thomas
/
sovereign


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108
							- name: Ensure repository key for Synapse is in place
  apt_key: url=https://packages.matrix.org/debian/matrix-org-archive-keyring.gpg state=present
  tags:
    - dependencies

- name: Add Synapse repository
  apt_repository: repo="deb https://packages.matrix.org/debian/ {{ ansible_distribution_release }} main"
  tags:
    - dependencies

- name: Install Synapse and dependencies from official repository
  apt:
    name: "{{ packages }}"
    state: present
    update_cache: yes
  vars:
    packages:
    - python-psycopg2
    - matrix-synapse
  tags:
    - dependencies

- name: Add Synapse user to ssl-cert group
  user: name=matrix-synapse group=ssl-cert

- name: Create Synapse data directory
  file: state=directory path=/data/{{ item }} owner=matrix-synapse group=root
  with_items:
    - matrix-synapse
    - matrix-synapse/uploads
    - matrix-synapse/media

- name: Configure Synapse homeserver
  template:
    src=etc_matrix-synapse_homeserver.j2
    dest=/etc/matrix-synapse/homeserver.yaml
    owner=matrix-synapse
    group=root
  notify: restart synapse

- name: Configure Synapse server name
  template:
    src=etc_matrix-synapse_conf.d_server_name.j2
    dest=/etc/matrix-synapse/conf.d/server_name.yaml
    owner=matrix-synapse
    group=root
  notify: restart synapse

- name: Add Synapse postgres user
  postgresql_user:
    login_host=localhost
    login_user={{ db_admin_username }}
    login_password="{{ db_admin_password }}"
    name={{ synapse_db_username }}
    password="{{ synapse_db_password }}"
    encrypted=yes
    state=present

- name: Create Synapse database
  postgresql_db:
    login_host=localhost
    login_user={{ db_admin_username }}
    login_password="{{ db_admin_password }}"
    name={{ synapse_db_database }}
    state=present
    owner={{ synapse_db_username }}
    encoding='UTF8'
    lc_collate='C'
    lc_ctype='C'
    template='template0'

- name: Add cert postrenew task
  copy: src=etc_letsencrypt_postrenew_synapse.sh dest=/etc/letsencrypt/postrenew/synapse.sh mode=0755

- name: Register new Synapse service
  systemd: name=matrix-synapse daemon_reload=yes enabled=yes

- name: Start new Synapse instance
  service: name=matrix-synapse state=started

- name: Create matrix well-known directory
  file: state=directory path=/var/www/well-known/matrix owner=www-data group=www-data

- name: Add redirect to well-known
  template:
    src=var_www_well-known_matrix_server.j2
    dest=/var/www/well-known/matrix/server
    owner=www-data
    group=www-data

- name: Create the Apache Matrix sites config files
  template:
    src=etc_apache2_sites-available_matrix.j2
    dest=/etc/apache2/sites-available/matrix_{{ item.name }}.conf
    owner=root
    group=root
  with_items: "{{ virtual_domains }}"
  notify: restart apache

- name: Enable Apache sites (creates new sites-enabled symlinks)
  command: a2ensite matrix_{{ item }}.conf creates=/etc/apache2/sites-enabled/matrix_{{ item }}.conf
  notify: restart apache
  with_items: "{{ virtual_domains | json_query('[*].name') }}"

- name: Create Matrix / Synapse accounts
  command: register_new_matrix_user -u {{ item.name }} -p {{ item.password }} -t support -a -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008
  with_items: "{{ synapse_accounts }}"
  ignore_errors: True