From c603531b1d4c97dd8f5668597f956e14d380e38a Mon Sep 17 00:00:00 2001 From: Hackintosh 5 Date: Wed, 7 Apr 2021 10:48:35 +0100 Subject: [PATCH 1/7] Store retry files --- .gitignore | 1 + ansible.cfg | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 36c65bdaa83..d2089bf16c3 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ /roles/*/files/scratchpad .DS_Store .python-version +.ansible-retry diff --git a/ansible.cfg b/ansible.cfg index 360ce153c21..1721bc8e6e9 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,6 +1,7 @@ [defaults] -retry_files_enabled = False +retry_files_enabled = True stdout_callback = yaml +retry_files_save_path = ./.ansible-retry [connection] pipelining = True From 33391860fe76c1613355d2567b47f8f8db759fd6 Mon Sep 17 00:00:00 2001 From: Hackintosh 5 Date: Wed, 7 Apr 2021 10:50:43 +0100 Subject: [PATCH 2/7] Add permissions configuration to mautrix-signal --- docs/configuring-playbook-bridge-mautrix-signal.md | 1 + roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 ++ roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 3 +++ 3 files changed, 6 insertions(+) diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 6d3c4dfbdd3..7fc569c6b53 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -10,6 +10,7 @@ Use the following playbook configuration: ```yaml matrix_mautrix_signal_enabled: true +matrix_mautrix_signal_admins: {"@YOUR_USER:YOUR_DOMAIN": "admin"} ``` ## Set up Double Puppeting diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 502405480dc..29b6f780a56 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -20,6 +20,8 @@ matrix_mautrix_signal_homeserver_address: '' matrix_mautrix_signal_homeserver_domain: '' matrix_mautrix_signal_appservice_address: 'http://matrix-mautrix-signal:29328' +matrix_mautrix_signal_admins: {} + # Controls whether the matrix-mautrix-signal container exposes its port (tcp/29328 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:9006"), or empty string to not expose. diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index ca5060a70bc..55a564cd8c2 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -178,6 +178,9 @@ bridge: # mxid - Specific user permissions: '{{ matrix_mautrix_signal_homeserver_domain }}': user + {% for user, role in matrix_mautrix_signal_admins.items() %} + '{{ user }}': {{ role }} + {% endfor %} # Python logging configuration. From e8047bcb267c1bd60633ed1847e07e486ac29af0 Mon Sep 17 00:00:00 2001 From: Hackintosh 5 Date: Wed, 7 Apr 2021 11:04:37 +0100 Subject: [PATCH 3/7] Fix self-building defaults and add self-building support for some services --- group_vars/matrix_servers | 7 ++- .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../tasks/setup_install.yml | 15 +++---- .../defaults/main.yml | 10 ++++- .../tasks/setup_install.yml | 44 ++++++++++++++++++- .../defaults/main.yml | 5 ++- .../tasks/setup_install.yml | 31 ++++++++++--- .../defaults/main.yml | 6 ++- .../tasks/setup_install.yml | 20 +++++++++ .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - .../defaults/main.yml | 1 - roles/matrix-client-element/defaults/main.yml | 1 - roles/matrix-corporal/defaults/main.yml | 1 - roles/matrix-coturn/defaults/main.yml | 1 - roles/matrix-dynamic-dns/defaults/main.yml | 1 - roles/matrix-ma1sd/defaults/main.yml | 1 - roles/matrix-mailer/defaults/main.yml | 1 - roles/matrix-postgres/defaults/main.yml | 1 - roles/matrix-registration/defaults/main.yml | 1 - .../tasks/setup_install.yml | 10 ++--- roles/matrix-synapse-admin/defaults/main.yml | 1 - roles/matrix-synapse/defaults/main.yml | 1 - 31 files changed, 119 insertions(+), 51 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 96b933f35b7..4a3bfd486c1 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -348,6 +348,8 @@ matrix_mautrix_instagram_database_password: "{{ matrix_synapse_macaroon_secret_k # We don't enable bridges by default. matrix_mautrix_signal_enabled: false +matrix_mautrix_signal_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" + matrix_mautrix_signal_systemd_required_services_list: | {{ ['docker.service'] @@ -433,6 +435,8 @@ matrix_mautrix_telegram_database_password: "{{ matrix_synapse_macaroon_secret_ke # We don't enable bridges by default. matrix_mautrix_whatsapp_enabled: false +matrix_mautrix_whatsapp_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" + matrix_mautrix_whatsapp_systemd_required_services_list: | {{ ['docker.service'] @@ -1013,6 +1017,7 @@ matrix_etherpad_database_password: "{{ matrix_synapse_macaroon_secret_key | pass ###################################################################### matrix_dynamic_dns_enabled: false +matrix_dynamic_dns_container_image_self_build: "{{ matrix_architecture != 'amd64'}}" ###################################################################### # @@ -1325,7 +1330,7 @@ matrix_postgres_architecture: "{{ matrix_architecture }}" # and tell users they need to set it (either here or in those variables). matrix_postgres_connection_hostname: "{{ 'matrix-postgres' if matrix_postgres_enabled else '' }}" -matrix_postgres_pgloader_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" +matrix_postgres_pgloader_container_image_self_build: false matrix_postgres_additional_databases: | {{ diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index ca8797b4f0b..ca4e8292711 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -3,7 +3,6 @@ matrix_appservice_irc_enabled: true -matrix_appservice_irc_container_self_build: false matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git" matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src" diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/matrix-bridge-appservice-slack/defaults/main.yml index bb801273f2d..9ad24f3ca4d 100644 --- a/roles/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/matrix-bridge-appservice-slack/defaults/main.yml @@ -3,7 +3,6 @@ matrix_appservice_slack_enabled: true -matrix_appservice_slack_container_self_build: false matrix_appservice_slack_docker_repo: "https://github.com/matrix-org/matrix-appservice-slack.git" matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-slack/docker-src" diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml index 71a225f7ccb..3ebec255947 100644 --- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mautrix_facebook_enabled: true -matrix_mautrix_facebook_container_image_self_build: false matrix_mautrix_facebook_container_image_self_build_repo: "https://github.com/tulir/mautrix-facebook.git" matrix_mautrix_facebook_version: latest diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml index 48b66b8d607..8e3fca2b468 100644 --- a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mautrix_hangouts_enabled: true -matrix_mautrix_hangouts_container_image_self_build: false matrix_mautrix_hangouts_container_image_self_build_repo: "https://github.com/tulir/mautrix-hangouts.git" matrix_mautrix_hangouts_version: latest diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index 5204386d5ad..f9d4196b798 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mautrix_instagram_enabled: true -matrix_mautrix_instagram_container_image_self_build: false matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/tulir/mautrix-instagram.git" matrix_mautrix_instagram_version: latest diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index 6047423097c..74129de3742 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -17,20 +17,15 @@ - name: Ensure Mautrix instagram paths exist file: - path: "{{ item.path }}" + path: "{{ item }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - { path: "{{ matrix_mautrix_instagram_base_path }}", when: true } - - { path: "{{ matrix_mautrix_instagram_config_path }}", when: true } - - { path: "{{ matrix_mautrix_instagram_data_path }}", when: true } - - { - path: "{{ matrix_mautrix_instagram_docker_src_files_path }}", - when: "{{ matrix_mautrix_instagram_container_image_self_build }}", - } - when: item.when|bool + - "{{ matrix_mautrix_instagram_base_path }}" + - "{{ matrix_mautrix_instagram_config_path }}" + - "{{ matrix_mautrix_instagram_data_path }}" - name: Ensure Mautrix instagram repository is present on self-build git: @@ -50,6 +45,8 @@ dockerfile: Dockerfile path: "{{ matrix_mautrix_instagram_docker_src_files_path }}" pull: yes + args: + TARGETARCH: "{{ matrix_architecture }}" when: "matrix_mautrix_instagram_enabled|bool and matrix_mautrix_instagram_container_image_self_build|bool" - name: Ensure mautrix-instagram config.yaml installed diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 29b6f780a56..e51c312889c 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -3,18 +3,24 @@ matrix_mautrix_signal_enabled: true +matrix_mautrix_signal_container_image_self_build_repo: "https://github.com/tulir/mautrix-signal.git" +matrix_mautrix_signal_daemon_container_image_self_build_repo: "https://mau.dev/maunium/signald.git" + matrix_mautrix_signal_version: latest matrix_mautrix_signal_daemon_version: latest # See: https://mau.dev/tulir/mautrix-signal/container_registry -matrix_mautrix_signal_docker_image: "dock.mau.dev/tulir/mautrix-signal:{{ matrix_mautrix_signal_version }}" +matrix_mautrix_signal_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_signal_container_image_self_build else 'dock.mau.dev/' }}" +matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}tulir/mautrix-signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" -matrix_mautrix_signal_daemon_docker_image: "dock.mau.dev/maunium/signald:{{ matrix_mautrix_signal_daemon_version }}" +matrix_mautrix_signal_daemon_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}maunium/signald:{{ matrix_mautrix_signal_daemon_version }}" matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image.endswith(':latest') }}" matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal" matrix_mautrix_signal_config_path: "{{ matrix_mautrix_signal_base_path }}/bridge" matrix_mautrix_signal_daemon_path: "{{ matrix_mautrix_signal_base_path }}/signald" +matrix_mautrix_signal_docker_src_files_path: "{{matrix_mautrix_signal_base_path }}/docker-src" +matrix_mautrix_signal_daemon_docker_src_files_path: "{{matrix_mautrix_signal_base_path }}/daemon-docker-src" matrix_mautrix_signal_homeserver_address: '' matrix_mautrix_signal_homeserver_domain: '' diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 61c6adff823..65820a77a03 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -14,7 +14,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}" - when: matrix_mautrix_signal_enabled|bool + when: matrix_mautrix_signal_enabled|bool and not matrix_mautrix_signal_container_image_self_build - name: Ensure Mautrix Signal Daemon image is pulled docker_image: @@ -22,7 +22,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_daemon_docker_image_force_pull }}" - when: matrix_mautrix_signal_enabled|bool + when: matrix_mautrix_signal_enabled|bool and not matrix_mautrix_signal_container_image_self_build - name: Ensure Mautrix Signal paths exist file: @@ -39,6 +39,46 @@ - "{{ matrix_mautrix_signal_daemon_path }}/attachments" - "{{ matrix_mautrix_signal_daemon_path }}/data" +- name: Ensure Mautrix signal repository is present on self-build + git: + repo: "{{ matrix_mautrix_signal_container_image_self_build_repo }}" + dest: "{{ matrix_mautrix_signal_docker_src_files_path }}" + force: "yes" + register: matrix_mautrix_signal_git_pull_results + when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_container_image_self_build" + +- name: Ensure Mautrix signal Docker image is built + docker_image: + name: "{{ matrix_mautrix_signal_docker_image }}" + source: build + force_source: "{{ matrix_mautrix_signal_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_signal_docker_src_files_path }}" + pull: yes + args: + TARGETARCH: "{{ matrix_architecture }}" + when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_container_image_self_build|bool" + +- name: Ensure Mautrix signal_daemon repository is present on self-build + git: + repo: "{{ matrix_mautrix_signal_daemon_container_image_self_build_repo }}" + dest: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}" + force: "yes" + register: matrix_mautrix_signal_daemon_git_pull_results + when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_container_image_self_build" + +- name: