mirror of
https://github.com/famedly/ansible-collection-matrix
synced 2024-12-13 12:42:29 +00:00
Merge pull request #2 from jcgruenhage/docker
Support Docker deployments additionally
This commit is contained in:
commit
e4f0660db8
12 changed files with 195 additions and 80 deletions
7
.editorconfig
Normal file
7
.editorconfig
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
root = true
|
||||||
|
trim_trailing_whitespace = true
|
||||||
|
|
||||||
|
[*.yml]
|
||||||
|
insert_final_newline = true
|
||||||
|
indent_style = space
|
||||||
|
indent_size = 2
|
|
@ -37,6 +37,10 @@ The following should be present on the target system
|
||||||
| matrix_synapse_signing_key_path | "/opt/synapse/ssl/{{ matrix_server_name }}.signing.key" |
|
| matrix_synapse_signing_key_path | "/opt/synapse/ssl/{{ matrix_server_name }}.signing.key" |
|
||||||
| matrix_synapse_version | "v0.99.1.1" |
|
| matrix_synapse_version | "v0.99.1.1" |
|
||||||
| matrix_synapse_log_days_keep | 30 |
|
| matrix_synapse_log_days_keep | 30 |
|
||||||
|
| matrix_synapse_deployment_method | pip | Either pip or docker [¹](#footnote_1) |
|
||||||
|
| matrix_synapse_supervision_method | systemd | Either systemd, runit or docker [¹](#footnote_1) |
|
||||||
|
|
||||||
|
<a name="footnote_1">¹</a>: Docker must be used for both or neither deployment and supervision
|
||||||
|
|
||||||
## Dependencies
|
## Dependencies
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
---
|
---
|
||||||
matrix_synapse_extra_config: {}
|
matrix_synapse_extra_config: {}
|
||||||
|
matrix_synapse_deployment_method: pip
|
||||||
|
matrix_synapse_supervision_method: systemd
|
||||||
matrix_synapse_dh_path: "/opt/synapse/tls/{{ matrix_server_name }}.dh"
|
matrix_synapse_dh_path: "/opt/synapse/tls/{{ matrix_server_name }}.dh"
|
||||||
matrix_synapse_baseurl: "https://{{ matrix_server_name }}"
|
matrix_synapse_baseurl: "https://{{ matrix_server_name }}"
|
||||||
matrix_synapse_signing_key_path: "/opt/synapse/tls/{{ matrix_server_name }}.signing.key"
|
matrix_synapse_signing_key_path: "/opt/synapse/tls/{{ matrix_server_name }}.signing.key"
|
||||||
|
@ -7,3 +9,5 @@ matrix_synapse_version: "v0.99.1.1"
|
||||||
matrix_synapse_log_days_keep: 30
|
matrix_synapse_log_days_keep: 30
|
||||||
matrix_synapse_skip_tls: false
|
matrix_synapse_skip_tls: false
|
||||||
matrix_synapse_pid_file: /opt/synapse/synapse.pid
|
matrix_synapse_pid_file: /opt/synapse/synapse.pid
|
||||||
|
matrix_synapse_docker_ports: ["8008:8008", "8448:8448"]
|
||||||
|
matrix_synapse_docker_labels: {}
|
||||||
|
|
|
@ -3,14 +3,25 @@
|
||||||
systemd:
|
systemd:
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
|
|
||||||
- name: "restart matrix-synapse"
|
- name: "restart matrix-synapse using systemd"
|
||||||
service:
|
service:
|
||||||
name: "matrix-synapse"
|
name: "matrix-synapse"
|
||||||
state: restarted
|
state: restarted
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
when: matrix_synapse_supervision_method == "systemd"
|
||||||
|
listen: "restart matrix-synapse"
|
||||||
|
|
||||||
|
- name: "restart synapse using docker"
|
||||||
|
docker_container:
|
||||||
|
name: synapse
|
||||||
|
state: started
|
||||||
|
restart: yes
|
||||||
|
when: matrix_synapse_supervision_method == "docker"
|
||||||
|
listen: "restart matrix-synapse"
|
||||||
|
|
||||||
- name: restart rsyslog
|
- name: restart rsyslog
|
||||||
become: yes
|
become: yes
|
||||||
service:
|
service:
|
||||||
name: rsyslog
|
name: rsyslog
|
||||||
state: restarted
