diff --git a/group_vars/all/03_domains.yml b/group_vars/all/03_domains.yml index a43159e3..32446291 100644 --- a/group_vars/all/03_domains.yml +++ b/group_vars/all/03_domains.yml @@ -21,8 +21,7 @@ defaults_domains: >- | add_domain_if_group('mailu', 'mail.' ~ primary_domain, group_names) | add_domain_if_group('mastodon', ['microblog.' ~ primary_domain], group_names) | add_domain_if_group('matomo', 'matomo.' ~ primary_domain, group_names) - | add_domain_if_group('matrix', 'matrix.' ~ primary_domain, group_names) - | add_domain_if_group('matrix', 'element.' ~ primary_domain, group_names) + | add_domain_if_group('matrix', {'synapse': 'matrix.' ~ primary_domain, 'element':'element.' ~ primary_domain}, group_names) | add_domain_if_group('moodle', 'academy.' ~ primary_domain, group_names) | add_domain_if_group('mediawiki', 'wiki.' ~ primary_domain, group_names) | add_domain_if_group('nextcloud', 'cloud.' ~ primary_domain, group_names) diff --git a/group_vars/all/15_about.yml b/group_vars/all/15_about.yml index 250bd935..f3d1ecc3 100644 --- a/group_vars/all/15_about.yml +++ b/group_vars/all/15_about.yml @@ -16,10 +16,12 @@ defaults_service_provider: logo: "{{applications.assets_server.url}}/img/logo.png" favicon: "{{applications.assets_server.url}}/img/favicon.ico" contact: - bluesky: "{{ '@' ~ users.administrator.username ~ '.' ~ domains.[application_id].api if 'bluesky' in group_names else '' }}" + bluesky: >- + {{ ('@' ~ users.administrator.username ~ '.' ~ domains[application_id]['api']) + if 'bluesky' in group_names else '' }} email: "contact@{{ primary_domain }}" mastodon: "{{ '@' ~ users.administrator.username ~ '@' ~ domains.mastodon if 'mastodon' in group_names else '' }}" - matrix: "{{ '@' ~ users.administrator.username ~ ':' ~ domains.synapse if 'matrix' in group_names else '' }}" + matrix: "{{ '@' ~ users.administrator.username ~ ':' ~ domains.matrix.synapse if 'matrix' in group_names else '' }}" peertube: "{{ '@' ~ users.administrator.username ~ '@' ~ domains.peertube[0] if 'peertube' in group_names else '' }}" pixelfed: "{{ '@' ~ users.administrator.username ~ '@' ~ domains.pixelfed if 'pixelfed' in group_names else '' }}" phone: "+0 000 000 404" diff --git a/roles/docker-matrix-deprecated/tasks/main.yml b/roles/docker-matrix-deprecated/tasks/main.yml index c67782f4..c5f1c05e 100644 --- a/roles/docker-matrix-deprecated/tasks/main.yml +++ b/roles/docker-matrix-deprecated/tasks/main.yml @@ -3,8 +3,8 @@ include_role: name: nginx-domain-setup loop: - - "{{domains.element}}" - - "{{domains.synapse}}" + - "{{domains.matrix.element}}" + - "{{domains.matrix.synapse}}" loop_control: loop_var: domain @@ -129,13 +129,13 @@ #- name: add log.config # template: # src: "log.config.j2" -# dest: "{{docker_compose.directories.instance}}{{domains.synapse}}.log.config" +# dest: "{{docker_compose.directories.instance}}{{domains.matrix.synapse}}.log.config" # notify: recreate matrix # ## https://github.com/matrix-org/synapse/issues/6303 #- name: set correct folder permissions # command: -# cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{domains.synapse}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'" +# cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{domains.matrix.synapse}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'" # #- name: add docker-compose.yml # template: diff --git a/roles/docker-matrix-deprecated/templates/vars.yml.j2 b/roles/docker-matrix-deprecated/templates/vars.yml.j2 index 71d87bac..999a0231 100644 --- a/roles/docker-matrix-deprecated/templates/vars.yml.j2 +++ b/roles/docker-matrix-deprecated/templates/vars.yml.j2 @@ -8,7 +8,7 @@ # because you can't change the Domain after deployment. # # Example value: example.com -matrix_domain: "{{domains.synapse}}" +matrix_domain: "{{domains.matrix.synapse}}" # The Matrix homeserver software to install. # See: diff --git a/roles/docker-matrix/tasks/main.yml