--- # Tasks file for the matrix role # Infrastructure # Ansible instructions to deploy the infrastructure # Copyright (C) 2019-2020 Christoph (Sheogorath) Kern # Copyright (C) 2019-2020 Alexander (w4tsn) Wellbrock # Copyright (C) 2020 Saibotk # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # - name: Update default SELinux contexts sefcontext: target: '{{ item }}(/.*)?' setype: "container_file_t" state: present with_items: - "{{ matrix_database_location }}" - "{{ matrix_data_location }}" - "{{ matrix_elementweb_location }}" - "{{ matrix_webhooks_location }}" become: true - name: Create install directory file: path: "{{ item }}" state: directory mode: '0700' owner: 'root' group: 'root' with_items: - "{{ matrix_install_location }}" become: true - name: Create data directory file: # noqa risky-file-permissions # Container manages permissions on its own path: "{{ item }}" state: directory setype: "container_file_t" with_items: - "{{ matrix_database_location }}" - "{{ matrix_data_location }}" - "{{ matrix_elementweb_location }}" - "{{ matrix_webhooks_location }}" become: true - name: Deploy docker-compose.yml template: src: "docker-compose.yml" dest: "{{ matrix_install_location }}/docker-compose.yml" mode: '0600' owner: 'root' group: 'root' validate: docker-compose -f %s config -q tags: - matrix become: true - name: Deploy delegation config files template: src: "{{ item }}" dest: "{{ matrix_install_location }}/{{ item }}" setype: "container_file_t" mode: '0644' owner: 'root' group: 'root' with_items: - "server-delegation.json" - "client-delegation.json" tags: - docker - matrix become: true - name: Deploy nginx delegate config template: src: "delegate-nginx.conf" dest: "{{ matrix_install_location }}/nginx.conf" setype: "container_file_t" mode: '0600' owner: 'root' group: 'root' tags: - docker - matrix notify: restart matrix delegate nginx become: true - name: Deploy Element-Web config files template: src: "elementweb-config.json" dest: "{{ matrix_elementweb_location }}/config.json" setype: "container_file_t" mode: '0644' owner: '991' group: '991' tags: - docker - matrix become: true - name: Deploy webhooks config files template: src: "webhooks/{{ item }}" dest: "{{ matrix_webhooks_location }}/{{ item }}" setype: "container_file_t" mode: '0640' owner: 'root' group: 'root' with_items: - "database.json" - "config.yaml" tags: - docker - matrix - webhooks notify: restart matrix webhooks become: true - name: Check if homeserver.yaml (config) exists stat: path: "{{ matrix_data_location }}/homeserver.yaml" register: matrix_synapse_homeserver_yaml tags: - docker - matrix become: true - name: Generate synapse config command: 'docker-compose run -e "SYNAPSE_SERVER_NAME={{ matrix_synapse_servername }}" synapse generate' args: chdir: "{{ matrix_install_location }}" creates: "{{ matrix_data_location }}/homeserver.yaml" tags: - docker - matrix become: true when: - not matrix_synapse_homeserver_yaml.stat.exists - name: Generate webhooks registration command: 'docker-compose run appservice-webhooks node index.js -r \ -f /data/appservice-registration-webhooks.yaml \ -u "http://appservice-webhooks:9000" -c /data/config.yaml' args: chdir: "{{ matrix_install_location }}" creates: "{{ matrix_webhooks_location }}/appservice-registration-webhooks.yaml" become: true when: - matrix_webhooks_enabled - name: Link webhooks registration to synapse folder copy: src: "{{ matrix_webhooks_location }}/appservice-registration-webhooks.yaml" dest: "{{ matrix_data_location }}/appservice-registration-webhooks.yaml" remote_src: true mode: '0640' owner: '991' group: '991' become: true when: - matrix_webhooks_enabled - name: Compose matrix docker_compose: state: present project_src: "{{ matrix_install_location }}" pull: true remove_orphans: true tags: - docker - matrix become: true