|
state: restarted
|
||||||
|
when: matrix_synapse_supervision_method == "systemd"
|
||||||
|
|
|
@ -1,4 +1,21 @@
|
||||||
---
|
---
|
||||||
|
- name: create user
|
||||||
|
user:
|
||||||
|
name: synapse
|
||||||
|
state: present
|
||||||
|
register: synapse_user
|
||||||
|
tags:
|
||||||
|
- pre_install
|
||||||
|
|
||||||
|
- name: create directory
|
||||||
|
file:
|
||||||
|
name: /opt/synapse
|
||||||
|
state: directory
|
||||||
|
owner: synapse
|
||||||
|
group: synapse
|
||||||
|
tags:
|
||||||
|
- pre_install
|
||||||
|
|
||||||
- name: Create directory for media storage
|
- name: Create directory for media storage
|
||||||
file:
|
file:
|
||||||
name: "{{ item }}"
|
name: "{{ item }}"
|
||||||
|
@ -21,6 +38,8 @@
|
||||||
|
|
||||||
- name: Configure logging
|
- name: Configure logging
|
||||||
import_tasks: logging.yml
|
import_tasks: logging.yml
|
||||||
|
when: matrix_synapse_supervision_method == "systemd"
|
||||||
|
# TODO: Figure out how to make sure that logging ends up in rsyslog no matter what system we run on
|
||||||
|
|
||||||
- name: Create certificates
|
- name: Create certificates
|
||||||
include_tasks: crypto.yml
|
include_tasks: crypto.yml
|
||||||
|
|
|
@ -1,71 +1,78 @@
|
||||||
---
|
---
|
||||||
- name: create user
|
- name: install synapse with pip into virtualenv
|
||||||
user:
|
block:
|
||||||
|
- name: Install dependencies
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- build-essential
|
||||||
|
- python2.7-dev
|
||||||
|
- libffi-dev
|
||||||
|
- python-pip
|
||||||
|
- python-setuptools
|
||||||
|
- sqlite3
|
||||||
|
- libssl-dev
|
||||||
|
- python-virtualenv
|
||||||
|
- libjpeg-dev
|
||||||
|
- libxslt1-dev
|
||||||
|
- git
|
||||||
|
- libpq-dev
|
||||||
|
state: present
|
||||||
|
cache_valid_time: 1800
|
||||||
|
tags:
|
||||||
|
- pre_install
|
||||||
|
|
||||||
|
- name: Create virtualenv
|
||||||
|
pip:
|
||||||
|
name:
|
||||||
|
- pip
|
||||||
|
- setuptools
|
||||||
|
- lxml
|
||||||
|
- psycopg2-binary
|
||||||
|
- mock
|
||||||
|
virtualenv: /opt/synapse/env
|
||||||
|
virtualenv_python: python2.7
|
||||||
|
extra_args: --upgrade
|
||||||
|
tags:
|
||||||
|
- pre_install
|
||||||
|
|
||||||
|
- name: Clone synapse
|
||||||
|
git:
|
||||||
|
repo: https://github.com/matrix-org/synapse
|
||||||
|
dest: /opt/synapse/synapse
|
||||||
|
accept_hostkey: yes
|
||||||
|
version: "{{ matrix_synapse_version }}"
|
||||||
|
register: clone_synapse
|
||||||
|
tags:
|
||||||
|
- pre_install
|
||||||
|
|
||||||
|
- name: Install Synapse
|
||||||
|
pip:
|
||||||
|
name: /opt/synapse/synapse
|
||||||
|
virtualenv: /opt/synapse/env
|
||||||
|
virtualenv_python: python2.7
|
||||||
|
when: clone_synapse.changed
|
||||||
|
tags:
|
||||||
|
- skip_ansible_lint # skip when clause
|
||||||
|
- pre_install
|
||||||
|
when: matrix_synapse_deployment_method == "pip"
|
||||||
|
|
||||||
|
- name: install synapse with docker
|
||||||
|
docker_container:
|
||||||
name: synapse
|
name: synapse
|
||||||
state: present
|
image: "docker.io/matrixdotorg/synapse:{{ matrix_synapse_version }}"
|
||||||
tags:
|
ports: "{{ matrix_synapse_docker_ports }}"
|
||||||
- pre_install
|
labels: "{{ matrix_synapse_docker_labels }}"
|
||||||
|
restart_policy: unless-stopped
|
||||||
- name: create directory
|
entrypoint: "python"
|
||||||
file:
|
command:
|
||||||
name: /opt/synapse
|
- "-m"
|
||||||
state: directory
|
- "synapse.app.homeserver"
|
||||||
owner: synapse
|
- "-c"
|
||||||
group: synapse
|
