mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2026-01-27 07:03:18 +03:00
Compare commits
9 Commits
1f2f7e468e
...
ebdb2cc827
| Author | SHA1 | Date | |
|---|---|---|---|
|
ebdb2cc827 | ||
|
|
9b7767f451 | ||
|
|
201d3ea087 | ||
|
|
bf3f4a9059 | ||
|
|
cbf8a2e7e9 | ||
|
|
ddf0fe7167 | ||
|
|
07423d3dd4 | ||
|
|
430f350733 | ||
|
889970314a |
@@ -13,7 +13,7 @@
|
||||
version: 7.8.0
|
||||
name: docker
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git
|
||||
version: 129c8590e106b83e6f4c259649a613c6279e937a
|
||||
version: c38854e4c8451520e20163af1dd5f657790332da
|
||||
name: docker_sdk_for_python
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
|
||||
version: v2.5.2-2
|
||||
@@ -34,7 +34,7 @@
|
||||
version: v2.15.0-0
|
||||
name: ntfy
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
|
||||
version: 7663e3114513e56f28d3ed762059b445c678a71a
|
||||
version: 8630e4f1749bcb659c412820f754473f09055052
|
||||
name: playbook_help
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git
|
||||
version: 9b4b088c62b528b73a9a7c93d3109b091dd42ec6
|
||||
@@ -43,7 +43,7 @@
|
||||
version: dd6e15246b7a9a2d921e0b3f9cd8a4a917a1bb2f
|
||||
name: playbook_state_preserver
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git
|
||||
version: v18.1-0
|
||||
version: v18.1-2
|
||||
name: postgres
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git
|
||||
version: v18-0
|
||||
@@ -64,7 +64,7 @@
|
||||
version: v1.0.0-4
|
||||
name: systemd_service_manager
|
||||
- src: git+https://github.com/devture/com.devture.ansible.role.timesync.git
|
||||
version: v1.1.0-0
|
||||
version: v1.1.0-1
|
||||
name: timesync
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
|
||||
version: v3.6.2-0
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
matrix_alertmanager_receiver_enabled: true
|
||||
|
||||
# renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
|
||||
matrix_alertmanager_receiver_version: 2025.11.12
|
||||
matrix_alertmanager_receiver_version: 2025.11.26
|
||||
|
||||
matrix_alertmanager_receiver_scheme: https
|
||||
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] | string | length == 0"
|
||||
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
|
||||
with_items:
|
||||
- {'name': 'matrix_authentication_service_hostname', when: true}
|
||||
- {'name': 'matrix_authentication_service_config_database_username', when: true}
|
||||
|
||||
@@ -101,7 +101,7 @@ matrix_bot_draupnir_password: "{{ matrix_bot_draupnir_pantalaimon_password }}"
|
||||
# Controls if we activate the config block for Pantalaimon for now. Its name will
|
||||
# probably be changed for our usecase due to Draupnir's push to scrub Pantalaimon from the codebase.
|
||||
# This configuration option does not follow the common naming schema as its not controlling a config key directly.
|
||||
matrix_bot_draupnir_login_native: ""
|
||||
matrix_bot_draupnir_login_native: false
|
||||
|
||||
# The room ID where people can use the bot. The bot has no access controls, so
|
||||
# anyone in this room can use the bot - secure your room!
|
||||
|
||||
@@ -44,7 +44,7 @@
|
||||
- {'name': 'matrix_bot_draupnir_config_rawHomeserverUrl', when: true}
|
||||
- {'name': 'matrix_bot_draupnir_pantalaimon_username', when: "{{ matrix_bot_draupnir_pantalaimon_use }}"}
|
||||
- {'name': 'matrix_bot_draupnir_pantalaimon_password', when: "{{ matrix_bot_draupnir_pantalaimon_use }}"}
|
||||
when: "item.when | bool and (vars[item.name] == '' or vars[item.name] is none)"
|
||||
when: "item.when | bool and (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
|
||||
|
||||
- name: Fail if Draupnir room hijacking enabled without enabling the Synapse Admin API
|
||||
ansible.builtin.fail:
|
||||
@@ -57,7 +57,7 @@
|
||||
with_items:
|
||||
- {'name': 'matrix_bot_draupnir_config_accessToken', when: "{{ matrix_bot_draupnir_pantalaimon_use }}"}
|
||||
- {'name': 'matrix_bot_draupnir_config_accessToken', when: "{{ matrix_bot_draupnir_login_native }}"}
|
||||
when: "item.when | bool and not (vars[item.name] == '' or vars[item.name] is none)"
|
||||
when: "item.when | bool and not (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
|
||||
|
||||
- name: Fail when matrix_bot_draupnir_config_experimentalRustCrypto is enabled together with matrix_bot_draupnir_pantalaimon_use
|
||||
ansible.builtin.fail:
|
||||
|
||||
@@ -51,7 +51,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
when: "lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_appservice_token"
|
||||
- "matrix_hookshot_homeserver_address"
|
||||
@@ -62,7 +62,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) to enable GitHub.
