Fix CONDITIONAL_BARE_VARS deprecation warning in ansible 2.8

development
Dan Arnfield 6 years ago
parent affb99003c
commit 3982f114af

@ -3,22 +3,22 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml" - import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- import_tasks: "{{ role_path }}/tasks/setup_server_base.yml" - import_tasks: "{{ role_path }}/tasks/setup_server_base.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml" - import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- import_tasks: "{{ role_path }}/tasks/setup_well_known.yml" - import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-mxisd - setup-mxisd
@ -28,6 +28,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_dns.yml" - import_tasks: "{{ role_path }}/tasks/self_check_dns.yml"
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
become: false become: false
when: run_self_check when: run_self_check|bool
tags: tags:
- self-check - self-check

@ -19,7 +19,7 @@
- name: Determine domains that we require certificates for (mxisd) - name: Determine domains that we require certificates for (mxisd)
set_fact: set_fact:
dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}" dns_srv_record_checks: "{{ dns_srv_record_checks + [dns_srv_record_check_mxisd] }}"
when: "matrix_mxisd_enabled" when: matrix_mxisd_enabled|bool
- name: Perform DNS SRV checks - name: Perform DNS SRV checks
include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml" include_tasks: "{{ role_path }}/tasks/self_check_dns_srv.yml"

@ -27,10 +27,10 @@
mode: 0644 mode: 0644
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
when: matrix_well_known_matrix_server_enabled when: matrix_well_known_matrix_server_enabled|bool
- name: Ensure Matrix /.well-known/matrix/server file deleted - name: Ensure Matrix /.well-known/matrix/server file deleted
file: file:
path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server" path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
state: absent state: absent
when: "not matrix_well_known_matrix_server_enabled" when: "not matrix_well_known_matrix_server_enabled|bool"

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}"
when: matrix_appservice_discord_enabled when: matrix_appservice_discord_enabled|bool

@ -3,19 +3,19 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_appservice_discord_enabled" when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-appservice-discord - setup-appservice-discord
- import_tasks: "{{ role_path }}/tasks/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_appservice_discord_enabled" when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-appservice-discord - setup-appservice-discord
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_appservice_discord_enabled" when: "run_setup|bool and not matrix_appservice_discord_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-appservice-discord - setup-appservice-discord

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc'] }}"
when: matrix_appservice_irc_enabled when: matrix_appservice_irc_enabled|bool

@ -3,19 +3,19 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_appservice_irc_enabled" when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-appservice-irc - setup-appservice-irc
- import_tasks: "{{ role_path }}/tasks/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_appservice_irc_enabled" when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-appservice-irc - setup-appservice-irc
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_appservice_irc_enabled" when: "run_setup|bool and not matrix_appservice_irc_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-appservice-irc - setup-appservice-irc

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook'] }}"
when: "matrix_mautrix_facebook_enabled" when: matrix_mautrix_facebook_enabled|bool

@ -3,19 +3,19 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_mautrix_facebook_enabled" when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-mautrix-facebook - setup-mautrix-facebook
- import_tasks: "{{ role_path }}/tasks/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_mautrix_facebook_enabled" when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-mautrix-facebook - setup-mautrix-facebook
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_mautrix_facebook_enabled" when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-mautrix-facebook - setup-mautrix-facebook

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-telegram'] }}"
when: "matrix_mautrix_telegram_enabled" when: matrix_mautrix_telegram_enabled|bool

@ -3,19 +3,19 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_mautrix_telegram_enabled" when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-mautrix-telegram - setup-mautrix-telegram
- import_tasks: "{{ role_path }}/tasks/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup and matrix_mautrix_telegram_enabled" when: "run_setup|bool and matrix_mautrix_telegram_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-mautrix-telegram - setup-mautrix-telegram
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup and not matrix_mautrix_telegram_enabled" when: "run_setup|bool and not matrix_mautrix_telegram_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-mautrix-telegram - setup-mautrix-telegram

@ -98,7 +98,7 @@
but it's pointless since the matrix-nginx-proxy role had already executed. but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your plabook, To fix this, please change the order of roles in your plabook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role. so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
when: "matrix_nginx_proxy_role_executed" when: matrix_nginx_proxy_role_executed|bool
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy - name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
set_fact: set_fact:

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-whatsapp'] }}"
when: "matrix_mautrix_whatsapp_enabled" when: matrix_mautrix_whatsapp_enabled|bool

@ -1,9 +1,9 @@
- import_tasks: "{{ role_path }}/tasks/start.yml" - import_tasks: "{{ role_path }}/tasks/start.yml"
when: run_start when: run_start|bool
tags: tags:
- start - start
- import_tasks: "{{ role_path }}/tasks/stop.yml" - import_tasks: "{{ role_path }}/tasks/stop.yml"
when: run_stop when: run_stop|bool
tags: tags:
- stop - stop

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-corporal'] }}"
when: "matrix_corporal_enabled" when: matrix_corporal_enabled|bool

@ -3,13 +3,13 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_corporal_enabled" when: "run_setup|bool and matrix_corporal_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-corporal - setup-corporal
- import_tasks: "{{ role_path }}/tasks/setup_corporal.yml" - import_tasks: "{{ role_path }}/tasks/setup_corporal.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-corporal - setup-corporal
@ -17,6 +17,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml" - import_tasks: "{{ role_path }}/tasks/self_check_corporal.yml"
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
become: false become: false
when: "run_self_check and matrix_corporal_enabled" when: "run_self_check|bool and matrix_corporal_enabled|bool"
tags: tags:
- self-check - self-check

@ -15,19 +15,19 @@
- "{{ matrix_corporal_config_dir_path }}" - "{{ matrix_corporal_config_dir_path }}"
- "{{ matrix_corporal_cache_dir_path }}" - "{{ matrix_corporal_cache_dir_path }}"
- "{{ matrix_corporal_var_dir_path }}" - "{{ matrix_corporal_var_dir_path }}"
when: "matrix_corporal_enabled" when: matrix_corporal_enabled|bool
- name: Ensure Matrix Corporal Docker image is pulled - name: Ensure Matrix Corporal Docker image is pulled
docker_image: docker_image:
name: "{{ matrix_corporal_docker_image }}" name: "{{ matrix_corporal_docker_image }}"
when: "matrix_corporal_enabled" when: matrix_corporal_enabled|bool
- name: Ensure Matrix Corporal config installed - name: Ensure Matrix Corporal config installed
template: template:
src: "{{ role_path }}/templates/config.json.j2" src: "{{ role_path }}/templates/config.json.j2"
dest: "{{ matrix_corporal_config_dir_path }}/config.json" dest: "{{ matrix_corporal_config_dir_path }}/config.json"
mode: 0644 mode: 0644
when: "matrix_corporal_enabled" when: matrix_corporal_enabled|bool
- name: Ensure matrix-corporal.service installed - name: Ensure matrix-corporal.service installed
template: template:
@ -35,12 +35,12 @@
dest: "/etc/systemd/system/matrix-corporal.service" dest: "/etc/systemd/system/matrix-corporal.service"
mode: 0644 mode: 0644
register: matrix_corporal_systemd_service_result register: matrix_corporal_systemd_service_result
when: "matrix_corporal_enabled" when: matrix_corporal_enabled|bool
- name: Ensure systemd reloaded after matrix-corporal.service installation - name: Ensure systemd reloaded after matrix-corporal.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_corporal_enabled and matrix_corporal_systemd_service_result.changed" when: "matrix_corporal_enabled|bool and matrix_corporal_systemd_service_result.changed"
# #
@ -51,7 +51,7 @@
stat: stat:
path: "/etc/systemd/system/matrix-corporal.service" path: "/etc/systemd/system/matrix-corporal.service"
register: matrix_corporal_service_stat register: matrix_corporal_service_stat
when: "not matrix_corporal_enabled" when: "not matrix_corporal_enabled|bool"
- name: Ensure matrix-corporal is stopped - name: Ensure matrix-corporal is stopped
service: service:
@ -59,18 +59,18 @@
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
register: stopping_result register: stopping_result
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists" when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
- name: Ensure matrix-corporal.service doesn't exist - name: Ensure matrix-corporal.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-corporal.service" path: "/etc/systemd/system/matrix-corporal.service"
state: absent state: absent
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists" when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-corporal.service removal - name: Ensure systemd reloaded after matrix-corporal.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_corporal_enabled and matrix_corporal_service_stat.stat.exists" when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"
- name: Ensure matrix-corporal files don't exist - name: Ensure matrix-corporal files don't exist
file: file:
@ -79,10 +79,10 @@
with_items: with_items:
- /etc/systemd/system/matrix-corporal.service - /etc/systemd/system/matrix-corporal.service
- "{{ matrix_corporal_config_dir_path }}/config.json" - "{{ matrix_corporal_config_dir_path }}/config.json"
when: "not matrix_corporal_enabled" when: "not matrix_corporal_enabled|bool"
- name: Ensure Matrix Corporal Docker image doesn't exist - name: Ensure Matrix Corporal Docker image doesn't exist
docker_image: docker_image:
name: "{{ matrix_corporal_docker_image }}" name: "{{ matrix_corporal_docker_image }}"
state: absent state: absent
when: "not matrix_corporal_enabled" when: "not matrix_corporal_enabled|bool"

