Slavi Pantaleev
2c09111a3a
Actually enforce that we run on Ansible >= 2.7.1
...
Related to 6e652e10ad
4 years ago
Slavi Pantaleev
8710883064
Merge pull request #743 from pushytoxin/docker_network
...
Drop the old workaround for an Ansible bug that has been fixed three years ago
4 years ago
Aaron Raimist
8827a49e21
Check equality properly
4 years ago
Aaron Raimist
3dd0517f04
Check for buggy version of Ansible that Ubuntu 20.04 provides
4 years ago
Slavi Pantaleev
8748f3d443
Move python{,3}-docker installation to another task
...
This also adds support for installing python3-docker (not python-docker)
in systems that run Python 3.
4 years ago
Slavi Pantaleev
349fbb6434
Do not hardcode armhf for Raspbian
...
Raspbian doesn't seem to support arm64, so this is somewhat pointless
right now.
However, they might in the future. Doing this should also unify us
some more with `setup_debian.yml` with the ultimate goal of
eliminating `setup_raspbian.yml`.
4 years ago
Slavi Pantaleev
a09ed58892
Ensure gnupg installed on Raspbian
...
It's likely installed by default, but it doesn't hurt to specify it.
It also makes us more the same with `setup_debian.yml`.
4 years ago
Slavi Pantaleev
f545de53f7
Do not hardcode "ubuntu" for the Docker APT key URL
...
Well, `ubuntu` or `debian`, the same key is served right now,
so it doesn't really matter.
This seems cleaner and less prone to breakage though.
4 years ago
Slavi Pantaleev
55f252a6ed
Do not hardcode amd64 in setup_debian.yml
...
Until now, we've only supported non-amd64 on Raspbian.
Seems like there are now people running Debian/Ubuntu on ARM,
so we were forcing them into amd64 Docker packages.
I've gotten a report that this change fixes support
for Ubuntu Server 20.04 on RPi 4B.
4 years ago
Slavi Pantaleev
ed159cc742
Move matrix_architecture to matrix-base
...
We were only defining this in `group_vars/matrix_servers`, which is
inconsistent with how we normally do things.
4 years ago
Slavi Pantaleev
47613e5a27
Remove synapse-janitor support
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/746
4 years ago
Slavi Pantaleev
d556aa943f
Update docker-ce.repo to not hardcode $releasever=7
...
This keeps it in line with https://download.docker.com/linux/centos/docker-ce.repo
Whether or not Docker works well on CentOS 8 for our purposes
hasn't been verified yet.
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300
4 years ago
Béla Becker
6921ec4b8a
Revert "Work around buggy docker_network sometimes failing to work"
...
The docker_network bug was fixed two years ago
This reverts commit 36658addcd
.
4 years ago
Slavi Pantaleev
27c9014cb8
Improve uninstallation instructions
...
Also switches to using `docker system prune -a` for a less invasive
cleanup of Docker images and related resources.
4 years ago
Tobias Küchel
1cf5b1d80f
e2ee_backup: rename variables to be consistent with naming scheme
4 years ago
Tobias Küchel
5158fa4df9
e2ee_backup_methods: rather leave the default empty, so that the system default may apply
4 years ago
Tobias Küchel
8f7e21892d
fix indentation, updated to proposed changes from Slavi: no more ifdef
4 years ago
Tobias Küchel
4cfa112755
update default backup_methods as proposed by the system anyway
4 years ago
Tobias Küchel
6599204334
fix commata not being set when secure_backup_required false
4 years ago
Tobias Küchel
48f929dc91
add variables for secure_backup_required and secure_backup_setup_methods
4 years ago
Slavi Pantaleev
23daec748c
Require Ansible v2.7 or newer (because of items2dict and dict2items)
...
Interestingly, no one has reported this failure before #662 (Github
Issue).
It doesn't make sense to keep saying that we support such old Ansible
versions, when we're not even testing on anything close to those.
Time is also passing and such versions are getting more and more
ancient. It's time we bumped our requirements to something that is more
likely to work.
4 years ago
Slavi Pantaleev
43c5f3ec6e
Do not create /home/matrix when creating the matrix user
4 years ago
Slavi Pantaleev
7eb8192a51
Comlain about version requirement on Ansible v1
...
I don't believe Ansible v1 would even go as far as executing this
sanity check, but.. Adding an extra defensive check for completeness.
