mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-01 09:07:15 +00:00
refactoring
This commit is contained in:
parent
1ec67f49b0
commit
d3a9ec98de
group_vars
roles
matrix-base
matrix-bridge-appservice-slack
matrix-bridge-appservice-webhooks
matrix-bridge-sms
matrix-ma1sd
matrix-nginx-proxy
matrix-synapse/templates/synapse
@ -113,6 +113,7 @@ matrix_appservice_webhooks_container_http_host_bind_port: "{{ '' if matrix_nginx
|
||||
|
||||
matrix_appservice_webhooks_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.as.token') | to_uuid }}"
|
||||
|
||||
matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_appservice_webhooks_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.hs.token') | to_uuid }}"
|
||||
|
||||
matrix_appservice_webhooks_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.id.token') | to_uuid }}"
|
||||
@ -151,6 +152,7 @@ matrix_appservice_slack_container_http_host_bind_port: "{{ '' if matrix_nginx_pr
|
||||
|
||||
matrix_appservice_slack_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.as.token') | to_uuid }}"
|
||||
|
||||
matrix_appservice_slack_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_appservice_slack_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.hs.token') | to_uuid }}"
|
||||
|
||||
matrix_appservice_slack_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.id.token') | to_uuid }}"
|
||||
@ -567,6 +569,7 @@ matrix_sms_bridge_systemd_required_services_list: |
|
||||
|
||||
matrix_sms_bridge_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.as.token') | to_uuid }}"
|
||||
|
||||
matrix_sms_bridge_homeserver_port: "{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_sms_bridge_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.hs.token') | to_uuid }}"
|
||||
|
||||
######################################################################
|
||||
@ -1216,6 +1219,7 @@ matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
# ma1sd's web-server port.
|
||||
matrix_ma1sd_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_ma1sd_default_port|string }}"
|
||||
|
||||
|
||||
# We enable Synapse integration via its Postgres database by default.
|
||||
# When using another Identity store, you might wish to disable this and define
|
||||
# your own configuration in `matrix_ma1sd_configuration_extension_yaml`.
|
||||
@ -1308,6 +1312,9 @@ matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:1
|
||||
# Settings controlling matrix-synapse-proxy.conf
|
||||
matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}"
|
||||
|
||||
matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:{{ matrix_synapse_container_client_api_port }}"
|
||||
|
||||
matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:{{matrix_synapse_container_federation_api_plain_port|string}}"
|
||||
matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_api_plain_port|string}}"
|
||||
|
||||
|
@ -91,7 +91,7 @@ matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
|
||||
# Specifies where the homeserver is on the container network.
|
||||
# Where this is depends on whether there's a reverse-proxy in front of it, etc.
|
||||
# This likely gets overriden elsewhere.
|
||||
matrix_homeserver_container_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_homeserver_container_url: ""
|
||||
|
||||
matrix_identity_server_url: ~
|
||||
|
||||
|
9
roles/matrix-base/tasks/validate_config.yml
Normal file
9
roles/matrix-base/tasks/validate_config.yml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
|
||||
- name: Fail if required Matrix Base settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using this playbook.
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_homeserver_container_url"
|
@ -33,7 +33,7 @@ matrix_appservice_slack_slack_port: 9003
|
||||
matrix_appservice_slack_container_http_host_bind_port: ''
|
||||
|
||||
matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_appservice_slack_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_appservice_slack_homeserver_url: ""
|
||||
matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}"
|
||||
matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack'
|
||||
|
||||
|
@ -8,5 +8,6 @@
|
||||
with_items:
|
||||
- "matrix_appservice_slack_control_room_id"
|
||||
- "matrix_appservice_slack_appservice_token"
|
||||
- "matrix_appservice_slack_homeserver_url"
|
||||
- "matrix_appservice_slack_homeserver_token"
|
||||
- "matrix_appservice_slack_id_token"
|
||||
|
@ -36,7 +36,7 @@ matrix_appservice_webhooks_matrix_port: 6789
|
||||
matrix_appservice_webhooks_container_http_host_bind_port: ''
|
||||
|
||||
matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_appservice_webhooks_homeserver_url: ""
|
||||
matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}"
|
||||
matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks'
|
||||
|
||||
|
@ -7,6 +7,7 @@
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_appservice_webhooks_appservice_token"
|
||||
- "matrix_appservice_webhooks_homeserver_url"
|
||||
- "matrix_appservice_webhooks_homeserver_token"
|
||||
- "matrix_appservice_webhooks_id_token"
|
||||
- "matrix_appservice_webhooks_api_secret"
|
||||
|
@ -26,7 +26,7 @@ matrix_sms_bridge_systemd_wanted_services_list: []
|
||||
|
||||
matrix_sms_bridge_appservice_url: 'http://matrix-sms-bridge:8080'
|
||||
matrix_sms_bridge_homeserver_hostname: 'matrix-synapse'
|
||||
matrix_sms_bridge_homeserver_port: "{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_sms_bridge_homeserver_port: ""
|
||||
|
||||
matrix_sms_bridge_homserver_domain: "{{ matrix_domain }}"
|
||||
matrix_sms_bridge_default_room: ''
|
||||
|
@ -7,6 +7,7 @@
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_sms_bridge_appservice_token"
|
||||
- "matrix_sms_bridge_homeserver_port"
|
||||
- "matrix_sms_bridge_homeserver_token"
|
||||
- "matrix_sms_bridge_default_region"
|
||||
- "matrix_sms_bridge_default_timezone"
|
||||
|
@ -83,7 +83,7 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_password: ""
|
||||
# so that ma1sd can rewrite the original URL to one that would reach the homeserver.
|
||||
matrix_ma1sd_dns_overwrite_enabled: false
|
||||
matrix_ma1sd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_ma1sd_dns_overwrite_homeserver_client_value: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_ma1sd_dns_overwrite_homeserver_client_value: ""
|
||||
|
||||
# Override the default session templates
|
||||
# To use this, fill in the template variables with the full desired template as a multi-line YAML variable
|
||||
|
@ -46,6 +46,7 @@
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_ma1sd_threepid_medium_email_connectors_smtp_host"
|
||||
- "matrix_ma1sd_dns_overwrite_homeserver_client_value"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed ma1sd variables
|
||||
fail:
|
||||
|
@ -197,8 +197,8 @@ matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container: "matrix-nginx-pr
|
||||
matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container: "127.0.0.1:12080"
|
||||
|
||||
# The addresses where the Matrix Client API is, when using Synapse.
|
||||
matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:{{ matrix_synapse_container_client_api_port }}"
|
||||
matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: ""
|
||||
matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: ""
|
||||
|
||||
# This needs to be equal or higher than the maximum upload size accepted by Synapse.
|
||||
matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: 50
|
||||
|
@ -45,5 +45,7 @@
|
||||
- "matrix_ssl_lets_encrypt_support_email"
|
||||
- "matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container"
|
||||
- "matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container"
|
||||
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container"
|
||||
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container"
|
||||
when: "vars[item] == '' or vars[item] is none"
|
||||
when: "matrix_ssl_retrieval_method == 'lets-encrypt'"
|
||||
|
@ -289,7 +289,7 @@ listeners:
|
||||
|
||||
# Unsecure HTTP listener (Client API): for when matrix traffic passes through a reverse proxy
|
||||
# that unwraps TLS.
|
||||
- port: {{ matrix_synapse_container_client_api_port|tojson }}
|
||||
- port: {{ matrix_synapse_container_client_api_port|to_json }}
|
||||
tls: false
|
||||
bind_addresses: ['::']
|
||||
type: http
|
||||
|
Loading…
Reference in New Issue
Block a user