Mirrors/ansible-collection-famedly-matrix
2
0
Fork 0
mirror of https://github.com/famedly/ansible-collection-matrix synced 2024-12-13 12:42:29 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #2 from jcgruenhage/docker

Browse source 
Support Docker deployments additionally
This commit is contained in:
Emmanouil Kampitakis 2019-02-18 00:32:39 +01:00 committed by GitHub
commit e4f0660db8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 195 additions and 80 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
.editorconfig Normal file
View file

@ -0,0 +1,7 @@
root = true
trim_trailing_whitespace = true
[*.yml]
insert_final_newline = true
indent_style = space
indent_size = 2

4
README.md
View file

@ -37,6 +37,10 @@ The following should be present on the target system
| matrix_synapse_signing_key_path | "/opt/synapse/ssl/{{ matrix_server_name }}.signing.key" | | matrix_synapse_signing_key_path | "/opt/synapse/ssl/{{ matrix_server_name }}.signing.key" |
| matrix_synapse_version | "v0.99.1.1" | | matrix_synapse_version | "v0.99.1.1" |
| matrix_synapse_log_days_keep | 30 | | matrix_synapse_log_days_keep | 30 |
| matrix_synapse_deployment_method | pip | Either pip or docker [¹](#footnote_1) |
| matrix_synapse_supervision_method | systemd | Either systemd, runit or docker [¹](#footnote_1) |
<a name="footnote_1">¹</a>: Docker must be used for both or neither deployment and supervision
## Dependencies ## Dependencies

4
defaults/main.yml
View file

@ -1,5 +1,7 @@
--- ---
matrix_synapse_extra_config: {} matrix_synapse_extra_config: {}
matrix_synapse_deployment_method: pip
matrix_synapse_supervision_method: systemd
matrix_synapse_dh_path: "/opt/synapse/tls/{{ matrix_server_name }}.dh" matrix_synapse_dh_path: "/opt/synapse/tls/{{ matrix_server_name }}.dh"
matrix_synapse_baseurl: "https://{{ matrix_server_name }}" matrix_synapse_baseurl: "https://{{ matrix_server_name }}"
matrix_synapse_signing_key_path: "/opt/synapse/tls/{{ matrix_server_name }}.signing.key" matrix_synapse_signing_key_path: "/opt/synapse/tls/{{ matrix_server_name }}.signing.key"
@ -7,3 +9,5 @@ matrix_synapse_version: "v0.99.1.1"
matrix_synapse_log_days_keep: 30 matrix_synapse_log_days_keep: 30
matrix_synapse_skip_tls: false matrix_synapse_skip_tls: false
matrix_synapse_pid_file: /opt/synapse/synapse.pid matrix_synapse_pid_file: /opt/synapse/synapse.pid
matrix_synapse_docker_ports: ["8008:8008", "8448:8448"]
matrix_synapse_docker_labels: {}

13
handlers/main.yml
View file

@ -3,14 +3,25 @@
systemd: systemd:
daemon_reload: yes daemon_reload: yes
- name: "restart matrix-synapse" - name: "restart matrix-synapse using systemd"
service: service:
name: "matrix-synapse" name: "matrix-synapse"
state: restarted state: restarted
enabled: yes enabled: yes
when: matrix_synapse_supervision_method == "systemd"
listen: "restart matrix-synapse"
- name: "restart synapse using docker"
docker_container:
name: synapse
state: started
restart: yes
when: matrix_synapse_supervision_method == "docker"
listen: "restart matrix-synapse"
- name: restart rsyslog - name: restart rsyslog
become: yes become: yes
service: service:
name: rsyslog name: rsyslog
state: restarted state: restarted
when: matrix_synapse_supervision_method == "systemd"

21
tasks/configure.yml
View file

@ -1,4 +1,21 @@
--- ---
- name: create user
user:
name: synapse
state: present
register: synapse_user
tags:
- pre_install
- name: create directory
file:
name: /opt/synapse
state: directory
owner: synapse
group: synapse
tags:
- pre_install
- name: Create directory for media storage - name: Create directory for media storage
file: file:
name: "{{ item }}" name: "{{ item }}"
@ -8,7 +25,7 @@
loop: loop:
- "{{ matrix_synapse_config.media_store_path }}" - "{{ matrix_synapse_config.media_store_path }}"
- "{{ matrix_synapse_config.uploads_path }}" - "{{ matrix_synapse_config.uploads_path }}"
- /opt/synapse/tls - /opt/synapse/tls
- name: Deploy config - name: Deploy config
copy: copy:
@ -21,6 +38,8 @@
- name: Configure logging - name: Configure logging
import_tasks: logging.yml import_tasks: logging.yml
when: matrix_synapse_supervision_method == "systemd"
# TODO: Figure out how to make sure that logging ends up in rsyslog no matter what system we run on
- name: Create certificates - name: Create certificates
include_tasks: crypto.yml include_tasks: crypto.yml