@ -14,4 +14,4 @@
- name: Fail if HTTP API enabled, but no token set - name: Fail if HTTP API enabled, but no token set
fail: fail:
msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`" msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`"
when: "matrix_corporal_http_api_enabled and matrix_corporal_http_api_auth_token == ''" when: "matrix_corporal_http_api_enabled|bool and matrix_corporal_http_api_auth_token == ''"

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-coturn'] }}"
when: "matrix_coturn_enabled" when: matrix_coturn_enabled|bool

@ -3,13 +3,13 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_coturn_enabled" when: "run_setup|bool and matrix_coturn_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-coturn - setup-coturn
- import_tasks: "{{ role_path }}/tasks/setup_coturn.yml" - import_tasks: "{{ role_path }}/tasks/setup_coturn.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-coturn - setup-coturn

@ -7,7 +7,7 @@
- name: Ensure Coturn image is pulled - name: Ensure Coturn image is pulled
docker_image: docker_image:
name: "{{ matrix_coturn_docker_image }}" name: "{{ matrix_coturn_docker_image }}"
when: matrix_coturn_enabled when: matrix_coturn_enabled|bool
- name: Ensure Coturn configuration path exists - name: Ensure Coturn configuration path exists
file: file:
@ -16,14 +16,14 @@
mode: 0750 mode: 0750
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
when: matrix_coturn_enabled when: matrix_coturn_enabled|bool
- name: Ensure turnserver.conf installed - name: Ensure turnserver.conf installed
template: template:
src: "{{ role_path }}/templates/turnserver.conf.j2" src: "{{ role_path }}/templates/turnserver.conf.j2"
dest: "{{ matrix_coturn_config_path }}" dest: "{{ matrix_coturn_config_path }}"
mode: 0644 mode: 0644
when: matrix_coturn_enabled when: matrix_coturn_enabled|bool
# `docker_network` doesn't work as expected when the given network # `docker_network` doesn't work as expected when the given network
# is a substring of a network that already exists. # is a substring of a network that already exists.
@ -34,12 +34,12 @@
cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'" cmd: "docker network ls -q --filter='name=^{{ matrix_coturn_docker_network }}$'"
register: matrix_coturn_result_docker_network register: matrix_coturn_result_docker_network
changed_when: false changed_when: false
when: matrix_coturn_enabled when: matrix_coturn_enabled|bool
- name: Create Coturn network in Docker - name: Create Coturn network in Docker
shell: shell:
cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}" cmd: "docker network create --driver=bridge {{ matrix_coturn_docker_network }}"
when: "matrix_coturn_enabled and matrix_coturn_result_docker_network.stdout == ''" when: "matrix_coturn_enabled|bool and matrix_coturn_result_docker_network.stdout == ''"
- name: Ensure matrix-coturn.service installed - name: Ensure matrix-coturn.service installed
template: template:
@ -47,12 +47,12 @@
dest: "/etc/systemd/system/matrix-coturn.service" dest: "/etc/systemd/system/matrix-coturn.service"
mode: 0644 mode: 0644
register: matrix_coturn_systemd_service_result register: matrix_coturn_systemd_service_result
when: matrix_coturn_enabled when: matrix_coturn_enabled|bool
- name: Ensure systemd reloaded after matrix-coturn.service installation - name: Ensure systemd reloaded after matrix-coturn.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_coturn_enabled and matrix_coturn_systemd_service_result.changed" when: "matrix_coturn_enabled|bool and matrix_coturn_systemd_service_result.changed"
# This may be unnecessary when more long-lived certificates are used. # This may be unnecessary when more long-lived certificates are used.
# We optimize for the common use-case though (short-lived Let's Encrypt certificates). # We optimize for the common use-case though (short-lived Let's Encrypt certificates).
@ -67,7 +67,7 @@
minute: 20 minute: 20
day: "*/5" day: "*/5"
job: /bin/systemctl reload matrix-coturn.service job: /bin/systemctl reload matrix-coturn.service
when: matrix_coturn_enabled and matrix_coturn_tls_enabled when: "matrix_coturn_enabled|bool and matrix_coturn_tls_enabled|bool"
# #
@ -79,13 +79,13 @@
user: root user: root
cron_file: matrix-coturn-ssl-reload cron_file: matrix-coturn-ssl-reload
state: absent state: absent
when: "not matrix_coturn_enabled or not matrix_coturn_tls_enabled" when: "not matrix_coturn_enabled|bool or not matrix_coturn_tls_enabled|bool"
- name: Check existence of matrix-coturn service - name: Check existence of matrix-coturn service
stat: stat:
path: "/etc/systemd/system/matrix-coturn.service" path: "/etc/systemd/system/matrix-coturn.service"
register: matrix_coturn_service_stat register: matrix_coturn_service_stat
when: "not matrix_coturn_enabled" when: "not matrix_coturn_enabled|bool"
- name: Ensure matrix-coturn is stopped - name: Ensure matrix-coturn is stopped
service: service:
@ -93,27 +93,27 @@
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
register: stopping_result register: stopping_result
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists" when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
- name: Ensure matrix-coturn.service doesn't exist - name: Ensure matrix-coturn.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-coturn.service" path: "/etc/systemd/system/matrix-coturn.service"
state: absent state: absent
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists" when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-coturn.service removal - name: Ensure systemd reloaded after matrix-coturn.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_coturn_enabled and matrix_coturn_service_stat.stat.exists" when: "not matrix_coturn_enabled|bool and matrix_coturn_service_stat.stat.exists"
- name: Ensure Matrix coturn paths don't exist - name: Ensure Matrix coturn paths don't exist
file: file:
path: "{{ matrix_coturn_base_path }}" path: "{{ matrix_coturn_base_path }}"
state: absent state: absent
when: "not matrix_coturn_enabled" when: "not matrix_coturn_enabled|bool"
- name: Ensure coturn Docker image doesn't exist - name: Ensure coturn Docker image doesn't exist
docker_image: docker_image:
name: "{{ matrix_coturn_docker_image }}" name: "{{ matrix_coturn_docker_image }}"
state: absent state: absent
when: "not matrix_coturn_enabled" when: "not matrix_coturn_enabled|bool"

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-dimension'] }}"
when: "matrix_dimension_enabled" when: matrix_dimension_enabled|bool

@ -3,13 +3,13 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-dimension - setup-dimension
- import_tasks: "{{ role_path }}/tasks/setup_dimension.yml" - import_tasks: "{{ role_path }}/tasks/setup_dimension.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-dimension - setup-dimension

