Matrix draft

group_vars/all

@@ -50,6 +50,7 @@ domain_mailu:                   "mail.{{top_domain}}"
 domain_mastodon:                "microblog.{{top_domain}}"
 domains_mastodon_alternates:    []
 domain_matomo:                  "matomo.{{top_domain}}"
+domain_matrix:                  "chat.{{top_domain}}"
 domain_mediawiki:               "wiki.{{top_domain}}"
 domain_nextcloud:               "cloud.{{top_domain}}"
 domain_pixelfed:                "pictures.{{top_domain}}"
@@ -73,6 +74,7 @@ redirect_domain_mappings:
 - { source: "peertube.{{top_domain}}", target: "videos.{{top_domain}}" }
 - { source: "funkwhale.{{top_domain}}", target: "music.{{top_domain}}" }
 - { source: "pixelfed.{{top_domain}}", target: "pictures.{{top_domain}}" }
+- { source: "matrix.{{top_domain}}", target: "chat.{{top_domain}}" }
 
 nginx_configuration_directory:  "/etc/nginx/conf.d/"
 nginx_servers_directory:        "{{nginx_configuration_directory}}servers/"

playbook-servers.yml

@@ -200,6 +200,15 @@
         domains:  "{{domains_discourse}}"
         http_port: 8020
 
+- name: setup matrix
+  hosts: matrix
+  become: true
+  roles:
+   -  role: docker-matrix
+      vars:
+        domain:   "{{domain_matrix}}"
+        http_port: 8021
+
 - name: setup akaunting hosts
   hosts: akaunting
   become: true

roles/docker-funkwhale/templates/docker-compose.yml.j2

@@ -6,7 +6,7 @@ services:
     env_file: .env
     environment:
       - "POSTGRES_HOST_AUTH_METHOD=trust"
-    image: postgres:15-alpine
+    image: postgres:alpine
     volumes:
       - database:/var/lib/postgresql/data
 

roles/docker-listmonk/templates/docker-compose.yml.j2

@@ -1,7 +1,3 @@
-# NOTE: This docker-compose.yml is meant to be just an example guideline
-# on how you can achieve the same. It is not intented to run out of the box
-# and you must edit the below configurations to suit your needs.
-
 version: "3.7"
 
 x-application-defaults: &application-defaults
@@ -15,7 +11,7 @@ x-application-defaults: &application-defaults
     - TZ=Etc/UTC
 
 x-database-defaults: &database-defaults
-  image: postgres:13-alpine
+  image: postgres:alpine
   ports:
     - "9432:5432"
   networks:

roles/docker-mastodon/templates/docker-compose.yml.j2

@@ -2,7 +2,7 @@ version: '3'
 services:
   database:
     restart: always
-    image: postgres:14-alpine
+    image: postgres:alpine
     shm_size: 256mb
     networks:
       - internal_network

roles/docker-matrix/handlers/main.yml

@@ -0,0 +1,8 @@
+---
+- name: recreate matrix
+  command:
+    cmd: docker-compose up -d --force-recreate
+    chdir: "{{docker_compose_instance_directory}}"
+  environment:
+    COMPOSE_HTTP_TIMEOUT: 600
+    DOCKER_CLIENT_TIMEOUT: 600

roles/docker-matrix/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- nginx-docker-reverse-proxy

roles/docker-matrix/tasks/main.yml

@@ -0,0 +1,33 @@
+---
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
+
+- name: "create {{docker_compose_instance_directory}}"
+  file:
+    path: "{{docker_compose_instance_directory}}"
+    state: directory
+    mode: 0755
+
+- name: add homeserver.yaml
+  template: 
+    src:  "homeserver.yaml.j2" 
+    dest: "{{docker_compose_instance_directory}}homeserver.yaml"
+  notify: recreate matrix
+
+- name: add log.config
+  template: 
+    src:  "log.config.j2" 
+    dest: "{{docker_compose_instance_directory}}{{domain}}.log.config"
+  notify: recreate matrix
+
+# https://github.com/matrix-org/synapse/issues/6303
+- name: set correct folder permissions
+  command:
+    cmd: "docker run --rm --mount type=volume,src=matrix_data,dst=/data -e SYNAPSE_SERVER_NAME={{domain}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'"
+    chdir: "{{path_docker_compose_instances}}baserow/"
+
+- name: add docker-compose.yml
+  template: 
+    src:  "docker-compose.yml.j2" 
+    dest: "{{docker_compose_instance_directory}}docker-compose.yml"
+  notify: recreate matrix