145
tasks/deployment.yml
View file

@ -1,71 +1,78 @@
--- ---
- name: create user - name: install synapse with pip into virtualenv
user: block:
- name: Install dependencies
apt:
name:
- build-essential
- python2.7-dev
- libffi-dev
- python-pip
- python-setuptools
- sqlite3
- libssl-dev
- python-virtualenv
- libjpeg-dev
- libxslt1-dev
- git
- libpq-dev
state: present
cache_valid_time: 1800
tags:
- pre_install
- name: Create virtualenv
pip:
name:
- pip
- setuptools
- lxml
- psycopg2-binary
- mock
virtualenv: /opt/synapse/env
virtualenv_python: python2.7
extra_args: --upgrade
tags:
- pre_install
- name: Clone synapse
git:
repo: https://github.com/matrix-org/synapse
dest: /opt/synapse/synapse
accept_hostkey: yes
version: "{{ matrix_synapse_version }}"
register: clone_synapse
tags:
- pre_install
- name: Install Synapse
pip:
name: /opt/synapse/synapse
virtualenv: /opt/synapse/env
virtualenv_python: python2.7
when: clone_synapse.changed
tags:
- skip_ansible_lint # skip when clause
- pre_install
when: matrix_synapse_deployment_method == "pip"
- name: install synapse with docker
docker_container:
name: synapse name: synapse
state: present image: "docker.io/matrixdotorg/synapse:{{ matrix_synapse_version }}"
tags: ports: "{{ matrix_synapse_docker_ports }}"
- pre_install labels: "{{ matrix_synapse_docker_labels }}"
restart_policy: unless-stopped
- name: create directory entrypoint: "python"
file: command:
name: /opt/synapse - "-m"
state: directory - "synapse.app.homeserver"
owner: synapse - "-c"
group: synapse - "/opt/synapse/homeserver.yaml"
tags: user: "{{ synapse_user.uid }}:{{ synapse_user.group }}"
- pre_install volumes:
- "{{ matrix_synapse_config.media_store_path }}:{{ matrix_synapse_config.media_store_path }}"
- name: Install dependencies - "{{ matrix_synapse_config.uploads_path }}:{{ matrix_synapse_config.uploads_path }}"
apt: - "/opt/synapse/homeserver.yaml:/opt/synapse/homeserver.yaml"
name: - "/opt/synapse/tls:/opt/synapse/tls"
- build-essential when: matrix_synapse_deployment_method == "docker"
- python2.7-dev
- libffi-dev
- python-pip
- python-setuptools
- sqlite3
- libssl-dev
- python-virtualenv
- libjpeg-dev
- libxslt1-dev
- git
- libpq-dev
state: present
cache_valid_time: 1800
tags:
- pre_install
- name: Create virtualenv
pip:
name:
- pip
- setuptools
- lxml
- psycopg2-binary
- mock
virtualenv: /opt/synapse/env
virtualenv_python: python2.7
extra_args: --upgrade
tags:
- pre_install
- name: Clone synapse
git:
repo: https://github.com/matrix-org/synapse
dest: /opt/synapse/synapse
accept_hostkey: yes
version: "{{ matrix_synapse_version }}"
register: clone_synapse
tags:
- pre_install
- name: Install Synapse
pip:
name: /opt/synapse/synapse
virtualenv: /opt/synapse/env
virtualenv_python: python2.7
when: clone_synapse.changed
tags:
- skip_ansible_lint # skip when clause
- pre_install

