Add customizations support to maubot

docs/configuring-playbook-bot-maubot.md

@@ -47,6 +47,25 @@ See [Configuring DNS](configuring-dns.md) for details about DNS changes.
 
 If you've decided to use the default hostname, you won't need to do any extra DNS configuration.
 
+## Customizing the maubot container image
+
+Certain [maubot plugins](https://plugins.mau.bot/) require additional dependencies to be installed.
+
+You can customize the default maubot container image and install your own dependencies.
+
+Example additional configuration for your `inventory/host_vars/matrix.example.com/vars.yml` file:
+
+```yaml
+matrix_bot_maubot_container_image_customizations_enabled: true
+
+# Adjust the Dockerfile and install ffmpeg.
+#
+matrix_bot_maubot_container_image_customizations_dockerfile_body_custom: |
+  RUN apk add --no-cache ffmpeg
+```
+
+Consult the [Dockerfile reference](https://docs.docker.com/reference/dockerfile/) for more information about the syntax.
+
 ## Installing
 
 After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:

roles/custom/matrix-bot-maubot/defaults/main.yml

@@ -17,7 +17,6 @@ matrix_bot_maubot_path_prefix: /_matrix/maubot
 
 matrix_bot_maubot_container_image_self_build: false
 matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git"
-matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src"
 matrix_bot_maubot_docker_repo_version: "{{ 'master' if matrix_bot_maubot_version == 'latest' else matrix_bot_maubot_version }}"
 
 # renovate: datasource=docker depName=dock.mau.dev/maubot/maubot
@@ -26,9 +25,26 @@ matrix_bot_maubot_docker_image: "{{ matrix_bot_maubot_docker_image_name_prefix }
 matrix_bot_maubot_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_maubot_container_image_self_build else 'dock.mau.dev/' }}"
 matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.endswith(':latest') }}"
 
+# matrix_bot_maubot_docker_image_customized is the name of the locally built maubot image
+# which adds various customizations on top of the original (upstream) maubot image.
+# This image will be based on the upstream `matrix_bot_maubot_docker_image` image, only if `matrix_bot_maubot_container_image_customizations_enabled: true`.
+matrix_bot_maubot_docker_image_customized: "localhost/maubot/maubot:{{ matrix_bot_maubot_version }}-customized"
+
+# Controls whether the customized image (`matrix_bot_maubot_docker_image_customized`) is to be force-built without layer caching enabled.
+matrix_bot_maubot_docker_image_customized_build_nocache: false
+
+# Controls whether the customized image (`matrix_bot_maubot_docker_image_customized`) is to be built, even if it already exists.
+# Related to: matrix_bot_maubot_docker_image_customized_build_nocache
+matrix_bot_maubot_docker_image_customized_force_source: "{{ matrix_bot_maubot_docker_image_customized_build_nocache }}"
+
+# matrix_bot_maubot_docker_image_final holds the name of the maubot image to run depending on whether or not customizations are enabled.
+matrix_bot_maubot_docker_image_final: "{{ matrix_bot_maubot_docker_image_customized if matrix_bot_maubot_container_image_customizations_enabled else matrix_bot_maubot_docker_image }} "
+
 matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot"
 matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data"
 matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config"
+matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src"
+matrix_bot_maubot_customized_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/customized-docker-src"
 
 matrix_bot_maubot_bot_server_public_url: "{{ matrix_bot_maubot_scheme }}://{{ matrix_bot_maubot_hostname }}"
 matrix_bot_maubot_bot_server_base_path: "{{ matrix_bot_maubot_path_prefix }}/v1"
@@ -87,6 +103,30 @@ matrix_bot_maubot_container_additional_networks: "{{ matrix_bot_maubot_container
 matrix_bot_maubot_container_additional_networks_auto: []
 matrix_bot_maubot_container_additional_networks_custom: []
 
+
+# matrix_bot_maubot_container_image_customizations_enabled controls whether a customized maubot image will be built.
+#
+# We toggle this variable to `true` when certain features which require a custom build are enabled.
+# Feel free to toggle this to `true` yourself and specify build steps in `matrix_bot_maubot_container_image_customizations_dockerfile_body_custom`.
+#
+# See:
+# - `roles/custom/matrix-bot-maubot/templates/maubot/customizations/Dockerfile.j2`
+# - `matrix_bot_maubot_container_image_customizations_dockerfile_body_custom`
+# - `matrix_bot_maubot_docker_image_customized`
+# - `matrix_bot_maubot_docker_image_final`
+matrix_bot_maubot_container_image_customizations_enabled: false
+
+# matrix_bot_maubot_container_image_customizations_dockerfile_body contains your custom Dockerfile steps
+# for building your customized maubot image based on the original (upstream) image (`matrix_bot_maubot_docker_image`).
+# A `FROM …` clause is included automatically so you don't have to.
+#
+# Example:
+# matrix_bot_maubot_container_image_customizations_dockerfile_body_custom: |
+#  RUN echo 'This is a custom step for building the customized container image for maubot.'
+#  RUN echo 'You can override matrix_bot_maubot_container_image_customizations_dockerfile_body_custom to add your own steps.'
+#  RUN echo 'You do NOT need to include a FROM clause yourself.'
+matrix_bot_maubot_container_image_customizations_dockerfile_body_custom: ''
+
 # matrix_bot_maubot_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
 # See `../templates/labels.j2` for details.
 #

