94 lines
No EOL
2.7 KiB
YAML
94 lines
No EOL
2.7 KiB
YAML
---
|
|
- block: # Used for tagging all tasks with "synapse"
|
|
|
|
- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}"
|
|
set_fact: site_data_path="{{ www_path }}/{{ site.slug }}"
|
|
tags: always
|
|
|
|
####################
|
|
# Render templates #
|
|
####################
|
|
|
|
- name: "Render templates"
|
|
import_tasks: render.yml
|
|
tags: render
|
|
|
|
##########################
|
|
# Generate configuration #
|
|
##########################
|
|
|
|
- block: # Used for tagging all tasks with "config"
|
|
- name: "Create folder {{ site_data_path }}"
|
|
file:
|
|
path: "{{ site_data_path }}"
|
|
state: directory
|
|
mode: "770"
|
|
group: "www-data"
|
|
|
|
- name: "Copy homeserver.yaml to {{ site_data_path }}"
|
|
copy:
|
|
src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml"
|
|
dest: "{{ site_data_path }}/homeserver.yaml"
|
|
remote_src: yes
|
|
|
|
- name: "Let synapse generate missing configuration files"
|
|
docker_container:
|
|
name: synapse_config_generator
|
|
image: "matrixdotorg/synapse:{{ synapse.version }}"
|
|
command: "generate"
|
|
volumes:
|
|
- "{{ site_data_path }}:/data"
|
|
env:
|
|
SYNAPSE_SERVER_NAME: "{{ site.url }}"
|
|
SYNAPSE_REPORT_STATS: "no"
|
|
UID: "{{ site.user_uid }}"
|
|
GID: "{{ site.user_gid }}"
|
|
tags: config
|
|
|
|
|
|
############################
|
|
# PostgreSQL configuration #
|
|
############################
|
|
|
|
- name: "Setup PostgreSQL"
|
|
import_tasks: postgres.yml
|
|
tags: postgres
|
|
|
|
###########################################
|
|
# Allow coturn inbound connections in UFW #
|
|
###########################################
|
|
|
|
- name: "Allow inbound port {{ site.coturn.listening_port }} for coturn in UFW"
|
|
ufw:
|
|
direction: in
|
|
from_ip: any
|
|
to_port: "{{ site.coturn.listening_port }}"
|
|
proto: any
|
|
rule: allow
|
|
comment: "coturn TCP/UDP"
|
|
become: true
|
|
tags: firewall
|
|
|
|
- name: "Allow inbound ports {{ site.coturn.min_port }}-{{ site.coturn.max_port }}/UDP for coturn un UFW"
|
|
ufw:
|
|
direction: in
|
|
from_ip: any
|
|
to_port: "{{ item }}"
|
|
proto: udp
|
|
rule: allow
|
|
comment: "coturn UDP"
|
|
with_sequence: start="{{ site.coturn.min_port }}" end="{{ site.coturn.max_port }}"
|
|
#loop: "{{ range({{ site.coturn.min_port }}, {{ site.coturn.max_port }} + 1)|list }}"
|
|
become: true
|
|
tags: firewall
|
|
|
|
|
|
#################
|
|
# Setup backups #
|
|
#################
|
|
|
|
- name: "Setup backups"
|
|
import_tasks: backup.yml
|
|
tags: backup
|
|
|
|
tags: synapse # / block |