Compare commits
6 Commits
2be85606c5
...
323ec0152f
| Author | SHA1 | Date | |
|---|---|---|---|
|
323ec0152f | ||
|
|
979a6814b0 | ||
|
|
a4b65f5b50 | ||
|
|
d1bbd974ab | ||
|
|
0033ffc405 | ||
|
|
46dc53580e |
@@ -3,7 +3,4 @@
|
|||||||
Roles for matrix services
|
Roles for matrix services
|
||||||
|
|
||||||
# To do
|
# To do
|
||||||
- Add argument spec validation
|
See [issues](https://git.uumas.fi/uumas/ansible-matrix/issues)
|
||||||
- Move ldap auth provider from password providers to collections
|
|
||||||
- Make updates optional (use state: present instead of state: latest unless requested)
|
|
||||||
- Only restart extras being changed, not all
|
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
|
# Worker endpoints last updated on 2023-04-25
|
||||||
nginx_upstreams:
|
nginx_upstreams:
|
||||||
synapse_main:
|
synapse_main:
|
||||||
servers:
|
servers:
|
||||||
@@ -43,6 +44,8 @@ nginx_upstreams:
|
|||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$'
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$'
|
||||||
- name: '~ ^/_matrix/client/v1/rooms/.*/hierarchy$'
|
- name: '~ ^/_matrix/client/v1/rooms/.*/hierarchy$'
|
||||||
|
- name: '~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/'
|
||||||
|
- name: '~ ^/_matrix/client/v1/rooms/.*/threads$'
|
||||||
- name: '~ ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$'
|
- name: '~ ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$'
|
||||||
- name: '~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$'
|
- name: '~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$'
|
||||||
- name: '~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$'
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$'
|
||||||
@@ -52,7 +55,12 @@ nginx_upstreams:
|
|||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$'
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/'
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$'
|
||||||
|
- name: '~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$'
|
||||||
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable/.*)/rooms/.*/aliases'
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$'
|
||||||
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/user/.*/filter(/|$)'
|
||||||
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/directory/room/.*$'
|
||||||
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/capabilities$'
|
||||||
|
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/query$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/query$'
|
||||||
additional_options:
|
additional_options:
|
||||||
@@ -60,12 +68,15 @@ nginx_upstreams:
|
|||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/changes$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/changes$'
|
||||||
- name: '~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$'
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$'
|
||||||
- name: '~ ^/_matrix/client/(r0|v3|unstable)/room_keys/'
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/room_keys/'
|
||||||
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/keys/upload/'
|
||||||
synapse_generic_login:
|
synapse_generic_login:
|
||||||
servers: "{{ synapse_workers.generic_login | default('') }}"
|
servers: "{{ synapse_workers.generic_login | default('') }}"
|
||||||
locations:
|
locations:
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|unstable|v3)/login$'
|
- name: '~ ^/_matrix/client/(api/v1|r0|unstable|v3)/login$'
|
||||||
- name: '~ ^/_matrix/client/(r0|unstable|v3)/register$'
|
- name: '~ ^/_matrix/client/(r0|unstable|v3)/register$'
|
||||||
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/register/available$'
|
||||||
- name: '~ ^/_matrix/client/v1/register/m.login.registration_token/validity$'
|
- name: '~ ^/_matrix/client/v1/register/m.login.registration_token/validity$'
|
||||||
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/password_policy$'
|
||||||
# SSO
|
# SSO
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login/sso/redirect'
|
||||||
- name: '~ ^/_synapse/client/pick_idp$'
|
- name: '~ ^/_synapse/client/pick_idp$'
|
||||||
@@ -96,6 +107,7 @@ nginx_upstreams:
|
|||||||
- name: '~ ^/_matrix/federation/(v1|v2)/send_leave/'
|
- name: '~ ^/_matrix/federation/(v1|v2)/send_leave/'
|
||||||
- name: '~ ^/_matrix/federation/(v1|v2)/invite/'
|
- name: '~ ^/_matrix/federation/(v1|v2)/invite/'
|
||||||
- name: '~ ^/_matrix/federation/v1/event_auth/'
|
- name: '~ ^/_matrix/federation/v1/event_auth/'
|
||||||
|
- name: '~ ^/_matrix/federation/v1/timestamp_to_event/'
|
||||||
- name: '~ ^/_matrix/federation/v1/exchange_third_party_invite/'
|
- name: '~ ^/_matrix/federation/v1/exchange_third_party_invite/'
|
||||||
- name: '~ ^/_matrix/federation/v1/user/devices/'
|
- name: '~ ^/_matrix/federation/v1/user/devices/'
