- set_fact: password: '{{ lookup("passwordstore", "vm/"~inventory_hostname, returnall=true) | from_yaml }}' - name: Install packages package: name: synapse - name: Get existing config slurp: path: '/etc/synapse/{{ password.server_name }}.yaml' register: config failed_when: false - name: Parse config set_fact: config: '{{ config.content | b64decode | from_yaml }}' when: '"content" in config' - name: Configure homeserver template: dest: '/etc/synapse/{{ password.server_name }}.yaml' src: homeserver.yaml.j2 notify: restart synapse - name: Configure logging template: dest: '/etc/synapse/{{ password.server_name }}.log.config' src: log.config.j2 notify: restart synapse - name: Generate keys become: yes become_user: synapse command: cmd: | python3 -m synapse.app.homeserver --generate-keys --config-path /etc/synapse/{{ password.server_name }}.yaml creates: '/etc/synapse/{{ password.server_name }}.signing.key' notify: restart synapse - name: Secure keys file: path: '/etc/synapse/{{ password.server_name }}.signing.key' mode: 0600 - name: Set config path lineinfile: path: /etc/conf.d/synapse regexp: '^config=' line: 'config="/etc/synapse/{{ password.server_name }}.yaml"' notify: restart synapse - name: Create socket directory file: path: /var/lib/synapse/socket state: directory mode: 0750 owner: synapse group: nginx - name: Set up nginx site template: dest: '/etc/nginx/http.d/synapse.conf' src: 'nginx.conf.j2' notify: reload nginx