Ensure Mautrix signal_daemon Docker image is built + docker_image: + name: "{{ matrix_mautrix_signal_daemon_docker_image }}" + source: build + force_source: "{{ matrix_mautrix_signal_daemon_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_container_image_self_build|bool" + - name: Ensure mautrix-signal config.yaml installed copy: content: "{{ matrix_mautrix_signal_configuration|to_nice_yaml }}" diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index e4c7696aabc..4369fd01123 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -3,13 +3,16 @@ matrix_mautrix_telegram_enabled: true -matrix_mautrix_telegram_container_self_build: false matrix_mautrix_telegram_docker_repo: "https://mau.dev/tulir/mautrix-telegram.git" +matrix_mautrix_telegram_lottieconverter_docker_repo: "https://mau.dev/tulir/lottieconverter.git" matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" +matrix_mautrix_telegram_lottieconverter_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/lottieconverter-docker-src" matrix_mautrix_telegram_version: v0.9.0 # See: https://mau.dev/tulir/mautrix-telegram/container_registry matrix_mautrix_telegram_docker_image: "dock.mau.dev/tulir/mautrix-telegram:{{ matrix_mautrix_telegram_version }}" +# See: https://github.com/tulir/mautrix-telegram/blob/master/Dockerfile#L1 +matrix_mautrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.13" matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram" diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml index 704f0e26205..f71a1b7378b 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml @@ -36,17 +36,15 @@ - name: Ensure Mautrix Telegram paths exist file: - path: "{{ item.path }}" + path: "{{ item }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - { path: "{{ matrix_mautrix_telegram_base_path }}", when: true } - - { path: "{{ matrix_mautrix_telegram_config_path }}", when: true } - - { path: "{{ matrix_mautrix_telegram_data_path }}", when: true } - - { path: "{{ matrix_mautrix_telegram_docker_src_files_path }}", when: "{{ matrix_mautrix_telegram_container_self_build }}" } - when: item.when|bool + - "{{ matrix_mautrix_telegram_base_path }}" + - "{{ matrix_mautrix_telegram_config_path }}" + - "{{ matrix_mautrix_telegram_data_path }}" - name: Ensure Mautrix Telegram image is pulled docker_image: @@ -56,6 +54,25 @@ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_telegram_docker_image_force_pull }}" when: "not matrix_mautrix_telegram_container_self_build|bool" +- name: Ensure lottieconverter repository is present when self-building + git: + repo: "{{ matrix_mautrix_telegram_lottieconverter_docker_repo }}" + dest: "{{ matrix_mautrix_telegram_lottieconverter_docker_src_files_path }}" + force: "yes" + register: matrix_mautrix_telegram_lottieconverter_git_pull_results + when: "matrix_mautrix_telegram_container_self_build|bool" + +- name: Ensure lottieconverter Docker image is build + docker_image: + name: "{{ matrix_mautrix_telegram_lottieconverter_docker_image }}" + source: build + force_source: yes + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_telegram_lottieconverter_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_telegram_container_self_build|bool and matrix_mautrix_telegram_lottieconverter_git_pull_results.changed" + - name: Ensure matrix-mautrix-telegram repository is present when self-building git: repo: "{{ matrix_mautrix_telegram_docker_repo }}" @@ -73,7 +90,7 @@ build: dockerfile: Dockerfile path: "{{ matrix_mautrix_telegram_docker_src_files_path }}" - pull: yes + pull: no when: "matrix_mautrix_telegram_container_self_build|bool and matrix_mautrix_telegram_git_pull_results.changed" - name: Check if an old database file already exists diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index f8ae7d873ce..71c56fc9837 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -3,14 +3,18 @@ matrix_mautrix_whatsapp_enabled: true +matrix_mautrix_whatsapp_container_image_self_build_repo: "https://github.com/tulir/mautrix-whatsapp.git" + matrix_mautrix_whatsapp_version: latest # See: https://mau.dev/tulir/mautrix-whatsapp/container_registry -matrix_mautrix_whatsapp_docker_image: "dock.mau.dev/tulir/mautrix-whatsapp:{{ matrix_mautrix_whatsapp_version }}" +matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}tulir/mautrix-whatsapp:{{ matrix_mautrix_whatsapp_version }}" +matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" matrix_mautrix_whatsapp_docker_image_force_pull: "{{ matrix_mautrix_whatsapp_docker_image.endswith(':latest') }}" matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp" matrix_mautrix_whatsapp_config_path: "{{ matrix_mautrix_whatsapp_base_path }}/config" matrix_mautrix_whatsapp_data_path: "{{ matrix_mautrix_whatsapp_base_path }}/data" +matrix_mautrix_whatsapp_docker_src_files_path: "{{ matrix_mautrix_whatsapp_base_path }}/docker-src" matrix_mautrix_whatsapp_homeserver_address: "{{ matrix_homeserver_container_url }}" matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml index 9691a58f90e..a525ea9219c 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml @@ -41,6 +41,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_whatsapp_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_whatsapp_docker_image_force_pull }}" + when: "matrix_mautrix_whatsapp_enabled|bool and not matrix_mautrix_whatsapp_container_image_self_build" - name: Ensure Mautrix Whatsapp paths exists file: @@ -54,6 +55,25 @@ - "{{ matrix_mautrix_whatsapp_config_path }}" - "{{ matrix_mautrix_whatsapp_data_path }}" +- name: Ensure Mautrix whatsapp repository is present on self-build + git: + repo: "{{ matrix_mautrix_whatsapp_container_image_self_build_repo }}" + dest: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}" + force: "yes" + register: matrix_mautrix_whatsapp_git_pull_results + when: "matrix_mautrix_whatsapp_enabled|bool and matrix_mautrix_whatsapp_container_image_self_build" + +- name: Ensure Mautrix whatsapp Docker image is built + docker_image: + name: "{{ matrix_mautrix_whatsapp_docker_image }}" + source: build + force_source: "{{ matrix_mautrix_whatsapp_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_whatsapp_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_whatsapp_enabled|bool and matrix_mautrix_whatsapp_container_image_self_build|bool" + - name: Check if an old database file exists stat: path: "{{ matrix_mautrix_whatsapp_base_path }}/mautrix-whatsapp.db" diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml index 7e99c9b2e1a..a500ee11f2f 100644 --- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mx_puppet_discord_enabled: true -matrix_mx_puppet_discord_container_image_self_build: false matrix_mx_puppet_discord_container_image_self_build_repo: "https://github.com/matrix-discord/mx-puppet-discord.git" # Controls whether the mx-puppet-discord container exposes its HTTP port (tcp/8432 in the container). diff --git a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml b/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml index 898768bf936..1c07f2158aa 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mx_puppet_groupme_enabled: true -matrix_mx_puppet_groupme_container_image_self_build: false matrix_mx_puppet_groupme_container_image_self_build_repo: "https://gitlab.com/robintown/mx-puppet-groupme" # Controls whether the mx-puppet-groupme container exposes its HTTP port (tcp/8437 in the container). diff --git a/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml b/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml index 272103604d5..cf268f31a50 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mx_puppet_instagram_enabled: true -matrix_mx_puppet_instagram_container_image_self_build: false matrix_mx_puppet_instagram_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-instagram.git" matrix_mx_puppet_instagram_version: latest diff --git a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml index 8dcb2faff86..eadb25bb18e 100644 --- a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mx_puppet_skype_enabled: true -matrix_mx_puppet_skype_container_image_self_build: false matrix_mx_puppet_skype_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-skype.git" matrix_mx_puppet_skype_version: latest diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index 65b295c94a5..d2488c35ba3 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mx_puppet_slack_enabled: true -matrix_mx_puppet_slack_container_image_self_build: false matrix_mx_puppet_slack_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-slack.git" # Controls whether the mx-puppet-slack container exposes its HTTP port (tcp/8432 in the container). diff --git a/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml b/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml index e4df90a5684..a2807291484 100644 --- a/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-steam/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mx_puppet_steam_enabled: true -matrix_mx_puppet_steam_container_image_self_build: false matrix_mx_puppet_steam_container_image_self_build_repo: "https://github.com/icewind1991/mx-puppet-steam.git" # Controls whether the mx-puppet-steam container exposes its HTTP port (tcp/8432 in the container). diff --git a/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml b/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml index 0e37d51f5d9..74ccd6cac77 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/defaults/main.yml @@ -3,7 +3,6 @@ matrix_mx_puppet_twitter_enabled: true -matrix_mx_puppet_twitter_container_image_self_build: false matrix_mx_puppet_twitter_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-twitter.git" # Controls whether the mx-puppet-twitter container exposes its HTTP port (tcp/8432 in the container). diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index f836d4a4942..174aed89b66 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -1,6 +1,5 @@ matrix_client_element_enabled: true -matrix_client_element_container_image_self_build: false matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git" matrix_client_element_version: v1.7.30 diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index 05af80460d6..240ed04129b 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -3,7 +3,6 @@ matrix_corporal_enabled: true -matrix_corporal_container_image_self_build: false matrix_corporal_container_image_self_build_repo: "https://github.com/devture/matrix-corporal.git" # Controls whether the matrix-corporal container exposes its gateway HTTP port (tcp/41080 in the container). diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index 2539d8b1c65..a35b3c97d8c 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -1,6 +1,5 @@ matrix_coturn_enabled: true -matrix_coturn_container_image_self_build: false matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn" matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}-r1" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 3411d0f83dc..8047bd47173 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -24,7 +24,6 @@ matrix_dynamic_dns_systemd_wanted_services_list: [] matrix_dynamic_dns_systemd_required_services_list: ['docker.service'] # Build the container from source when running in mode -matrix_dynamic_dns_container_image_self_build: false matrix_dynamic_dns_container_image_self_build_repo: "https://github.com/linuxserver/docker-ddclient.git" # Config paths diff --git a/roles/matrix-ma1sd/defaults/main.yml b/roles/matrix-ma1sd/defaults/main.yml index 7ab0d15e223..e4c80fa1094 100644 --- a/roles/matrix-ma1sd/defaults/main.yml +++ b/roles/matrix-ma1sd/defaults/main.yml @@ -3,7 +3,6 @@ matrix_ma1sd_enabled: true -matrix_ma1sd_container_image_self_build: false matrix_ma1sd_container_image_self_build_repo: "https://github.com/ma1uta/ma1sd.git" matrix_ma1sd_container_image_self_build_branch: "{{ matrix_ma1sd_version }}" diff --git a/roles/matrix-mailer/defaults/main.yml b/roles/matrix-mailer/defaults/main.yml index 1340cc702e2..1e4deff9ffb 100644 --- a/roles/matrix-mailer/defaults/main.yml +++ b/roles/matrix-mailer/defaults/main.yml @@ -2,7 +2,6 @@ matrix_mailer_enabled: true matrix_mailer_base_path: "{{ matrix_base_data_path }}/mailer" -matrix_mailer_container_image_self_build: false matrix_mailer_container_image_self_build_repository_url: "https://github.com/devture/exim-relay" matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src" matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}" diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 72e42021583..8fe9e3394ae 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -82,7 +82,6 @@ matrix_postgres_import_databases_ignore_regex: "^CREATE DATABASE ({{ matrix_post matrix_postgres_additional_databases_postgres_start_wait_timeout_seconds: "{{ 45 if matrix_postgres_architecture in ['arm32', 'arm64'] else 15 }}" -matrix_postgres_pgloader_container_image_self_build: false matrix_postgres_pgloader_container_image_self_build_repo: "https://github.com/illagrenan/pgloader-docker.git" matrix_postgres_pgloader_container_image_self_build_repo_branch: "v{{ matrix_postgres_pgloader_docker_image_tag }}" matrix_postgres_pgloader_container_image_self_build_src_path: "{{ matrix_postgres_base_path }}/pgloader-container-src" diff --git a/roles/matrix-registration/defaults/main.yml b/roles/matrix-registration/defaults/main.yml index e03891b2e53..41bdf77fe44 100644 --- a/roles/matrix-registration/defaults/main.yml +++ b/roles/matrix-registration/defaults/main.yml @@ -3,7 +3,6 @@ matrix_registration_enabled: true -matrix_registration_container_image_self_build: false matrix_registration_container_image_self_build_repo: "https://github.com/ZerataX/matrix-registration" matrix_registration_container_image_self_build_branch: "{{ 'master' if matrix_registration_version == 'latest' else matrix_registration_version }}" diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index 0d7da9ceebf..910ebb92187 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -33,17 +33,15 @@ - name: Ensure matrix-registration paths exist file: - path: "{{ item.path }}" + path: "{{ item }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - { path: "{{ matrix_registration_base_path }}", when: true } - - { path: "{{ matrix_registration_config_path }}", when: true } - - { path: "{{ matrix_registration_data_path }}", when: true } - - { path: "{{ matrix_registration_docker_src_files_path }}", when: "{{ matrix_registration_container_image_self_build }}"} - when: "item.when|bool" + - "{{ matrix_registration_base_path }}" + - "{{ matrix_registration_config_path }}" + - "{{ matrix_registration_data_path }}" - name: Ensure matrix-registration image is pulled docker_image: diff --git a/roles/matrix-synapse-admin/defaults/main.yml b/roles/matrix-synapse-admin/defaults/main.yml index 069b627948a..e25d7bf488b 100644 --- a/roles/matrix-synapse-admin/defaults/main.yml +++ b/roles/matrix-synapse-admin/defaults/main.yml @@ -3,7 +3,6 @@ matrix_synapse_admin_enabled: true -matrix_synapse_admin_container_self_build: false matrix_synapse_admin_container_self_build_repo: "https://github.com/Awesome-Technologies/synapse-admin.git" matrix_synapse_admin_docker_src_files_path: "{{ matrix_base_data_path }}/synapse-admin/docker-src" diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index cb5f9a3afc8..45de77e214c 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -3,7 +3,6 @@ matrix_synapse_enabled: true -matrix_synapse_container_image_self_build: false matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/synapse.git" matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" From 9d1de4b900a810a4a28806103ca8a496c087e919 Mon Sep 17 00:00:00 2001 From: Hackintosh 5 Date: Wed, 7 Apr 2021 11:17:51 +0100 Subject: [PATCH 4/7] Improve handling of systemd units - Add matrix.target - Fix improper use of `docker kill` --- roles/matrix-base/tasks/server_base/setup.yml | 6 ++++++ .../templates/systemd/matrix.target | 5 +++++ .../systemd/matrix-bot-go-neb.service.j2 | 8 +++++--- .../matrix-bot-matrix-reminder-bot.service.j2 | 8 +++++--- .../systemd/matrix-bot-mjolnir.service.j2 | 7 ++++--- .../matrix-appservice-discord.service.j2 | 13 ++++++------- .../systemd/matrix-appservice-irc.service.j2 | 11 +++++------ .../matrix-appservice-slack.service.j2 | 11 +++++------ .../matrix-appservice-webhooks.service.j2 | 11 +++++------ .../matrix-mautrix-facebook.service.j2 | 11 +++++------ .../matrix-mautrix-hangouts.service.j2 | 11 +++++------ .../matrix-mautrix-instagram.service.j2 | 11 +++++------ .../matrix-mautrix-signal-daemon.service.j2 | 11 +++++------ .../systemd/matrix-mautrix-signal.service.j2 | 11 +++++------ .../matrix-mautrix-telegram.service.j2 | 14 ++++++++------ .../matrix-mautrix-whatsapp.service.j2 | 11 +++++------ .../matrix-mx-puppet-discord.service.j2 | 11 +++++------ .../matrix-mx-puppet-groupme.service.j2 | 11 +++++------ .../matrix-mx-puppet-instagram.service.j2 | 11 +++++------ .../systemd/matrix-mx-puppet-skype.service.j2 | 11 +++++------ .../systemd/matrix-mx-puppet-slack.service.j2 | 11 +++++------ .../systemd/matrix-mx-puppet-steam.service.j2 | 11 +++++------ .../matrix-mx-puppet-twitter.service.j2 | 11 +++++------ .../systemd/matrix-sms-bridge.service.j2 | 19 +++++++++---------- .../systemd/matrix-client-element.service.j2 | 8 +++++--- roles/matrix-common-after/tasks/start.yml | 18 ++++++++++++++---- roles/matrix-common-after/tasks/stop.yml | 4 ++-- .../systemd/matrix-corporal.service.j2 | 8 +++++--- .../systemd/matrix-coturn-reload.service.j2 | 2 ++ .../systemd/matrix-coturn-reload.timer.j2 | 4 +++- .../systemd/matrix-coturn.service.j2 | 8 +++++--- .../systemd/matrix-dimension.service.j2 | 8 +++++--- .../systemd/matrix-dynamic-dns.service.j2 | 8 +++++--- .../systemd/matrix-email2matrix.service.j2 | 8 +++++--- .../systemd/matrix-etherpad.service.j2 | 8 +++++--- .../systemd/matrix-grafana.service.j2 | 8 +++++--- .../jicofo/matrix-jitsi-jicofo.service.j2 | 8 +++++--- .../templates/jvb/matrix-jitsi-jvb.service.j2 | 8 +++++--- .../prosody/matrix-jitsi-prosody.service.j2 | 8 +++++--- .../templates/web/matrix-jitsi-web.service.j2 | 8 +++++--- .../templates/systemd/matrix-ma1sd.service.j2 | 8 +++++--- .../systemd/matrix-mailer.service.j2 | 8 +++++--- .../systemd/matrix-nginx-proxy.service.j2 | 9 ++++++--- ...l-lets-encrypt-certificates-renew.timer.j2 | 4 +++- .../matrix-ssl-nginx-proxy-reload.timer.j2 | 4 +++- .../systemd/matrix-postgres.service.j2 | 8 +++++--- ...matrix-prometheus-node-exporter.service.j2 | 8 +++++--- .../systemd/matrix-prometheus.service.j2 | 8 +++++--- .../templates/systemd/matrix-redis.service.j2 | 14 ++++++++------ .../systemd/matrix-registration.service.j2 | 8 +++++--- .../systemd/matrix-sygnal.service.j2 | 8 +++++--- .../systemd/matrix-synapse-admin.service.j2 | 8 +++++--- .../goofys/systemd/matrix-goofys.service.j2 | 8 +++++--- .../systemd/matrix-synapse-worker.service.j2 | 9 ++++++--- .../synapse/systemd/matrix-synapse.service.j2 | 9 +++++---- 55 files changed, 285 insertions(+), 216 deletions(-) create mode 100644 roles/matrix-base/templates/systemd/matrix.target diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index 64f461ef1c8..a8073c260e6 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -38,3 +38,9 @@ name: "{{ matrix_ntpd_service }}" state: started enabled: yes + +- name: Ensure matrix.target is installed + template: + src: "{{ role_path }}/templates/systemd/matrix.target" + dest: "{{ matrix_systemd_path }}/matrix.target" + mode: 0644 diff --git a/roles/matrix-base/templates/systemd/matrix.target b/roles/matrix-base/templates/systemd/matrix.target new file mode 100644 index 00000000000..fdf653bf604 --- /dev/null +++ b/roles/matrix-base/templates/systemd/matrix.target @@ -0,0 +1,5 @@ +[Unit] +Description=Start all Matrix-related services + +[Install] +WantedBy=multi-user.target diff --git a/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 b/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 index eabf1137278..1f1d9ef5085 100644 --- a/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 +++ b/roles/matrix-bot-go-neb/templates/systemd/matrix-bot-go-neb.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-bot-go-neb 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \ @@ -39,11 +40,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-go-neb \ {{ matrix_bot_go_neb_docker_image }} \ -c "go-neb /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-go-neb 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-bot-go-neb 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-go-neb 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-go-neb [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index b1fe3c325a8..01400272cfc 100644 --- a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-bot-matrix-reminder-bot 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-reminder-bot \ @@ -32,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-matrix-rem {{ matrix_bot_matrix_reminder_bot_docker_image }} \ -c "matrix-reminder-bot /config/config.yaml" -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-matrix-reminder-bot 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-bot-matrix-reminder-bot 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-matrix-reminder-bot 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-matrix-reminder-bot [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 b/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 index 0b018f25bfd..db0197203fb 100644 --- a/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 +++ b/roles/matrix-bot-mjolnir/templates/systemd/matrix-bot-mjolnir.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-bot-mjolnir 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. @@ -32,11 +33,11 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-mjolnir \ {% endfor %} {{ matrix_bot_mjolnir_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-mjolnir 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-bot-mjolnir 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-mjolnir 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-mjolnir [Install] -WantedBy=multi-user.target +WantedBy=matrix.target diff --git a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index 84dee801596..703a642ff95 100644 --- a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-discord 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -35,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-dis {{ matrix_appservice_discord_docker_image }} \ node /build/src/discordas.js -p 9005 -c /cfg/config.yaml -f /cfg/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-discord 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-discord 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-discord 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-discord - [Install] -WantedBy=multi-user.target +[Install] +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index 8650bd8db35..698ee761c66 100644 --- a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-irc 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -36,11 +34,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc {{ matrix_appservice_irc_docker_image }} \ -c 'node app.js -c /config/config.yaml -f /config/registration.yaml -p 9999' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-irc 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-irc 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-irc 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-irc [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index 21ba27ef573..a4652fd67d3 100644 --- a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-slack 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-slack \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -35,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-sla {{ matrix_appservice_slack_docker_image }} \ node app.js -p {{matrix_appservice_slack_matrix_port}} -c /config/config.yaml -f /config/slack-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-slack 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-slack 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-slack 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-slack [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index f27111b3c38..2d5f989b6f1 100644 --- a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-webhooks 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-webhooks \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -35,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-web {{ matrix_appservice_webhooks_docker_image }} \ node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-webhooks 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-appservice-webhooks 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-appservice-webhooks [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index f3af4b9ff32..6e8e98d7c82 100644 --- a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-facebook 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebook \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -32,11 +30,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebo {{ matrix_mautrix_facebook_docker_image }} \ python3 -m mautrix_facebook -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-facebook 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-facebook [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index 60f0e055fce..e9f02dba365 100644 --- a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts matrix-mautrix-hangouts-db 2>/dev/null' ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts-db \ --log-driver=none \ @@ -25,9 +26,6 @@ ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-han {{ matrix_mautrix_hangouts_docker_image }} \ alembic -x config=/config/config.yaml upgrade head -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangouts \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -44,11 +42,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-hangou {{ matrix_mautrix_hangouts_docker_image }} \ python3 -m mautrix_hangouts -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-hangouts 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-hangouts 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-hangouts 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-hangouts [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 b/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 index 33a5bab3bb6..13dee11181b 100644 --- a/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 +++ b/roles/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-instagram 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instagram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -32,11 +30,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-instag {{ matrix_mautrix_instagram_docker_image }} \ python3 -m mautrix_instagram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-instagram 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-instagram 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-instagram [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 index 6f128da395f..0244e5fee98 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal-daemon.service.j2 @@ -10,17 +10,15 @@ After={{ service }} {% for service in matrix_mautrix_signal_daemon_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-signal-daemon 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - # We can't use `--read-only` for this bridge. ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \ --log-driver=none \ @@ -30,7 +28,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal -v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \ {{ matrix_mautrix_signal_daemon_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal-daemon 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-signal-daemon 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null' Restart=always @@ -38,4 +36,5 @@ RestartSec=30 SyslogIdentifier=matrix-mautrix-signal-daemon [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 index e3e024247f0..9261244d746 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/systemd/matrix-mautrix-signal.service.j2 @@ -10,16 +10,14 @@ After={{ service }} {% for service in matrix_mautrix_signal_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-signal 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal \ --log-driver=none \ --network={{ matrix_docker_network }} \ @@ -37,7 +35,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-signal {{ matrix_mautrix_signal_docker_image }} \ python3 -m mautrix_signal -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-signal 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-signal 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null' Restart=always @@ -45,4 +43,5 @@ RestartSec=30 SyslogIdentifier=matrix-mautrix-signal [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index ae1ac675b27..14197cd8caa 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -9,12 +9,15 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-telegram 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-telegram-db 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram-db -f 2>/dev/null' ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegram-db \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -25,9 +28,6 @@ ExecStartPre={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-tel {{ matrix_mautrix_telegram_docker_image }} \ alembic -x config=/config/config.yaml upgrade head -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -44,11 +44,13 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegr {{ matrix_mautrix_telegram_docker_image }} \ python3 -m mautrix_telegram -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-telegram 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-telegram 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-telegram 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-telegram +TimeoutStartSec=500s [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index 4a492492b6d..32546f99f30 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-whatsapp 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsapp \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -33,11 +31,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-whatsa {{ matrix_mautrix_whatsapp_docker_image }} \ /usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-whatsapp 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mautrix-whatsapp 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mautrix-whatsapp [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index 6ffb87cd390..c665e14e7c0 100644 --- a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-discord 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-discord \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -33,11 +31,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-disc {% endfor %} {{ matrix_mx_puppet_discord_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-discord 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-discord 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-discord [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 b/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 index dabafd1801c..6a2f8ea0948 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 +++ b/roles/matrix-bridge-mx-puppet-groupme/templates/systemd/matrix-mx-puppet-groupme.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-groupme 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-groupme \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -33,11 +31,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-grou {% endfor %} {{ matrix_mx_puppet_groupme_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-groupme 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-groupme 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-groupme 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-groupme [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index 965bb41c2cb..93cd7f99298 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-instagram 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-instagram \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -33,11 +31,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-inst {% endfor %} {{ matrix_mx_puppet_instagram_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-instagram 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-instagram 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-instagram 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-instagram [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 index 9a7986e4df6..4014fa05fc7 100644 --- a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 +++ b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-skype 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-skype \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -33,11 +31,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-skyp {% endfor %} {{ matrix_mx_puppet_skype_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-skype 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-skype 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-skype 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-skype [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index 973771b3ed4..ef53050b9dd 100644 --- a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-slack 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slack \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -36,11 +34,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-slac {% endfor %} {{ matrix_mx_puppet_slack_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-slack 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-slack 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-slack 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-slack [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index 0772872b168..43b8a7aee48 100644 --- a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-steam 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-steam \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -33,11 +31,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-stea {% endfor %} {{ matrix_mx_puppet_steam_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-steam 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-steam 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-steam 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-steam [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 7e1b1c327fb..fb2cad19df3 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -9,16 +9,14 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-twitter 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null' -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 - ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twitter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ @@ -36,11 +34,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-twit {% endfor %} {{ matrix_mx_puppet_twitter_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mx-puppet-twitter 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mx-puppet-twitter 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-twitter 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mx-puppet-twitter [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 index 46c3463fd2a..06130182a43 100644 --- a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 +++ b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 @@ -9,17 +9,15 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-/usr/bin/docker kill matrix-sms-bridge -ExecStartPre=-/usr/bin/docker rm matrix-sms-bridge +ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-sms-bridge +ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-sms-bridge -# Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre=/bin/sleep 5 - -ExecStart=/usr/bin/docker run --rm --name matrix-sms-bridge \ +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sms-bridge \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -35,11 +33,12 @@ ExecStart=/usr/bin/docker run --rm --name matrix-sms-bridge \ {% endfor %} {{ matrix_sms_bridge_docker_image }} -ExecStop=-/usr/bin/docker kill matrix-sms-bridge -ExecStop=-/usr/bin/docker rm matrix-sms-bridge +ExecStop=-{{ matrix_host_command_docker }} kill matrix-sms-bridge +ExecStop=-{{ matrix_host_command_docker }} rm matrix-sms-bridge Restart=always RestartSec=30 SyslogIdentifier=matrix-sms-bridge - [Install] -WantedBy=multi-user.target +[Install] +WantedBy=matrix.target + diff --git