From f9e19e962347b21abd93d1fa6feda031c1c82ce2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 17 Jan 2024 17:22:08 +0200 Subject: [PATCH] Always uninstall matrix-nginx-proxy, if discovered This changes the behavior of `matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled` and is against what we initially described in the changelog entry, but I've discovered some problems when the `matrix-nginx-proxy` service and container remain running. They need to go. --- CHANGELOG.md | 12 +++++++----- .../matrix_playbook_migration/defaults/main.yml | 4 ++-- .../custom/matrix_playbook_migration/tasks/main.yml | 3 +-- .../tasks/uninstall_matrix_nginx_proxy.yml | 9 +++++---- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 29e692850..7bb44f665 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -205,15 +205,17 @@ If this is still not convincing enough for you and you want the best possible pe The updated playbook will automatically perform some migration tasks for you: -1. It will uninstall `matrix-nginx-proxy` for you and delete the `/matrix/nginx-proxy` directory and all files within it. You can disable this behavior by adding `matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled: false` to your `vars.yml` configuration file. Doing so will leave an orphan (and unusable) `matrix-nginx-proxy` container and its data around. It will not let you continue using nginx for a while longer. You need to migrate - now! +1. It will stop and remove the `matrix-nginx-proxy` systemd service and container for you. This behavior cannot be disabled. It's essential that this service gets stopped, because it remaining running (and having container labels) may confuse Traefik as to where to route HTTP requests. -2. It will delete the `/matrix/ssl` directory and all files within it. You can disable this behavior by adding `matrix_playbook_migration_matrix_ssl_uninstallation_enabled: false` to your `vars.yml` configuration file. If you have some important certificates there for some reason, take them out or temporarily disable removal of these files until you do. +2. It will delete the `/matrix/nginx-proxy` directory and all files within it. You can disable this behavior by adding `matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled: false` to your `vars.yml` configuration file. Doing so will leave its data around. -3. It will tell you about all variables (`matrix_nginx_proxy_*` and many others - even from other roles) that have changed during this large nginx-elimination upgrade. You can disable this behavior by adding `matrix_playbook_migration_matrix_nginx_proxy_elimination_variable_transition_checks_enabled: false` to your `vars.yml` configuration file. +3. It will delete the `/matrix/ssl` directory and all files within it. You can disable this behavior by adding `matrix_playbook_migration_matrix_ssl_uninstallation_enabled: false` to your `vars.yml` configuration file. If you have some important certificates there for some reason, take them out or temporarily disable removal of these files until you do. -4. It will tell you about any leftover `matrix_nginx_proxy_*` variables in your `vars.yml` file. You can disable this behavior by adding `matrix_playbook_migration_matrix_nginx_proxy_leftover_variable_validation_checks_enabled: false` to your `vars.yml` configuration file. +4. It will tell you about all variables (`matrix_nginx_proxy_*` and many others - even from other roles) that have changed during this large nginx-elimination upgrade. You can disable this behavior by adding `matrix_playbook_migration_matrix_nginx_proxy_elimination_variable_transition_checks_enabled: false` to your `vars.yml` configuration file. -5. It will tell you about any leftover `matrix_ssl_*` variables in your `vars.yml` file. You can disable this behavior by adding `matrix_playbook_migration_matrix_ssl_leftover_variable_checks_enabled: false` to your `vars.yml` configuration file. +5. It will tell you about any leftover `matrix_nginx_proxy_*` variables in your `vars.yml` file. You can disable this behavior by adding `matrix_playbook_migration_matrix_nginx_proxy_leftover_variable_validation_checks_enabled: false` to your `vars.yml` configuration file. + +6. It will tell you about any leftover `matrix_ssl_*` variables in your `vars.yml` file. You can disable this behavior by adding `matrix_playbook_migration_matrix_ssl_leftover_variable_checks_enabled: false` to your `vars.yml` configuration file. We don't recommend changing these variables and suppressing warnings, unless you know what you're doing. diff --git a/roles/custom/matrix_playbook_migration/defaults/main.yml b/roles/custom/matrix_playbook_migration/defaults/main.yml index b870309d5..0c797cb10 100644 --- a/roles/custom/matrix_playbook_migration/defaults/main.yml +++ b/roles/custom/matrix_playbook_migration/defaults/main.yml @@ -56,8 +56,8 @@ matrix_playbook_migration_matrix_nginx_proxy_leftover_variable_validation_checks # Controls if (`matrix_ssl_`) leftover variable checks will run. matrix_playbook_migration_matrix_ssl_leftover_variable_checks_enabled: true -# Controls whether this role will try to detect and clean up after the matrix-nginx-proxy role. -# When enabled, the systemd serivce will be stopped and removed, as well as all data in `/matrix/nginx-proxy +# Controls whether this role will delete old files left over from `matrix-nginx-proxy`. +# Regardless of this value, if discovered, a `matrix-nginx-proxy.service` systemd serivce will be stopped and removed. matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled: true # Controls whether this role will try to detect and clean up the /matrix/ssl files. diff --git a/roles/custom/matrix_playbook_migration/tasks/main.yml b/roles/custom/matrix_playbook_migration/tasks/main.yml index 552b0af29..bbee3000f 100644 --- a/roles/custom/matrix_playbook_migration/tasks/main.yml +++ b/roles/custom/matrix_playbook_migration/tasks/main.yml @@ -33,8 +33,7 @@ block: - ansible.builtin.include_tasks: "{{ role_path }}/tasks/cleanup_matrix_static_files_well_known.yml" -- when: matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled | bool - tags: +- tags: - setup-all - install-all block: diff --git a/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_nginx_proxy.yml b/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_nginx_proxy.yml index f1fa4f518..adb005369 100644 --- a/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_nginx_proxy.yml +++ b/roles/custom/matrix_playbook_migration/tasks/uninstall_matrix_nginx_proxy.yml @@ -19,7 +19,8 @@ path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-nginx-proxy.service" state: absent - - name: Ensure matrix-proxy-files files are deleted - ansible.builtin.file: - path: "{{ matrix_base_data_path }}/nginx-proxy" - state: absent +- when: matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled | bool + name: Ensure matrix-proxy-files files are deleted + ansible.builtin.file: + path: "{{ matrix_base_data_path }}/nginx-proxy" + state: absent