@ -11,7 +11,7 @@
mode: 0770 mode: 0770
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_dimension_user_gid }}" group: "{{ matrix_dimension_user_gid }}"
when: matrix_dimension_enabled when: matrix_dimension_enabled|bool
- name: Ensure Dimension config installed - name: Ensure Dimension config installed
copy: copy:
@ -20,12 +20,12 @@
mode: 0640 mode: 0640
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_dimension_user_gid }}" group: "{{ matrix_dimension_user_gid }}"
when: matrix_dimension_enabled when: matrix_dimension_enabled|bool
- name: Ensure Dimension image is pulled - name: Ensure Dimension image is pulled
docker_image: docker_image:
name: "{{ matrix_dimension_docker_image }}" name: "{{ matrix_dimension_docker_image }}"
when: matrix_dimension_enabled when: matrix_dimension_enabled|bool
- name: Ensure matrix-dimension.service installed - name: Ensure matrix-dimension.service installed
template: template:
@ -33,12 +33,12 @@
dest: "/etc/systemd/system/matrix-dimension.service" dest: "/etc/systemd/system/matrix-dimension.service"
mode: 0644 mode: 0644
register: matrix_dimension_systemd_service_result register: matrix_dimension_systemd_service_result
when: matrix_dimension_enabled when: matrix_dimension_enabled|bool
- name: Ensure systemd reloaded after matrix-dimension.service installation - name: Ensure systemd reloaded after matrix-dimension.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_dimension_enabled and matrix_dimension_systemd_service_result.changed" when: "matrix_dimension_enabled|bool and matrix_dimension_systemd_service_result.changed"
# #
# Tasks related to getting rid of the dimension (if it was previously enabled) # Tasks related to getting rid of the dimension (if it was previously enabled)
@ -48,7 +48,7 @@
stat: stat:
path: "/etc/systemd/system/matrix-dimension.service" path: "/etc/systemd/system/matrix-dimension.service"
register: matrix_dimension_service_stat register: matrix_dimension_service_stat
when: not matrix_dimension_enabled when: "not matrix_dimension_enabled|bool"
- name: Ensure matrix-dimension is stopped - name: Ensure matrix-dimension is stopped
service: service:
@ -56,27 +56,27 @@
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
register: stopping_result register: stopping_result
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists" when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
- name: Ensure matrix-dimension.service doesn't exist - name: Ensure matrix-dimension.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-dimension.service" path: "/etc/systemd/system/matrix-dimension.service"
state: absent state: absent
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists" when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-dimension.service removal - name: Ensure systemd reloaded after matrix-dimension.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_dimension_enabled and matrix_dimension_service_stat.stat.exists" when: "not matrix_dimension_enabled|bool and matrix_dimension_service_stat.stat.exists"
- name: Ensure Dimension environment variables path doesn't exist - name: Ensure Dimension environment variables path doesn't exist
file: file:
path: "{{ matrix_dimension_base_path }}" path: "{{ matrix_dimension_base_path }}"
state: absent state: absent
when: "not matrix_dimension_enabled" when: "not matrix_dimension_enabled|bool"
- name: Ensure Dimension Docker image doesn't exist - name: Ensure Dimension Docker image doesn't exist
docker_image: docker_image:
name: "{{ matrix_dimension_docker_image }}" name: "{{ matrix_dimension_docker_image }}"
state: absent state: absent
when: "not matrix_dimension_enabled" when: "not matrix_dimension_enabled|bool"

@ -12,4 +12,4 @@
You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'. You need to enable Matrix Federation to use Dimension. Set `{{ item }}` to 'true'.
with_items: with_items:
- "matrix_synapse_federation_enabled" - "matrix_synapse_federation_enabled"
when: "matrix_dimension_enabled and matrix_synapse_federation_enabled == false" when: "matrix_dimension_enabled|bool and not matrix_synapse_federation_enabled|bool"

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mailer'] }}"
when: "matrix_mailer_enabled" when: matrix_mailer_enabled|bool

@ -3,7 +3,7 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/setup_mailer.yml" - import_tasks: "{{ role_path }}/tasks/setup_mailer.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-mailer - setup-mailer

@ -11,19 +11,19 @@
mode: 0750 mode: 0750
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
when: matrix_mailer_enabled when: matrix_mailer_enabled|bool
- name: Ensure mailer environment variables file created - name: Ensure mailer environment variables file created
template: template:
src: "{{ role_path }}/templates/env-mailer.j2" src: "{{ role_path }}/templates/env-mailer.j2"
dest: "{{ matrix_mailer_base_path }}/env-mailer" dest: "{{ matrix_mailer_base_path }}/env-mailer"
mode: 0640 mode: 0640
when: matrix_mailer_enabled when: matrix_mailer_enabled|bool
- name: Ensure mailer image is pulled - name: Ensure mailer image is pulled
docker_image: docker_image:
name: "{{ matrix_mailer_docker_image }}" name: "{{ matrix_mailer_docker_image }}"
when: matrix_mailer_enabled when: matrix_mailer_enabled|bool
- name: Ensure matrix-mailer.service installed - name: Ensure matrix-mailer.service installed
template: template:
@ -31,12 +31,12 @@
dest: "/etc/systemd/system/matrix-mailer.service" dest: "/etc/systemd/system/matrix-mailer.service"
mode: 0644 mode: 0644
register: matrix_mailer_systemd_service_result register: matrix_mailer_systemd_service_result
when: matrix_mailer_enabled when: matrix_mailer_enabled|bool
- name: Ensure systemd reloaded after matrix-mailer.service installation - name: Ensure systemd reloaded after matrix-mailer.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_mailer_enabled and matrix_mailer_systemd_service_result.changed" when: "matrix_mailer_enabled|bool and matrix_mailer_systemd_service_result.changed"
# #
# Tasks related to getting rid of the mailer (if it was previously enabled) # Tasks related to getting rid of the mailer (if it was previously enabled)
@ -46,7 +46,7 @@
stat: stat:
path: "/etc/systemd/system/matrix-mailer.service" path: "/etc/systemd/system/matrix-mailer.service"
register: matrix_mailer_service_stat register: matrix_mailer_service_stat
when: "not matrix_mailer_enabled" when: "not matrix_mailer_enabled|bool"
- name: Ensure matrix-mailer is stopped - name: Ensure matrix-mailer is stopped
service: service:
@ -54,27 +54,27 @@
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
register: stopping_result register: stopping_result
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists" when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
- name: Ensure matrix-mailer.service doesn't exist - name: Ensure matrix-mailer.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-mailer.service" path: "/etc/systemd/system/matrix-mailer.service"
state: absent state: absent
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists" when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-mailer.service removal - name: Ensure systemd reloaded after matrix-mailer.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_mailer_enabled and matrix_mailer_service_stat.stat.exists" when: "not matrix_mailer_enabled|bool and matrix_mailer_service_stat.stat.exists"
- name: Ensure Matrix mailer environment variables path doesn't exist - name: Ensure Matrix mailer environment variables path doesn't exist
file: file:
path: "{{ matrix_mailer_base_path }}" path: "{{ matrix_mailer_base_path }}"
state: absent state: absent
when: "not matrix_mailer_enabled" when: "not matrix_mailer_enabled|bool"
- name: Ensure mailer Docker image doesn't exist - name: Ensure mailer Docker image doesn't exist
docker_image: docker_image:
name: "{{ matrix_mailer_docker_image }}" name: "{{ matrix_mailer_docker_image }}"
state: absent state: absent
when: "not matrix_mailer_enabled" when: "not matrix_mailer_enabled|bool"

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mxisd'] }}"
when: "matrix_mxisd_enabled" when: matrix_mxisd_enabled|bool

@ -3,7 +3,7 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_mxisd_enabled" when: "run_setup|bool and matrix_mxisd_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-mxisd - setup-mxisd
@ -16,6 +16,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml" - import_tasks: "{{ role_path }}/tasks/self_check_mxisd.yml"
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
become: false become: false
when: "run_self_check and matrix_mxisd_enabled" when: "run_self_check|bool and matrix_mxisd_enabled|bool"
tags: tags:
- self-check - self-check

