From 6fc779dc836ceccbff166633cc0b66b087d92c02 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 2 Aug 2019 11:59:10 +0300 Subject: [PATCH] Ensure matrix_ssl_retrieval_method value is valid We recently had someone in the support room who set it to `false` and the playbook ran without any issues. This currently seems to yield the same result as 'none', but it's better to avoid such behavior. --- roles/matrix-nginx-proxy/tasks/validate_config.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/roles/matrix-nginx-proxy/tasks/validate_config.yml b/roles/matrix-nginx-proxy/tasks/validate_config.yml index e5b672ed6..dc6567ed0 100644 --- a/roles/matrix-nginx-proxy/tasks/validate_config.yml +++ b/roles/matrix-nginx-proxy/tasks/validate_config.yml @@ -10,3 +10,8 @@ - {'old': 'matrix_nginx_proxy_matrix_client_api_addr_with_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container'} - {'old': 'matrix_nginx_proxy_matrix_client_api_addr_sans_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container'} +- name: Fail on unknown matrix_ssl_retrieval_method + fail: + msg: >- + `matrix_ssl_retrieval_method` needs to be set to a known value. + when: "matrix_ssl_retrieval_method not in ['lets-encrypt', 'self-signed', 'manually-managed', 'none']"