a/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 b/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 index fe2a3a8655f..130c71fb1b8 100644 --- a/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 +++ b/roles/matrix-client-element/templates/systemd/matrix-client-element.service.j2 @@ -6,11 +6,12 @@ Requires={{ service }} After={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-client-element 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element \ @@ -35,11 +36,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-client-element {% endfor %} {{ matrix_client_element_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-client-element 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-client-element 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-client-element 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-client-element [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-common-after/tasks/start.yml b/roles/matrix-common-after/tasks/start.yml index 64ab4d99065..b47d82a1e5e 100644 --- a/roles/matrix-common-after/tasks/start.yml +++ b/roles/matrix-common-after/tasks/start.yml @@ -10,24 +10,34 @@ - name: Ensure Matrix services are stopped service: - name: "{{ item }}" + name: matrix.target state: stopped + when: not ansible_check_mode + +- name: Ensure Matrix services are enabled + service: + name: "{{ item }}" + enabled: true with_items: "{{ matrix_systemd_services_list }}" when: not ansible_check_mode - name: Ensure Matrix services are started service: - name: "{{ item }}" + name: "matrix.target" enabled: "{{ matrix_services_autostart_enabled_bool }}" state: started - with_items: "{{ matrix_systemd_services_list }}" when: not ansible_check_mode -# If we check service state immediately, we may succeed, +# If we check service state immediately, we may not succeed, # because it takes some time for the service to attempt to start and actually fail. # # Waiting too long (30s) may not work for a similar reason, # as we may run into systemd's automatic restart logic retrying the service. +# +# Obviously this is a terrible way of doing things +# Ideally, we would use Podman's PIDFiles, but then we lose support for most OSes. +# Alternatively, we could use systemd-docker, but it hasn't been updated since 2015 and is incompatible with Podman. + - name: Wait a bit, so that services can start (or fail) wait_for: timeout: "{{ matrix_common_after_systemd_service_start_wait_for_timeout_seconds }}" diff --git a/roles/matrix-common-after/tasks/stop.yml b/roles/matrix-common-after/tasks/stop.yml index 5ae0afbba6c..d1947012752 100644 --- a/roles/matrix-common-after/tasks/stop.yml +++ b/roles/matrix-common-after/tasks/stop.yml @@ -2,6 +2,6 @@ - name: Ensure Matrix services stopped service: - name: "{{ item }}" + name: matrix.target + enabled: false state: stopped - with_items: "{{ matrix_systemd_services_list }}" diff --git a/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 b/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 index 262e2e77ccd..fa3c6ea2374 100644 --- a/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 +++ b/roles/matrix-corporal/templates/systemd/matrix-corporal.service.j2 @@ -6,11 +6,12 @@ Requires={{ service }} After={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-corporal 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \ @@ -34,11 +35,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-corporal \ {{ matrix_corporal_docker_image }} \ /matrix-corporal -config=/etc/matrix-corporal/config.json -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-corporal 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-corporal 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-corporal 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-corporal [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 b/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 index e006e5a063a..497d744f2f3 100644 --- a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 +++ b/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.service.j2 @@ -1,6 +1,8 @@ [Unit] Description=Reloads matrix-coturn so that new SSL certificates can kick in +After=matrix.target [Service] Type=oneshot ExecStart={{ matrix_host_command_systemctl }} reload matrix-coturn.service + diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 b/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 index 52894541247..18b0f21d5ea 100644 --- a/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 +++ b/roles/matrix-coturn/templates/systemd/matrix-coturn-reload.timer.j2 @@ -1,5 +1,6 @@ [Unit] Description=Reloads matrix-coturn periodically so that new SSL certificates can kick in +PartOf=matrix.target [Timer] Unit=matrix-coturn-reload.service @@ -7,4 +8,5 @@ OnCalendar=*-*-* 06:30:00 RandomizedDelaySec=1h [Install] -WantedBy=timers.target +WantedBy=matrix.target + diff --git a/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 b/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 index a39030af193..33c7e6baff3 100644 --- a/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 +++ b/roles/matrix-coturn/templates/systemd/matrix-coturn.service.j2 @@ -6,11 +6,12 @@ Requires={{ service }} After={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-coturn 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \ @@ -43,7 +44,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-coturn \ {{ matrix_coturn_docker_image }} \ -c /turnserver.conf -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-coturn 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-coturn 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-coturn 2>/dev/null' # This only reloads certificates (not other configuration). @@ -55,4 +56,5 @@ RestartSec=30 SyslogIdentifier=matrix-coturn [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 b/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 index e27a55587a6..67f4c02106d 100644 --- a/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 +++ b/roles/matrix-dimension/templates/systemd/matrix-dimension.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-dimension 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null' # Fixup database ownership if it got changed somehow (during a server migration, etc.) @@ -38,11 +39,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dimension \ {% endfor %} {{ matrix_dimension_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dimension 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-dimension 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dimension 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-dimension [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 b/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 index dfdd2f72c52..5ce1ab4dd1f 100644 --- a/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 +++ b/roles/matrix-dynamic-dns/templates/systemd/matrix-dynamic-dns.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-dynamic-dns 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ --log-driver=none \ @@ -26,11 +27,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dynamic-dns \ {% endfor %} {{ matrix_dynamic_dns_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-dynamic-dns 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-dynamic-dns 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-dynamic-dns 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-dynamic-dns [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 b/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 index c9226768296..0e04927d0e5 100644 --- a/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 +++ b/roles/matrix-email2matrix/templates/systemd/matrix-email2matrix.service.j2 @@ -4,11 +4,12 @@ Description=Email2Matrix After=docker.service Requires=docker.service DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-email2matrix 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \ @@ -24,11 +25,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-email2matrix \ {% endfor %} {{ matrix_email2matrix_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-email2matrix 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-email2matrix 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-email2matrix 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-email2matrix [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 b/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 index b579036be18..2eccc32fb24 100644 --- a/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 +++ b/roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill matrix-etherpad +ExecStartPre=-{{ matrix_host_command_docker }} stop matrix-etherpad ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-etherpad ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \ @@ -34,11 +35,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \ --sessionkey /data/sessionkey.json --apikey /data/apijey.json -ExecStop=-{{ matrix_host_command_docker }} kill matrix-etherpad +ExecStop=-{{ matrix_host_command_docker }} stop matrix-etherpad ExecStop=-{{ matrix_host_command_docker }} rm matrix-etherpad Restart=always RestartSec=30 SyslogIdentifier=matrix-etherpad [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 b/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 index a4f81e357a0..8599d246824 100644 --- a/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 +++ b/roles/matrix-grafana/templates/systemd/matrix-grafana.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-grafana 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null' @@ -33,11 +34,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-grafana \ {% endfor %} {{ matrix_grafana_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-grafana 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-grafana 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-grafana 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-grafana [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 b/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 index 6ecafaa0343..4188b1cbbfe 100644 --- a/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 +++ b/roles/matrix-jitsi/templates/jicofo/matrix-jitsi-jicofo.service.j2 @@ -6,11 +6,12 @@ Requires={{ service }} After={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-jicofo 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ @@ -23,11 +24,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jicofo \ {% endfor %} {{ matrix_jitsi_jicofo_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jicofo 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-jicofo 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jicofo 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jicofo [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 b/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 index 53c0c83ac5c..4bca80ef1df 100644 --- a/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 +++ b/roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2 @@ -6,11 +6,12 @@ Requires={{ service }} After={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-jvb 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \ @@ -32,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \ {% endfor %} {{ matrix_jitsi_jvb_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-jvb 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-jvb 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-jvb 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-jvb [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 index 4445e52bdc7..23339abf824 100644 --- a/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 +++ b/roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2 @@ -6,11 +6,12 @@ Requires={{ service }} After={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-prosody 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \ @@ -27,11 +28,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody {% endfor %} {{ matrix_jitsi_prosody_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-prosody 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-prosody 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-prosody 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-prosody [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 b/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 index 6ae2074d56e..b8a51cc893b 100644 --- a/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 +++ b/roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2 @@ -6,11 +6,12 @@ Requires={{ service }} After={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-web 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \ @@ -27,11 +28,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \ {% endfor %} {{ matrix_jitsi_web_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-jitsi-web 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-jitsi-web 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-jitsi-web 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-jitsi-web [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 b/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 index c2adffc08fe..a85c519db7a 100644 --- a/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 +++ b/roles/matrix-ma1sd/templates/systemd/matrix-ma1sd.