@ -14,12 +14,12 @@
with_items: with_items:
- "{{ matrix_mxisd_config_path }}" - "{{ matrix_mxisd_config_path }}"
- "{{ matrix_mxisd_data_path }}" - "{{ matrix_mxisd_data_path }}"
when: matrix_mxisd_enabled when: matrix_mxisd_enabled|bool
- name: Ensure mxisd image is pulled - name: Ensure mxisd image is pulled
docker_image: docker_image:
name: "{{ matrix_mxisd_docker_image }}" name: "{{ matrix_mxisd_docker_image }}"
when: matrix_mxisd_enabled when: matrix_mxisd_enabled|bool
- name: Ensure mxisd config installed - name: Ensure mxisd config installed
copy: copy:
@ -28,7 +28,7 @@
mode: 0644 mode: 0644
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
when: matrix_mxisd_enabled when: matrix_mxisd_enabled|bool
- name: Ensure custom templates are installed if any - name: Ensure custom templates are installed if any
copy: copy:
@ -42,7 +42,7 @@
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'} - {value: "{{ matrix_mxisd_threepid_medium_email_custom_session_validation_template }}", location: 'validate-template.eml'}
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'} - {value: "{{ matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template }}", location: 'unbind-fraudulent.eml'}
- {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'} - {value: "{{ matrix_mxisd_threepid_medium_email_custom_matrixid_template }}", location: 'mxid-template.eml'}
when: matrix_mxisd_enabled and matrix_mxisd_threepid_medium_email_custom_templates_enabled and item.value when: "matrix_mxisd_enabled|bool and matrix_mxisd_threepid_medium_email_custom_templates_enabled|bool and item.value"
- name: Ensure matrix-mxisd.service installed - name: Ensure matrix-mxisd.service installed
template: template:
@ -50,12 +50,12 @@
dest: "/etc/systemd/system/matrix-mxisd.service" dest: "/etc/systemd/system/matrix-mxisd.service"
mode: 0644 mode: 0644
register: matrix_mxisd_systemd_service_result register: matrix_mxisd_systemd_service_result
when: matrix_mxisd_enabled when: matrix_mxisd_enabled|bool
- name: Ensure systemd reloaded after matrix-mxisd.service installation - name: Ensure systemd reloaded after matrix-mxisd.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_mxisd_enabled and matrix_mxisd_systemd_service_result.changed" when: "matrix_mxisd_enabled|bool and matrix_mxisd_systemd_service_result.changed"
# #
# Tasks related to getting rid of mxisd (if it was previously enabled) # Tasks related to getting rid of mxisd (if it was previously enabled)
@ -72,27 +72,27 @@
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
register: stopping_result register: stopping_result
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists" when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
- name: Ensure matrix-mxisd.service doesn't exist - name: Ensure matrix-mxisd.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-mxisd.service" path: "/etc/systemd/system/matrix-mxisd.service"
state: absent state: absent
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists" when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-mxisd.service removal - name: Ensure systemd reloaded after matrix-mxisd.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_mxisd_enabled and matrix_mxisd_service_stat.stat.exists" when: "not matrix_mxisd_enabled|bool and matrix_mxisd_service_stat.stat.exists"
- name: Ensure Matrix mxisd paths don't exist - name: Ensure Matrix mxisd paths don't exist
file: file:
path: "{{ matrix_mxisd_base_path }}" path: "{{ matrix_mxisd_base_path }}"
state: absent state: absent
when: "not matrix_mxisd_enabled" when: "not matrix_mxisd_enabled|bool"
- name: Ensure mxisd Docker image doesn't exist - name: Ensure mxisd Docker image doesn't exist
docker_image: docker_image:
name: "{{ matrix_mxisd_docker_image }}" name: "{{ matrix_mxisd_docker_image }}"
state: absent state: absent
when: "not matrix_mxisd_enabled" when: "not matrix_mxisd_enabled|bool"

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy'] }}"
when: "matrix_nginx_proxy_enabled" when: matrix_nginx_proxy_enabled|bool

@ -6,20 +6,20 @@
# This role performs actions even if the role is disabled, so we need # This role performs actions even if the role is disabled, so we need
# to ensure there's a valid configuration in any case. # to ensure there's a valid configuration in any case.
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-nginx-proxy - setup-nginx-proxy
- import_tasks: "{{ role_path }}/tasks/ssl/main.yml" - import_tasks: "{{ role_path }}/tasks/ssl/main.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-nginx-proxy - setup-nginx-proxy
- setup-ssl - setup-ssl
- import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml" - import_tasks: "{{ role_path }}/tasks/setup_nginx_proxy.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-nginx-proxy - setup-nginx-proxy
@ -27,7 +27,7 @@
- import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml" - import_tasks: "{{ role_path }}/tasks/self_check_well_known.yml"
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
become: false become: false
when: run_self_check when: run_self_check|bool
tags: tags:
- self-check - self-check

@ -21,7 +21,7 @@
- name: Determine domains that we require certificates for (mxisd) - name: Determine domains that we require certificates for (mxisd)
set_fact: set_fact:
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}" well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
when: "matrix_well_known_matrix_server_enabled" when: matrix_well_known_matrix_server_enabled|bool
- name: Perform well-known checks - name: Perform well-known checks
include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml" include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"