|
||||
when: "matrix_hookshot_github_enabled and vars[item] == ''"
|
||||
when: "matrix_hookshot_github_enabled and lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_github_auth_id"
|
||||
- "matrix_hookshot_github_webhook_secret"
|
||||
@@ -71,7 +71,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) to enable GitHub OAuth.
|
||||
when: "matrix_hookshot_github_oauth_enabled and vars[item] == ''"
|
||||
when: "matrix_hookshot_github_oauth_enabled and lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_github_oauth_client_id"
|
||||
- "matrix_hookshot_github_oauth_client_secret"
|
||||
@@ -80,7 +80,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) to enable Jira.
|
||||
when: "matrix_hookshot_jira_enabled and vars[item] == ''"
|
||||
when: "matrix_hookshot_jira_enabled and lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_jira_webhook_secret"
|
||||
|
||||
@@ -88,7 +88,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) to enable Jira OAuth.
|
||||
when: "matrix_hookshot_jira_oauth_enabled and vars[item] == ''"
|
||||
when: "matrix_hookshot_jira_oauth_enabled and lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_hookshot_jira_oauth_client_id"
|
||||
- "matrix_hookshot_jira_oauth_client_secret"
|
||||
|
||||
@@ -36,7 +36,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
when: "lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- matrix_client_cinny_container_labels_traefik_hostname
|
||||
- matrix_client_cinny_container_labels_traefik_path_prefix
|
||||
|
||||
@@ -26,7 +26,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme
|
||||
# Controls whether to patch webpack.config.js when self-building, so that building can pass on low-memory systems (< 4 GB RAM):
|
||||
# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
|
||||
# - https://github.com/element-hq/element-web/issues/19544
|
||||
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
|
||||
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_facts['memtotal_mb'] < 4096 }}"
|
||||
|
||||
# renovate: datasource=docker depName=ghcr.io/element-hq/element-web
|
||||
matrix_client_element_version: v1.12.4
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using matrix-corporal.
|
||||
when: "vars[item] == ''"
|
||||
when: "lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_corporal_container_network"
|
||||
- "matrix_corporal_matrix_homeserver_api_endpoint"
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] | string | length == 0"
|
||||
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
|
||||
with_items:
|
||||
- {'name': 'matrix_livekit_jwt_service_hostname', when: true}
|
||||
- {'name': 'matrix_livekit_jwt_service_container_network', when: true}
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] | string | length == 0"
|
||||
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
|
||||
with_items:
|
||||
- {'name': 'matrix_static_files_container_labels_well_known_matrix_endpoint_traefik_hostname', when: "{{ matrix_static_files_container_labels_well_known_matrix_endpoint_enabled }}"}
|
||||
- {'name': 'matrix_static_files_container_labels_well_known_matrix_endpoint_traefik_path_prefix', when: "{{ matrix_static_files_container_labels_well_known_matrix_endpoint_enabled }}"}
|
||||
|
||||
@@ -26,7 +26,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
when: "lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- matrix_synapse_admin_container_labels_traefik_hostname
|
||||
- matrix_synapse_admin_container_labels_traefik_path_prefix
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
when: "lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- matrix_synapse_auto_compressor_database_hostname
|
||||
- matrix_synapse_auto_compressor_database_password
|
||||
|
||||
@@ -675,7 +675,7 @@ matrix_synapse_caches_sync_response_cache_duration: "2m"
|
||||
# Controls how much memory this role thinks is available for cache-size-related calculations.
|
||||
# By default, all of the server's memory is taken into account, but you can adjust this.
|
||||
# You can also go for directly adjusting cache-sizes (matrix_synapse_cache_autotuning_max_cache_memory_usage, matrix_synapse_cache_autotuning_target_cache_memory_usage) instead of adjusting this.