- "/opt/synapse/homeserver.yaml"
|
||||||
tags:
|
user: "{{ synapse_user.uid }}:{{ synapse_user.group }}"
|
||||||
- pre_install
|
volumes:
|
||||||
|
- "{{ matrix_synapse_config.media_store_path }}:{{ matrix_synapse_config.media_store_path }}"
|
||||||
- name: Install dependencies
|
- "{{ matrix_synapse_config.uploads_path }}:{{ matrix_synapse_config.uploads_path }}"
|
||||||
apt:
|
- "/opt/synapse/homeserver.yaml:/opt/synapse/homeserver.yaml"
|
||||||
name:
|
- "/opt/synapse/tls:/opt/synapse/tls"
|
||||||
- build-essential
|
when: matrix_synapse_deployment_method == "docker"
|
||||||
- python2.7-dev
|
|
||||||
- libffi-dev
|
|
||||||
- python-pip
|
|
||||||
- python-setuptools
|
|
||||||
- sqlite3
|
|
||||||
- libssl-dev
|
|
||||||
- python-virtualenv
|
|
||||||
- libjpeg-dev
|
|
||||||
- libxslt1-dev
|
|
||||||
- git
|
|
||||||
- libpq-dev
|
|
||||||
state: present
|
|
||||||
cache_valid_time: 1800
|
|
||||||
tags:
|
|
||||||
- pre_install
|
|
||||||
|
|
||||||
- name: Create virtualenv
|
|
||||||
pip:
|
|
||||||
name:
|
|
||||||
- pip
|
|
||||||
- setuptools
|
|
||||||
- lxml
|
|
||||||
- psycopg2-binary
|
|
||||||
- mock
|
|
||||||
virtualenv: /opt/synapse/env
|
|
||||||
virtualenv_python: python2.7
|
|
||||||
extra_args: --upgrade
|
|
||||||
tags:
|
|
||||||
- pre_install
|
|
||||||
|
|
||||||
- name: Clone synapse
|
|
||||||
git:
|
|
||||||
repo: https://github.com/matrix-org/synapse
|
|
||||||
dest: /opt/synapse/synapse
|
|
||||||
accept_hostkey: yes
|
|
||||||
version: "{{ matrix_synapse_version }}"
|
|
||||||
register: clone_synapse
|
|
||||||
tags:
|
|
||||||
- pre_install
|
|
||||||
|
|
||||||
- name: Install Synapse
|
|
||||||
pip:
|
|
||||||
name: /opt/synapse/synapse
|
|
||||||
virtualenv: /opt/synapse/env
|
|
||||||
virtualenv_python: python2.7
|
|
||||||
when: clone_synapse.changed
|
|
||||||
tags:
|
|
||||||
- skip_ansible_lint # skip when clause
|
|
||||||
- pre_install
|
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
---
|
---
|
||||||
- name: deploy synapse
|
- name: check that sypervision and deployment are compatible
|
||||||
import_tasks: deployment.yml
|
fail:
|
||||||
|
msg: "Either both or neither of deployment and supervision method should be docker."
|
||||||
|
when: (matrix_synapse_supervision_method == "docker" and matrix_synapse_deployment_method != "docker") or (matrix_synapse_deployment_method == "docker" and matrix_synapse_supervision_method != "docker")
|
||||||
|
|
||||||
- name: configure synapse
|
- name: configure synapse
|
||||||
import_tasks: configure.yml
|
import_tasks: configure.yml
|
||||||
|
|
||||||
|
- name: deploy synapse
|
||||||
|
import_tasks: deployment.yml
|
||||||
|
|
||||||
- name: configure service
|
- name: configure service
|
||||||
import_tasks: systemd.yml
|
import_tasks: systemd.yml
|
||||||
|
when: matrix_synapse_supervision_method == "systemd"
|
||||||
|
|
2
tests/.gitignore
vendored
Normal file
2
tests/.gitignore
vendored
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
.vagrant
|
||||||
|
*.retry
|
22
tests/Vagrantfile
vendored
22
tests/Vagrantfile
vendored
|
@ -2,12 +2,24 @@
|
||||||
# vi: set ft=ruby :
|
# vi: set ft=ruby :
|
||||||
|
|
||||||
Vagrant.configure("2") do |config|
|
Vagrant.configure("2") do |config|
|
||||||
config.vm.box = "debian/stretch64"
|
config.vm.define "pip" do |pip|
|
||||||
|
pip.vm.box = "debian/stretch64"
|
||||||
|
|
||||||
config.vm.network "forwarded_port", guest: 8008, host: 8008
|
pip.vm.network "forwarded_port", guest: 8008, host: 8008
