73 lines
1.9 KiB
YAML
73 lines
1.9 KiB
YAML
---
|
|
# matrix_synapse/tasks/main.yml
|
|
- name: Create stack and config directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
mode: "0755"
|
|
loop: "{{ synapse_base_directories }}"
|
|
|
|
- name: Directory SELinux requirement
|
|
ansible.builtin.set_fact:
|
|
selinux_container_paths: "{{ synapse_base_directories }}"
|
|
|
|
- import_role:
|
|
name: selinux_containers
|
|
tasks_from: labels
|
|
|
|
#- name: Ensure container app config directories are owned by container UID
|
|
# become: true
|
|
# file:
|
|
# path: "{{ synapse_config_dir }}"
|
|
# state: directory
|
|
# owner: "{{ container_user }}"
|
|
# group: "{{ container_group }}"
|
|
# recurse: true
|
|
|
|
- name: Deploy homesever configuration template
|
|
template:
|
|
src: homeserver.yaml.j2
|
|
dest: "{{ synapse_config_dir }}/homeserver.yaml"
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
mode: '0600'
|
|
|
|
- name: Ensure Synapse signing key is deployed
|
|
copy:
|
|
content: "{{ vault_matrix_signing_key }}"
|
|
dest: "{{ deploy_signing_key_path }}"
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
mode: '0600'
|
|
|
|
- name: Deploy Synapse Quadlet
|
|
template:
|
|
src: synapse.container.j2
|
|
dest: "{{ container_config_dir }}/synapse.container"
|
|
owner: "{{ container_user }}"
|
|
group: "{{ container_group }}"
|
|
mode: '0644'
|
|
|
|
- name: Force systemd reload (blocking)
|
|
become: true
|
|
become_user: "{{ container_user }}"
|
|
environment:
|
|
XDG_RUNTIME_DIR: "{{ container_runtime_dir }}"
|
|
command: systemctl --user daemon-reload
|
|
|
|
- name: Wait for quadlet generation
|
|
pause:
|
|
seconds: 1
|
|
|
|
- name: Start and enable Synapse service
|
|
become: true
|
|
become_user: "{{ container_user }}"
|
|
environment:
|
|
XDG_RUNTIME_DIR: "{{ container_runtime_dir }}"
|
|
systemd:
|
|
name: synapse.service
|
|
scope: user
|
|
state: started
|
|
enabled: true |