Added Element Web and renamed some variables for consistency

This commit is contained in:
erebion 2023-10-09 18:33:55 +02:00
parent 0498c562b4
commit 842522e5e0
9 changed files with 206 additions and 3 deletions

View file

@ -6,6 +6,8 @@ container_names:
worker: "authentik-worker-1.server4" worker: "authentik-worker-1.server4"
redis: "authentik-redis-1.server4" redis: "authentik-redis-1.server4"
db: "authentik-postgresql-1.server4" db: "authentik-postgresql-1.server4"
element_web:
element_web: "element_web.server4"
authentik_error_reporting: "false" authentik_error_reporting: "false"
authentik_email_host: "mail.un-hack-bar.de" authentik_email_host: "mail.un-hack-bar.de"
@ -24,6 +26,32 @@ authentik_postgres_version: "12-alpine"
docker_compose_config_dir: "/srv/docker-config" docker_compose_config_dir: "/srv/docker-config"
docker_volumes_dir: "/srv/docker-volumes" docker_volumes_dir: "/srv/docker-volumes"
domains:
nginx_virtual_host:
authentik: "auth.un-hack-bar.de,auth.unhb.de"
element_web: "chat.unhb.de,chat.un-hack-bar.de"
letsencrypt_host:
authentik: "auth.un-hack-bar.de,auth.unhb.de"
element_web: "chat.unhb.de,chat.un-hack-bar.de"
element_web:
homeserver_base_url: "https://matrix.un-hack-bar.de"
homeserver_server_name: "matrix.un-hack-bar.de"
disable_custom_urls_boolean: "false"
terms_and_conditions_links:
link1:
url: "https://www.un-hack-bar.de/datenschutzerklaerung/"
text: "Datenschutzerklärung"
link2:
url: "https://www.un-hack-bar.de/impressum/"
text: "Impressum"
brand: "Matrix-Chat der UN-Hack-Bar"
logo: "unhb.png"
default_country_code: "DE"
show_labs_settings_boolean: "true"
feature_pinning_boolean: "true"
room_directory: "matrix.un-hack-bar.de"
firewall_services: firewall_services:
- ssh - ssh
- http - http
@ -38,3 +66,4 @@ firewall_ports:
version: version:
authentik: "2023.8.3" authentik: "2023.8.3"
element_web: "latest"

View file

@ -1,7 +1,7 @@
VIRTUAL_HOST={{ authentik_domain }} VIRTUAL_HOST={{ domains.nginx_virtual_host.authentik }}
VIRTUAL_PORT={{ authentik_port_http }} VIRTUAL_PORT={{ authentik_port_http }}
LETSENCRYPT_HOST={{ authentik_domain }} LETSENCRYPT_HOST={{ domains.letsencrypt_host.authentik }}
LETSENCRYPT_EMAIL={{letsencrypt_email }} LETSENCRYPT_EMAIL={{ letsencrypt_email }}
AUTHENTIK_REDIS__HOST="{{ container_names.authentik.redis }}" AUTHENTIK_REDIS__HOST="{{ container_names.authentik.redis }}"
AUTHENTIK_POSTGRESQL__HOST="{{ container_names.authentik.db }}" AUTHENTIK_POSTGRESQL__HOST="{{ container_names.authentik.db }}"
AUTHENTIK_POSTGRESQL__USER={{ database_vars.postgres.authentik.user }} AUTHENTIK_POSTGRESQL__USER={{ database_vars.postgres.authentik.user }}

Binary file not shown.

After

Width:  |  Height:  |  Size: 64 KiB

View file

@ -0,0 +1,15 @@
---
- name: systemctl-daemon-reload
ansible.builtin.systemd:
daemon_reload: true
when: units.changed
notify: restart-element-web-docker
tags: molecule-notest
- name: restart-element-web-docker
ansible.builtin.systemd:
state: restarted
name: "element-web-docker.service"
daemon_reload: true
tags: molecule-notest