@ -27,7 +27,7 @@
src: "{{ role_path }}/templates/nginx/nginx.conf.j2" src: "{{ role_path }}/templates/nginx/nginx.conf.j2"
dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf" dest: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
mode: 0644 mode: 0644
when: "matrix_nginx_proxy_enabled" when: matrix_nginx_proxy_enabled|bool
- name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI) - name: Ensure matrix-synapse-metrics-htpasswd is present (protecting /_synapse/metrics URI)
template: template:
@ -36,35 +36,35 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
mode: 0400 mode: 0400
when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled and matrix_nginx_proxy_proxy_synapse_metrics" when: "matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool and matrix_nginx_proxy_proxy_synapse_metrics|bool"
- name: Ensure Matrix nginx-proxy configured (generic) - name: Ensure Matrix nginx-proxy configured (generic)
template: template:
src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2" src: "{{ role_path }}/templates/nginx/conf.d/nginx-http.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf" dest: "{{ matrix_nginx_proxy_confd_path }}/nginx-http.conf"
mode: 0644 mode: 0644
when: "matrix_nginx_proxy_enabled" when: matrix_nginx_proxy_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for matrix domain exists - name: Ensure Matrix nginx-proxy configuration for matrix domain exists
template: template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2" src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
mode: 0644 mode: 0644
when: "matrix_nginx_proxy_proxy_matrix_enabled" when: matrix_nginx_proxy_proxy_matrix_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for riot domain exists - name: Ensure Matrix nginx-proxy configuration for riot domain exists
template: template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2" src: "{{ role_path }}/templates/nginx/conf.d/matrix-riot-web.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
mode: 0644 mode: 0644
when: "matrix_nginx_proxy_proxy_riot_enabled" when: matrix_nginx_proxy_proxy_riot_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for dimension domain exists - name: Ensure Matrix nginx-proxy configuration for dimension domain exists
template: template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2" src: "{{ role_path }}/templates/nginx/conf.d/matrix-dimension.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
mode: 0644 mode: 0644
when: "matrix_nginx_proxy_proxy_dimension_enabled" when: matrix_nginx_proxy_proxy_dimension_enabled|bool
- name: Ensure Matrix nginx-proxy data directory for base domain exists - name: Ensure Matrix nginx-proxy data directory for base domain exists
file: file:
@ -73,7 +73,7 @@
mode: 0750 mode: 0750
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
when: "matrix_nginx_proxy_base_domain_serving_enabled" when: matrix_nginx_proxy_base_domain_serving_enabled|bool
- name: Ensure Matrix nginx-proxy homepage for base domain exists - name: Ensure Matrix nginx-proxy homepage for base domain exists
copy: copy:
@ -82,14 +82,14 @@
mode: 0644 mode: 0644
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
when: "matrix_nginx_proxy_base_domain_serving_enabled" when: matrix_nginx_proxy_base_domain_serving_enabled|bool
- name: Ensure Matrix nginx-proxy configuration for base domain exists - name: Ensure Matrix nginx-proxy configuration for base domain exists
template: template:
src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2" src: "{{ role_path }}/templates/nginx/conf.d/matrix-domain.conf.j2"
dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf" dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
mode: 0644 mode: 0644
when: "matrix_nginx_proxy_base_domain_serving_enabled" when: matrix_nginx_proxy_base_domain_serving_enabled|bool
# #
# Tasks related to setting up matrix-nginx-proxy # Tasks related to setting up matrix-nginx-proxy
@ -97,7 +97,7 @@
- name: Ensure nginx Docker image is pulled - name: Ensure nginx Docker image is pulled
docker_image: docker_image:
name: "{{ matrix_nginx_proxy_docker_image }}" name: "{{ matrix_nginx_proxy_docker_image }}"
when: matrix_nginx_proxy_enabled when: matrix_nginx_proxy_enabled|bool
- name: Ensure matrix-nginx-proxy.service installed - name: Ensure matrix-nginx-proxy.service installed
template: template:
@ -105,7 +105,7 @@
dest: "/etc/systemd/system/matrix-nginx-proxy.service" dest: "/etc/systemd/system/matrix-nginx-proxy.service"
mode: 0644 mode: 0644
register: matrix_nginx_proxy_systemd_service_result register: matrix_nginx_proxy_systemd_service_result
when: matrix_nginx_proxy_enabled when: matrix_nginx_proxy_enabled|bool
- name: Ensure systemd reloaded after matrix-nginx-proxy.service installation - name: Ensure systemd reloaded after matrix-nginx-proxy.service installation
service: service:
@ -121,7 +121,7 @@
stat: stat:
path: "/etc/systemd/system/matrix-nginx-proxy.service" path: "/etc/systemd/system/matrix-nginx-proxy.service"
register: matrix_nginx_proxy_service_stat register: matrix_nginx_proxy_service_stat
when: "not matrix_nginx_proxy_enabled" when: "not matrix_nginx_proxy_enabled|bool"
- name: Ensure matrix-nginx-proxy is stopped - name: Ensure matrix-nginx-proxy is stopped
service: service:
@ -129,57 +129,57 @@
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
register: stopping_result register: stopping_result
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists" when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
- name: Ensure matrix-nginx-proxy.service doesn't exist - name: Ensure matrix-nginx-proxy.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-nginx-proxy.service" path: "/etc/systemd/system/matrix-nginx-proxy.service"
state: absent state: absent
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists" when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-nginx-proxy.service removal - name: Ensure systemd reloaded after matrix-nginx-proxy.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_nginx_proxy_enabled and matrix_nginx_proxy_service_stat.stat.exists" when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists"
- name: Ensure Matrix nginx-proxy configuration for matrix domain deleted - name: Ensure Matrix nginx-proxy configuration for matrix domain deleted
file: file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf" path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf"
state: absent state: absent
when: "not matrix_nginx_proxy_proxy_matrix_enabled" when: "not matrix_nginx_proxy_proxy_matrix_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for riot domain deleted - name: Ensure Matrix nginx-proxy configuration for riot domain deleted
file: file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf" path: "{{ matrix_nginx_proxy_confd_path }}/matrix-riot-web.conf"
state: absent state: absent
when: "not matrix_nginx_proxy_proxy_riot_enabled" when: "not matrix_nginx_proxy_proxy_riot_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for dimension domain deleted - name: Ensure Matrix nginx-proxy configuration for dimension domain deleted
file: file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf" path: "{{ matrix_nginx_proxy_confd_path }}/matrix-dimension.conf"
state: absent state: absent
when: "not matrix_nginx_proxy_proxy_dimension_enabled" when: "not matrix_nginx_proxy_proxy_dimension_enabled|bool"
- name: Ensure Matrix nginx-proxy homepage for base domain deleted - name: Ensure Matrix nginx-proxy homepage for base domain deleted
file: file:
path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html" path: "{{ matrix_nginx_proxy_data_path }}/matrix-domain/index.html"
state: absent state: absent
when: "not matrix_nginx_proxy_base_domain_serving_enabled" when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for base domain deleted - name: Ensure Matrix nginx-proxy configuration for base domain deleted
file: file:
path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf" path: "{{ matrix_nginx_proxy_confd_path }}/matrix-domain.conf"
state: absent state: absent
when: "not matrix_nginx_proxy_base_domain_serving_enabled" when: "not matrix_nginx_proxy_base_domain_serving_enabled|bool"
- name: Ensure Matrix nginx-proxy configuration for main config override deleted - name: Ensure Matrix nginx-proxy configuration for main config override deleted
file: file:
path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf" path: "{{ matrix_nginx_proxy_base_path }}/nginx.conf"
state: absent state: absent
when: "not matrix_nginx_proxy_enabled" when: "not matrix_nginx_proxy_enabled|bool"
- name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI) - name: Ensure Matrix nginx-proxy htpasswd is deleted (protecting /_synapse/metrics URI)
file: file:
path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd" path: "{{ matrix_nginx_proxy_data_path }}/matrix-synapse-metrics-htpasswd"
state: absent state: absent
when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled or not matrix_nginx_proxy_proxy_synapse_metrics" when: "not matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled|bool or not matrix_nginx_proxy_proxy_synapse_metrics|bool"

@ -82,7 +82,7 @@
minute: 20 minute: 20
day: "*" day: "*"
job: /bin/systemctl reload matrix-nginx-proxy.service job: /bin/systemctl reload matrix-nginx-proxy.service
when: matrix_nginx_proxy_enabled when: matrix_nginx_proxy_enabled|bool
when: "matrix_ssl_retrieval_method == 'lets-encrypt'" when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
@ -98,7 +98,7 @@
cron_file: matrix-ssl-lets-encrypt cron_file: matrix-ssl-lets-encrypt
name: matrix-nginx-proxy-reload name: matrix-nginx-proxy-reload
state: absent state: absent
when: "not matrix_nginx_proxy_enabled" when: "not matrix_nginx_proxy_enabled|bool"
# When Let's Encrypt is not used at all, remove all cronjobs in that cron file. # When Let's Encrypt is not used at all, remove all cronjobs in that cron file.
- name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed - name: Ensure matrix-ssl-lets-encrypt-renew cronjob removed

@ -35,7 +35,7 @@
--agree-tos --agree-tos
--email={{ matrix_ssl_lets_encrypt_support_email }} --email={{ matrix_ssl_lets_encrypt_support_email }}
-d {{ domain_name }} -d {{ domain_name }}
when: "domain_name_needs_cert" when: domain_name_needs_cert|bool
register: result_certbot_direct register: result_certbot_direct
ignore_errors: true ignore_errors: true

@ -5,7 +5,7 @@
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
when: "not matrix_postgres_enabled" when: "not matrix_postgres_enabled|bool"
- name: Fail if playbook called incorrectly - name: Fail if playbook called incorrectly
fail: fail:
@ -20,7 +20,7 @@
- name: Fail if provided Postgres dump file doesn't exists - name: Fail if provided Postgres dump file doesn't exists
fail: fail:
msg: "File cannot be found on the server at {{ server_path_postgres_dump }}" msg: "File cannot be found on the server at {{ server_path_postgres_dump }}"
when: not result_server_path_postgres_dump_stat.stat.exists when: "not result_server_path_postgres_dump_stat.stat.exists"
# Defaults # Defaults
@ -54,7 +54,7 @@
- name: Abort, if no existing Postgres version detected - name: Abort, if no existing Postgres version detected
fail: fail:
msg: "Could not find existing Postgres installation" msg: "Could not find existing Postgres installation"
when: "not matrix_postgres_detected_existing" when: "not matrix_postgres_detected_existing|bool"
- name: Generate Postgres database import command - name: Generate Postgres database import command
set_fact: set_fact:

@ -5,7 +5,7 @@
- name: Fail if Postgres not enabled - name: Fail if Postgres not enabled
fail: fail:
msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import." msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot import."
when: "not matrix_postgres_enabled" when: "not matrix_postgres_enabled|bool"
- name: Fail if playbook called incorrectly - name: Fail if playbook called incorrectly
fail: fail:
@ -20,7 +20,7 @@
- name: Fail if provided SQLite homeserver.db file doesn't exist - name: Fail if provided SQLite homeserver.db file doesn't exist
fail: fail:
msg: "File cannot be found on the server at {{ server_path_homeserver_db }}" msg: "File cannot be found on the server at {{ server_path_homeserver_db }}"
when: not result_server_path_homeserver_db_stat.stat.exists when: "not result_server_path_homeserver_db_stat.stat.exists"
# Defaults # Defaults