10
tasks/main.yml
View file

@ -1,9 +1,15 @@
--- ---
- name: deploy synapse - name: check that sypervision and deployment are compatible
import_tasks: deployment.yml fail:
msg: "Either both or neither of deployment and supervision method should be docker."
when: (matrix_synapse_supervision_method == "docker" and matrix_synapse_deployment_method != "docker") or (matrix_synapse_deployment_method == "docker" and matrix_synapse_supervision_method != "docker")
- name: configure synapse - name: configure synapse
import_tasks: configure.yml import_tasks: configure.yml
- name: deploy synapse
import_tasks: deployment.yml
- name: configure service - name: configure service
import_tasks: systemd.yml import_tasks: systemd.yml
when: matrix_synapse_supervision_method == "systemd"

2
tests/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
.vagrant
*.retry

22
tests/Vagrantfile vendored
View file

@ -2,12 +2,24 @@
# vi: set ft=ruby : # vi: set ft=ruby :
Vagrant.configure("2") do |config| Vagrant.configure("2") do |config|
config.vm.box = "debian/stretch64" config.vm.define "pip" do |pip|
pip.vm.box = "debian/stretch64"
config.vm.network "forwarded_port", guest: 8008, host: 8008 pip.vm.network "forwarded_port", guest: 8008, host: 8008
config.vm.network "forwarded_port", guest: 8448, host: 8448 pip.vm.network "forwarded_port", guest: 8448, host: 8448
config.vm.provision "ansible" do |ansible| pip.vm.provision "ansible" do |ansible|
ansible.playbook = "test.yml" ansible.playbook = "test-pip.yml"
end
end
config.vm.define "docker" do |docker|
docker.vm.box = "debian/stretch64"
docker.vm.network "forwarded_port", guest: 8008, host: 8009
docker.vm.network "forwarded_port", guest: 8448, host: 8449
docker.vm.provision "ansible" do |ansible|
ansible.playbook = "test-docker.yml"
end
end end
end end

2
tests/requirements.yml
View file

@ -1,2 +1,4 @@
--- ---
- role: geerlingguy.pip
- role: geerlingguy.docker
- role: geerlingguy.postgresql - role: geerlingguy.postgresql

37
tests/test-docker.yml Normal file
View file

@ -0,0 +1,37 @@
---
- hosts: all
become: true
vars:
dbname: synapse
dbuser: synapse_user
dbpw: synapse_password
matrix_synapse_deployment_method: docker
matrix_synapse_supervision_method: docker
roles:
- role: geerlingguy.pip
pip_install_packages:
- name: docker
- role: geerlingguy.docker
- role: geerlingguy.postgresql
postgresql_databases:
- name: "{{ dbname }}"
postgresql_users:
- name: "{{ dbuser }}"
password: "{{ dbpw }}"
postgresql_global_config_options:
- option: listen_addresses
value: "172.17.0.1"
postgresql_hba_entries:
- { type: local, database: all, user: all, auth_method: trust }
- { type: host, database: "{{ dbname }}", user: "{{ dbuser }}", address: "172.17.0.1/16", auth_method: md5 }
- role: matrix-ansible-synapse
matrix_server_name: localhost
matrix_synapse_report_stats: false
matrix_synapse_pg_host: 172.17.0.1
matrix_synapse_pg_user: "{{ dbuser }}"
matrix_synapse_pg_pass: "{{ dbpw }}"
matrix_synapse_pg_db: "{{ dbname }}"
matrix_synapse_macaroon_secret_key: "THIS_IS_TOTALLY_SECRET_1337_L33T_HaxXxOR"
matrix_synapse_registration_secret: "waewi7Joolae8Pahh1eePhaeJubairieFuhoorie3h"
matrix_synapse_extra_config:
no_tls: true

8
tests/test.yml → tests/test-pip.yml
View file

@ -6,12 +6,16 @@
dbuser: synapse_user dbuser: synapse_user
dbpw: synapse_password dbpw: synapse_password
roles: roles:
- role: geerlingguy.pip
- role: geerlingguy.postgresql - role: geerlingguy.postgresql
postgresql_databases: postgresql_databases:
- name: "{{ dbname }}" - name: "{{ dbname }}"
postgresql_users: postgresql_users:
- name: "{{ dbuser }}" - name: "{{ dbuser }}"
password: "{{ dbpw }}" password: "{{ dbpw }}"
postgresql_global_config_options:
- option: listen_address
value: "*"
- role: matrix-ansible-synapse - role: matrix-ansible-synapse
matrix_server_name: localhost matrix_server_name: localhost
matrix_synapse_report_stats: false matrix_synapse_report_stats: false