diff --git a/inventory/host_vars/matrix.penholder.xyz/vars.yml b/inventory/host_vars/matrix.penholder.xyz/vars.yml index 80d1e46..f16a3ac 100644 --- a/inventory/host_vars/matrix.penholder.xyz/vars.yml +++ b/inventory/host_vars/matrix.penholder.xyz/vars.yml @@ -3,3 +3,9 @@ server_name: "penholder.xyz" postgresql_password: "strong-redacted-password" matrix_admin_email: "perthchat@protonmail.com" registration_shared_secret: "strong-redacted-password" + +testing_user: { + "username": "newuser2657", + "password": "strong-redacted-password", + "admin": True +} \ No newline at end of file diff --git a/inventory/host_vars/matrix.snowsupport.top/vars.yml b/inventory/host_vars/matrix.snowsupport.top/vars.yml index 8ce588a..f9be416 100644 --- a/inventory/host_vars/matrix.snowsupport.top/vars.yml +++ b/inventory/host_vars/matrix.snowsupport.top/vars.yml @@ -3,3 +3,9 @@ server_name: "snowsupport.top" postgresql_password: "strong-redacted-password" matrix_admin_email: "perthchat@protonmail.com" registration_shared_secret: "strong-redacted-password" + +testing_user: { + "username": "newuser2657", + "password": "strong-redacted-password", + "admin": True +} \ No newline at end of file diff --git a/inventory/hosts b/inventory/hosts index 8cd8322..53db2af 100644 --- a/inventory/hosts +++ b/inventory/hosts @@ -1,4 +1,4 @@ [matrix_servers] -matrix.penholder.xyz ansible_host=matrix.penholder.xyz ansible_ssh_user=root -#matrix.snowsupport.top ansible_host=matrix.snowsupport.top ansible_ssh_user=root \ No newline at end of file +#matrix.penholder.xyz ansible_host=matrix.penholder.xyz ansible_ssh_user=root +matrix.snowsupport.top ansible_host=matrix.snowsupport.top ansible_ssh_user=root \ No newline at end of file diff --git a/roles/handlers/main.yml b/roles/handlers/main.yml new file mode 100644 index 0000000..a72829f --- /dev/null +++ b/roles/handlers/main.yml @@ -0,0 +1,6 @@ + +--- +- name: Restart Synapse + service: + name: matrix-synapse + state: restarted diff --git a/roles/setup-redlight/tasks/main.yml b/roles/setup-redlight/tasks/main.yml new file mode 100644 index 0000000..a60148c --- /dev/null +++ b/roles/setup-redlight/tasks/main.yml @@ -0,0 +1,3 @@ + +- import_tasks: "{{ role_path }}/tasks/setup_redlight.yml" + tags: ['never', 'setup-redlight'] diff --git a/roles/setup-redlight/tasks/setup_redlight.yml b/roles/setup-redlight/tasks/setup_redlight.yml new file mode 100644 index 0000000..91405f5 --- /dev/null +++ b/roles/setup-redlight/tasks/setup_redlight.yml @@ -0,0 +1,63 @@ + +- name: Ensure /opt/synapse_modules directory exists + file: + path: /opt/synapse_modules + state: directory + owner: matrix-synapse + group: matrix-synapse + mode: '0755' + +- name: Add PYTHONPATH to /lib/systemd/system/matrix-synapse.service file + lineinfile: + path: /lib/systemd/system/matrix-synapse.service + insertafter: "^[Service]" + regexp: '^Environment="PYTHONPATH=.*' + line: 'Environment="PYTHONPATH=$PYTHONPATH:/opt/synapse_modules"' + owner: root + group: root + mode: '0644' + +- name: Reload systemd daemon + systemd: + daemon_reload: yes + +- name: Ensure rsync is installed + apt: + name: rsync + state: present + +- name: Clone redlight module to /tmp + git: + repo: https://code.glowers.club/PC-Admin/redlight.git + dest: /tmp/redlight + version: main + force: yes + +- name: Synchronize /tmp/redlight content to /opt/synapse_modules/ + synchronize: + src: /tmp/redlight/ + dest: /opt/synapse_modules/ + delete: yes + +- name: Change ownership of /opt/synapse_modules/ + file: + path: /opt/synapse_modules/ + owner: matrix-synapse + group: matrix-synapse + recurse: yes + state: directory + +- name: Add modules to homeserver.yaml + blockinfile: + path: /etc/matrix-synapse/homeserver.yaml + block: | + modules: + - module: hello_world_module.HelloWorldModule + config: {} # No specific configuration for this module + - module: abuse_lookup_module.AbuseLookupModule + config: {} + state: present + owner: root + group: root + mode: '0644' + notify: Restart Synapse diff --git a/roles/setup-synapse/tasks/certbot_setup.yml b/roles/setup-synapse/tasks/certbot_setup.yml index 88eaa87..9764e44 100644 --- a/roles/setup-synapse/tasks/certbot_setup.yml +++ b/roles/setup-synapse/tasks/certbot_setup.yml @@ -1,4 +1,4 @@ - +--- - name: Install Certbot apt: name: certbot diff --git a/roles/setup-synapse/tasks/config_nginx.yml b/roles/setup-synapse/tasks/config_nginx.yml index 9529650..eb4371a 100644 --- a/roles/setup-synapse/tasks/config_nginx.yml +++ b/roles/setup-synapse/tasks/config_nginx.yml @@ -1,4 +1,4 @@ - +--- - name: Install NGINX apt: name: nginx @@ -16,3 +16,15 @@ src: "/etc/nginx/sites-available/{{ server_name }}" dest: "/etc/nginx/sites-enabled/{{ server_name }}" state: link + +- name: Remove default Nginx Config + file: + path: /etc/nginx/sites-enabled/default + state: absent + notify: Restart Nginx + +- name: Remove 'matrix' Nginx Config + file: + path: /etc/nginx/sites-enabled/matrix + state: absent + notify: Restart Nginx diff --git a/roles/setup-synapse/tasks/config_synapse.yml b/roles/setup-synapse/tasks/config_synapse.yml index 130c0f8..2b2e38c 100644 --- a/roles/setup-synapse/tasks/config_synapse.yml +++ b/roles/setup-synapse/tasks/config_synapse.yml @@ -27,11 +27,11 @@ state: absent notify: Restart Nginx -- name: Set Synapse Cache Factor - lineinfile: - path: /etc/default/matrix-synapse - regexp: '^SYNAPSE_CACHE_FACTOR=' - line: 'SYNAPSE_CACHE_FACTOR=2.0' - state: present - create: yes - notify: Restart Synapse +# - name: Set Synapse Cache Factor +# lineinfile: +# path: /etc/default/matrix-synapse +# regexp: '^SYNAPSE_CACHE_FACTOR=' +# line: 'SYNAPSE_CACHE_FACTOR=2.0' +# state: present +# create: yes +# notify: Restart Synapse diff --git a/roles/setup-synapse/tasks/create_admin_user.yml b/roles/setup-synapse/tasks/create_admin_user.yml new file mode 100644 index 0000000..8e7b13f --- /dev/null +++ b/roles/setup-synapse/tasks/create_admin_user.yml @@ -0,0 +1,4 @@ + +- name: Create Testing User + shell: | + sudo -u matrix-synapse python3 /opt/venvs/matrix-synapse/lib/python3.11/site-packages/synapse/_scripts/register_new_matrix_user.py -c /etc/matrix-synapse/homeserver.yaml http://localhost:8008 --user {{ testing_user.username }} --password {{ testing_user.password }} diff --git a/roles/setup-synapse/tasks/element_setup.yml b/roles/setup-synapse/tasks/element_setup.yml index 573915a..cd45778 100644 --- a/roles/setup-synapse/tasks/element_setup.yml +++ b/roles/setup-synapse/tasks/element_setup.yml @@ -3,7 +3,7 @@ become: yes template: src: "{{ role_path }}/templates/nginx-element.conf.j2" - dest: "/etc/nginx/sites-available/element.{{ server_name}}.conf" + dest: "/etc/nginx/sites-available/element" owner: root group: root mode: '0644' @@ -12,8 +12,8 @@ - name: Create symbolic link for NGINX config become: yes file: - src: /etc/nginx/sites-available/element.{{ server_name}}.conf - dest: /etc/nginx/sites-enabled/element.{{ server_name}}.conf + src: /etc/nginx/sites-available/element + dest: /etc/nginx/sites-enabled/element state: link force: yes diff --git a/roles/setup-synapse/tasks/main.yml b/roles/setup-synapse/tasks/main.yml index 881d981..ce1cf64 100644 --- a/roles/setup-synapse/tasks/main.yml +++ b/roles/setup-synapse/tasks/main.yml @@ -16,4 +16,8 @@ # Install Element Web - import_tasks: "{{ role_path }}/tasks/element_setup.yml" - tags: install-element \ No newline at end of file + tags: install-element + +# Create Admin User +- import_tasks: "{{ role_path }}/tasks/create_admin_user.yml" + tags: create-admin-user diff --git a/roles/setup-synapse/templates/homeserver.yaml.j2 b/roles/setup-synapse/templates/homeserver.yaml.j2 index b6c4f1e..3728b2e 100644 --- a/roles/setup-synapse/templates/homeserver.yaml.j2 +++ b/roles/setup-synapse/templates/homeserver.yaml.j2 @@ -28,4 +28,6 @@ federation_client_minimum_tls_version: 1.2 allow_public_rooms_over_federation: true enable_registration: false admin_contact: "mailto:{{ matrix_admin_email }}" -registration_shared_secret: "{{ registration_shared_secret }}" \ No newline at end of file +registration_shared_secret: "{{ registration_shared_secret }}" +caches: + global_factor: 1.0 \ No newline at end of file diff --git a/setup.yml b/setup.yml index e787b89..1486ed0 100644 --- a/setup.yml +++ b/setup.yml @@ -5,3 +5,4 @@ roles: - setup-synapse + - setup-redlight