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-postgres'] }}"
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool

@ -3,28 +3,28 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_postgres_enabled" when: "run_setup|bool and matrix_postgres_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-postgres - setup-postgres
- import_tasks: "{{ role_path }}/tasks/setup_postgres.yml" - import_tasks: "{{ role_path }}/tasks/setup_postgres.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-postgres - setup-postgres
- import_tasks: "{{ role_path }}/tasks/import_postgres.yml" - import_tasks: "{{ role_path }}/tasks/import_postgres.yml"
when: run_import_postgres when: run_import_postgres|bool
tags: tags:
- import-postgres - import-postgres
- import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml" - import_tasks: "{{ role_path }}/tasks/import_sqlite_db.yml"
when: run_import_sqlite_db when: run_import_sqlite_db|bool
tags: tags:
- import-sqlite-db - import-sqlite-db
- import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml" - import_tasks: "{{ role_path }}/tasks/upgrade_postgres.yml"
when: run_upgrade_postgres when: run_upgrade_postgres|bool
tags: tags:
- upgrade-postgres - upgrade-postgres

@ -5,10 +5,10 @@
# #
- import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml" - import_tasks: "{{ role_path }}/tasks/migrate_postgres_data_directory.yml"
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
- import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml" - import_tasks: "{{ role_path }}/tasks/util/detect_existing_postgres_version.yml"
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
# If we have found an existing version (installed from before), we use its corresponding Docker image. # If we have found an existing version (installed from before), we use its corresponding Docker image.
# If not, we install using the latest Postgres. # If not, we install using the latest Postgres.
@ -16,18 +16,18 @@
# Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`). # Upgrading is supposed to be performed separately and explicitly (see `upgrade_postgres.yml`).
- set_fact: - set_fact:
matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}" matrix_postgres_docker_image_to_use: "{{ matrix_postgres_docker_image_latest if matrix_postgres_detected_version_corresponding_docker_image == '' else matrix_postgres_detected_version_corresponding_docker_image }}"
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
- name: Warn if on an old version of Postgres - name: Warn if on an old version of Postgres
debug: debug:
msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres" msg: "NOTE: Your setup is on an old Postgres version ({{ matrix_postgres_docker_image_to_use }}), while {{ matrix_postgres_docker_image_latest }} is supported. You can upgrade using --tags=upgrade-postgres"
when: "matrix_postgres_enabled and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest" when: "matrix_postgres_enabled|bool and matrix_postgres_docker_image_to_use != matrix_postgres_docker_image_latest"
# Even if we don't run the internal server, we still need this for running the CLI # Even if we don't run the internal server, we still need this for running the CLI
- name: Ensure postgres Docker image is pulled - name: Ensure postgres Docker image is pulled
docker_image: docker_image:
name: "{{ matrix_postgres_docker_image_to_use }}" name: "{{ matrix_postgres_docker_image_to_use }}"
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
# We always create these directories, even if an external Postgres is used, # We always create these directories, even if an external Postgres is used,
# because we store environment variable files there. # because we store environment variable files there.
@ -41,7 +41,7 @@
with_items: with_items:
- "{{ matrix_postgres_base_path }}" - "{{ matrix_postgres_base_path }}"
- "{{ matrix_postgres_data_path }}" - "{{ matrix_postgres_data_path }}"
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
- name: Ensure Postgres environment variables file created - name: Ensure Postgres environment variables file created
template: template:
@ -51,21 +51,21 @@
with_items: with_items:
- "env-postgres-psql" - "env-postgres-psql"
- "env-postgres-server" - "env-postgres-server"
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
- name: Ensure matrix-postgres-cli script created - name: Ensure matrix-postgres-cli script created
template: template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2" src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-cli.j2"
dest: "/usr/local/bin/matrix-postgres-cli" dest: "/usr/local/bin/matrix-postgres-cli"
mode: 0750 mode: 0750
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
- name: Ensure matrix-make-user-admin script created - name: Ensure matrix-make-user-admin script created
template: template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2" src: "{{ role_path }}/templates/usr-local-bin/matrix-make-user-admin.j2"
dest: "/usr/local/bin/matrix-make-user-admin" dest: "/usr/local/bin/matrix-make-user-admin"
mode: 0750 mode: 0750
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
# #
# Tasks related to setting up an internal postgres server # Tasks related to setting up an internal postgres server
@ -77,12 +77,12 @@
dest: "/etc/systemd/system/matrix-postgres.service" dest: "/etc/systemd/system/matrix-postgres.service"
mode: 0644 mode: 0644
register: matrix_postgres_systemd_service_result register: matrix_postgres_systemd_service_result
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool
- name: Ensure systemd reloaded after matrix-postgres.service installation - name: Ensure systemd reloaded after matrix-postgres.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: "matrix_postgres_enabled and matrix_postgres_systemd_service_result.changed" when: "matrix_postgres_enabled|bool and matrix_postgres_systemd_service_result.changed"
# #
# Tasks related to getting rid of the internal postgres server (if it was previously enabled) # Tasks related to getting rid of the internal postgres server (if it was previously enabled)
@ -92,41 +92,41 @@
stat: stat:
path: "/etc/systemd/system/matrix-postgres.service" path: "/etc/systemd/system/matrix-postgres.service"
register: matrix_postgres_service_stat register: matrix_postgres_service_stat
when: "not matrix_postgres_enabled" when: "not matrix_postgres_enabled|bool"
- name: Ensure matrix-postgres is stopped - name: Ensure matrix-postgres is stopped
service: service:
name: matrix-postgres name: matrix-postgres
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists" when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Ensure matrix-postgres.service doesn't exist - name: Ensure matrix-postgres.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-postgres.service" path: "/etc/systemd/system/matrix-postgres.service"
state: absent state: absent
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists" when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-postgres.service removal - name: Ensure systemd reloaded after matrix-postgres.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_postgres_enabled and matrix_postgres_service_stat.stat.exists" when: "not matrix_postgres_enabled|bool and matrix_postgres_service_stat.stat.exists"
- name: Check existence of matrix-postgres local data path - name: Check existence of matrix-postgres local data path
stat: stat:
path: "{{ matrix_postgres_data_path }}" path: "{{ matrix_postgres_data_path }}"
register: matrix_postgres_data_path_stat register: matrix_postgres_data_path_stat
when: "not matrix_postgres_enabled" when: "not matrix_postgres_enabled|bool"
# We just want to notify the user. Deleting data is too destructive. # We just want to notify the user. Deleting data is too destructive.
- name: Notify if matrix-postgres local data remains - name: Notify if matrix-postgres local data remains
debug: debug:
msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it." msg: "Note: You are not using a local PostgreSQL database, but some old data remains from before in `{{ matrix_postgres_data_path }}`. Feel free to delete it."
when: "not matrix_postgres_enabled and matrix_postgres_data_path_stat.stat.exists" when: "not matrix_postgres_enabled|bool and matrix_postgres_data_path_stat.stat.exists"
- name: Ensure matrix-postgres-update-user-password-hash script created - name: Ensure matrix-postgres-update-user-password-hash script created
template: template:
src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2" src: "{{ role_path }}/templates/usr-local-bin/matrix-postgres-update-user-password-hash.j2"
dest: "/usr/local/bin/matrix-postgres-update-user-password-hash" dest: "/usr/local/bin/matrix-postgres-update-user-password-hash"
mode: 0750 mode: 0750
when: matrix_postgres_enabled when: matrix_postgres_enabled|bool

