regex_escape }}$'
|
||||
aliases:
|
||||
- exclusive: true
|
||||
regex: '^#signal_.+:{{ matrix_mautrix_signal_homeserver_domain|regex_escape }}$'
|
||||
url: {{ matrix_mautrix_signal_appservice_address }}
|
||||
sender_localpart: signalbot
|
||||
rate_limited: false
|
||||
@ -0,0 +1,38 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mautrix Signal daemon
|
||||
|
||||
{% for service in matrix_mautrix_signal_daemon_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
{% for service in matrix_mautrix_signal_daemon_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \
|
||||
--log-driver=none \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
||||
{{ matrix_mautrix_signal_daemon_docker_image }}
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon
|
||||
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mautrix-signal-daemon
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
@ -0,0 +1,44 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
[Unit]
|
||||
Description=Matrix Mautrix Signal server
|
||||
|
||||
{% for service in matrix_mautrix_signal_systemd_required_services_list %}
|
||||
Requires={{ service }}
|
||||
After={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
{% for service in matrix_mautrix_signal_systemd_wanted_services_list %}
|
||||
Wants={{ service }}
|
||||
{% endfor %}
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal
|
||||
ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal
|
||||
|
||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
||||
|
||||
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal \
|
||||
--log-driver=none \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_mautrix_signal_container_http_host_bind_port %}
|
||||
-p {{ matrix_mautrix_signal_container_http_host_bind_port }}:29328 \
|
||||
{% endif %}
|
||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
||||
-v {{ matrix_mautrix_signal_config_path }}:/data:z \
|
||||
{% for arg in matrix_mautrix_signal_container_extra_arguments %}
|
||||
{{ arg }} \
|
||||
{% endfor %}
|
||||
{{ matrix_mautrix_signal_docker_image }} \
|
||||
python3 -m mautrix_signal -c /data/config.yaml
|
||||
|
||||
ExecStop=-{{ matrix_host_command_docker }} kill matrix-mautrix-signal
|
||||
ExecStop=-{{ matrix_host_command_docker }} rm matrix-mautrix-signal
|
||||
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
SyslogIdentifier=matrix-mautrix-signal
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
@ -1,85 +0,0 @@
|
||||
---
|
||||
|
||||
#
|
||||
# Tasks related to setting up the dimension
|
||||
#
|
||||
|
||||
- name: Ensure Dimension base path exists
|
||||
file:
|
||||
path: "{{ matrix_dimension_base_path }}"
|
||||
state: directory
|
||||
mode: 0770
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_dimension_user_gid }}"
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure Dimension config installed
|
||||
copy:
|
||||
content: "{{ matrix_dimension_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_dimension_base_path }}/config.yaml"
|
||||
mode: 0640
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_dimension_user_gid }}"
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure Dimension image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_dimension_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_dimension_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_docker_image_force_pull }}"
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure matrix-dimension.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-dimension.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-dimension.service"
|
||||
mode: 0644
|
||||
register: matrix_dimension_systemd_service_result
|
||||
when: matrix_dimension_enabled|bool
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-dimension.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_dimension_enabled|bool and matrix_dimension_systemd_service_result.changed"
|
||||
|
||||
#
|
||||
# Tasks related to getting rid of the dimension (if it was previously enabled)
|
||||
#
|
||||
|
||||
- name: Check existence of matrix-dimension service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-dimension.service"
|
||||
register: matrix_dimension_service_stat
|
||||
when: "not matrix_dimension_enabled|bool"
|
||||
|
||||
- name: Ensure matrix-dimension is stopped
|
||||
service:
|
||||
name: matrix-dimension
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure matrix-dimension.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-dimension.service"
|
||||
state: absent
|
||||
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-dimension.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
|
||||
|
||||
- name: Ensure Dimension environment variables path doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_dimension_base_path }}"
|
||||
state: absent
|
||||
when: "not matrix_dimension_enabled|bool"
|
||||
|
||||
- name: Ensure Dimension Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_dimension_docker_image }}"
|
||||
state: absent
|
||||
when: "not matrix_dimension_enabled|bool"
|
||||
@ -0,0 +1,109 @@
|
||||
---
|
||||
|
||||
- set_fact:
|
||||
matrix_dimension_requires_restart: false
|
||||
|
||||
- block:
|
||||
- name: Check if an SQLite database already exists
|
||||
stat:
|
||||
path: "{{ matrix_dimension_sqlite_database_path_local }}"
|
||||
register: matrix_dimension_sqlite_database_path_local_stat_result
|
||||
|
||||
- block:
