--- - name: Prepare base folders file: path: "{{ item }}" state: directory owner: "{{ matrix_user }}" group: "{{ matrix_user }}" mode: 0750 loop: - "{{ matrix_base_dir }}" - "{{ matrix_conf_dir }}" - "{{ matrix_data_dir }}" - "{{ matrix_log_dir }}" become: True become_user: root - block: - name: Upgrade python dependencies pip: name: "{{ item }}" virtualenv: "{{ matrix_base_dir }}/env" virtualenv_command: /usr/bin/python3 -m venv extra_args: --upgrade loop: - pip - setuptools - psycopg2 - name: Install with pip and virtualenv pip: name: matrix-synapse[all] version: "{{ matrix_version }}" virtualenv: "{{ matrix_base_dir }}/env" virtualenv_command: /usr/bin/python3 -m venv notify: __matrix_restart - name: Install ldap3 auth provider pip: name: "matrix-synapse-ldap3" virtualenv: "{{ matrix_base_dir }}/env" virtualenv_command: /usr/bin/python3 -m venv when: matrix_ldap_auth_enabled - name: Create signing key shell: "{{ matrix_base_dir }}/env/bin/python -c \"from signedjson import key; file = open('{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key','w'); key.write_signing_keys(file, [key.generate_signing_key('first')]); file.close()\"" args: creates: "{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key" notify: __matrix_restart - name: Deploy global config files template: src: "opt/matrix/config/{{ item }}.j2" dest: "{{ matrix_conf_dir }}/{{ item }}" mode: 0600 loop: - "homeserver.yml" - "logging.config" notify: __matrix_restart become: True become_user: "{{ matrix_user }}" - block: - name: Copy systemd unit file template: src: "etc/systemd/system/matrix.service.j2" dest: "/etc/systemd/system/matrix.service" notify: __matrix_restart - name: Copy logrotate config template: src: "etc/logrotate.d/config.j2" dest: "/etc/logrotate.d/matrix" loop: "{{ matrix_logrotate_config }}" loop_control: label: "{{ item.log }}" when: matrix_logrotate_enabled - name: Open ports in iptables iptables_raw: name: "{{ item.name }}" rules: "{{ item.rules }}" state: "{{ item.state }}" weight: "{{ item.weight | default(omit) }}" table: "{{ item.table | default(omit) }}" loop: "{{ matrix_open_ports }}" loop_control: label: "{{ item.name }}" when: matrix_iptables_enabled become: True become_user: root