@ -23,7 +23,7 @@
- name: Fail, if trying to upgrade external Postgres database - name: Fail, if trying to upgrade external Postgres database
fail: fail:
msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade." msg: "Your configuration indicates that you're not using Postgres from this role. There is nothing to upgrade."
when: "not matrix_postgres_enabled" when: "not matrix_postgres_enabled|bool"
- name: Check Postgres auto-upgrade backup data directory - name: Check Postgres auto-upgrade backup data directory
stat: stat:
@ -40,7 +40,7 @@
- name: Abort, if no existing Postgres version detected - name: Abort, if no existing Postgres version detected
fail: fail:
msg: "Could not find existing Postgres installation" msg: "Could not find existing Postgres installation"
when: "not matrix_postgres_detected_existing" when: "not matrix_postgres_detected_existing|bool"
- name: Abort, if already at latest Postgres version - name: Abort, if already at latest Postgres version
fail: fail:

@ -23,12 +23,12 @@
slurp: slurp:
src: "{{ matrix_postgres_detection_pg_version_path }}" src: "{{ matrix_postgres_detection_pg_version_path }}"
register: result_pg_version register: result_pg_version
when: "matrix_postgres_detected_existing" when: matrix_postgres_detected_existing|bool
- name: Determine existing Postgres version (make sense of PG_VERSION file) - name: Determine existing Postgres version (make sense of PG_VERSION file)
set_fact: set_fact:
matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}" matrix_postgres_detected_version: "{{ result_pg_version['content']|b64decode|replace('\n', '') }}"
when: "matrix_postgres_detected_existing" when: matrix_postgres_detected_existing|bool
- name: Determine corresponding Docker image to detected version (assume default of latest) - name: Determine corresponding Docker image to detected version (assume default of latest)
set_fact: set_fact:
@ -43,4 +43,4 @@
- name: Determine corresponding Docker image to detected version (use 10.x, if detected) - name: Determine corresponding Docker image to detected version (use 10.x, if detected)
set_fact: set_fact:
matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v10 }}" matrix_postgres_detected_version_corresponding_docker_image: "{{ matrix_postgres_docker_image_v10 }}"
when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')" when: "matrix_postgres_detected_version == '10' or matrix_postgres_detected_version.startswith('10.')"

@ -1,3 +1,3 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-riot-web'] }}"
when: matrix_riot_web_enabled when: matrix_riot_web_enabled|bool

@ -3,13 +3,13 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup and matrix_riot_web_enabled" when: "run_setup|bool and matrix_riot_web_enabled|bool"
tags: tags:
- setup-all - setup-all
- setup-riot-web - setup-riot-web
- import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml" - import_tasks: "{{ role_path }}/tasks/setup_riot_web.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-riot-web - setup-riot-web
@ -17,6 +17,6 @@
- import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml" - import_tasks: "{{ role_path }}/tasks/self_check_riot_web.yml"
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
become: false become: false
when: "run_self_check and matrix_riot_web_enabled" when: "run_self_check|bool and matrix_riot_web_enabled|bool"
tags: tags:
- self-check - self-check

@ -11,12 +11,12 @@
mode: 0750 mode: 0750
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
when: matrix_riot_web_enabled when: matrix_riot_web_enabled|bool
- name: Ensure riot-web Docker image is pulled - name: Ensure riot-web Docker image is pulled
docker_image: docker_image:
name: "{{ matrix_riot_web_docker_image }}" name: "{{ matrix_riot_web_docker_image }}"
when: matrix_riot_web_enabled when: matrix_riot_web_enabled|bool
- name: Ensure Matrix riot-web config files installed - name: Ensure Matrix riot-web config files installed
template: template:
@ -30,7 +30,7 @@
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"} - {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
- {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"} - {src: "{{ role_path }}/templates/welcome.html.j2", name: "welcome.html"}
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"} - {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_riot_web_enabled and item.src is not none" when: "matrix_riot_web_enabled|bool and item.src is not none"
- name: Ensure Matrix riot-web config files removed - name: Ensure Matrix riot-web config files removed
file: file:
@ -38,7 +38,7 @@
state: absent state: absent
with_items: with_items:
- {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"} - {src: "{{ matrix_riot_web_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_riot_web_enabled and item.src is none" when: "matrix_riot_web_enabled|bool and item.src is none"
- name: Ensure matrix-riot-web.service installed - name: Ensure matrix-riot-web.service installed
template: template:
@ -46,7 +46,7 @@
dest: "/etc/systemd/system/matrix-riot-web.service" dest: "/etc/systemd/system/matrix-riot-web.service"
mode: 0644 mode: 0644
register: matrix_riot_web_systemd_service_result register: matrix_riot_web_systemd_service_result
when: matrix_riot_web_enabled when: matrix_riot_web_enabled|bool
- name: Ensure systemd reloaded after matrix-riot-web.service installation - name: Ensure systemd reloaded after matrix-riot-web.service installation
service: service:
@ -61,7 +61,7 @@
stat: stat:
path: "/etc/systemd/system/matrix-riot-web.service" path: "/etc/systemd/system/matrix-riot-web.service"
register: matrix_riot_web_service_stat register: matrix_riot_web_service_stat
when: "not matrix_riot_web_enabled" when: "not matrix_riot_web_enabled|bool"
- name: Ensure matrix-riot-web is stopped - name: Ensure matrix-riot-web is stopped
service: service:
@ -69,27 +69,27 @@
state: stopped state: stopped
daemon_reload: yes daemon_reload: yes
register: stopping_result register: stopping_result
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists" when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
- name: Ensure matrix-riot-web.service doesn't exist - name: Ensure matrix-riot-web.service doesn't exist
file: file:
path: "/etc/systemd/system/matrix-riot-web.service" path: "/etc/systemd/system/matrix-riot-web.service"
state: absent state: absent
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists" when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-riot-web.service removal - name: Ensure systemd reloaded after matrix-riot-web.service removal
service: service:
daemon_reload: yes daemon_reload: yes
when: "not matrix_riot_web_enabled and matrix_riot_web_service_stat.stat.exists" when: "not matrix_riot_web_enabled|bool and matrix_riot_web_service_stat.stat.exists"
- name: Ensure Matrix riot-web paths doesn't exist - name: Ensure Matrix riot-web paths doesn't exist
file: file:
path: "{{ matrix_riot_web_data_path }}" path: "{{ matrix_riot_web_data_path }}"
state: absent state: absent
when: "not matrix_riot_web_enabled" when: "not matrix_riot_web_enabled|bool"
- name: Ensure riot-web Docker image doesn't exist - name: Ensure riot-web Docker image doesn't exist
docker_image: docker_image:
name: "{{ matrix_riot_web_docker_image }}" name: "{{ matrix_riot_web_docker_image }}"
state: absent state: absent
when: "not matrix_riot_web_enabled" when: "not matrix_riot_web_enabled|bool"

@ -1,11 +1,10 @@
- set_fact: - set_fact:
matrix_synapse_password_providers_enabled: true matrix_synapse_password_providers_enabled: true
when: "matrix_synapse_ext_password_provider_ldap_enabled" when: matrix_synapse_ext_password_provider_ldap_enabled|bool
- set_fact: - set_fact:
matrix_synapse_additional_loggers: > matrix_synapse_additional_loggers: >
{{ matrix_synapse_additional_loggers }} {{ matrix_synapse_additional_loggers }}
+ +
{{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }} {{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }}
when: "matrix_synapse_ext_password_provider_ldap_enabled" when: matrix_synapse_ext_password_provider_ldap_enabled|bool

@ -1,7 +1,7 @@
--- ---
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_install.yml"
when: matrix_synapse_ext_password_provider_rest_auth_enabled when: matrix_synapse_ext_password_provider_rest_auth_enabled|bool
- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup_uninstall.yml"
when: "not matrix_synapse_ext_password_provider_rest_auth_enabled" when: "not matrix_synapse_ext_password_provider_rest_auth_enabled|bool"

@ -1,7 +1,7 @@
--- ---
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_install.yml"
when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup_uninstall.yml"
when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled" when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled|bool"

@ -1,7 +1,7 @@
--- ---
- import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml"
when: matrix_s3_media_store_enabled when: matrix_s3_media_store_enabled|bool
- import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml"
when: "not matrix_s3_media_store_enabled" when: "not matrix_s3_media_store_enabled|bool"