|
||||
# pgloader makes a few columns `smallint`, instead of `boolean`.
|
||||
# We need to fix them up.
|
||||
- set_fact:
|
||||
matrix_dimension_pgloader_additional_psql_statements_list: []
|
||||
|
||||
- set_fact:
|
||||
matrix_dimension_pgloader_additional_psql_statements_list: |
|
||||
{{
|
||||
matrix_dimension_pgloader_additional_psql_statements_list
|
||||
+
|
||||
([] if item.default == '' else ['ALTER TABLE ' + item.table + ' ALTER COLUMN "' + item.column + '" DROP default;'])
|
||||
+
|
||||
(['ALTER TABLE ' + item.table + ' ALTER COLUMN "' + item.column + '" TYPE BOOLEAN USING("' + item.column + '"::text::boolean);'])
|
||||
+
|
||||
([] if item.default == '' else ['ALTER TABLE ' + item.table + ' ALTER COLUMN "' + item.column + '" SET default ' + item.default + ';'])
|
||||
}}
|
||||
with_items:
|
||||
- {'table': 'dimension_widgets', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_widgets', 'column': 'isPublic', 'default': ''}
|
||||
- {'table': 'dimension_webhook_bridges', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_user_sticker_packs', 'column': 'isSelected', 'default': ''}
|
||||
- {'table': 'dimension_scalar_tokens', 'column': 'isDimensionToken', 'default': ''}
|
||||
- {'table': 'dimension_users', 'column': 'isSelfBot', 'default': 'false'}
|
||||
- {'table': 'dimension_telegram_bridges', 'column': 'allowTgPuppets', 'default': ''}
|
||||
- {'table': 'dimension_telegram_bridges', 'column': 'allowMxPuppets', 'default': ''}
|
||||
- {'table': 'dimension_telegram_bridges', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_sticker_packs', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_sticker_packs', 'column': 'isPublic', 'default': ''}
|
||||
- {'table': 'dimension_slack_bridges', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_neb_integrations', 'column': 'isPublic', 'default': ''}
|
||||
- {'table': 'dimension_irc_bridges', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_irc_bridge_networks', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_gitter_bridges', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_custom_simple_bots', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_custom_simple_bots', 'column': 'isPublic', 'default': ''}
|
||||
- {'table': 'dimension_bridges', 'column': 'isEnabled', 'default': ''}
|
||||
- {'table': 'dimension_bridges', 'column': 'isPublic', 'default': ''}
|
||||
|
||||
- set_fact:
|
||||
matrix_postgres_db_migration_request:
|
||||
src: "{{ matrix_dimension_sqlite_database_path_local }}"
|
||||
dst: "{{ matrix_dimension_database_connection_string }}"
|
||||
caller: "{{ role_path|basename }}"
|
||||
engine_variable_name: 'matrix_dimension_database_engine'
|
||||
engine_old: 'sqlite'
|
||||
systemd_services_to_stop: ['matrix-dimension.service']
|
||||
pgloader_options: ['--with "quote identifiers"']
|
||||
additional_psql_statements_list: "{{ matrix_dimension_pgloader_additional_psql_statements_list }}"
|
||||
additional_psql_statements_db_name: "{{ matrix_dimension_database_name }}"
|
||||
|
||||
- import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
|
||||
|
||||
- set_fact:
|
||||
matrix_dimension_requires_restart: true
|
||||
when: "matrix_dimension_sqlite_database_path_local_stat_result.stat.exists|bool"
|
||||
when: "matrix_dimension_database_engine == 'postgres'"
|
||||
|
||||
- name: Ensure Dimension base path exists
|
||||
file:
|
||||
path: "{{ matrix_dimension_base_path }}"
|
||||
state: directory
|
||||
mode: 0770
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_dimension_user_gid }}"
|
||||
|
||||
- name: Ensure Dimension config installed
|
||||
copy:
|
||||
content: "{{ matrix_dimension_configuration|to_nice_yaml }}"
|
||||
dest: "{{ matrix_dimension_base_path }}/config.yaml"
|
||||
mode: 0640
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_dimension_user_gid }}"
|
||||
|
||||
- name: Ensure Dimension image is pulled
|
||||
docker_image:
|
||||
name: "{{ matrix_dimension_docker_image }}"
|
||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||
