From 320080270f4966a31114595138bab8ffe5a302ae Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 12 Dec 2023 22:36:35 +0100 Subject: [PATCH] Matrix draft --- group_vars/all | 2 + playbook-servers.yml | 9 ++++ .../templates/docker-compose.yml.j2 | 2 +- .../templates/docker-compose.yml.j2 | 6 +-- .../templates/docker-compose.yml.j2 | 2 +- roles/docker-matrix/README.md | 0 roles/docker-matrix/handlers/main.yml | 8 ++++ roles/docker-matrix/meta/main.yml | 2 + roles/docker-matrix/tasks/main.yml | 33 ++++++++++++++ .../templates/docker-compose.yml.j2 | 45 +++++++++++++++++++ .../templates/homeserver.yaml.j2 | 28 ++++++++++++ roles/docker-matrix/templates/log.config.j2 | 25 +++++++++++ roles/docker-matrix/vars/main.yml | 2 + .../templates/docker-compose.yml.j2 | 7 ++- .../templates/docker-compose.yml.j2 | 9 +++- 15 files changed, 170 insertions(+), 10 deletions(-) create mode 100644 roles/docker-matrix/README.md create mode 100644 roles/docker-matrix/handlers/main.yml create mode 100644 roles/docker-matrix/meta/main.yml create mode 100644 roles/docker-matrix/tasks/main.yml create mode 100644 roles/docker-matrix/templates/docker-compose.yml.j2 create mode 100644 roles/docker-matrix/templates/homeserver.yaml.j2 create mode 100644 roles/docker-matrix/templates/log.config.j2 create mode 100644 roles/docker-matrix/vars/main.yml diff --git a/group_vars/all b/group_vars/all index 14affe16..502bfdd4 100644 --- a/group_vars/all +++ b/group_vars/all @@ -50,6 +50,7 @@ domain_mailu: "mail.{{top_domain}}" domain_mastodon: "microblog.{{top_domain}}" domains_mastodon_alternates: [] domain_matomo: "matomo.{{top_domain}}" +domain_matrix: "chat.{{top_domain}}" domain_mediawiki: "wiki.{{top_domain}}" domain_nextcloud: "cloud.{{top_domain}}" domain_pixelfed: "pictures.{{top_domain}}" @@ -73,6 +74,7 @@ redirect_domain_mappings: - { source: "peertube.{{top_domain}}", target: "videos.{{top_domain}}" } - { source: "funkwhale.{{top_domain}}", target: "music.{{top_domain}}" } - { source: "pixelfed.{{top_domain}}", target: "pictures.{{top_domain}}" } +- { source: "matrix.{{top_domain}}", target: "chat.{{top_domain}}" } nginx_configuration_directory: "/etc/nginx/conf.d/" nginx_servers_directory: "{{nginx_configuration_directory}}servers/" diff --git a/playbook-servers.yml b/playbook-servers.yml index 62162bdf..9cfcac7e 100644 --- a/playbook-servers.yml +++ b/playbook-servers.yml @@ -200,6 +200,15 @@ domains: "{{domains_discourse}}" http_port: 8020 +- name: setup matrix + hosts: matrix + become: true + roles: + - role: docker-matrix + vars: + domain: "{{domain_matrix}}" + http_port: 8021 + - name: setup akaunting hosts hosts: akaunting become: true diff --git a/roles/docker-funkwhale/templates/docker-compose.yml.j2 b/roles/docker-funkwhale/templates/docker-compose.yml.j2 index 9f63ce78..afc17e0e 100644 --- a/roles/docker-funkwhale/templates/docker-compose.yml.j2 +++ b/roles/docker-funkwhale/templates/docker-compose.yml.j2 @@ -6,7 +6,7 @@ services: env_file: .env environment: - "POSTGRES_HOST_AUTH_METHOD=trust" - image: postgres:15-alpine + image: postgres:alpine volumes: - database:/var/lib/postgresql/data diff --git a/roles/docker-listmonk/templates/docker-compose.yml.j2 b/roles/docker-listmonk/templates/docker-compose.yml.j2 index 21034fff..7f115b4c 100644 --- a/roles/docker-listmonk/templates/docker-compose.yml.j2 +++ b/roles/docker-listmonk/templates/docker-compose.yml.j2 @@ -1,7 +1,3 @@ -# NOTE: This docker-compose.yml is meant to be just an example guideline -# on how you can achieve the same. It is not intented to run out of the box -# and you must edit the below