@ -10,7 +10,7 @@
- name: Fail if media store is on Amazon S3 - name: Fail if media store is on Amazon S3
fail: fail:
msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported." msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported."
when: "matrix_s3_media_store_enabled" when: matrix_s3_media_store_enabled|bool
- name: Check if the provided media store directory exists - name: Check if the provided media store directory exists
stat: stat:
@ -68,7 +68,7 @@
owner: "{{ matrix_user_username }}" owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}"
recurse: yes recurse: yes
when: "not matrix_s3_media_store_enabled" when: "not matrix_s3_media_store_enabled|bool"
# We don't chown for Goofys, because due to the way it's mounted, # We don't chown for Goofys, because due to the way it's mounted,
# all files become owned by whoever needs to own them. # all files become owned by whoever needs to own them.
@ -78,6 +78,6 @@
name: "{{ item }}" name: "{{ item }}"
state: started state: started
daemon_reload: yes daemon_reload: yes
when: stopping_result.changed when: "stopping_result.changed"
with_items: with_items:
- matrix-synapse - matrix-synapse

@ -1,7 +1,7 @@
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-synapse'] }}"
when: matrix_synapse_enabled when: matrix_synapse_enabled|bool
- set_fact: - set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}" matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys'] }}"
when: matrix_s3_media_store_enabled when: matrix_s3_media_store_enabled|bool

@ -3,43 +3,43 @@
- always - always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml" - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-synapse - setup-synapse
- import_tasks: "{{ role_path }}/tasks/setup_synapse.yml" - import_tasks: "{{ role_path }}/tasks/setup_synapse.yml"
when: run_setup when: run_setup|bool
tags: tags:
- setup-all - setup-all
- setup-synapse - setup-synapse
- import_tasks: "{{ role_path }}/tasks/import_media_store.yml" - import_tasks: "{{ role_path }}/tasks/import_media_store.yml"
when: run_import_media_store when: run_import_media_store|bool
tags: tags:
- import-media-store - import-media-store
- import_tasks: "{{ role_path }}/tasks/register_user.yml" - import_tasks: "{{ role_path }}/tasks/register_user.yml"
when: run_register_user when: run_register_user|bool
tags: tags:
- register-user - register-user
- import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml" - import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
become: false become: false
when: run_self_check when: run_self_check|bool
tags: tags:
- self-check - self-check
- import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml" - import_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
delegate_to: 127.0.0.1 delegate_to: 127.0.0.1
become: false become: false
when: run_self_check when: run_self_check|bool
tags: tags:
- self-check - self-check
- import_tasks: "{{ role_path }}/tasks/update_user_password.yml" - import_tasks: "{{ role_path }}/tasks/update_user_password.yml"
when: run_update_user_password when: run_update_user_password|bool
tags: tags:
- update-user-password - update-user-password

@ -25,7 +25,7 @@
- name: Wait a while, so that Synapse can manage to start - name: Wait a while, so that Synapse can manage to start
pause: pause:
seconds: 7 seconds: 7
when: start_result.changed when: "start_result.changed"
- name: Register user - name: Register user
shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}" shell: "/usr/local/bin/matrix-synapse-register-user {{ username }} {{ password }} {{ '1' if admin == 'yes' else '0' }}"

@ -7,14 +7,14 @@
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}" validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
register: result_matrix_synapse_client_api register: result_matrix_synapse_client_api
ignore_errors: true ignore_errors: true
when: matrix_synapse_enabled when: matrix_synapse_enabled|bool
- name: Fail if Matrix Client API not working - name: Fail if Matrix Client API not working
fail: fail:
msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}" msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`). Is Synapse running? Is port 443 open in your firewall? Full error: {{ result_matrix_synapse_client_api }}"
when: "matrix_synapse_enabled and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)" when: "matrix_synapse_enabled|bool and (result_matrix_synapse_client_api.failed or 'json' not in result_matrix_synapse_client_api)"
- name: Report working Matrix Client API - name: Report working Matrix Client API
debug: debug:
msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working" msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_client_api_url_endpoint_public }}`) is working"
when: matrix_synapse_enabled when: matrix_synapse_enabled|bool

@ -7,19 +7,19 @@
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}" validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
register: result_matrix_synapse_federation_api register: result_matrix_synapse_federation_api
ignore_errors: true ignore_errors: true
when: matrix_synapse_enabled when: matrix_synapse_enabled|bool
- name: Fail if Matrix Federation API not working - name: Fail if Matrix Federation API not working
fail: fail:
msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}" msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)" when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
- name: Fail if Matrix Federation API unexpectedly enabled - name: Fail if Matrix Federation API unexpectedly enabled
fail: fail:
msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled." msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
when: "matrix_synapse_enabled and not matrix_synapse_federation_enabled and not result_matrix_synapse_federation_api.failed" when: "matrix_synapse_enabled|bool and not matrix_synapse_federation_enabled|bool and not result_matrix_synapse_federation_api.failed"
- name: Report working Matrix Federation API - name: Report working Matrix Federation API
debug: debug:
msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working" msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
when: "matrix_synapse_enabled and matrix_synapse_federation_enabled" when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool"

@ -18,7 +18,7 @@
# We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml),
# because if it's using Goofys and it's already mounted (from before), # because if it's using Goofys and it's already mounted (from before),
# trying to chown/chmod it here will cause trouble. # trying to chown/chmod it here will cause trouble.
when: "matrix_synapse_enabled or matrix_s3_media_store_enabled" when: "matrix_synapse_enabled|bool or matrix_s3_media_store_enabled|bool"
- import_tasks: "{{ role_path }}/tasks/ext/setup.yml" - import_tasks: "{{ role_path }}/tasks/ext/setup.yml"

@ -1,7 +1,7 @@
--- ---
- import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml" - import_tasks: "{{ role_path }}/tasks/synapse/setup_install.yml"
when: matrix_synapse_enabled when: matrix_synapse_enabled|bool
- import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml" - import_tasks: "{{ role_path }}/tasks/synapse/setup_uninstall.yml"
when: "not matrix_synapse_enabled" when: "not matrix_synapse_enabled|bool"

@ -71,11 +71,10 @@
- name: Ensure systemd reloaded after matrix-synapse.service installation - name: Ensure systemd reloaded after matrix-synapse.service installation
service: service:
daemon_reload: yes daemon_reload: yes
when: matrix_synapse_systemd_service_result.changed when: "matrix_synapse_systemd_service_result.changed"
- name: Ensure matrix-synapse-register-user script created - name: Ensure matrix-synapse-register-user script created
template: template:
src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2" src: "{{ role_path }}/templates/synapse/usr-local-bin/matrix-synapse-register-user.j2"
dest: "/usr/local/bin/matrix-synapse-register-user" dest: "/usr/local/bin/matrix-synapse-register-user"
mode: 0750 mode: 0750

@ -13,7 +13,7 @@
- name: Fail if not using matrix-postgres container - name: Fail if not using matrix-postgres container
fail: fail:
msg: "This command is working only when matrix-postgres container is being used" msg: "This command is working only when matrix-postgres container is being used"
when: "not matrix_postgres_enabled" when: "not matrix_postgres_enabled|bool"
- name: Ensure matrix-synapse is started - name: Ensure matrix-synapse is started
service: service:
@ -33,12 +33,12 @@
- name: Wait a while, so that Matrix Synapse can manage to start - name: Wait a while, so that Matrix Synapse can manage to start
pause: pause:
seconds: 7 seconds: 7
when: start_result.changed when: "start_result.changed"
- name: Wait a while, so that Matrix Postgres can manage to start - name: Wait a while, so that Matrix Postgres can manage to start
pause: pause:
seconds: 7 seconds: 7
when: postgres_start_result.changed when: "postgres_start_result.changed"
- name: Generate password hash - name: Generate password hash
shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}" shell: "/usr/bin/docker exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password }}"

Loading…
Cancel
Save