force_source: "{{ matrix_dimension_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_docker_image_force_pull }}"
|
||||
|
||||
- name: Ensure matrix-dimension.service installed
|
||||
template:
|
||||
src: "{{ role_path }}/templates/systemd/matrix-dimension.service.j2"
|
||||
dest: "{{ matrix_systemd_path }}/matrix-dimension.service"
|
||||
mode: 0644
|
||||
register: matrix_dimension_systemd_service_result
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-dimension.service installation
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_dimension_systemd_service_result.changed|bool"
|
||||
|
||||
- name: Ensure matrix-dimension.service restarted, if necessary
|
||||
service:
|
||||
name: "matrix-dimension.service"
|
||||
state: restarted
|
||||
when: "matrix_dimension_requires_restart|bool"
|
||||
@ -0,0 +1,35 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-dimension service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-dimension.service"
|
||||
register: matrix_dimension_service_stat
|
||||
|
||||
- name: Ensure matrix-dimension is stopped
|
||||
service:
|
||||
name: matrix-dimension
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "matrix_dimension_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure matrix-dimension.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-dimension.service"
|
||||
state: absent
|
||||
when: "matrix_dimension_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-dimension.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_dimension_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Dimension base directory doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_dimension_base_path }}"
|
||||
state: absent
|
||||
|
||||
- name: Ensure Dimension Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_dimension_docker_image }}"
|
||||
state: absent
|
||||
@ -0,0 +1,35 @@
|
||||
---
|
||||
|
||||
- name: Check existence of matrix-ma1sd service
|
||||
stat:
|
||||
path: "{{ matrix_systemd_path }}/matrix-ma1sd.service"
|
||||
register: matrix_ma1sd_service_stat
|
||||
|
||||
- name: Ensure matrix-ma1sd is stopped
|
||||
service:
|
||||
name: matrix-ma1sd
|
||||
state: stopped
|
||||
daemon_reload: yes
|
||||
register: stopping_result
|
||||
when: "matrix_ma1sd_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure matrix-ma1sd.service doesn't exist
|
||||
file:
|
||||
path: "{{ matrix_systemd_path }}/matrix-ma1sd.service"
|
||||
state: absent
|
||||
when: "matrix_ma1sd_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure systemd reloaded after matrix-ma1sd.service removal
|
||||
service:
|
||||
daemon_reload: yes
|
||||
when: "matrix_ma1sd_service_stat.stat.exists|bool"
|
||||
|
||||
- name: Ensure Matrix ma1sd paths don't exist
|
||||
file:
|
||||
path: "{{ matrix_ma1sd_base_path }}"
|
||||
state: absent
|
||||
|
||||
- name: Ensure ma1sd Docker image doesn't exist
|
||||
docker_image:
|
||||
name: "{{ matrix_ma1sd_docker_image }}"
|
||||
state: absent
|
||||
@ -0,0 +1,97 @@
|
||||
---
|
||||
|
||||
# Pre-checks
|
||||
|
||||
- name: Fail if Postgres not enabled
|
||||
fail:
|
||||
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
|
||||
when: "not matrix_postgres_enabled|bool"
|
||||
|
||||
- name: Fail if playbook called incorrectly
|
||||
fail:
|
||||
msg: "The `sqlite_database_path` variable needs to be provided to this playbook, via --extra-vars"
|
||||
when: "sqlite_database_path is not defined or sqlite_database_path.startswith('<')"
|
||||
|
||||
- name: Check if the provided SQLite database file exists
|
||||
stat:
|
||||
path: "{{ sqlite_database_path }}"
|
||||
register: sqlite_database_path_stat_result
|
||||
|
||||
- name: Fail if provided SQLite database file doesn't exist
|
||||
fail:
|
||||
msg: "File cannot be found on the server at {{ sqlite_database_path }}"
|
||||
when: "not sqlite_database_path_stat_result.stat.exists"
|
||||
|
||||
# We either expect `postgres_db_connection_string` specifying a full Postgres database connection string,
|
||||
# or `postgres_connection_string_variable_name`, specifying a name of a variable, which contains a valid connection string.