|
||||
matrix_synapse_cache_size_calculations_memtotal_bytes: "{{ (ansible_memtotal_mb * 1024 * 1024) | int }}"
|
||||
matrix_synapse_cache_size_calculations_memtotal_bytes: "{{ (ansible_facts['memtotal_mb'] * 1024 * 1024) | int }}"
|
||||
|
||||
# Controls the cap to use for matrix_synapse_cache_autotuning_max_cache_memory_usage.
|
||||
matrix_synapse_cache_size_calculations_max_cache_memory_usage_cap_bytes: "{{ (2 * 1024 * 1024 * 1024) }}" # 2GB
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using s3-storage-provider.
|
||||
when: "vars[item] == ''"
|
||||
when: "lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_synapse_ext_synapse_s3_storage_provider_config_bucket"
|
||||
- "matrix_synapse_ext_synapse_s3_storage_provider_config_region_name"
|
||||
@@ -19,7 +19,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using s3-storage-provider.
|
||||
when: "not matrix_synapse_ext_synapse_s3_storage_provider_config_ec2_instance_profile | bool and vars[item] == ''"
|
||||
when: "not matrix_synapse_ext_synapse_s3_storage_provider_config_ec2_instance_profile | bool and lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_synapse_ext_synapse_s3_storage_provider_config_access_key_id"
|
||||
- "matrix_synapse_ext_synapse_s3_storage_provider_config_secret_access_key"
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using synapse-http-antispam.
|
||||
when: "vars[item] == ''"
|
||||
when: "lookup('vars', item, default='') == ''"
|
||||
with_items:
|
||||
- "matrix_synapse_ext_synapse_http_antispam_enabled"
|
||||
- "matrix_synapse_ext_synapse_http_antispam_config_base_url"
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item.name }}`).
|
||||
when: "item.when | bool and vars[item.name] | string | length == 0"
|
||||
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
|
||||
with_items:
|
||||
- {'name': 'matrix_synapse_username', when: true}
|
||||
- {'name': 'matrix_synapse_uid', when: true}
|
||||
@@ -48,7 +48,7 @@
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
`{{ item }}` cannot be more than 1. This is a single-instance worker.
|
||||
when: "vars[item] | int > 1"
|
||||
when: "lookup('vars', item, default='') | int > 1"
|
||||
with_items:
|
||||
- "matrix_synapse_workers_appservice_workers_count"
|
||||
- "matrix_synapse_workers_user_dir_workers_count"
|
||||
@@ -166,7 +166,7 @@
|
||||
- name: Fail if known Synapse password provider modules are enabled when auth is delegated to Matrix Authentication Service
|
||||
ansible.builtin.fail:
|
||||
msg: "When Synapse is delegating authentication to Matrix Authentication Service (`matrix_synapse_matrix_authentication_service_enabled: true`), it does not make sense to enable password provider modules, because it is not Synapse that is handling authentication. Please disable {{ item }} before enabling Matrix Authentication Service integration for Synapse. Synapse will refuse to start otherwise."
|
||||
when: matrix_synapse_matrix_authentication_service_enabled and vars[item] | bool
|
||||
when: matrix_synapse_matrix_authentication_service_enabled and lookup('vars', item, default='') | bool
|
||||
with_items:
|
||||
- matrix_synapse_ext_password_provider_rest_auth_enabled
|
||||
- matrix_synapse_ext_password_provider_shared_secret_auth_enabled
|
||||
|
||||
@@ -55,7 +55,7 @@ matrix_playbook_migration_matrix_postmoogle_migration_validation_enabled: true
|
||||
# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2999
|
||||
# - https://github.com/geerlingguy/ansible-role-docker/pull/410
|
||||
matrix_playbook_migration_debian_signedby_migration_enabled: true
|
||||
matrix_playbook_migration_debian_signedby_migration_repository_path: "/etc/apt/sources.list.d/download_docker_com_linux_{{ ansible_distribution | lower }}.list"
|
||||
matrix_playbook_migration_debian_signedby_migration_repository_path: "/etc/apt/sources.list.d/download_docker_com_linux_{{ ansible_facts['distribution'] | lower }}.list"
|
||||
|
||||
# Controls if the old apt repository for Docker (`signed-by=/etc/apt/trusted.gpg.d/docker.asc`) will be removed,
|
||||
# so that the Docker role (7.2.0+) can install a new non-conflicting one (`signed-by=/etc/apt/keyrings/docker.asc`).
|
||||
|
||||
Reference in New Issue
Block a user