|
|
|
|
|
|
|
- name: Limit max upload size to 200MB part 1
|
|
|
|
set_fact:
|
|
|
|
matrix_synapse_max_upload_size_mb: "200"
|
|
|
|
when: matrix_synapse_max_upload_size_mb_raw|int >= 200
|
|
|
|
|
|
|
|
- name: Limit max upload size to 200MB part 2
|
|
|
|
set_fact:
|
|
|
|
matrix_synapse_max_upload_size_mb: "{{ matrix_synapse_max_upload_size_mb_raw }}"
|
|
|
|
when: matrix_synapse_max_upload_size_mb_raw|int < 200
|
|
|
|
|
|
|
|
- name: Record Synapse variables locally on AWX
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
|
|
line: "{{ item.key }}: {{ item.value }}"
|
|
|
|
insertafter: '# Synapse Settings Start'
|
|
|
|
with_dict:
|
|
|
|
'matrix_synapse_allow_public_rooms_over_federation': '{{ matrix_synapse_allow_public_rooms_over_federation }}'
|
|
|
|
'matrix_synapse_enable_registration': '{{ matrix_synapse_enable_registration }}'
|
|
|
|
'matrix_synapse_federation_enabled': '{{ matrix_synapse_federation_enabled }}'
|
|
|
|
'matrix_synapse_enable_group_creation': '{{ matrix_synapse_enable_group_creation }}'
|
|
|
|
'matrix_synapse_presence_enabled': '{{ matrix_synapse_presence_enabled }}'
|
|
|
|
'matrix_synapse_max_upload_size_mb': '{{ matrix_synapse_max_upload_size_mb }}'
|
|
|
|
'matrix_synapse_url_preview_enabled': '{{ matrix_synapse_url_preview_enabled }}'
|
|
|
|
'matrix_synapse_allow_guest_access': '{{ matrix_synapse_allow_guest_access }}'
|
|
|
|
|
|
|
|
- name: Empty Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if raw inputs empty
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
replace:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "^matrix_synapse_auto_join_rooms: .*$"
|
|
|
|
replace: "matrix_synapse_auto_join_rooms: []"
|
|
|
|
when: matrix_synapse_auto_join_rooms_raw|length == 0
|
|
|
|
|
|
|
|
- name: If the raw inputs is not empty start constructing parsed auto_join_rooms list
|
|
|
|
set_fact:
|
|
|
|
matrix_synapse_auto_join_rooms_array: |-
|
|
|
|
{{ matrix_synapse_auto_join_rooms_raw.splitlines() | to_json }}
|
|
|
|
when: matrix_synapse_auto_join_rooms_raw|length > 0
|
|
|
|
|
|
|
|
- name: Record Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if it's not blank
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
|
|
line: "{{ item.key }}: {{ item.value }}"
|
|
|
|
insertafter: '# Synapse Settings Start'
|
|
|
|
with_dict:
|
|
|
|
"matrix_synapse_auto_join_rooms": "{{ matrix_synapse_auto_join_rooms_array }}"
|
|
|
|
when: matrix_synapse_auto_join_rooms_raw|length > 0
|
|
|
|
|
|
|
|
- name: Record Synapse Shared Secret if it's defined
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
|
|
line: "{{ item.key }}: {{ item.value }}"
|
|
|
|
insertafter: '# Synapse Settings Start'
|
|
|
|
with_dict:
|
|
|
|
'matrix_synapse_registration_shared_secret': '{{ ext_matrix_synapse_registration_shared_secret }}'
|
|
|
|
when: ext_matrix_synapse_registration_shared_secret|length > 0
|
|
|
|
|
|
|
|
- name: Record registations_require_3pid extra variable if true
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "{{ item }}:"
|
|
|
|
line: "{{ item }}"
|
|
|
|
insertbefore: '# Synapse Extension End'
|
|
|
|
with_items:
|
|
|
|
- " registrations_require_3pid:"
|
|
|
|
- " - email"
|
|
|
|
when: ext_registrations_require_3pid|bool
|
|
|
|
|
|
|
|
- name: Remove registrations_require_3pid extra variable if false
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "{{ item }}:"
|
|
|
|
line: "{{ item }}"
|
|
|
|
insertbefore: '# Synapse Extension End'
|
|
|
|
state: absent
|
|
|
|
with_items:
|
|
|
|
- " registrations_require_3pid:"
|
|
|
|
- " - email"
|
|
|
|
when: not ext_registrations_require_3pid|bool
|
|
|
|
|
|
|
|
- name: Remove URL Languages
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
replace:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: '^(?!.*\bemail\b) - [a-zA-Z\-]{2,5}\n'
|
|
|
|
after: ' url_preview_accept_language:'
|
|
|
|
before: '# Synapse Extension End'
|
|
|
|
|
|
|
|
- name: Set URL languages default if raw inputs empty
|
|
|
|
set_fact:
|
|
|
|
ext_url_preview_accept_language_default: 'en'
|
|
|
|
when: ext_url_preview_accept_language_raw|length == 0
|
|
|
|
|
|
|
|
- name: Set URL languages default if raw inputs not empty
|
|
|
|
set_fact:
|
|
|
|
ext_url_preview_accept_language_default: "{{ ext_url_preview_accept_language_raw }}"
|
|
|
|
when: ext_url_preview_accept_language_raw|length > 0
|
|
|
|
|
|
|
|
- name: Set URL languages if raw inputs empty
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
insertafter: '^ url_preview_accept_language:'
|
|
|
|
line: " - {{ ext_url_preview_accept_language_default }}"
|
|
|
|
when: ext_url_preview_accept_language_raw|length == 0
|
|
|
|
|
|
|
|