|
||||
|
||||
- block:
|
||||
- name: Fail if postgres_connection_string_variable_name points to an undefined variable
|
||||
fail: msg="postgres_connection_string_variable_name is defined, but there is no variable with the name `{{ postgres_connection_string_variable_name }}`"
|
||||
when: "postgres_connection_string_variable_name not in vars"
|
||||
|
||||
- name: Get Postgres connection string from variable
|
||||
set_fact:
|
||||
postgres_db_connection_string: "{{ lookup('vars', postgres_connection_string_variable_name) }}"
|
||||
when: 'postgres_connection_string_variable_name is defined'
|
||||
|
||||
- name: Fail if playbook called incorrectly
|
||||
fail:
|
||||
msg: >-
|
||||
Either a `postgres_db_connection_string` variable or a `postgres_connection_string_variable_name` needs to be provided to this playbook, via `--extra-vars`.
|
||||
Example: `--extra-vars="postgres_db_connection_string=postgresql://username:password@localhost:<port>/database_name"` or `--extra-vars="postgres_connection_string_variable_name=matrix_appservice_discord_database_connString"`
|
||||
when: "postgres_db_connection_string is not defined or not postgres_db_connection_string.startswith('postgresql://')"
|
||||
|
||||
|
||||
# Defaults
|
||||
|
||||
- name: Set postgres_start_wait_time, if not provided
|
||||
set_fact:
|
||||
postgres_start_wait_time: 15
|
||||
when: "postgres_start_wait_time|default('') == ''"
|
||||
|
||||
|
||||
# Actual import work
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
service:
|
||||
name: matrix-postgres
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
register: matrix_postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
wait_for:
|
||||
timeout: "{{ postgres_start_wait_time }}"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "matrix_postgres_service_start_result.changed|bool"
|
||||
|
||||
- name: Import SQLite database from {{ sqlite_database_path }} into Postgres
|
||||
command:
|
||||
cmd: >-
|
||||
{{ matrix_host_command_docker }} run
|
||||
--rm
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||
--cap-drop=ALL
|
||||
--network={{ matrix_docker_network }}
|
||||
--mount type=bind,src={{ sqlite_database_path }},dst=/in.db,ro
|
||||
--entrypoint=/bin/sh
|
||||
{{ matrix_postgres_pgloader_docker_image }}
|
||||
-c
|
||||
'pgloader /in.db {{ postgres_db_connection_string }}'
|
||||
|
||||
- name: Archive SQLite database ({{ sqlite_database_path }} -> {{ sqlite_database_path }}.backup)
|
||||
command:
|
||||
cmd: "mv {{ sqlite_database_path }} {{ sqlite_database_path }}.backup"
|
||||
|
||||
- name: Inject result
|
||||
set_fact:
|
||||
matrix_playbook_runtime_results: |
|
||||
{{
|
||||
matrix_playbook_runtime_results|default([])
|
||||
+
|
||||
[
|
||||
"NOTE: Your SQLite database file has been imported into Postgres. The original file has been moved from `{{ sqlite_database_path }}` to `{{ sqlite_database_path }}.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete this file."
