matrix/synapse02.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100

# vim: ts=2 shiftwidth=2
---
- hosts: localhost
  remote_user: peter
  become: yes
  vars:
    federation_server: "matrix.example.com"
    client_server: "example.com"
    dbuser: "synapse"
    dbpass: ""
    database: "synapse"
    packages: [matrix-synapse, postgresql, nginx, python-psycopg2]
    synapse_repo: "files/synapse.list"
    synapse_config: "files/homeserver.yaml.j2"
    synapse_config_server: "files/server_name.yaml.j2"
    synapse_config_report: "files/report_stats.yaml"
    nginx_config: "files/nginx.j2"
    ssl_available: true
  tasks:
    - name: Get hostname
      shell: hostname
      register: hostname
      become: no
    - name: Setup nginx w/ HTTPS
      template:
        src: "{{ nginx_config }}"
        dest: "/etc/nginx/sites-available/{{ federation_server }}.conf"
    - name: Reload nginx
      service:
        name: nginx
        state: reloaded
    - name: Activate PostgreSQL
      service:
        name: postgresql
        state: started
        enabled: yes
    - name: Create DB user
      become_user: postgres
      postgresql_user:
        name: "{{ dbuser }}"
        state: present
        role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB
        password: "{{ dbpass }}"
        encrypted: no
    - name: Create DB
      become_user: postgres
      postgresql_db:
        name: "{{ database }}"
        state: present
        owner: "{{ dbuser }}"
        encoding: UTF8
        lc_collate: C
        lc_ctype: C
        template: template0
    - name: Configure Synapse (main)
      template:
        src: "{{ synapse_config }}"
        dest: /etc/matrix-synapse/homeserver.yaml
        force: yes
        owner: matrix-synapse
        group: nogroup
    - name: Configure Synapse (server name)
      template:
        src: "{{ synapse_config_server }}"
        dest: /etc/matrix-synapse/conf.d/server_name.yaml
        force: yes
        owner: matrix-synapse
        group: nogroup
    - name: Configure Synapse (stats)
      template:
        src: "{{ synapse_config_report }}"
        dest: /etc/matrix-synapse/conf.d/report_stats.yaml
        force: yes
        owner: matrix-synapse
        group: nogroup
    - name: Copy Cert for Synapse
      copy:
        remote_src: yes
        src: "/etc/ssl/certs/{{ federation_server }}.pem"
        dest: "/etc/matrix-synapse/{{ federation_server }}.pem"
        owner: matrix-synapse
        group: nogroup
    - name: Copy Key for Synapse
      copy:
        remote_src: yes
        src: "/etc/ssl/private/{{ federation_server }}.key"
        dest: "/etc/matrix-synapse/{{ federation_server }}.key"
        owner: matrix-synapse
        group: nogroup
    - name: Start Synapse
      service:
        name: matrix-synapse
        state: started
        enabled: yes
    - name: Done
      debug:
        msg: |-
          What to do:
          * Create a user via register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml https://localhost:8448
          * Create the required DNS entries for federation