4 years ago
Slavi Pantaleev
3d702fe03b
Avoid set_fact with error message to prevent confusion
4 years ago
Chris van Dijk
b9c8d059d0
Support both the im.vector.riot and io.element variants in client .well-known
...
According to the docs, "e2ee" is already under "io.element":
https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md#disabling-encryption-by-default
however "jitsi" is still under "im.vector.riot":
https://github.com/vector-im/element-web/blob/develop/docs/jitsi.md#configuring-element-to-use-your-self-hosted-jitsi-server
For now let's just maintain backward and forward compatibility for both
settings since the client version is out of the control of this
playbook.
4 years ago
Chris van Dijk
f6b0f0a477
Rename matrix_riot_jitsi_preferredDomain and matrix_riot_e2ee_default to Element
4 years ago
Slavi Pantaleev
3c285bc6f5
Install lsb-release on Debian distros if unavailable
...
Certain more-minimal Debian installations may not have
lsb-release installed, which makes the playbook fail.
We need lsb-release on Debian, so that ansible_lsb
could tell us if this is Debian or Raspbian.
4 years ago
Slavi Pantaleev
daf13107a0
Add support for rust-synapse-compress-state
4 years ago
merklaw
fa6d85636f
Add note about installing 'docker' Python package if Docker installation is disabled
4 years ago
merklaw
87df15441c
Add note about installilng 'docker' Python package if Docker installation is disabled
4 years ago
vractal
9b61fef271
Replace gpg dependency for gnupg for better debian compatibility
4 years ago
hungrymonkey
d093b9b148
Added gpg as base dependency for Debian 10
...
AWS Debian marketplace image does not have gpg preinstalled
https://aws.amazon.com/marketplace/pp/B0859NK4HC?ref=cns_srchrow
TASK [matrix-base : Ensure Docker's APT key is trusted] *******************************************************************************************************************************************************
fatal: [matrix.domain.com]: FAILED! => {"changed": false, "msg": "Failed to find required executable gpg in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}
Closes #590
4 years ago
Slavi Pantaleev
c6ab1c6a90
Riot is now Element
...
Fixes #586 (Github Issue)
4 years ago
shadow
ddfc945fcf
Remove unused validate_config.yml, since it causes ansible warnings
4 years ago
Slavi Pantaleev
227f1a28e3
Allow matrix_user_uid/matrix_user_gid to be specified manually
4 years ago
Slavi Pantaleev
de545f9c5f
Update docs on self-building and remove useless variable
...
`matrix_container_images_self_build` was not really doing anything
anymore. It previously was influencing `matrix_*_self_build` variables,
but it's no longer the case since some time ago.
Individual `matrix_*_self_build` variables are still available.
People that would like to toggle self-building for a specific component
ought to use those.
These variables are also controlled automatically (via
`group_vars/matrix_servers`) depending on `matrix_architecture`.
In other words, self-building is being done automatically for
all components when they don't have a prebuilt image for the specified
architecture. Some components only support `amd64`, while others also
have images for other architectures.
4 years ago
Slavi Pantaleev
5c5f1c6ab9
Add support for telling Riot to not default to E2EE
...
Related to https://github.com/vector-im/riot-web/pull/13914
4 years ago
Slavi Pantaleev
7729511a84
Make vars.yml snapshotting optional and more configurable
...
Certain people organize their inventory in a different way
and we'd like to accommodate them.
Related to #542 (Github Issue).
5 years ago
Slavi Pantaleev
67ab7e7a1b
Preserve vars.yml on the server for easily restoring
...
Fixes #542 (Github Issues).
5 years ago
Slavi Pantaleev
10b3ceff72
Make Matrix federation port configurable
...
Fixes #523 (Github Issue).
5 years ago
Chris van Dijk
74df10633a
Remove hardcoded command paths in playbook cron usage
5 years ago
Chris van Dijk
6e3b877dc2
Remove hardcoded command paths in playbook shell usage
5 years ago
Chris van Dijk
6334f6c1ea
Remove hardcoded command paths in systemd unit files
...
Depending on the distro, common commands like sleep and chown may either
be located in /bin or /usr/bin.
Systemd added path lookup to ExecStart in v239, allowing only the
command name to be put in unit files and not the full path as
historically required. At least Ubuntu 18.04 LTS is however still on
v237 so we should maintain portability for a while longer.
