Added Element Web and renamed some variables for consistency
This commit is contained in:
parent
0498c562b4
commit
842522e5e0
9 changed files with 206 additions and 3 deletions
|
@ -6,6 +6,8 @@ container_names:
|
||||||
worker: "authentik-worker-1.server4"
|
worker: "authentik-worker-1.server4"
|
||||||
redis: "authentik-redis-1.server4"
|
redis: "authentik-redis-1.server4"
|
||||||
db: "authentik-postgresql-1.server4"
|
db: "authentik-postgresql-1.server4"
|
||||||
|
element_web:
|
||||||
|
element_web: "element_web.server4"
|
||||||
|
|
||||||
authentik_error_reporting: "false"
|
authentik_error_reporting: "false"
|
||||||
authentik_email_host: "mail.un-hack-bar.de"
|
authentik_email_host: "mail.un-hack-bar.de"
|
||||||
|
@ -24,6 +26,32 @@ authentik_postgres_version: "12-alpine"
|
||||||
docker_compose_config_dir: "/srv/docker-config"
|
docker_compose_config_dir: "/srv/docker-config"
|
||||||
docker_volumes_dir: "/srv/docker-volumes"
|
docker_volumes_dir: "/srv/docker-volumes"
|
||||||
|
|
||||||
|
domains:
|
||||||
|
nginx_virtual_host:
|
||||||
|
authentik: "auth.un-hack-bar.de,auth.unhb.de"
|
||||||
|
element_web: "chat.unhb.de,chat.un-hack-bar.de"
|
||||||
|
letsencrypt_host:
|
||||||
|
authentik: "auth.un-hack-bar.de,auth.unhb.de"
|
||||||
|
element_web: "chat.unhb.de,chat.un-hack-bar.de"
|
||||||
|
|
||||||
|
element_web:
|
||||||
|
homeserver_base_url: "https://matrix.un-hack-bar.de"
|
||||||
|
homeserver_server_name: "matrix.un-hack-bar.de"
|
||||||
|
disable_custom_urls_boolean: "false"
|
||||||
|
terms_and_conditions_links:
|
||||||
|
link1:
|
||||||
|
url: "https://www.un-hack-bar.de/datenschutzerklaerung/"
|
||||||
|
text: "Datenschutzerklärung"
|
||||||
|
link2:
|
||||||
|
url: "https://www.un-hack-bar.de/impressum/"
|
||||||
|
text: "Impressum"
|
||||||
|
brand: "Matrix-Chat der UN-Hack-Bar"
|
||||||
|
logo: "unhb.png"
|
||||||
|
default_country_code: "DE"
|
||||||
|
show_labs_settings_boolean: "true"
|
||||||
|
feature_pinning_boolean: "true"
|
||||||
|
room_directory: "matrix.un-hack-bar.de"
|
||||||
|
|
||||||
firewall_services:
|
firewall_services:
|
||||||
- ssh
|
- ssh
|
||||||
- http
|
- http
|
||||||
|
@ -38,3 +66,4 @@ firewall_ports:
|
||||||
|
|
||||||
version:
|
version:
|
||||||
authentik: "2023.8.3"
|
authentik: "2023.8.3"
|
||||||
|
element_web: "latest"
|
|
@ -1,7 +1,7 @@
|
||||||
VIRTUAL_HOST={{ authentik_domain }}
|
VIRTUAL_HOST={{ domains.nginx_virtual_host.authentik }}
|
||||||
VIRTUAL_PORT={{ authentik_port_http }}
|
VIRTUAL_PORT={{ authentik_port_http }}
|
||||||
LETSENCRYPT_HOST={{ authentik_domain }}
|
LETSENCRYPT_HOST={{ domains.letsencrypt_host.authentik }}
|
||||||
LETSENCRYPT_EMAIL={{letsencrypt_email }}
|
LETSENCRYPT_EMAIL={{ letsencrypt_email }}
|
||||||
AUTHENTIK_REDIS__HOST="{{ container_names.authentik.redis }}"
|
AUTHENTIK_REDIS__HOST="{{ container_names.authentik.redis }}"
|
||||||
AUTHENTIK_POSTGRESQL__HOST="{{ container_names.authentik.db }}"
|
AUTHENTIK_POSTGRESQL__HOST="{{ container_names.authentik.db }}"
|
||||||
AUTHENTIK_POSTGRESQL__USER={{ database_vars.postgres.authentik.user }}
|
AUTHENTIK_POSTGRESQL__USER={{ database_vars.postgres.authentik.user }}
|
||||||
|
|
BIN
roles/element_web_docker/files/unhb.png
Normal file
BIN
roles/element_web_docker/files/unhb.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 64 KiB |
15
roles/element_web_docker/handlers/main.yml
Normal file
15
roles/element_web_docker/handlers/main.yml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: systemctl-daemon-reload
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
when: units.changed
|
||||||
|
notify: restart-element-web-docker
|
||||||
|
tags: molecule-notest
|
||||||
|
|
||||||
|
- name: restart-element-web-docker
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
state: restarted
|
||||||
|
name: "element-web-docker.service"
|
||||||
|
daemon_reload: true
|
||||||
|
tags: molecule-notest
|
87
roles/element_web_docker/tasks/main.yml
Normal file
87
roles/element_web_docker/tasks/main.yml
Normal file
|
@ -0,0 +1,87 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: "Install dependencies"
|
||||||
|
ansible.builtin.apt:
|
||||||
|
pkg:
|
||||||
|
- docker.io
|
||||||
|
|
||||||
|
- name: "Create directory for Element Web with Docker"
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0750'
|
||||||
|
with_items:
|
||||||
|
- "{{ docker_volumes_dir }}/element_web"
|
||||||
|
|
||||||
|
- name: "Create directories for Element Web with Docker"
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ item }}"
|
||||||
|
state: directory
|
||||||
|
owner: 1000
|
||||||
|
group: 1000
|
||||||
|
mode: '0750'
|
||||||
|
with_items:
|
||||||
|
- "{{ docker_volumes_dir }}/element_web/config"
|
||||||
|
|
||||||
|
- name: "Debug Message"
|
||||||
|
ansible.builtin.debug:
|
||||||
|
msg:
|
||||||
|
- "{{ element_web.terms_and_conditions_links|dict2items }}"
