From 3cec6947ed73c2c05c0dc804e0ad2a0a07a41f43 Mon Sep 17 00:00:00 2001 From: Dan Arnfield Date: Mon, 18 Nov 2019 11:11:56 -0600 Subject: [PATCH 1/5] Refactor base server setup tasks --- roles/matrix-base/tasks/main.yml | 2 +- roles/matrix-base/tasks/server_base/setup.yml | 19 ++++ .../tasks/server_base/setup_centos.yml | 33 +++++++ .../tasks/server_base/setup_debian.yml | 40 +++++++++ roles/matrix-base/tasks/setup_server_base.yml | 90 ------------------- 5 files changed, 93 insertions(+), 91 deletions(-) create mode 100644 roles/matrix-base/tasks/server_base/setup.yml create mode 100644 roles/matrix-base/tasks/server_base/setup_centos.yml create mode 100644 roles/matrix-base/tasks/server_base/setup_debian.yml delete mode 100644 roles/matrix-base/tasks/setup_server_base.yml diff --git a/roles/matrix-base/tasks/main.yml b/roles/matrix-base/tasks/main.yml index 6587d81dd..909cad200 100644 --- a/roles/matrix-base/tasks/main.yml +++ b/roles/matrix-base/tasks/main.yml @@ -7,7 +7,7 @@ tags: - setup-all -- import_tasks: "{{ role_path }}/tasks/setup_server_base.yml" +- import_tasks: "{{ role_path }}/tasks/server_base/setup.yml" when: run_setup|bool tags: - setup-all diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml new file mode 100644 index 000000000..45feb1527 --- /dev/null +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -0,0 +1,19 @@ +--- + +- include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml" + when: ansible_distribution == 'CentOS' + +- include_tasks: "{{ role_path }}/tasks/server_base/setup_debian.yml" + when: ansible_os_family == 'Debian' + +- name: Ensure Docker is started and autoruns + service: + name: docker + state: started + enabled: yes + +- name: Ensure ntpd is started and autoruns + service: + name: "{{ 'ntpd' if ansible_os_family == 'RedHat' else 'ntp' }}" + state: started + enabled: yes diff --git a/roles/matrix-base/tasks/server_base/setup_centos.yml b/roles/matrix-base/tasks/server_base/setup_centos.yml new file mode 100644 index 000000000..1c891ab13 --- /dev/null +++ b/roles/matrix-base/tasks/server_base/setup_centos.yml @@ -0,0 +1,33 @@ +--- + +- name: Ensure Docker repository is enabled + template: + src: "{{ role_path }}/files/yum.repos.d/{{ item }}" + dest: "/etc/yum.repos.d/{{ item }}" + owner: "root" + group: "root" + mode: 0644 + with_items: + - docker-ce.repo + +- name: Ensure Docker's RPM key is trusted + rpm_key: + state: present + key: https://download.docker.com/linux/centos/gpg + +- name: Ensure yum packages are installed + yum: + name: + - bash-completion + - docker-python + - ntp + - fuse + state: latest + update_cache: yes + +- name: Ensure docker-ce is installed + yum: + name: + - docker-ce + state: latest + update_cache: yes diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/matrix-base/tasks/server_base/setup_debian.yml new file mode 100644 index 000000000..d4b16968f --- /dev/null +++ b/roles/matrix-base/tasks/server_base/setup_debian.yml @@ -0,0 +1,40 @@ +--- + +- name: Ensure APT usage dependencies are installed + apt: + name: + - apt-transport-https + - ca-certificates + state: present + update_cache: yes + +- name: Ensure Docker's APT key is trusted + apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 + state: present + register: add_repository_key + ignore_errors: true + +- name: Ensure Docker repository is enabled + apt_repository: + repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" + state: present + update_cache: yes + +- name: Ensure APT packages are installed + apt: + name: + - bash-completion + - python-docker + - ntp + - fuse + state: latest + update_cache: yes + +- name: Ensure docker-ce is installed + apt: + name: + - docker-ce + state: latest + update_cache: yes diff --git a/roles/matrix-base/tasks/setup_server_base.yml b/roles/matrix-base/tasks/setup_server_base.yml deleted file mode 100644 index b32355c59..000000000 --- a/roles/matrix-base/tasks/setup_server_base.yml +++ /dev/null @@ -1,90 +0,0 @@ ---- - -- name: Ensure Docker repository is enabled (CentOS) - template: - src: "{{ role_path }}/files/yum.repos.d/{{ item }}" - dest: "/etc/yum.repos.d/{{ item }}" - owner: "root" - group: "root" - mode: 0644 - with_items: - - docker-ce.repo - when: ansible_distribution == 'CentOS' - -- name: Ensure Docker's RPM key is trusted - rpm_key: - state: present - key: https://download.docker.com/linux/centos/gpg - when: ansible_distribution == 'CentOS' - -- name: Ensure yum packages are installed (CentOS) - yum: - name: - - bash-completion - - docker-ce - - docker-python - - ntp - - fuse - state: latest - update_cache: yes - when: ansible_distribution == 'CentOS' - -- name: Ensure APT usage dependencies are installed (Debian) - apt: - name: - - apt-transport-https - - ca-certificates - state: present - update_cache: yes - when: ansible_os_family == 'Debian' - -- name: Gather package facts (Debian) - package_facts: - when: ansible_os_family == 'Debian' - -- name: Ensure Docker's APT key is trusted (Debian) - apt_key: - url: https://download.docker.com/linux/ubuntu/gpg - id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88 - state: present - register: add_repository_key - ignore_errors: true - when: ansible_os_family == 'Debian' and 'docker.io' not in ansible_facts.packages - -- name: Ensure Docker repository is enabled (Debian) - apt_repository: - repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" - state: present - update_cache: yes - when: ansible_os_family == 'Debian' and 'docker.io' not in ansible_facts.packages - -- name: Ensure APT packages are installed (Debian) - apt: - name: - - bash-completion - - python-docker - - ntp - - fuse - state: latest - update_cache: yes - when: ansible_os_family == 'Debian' - -- name: Ensure docker-ce is installed (Debian) - apt: - name: - - docker-ce - state: latest - update_cache: yes - when: ansible_os_family == 'Debian' and 'docker.io' not in ansible_facts.packages - -- name: Ensure Docker is started and autoruns - service: - name: docker - state: started - enabled: yes - -- name: Ensure ntpd is started and autoruns - service: - name: "{{ 'ntpd' if ansible_os_family == 'RedHat' else 'ntp' }}" - state: started - enabled: yes From 80cfb2a93ea0f36d1db1545e586c7e3946cf79ce Mon Sep 17 00:00:00 2001 From: Dan Arnfield Date: Mon, 18 Nov 2019 11:20:01 -0600 Subject: [PATCH 2/5] Add matrix_docker_installation_enabled --- roles/matrix-base/defaults/main.yml | 4 ++++ roles/matrix-base/tasks/server_base/setup.yml | 6 ++++++ roles/matrix-base/tasks/server_base/setup_centos.yml | 3 +++ roles/matrix-base/tasks/server_base/setup_debian.yml | 3 +++ 4 files changed, 16 insertions(+) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index fc119a44e..a8d272718 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -42,6 +42,10 @@ matrix_docker_network: "matrix" # matrix domain (`matrix_server_fqn_matrix`). matrix_well_known_matrix_server_enabled: true +# Controls whether docker is automatically installed. +# If you change this to false you must install and update docker manually. +matrix_docker_installation_enabled: true + # Variables to Control which parts of our roles run. run_postgres_import: true run_postgres_upgrade: true diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 45feb1527..9ca2ce2e6 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -1,5 +1,11 @@ --- +- name: Gather package facts + package_facts: + +- set_fact: + run_docker_installation: "{{ matrix_docker_installation_enabled|bool and 'docker.io' not in ansible_facts.packages }}" + - include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml" when: ansible_distribution == 'CentOS' diff --git a/roles/matrix-base/tasks/server_base/setup_centos.yml b/roles/matrix-base/tasks/server_base/setup_centos.yml index 1c891ab13..e79797047 100644 --- a/roles/matrix-base/tasks/server_base/setup_centos.yml +++ b/roles/matrix-base/tasks/server_base/setup_centos.yml @@ -9,11 +9,13 @@ mode: 0644 with_items: - docker-ce.repo + when: run_docker_installation|bool - name: Ensure Docker's RPM key is trusted rpm_key: state: present key: https://download.docker.com/linux/centos/gpg + when: run_docker_installation|bool - name: Ensure yum packages are installed yum: @@ -31,3 +33,4 @@ - docker-ce state: latest update_cache: yes + when: run_docker_installation|bool diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/matrix-base/tasks/server_base/setup_debian.yml index d4b16968f..6705366f4 100644 --- a/roles/matrix-base/tasks/server_base/setup_debian.yml +++ b/roles/matrix-base/tasks/server_base/setup_debian.yml @@ -15,12 +15,14 @@ state: present register: add_repository_key ignore_errors: true + when: run_docker_installation|bool - name: Ensure Docker repository is enabled apt_repository: repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" state: present update_cache: yes + when: run_docker_installation|bool - name: Ensure APT packages are installed apt: @@ -38,3 +40,4 @@ - docker-ce state: latest update_cache: yes + when: run_docker_installation|bool From 960088752cf4db1f320846db44372e7a801fe748 Mon Sep 17 00:00:00 2001 From: Dan Arnfield Date: Mon, 18 Nov 2019 11:29:14 -0600 Subject: [PATCH 3/5] Add matrix_docker_package_name --- roles/matrix-base/defaults/main.yml | 8 ++++++-- roles/matrix-base/tasks/server_base/setup.yml | 6 ------ roles/matrix-base/tasks/server_base/setup_centos.yml | 10 +++++----- roles/matrix-base/tasks/server_base/setup_debian.yml | 10 +++++----- 4 files changed, 16 insertions(+), 18 