|
||||||
config.vm.network "forwarded_port", guest: 8448, host: 8448
|
pip.vm.network "forwarded_port", guest: 8448, host: 8448
|
||||||
|
|
||||||
config.vm.provision "ansible" do |ansible|
|
pip.vm.provision "ansible" do |ansible|
|
||||||
ansible.playbook = "test.yml"
|
ansible.playbook = "test-pip.yml"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
config.vm.define "docker" do |docker|
|
||||||
|
docker.vm.box = "debian/stretch64"
|
||||||
|
|
||||||
|
docker.vm.network "forwarded_port", guest: 8008, host: 8009
|
||||||
|
docker.vm.network "forwarded_port", guest: 8448, host: 8449
|
||||||
|
|
||||||
|
docker.vm.provision "ansible" do |ansible|
|
||||||
|
ansible.playbook = "test-docker.yml"
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,2 +1,4 @@
|
||||||
---
|
---
|
||||||
|
- role: geerlingguy.pip
|
||||||
|
- role: geerlingguy.docker
|
||||||
- role: geerlingguy.postgresql
|
- role: geerlingguy.postgresql
|
||||||
|
|
37
tests/test-docker.yml
Normal file
37
tests/test-docker.yml
Normal file
|
@ -0,0 +1,37 @@
|
||||||
|
---
|
||||||
|
- hosts: all
|
||||||
|
become: true
|
||||||
|
vars:
|
||||||
|
dbname: synapse
|
||||||
|
dbuser: synapse_user
|
||||||
|
dbpw: synapse_password
|
||||||
|
matrix_synapse_deployment_method: docker
|
||||||
|
matrix_synapse_supervision_method: docker
|
||||||
|
roles:
|
||||||
|
- role: geerlingguy.pip
|
||||||
|
pip_install_packages:
|
||||||
|
- name: docker
|
||||||
|
- role: geerlingguy.docker
|
||||||
|
- role: geerlingguy.postgresql
|
||||||
|
postgresql_databases:
|
||||||
|
- name: "{{ dbname }}"
|
||||||
|
postgresql_users:
|
||||||
|
- name: "{{ dbuser }}"
|
||||||
|
password: "{{ dbpw }}"
|
||||||
|
postgresql_global_config_options:
|
||||||
|
- option: listen_addresses
|
||||||
|
value: "172.17.0.1"
|
||||||
|
postgresql_hba_entries:
|
||||||
|
- { type: local, database: all, user: all, auth_method: trust }
|
||||||
|
- { type: host, database: "{{ dbname }}", user: "{{ dbuser }}", address: "172.17.0.1/16", auth_method: md5 }
|
||||||
|
- role: matrix-ansible-synapse
|
||||||
|
matrix_server_name: localhost
|
||||||
|
matrix_synapse_report_stats: false
|
||||||
|
matrix_synapse_pg_host: 172.17.0.1
|
||||||
|
matrix_synapse_pg_user: "{{ dbuser }}"
|
||||||
|
matrix_synapse_pg_pass: "{{ dbpw }}"
|
||||||
|
matrix_synapse_pg_db: "{{ dbname }}"
|
||||||
|
matrix_synapse_macaroon_secret_key: "THIS_IS_TOTALLY_SECRET_1337_L33T_HaxXxOR"
|
||||||
|
matrix_synapse_registration_secret: "waewi7Joolae8Pahh1eePhaeJubairieFuhoorie3h"
|
||||||
|
matrix_synapse_extra_config:
|
||||||
|
no_tls: true
|
|
@ -6,12 +6,16 @@
|
||||||
dbuser: synapse_user
|
dbuser: synapse_user
|
||||||
dbpw: synapse_password
|
dbpw: synapse_password
|
||||||
roles:
|
roles:
|
||||||
|
- role: geerlingguy.pip
|
||||||
- role: geerlingguy.postgresql
|
- role: geerlingguy.postgresql
|
||||||
postgresql_databases:
|
postgresql_databases:
|
||||||
- name: "{{ dbname }}"
|
- name: "{{ dbname }}"
|
||||||
postgresql_users:
|
postgresql_users:
|
||||||
- name: "{{ dbuser }}"
|
- name: "{{ dbuser }}"
|
||||||
password: "{{ dbpw }}"
|
password: "{{ dbpw }}"
|
||||||
|
postgresql_global_config_options:
|
||||||
|
- option: listen_address
|
||||||
|
value: "*"
|
||||||
- role: matrix-ansible-synapse
|
- role: matrix-ansible-synapse
|
||||||
matrix_server_name: localhost
|
matrix_server_name: localhost
|
||||||
matrix_synapse_report_stats: false
|
matrix_synapse_report_stats: false
|
Loading…
Reference in a new issue