|
||||||
- name: '~ ^/_matrix/key/v2/query'
|
- name: '~ ^/_matrix/key/v2/query'
|
||||||
@@ -118,6 +130,7 @@ nginx_upstreams:
|
|||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/'
|
||||||
additional_options:
|
additional_options:
|
||||||
- 'proxy_read_timeout 1h'
|
- 'proxy_read_timeout 1h'
|
||||||
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/knock/'
|
||||||
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/'
|
- name: '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/'
|
||||||
synapse_generic_pagination:
|
synapse_generic_pagination:
|
||||||
servers: "{{ synapse_workers.generic_pagination | default('') }}"
|
servers: "{{ synapse_workers.generic_pagination | default('') }}"
|
||||||
@@ -128,11 +141,6 @@ nginx_upstreams:
|
|||||||
servers: "{{ synapse_workers.user_dir | default('') }}"
|
servers: "{{ synapse_workers.user_dir | default('') }}"
|
||||||
locations:
|
locations:
|
||||||
- name: '~ ^/_matrix/client/(r0|v3|unstable)/user_directory/search$'
|
- name: '~ ^/_matrix/client/(r0|v3|unstable)/user_directory/search$'
|
||||||
synapse_frontend_proxy:
|
|
||||||
servers: "{{ synapse_workers.frontend_proxy | default('') }}"
|
|
||||||
locations:
|
|
||||||
- name: '~ ^/_matrix/client/(r0|v3|unstable)/keys/upload'
|
|
||||||
- name: "{{ '~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/[^/]+/status' if synapse_presence is defined and not synapse_presence else '' }}"
|
|
||||||
synapse_media_repository:
|
synapse_media_repository:
|
||||||
servers: "{{ synapse_workers.media_repository | default('') }}"
|
servers: "{{ synapse_workers.media_repository | default('') }}"
|
||||||
locations:
|
locations:
|
||||||
@@ -245,7 +253,6 @@ nginx_servers:
|
|||||||
- synapse_generic_event_send
|
- synapse_generic_event_send
|
||||||
- synapse_generic_pagination
|
- synapse_generic_pagination
|
||||||
- synapse_user_dir
|
- synapse_user_dir
|
||||||
- synapse_frontend_proxy
|
|
||||||
- synapse_device_persister
|
- synapse_device_persister
|
||||||
- synapse_typing_persister
|
- synapse_typing_persister
|
||||||
- synapse_account_persister
|
- synapse_account_persister
|
||||||
|
|||||||
@@ -14,6 +14,13 @@
|
|||||||
enabled: true
|
enabled: true
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
|
- name: Disable worker services
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: "matrix-synapse-worker@{{ item }}.service"
|
||||||
|
state: stopped
|
||||||
|
enabled: false
|
||||||
|
loop: "{{ synapse_disable_worker_services }}"
|
||||||
|
|
||||||
- name: Config worker services
|
- name: Config worker services
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
@@ -27,4 +34,6 @@
|
|||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
name: matrix-synchrotron@{{ item }}.service
|
name: matrix-synchrotron@{{ item }}.service
|
||||||
enabled: false
|
enabled: false
|
||||||
loop: "{{ synapse_synchrotrons }}"
|
loop:
|
||||||
|
- balancer
|
||||||
|
- init
|
||||||
|
|||||||
@@ -4,20 +4,44 @@
|
|||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
worker: "{{ worker_type }}-{{ worker_index | default('0') }}"
|
worker: "{{ worker_type }}-{{ worker_index | default('0') }}"
|
||||||
|
|
||||||
- name: Ensure config in place for {{ worker }}
|
- name: Enable worker {{ worker }}
|
||||||
|
when: worker_state == 'present'
|
||||||
|
block:
|
||||||
|
- name: Ensure config in place for {{ worker }}
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: worker.yaml.j2
|
src: worker.yaml.j2
|
||||||
dest: /etc/matrix-synapse/workers/{{ worker }}.yaml
|
dest: /etc/matrix-synapse/workers/{{ worker }}.yaml
|
||||||
mode: 0644
|
mode: 0644
|
||||||
notify: Config worker services
|
notify: Config worker services
|
||||||
|
|
||||||
- name: Ensure logging config in place for {{ worker }}
|
- name: Ensure logging config in place for {{ worker }}
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: log.yaml.j2
|
src: log.yaml.j2
|
||||||
dest: /etc/matrix-synapse/worker-logs/{{ worker }}-log.yaml
|
dest: /etc/matrix-synapse/worker-logs/{{ worker }}-log.yaml
|
||||||
mode: 0644
|
mode: 0644
|
||||||
notify: Config worker services
|
notify: Config worker services
|
||||||
|
|
||||||
- name: Add worker to synapse_worker_services variable
|
- name: Add worker to synapse_worker_services variable
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
synapse_worker_services: "{{ synapse_worker_services + [worker] }}"
|
synapse_worker_services: "{{ synapse_worker_services + [worker] }}"
|
||||||
|
|
||||||
|
|
||||||
|
- name: Disable worker {{ worker }}
|
||||||
|
when: worker_state == 'absent'
|
||||||
|
block:
|
||||||
|
- name: Notify the user
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: "Disabling worker {{ worker }}! Make sure to remove it from your synapse_workers."