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index a8d272718..9ffffc2fa 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -42,10 +42,14 @@ matrix_docker_network: "matrix" # matrix domain (`matrix_server_fqn_matrix`). matrix_well_known_matrix_server_enabled: true -# Controls whether docker is automatically installed. -# If you change this to false you must install and update docker manually. +# Controls whether Docker is automatically installed. +# If you change this to false you must install and update Docker manually. matrix_docker_installation_enabled: true +# Controls the Docker package that is installed. +# Possible values are "docker-ce" (default) and "docker.io" (Debian). +matrix_docker_package_name: docker-ce + # Variables to Control which parts of our roles run. run_postgres_import: true run_postgres_upgrade: true diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 9ca2ce2e6..45feb1527 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -1,11 +1,5 @@ --- -- name: Gather package facts - package_facts: - -- set_fact: - run_docker_installation: "{{ matrix_docker_installation_enabled|bool and 'docker.io' not in ansible_facts.packages }}" - - include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml" when: ansible_distribution == 'CentOS' diff --git a/roles/matrix-base/tasks/server_base/setup_centos.yml b/roles/matrix-base/tasks/server_base/setup_centos.yml index e79797047..a1fa4d3c4 100644 --- a/roles/matrix-base/tasks/server_base/setup_centos.yml +++ b/roles/matrix-base/tasks/server_base/setup_centos.yml @@ -9,13 +9,13 @@ mode: 0644 with_items: - docker-ce.repo - when: run_docker_installation|bool + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' - name: Ensure Docker's RPM key is trusted rpm_key: state: present key: https://download.docker.com/linux/centos/gpg - when: run_docker_installation|bool + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' - name: Ensure yum packages are installed yum: @@ -27,10 +27,10 @@ state: latest update_cache: yes -- name: Ensure docker-ce is installed +- name: Ensure Docker is installed yum: name: - - docker-ce + - "{{ matrix_docker_package_name }}" state: latest update_cache: yes - when: run_docker_installation|bool + when: matrix_docker_installation_enabled|bool diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/matrix-base/tasks/server_base/setup_debian.yml index 6705366f4..917b9b12d 100644 --- a/roles/matrix-base/tasks/server_base/setup_debian.yml +++ b/roles/matrix-base/tasks/server_base/setup_debian.yml @@ -15,14 +15,14 @@ state: present register: add_repository_key ignore_errors: true - when: run_docker_installation|bool + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' - name: Ensure Docker repository is enabled apt_repository: repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" state: present update_cache: yes - when: run_docker_installation|bool + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' - name: Ensure APT packages are installed apt: @@ -34,10 +34,10 @@ state: latest update_cache: yes -- name: Ensure docker-ce is installed +- name: Ensure Docker is installed apt: name: - - docker-ce + - "{{ matrix_docker_package_name }}" state: latest update_cache: yes - when: run_docker_installation|bool + when: matrix_docker_installation_enabled|bool From c88c0e7e87dee9014ca56ae79035a03cf2b90e87 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 19 Nov 2019 09:22:14 +0200 Subject: [PATCH 4/5] Remove unnecessary update_cache directive / CentOS We've just updated it in the task above, so it's unnecessary --- roles/matrix-base/tasks/server_base/setup_centos.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-base/tasks/server_base/setup_centos.yml b/roles/matrix-base/tasks/server_base/setup_centos.yml index a1fa4d3c4..2554e26e9 100644 --- a/roles/matrix-base/tasks/server_base/setup_centos.yml +++ b/roles/matrix-base/tasks/server_base/setup_centos.yml @@ -32,5 +32,4 @@ name: - "{{ matrix_docker_package_name }}" state: latest - update_cache: yes when: matrix_docker_installation_enabled|bool From f348370f15913fb26d58cbb98f6f036da665f214 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 19 Nov 2019 09:22:41 +0200 Subject: [PATCH 5/5] Remove unnecessary update_cache directive / Debian We've just updated it in the task above, so it's unnecessary --- roles/matrix-base/tasks/server_base/setup_debian.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/matrix-base/tasks/server_base/setup_debian.yml index 917b9b12d..3a9192f05 100644 --- a/roles/matrix-base/tasks/server_base/setup_debian.yml +++ b/roles/matrix-base/tasks/server_base/setup_debian.yml @@ -39,5 +39,4 @@ name: - "{{ matrix_docker_package_name }}" state: latest - update_cache: yes when: matrix_docker_installation_enabled|bool