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-ma1sd 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null' # ma1sd writes an SQLite shared library (libsqlitejdbc.so) to /tmp and executes it from there, @@ -38,11 +39,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-ma1sd \ {% endfor %} {{ matrix_ma1sd_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-ma1sd 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-ma1sd 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-ma1sd 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-ma1sd [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 b/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 index bf5a2e42a4f..9abaf6182f7 100644 --- a/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 +++ b/roles/matrix-mailer/templates/systemd/matrix-mailer.service.j2 @@ -4,11 +4,12 @@ Description=Matrix mailer After=docker.service Requires=docker.service DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mailer 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null' # --hostname gives us a friendlier hostname than the default. @@ -27,11 +28,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mailer \ {% endfor %} {{ matrix_mailer_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mailer 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-mailer 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mailer 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-mailer [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index c4000fa9b3e..f7c04ab1682 100755 --- a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -8,12 +8,14 @@ After={{ service }} {% for service in matrix_nginx_proxy_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} +After=network-online.target DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-nginx-proxy 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ @@ -47,7 +49,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ {% endfor %} {{ matrix_nginx_proxy_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-nginx-proxy 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-nginx-proxy 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-nginx-proxy 2>/dev/null' ExecReload={{ matrix_host_command_docker }} exec matrix-nginx-proxy /usr/sbin/nginx -s reload Restart=always @@ -55,4 +57,5 @@ RestartSec=30 SyslogIdentifier=matrix-nginx-proxy [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 b/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 index b1e1c21e831..d5461c228e5 100644 --- a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 +++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-lets-encrypt-certificates-renew.timer.j2 @@ -1,5 +1,6 @@ [Unit] Description=Renews Let's Encrypt SSL certificates periodically +PartOf=matrix.target [Timer] Unit=matrix-ssl-lets-encrypt-certificates-renew.service @@ -7,4 +8,5 @@ OnCalendar=*-*-* 04:00:00 RandomizedDelaySec=2h [Install] -WantedBy=timers.target +WantedBy=matrix.target + diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 b/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 index 09cb6dad776..fb7930a296f 100644 --- a/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 +++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-ssl-nginx-proxy-reload.timer.j2 @@ -1,5 +1,6 @@ [Unit] Description=Reloads matrix-nginx-proxy periodically so that new SSL certificates can kick in +PartOf=matrix.target [Timer] Unit=matrix-ssl-nginx-proxy-reload.service @@ -7,4 +8,5 @@ OnCalendar=*-*-* 06:30:00 RandomizedDelaySec=1h [Install] -WantedBy=timers.target +WantedBy=matrix.target + diff --git a/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 b/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 index 6d1b1c6ff5a..8acb2c1633b 100644 --- a/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 +++ b/roles/matrix-postgres/templates/systemd/matrix-postgres.service.j2 @@ -4,11 +4,12 @@ Description=Matrix Postgres server After=docker.service Requires=docker.service DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-postgres 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \ @@ -31,11 +32,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-postgres \ {{ matrix_postgres_docker_image_to_use }} \ postgres {{ matrix_postgres_process_extra_arguments|join(' ') }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-postgres 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-postgres 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-postgres 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-postgres [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 b/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 index 210a0d97a64..8441471f424 100644 --- a/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 +++ b/roles/matrix-prometheus-node-exporter/templates/systemd/matrix-prometheus-node-exporter.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-prometheus-node-exporter 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null' @@ -34,11 +35,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus-nod {{ matrix_prometheus_node_exporter_docker_image }} \ --path.rootfs=/host -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus-node-exporter 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-prometheus-node-exporter 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus-node-exporter 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus-node-exporter [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 b/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 index ad75d664acc..a9110122107 100644 --- a/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 +++ b/roles/matrix-prometheus/templates/systemd/matrix-prometheus.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-prometheus 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null' @@ -33,11 +34,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-prometheus \ {% endfor %} {{ matrix_prometheus_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-prometheus 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-prometheus 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-prometheus 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-prometheus [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-redis/templates/systemd/matrix-redis.service.j2 b/roles/matrix-redis/templates/systemd/matrix-redis.service.j2 index 0752d23bad6..384bf663493 100644 --- a/roles/matrix-redis/templates/systemd/matrix-redis.service.j2 +++ b/roles/matrix-redis/templates/systemd/matrix-redis.service.j2 @@ -3,13 +3,14 @@ Description=Matrix Redis server After=docker.service Requires=docker.service +PartOf=matrix.target [Service] Type=simple -ExecStartPre=-/usr/bin/docker stop matrix-redis -ExecStartPre=-/usr/bin/docker rm matrix-redis +ExecStartPre=-{{ matrix_host_command_docker }} stop matrix-redis +ExecStartPre=-{{ matrix_host_command_docker }} rm matrix-redis -ExecStart=/usr/bin/docker run --rm --name matrix-redis \ +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-redis \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ @@ -26,11 +27,12 @@ ExecStart=/usr/bin/docker run --rm --name matrix-redis \ {{ matrix_redis_docker_image_to_use }} \ redis-server /usr/local/etc/redis/redis.conf -ExecStop=-/usr/bin/docker stop matrix-redis -ExecStop=-/usr/bin/docker rm matrix-redis +ExecStop=-{{ matrix_host_command_docker }} stop matrix-redis +ExecStop=-{{ matrix_host_command_docker }} rm matrix-redis Restart=always RestartSec=30 SyslogIdentifier=matrix-redis [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-registration/templates/systemd/matrix-registration.service.j2 b/roles/matrix-registration/templates/systemd/matrix-registration.service.j2 index e73e3e5fc0f..2d57c252929 100644 --- a/roles/matrix-registration/templates/systemd/matrix-registration.service.j2 +++ b/roles/matrix-registration/templates/systemd/matrix-registration.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-registration 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-registration \ @@ -32,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-registration \ {{ matrix_registration_docker_image }} \ serve -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-registration 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-registration 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-registration 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-registration [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 b/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 index 019ab40c0d2..edaf6a75784 100644 --- a/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 +++ b/roles/matrix-sygnal/templates/systemd/matrix-sygnal.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-sygnal 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sygnal \ @@ -32,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-sygnal \ {% endfor %} {{ matrix_sygnal_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-sygnal 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-sygnal 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-sygnal 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-sygnal [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 b/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 index 4823d89c314..8a877dbbc8c 100644 --- a/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 +++ b/roles/matrix-synapse-admin/templates/systemd/matrix-synapse-admin.service.j2 @@ -9,11 +9,12 @@ After={{ service }} Wants={{ service }} {% endfor %} DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-synapse-admin 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse-admin \ @@ -32,11 +33,12 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse-admin {% endfor %} {{ matrix_synapse_admin_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse-admin 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-synapse-admin 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse-admin 2>/dev/null' Restart=always RestartSec=30 SyslogIdentifier=matrix-synapse-admin [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 index df4a4f23a35..e1042a7069a 100644 --- a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ b/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 @@ -4,11 +4,12 @@ Description=Matrix Goofys media store After=docker.service Requires=docker.service DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill %n +ExecStartPre=-{{ matrix_host_command_docker }} stop %n ExecStartPre=-{{ matrix_host_command_docker }} rm %n ExecStart={{ matrix_host_command_docker }} run --rm --name %n \ @@ -28,7 +29,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name %n \ TimeoutStartSec=5min ExecStop=-{{ matrix_host_command_docker }} stop %n -ExecStop=-{{ matrix_host_command_docker }} kill %n +ExecStop=-{{ matrix_host_command_docker }} stop %n ExecStop=-{{ matrix_host_command_docker }} rm %n ExecStop=-{{ matrix_host_command_fusermount }} -u {{ matrix_s3_media_store_path }} Restart=always @@ -36,4 +37,5 @@ RestartSec=5 SyslogIdentifier=matrix-goofys [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 6c90c9a3edb..cce660715d3 