From b9b5674b8a8e7b9c3bd0656d40fede982933ad30 Mon Sep 17 00:00:00 2001
From: Slavi Pantaleev <slavi@devture.com>
Date: Sun, 23 Dec 2018 19:20:53 +0200
Subject: [PATCH] Lowercase host_specific_hostname_identity to prevent troubles

If uppercase is used, certain tools (like certbot) would cause trouble.
They would retrieve a certificate for the lowercased domain name,
but we'd try to use it from an uppercase-named directory, which will
fail.

Besides certbot, we may experience other trouble too.
(it hasn't been investigated how far the breakage goes).

To fix it all, we lowercase `host_specific_hostname_identity` by default,
which takes care of the general use-case (people only setting that
and relying on us to build the other domain names - `hostname_matrix`
and `hostname_riot`).

For others, who decide to override these other variables directly
(and who may work around us and introduce uppercase there directly),
we also have the sanity-check tool warn if uppercase is detected
in any of the final domains.
---
 roles/matrix-server/defaults/main.yml             |  2 +-
 .../tasks/setup/setup_sanity_check.yml            | 15 ++++++++++++++-
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/roles/matrix-server/defaults/main.yml b/roles/matrix-server/defaults/main.yml
index 163901d2..e789f597 100644
--- a/roles/matrix-server/defaults/main.yml
+++ b/roles/matrix-server/defaults/main.yml
@@ -1,7 +1,7 @@
 # The bare hostname which represents your identity.
 # This is something like "example.com".
 # Note: this playbook does not touch the server referenced here.
-hostname_identity: "{{ host_specific_hostname_identity }}"
+hostname_identity: "{{ host_specific_hostname_identity|lower }}"
 
 # This is where your data lives and what we set up here.
 # This and the Riot hostname (see below) are expected to be on the same server.
diff --git a/roles/matrix-server/tasks/setup/setup_sanity_check.yml b/roles/matrix-server/tasks/setup/setup_sanity_check.yml
index a24ae1d0..bb048a20 100644
--- a/roles/matrix-server/tasks/setup/setup_sanity_check.yml
+++ b/roles/matrix-server/tasks/setup/setup_sanity_check.yml
@@ -8,4 +8,17 @@
 - name: Fail if Coturn Auth secret is missing
   fail:
     msg: "You need to set a secret in the matrix_coturn_turn_static_auth_secret variable"
-  when: "matrix_coturn_turn_static_auth_secret == ''"
\ No newline at end of file
+  when: "matrix_coturn_turn_static_auth_secret == ''"
+
+# This sanity check is only used to detect uppercase when people override these specific variables.
+#
+# If people set `host_specific_hostname_identity` without overriding other variables (the general use-case),
+# we take care to lower-case it automatically and it won't cause trouble anyway.
+- name: Fail if uppercase domain used
+  fail:
+    msg: "Detected that you're using an uppercase domain name - `{{ item }}`. This will cause trouble. Please use all-lowercase!"
+  when: "item != item|lower"
+  with_items:
+    - "{{ hostname_identity }}"
+    - "{{ hostname_matrix }}"
+    - "{{ hostname_riot }}"
\ No newline at end of file