xoxys.matrix/tasks/install.yml

---
- name: Prepare base folders
  file:
    path: "{{ item }}"
    state: directory
    owner: "{{ matrix_user }}"
    group: "{{ matrix_user }}"
    mode: 0750
  loop:
    - "{{ matrix_base_dir }}"
    - "{{ matrix_conf_dir }}"
    - "{{ matrix_data_dir }}"
    - "{{ matrix_log_dir }}"
  become: True
  become_user: root

- block:
    - name: Upgrade python dependencies
      pip:
        name: "{{ item }}"
        virtualenv: "{{ matrix_base_dir }}/env"
        virtualenv_command: /usr/bin/python3 -m venv
        extra_args: --upgrade
      loop:
        - pip
        - setuptools
        - psycopg2

    - name: Install with pip and virtualenv
      pip:
        name: matrix-synapse[all]
        version: "{{ matrix_version }}"
        virtualenv: "{{ matrix_base_dir }}/env"
        virtualenv_command: /usr/bin/python3 -m venv

    - name: Install ldap3 auth provider
      pip:
        name: "matrix-synapse-ldap3"
        virtualenv: "{{ matrix_base_dir }}/env"
        virtualenv_command: /usr/bin/python3 -m venv
      when: matrix_ldap_auth_enabled

    - name: Create signing key
      shell: "{{ matrix_base_dir }}/env/bin/python -c \"from signedjson import key; file = open('{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key','w'); key.write_signing_keys(file, [key.generate_signing_key('first')]); file.close()\""
      args:
        creates: "{{ matrix_conf_dir }}/{{ matrix_server_url }}.signing.key"
      notify: __matrix_restart

    - name: Deploy global config files
      template:
        src: "opt/matrix/config/{{ item }}.j2"
        dest: "{{ matrix_conf_dir }}/{{ item }}"
        mode: 0600
      loop:
        - "homeserver.yml"
        - "logging.config"
      notify: __matrix_restart
  become: True
  become_user: "{{ matrix_user }}"

- block:
    - name: Copy systemd unit file
      template:
        src: "etc/systemd/system/matrix.service.j2"
        dest: "/etc/systemd/system/matrix.service"
      notify: __matrix_restart

    - name: Open ports in iptables
      iptables_raw:
        name: "{{ item.name }}"
        rules: "{{ item.rules }}"
        state: "{{ item.state }}"
        weight: "{{ item.weight | default(omit) }}"
        table: "{{ item.table | default(omit) }}"
      with_items: "{{ matrix_open_ports }}"
      loop_control:
        label: "{{ item.name }}"
      when: matrix_iptables_enabled
  become: True
  become_user: root