b/roles/docker-matrix/tasks/main.yml index 2760bc7d..70391bcf 100644 --- a/roles/docker-matrix/tasks/main.yml +++ b/roles/docker-matrix/tasks/main.yml @@ -16,7 +16,7 @@ include_role: name: nginx-https-get-cert-modify-all vars: - domain: "{{domains.synapse}}" + domain: "{{domains.matrix.synapse}}" http_port: "{{ports.localhost.http.synapse}}" - name: create {{well_known_directory}} @@ -30,12 +30,12 @@ src: "well-known.j2" dest: "{{well_known_directory}}server" -- name: create {{domains.synapse}}.conf +- name: create {{domains.matrix.synapse}}.conf template: src: "templates/nginx.conf.j2" - dest: "{{nginx.directories.http.servers}}{{domains.synapse}}.conf" + dest: "{{nginx.directories.http.servers}}{{domains.matrix.synapse}}.conf" vars: - domain: "{{domains.synapse}}" # Didn't work in the past. May it works now. This does not seem to work @todo Check how to solve without declaring set_fact, seems a bug at templates + domain: "{{domains.matrix.synapse}}" # Didn't work in the past. May it works now. This does not seem to work @todo Check how to solve without declaring set_fact, seems a bug at templates http_port: "{{ports.localhost.http.synapse}}" notify: restart nginx @@ -43,7 +43,7 @@ include_role: name: nginx-domain-setup vars: - domain: "{{domains.element}}" + domain: "{{domains.matrix.element}}" http_port: "{{ports.localhost.http.element}}" - name: include create-and-seed-database.yml for multiple bridges @@ -94,13 +94,13 @@ - name: add synapse log configuration template: src: "synapse/log.config.j2" - dest: "{{docker_compose.directories.instance}}{{domains.synapse}}.log.config" + dest: "{{docker_compose.directories.instance}}{{domains.matrix.synapse}}.log.config" notify: docker compose project setup # https://github.com/matrix-org/synapse/issues/6303 - name: set correct folder permissions command: - cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{domains.synapse}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'" + cmd: "docker run --rm --mount type=volume,src=matrix_synapse_data,dst=/data -e SYNAPSE_SERVER_NAME={{domains.matrix.synapse}} -e SYNAPSE_REPORT_STATS=no --entrypoint /bin/sh matrixdotorg/synapse:latest -c 'chown -vR 991:991 /data'" - name: add docker-compose.yml template: diff --git a/roles/docker-matrix/templates/docker-compose.yml.j2 b/roles/docker-matrix/templates/docker-compose.yml.j2 index 55176d31..c7e7ec6d 100644 --- a/roles/docker-matrix/templates/docker-compose.yml.j2 +++ b/roles/docker-matrix/templates/docker-compose.yml.j2 @@ -11,12 +11,12 @@ services: volumes: - synapse_data:/data - ./homeserver.yaml:/data/homeserver.yaml:ro - - ./{{domains.synapse}}.log.config:/data/{{domains.synapse}}.log.config:ro + - ./{{domains.matrix.synapse}}.log.config:/data/{{domains.matrix.synapse}}.log.config:ro {% for item in bridges %} - {{docker_compose.directories.instance}}mautrix/{{item.bridge_name}}/registration.yaml:{{registration_file_folder}}{{item.bridge_name}}.registration.yaml:ro {% endfor %} environment: - - SYNAPSE_SERVER_NAME={{domains.synapse}} + - SYNAPSE_SERVER_NAME={{domains.matrix.synapse}} - SYNAPSE_REPORT_STATS=no ports: - "127.0.0.1:{{ports.localhost.http.synapse}}:8008" @@ -91,7 +91,7 @@ services: KEYV_URL: '' KEYV_BOT_ENCRYPTION: 'false' KEYV_BOT_STORAGE: 'true' - MATRIX_HOMESERVER_URL: 'https://{{domains.synapse}}' + MATRIX_HOMESERVER_URL: 'https://{{domains.matrix.synapse}}' MATRIX_BOT_USERNAME: '@chatgptbot:{{applications[application_id].server_name}}' MATRIX_ACCESS_TOKEN: '{{ applications[application_id].credentials.chatgpt_bridge_access_token | default('') }}' MATRIX_BOT_PASSWORD: '{{applications[application_id].credentials.chatgpt_bridge_user_password}}' diff --git a/roles/docker-matrix/templates/element.config.json.j2 b/roles/docker-matrix/templates/element.config.json.j2 index 87674664..714acfcd 100644 --- a/roles/docker-matrix/templates/element.config.json.j2 +++ b/roles/docker-matrix/templates/element.config.json.j2 @@ -1,8 +1,8 @@ { "default_server_config": { "m.homeserver": { - "base_url": "{{ web_protocol }}://{{domains.synapse}}", - "server_name": "{{domains.synapse}}" + "base_url": "{{ web_protocol }}://{{domains.matrix.synapse}}", + "server_name": "{{domains.matrix.synapse}}" }, "m.identity_server": { "base_url": "{{ web_protocol }}://{{primary_domain}}" diff --git a/roles/docker-matrix/templates/mautrix/facebook.config.yml.j2 b/roles/docker-matrix/templates/mautrix/facebook.config.yml.j2 index c8cefbde..d1518347 100644 --- a/roles/docker-matrix/templates/mautrix/facebook.config.yml.j2 +++ b/roles/docker-matrix/templates/mautrix/facebook.config.yml.j2 @@ -143,7 +143,7 @@ bridge: sync_direct_chat_list: false # Servers to always allow double puppeting from double_puppet_server_map: - {{applications[application_id].server_name}}: {{domains.synapse}} + {{applications[application_id].server_name}}: {{domains.matrix.synapse}} # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth diff --git a/roles/docker-matrix/templates/mautrix/instagram.config.yml.j2 b/roles/docker-matrix/templates/mautrix/instagram.config.yml.j2 index 95299919..1ace7c7d 100644 --- a/roles/docker-matrix/templates/mautrix/instagram.config.yml.j2 +++ b/roles/docker-matrix/templates/mautrix/instagram.config.yml.j2 @@ -134,7 +134,7 @@ bridge: double_puppet_allow_discovery: false # Servers to allow double puppeting from, even if double_puppet_allow_discovery is false. double_puppet_server_map: - {{applications[application_id].server_name}}: https://{{domains.synapse}} + {{applications[application_id].server_name}}: https://{{domains.matrix.synapse}} # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth # # If set, custom puppets will be enabled automatically for local users diff --git a/roles/docker-matrix/templates/mautrix/signal.config.yml.j2 b/roles/docker-matrix/templates/mautrix/signal.config.yml.j2 index 26df336f..c6dfaab6 100644 --- a/roles/docker-matrix/templates/mautrix/signal.config.yml.j2 +++ b/roles/docker-matrix/templates/mautrix/signal.config.yml.j2 @@ -141,7 +141,7 @@ bridge: federate_rooms: true # Servers to always allow double puppeting from double_puppet_server_map: - {{applications[application_id].server_name}}: https://{{domains.synapse}} + {{applications[application_id].server_name}}: https://{{domains.matrix.synapse}} # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth diff --git a/roles/docker-matrix/templates/mautrix/slack.config.yml.j2 b/roles/docker-matrix/templates/mautrix/slack.config.yml.j2 index baa5f9e5..0c7ec254 100644 --- a/roles/docker-matrix/templates/mautrix/slack.config.yml.j2 +++ b/roles/docker-matrix/templates/mautrix/slack.config.yml.j2 @@ -118,7 +118,7 @@ bridge: # Servers to always allow double puppeting from double_puppet_server_map: - {{applications[application_id].server_name}}: https://{{domains.synapse}} + {{applications[application_id].server_name}}: https://{{domains.matrix.synapse}} # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth diff --git a/roles/docker-matrix/templates/mautrix/telegram.config.yml.j2 b/roles/docker-matrix/templates/mautrix/telegram.config.yml.j2 index 89c841a5..c56f4dd8 100644 --- a/roles/docker-matrix/templates/mautrix/telegram.config.yml.j2 +++ b/roles/docker-matrix/templates/mautrix/telegram.config.yml.j2 @@ -198,7 +198,7 @@ bridge: sync_direct_chat_list: false # Servers to always allow double puppeting from double_puppet_server_map: - {{applications[application_id].server_name}}: https://{{domains.synapse}} + {{applications[application_id].server_name}}: https://{{domains.matrix.synapse}} # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth diff --git a/roles/docker-matrix/templates/mautrix/whatsapp.config.yml.j2 b/roles/docker-matrix/templates/mautrix/whatsapp.config.yml.j2 index 55a60380..bd927c8d 100644 --- a/roles/docker-matrix/templates/mautrix/whatsapp.config.yml.j2 +++ b/roles/docker-matrix/templates/mautrix/whatsapp.config.yml.j2 @@ -236,7 +236,7 @@ bridge: force_active_delivery_receipts: false # Servers to always allow double puppeting from double_puppet_server_map: - {{applications[application_id].server_name}}: https://{{domains.synapse}} + {{applications[application_id].server_name}}: https://{{domains.matrix.synapse}} # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth diff --git a/roles/docker-matrix/templates/nginx.conf.j2 b/roles/docker-matrix/templates/nginx.conf.j2 index 7b526dee..23f7457d 100644 --- a/roles/docker-matrix/templates/nginx.conf.j2 +++ b/roles/docker-matrix/templates/nginx.conf.j2 @@ -1,10 +1,10 @@ server { {# Somehow .j2 doesn't interpretate the passed variable right. For this reasons this redeclaration is necessary #} {# Could be that this is related to the set_fact use #} - {% set domain = domains.synapse %} + {% set domain = domains.matrix.synapse %} {% set http_port = ports.localhost.http.synapse %} - server_name {{domains.synapse}}; + server_name {{domains.matrix.synapse}}; {% include 'roles/letsencrypt/templates/ssl_header.j2' %} # For the federation port diff --git a/roles/docker-matrix/templates/synapse/homeserver.yaml.j2 b/roles/docker-matrix/templates/synapse/homeserver.yaml.j2 index 9bdc151c..54d6b90d 100644 --- a/roles/docker-matrix/templates/synapse/homeserver.yaml.j2 +++ b/roles/docker-matrix/templates/synapse/homeserver.yaml.j2 @@ -17,15 +17,15 @@ database: host: "{{database_host}}" cp_min: 5 cp_max: 10 -log_config: "/data/{{domains.synapse}}.log.config" +log_config: "/data/{{domains.matrix.synapse}}.log.config" media_store_path: "/data/media_store" registration_shared_secret: "{{applications[application_id].credentials.registration_shared_secret}}" report_stats: true macaroon_secret_key: "{{applications[application_id].credentials.macaroon_secret_key}}" form_secret: "{{applications[application_id].credentials.form_secret}}" -signing_key_path: "/data/{{domains.synapse}}.signing.key" -web_client_location: "{{ web_protocol }}://{{domains.element}}" -public_baseurl: "{{ web_protocol }}://{{domains.synapse}}" +signing_key_path: "/data/{{domains.matrix.synapse}}.signing.key" +web_client_location: "{{ web_protocol }}://{{domains.matrix.element}}" +public_baseurl: "{{ web_protocol }}://{{domains.matrix.synapse}}" trusted_key_servers: - server_name: "matrix.org" admin_contact: 'mailto:{{users.administrator.email}}' @@ -39,10 +39,10 @@ email: #require_transport_security: true enable_tls: "{{ system_email.tls | upper }}" notif_from: "Your Friendly %(app)s homeserver <{{ users['no-reply'].email }}>" - app_name: "Matrix on {{domains.synapse}}" + app_name: "Matrix on {{domains.matrix.synapse}}" enable_notifs: true notif_for_new_users: false - client_base_url: "{{domains.synapse}}" + client_base_url: "{{domains.matrix.synapse}}" validation_token_lifetime: 15m {% if applications | is_feature_enabled('oidc',application_id) %} diff --git a/roles/docker-matrix/templates/synapse/log.config.j2 b/roles/docker-matrix/templates/synapse/log.config.j2 index 8865f35a..0b345fb3 100644 --- a/roles/docker-matrix/templates/synapse/log.config.j2 +++ b/roles/docker-matrix/templates/synapse/log.config.j2 @@ -8,7 +8,7 @@ handlers: file: class: logging.handlers.RotatingFileHandler formatter: precise - filename: /data/{{domains.synapse}}.homeserver.log + filename: /data/{{domains.matrix.synapse}}.homeserver.log maxBytes: 10485760 backupCount: 3 console: diff --git a/roles/docker-matrix/templates/well-known.j2 b/roles/docker-matrix/templates/well-known.j2 index c3da68b3..3da3a9b8 100644 --- a/roles/docker-matrix/templates/well-known.j2 +++ b/roles/docker-matrix/templates/well-known.j2 @@ -1,3 +1,3 @@ { - "m.server": "{{domains.synapse}}:443" + "m.server": "{{domains.matrix.synapse}}:443" } \ No newline at end of file