2019-01-18 13:52:23 +00:00
|
|
|
---
|
|
|
|
matrix_version: 0.34.1.1
|
|
|
|
|
|
|
|
matrix_user: matrix
|
|
|
|
matrix_user_home: "/home/{{ matrix_user }}"
|
|
|
|
# matrix_uid: # defaults to not set
|
|
|
|
matrix_group: "{{ matrix_user }}"
|
|
|
|
# matrix_gid: # defaults to not set
|
|
|
|
matrix_extra_groups: []
|
|
|
|
|
|
|
|
# Ensure EPEL repo is available at this server
|
|
|
|
matrix_dependencies:
|
|
|
|
- "@Development tools"
|
|
|
|
- libtiff-devel
|
|
|
|
- libjpeg-devel
|
|
|
|
- libzip-devel
|
|
|
|
- freetype-devel
|
|
|
|
- lcms2-devel
|
|
|
|
- libwebp-devel
|
|
|
|
- tcl-devel
|
|
|
|
- tk-devel
|
|
|
|
- redhat-rpm-config
|
|
|
|
- python-virtualenv
|
2019-01-19 01:41:42 +00:00
|
|
|
- python36-devel
|
2019-01-18 13:52:23 +00:00
|
|
|
- libffi-devel
|
|
|
|
- openssl-devel
|
|
|
|
|
|
|
|
# Create separate LVM storage for matrix
|
|
|
|
matrix_lvm_enabled: False
|
|
|
|
# This variables are only necessary if matrix_lvm_enabled is 'True'
|
|
|
|
# Set physical volumes to use in LVM
|
|
|
|
# matrix_lvm_pvs: # ['/dev/sdb', '/dev/sdc']
|
|
|
|
# matrix_lvm_vg: # "vg_matrix"
|
|
|
|
# matrix_lvm_lv: # "lv_matrix"
|
|
|
|
# matrix_lvm_fstype: # ext4
|
|
|
|
# matrix_lvm_size: # "50G"
|
|
|
|
|
|
|
|
matrix_base_dir: "/opt/matrix"
|
|
|
|
matrix_conf_dir: "{{ matrix_base_dir }}/config"
|
2019-01-19 00:30:45 +00:00
|
|
|
matrix_data_dir: "{{ matrix_base_dir }}/data"
|
2019-01-18 13:52:23 +00:00
|
|
|
|
|
|
|
matrix_base_url: http://localhost
|
2019-01-19 00:30:45 +00:00
|
|
|
|
|
|
|
matrix_http_bind_ips:
|
|
|
|
- '::'
|
|
|
|
- '0.0.0.0'
|
|
|
|
matrix_http_bind_port: 8008
|
|
|
|
|
|
|
|
matrix_https_bind_ips: "{{ matrix_http_bind_ips }}"
|
|
|
|
matrix_https_bind_port: 8448
|
2019-01-18 13:52:23 +00:00
|
|
|
|
|
|
|
matrix_postgres_enabled: False
|
2019-01-19 00:30:45 +00:00
|
|
|
matrix_postgres_ssl_mode: disable
|
2019-01-18 13:52:23 +00:00
|
|
|
matrix_postgres_server: postgres.example.com
|
|
|
|
matrix_postgres_port: 5432
|
|
|
|
matrix_postgres_superuser: postgres
|
|
|
|
matrix_postgres_password: secure
|
|
|
|
|
|
|
|
matrix_postgres_db:
|
|
|
|
name: matrix
|
|
|
|
lc_collate: en_US.UTF-8
|
|
|
|
lc_ctype: en_US.UTF-8'
|
|
|
|
encoding: UTF-8
|
|
|
|
template: template0
|
|
|
|
login_host: localhost
|
|
|
|
login_user: "{{ matrix_postgres_superuser }}"
|
|
|
|
login_password: "{{ matrix_postgres_password }}"
|
|
|
|
# login_unix_socket: # defaults to not set
|
|
|
|
port: "{{ matrix_postgres_port }}"
|
|
|
|
# owner: # defaults to not set
|
|
|
|
state: present
|
|
|
|
|
|
|
|
matrix_postgres_user:
|
|
|
|
name: pgmatrix
|
|
|
|
password: matrix
|
|
|
|
encrypted: 'yes'
|
|
|
|
# priv: # defaults to not set
|
|
|
|
# role_attr_flags: # defaults to not set
|
|
|
|
db: "{{ matrix_postgres_db.name }}"
|
|
|
|
login_host: localhost
|
|
|
|
login_user: "{{ matrix_postgres_superuser }}"
|
|
|
|
login_password: "{{ matrix_postgres_password }}"
|
|
|
|
# login_unix_socket: # defaults to not set
|
|
|
|
port: "{{ matrix_postgres_port }}"
|
|
|
|
state: present
|
|
|
|
|
|
|
|
matrix_iptables_enabled: False
|
|
|
|
matrix_open_ports:
|
|
|
|
- name: allow_matrix_web
|
|
|
|
rules: |
|
2019-01-19 01:00:00 +00:00
|
|
|
-A INPUT -m state --state NEW -p tcp --dport {{ matrix_http_bind_port }} -j ACCEPT
|
2019-01-18 13:52:23 +00:00
|
|
|
state: present
|
|
|
|
|
2019-01-19 00:30:45 +00:00
|
|
|
matrix_tls_enabled: False
|
2019-01-19 02:27:47 +00:00
|
|
|
matrix_tls_dhparam_path: "{{ matrix_base_dir }}/tls/dhparam.pem"
|
|
|
|
matrix_tls_dhparam_size: 2048
|
2019-01-19 00:30:45 +00:00
|
|
|
matrix_tls_cert_path: "{{ matrix_base_dir }}/tls/certs/mycert.pem"
|
|
|
|
matrix_tls_key_path: "{{ matrix_base_dir }}/tls/private/mykey.pem"
|
2019-01-18 13:52:23 +00:00
|
|
|
matrix_tls_cert_source: mycert.pem
|
|
|
|
matrix_tls_key_source: mykey.pem
|
|
|
|
|
|
|
|
matrix_nginx_vhost_enabled: False
|
|
|
|
matrix_nginx_server: localhost
|
|
|
|
matrix_nginx_vhost_dir: /etc/nginx/sites-available
|
|
|
|
matrix_nginx_vhost_symlink: /etc/nginx/sites-enabled
|
|
|
|
matrix_nginx_iptables_enabled: False
|
|
|
|
matrix_nginx_tls_enabled: False
|
|
|
|
matrix_nginx_tls_cert_file: matrix-cert.pem
|
|
|
|
matrix_nginx_tls_key_file: matrix-key.pem
|
2019-01-19 01:00:00 +00:00
|
|
|
matrix_nginx_proxy_port: "{{ matrix_http_bind_port }}"
|
|
|
|
matrix_nginx_proxy_ip: "{{ matrix_http_bind_ips[0] }}"
|