- name: Set URL languages if raw inputs not empty
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
insertafter: '^ url_preview_accept_language:'
|
|
|
|
line: " - {{ item }}"
|
|
|
|
with_items: "{{ ext_url_preview_accept_language_raw.splitlines() }}"
|
|
|
|
when: ext_url_preview_accept_language_raw|length > 0
|
|
|
|
|
|
|
|
- name: Remove Federation Whitelisting 1
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
replace:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: '^ - [a-z0-9]+\.[a-z0-9.]+\n'
|
|
|
|
after: ' federation_domain_whitelist:'
|
|
|
|
before: '# Synapse Extension End'
|
|
|
|
|
|
|
|
- name: Remove Federation Whitelisting 2
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
line: " federation_domain_whitelist:"
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
- name: Set Federation Whitelisting 1
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
insertafter: '^matrix_synapse_configuration_extension_yaml: \|'
|
|
|
|
line: " federation_domain_whitelist:"
|
|
|
|
when: ext_federation_whitelist_raw|length > 0
|
|
|
|
|
|
|
|
- name: Set Federation Whitelisting 2
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
insertafter: '^ federation_domain_whitelist:'
|
|
|
|
line: " - {{ item }}"
|
|
|
|
with_items: "{{ ext_federation_whitelist_raw.splitlines() }}"
|
|
|
|
when: ext_federation_whitelist_raw|length > 0
|
|
|
|
|
|
|
|
- name: Record Synapse Custom variables locally on AWX
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
|
|
line: "{{ item.key }}: {{ item.value }}"
|
|
|
|
insertafter: '# Custom Settings Start'
|
|
|
|
with_dict:
|
|
|
|
'ext_federation_whitelist_raw': '{{ ext_federation_whitelist_raw.splitlines() | to_json }}'
|
|
|
|
'ext_url_preview_accept_language_default': '{{ ext_url_preview_accept_language_default.splitlines() | to_json }}'
|
|
|
|
|
|
|
|
- name: Set ext_recaptcha_public_key to a 'public-key' if undefined
|
|
|
|
set_fact: ext_recaptcha_public_key="public-key"
|
|
|
|
when: (ext_recaptcha_public_key is not defined) or (ext_recaptcha_public_key|length == 0)
|
|
|
|
|
|
|
|
- name: Set ext_recaptcha_private_key to a 'private-key' if undefined
|
|
|
|
set_fact: ext_recaptcha_private_key="private-key"
|
|
|
|
when: (ext_recaptcha_private_key is not defined) or (ext_recaptcha_private_key|length == 0)
|
|
|
|
|
|
|
|
- name: Record Synapse Extension variables locally on AWX
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
lineinfile:
|
|
|
|
path: '{{ awx_cached_matrix_vars }}'
|
|
|
|
regexp: "^#? *{{ item.key | regex_escape() }}:"
|
|
|
|
line: "{{ item.key }}: {{ item.value }}"
|
|
|
|
insertbefore: '# Synapse Extension End'
|
|
|
|
with_dict:
|
|
|
|
' enable_registration_captcha': '{{ ext_enable_registration_captcha }}'
|
|
|
|
' recaptcha_public_key': '{{ ext_recaptcha_public_key }}'
|
|
|
|
' recaptcha_private_key': '{{ ext_recaptcha_private_key }}'
|
|
|
|
|
|
|
|
- name: Save new 'Configure Synapse' survey.json to the AWX tower, template
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
template:
|
|
|
|
src: 'roles/matrix-awx/surveys/configure_synapse.json.j2'
|
|
|
|
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}//configure_synapse.json'
|
|
|
|
|
|
|
|
- name: Copy new 'Configure Synapse' survey.json to target machine
|
|
|
|
copy:
|
|
|
|
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json'
|
|
|
|
dest: '/matrix/awx/configure_synapse.json'
|
|
|
|
mode: '0660'
|
|
|
|
|
|
|
|
- name: Collect AWX admin token the hard way!
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
shell: |
|
|
|
|
curl -sku {{ tower_username }}:{{ tower_password }} -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' https://{{ tower_host }}/api/v2/users/1/personal_tokens/ | jq '.token' | sed -r 's/\"//g'
|
|
|
|
register: tower_token
|
|
|
|
no_log: True
|
|
|
|
|
|
|
|
- name: Recreate 'Configure Synapse' job template
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
awx.awx.tower_job_template:
|
|
|
|
name: "{{ matrix_domain }} - 1 - Configure Synapse"
|
|
|
|
description: "Configure Synapse (homeserver) settings."
|
|
|
|
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
|
|
|
|
job_type: run
|
|
|
|
job_tags: "start,setup-synapse"
|
|
|
|
inventory: "{{ member_id }}"
|
|
|
|
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
|
|
|
|
playbook: setup.yml
|
|
|
|
credential: "{{ member_id }} - AWX SSH Key"
|
|
|
|
survey_enabled: true
|
|
|
|
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/configure_synapse.json') }}"
|
|
|
|
become_enabled: yes
|
|
|
|
state: present
|
|
|
|
verbosity: 1
|
|
|
|
tower_host: "https://{{ tower_host }}"
|
|
|
|
tower_oauthtoken: "{{ tower_token.stdout }}"
|
|
|
|
validate_certs: yes
|