diff --git a/defaults/main.yml b/defaults/main.yml index 5f6286a..ce9b3ed 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -3,12 +3,10 @@ matrix_version: "1.2.1" matrix_user: matrix matrix_user_home: "/home/{{ matrix_user }}" -# matrix_uid: # defaults to not set matrix_group: "{{ matrix_user }}" -# matrix_gid: # defaults to not set matrix_extra_groups: [] -# Ensure EPEL repo is available at this server +# @var matrix_packages:description: Ensure EPEL repo is available at this server matrix_packages: - "@Development tools" - libtiff-devel @@ -25,6 +23,8 @@ matrix_packages: - libffi-devel - openssl-devel +matrix_packages_extra: [] + matrix_base_dir: "/opt/matrix" matrix_conf_dir: "{{ matrix_base_dir }}/config" matrix_data_dir: "{{ matrix_base_dir }}/data" @@ -75,41 +75,15 @@ matrix_ldap_auth_name_attr: "cn" # matrix_ldap_auth_bind_password: # defaults to not set # matrix_ldap_auth_filter: (objectClass=posixAccount) # defaults to not set -matrix_postgres_enabled: False -matrix_postgres_ssl_mode: disable -matrix_postgres_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt -matrix_postgres_server: postgres.example.com -matrix_postgres_port: 5432 -matrix_postgres_superuser: postgres -matrix_postgres_password: secure - -matrix_postgres_db: - name: matrix - lc_collate: en_US.UTF-8 - lc_ctype: en_US.UTF-8' - encoding: UTF-8 - template: template0 - login_host: localhost - login_user: "{{ matrix_postgres_superuser }}" - login_password: "{{ matrix_postgres_password }}" - # login_unix_socket: # defaults to not set - port: "{{ matrix_postgres_port }}" - # owner: # defaults to not set - state: present - -matrix_postgres_user: - name: pgmatrix - password: matrix - encrypted: 'yes' - # priv: # defaults to not set - # role_attr_flags: # defaults to not set - db: "{{ matrix_postgres_db.name }}" - login_host: localhost - login_user: "{{ matrix_postgres_superuser }}" - login_password: "{{ matrix_postgres_password }}" - # login_unix_socket: # defaults to not set - port: "{{ matrix_postgres_port }}" - state: present +# @var matrix_db_type:description: Sopported values are `pgsql` and `sqlite`. +matrix_db_type: pgsql +matrix_db_server: localhost +matrix_db_port: 5432 +matrix_db_name: matrix +matrix_db_user: pgmatrix +matrix_db_password: secure +matrix_db_ssl_mode: disable +matrix_db_ssl_root_cert: /etc/pki/tls/certs/ca-bundle.trust.crt matrix_iptables_enabled: False matrix_open_ports: diff --git a/tasks/prepare.yml b/tasks/prepare.yml index 08595cd..b968e8b 100644 --- a/tasks/prepare.yml +++ b/tasks/prepare.yml @@ -4,14 +4,12 @@ group: name: "{{ matrix_group }}" state: present - gid: "{{ matrix_gid | default(omit) }}" - name: Create user '{{ matrix_user }}' user: comment: matrix name: "{{ matrix_user }}" home: "{{ matrix_user_home }}" - uid: "{{ matrix_uid | default(omit) }}" group: "{{ matrix_group }}" groups: "{{ matrix_extra_groups | join(',') }}" @@ -19,43 +17,6 @@ package: name: "{{ item }}" state: present - loop: "{{ matrix_packages }}" + loop: "{{ matrix_packages_extra + matrix_packages }}" become: True become_user: root - -- block: - - name: Setup postgres db '{{ matrix_postgres_db.name }}' - postgresql_db: - name: "{{ matrix_postgres_db.name }}" - lc_collate: "{{ matrix_postgres_db.lc_collate | default('en_US.UTF-8') }}" - lc_ctype: "{{ matrix_postgres_db.lc_ctype | default('en_US.UTF-8') }}" - encoding: "{{ matrix_postgres_db.encoding | default('UTF-8') }}" - template: "{{ matrix_postgres_db.template | default('template0') }}" - login_host: "{{ matrix_postgres_db.login_host | default('localhost') }}" - login_password: "{{ matrix_postgres_db.login_password | default(omit) }}" - login_user: "{{ matrix_postgres_db.login_user | default(postgresql_user) }}" - login_unix_socket: "{{ matrix_postgres_db.login_unix_socket | default(omit) }}" - port: "{{ matrix_postgres_db.port | default(omit) }}" - owner: "{{ matrix_postgres_db.owner | default(omit) }}" - state: "{{ matrix_postgres_db.state | default('present') }}" - no_log: True - when: matrix_postgres_db is defined - - - name: Setup postgres user '{{ matrix_postgres_user.name }}' - postgresql_user: - name: "{{ matrix_postgres_user.name }}" - password: "{{ 'md5' + (matrix_postgres_user.password + matrix_postgres_user.name) | hash('md5') }}" - encrypted: "{{ matrix_postgres_user.encrypted | default('yes') }}" - priv: "{{ matrix_postgres_user.priv | default(omit) }}" - role_attr_flags: "{{ matrix_postgres_user.role_attr_flags | default(omit) }}" - db: "{{ matrix_postgres_user.db | default(omit) }}" - login_host: "{{ matrix_postgres_user.login_host | default('localhost') }}" - login_password: "{{ matrix_postgres_user.login_password | default(omit) }}" - login_user: "{{ matrix_postgres_user.login_user | default(omit) }}" - login_unix_socket: "{{ matrix_postgres_user.login_unix_socket | default(omit) }}" - port: "{{ matrix_postgres_user.port | default(omit) }}" - state: "{{ matrix_postgres_user.state | default('present') }}" - no_log: True - when: matrix_postgres_user is defined - delegate_to: "{{ matrix_postgres_server }}" - when: matrix_postgres_enabled | bool diff --git a/templates/opt/matrix/config/homeserver.yml.j2 b/templates/opt/matrix/config/homeserver.yml.j2 index 5cd2154..8ba7323 100644 --- a/templates/opt/matrix/config/homeserver.yml.j2 +++ b/templates/opt/matrix/config/homeserver.yml.j2 @@ -168,16 +168,16 @@ federation_client_minimum_tls_version: 1.2 ## Database ## database: - {% if matrix_postgres_enabled %} + {% if matrix_db_type == "pgsql" %} name: psycopg2 args: - user: {{ matrix_postgres_user.name }} - password: {{ matrix_postgres_user.password }} - dbname: {{ matrix_postgres_db.name }} - host: {{ matrix_postgres_server }} - port: {{ matrix_postgres_port }} - sslmode: {{ matrix_postgres_ssl_mode }} - sslrootcert: {{ matrix_postgres_ssl_root_cert }} + user: {{ matrix_db_user }} + password: {{ matrix_db_password }} + dbname: {{ matrix_db_name }} + host: {{ matrix_db_server }} + port: {{ matrix_db_port }} + sslmode: {{ matrix_db_ssl_mode }} + sslrootcert: {{ matrix_db_ssl_root_cert }} cp_min: 5 cp_max: 10 {% else %}