roles/docker-matrix/templates/docker-compose.yml.j2

@@ -0,0 +1,45 @@
+version: '3.1'
+
+services:
+  
+  application:
+    image: matrixdotorg/synapse:latest
+    restart: unless-stopped
+    logging:
+      driver: journald
+    volumes:
+      - data:/data
+      - ./homeserver.yaml:/data/homeserver.yaml:ro
+      - ./{{domain}}.log.config:/data/{{domain}}.log.config:ro
+    environment:
+      - SYNAPSE_SERVER_NAME={{domain}}
+      - SYNAPSE_REPORT_STATS=no
+    ports:
+      - "127.0.0.1:{{http_port}}:8008"
+    depends_on:
+      - database
+
+  database:
+    logging:
+        driver: journald
+    image: postgres:alpine
+    restart: unless-stopped
+    volumes:
+      - database:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_DB=matrix
+      - POSTGRES_USER=matrix
+      - POSTGRES_PASSWORD={{matrix_database_password}}
+      - POSTGRES_INITDB_ARGS='--encoding=UTF-8 --lc-collate=C --lc-ctype=C'
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U matrix"]
+      interval: 10s
+      timeout: 5s
+      retries: 6
+
+volumes:
+  database:
+  data:
+networks:
+  default:
+    driver: bridge

roles/docker-matrix/templates/homeserver.yaml.j2

@@ -0,0 +1,28 @@
+server_name: "{{domain}}"
+pid_file: /data/homeserver.pid
+listeners:
+  - port: 8008
+    tls: false
+    type: http
+    x_forwarded: true
+    resources:
+      - names: [client, federation]
+        compress: false
+database:
+  name: psycopg2
+  args:
+    user: matrix
+    password: {{matrix_database_password}}
+    database: matrix
+    host: database
+    cp_min: 5
+    cp_max: 10
+log_config:                     "/data/{{domain}}.log.config"
+media_store_path:               /data/media_store
+registration_shared_secret:     "{{matrix_registration_shared_secret}}"
+report_stats:                   true
+macaroon_secret_key:            "{{matrix_macaroon_secret_key}}"
+form_secret:                    "{{matrix_form_secret}}"
+signing_key_path:               "/data/{{domain}}.signing.key"
+trusted_key_servers:
+  - server_name: "matrix.org"

roles/docker-matrix/templates/log.config.j2

@@ -0,0 +1,25 @@
+version: 1
+
+formatters:
+  precise:
+    format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
+
+handlers:
+  file:
+    class: logging.handlers.RotatingFileHandler
+    formatter: precise
+    filename: /data/{{ domain }}.homeserver.log
+    maxBytes: 10485760
+    backupCount: 3
+  console:
+    class: logging.StreamHandler
+    formatter: precise
+
+loggers:
+  synapse:
+    level: INFO
+    handlers: [file, console]
+
+root:
+  level: INFO
+  handlers: [file, console]

roles/docker-matrix/vars/main.yml

@@ -0,0 +1,2 @@
+---
+docker_compose_instance_directory: "{{path_docker_compose_instances}}matrix/"

roles/docker-mybb/templates/docker-compose.yml.j2

@@ -34,10 +34,15 @@ services:
       POSTGRES_DB: mybb
       POSTGRES_PASSWORD: "{{mybb_database_password}}"
       POSTGRES_USER: mybb
-    image: postgres:14-alpine
+    image: postgres:alpine
     volumes:
     - database:/var/lib/postgresql/data:rw
     restart: always
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U mybb"]
+      interval: 10s
+      timeout: 5s
+      retries: 6
 volumes:
   database:
   data:

roles/docker-peertube/templates/docker-compose.yml.j2

@@ -17,14 +17,19 @@ services:
       - redis
     restart: "always"
   database:
-    image: postgres:13-alpine
+    image: postgres:alpine
     env_file:
       - .env
     volumes:
       - database:/var/lib/postgresql/data
     restart: "always"
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U peertube"]
+      interval: 10s
+      timeout: 5s
+      retries: 6
   redis:
-    image: redis:6-alpine
+    image: redis:alpine
     volumes:
       - redis:/data
     restart: "always"