roles/custom/matrix-bot-maubot/tasks/setup_install.yml

@@ -15,6 +15,7 @@
     - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true}
     - {path: "{{ matrix_bot_maubot_data_path }}/trash", when: true}
     - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_self_build }}"}
+    - {path: "{{ matrix_bot_maubot_customized_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_customizations_enabled }}"}
   when: "item.when|bool"
 
 - name: Ensure maubot configuration file created
@@ -37,28 +38,49 @@
   delay: "{{ devture_playbook_help_container_retries_delay }}"
   until: result is not failed
 
-- name: Ensure maubot repository is present on self-build
-  ansible.builtin.git:
-    repo: "{{ matrix_bot_maubot_docker_repo }}"
-    version: "{{ matrix_bot_maubot_docker_repo_version }}"
-    dest: "{{ matrix_bot_maubot_docker_src_files_path }}"
-    force: "yes"
-  become: true
-  become_user: "{{ matrix_user_username }}"
-  register: matrix_bot_maubot_git_pull_results
-  when: "matrix_bot_maubot_container_image_self_build|bool"
+- when: matrix_bot_maubot_container_image_self_build | bool
+  block:
+    - name: Ensure maubot repository is present on self-build
+      ansible.builtin.git:
+        repo: "{{ matrix_bot_maubot_docker_repo }}"
+        version: "{{ matrix_bot_maubot_docker_repo_version }}"
+        dest: "{{ matrix_bot_maubot_docker_src_files_path }}"
+        force: "yes"
+      become: true
+      become_user: "{{ matrix_user_username }}"
+      register: matrix_bot_maubot_git_pull_results
 
-- name: Ensure maubot image is built
-  community.docker.docker_image:
-    name: "{{ matrix_bot_maubot_docker_image }}"
-    source: build
-    force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_maubot_git_pull_results.changed }}"
-    build:
-      dockerfile: Dockerfile
-      path: "{{ matrix_bot_maubot_docker_src_files_path }}"
-      pull: true
-  when: "matrix_bot_maubot_container_image_self_build|bool"
+    - name: Ensure maubot image is built
+      community.docker.docker_image:
+        name: "{{ matrix_bot_maubot_docker_image }}"
+        source: build
+        force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+        force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_maubot_git_pull_results.changed }}"
+        build:
+          dockerfile: Dockerfile
+          path: "{{ matrix_bot_maubot_docker_src_files_path }}"
+          pull: true
+
+- when: "matrix_bot_maubot_container_image_customizations_enabled | bool"
+  block:
+    - name: Ensure customizations Dockerfile is created
+      ansible.builtin.template:
+        src: "{{ role_path }}/templates/customizations/Dockerfile.j2"
+        dest: "{{ matrix_bot_maubot_customized_docker_src_files_path }}/Dockerfile"
+        owner: "{{ matrix_user_username }}"
+        group: "{{ matrix_user_groupname }}"
+        mode: 0640
+      register: matrix_bot_maubot_container_image_customizations_dockerfile_result
+
+    - name: Ensure customized Docker image for maubot is built
+      community.docker.docker_image:
+        name: "{{ matrix_bot_maubot_docker_image_customized }}"
+        source: build
+        force_source: "{{ matrix_bot_maubot_container_image_customizations_dockerfile_result.changed or matrix_bot_maubot_docker_image_customized_force_source }}"
+        build:
+          dockerfile: Dockerfile
+          path: "{{ matrix_bot_maubot_customized_docker_src_files_path }}"
+          nocache: "{{ matrix_bot_maubot_docker_image_customized_build_nocache }}"
 
 - name: Ensure maubot support files installed
   ansible.builtin.template:

roles/custom/matrix-bot-maubot/templates/customizations/Dockerfile.j2

@@ -0,0 +1,4 @@
+#jinja2: lstrip_blocks: "True"
+FROM {{ matrix_bot_maubot_docker_image }}
+
+{{ matrix_bot_maubot_container_image_customizations_dockerfile_body_custom }}

roles/custom/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2

@@ -38,7 +38,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			{% if matrix_bot_maubot_container_management_interface_http_bind_port %}
 			-p {{ matrix_bot_maubot_container_management_interface_http_bind_port }}:{{ matrix_bot_maubot_server_port }} \
 			{% endif %}
-			{{ matrix_bot_maubot_docker_image }} \
+			{{ matrix_bot_maubot_docker_image_final }} \
  			python3 -m maubot -c /config/config.yaml --no-update
 
 {% for network in matrix_bot_maubot_container_additional_networks %}