blob: 04becc80124c3c865a2c540869d1fe402f5e43ec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
# vim: ts=2 shiftwidth=2
---
- hosts: localhost
remote_user: peter
become: yes
vars:
federation_server: "matrix.example.com"
client_server: "example.com"
dbuser: "synapse"
dbpass: ""
database: "synapse"
packages: [matrix-synapse, postgresql, nginx, python-psycopg2]
synapse_repo: "files/synapse.list"
synapse_config: "files/homeserver.yaml.j2"
synapse_config_server: "files/server_name.yaml.j2"
synapse_config_report: "files/report_stats.yaml"
nginx_config: "files/nginx.j2"
ssl_available: true
tasks:
- name: Get hostname
shell: hostname
register: hostname
become: no
- name: Setup nginx w/ HTTPS
template:
src: "{{ nginx_config }}"
dest: "/etc/nginx/sites-available/{{ federation_server }}.conf"
- name: Reload nginx
service:
name: nginx
state: reloaded
- name: Activate PostgreSQL
service:
name: postgresql
state: started
enabled: yes
- name: Create DB user
become_user: postgres
postgresql_user:
name: "{{ dbuser }}"
state: present
role_attr_flags: NOSUPERUSER,NOCREATEROLE,NOCREATEDB
password: "{{ dbpass }}"
encrypted: no
- name: Create DB
become_user: postgres
postgresql_db:
name: "{{ database }}"
state: present
owner: "{{ dbuser }}"
encoding: UTF8
lc_collate: C
lc_ctype: C
template: template0
- name: Configure Synapse (main)
template:
src: "{{ synapse_config }}"
dest: /etc/matrix-synapse/homeserver.yaml
force: yes
owner: matrix-synapse
group: nogroup
- name: Configure Synapse (server name)
template:
src: "{{ synapse_config_server }}"
dest: /etc/matrix-synapse/conf.d/server_name.yaml
force: yes
owner: matrix-synapse
group: nogroup
- name: Configure Synapse (stats)
template:
src: "{{ synapse_config_report }}"
dest: /etc/matrix-synapse/conf.d/report_stats.yaml
force: yes
owner: matrix-synapse
group: nogroup
- name: Copy Cert for Synapse
copy:
remote_src: yes
src: "/etc/ssl/certs/{{ federation_server }}.pem"
dest: "/etc/matrix-synapse/{{ federation_server }}.pem"
owner: matrix-synapse
group: nogroup
- name: Copy Key for Synapse
copy:
remote_src: yes
src: "/etc/ssl/private/{{ federation_server }}.key"
dest: "/etc/matrix-synapse/{{ federation_server }}.key"
owner: matrix-synapse
group: nogroup
- name: Start Synapse
service:
name: matrix-synapse
state: started
enabled: yes
- name: Done
debug:
msg: |-
What to do:
* Create a user via register_new_matrix_user -c /etc/matrix-synapse/homeserver.yaml https://localhost:8448
* Create the required DNS entries for federation
|