|
||||
]
|
||||
}}
|
||||
@ -0,0 +1,40 @@
|
||||
---
|
||||
|
||||
# It'd be better if this is belonged to `validate_config.yml`, but it would have to be some loop-within-a-loop there,
|
||||
# and that's ugly. We also don't expect this to catch errors often. It's more of a defensive last-minute check.
|
||||
- name: Fail if additional database data appears invalid
|
||||
fail:
|
||||
msg: "Additional database definition ({{ additional_db }} lacks a required key: {{ item }}"
|
||||
when: "item not in additional_db"
|
||||
with_items: "{{ ['name', 'username', 'password'] }}"
|
||||
|
||||
# The SQL statements that we'll run against Postgres are stored in a file that others can't read.
|
||||
# This file will be mounted into the container and fed to Postgres.
|
||||
# This way, we avoid passing sensitive data around in CLI commands that other users on the system can see.
|
||||
- name: Create additional database initialization SQL file for {{ additional_db.name }}
|
||||
template:
|
||||
src: "{{ role_path }}/templates/sql/init-additional-db-user-and-role.sql.j2"
|
||||
dest: "/tmp/matrix-postgres-init-additional-db-user-and-role.sql"
|
||||
mode: 0600
|
||||
owner: "{{ matrix_user_uid }}"
|
||||
group: "{{ matrix_user_gid }}"
|
||||
|
||||
- name: Execute Postgres additional database initialization SQL file for {{ additional_db.name }}
|
||||
command:
|
||||
cmd: >-
|
||||
{{ matrix_host_command_docker }} run
|
||||
--rm
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }}
|
||||
--cap-drop=ALL
|
||||
--env-file={{ matrix_postgres_base_path }}/env-postgres-psql
|
||||
--network {{ matrix_docker_network }}
|
||||
--mount type=bind,src=/tmp/matrix-postgres-init-additional-db-user-and-role.sql,dst=/matrix-postgres-init-additional-db-user-and-role.sql,ro
|
||||
--entrypoint=/bin/sh
|
||||
{{ matrix_postgres_docker_image_to_use }}
|
||||
-c
|
||||
'psql -h {{ matrix_postgres_connection_hostname }} --file=/matrix-postgres-init-additional-db-user-and-role.sql'
|
||||
|
||||
- name: Delete additional database initialization SQL file for {{ additional_db.name }}
|
||||
file:
|
||||
path: /tmp/matrix-postgres-init-additional-db-user-and-role.sql
|
||||
state: absent
|
||||
@ -0,0 +1,23 @@
|
||||
---
|
||||
|
||||
- name: Ensure matrix-postgres is started
|
||||
service:
|
||||
name: matrix-postgres
|
||||
state: started
|
||||
daemon_reload: yes
|
||||
register: matrix_postgres_service_start_result
|
||||
|
||||
- name: Wait a bit, so that Postgres can start
|
||||
wait_for:
|
||||
timeout: "{{ matrix_postgres_additional_databases_postgres_start_wait_timeout_seconds }}"
|
||||
delegate_to: 127.0.0.1
|
||||
become: false
|
||||
when: "matrix_postgres_service_start_result.changed|bool"
|
||||
|
||||
- name: Create additional Postgres user and database
|
||||
include_tasks: "{{ role_path }}/tasks/util/create_additional_database.yml"
|
||||
with_items: "{{ matrix_postgres_additional_databases }}"
|
||||
loop_control:
|
||||
loop_var: additional_db
|
||||
# Suppress logging to avoid dumping the credentials to the shell
|
||||
no_log: true
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in new issue