|
||||||
|
|
||||||
|
- name: Ensure worker config files not present
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /etc/matrix-synapse/{{ item }}.yaml
|
||||||
|
state: absent
|
||||||
|
notify: Disable worker services
|
||||||
|
loop:
|
||||||
|
- workers/{{ worker }}
|
||||||
|
- worker-logs/{{ worker }}-log
|
||||||
|
|
||||||
|
- name: Add worker to synapse_disable_worker_services
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
synapse_disable_worker_services: "{{ synapse_worker_services + [worker] }}"
|
||||||
|
|||||||
@@ -14,6 +14,11 @@
|
|||||||
- "{{ worker_type }}.yml"
|
- "{{ worker_type }}.yml"
|
||||||
skip: true
|
skip: true
|
||||||
|
|
||||||
|
- name: Warn of legacy workers
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg: "You have a deprecated worker type {{ worker_type }} defined. You should remove it from synapse_workers."
|
||||||
|
when: worker_state == 'absent'
|
||||||
|
|
||||||
- name: Reset worker_ports variable
|
- name: Reset worker_ports variable
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
worker_ports: []
|
worker_ports: []
|
||||||
@@ -33,8 +38,3 @@
|
|||||||
- name: Include worker instance tasks for {{ worker_type }}
|
- name: Include worker instance tasks for {{ worker_type }}
|
||||||
ansible.builtin.include_tasks: worker_instance.yml
|
ansible.builtin.include_tasks: worker_instance.yml
|
||||||
when: worker_ports|length == 0
|
when: worker_ports|length == 0
|
||||||
|
|
||||||
- name: Append synchrotron variable
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
synapse_synchrotrons: "{{ synapse_synchrotrons + [synchrotron_type] }}"
|
|
||||||
when: synchrotron_type is defined and synchrotron_type not in synapse_synchrotrons
|
|
||||||
|
|||||||
@@ -25,7 +25,6 @@
|
|||||||
- name: Initialize synapse worker vars
|
- name: Initialize synapse worker vars
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
synapse_worker_services: []
|
synapse_worker_services: []
|
||||||
synapse_synchrotrons: []
|
|
||||||
|
|
||||||
- name: Configure workers
|
- name: Configure workers
|
||||||
ansible.builtin.include_tasks: worker_type.yml
|
ansible.builtin.include_tasks: worker_type.yml
|
||||||
@@ -45,4 +44,3 @@
|
|||||||
|
|
||||||
- name: Ensure synchrotron balancer removed (legacy)
|
- name: Ensure synchrotron balancer removed (legacy)
|
||||||
ansible.builtin.include_tasks: matrix-synchrotrons.yml
|
ansible.builtin.include_tasks: matrix-synchrotrons.yml
|
||||||
when: synapse_synchrotrons | length != 0
|
|
||||||
|
|||||||
@@ -6,7 +6,10 @@ redis:
|
|||||||
notify_appservices_from_worker: appservice-0
|
notify_appservices_from_worker: appservice-0
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if 'pusher' in synapse_workers %}
|
{% if 'pusher' in synapse_workers %}
|
||||||
start_pushers: false
|
pusher_instances:
|
||||||
|
{% for port in synapse_workers.pusher %}
|
||||||
|
- pusher-{{ loop.index0 }}
|
||||||
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if 'user_dir' in synapse_workers %}
|
{% if 'user_dir' in synapse_workers %}
|
||||||
update_user_directory_from_worker: user_dir-0
|
update_user_directory_from_worker: user_dir-0
|
||||||
@@ -78,13 +81,8 @@ run_background_tasks_on: background_tasks-0
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if 'federation_sender' in synapse_workers %}
|
{% if 'federation_sender' in synapse_workers %}
|
||||||
send_federation: false
|
|
||||||
|
|
||||||
{% if synapse_workers.federation_sender|length > 1 %}
|
|
||||||
federation_sender_instances:
|
federation_sender_instances:
|
||||||
{% for port in synapse_workers.federation_sender %}
|
{% for port in synapse_workers.federation_sender %}
|
||||||
- federation_sender-{{ loop.index0 }}
|
- federation_sender-{{ loop.index0 }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% endif %}
|
|
||||||
|
|||||||
@@ -24,6 +24,3 @@ worker_listeners:
|
|||||||
bind_addresses: ['0.0.0.0'] # Don't bind to multiple addresses
|
bind_addresses: ['0.0.0.0'] # Don't bind to multiple addresses
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if worker_app == 'frontend_proxy' %}
|
|
||||||
worker_main_http_uri: http://localhost:8008
|
|
||||||
{% endif %}
|
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
|
worker_state: present
|
||||||
worker_app: generic_worker
|
worker_app: generic_worker
|
||||||
worker_listeners:
|
worker_listeners:
|
||||||
- client
|
- client
|
||||||
|
|||||||
@@ -1,4 +1,3 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
worker_app: federation_sender
|
|
||||||
worker_listeners: []
|
worker_listeners: []
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
worker_app: frontend_proxy
|
# LEGACY
|
||||||
|
worker_state: absent
|
||||||
|
|||||||
@@ -1,3 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
synchrotron_type: init
|
|
||||||
@@ -1,3 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
synchrotron_type: balancer
|
|
||||||
@@ -1,4 +1,3 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
worker_app: pusher
|
|
||||||
worker_listeners: []
|
worker_listeners: []
|
||||||
|
|||||||
Reference in New Issue
Block a user