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -3,12 +3,13 @@ Description=Synapse worker ({{ matrix_synapse_worker_container_name }}) AssertPathExists={{ matrix_synapse_config_dir_path }}/{{ matrix_synapse_worker_config_file_name }} After=matrix-synapse.service +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} +ExecStartPre=-{{ matrix_host_command_docker }} stop {{ matrix_synapse_worker_container_name }} ExecStartPre=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} # Intentional delay, so that the homeserver can manage to start. @@ -48,7 +49,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor run -m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }} -ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }} +ExecStop=-{{ matrix_host_command_docker }} stop {{ matrix_synapse_worker_container_name }} ExecStop=-{{ matrix_host_command_docker }} rm {{ matrix_synapse_worker_container_name }} ExecReload={{ matrix_host_command_docker }} exec {{ matrix_synapse_worker_container_name }} /bin/sh -c 'kill -HUP 1' @@ -60,5 +61,7 @@ SyslogIdentifier={{ matrix_synapse_worker_container_name }} # as matrix.synapse.service already has `Wants=` lines. # Also, WantedBy will trigger the creation of some `matrix-synapse.service.wants/` directory, # which we'd have to clean, etc. Better not. + [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index 2fbaac7b515..58f6cf5c512 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -15,13 +15,13 @@ Wants={{ service }} Wants=matrix-synapse-worker-{{ matrix_synapse_worker_details.type }}-{{ matrix_synapse_worker_details.port }}.service {% endfor %} {% endif %} - DefaultDependencies=no +PartOf=matrix.target [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-synapse 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null' {% if matrix_s3_media_store_enabled %} # Allow for some time before starting, so that media store can mount. @@ -65,7 +65,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ {{ matrix_synapse_docker_image }} \ run -m synapse.app.homeserver -c /data/homeserver.yaml -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} stop matrix-synapse 2>/dev/null' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null' ExecReload={{ matrix_host_command_docker }} exec matrix-synapse /bin/sh -c 'kill -HUP 1' Restart=always @@ -73,4 +73,5 @@ RestartSec=30 SyslogIdentifier=matrix-synapse [Install] -WantedBy=multi-user.target +WantedBy=matrix.target + From 691b14cd0d5c98b98c30167de43b447c41cc1a5b Mon Sep 17 00:00:00 2001 From: Hackintosh 5 Date: Wed, 7 Apr 2021 11:27:27 +0100 Subject: [PATCH 5/7] Fix DNS resolution in nginx-proxy - Allow customising the IP where lookups take place - Reload DNS after all containers are started --- .../tasks/init.yml | 2 +- .../tasks/init.yml | 2 +- .../tasks/init.yml | 2 +- .../tasks/init.yml | 2 +- .../matrix-bridge-mx-puppet-slack/tasks/init.yml | 2 +- .../tasks/init.yml | 2 +- roles/matrix-etherpad/tasks/init.yml | 2 +- roles/matrix-nginx-proxy/defaults/main.yml | 14 ++------------ roles/matrix-nginx-proxy/tasks/init.yml | 2 +- .../tasks/setup_nginx_proxy.yml | 16 +++++++++++++++- .../nginx/conf.d/matrix-base-domain.conf.j2 | 2 +- .../nginx/conf.d/matrix-bot-go-neb.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-element.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-client-hydrogen.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-dimension.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 14 +++++++------- .../nginx/conf.d/matrix-grafana.conf.j2 | 4 ++-- .../templates/nginx/conf.d/matrix-jitsi.conf.j2 | 8 ++++---- .../nginx/conf.d/matrix-riot-web.conf.j2 | 2 +- .../templates/nginx/conf.d/matrix-sygnal.conf.j2 | 4 ++-- .../nginx/conf.d/matrix-synapse.conf.j2 | 6 +++--- .../templates/nginx/conf.d/nginx-http.conf.j2 | 5 +++-- .../systemd/matrix-nginx-proxy-reload.service.j2 | 13 +++++++++++++ .../systemd/matrix-nginx-proxy.service.j2 | 13 ++++++++++++- roles/matrix-registration/tasks/init.yml | 2 +- roles/matrix-synapse-admin/tasks/init.yml | 2 +- 26 files changed, 83 insertions(+), 54 deletions(-) create mode 100644 roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy-reload.service.j2 diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index 0584e6247c8..d070d1a27a8 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -54,7 +54,7 @@ location {{ matrix_appservice_slack_public_endpoint }} { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}"; proxy_pass $backend; {% else %} diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml index a42e14c96e1..13c8cdf26ad 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml @@ -47,7 +47,7 @@ {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ { - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}"; proxy_pass http://$backend/$1; } diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 63a046180fb..aa652fed819 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -38,7 +38,7 @@ location {{ matrix_mautrix_hangouts_public_endpoint }} { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-mautrix-hangouts:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index 84ac86d0ba2..e6785a9c4e5 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -38,7 +38,7 @@ location {{ matrix_mautrix_telegram_public_endpoint }} { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-mautrix-telegram:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index 716cb3517f0..a3926cff151 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -38,7 +38,7 @@ location {{ matrix_mx_puppet_slack_redirect_path }} { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_mx_puppet_slack_appservice_address }}"; proxy_pass $backend; {% else %} diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index f23a6a6473c..b97b35ebeb4 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -38,7 +38,7 @@ location {{ matrix_mx_puppet_twitter_webhook_path }} { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_mx_puppet_twitter_appservice_address }}"; proxy_pass $backend; {% else %} diff --git a/roles/matrix-etherpad/tasks/init.yml b/roles/matrix-etherpad/tasks/init.yml index 081d4c233d0..1cbeff58b3e 100644 --- a/roles/matrix-etherpad/tasks/init.yml +++ b/roles/matrix-etherpad/tasks/init.yml @@ -20,7 +20,7 @@ location {{ matrix_etherpad_public_endpoint }}/ { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; proxy_pass http://matrix-etherpad:9001/; {# These are proxy directives needed specifically by Etherpad #} proxy_buffering off; diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index e71a1038292..366849f25b7 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -357,18 +357,6 @@ matrix_nginx_proxy_self_check_validate_certificates: true # so we default to not following redirects as well. matrix_nginx_proxy_self_check_well_known_matrix_client_follow_redirects: none -# For OCSP purposes, we need to define a resolver at the `server{}` level or `http{}` level (we do the latter). -# -# Otherwise, we get warnings like this: -# > [warn] 22#22: no resolver defined to resolve r3.o.lencr.org while requesting certificate status, responder: r3.o.lencr.org, certificate: "/matrix/ssl/config/live/.../fullchain.pem" -# -# We point it to the internal Docker resolver, which likely delegates to nameservers defined in `/etc/resolv.conf`. -# -# When nginx proxy is disabled, our configuration is likely used by non-containerized nginx, so can't use the internal Docker resolver. -# Pointing `resolver` to some public DNS server might be an option, but for now we impose DNS servers on people. -# It might also be that no such warnings occur when not running in a container. -matrix_nginx_proxy_http_level_resolver: "{{ '127.0.0.11' if matrix_nginx_proxy_enabled else '' }}" - # By default, this playbook automatically retrieves and auto-renews # free SSL certificates from Let's Encrypt. # @@ -485,3 +473,5 @@ matrix_nginx_proxy_synapse_frontend_proxy_locations: [] # http://nginx.org/en/docs/ngx_core_module.html#worker_connections matrix_nginx_proxy_worker_processes: 1 matrix_nginx_proxy_worker_connections: 1024 + +matrix_docker_dns_resolver_ip: 127.0.0.11 diff --git a/roles/matrix-nginx-proxy/tasks/init.yml b/roles/matrix-nginx-proxy/tasks/init.yml index 0161da23f8c..a71737e2a17 100644 --- a/roles/matrix-nginx-proxy/tasks/init.yml +++ b/roles/matrix-nginx-proxy/tasks/init.yml @@ -1,5 +1,5 @@ - set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy.service'] }}" + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-nginx-proxy.service', 'matrix-nginx-proxy-reload.service'] }}" when: matrix_nginx_proxy_enabled|bool - set_fact: diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 1d59f567708..100512899b1 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -164,10 +164,18 @@ register: matrix_nginx_proxy_systemd_service_result when: matrix_nginx_proxy_enabled|bool +- name: Ensure matrix-nginx-proxy-reload.service installed + template: + src: "{{ role_path }}/templates/systemd/matrix-nginx-proxy-reload.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-nginx-proxy-reload.service" + mode: 0644 + register: matrix_nginx_proxy_reload_systemd_service_result + when: matrix_nginx_proxy_enabled|bool + - name: Ensure systemd reloaded after matrix-nginx-proxy.service installation service: daemon_reload: yes - when: "matrix_nginx_proxy_enabled and matrix_nginx_proxy_systemd_service_result.changed" + when: "matrix_nginx_proxy_enabled and matrix_nginx_proxy_systemd_service_result.changed and matrix_nginx_proxy_reload_systemd_service_result.changed" # @@ -194,6 +202,12 @@ state: absent when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists" +- name: Ensure matrix-nginx-proxy-reload.service doesn't exist + file: + path: "{{ matrix_systemd_path }}/matrix-nginx-proxy-reload.service" + state: absent + when: "not matrix_nginx_proxy_enabled|bool and matrix_nginx_proxy_service_stat.stat.exists" + - name: Ensure systemd reloaded after matrix-nginx-proxy.service removal service: daemon_reload: yes diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 index 37863d7388b..e3e1885c5dc 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 @@ -44,7 +44,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 index 6cb5f57a13d..95692ccbb4c 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-bot-go-neb.conf.j2 @@ -18,7 +18,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-bot-go-neb:4050"; proxy_pass http://$backend; {% else %} @@ -42,7 +42,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 index 17e8f131eb0..305440b8049 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 @@ -26,7 +26,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-client-element:8080"; proxy_pass http://$backend; {% else %} @@ -51,7 +51,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 index d9a05926c63..e8a7f6d71f6 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-hydrogen.conf.j2 @@ -24,7 +24,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-client-hydrogen:8080"; proxy_pass http://$backend; {% else %} @@ -49,7 +49,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 index ef8ee972d41..35bb1077959 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-dimension.conf.j2 @@ -21,7 +21,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-dimension:8184"; proxy_pass http://$backend; {% else %} @@ -45,7 +45,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 7b26434d93b..9b7e4323030 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -49,7 +49,7 @@ location ^~ /_matrix/corporal { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -67,7 +67,7 @@ location ^~ /_matrix/identity { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -85,7 +85,7 @@ location ^~ /_matrix/client/r0/user_directory/search { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -102,7 +102,7 @@ location ~ ^/_matrix/client/r0/register/(email|msisdn)/requestToken$ { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -127,7 +127,7 @@ location ~* ^({{ matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_prefix_regexes|join('|') }}) { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -170,7 +170,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} @@ -273,7 +273,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 index 0f7c43c5745..9d59de3002f 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-grafana.conf.j2 @@ -28,7 +28,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-grafana:3000"; proxy_pass http://$backend; {% else %} @@ -53,7 +53,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 index 0ccda7d31c6..8acb1c06509 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-jitsi.conf.j2 @@ -21,7 +21,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-jitsi-web:80"; proxy_pass http://$backend; {% else %} @@ -36,7 +36,7 @@ # colibri (JVB) websockets location ~ ^/colibri-ws/([a-zA-Z0-9-\.]