servers/roles/synapse/tasks/main.yml

65 lines
1.6 KiB
YAML
Raw Normal View History

- set_fact:
password: '{{ lookup("passwordstore", "vm/"~inventory_hostname, returnall=true) | from_yaml }}'
- name: Install packages
package:
name: synapse
- name: Get existing config
slurp:
path: '/etc/synapse/{{ password.server_name }}.yaml'
register: config
failed_when: false
- name: Parse config
set_fact:
config: '{{ config.content | b64decode | from_yaml }}'
when: '"content" in config'
- name: Configure homeserver
template:
dest: '/etc/synapse/{{ password.server_name }}.yaml'
src: homeserver.yaml.j2
notify: restart synapse
- name: Configure logging
template:
dest: '/etc/synapse/{{ password.server_name }}.log.config'
src: log.config.j2
notify: restart synapse
- name: Generate keys
become: yes
become_user: synapse
command:
cmd: |
python3 -m synapse.app.homeserver --generate-keys --config-path /etc/synapse/{{ password.server_name }}.yaml
creates: '/etc/synapse/{{ password.server_name }}.signing.key'
notify: restart synapse
- name: Secure keys
file:
path: '/etc/synapse/{{ password.server_name }}.signing.key'
mode: 0600
- name: Set config path
lineinfile:
path: /etc/conf.d/synapse
regexp: '^config='
line: 'config="/etc/synapse/{{ password.server_name }}.yaml"'
notify: restart synapse
- name: Create socket directory
file:
path: /var/lib/synapse/socket
state: directory
mode: 0750
owner: synapse
group: nginx
- name: Set up nginx site
template:
dest: '/etc/nginx/http.d/synapse.conf'
src: 'nginx.conf.j2'
notify: reload nginx