5 years ago
Dan Arnfield
787f12e70d
Fix typo in validation
5 years ago
Slavi Pantaleev
c1c8b8e62c
Warn about matrix_user_uid/matrix_user_gid
...
We don't really need to fail in such a spectactular way,
but it's probably good to do. It will only happen for people
who are defining their own user/group id, which is rare.
It seems like a good idea to tell them that this doesn't work
as they expect anymore and to ask them to remove these variables,
which otherwise give them a fake sense of hope.
Related to #486 (Github Pull Request).
5 years ago
Slavi Pantaleev
36c61b5b4e
Introduce a separate group variable (matrix_user_groupname)
...
Related to #485 (Github Pull Request).
5 years ago
Slavi Pantaleev
ccc7aaf0ce
Fix "Migrating to a new server" flow due to dynamic user/group creation
5 years ago
Slavi Pantaleev
8fea6f5130
Make sure matrix_user_uid and matrix_user_gid are always set
...
If one runs the playbook with `--tags=setup-all`, it would have been
fine.
But running with a specific tag (e.g. `--tags=setup-riot-web`) would
have made that initialization be skipped, and the `matrix-riot-web` role
would fail, due to missing variables.
5 years ago
Fanch
a1c5a197a9
remove default UID/GID
5 years ago
Chris van Dijk
7585bcc4ac
Allow the matrix user username and groupname to be configured separately
...
No migration steps should be required.
5 years ago
Slavi Pantaleev
9a43cc02e0
Only install docker-python if matrix_docker_installation_enabled
...
Should help with #300 (Github Issue).
5 years ago
Slavi Pantaleev
7035af87d8
Add support for Jitsi discovery for Riot via /.well-known/matrix/client
...
This will not work yet, as no version of Riot currently supports it.
It's expected to land in riot-web v1.5.16 via matrix-org/matrix-react-sdk#4348 .
5 years ago
Alin Trăistaru
604e581a97
add ntpd defaults
5 years ago
Marcel Partap
874e2e1fc0
Rename variables (s/mxisd/ma1sd/) and adapt roles
5 years ago
Slavi Pantaleev
26b73e3a4b
Do not install unnecessary bash-completion
5 years ago
Christian Wolf
8c9b5ea6dd
Removed a few syntax bugs in Archlinux configuration
5 years ago
Christian Wolf
4bc73ff4bb
Removed autoinstallation of cron due to documentation
5 years ago
Christian Wolf
d84b2868b7
Added basic changes to make it compatible with Archlinux
5 years ago
mooomooo
eebc6e13f8
Made directory variables for /etc/systemd/system , /etc/cron.d , /usr/local/bin
5 years ago
Slavi Pantaleev
cdd9ee1962
Add Jitsi support
5 years ago
Horvath Gergely
2d537484d5
introduce variable
5 years ago
Horvath Gergely
3c8535c3bc
check ansible version for self-building in every role
5 years ago
Horvath Gergely
6232a81caf
check if target distro is Raspbian and install docker accordingly
5 years ago
Horvath Gergely
310aa685f9
refactor based on Slavi's requests
5 years ago
Horvath Gergely
610c98d6ab
add riot-web support for raspberry pi
5 years ago
Horvath Gergely
40d0fea06c
add mautrix-hangouts support for raspberry pi
5 years ago
Horvath Gergely
f28c7b71d2
build mxisd for rapsberry pi
5 years ago
Horvath Gergely
8c1e00a6cd
add mautrix-facebook support for raspberry pi
5 years ago
Horvath Gergely
7c4a86bc6b
add coturn support for raspberry pi
5 years ago
Horvath Gergely
a096eafb45
add possibility to install synapse on raspberry pi
5 years ago
Horvath Gergely
8a0c3146d3
Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy
5 years ago
dhose
320d512541
Fix for when if case evaluates to false
5 years ago
Dan Arnfield
bc620895ca
Install python3-docker if ansible is running python 3
5 years ago
Gergely Horváth
1c314fcf29
first version of raspbian docker setup
5 years ago
Gergely Horváth
05966c8cff
make sure Raspbian is not handled the same as Debian
5 years ago
Aaron Raimist
2ea507e2ea
Don't make it Dimension specific
5 years ago
Aaron Raimist
fe932273aa
Implement MSC1957: Integration manager discovery
...
https://github.com/matrix-org/matrix-doc/pull/1957
Yay Riot iOS now supports integration manager discovery!