+)/(.*) { {% if matrix_nginx_proxy_enabled %} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-jitsi-jvb:9090"; proxy_pass http://$backend; {% else %} @@ -57,7 +57,7 @@ # XMPP websocket location = /xmpp-websocket { {% if matrix_nginx_proxy_enabled %} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend {{ matrix_jitsi_xmpp_bosh_url_base }}; proxy_pass $backend/xmpp-websocket; {% else %} @@ -87,7 +87,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 index d153d5c204a..ad6a2123685 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2 @@ -34,7 +34,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 index d576043474e..51c56a01f7a 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-sygnal.conf.j2 @@ -19,7 +19,7 @@ location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-sygnal:6000"; proxy_pass http://$backend; {% else %} @@ -44,7 +44,7 @@ server { location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-certbot:8080"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 index db111090c36..263e5c8fe33 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 @@ -136,7 +136,7 @@ server { location /_synapse/metrics { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_metrics_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -157,7 +157,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} @@ -213,7 +213,7 @@ server { location / { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "{{ matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container }}"; proxy_pass http://$backend; {% else %} diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 index beea6afa1a9..0aabe162125 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/nginx-http.conf.j2 @@ -5,8 +5,9 @@ # Thus, we ensure a larger bucket size value is used. server_names_hash_bucket_size 64; -{% if matrix_nginx_proxy_http_level_resolver %} - resolver {{ matrix_nginx_proxy_http_level_resolver }}; +{% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; {% endif %} {% for configuration_block in matrix_nginx_proxy_proxy_http_additional_server_configuration_blocks %} diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy-reload.service.j2 b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy-reload.service.j2 new file mode 100644 index 00000000000..1d804b40fa4 --- /dev/null +++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy-reload.service.j2 @@ -0,0 +1,13 @@ +[Unit] +Description=Reloads matrix-nginx-proxy so that new IP addresses can kick in +After=matrix.target + + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStartPre={{ matrix_host_command_sleep }} 30 +ExecStart={{ matrix_host_command_systemctl }} reload matrix-nginx-proxy.service + +[Install] +WantedBy=matrix.target diff --git a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 index f7c04ab1682..6dad53b153b 100755 --- a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 +++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2 @@ -21,7 +21,18 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --cap-drop=ALL \ + --cap-drop=AUDIT_WRITE \ + --cap-drop=CHOWN \ + --cap-drop=DAC_OVERRIDE \ + --cap-drop=FOWNER \ + --cap-drop=FSETID \ + --cap-drop=KILL \ + --cap-drop=MKNOD \ + --cap-drop=SETFCAP \ + --cap-drop=SETGID \ + --cap-drop=SETPCAP \ + --cap-drop=SETUID \ + --cap-drop=SYS_CHROOT \ --read-only \ --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_nginx_proxy_tmp_directory_size_mb }}m \ --network={{ matrix_docker_network }} \ diff --git a/roles/matrix-registration/tasks/init.yml b/roles/matrix-registration/tasks/init.yml index 32a35c7da97..6b62e367e96 100644 --- a/roles/matrix-registration/tasks/init.yml +++ b/roles/matrix-registration/tasks/init.yml @@ -28,7 +28,7 @@ location ~ ^{{ matrix_registration_public_endpoint }}/(.*) { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-registration:5000"; proxy_pass http://$backend/$1; {% else %} diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/matrix-synapse-admin/tasks/init.yml index 9e1710156c4..4ae6078fcdd 100644 --- a/roles/matrix-synapse-admin/tasks/init.yml +++ b/roles/matrix-synapse-admin/tasks/init.yml @@ -27,7 +27,7 @@ location ~ ^{{ matrix_synapse_admin_public_endpoint }}/(.*) { {% if matrix_nginx_proxy_enabled|default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; + resolver {{ matrix_docker_dns_resolver_ip }} valid=5s; set $backend "matrix-synapse-admin:80"; proxy_pass http://$backend/$1; {% else %} From 85e8217a108722d756a745d56ab20eef694b40df Mon Sep 17 00:00:00 2001 From: Hackintosh 5 Date: Wed, 7 Apr 2021 11:29:38 +0100 Subject: [PATCH 6/7] Add support for Podman and Fedora --- roles/matrix-base/defaults/main.yml | 2 +- roles/matrix-base/tasks/server_base/setup.yml | 15 ++++++++++++ .../tasks/server_base/setup_archlinux.yml | 1 + .../tasks/server_base/setup_centos.yml | 1 + .../tasks/server_base/setup_debian.yml | 1 + .../tasks/server_base/setup_fedora.yml | 21 ++++++++++++++++ .../tasks/server_base/setup_raspbian.yml | 1 + .../templates/systemd/docker.service | 9 +++++++ .../synapse-simple-antispam/setup_install.yml | 24 ------------------- 9 files changed, 50 insertions(+), 25 deletions(-) create mode 100644 roles/matrix-base/tasks/server_base/setup_fedora.yml create mode 100644 roles/matrix-base/templates/systemd/docker.service diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index ef30ad678fa..7ebfa4f73d0 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -137,7 +137,7 @@ matrix_well_known_matrix_server_enabled: true matrix_docker_installation_enabled: true # Controls the Docker package that is installed. -# Possible values are "docker-ce" (default) and "docker.io" (Debian). +# Possible values are "docker-ce" (default), "docker.io" (Debian) and "podman-docker" (Fedora) matrix_docker_package_name: docker-ce # Variables to Control which parts of our roles run. diff --git a/roles/matrix-base/tasks/server_base/setup.yml b/roles/matrix-base/tasks/server_base/setup.yml index a8073c260e6..2676a279c1a 100644 --- a/roles/matrix-base/tasks/server_base/setup.yml +++ b/roles/matrix-base/tasks/server_base/setup.yml @@ -3,6 +3,9 @@ - include_tasks: "{{ role_path }}/tasks/server_base/setup_centos.yml" when: ansible_distribution == 'CentOS' +- include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml" + when: ansible_distribution == 'Fedora' + - block: # ansible_lsb is only available if lsb-release is installed. - name: Ensure lsb-release installed @@ -27,6 +30,18 @@ - include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml" when: ansible_distribution == 'Archlinux' +- name: Ensure Docker.service is available + template: + src: "{{ role_path }}/templates/systemd/docker.service" + dest: "{{ matrix_systemd_path }}/docker.service" + mode: 0644 + register: matrix_docker_systemd_service_result + +- name: Ensure systemd reloaded after docker.service installation + service: + daemon_reload: yes + when: "matrix_docker_systemd_service_result.changed|bool" + - name: Ensure Docker is started and autoruns service: name: docker diff --git a/roles/matrix-base/tasks/server_base/setup_archlinux.yml b/roles/matrix-base/tasks/server_base/setup_archlinux.yml index 3814305d673..de0b5162b1d 100644 --- a/roles/matrix-base/tasks/server_base/setup_archlinux.yml +++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml @@ -8,6 +8,7 @@ # TODO This needs to be verified. Which version do we need? - fuse3 - python-dnspython + - git state: latest update_cache: yes diff --git a/roles/matrix-base/tasks/server_base/setup_centos.yml b/roles/matrix-base/tasks/server_base/setup_centos.yml index 07776d7f69e..93a4fef6358 100644 --- a/roles/matrix-base/tasks/server_base/setup_centos.yml +++ b/roles/matrix-base/tasks/server_base/setup_centos.yml @@ -22,6 +22,7 @@ name: - "{{ matrix_ntpd_package }}" - fuse + - git state: latest update_cache: yes diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/matrix-base/tasks/server_base/setup_debian.yml index 54e52c1b8d4..3ff3bd74f04 100644 --- a/roles/matrix-base/tasks/server_base/setup_debian.yml +++ b/roles/matrix-base/tasks/server_base/setup_debian.yml @@ -37,6 +37,7 @@ name: - "{{ matrix_ntpd_package }}" - fuse + - git state: latest update_cache: yes diff --git a/roles/matrix-base/tasks/server_base/setup_fedora.yml b/roles/matrix-base/tasks/server_base/setup_fedora.yml new file mode 100644 index 00000000000..e51fd2b30ee --- /dev/null +++ b/roles/matrix-base/tasks/server_base/setup_fedora.yml @@ -0,0 +1,21 @@ +--- + +- name: Ensure dnf packages are installed + yum: + name: + - "{{ matrix_ntpd_package }}" + - fuse + - git + state: latest + update_cache: yes + +- name: Ensure Docker is installed + yum: + name: + - "{{ matrix_docker_package_name }}" + state: latest + when: matrix_docker_installation_enabled|bool + +- name: Ensure Docker python library is installed + pip: + name: docker diff --git a/roles/matrix-base/tasks/server_base/setup_raspbian.yml b/roles/matrix-base/tasks/server_base/setup_raspbian.yml index 421905a0d36..2f84ba8c53b 100644 --- a/roles/matrix-base/tasks/server_base/setup_raspbian.yml +++ b/roles/matrix-base/tasks/server_base/setup_raspbian.yml @@ -30,6 +30,7 @@ name: - "{{ matrix_ntpd_package }}" - fuse + - git state: latest update_cache: yes diff --git a/roles/matrix-base/templates/systemd/docker.service b/roles/matrix-base/templates/systemd/docker.service new file mode 100644 index 00000000000..06cb2712820 --- /dev/null +++ b/roles/matrix-base/templates/systemd/docker.service @@ -0,0 +1,9 @@ +[Unit] +Description=Start Podman Docker link + +[Service] +Restart=on-failure +TimeoutStopSec=70 +ExecStart={{ matrix_host_command_docker }} system service --time 0 +Type=simple + diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 2599e7f1b89..3d296f10fd1 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -5,30 +5,6 @@ msg: "Synapse Simple Antispam is enabled, but no blocked homeservers have been set in matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers" when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers|length == 0" -- name: Ensure git installed (RedHat) - yum: - name: - - git - state: present - update_cache: no - when: "ansible_os_family == 'RedHat'" - -- name: Ensure git installed (Debian) - apt: - name: - - git - state: present - update_cache: no - when: "ansible_os_family == 'Debian'" - -- name: Ensure git installed (Archlinux) - pacman: - name: - - git - state: present - update_cache: no - when: "ansible_distribution == 'Archlinux'" - - name: Clone synapse-simple-antispam git repository git: repo: "{{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_repository_url }}" From 0dac46165112d4119c2125dd80f9cd1e9d71cc52 Mon Sep 17 00:00:00 2001 From: Hackintosh 5 Date: Wed, 7 Apr 2021 11:30:20 +0100 Subject: [PATCH 7/7] Fix minor typos --- roles/matrix-email2matrix/tasks/setup_email2matrix.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-email2matrix/tasks/setup_email2matrix.yml b/roles/matrix-email2matrix/tasks/setup_email2matrix.yml index d5fa73a5167..3f7b34beddb 100644 --- a/roles/matrix-email2matrix/tasks/setup_email2matrix.yml +++ b/roles/matrix-email2matrix/tasks/setup_email2matrix.yml @@ -79,10 +79,10 @@ file: path: "{{ matrix_email2matrix_base_path }}" state: absent - when: "not matrix_email2matrix_enabled|bool" + when: "not matrix_email2matrix_enabled|bool and matrix_email2matrix_service_stat.stat.exists" - name: Ensure Email2Matrix Docker image doesn't exist docker_image: name: "{{ matrix_email2matrix_docker_image }}" state: absent - when: "not matrix_email2matrix_enabled|bool" + when: "not matrix_email2matrix_enabled|bool and matrix_email2matrix_service_stat.stat.exists"