configurations to suit your needs. - version: "3.7" x-application-defaults: &application-defaults @@ -15,7 +11,7 @@ x-application-defaults: &application-defaults - TZ=Etc/UTC x-database-defaults: &database-defaults - image: postgres:13-alpine + image: postgres:alpine ports: - "9432:5432" networks: diff --git a/roles/docker-mastodon/templates/docker-compose.yml.j2 b/roles/docker-mastodon/templates/docker-compose.yml.j2 index 451da3cf..1816b5a0 100644 --- a/roles/docker-mastodon/templates/docker-compose.yml.j2 +++ b/roles/docker-mastodon/templates/docker-compose.yml.j2 @@ -2,7 +2,7 @@ version: '3' services: database: restart: always - image: postgres:14-alpine + image: postgres:alpine shm_size: 256mb networks: - internal_network diff --git a/roles/docker-matrix/README.md b/roles/docker-matrix/README.md new file mode 100644 index 00000000..e69de29b diff --git a/roles/docker-matrix/handlers/main.yml b/roles/docker-matrix/handlers/main.yml new file mode 100644 index 00000000..6a081ccb --- /dev/null +++ b/roles/docker-matrix/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: recreate matrix + command: + cmd: docker-compose up -d --force-recreate + chdir: "{{docker_compose_instance_directory}}" + environment: + COMPOSE_HTTP_TIMEOUT: 600 + DOCKER_CLIENT_TIMEOUT: 600 diff --git a/roles/docker-matrix/meta/main.yml b/roles/docker-matrix/meta/main.yml new file mode 100644 index 00000000..d3606e63 --- /dev/null +++ b/roles/docker-matrix/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: +- nginx-docker-reverse-proxy diff --git a/roles/docker-matrix/tasks/main.yml b/roles/docker-matrix/tasks/main.yml new file mode 100644 index 00000000..7bed5a8d --- /dev/null +++ b/roles/docker-matrix/tasks/main.yml @@ -0,0 +1,33 @@ +--- +- name: "include tasks nginx-docker-proxy-domain.yml" + include_tasks: nginx-docker-proxy-domain.yml + +- name: "create {{docker_compose_instance_directory}}" + file: + path: "{{docker_compose_instance_directory}}" + state: directory + mode: 0755 + +- name: add homeserver.yaml + template: + src: "homeserver.yaml.j2" + dest: "{{docker_compose_instance_directory}}homeserver.yaml" + notify: recreate matrix + +- name: add log.config + template: + src: "log.config.j2" + dest: "{{docker_compose_instance_directory}}{{domain}}.log.config" + notify: recreate matrix + +# https://github.com/matrix-org/synapse/issues/6303 +- name: set correct folder permissions + command: + cmd: "docker run --rm --mount type=volume,src=matrix_data,dst=/data -e SYNAPSE_SERVER_NAME={{domain}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'" + chdir: "{{path_docker_compose_instances}}baserow/" + +- name: add docker-compose.yml + template: + src: "docker-compose.yml.j2" + dest: "{{docker_compose_instance_directory}}docker-compose.yml" + notify: recreate matrix diff --git a/roles/docker-matrix/templates/docker-compose.yml.j2 b/roles/docker-matrix/templates/docker-compose.yml.j2 new file mode 100644 index 00000000..2f39d90f --- /dev/null +++ b/roles/docker-matrix/templates/docker-compose.yml.j2 @@ -0,0 +1,45 @@ +version: '3.1' + +services: + + application: + image: matrixdotorg/synapse:latest + restart: unless-stopped + logging: + driver: journald + volumes: + - data:/data + - ./homeserver.yaml:/data/homeserver.yaml:ro + - ./{{domain}}.log.config:/data/{{domain}}.log.config:ro + environment: + - SYNAPSE_SERVER_NAME={{domain}} + - SYNAPSE_REPORT_STATS=no + ports: + - "127.0.0.1:{{http_port}}:8008" + depends_on: + - database + + database: + logging: + driver: journald + image: postgres:alpine + restart: unless-stopped + volumes: + - database:/var/lib/postgresql/data + environment: + - POSTGRES_DB=matrix + - POSTGRES_USER=matrix + - POSTGRES_PASSWORD={{matrix_database_password}} + - POSTGRES_INITDB_ARGS='--encoding=UTF-8 --lc-collate=C --lc-ctype=C' + healthcheck: + test: ["CMD-SHELL", "pg_isready -U matrix"] + interval: 10s + timeout: 5s + retries: 6 + +volumes: + database: + data: +networks: + default: + driver: bridge \ No newline at end of file diff --git a/roles/docker-matrix/templates/homeserver.yaml.j2 b/roles/docker-matrix/templates/homeserver.yaml.j2 new file mode 100644 index 00000000..3c95afd4 --- /dev/null +++ b/roles/docker-matrix/templates/homeserver.yaml.j2 @@ -0,0 +1,28 @@ +server_name: "{{domain}}" +pid_file: /data/homeserver.pid +listeners: + - port: 8008 + tls: false + type: http + x_forwarded: true + resources: + - names: [client, federation] + compress: false +database: + name: psycopg2 + args: + user: matrix + password: {{matrix_database_password}} + database: matrix + host: database + cp_min: 5 + cp_max: 10 +log_config: "/data/{{domain}}.log.config" +media_store_path: /data/media_store +registration_shared_secret: "{{matrix_registration_shared_secret}}" +report_stats: true +macaroon_secret_key: "{{matrix_macaroon_secret_key}}" +form_secret: "{{matrix_form_secret}}" +signing_key_path: "/data/{{domain}}.signing.key" +trusted_key_servers: + - server_name: "matrix.org" diff --git a/roles/docker-matrix/templates/log.config.j2 b/roles/docker-matrix/templates/log.config.j2 new file mode 100644 index 00000000..b14b98df --- /dev/null +++ b/roles/docker-matrix/templates/log.config.j2 @@ -0,0 +1,25 @@ +version: 1 + +formatters: + precise: + format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' + +handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: precise + filename: /data/{{ domain }}.homeserver.log + maxBytes: 10485760 + backupCount: 3 + console: + class: logging.StreamHandler + formatter: precise + +loggers: + synapse: + level: INFO + handlers: [file, console] + +root: + level: INFO + handlers: [file, console] diff --git a/roles/docker-matrix/vars/main.yml b/roles/docker-matrix/vars/main.yml new file mode 100644 index 00000000..4161111b --- /dev/null +++ b/roles/docker-matrix/vars/main.yml @@ -0,0 +1,2 @@ +--- +docker_compose_instance_directory: "{{path_docker_compose_instances}}matrix/" \ No newline at end of file diff --git a/roles/docker-mybb/templates/docker-compose.yml.j2 b/roles/docker-mybb/templates/docker-compose.yml.j2 index 40a2317c..6e02a835 100644 --- a/roles/docker-mybb/templates/docker-compose.yml.j2 +++ b/roles/docker-mybb/templates/docker-compose.yml.j2 @@ -34,10 +34,15 @@ services: POSTGRES_DB: mybb POSTGRES_PASSWORD: "{{mybb_database_password}}" POSTGRES_USER: mybb - image: postgres:14-alpine + image: postgres:alpine volumes: - database:/var/lib/postgresql/data:rw restart: always + healthcheck: + test: ["CMD-SHELL", "pg_isready -U mybb"] + interval: 10s + timeout: 5s + retries: 6 volumes: database: data: diff --git a/roles/docker-peertube/templates/docker-compose.yml.j2 b/roles/docker-peertube/templates/docker-compose.yml.j2 index 2dbc46ed..d034bd75 100644 --- a/roles/docker-peertube/templates/docker-compose.yml.j2 +++ b/roles/docker-peertube/templates/docker-compose.yml.j2 @@ -17,14 +17,19 @@ services: - redis restart: "always" database: - image: postgres:13-alpine + image: postgres:alpine env_file: - .env volumes: - database:/var/lib/postgresql/data restart: "always" + healthcheck: + test: ["CMD-SHELL", "pg_isready -U peertube"] + interval: 10s + timeout: 5s + retries: 6 redis: - image: redis:6-alpine + image: redis:alpine volumes: - redis:/data restart: "always"