5 years ago
Slavi Pantaleev
4cc6cdf6f3
Merge pull request #314 from aaronraimist/well-known-client-no-identity
...
Remove identity server section from .well-known/matrix/client if there is no identity server
5 years ago
Aaron Raimist
9ab68a3cb4
Remove identity server section from .well-known/matrix/client if there is no identity server
...
Riot used to be fine with it being blank but now it complains. This creates an ugly looking comma when there is an identity server configured but I guess that's fine.
5 years ago
Slavi Pantaleev
f348370f15
Remove unnecessary update_cache directive / Debian
...
We've just updated it in the task above, so it's unnecessary
5 years ago
Slavi Pantaleev
c88c0e7e87
Remove unnecessary update_cache directive / CentOS
...
We've just updated it in the task above, so it's unnecessary
5 years ago
Dan Arnfield
960088752c
Add matrix_docker_package_name
5 years ago
Dan Arnfield
80cfb2a93e
Add matrix_docker_installation_enabled
5 years ago
Dan Arnfield
3cec6947ed
Refactor base server setup tasks
5 years ago
Hardy Erlinger
eb7391d373
Fix: Restrict a Debian-specific task to Debian OS.
...
Since commit b9753635
the task 'Ensure docker-ce is installed (Debian)' fails with an error on CentOS although it should not even run on this OS.
5 years ago
Dan Arnfield
b975363530
Don't install docker-ce if docker.io is installed
5 years ago
gusttt
25262fa0e1
Disable docker network tasks in check mode to allow running the playbook in check mode (--check --diff)
5 years ago
Dan Arnfield
de6c1c99b2
Fix apt message: docker doesn't support arch 'i386'
5 years ago
Slavi Pantaleev
0ca21d80d7
Add Synapse Maintenance docs and synapse-janitor integration
5 years ago
Slavi Pantaleev
631a14bf0c
Rename run control variables for consistency
5 years ago
Slavi Pantaleev
2e16257e50
Do not ask for _matrix._tcp SRV records anymore
...
With most people on Synapse v0.99+ and Synapse v1.0 now available,
we should no longer try to be backward compatible with Synapse 0.34,
because this just complicates the instructions for no good reason.
6 years ago
Dan Arnfield
3982f114af
Fix CONDITIONAL_BARE_VARS deprecation warning in ansible 2.8
6 years ago
Stuart Mumford
a4bcd7ce8f
Add a variable to control the stop tasks
6 years ago
Hugues De Keyzer
c451025134
Fix indentation in templates
...
Use Jinja2 lstrip_blocks option in templates to ensure consistent
indentation in generated files.
6 years ago
Lyubomir Popov
a206b65ed7
Use the '-p' non-interactive option to generate password hash instead of 'expect'
6 years ago
Lyubomir Popov
134faa3139
Add the ability to update user passwords with ansible (when using the matrix-postgres container).
6 years ago
Hugues De Keyzer
1e344d5a7a
Remove hardcoded values in matrix-remove-all
...
Use matrix_docker_network and matrix_base_data_path in matrix-remove-all
instead of hardcoded default values.
6 years ago
Slavi Pantaleev
af1c9ae59d
Do not force firewalld on people
...
In most cases, there's not really a need to touch the system
firewall, as Docker manages iptables by itself
(see https://docs.docker.com/network/iptables/ ).
All ports exposed by Docker containers are automatically whitelisted
in iptables and wired to the correct container.
This made installing firewalld and whitelisting ports pointless,
as far as this playbook's services are concerned.
People that wish to install firewalld (for other reasons), can do so
manually from now on.
This is inspired by and fixes #97 (Github Issue).
6 years ago
Slavi Pantaleev
9202b2b8d9
Ensure systemd services are running when doing --tags=start
...
Fixes #129 (Github Issue).
Unfortunately, we rely on `service_facts`, which is only available
in Ansible >= 2.5.
There's little reason to stick to an old version such as Ansible 2.4:
- some time has passed since we've raised version requirements - it's
time to move into the future (a little bit)
- we've recently (in 82b4640072
) improved the way one can run
Ansible in a Docker container
From now on, Ansible >= 2.5 is required.
6 years ago
Slavi Pantaleev
6c5cc173b0
Fix permission mode for some files
6 years ago