View file

@ -0,0 +1,87 @@
---
- name: "Install dependencies"
ansible.builtin.apt:
pkg:
- docker.io
- name: "Create directory for Element Web with Docker"
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: '0750'
with_items:
- "{{ docker_volumes_dir }}/element_web"
- name: "Create directories for Element Web with Docker"
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: 1000
group: 1000
mode: '0750'
with_items:
- "{{ docker_volumes_dir }}/element_web/config"
- name: "Debug Message"
ansible.builtin.debug:
msg:
- "{{ element_web.terms_and_conditions_links|dict2items }}"
- "{{ element_web.terms_and_conditions_links|dict2items|type_debug }}"
- name: "Template environment file for Element Web with Docker"
ansible.builtin.template:
src: "element_web.env.j2"
dest: "{{ docker_volumes_dir }}/element_web/element_web.env"
force: true
owner: root
group: root
mode: '0644'
notify: restart-element-web-docker
- name: "Template config file for Element Web with Docker"
ansible.builtin.template:
src: "config.json.j2"
dest: "{{ docker_volumes_dir }}/element_web/config/config.json"
force: true
owner: root
group: root
mode: '0644'
notify: restart-element-web-docker
- name: Copy file with owner and permissions
ansible.builtin.copy:
src: "unhb.png"
dest: "{{ docker_volumes_dir }}/element_web/config/unhb.png"
owner: root
group: root
mode: '0644'
notify: restart-element-web-docker
- name: "Template systemd unit for Element with Docker"
ansible.builtin.template:
src: "{{ item }}.j2"
dest: "/etc/systemd/system/{{ item }}"
force: true
owner: root
group: root
mode: '0664'
with_items:
- element-web-docker.service
register: units
notify: restart-element-web-docker
- name: "Reload systemd units"
ansible.builtin.systemd:
daemon_reload: yes
when: units.changed
- name: "Enable systemd units for Element Web with Docker"
ansible.builtin.systemd:
state: started
enabled: true
name: "{{ item }}"
with_items:
- element-web-docker.service

View file

@ -0,0 +1,47 @@
{
"default_server_config": {
"m.homeserver": {
"base_url": "{{ element_web.homeserver_base_url }}",
"server_name": "{{ element_web.homeserver_server_name }}"
}
},
"disable_custom_urls": {{ element_web.disable_custom_urls_boolean }},
"terms_and_conditions_links": [{% for item in (element_web.terms_and_conditions_links|dict2items) %}
{
"url": "{{ item.value.url }}",
"text": "{{ item.value.text }}"
}{% if not loop.last %},{% endif %}{% endfor %}
],
"brand": "{{ element_web.brand }}",
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"branding": {
"authHeaderLogoUrl": "/{{ element_web.logo }}",
"authFooterLinks": [{% for item in (element_web.terms_and_conditions_links|dict2items) %}
{
"url": "{{ item.value.url }}",
"text": "{{ item.value.text }}"
}{% if not loop.last %},{% endif %}{% endfor %}
]
},
"disable_guests": false,
"disable_login_language_selector": false,
"disable_3pid_login": false,
"default_country_code": "{{ element_web.default_country_code }}",
"show_labs_settings": {{ element_web.show_labs_settings_boolean }},
"features": {
"feature_pinning": {{ element_web.feature_pinning_boolean }}
},
"default_federate": true,
"room_directory": {
"servers": [
"{{ element_web.room_directory }}"
]
},
"enable_presence_by_hs_url": {},
"setting_defaults": {
"UIFeature.urlPreviews": true,
"UIFeature.advancedSettings": true,
"UIFeature.identityServer": false
}
}

View file

@ -0,0 +1,20 @@
[Unit]
Description=Element Web with Docker
After=docker.service
Requires=docker.service
[Service]
ExecStartPre=-/usr/bin/docker rm --force {{ container_names.element_web.element_web }}
ExecStart=/usr/bin/docker run --rm --name {{ container_names.element_web.element_web }} \
--network nginx_net --env-file {{ docker_volumes_dir }}/element_web/element_web.env \
-v {{ docker_volumes_dir }}/element/config/config.json:/app/config.json:ro \
-v {{ docker_volumes_dir }}/element/config/unhb.png:/app/unhb.png:ro \
vectorim/element-web:{{ version.element_web }}
ExecStop=-/usr/bin/docker stop {{ container_names.element_web.element_web }}
Restart=always
RestartSec=60s
TimeoutRestartSec=60s
Type=exec
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,4 @@
VIRTUAL_HOST={{ domains.nginx_virtual_host.element_web }}
VIRTUAL_PORT=80
LETSENCRYPT_HOST={{ domains.letsencrypt_host.element_web }}
LETSENCRYPT_EMAIL={{ letsencrypt_email }}

View file

@ -27,3 +27,4 @@
roles: roles:
- authentik_docker - authentik_docker
- element_web_docker