|
||||||
|
- "{{ element_web.terms_and_conditions_links|dict2items|type_debug }}"
|
||||||
|
|
||||||
|
- name: "Template environment file for Element Web with Docker"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "element_web.env.j2"
|
||||||
|
dest: "{{ docker_volumes_dir }}/element_web/element_web.env"
|
||||||
|
force: true
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: restart-element-web-docker
|
||||||
|
|
||||||
|
- name: "Template config file for Element Web with Docker"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "config.json.j2"
|
||||||
|
dest: "{{ docker_volumes_dir }}/element_web/config/config.json"
|
||||||
|
force: true
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: restart-element-web-docker
|
||||||
|
|
||||||
|
- name: Copy file with owner and permissions
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "unhb.png"
|
||||||
|
dest: "{{ docker_volumes_dir }}/element_web/config/unhb.png"
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0644'
|
||||||
|
notify: restart-element-web-docker
|
||||||
|
|
||||||
|
- name: "Template systemd unit for Element with Docker"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "{{ item }}.j2"
|
||||||
|
dest: "/etc/systemd/system/{{ item }}"
|
||||||
|
force: true
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: '0664'
|
||||||
|
with_items:
|
||||||
|
- element-web-docker.service
|
||||||
|
register: units
|
||||||
|
notify: restart-element-web-docker
|
||||||
|
|
||||||
|
- name: "Reload systemd units"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
daemon_reload: yes
|
||||||
|
when: units.changed
|
||||||
|
|
||||||
|
- name: "Enable systemd units for Element Web with Docker"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
state: started
|
||||||
|
enabled: true
|
||||||
|
name: "{{ item }}"
|
||||||
|
with_items:
|
||||||
|
- element-web-docker.service
|
47
roles/element_web_docker/templates/config.json.j2
Normal file
47
roles/element_web_docker/templates/config.json.j2
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
{
|
||||||
|
"default_server_config": {
|
||||||
|
"m.homeserver": {
|
||||||
|
"base_url": "{{ element_web.homeserver_base_url }}",
|
||||||
|
"server_name": "{{ element_web.homeserver_server_name }}"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"disable_custom_urls": {{ element_web.disable_custom_urls_boolean }},
|
||||||
|
"terms_and_conditions_links": [{% for item in (element_web.terms_and_conditions_links|dict2items) %}
|
||||||
|
{
|
||||||
|
"url": "{{ item.value.url }}",
|
||||||
|
"text": "{{ item.value.text }}"
|
||||||
|
}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
],
|
||||||
|
"brand": "{{ element_web.brand }}",
|
||||||
|
"integrations_ui_url": "https://scalar.vector.im/",
|
||||||
|
"integrations_rest_url": "https://scalar.vector.im/api",
|
||||||
|
"branding": {
|
||||||
|
"authHeaderLogoUrl": "/{{ element_web.logo }}",
|
||||||
|
"authFooterLinks": [{% for item in (element_web.terms_and_conditions_links|dict2items) %}
|
||||||
|
{
|
||||||
|
"url": "{{ item.value.url }}",
|
||||||
|
"text": "{{ item.value.text }}"
|
||||||
|
}{% if not loop.last %},{% endif %}{% endfor %}
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"disable_guests": false,
|
||||||
|
"disable_login_language_selector": false,
|
||||||
|
"disable_3pid_login": false,
|
||||||
|
"default_country_code": "{{ element_web.default_country_code }}",
|
||||||
|
"show_labs_settings": {{ element_web.show_labs_settings_boolean }},
|
||||||
|
"features": {
|
||||||
|
"feature_pinning": {{ element_web.feature_pinning_boolean }}
|
||||||
|
},
|
||||||
|
"default_federate": true,
|
||||||
|
"room_directory": {
|
||||||
|
"servers": [
|
||||||
|
"{{ element_web.room_directory }}"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"enable_presence_by_hs_url": {},
|
||||||
|
"setting_defaults": {
|
||||||
|
"UIFeature.urlPreviews": true,
|
||||||
|
"UIFeature.advancedSettings": true,
|
||||||
|
"UIFeature.identityServer": false
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,20 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Element Web with Docker
|
||||||
|
After=docker.service
|
||||||
|
Requires=docker.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStartPre=-/usr/bin/docker rm --force {{ container_names.element_web.element_web }}
|
||||||
|
ExecStart=/usr/bin/docker run --rm --name {{ container_names.element_web.element_web }} \
|
||||||
|
--network nginx_net --env-file {{ docker_volumes_dir }}/element_web/element_web.env \
|
||||||
|
-v {{ docker_volumes_dir }}/element/config/config.json:/app/config.json:ro \
|
||||||
|
-v {{ docker_volumes_dir }}/element/config/unhb.png:/app/unhb.png:ro \
|
||||||
|
vectorim/element-web:{{ version.element_web }}
|
||||||
|
ExecStop=-/usr/bin/docker stop {{ container_names.element_web.element_web }}
|
||||||
|
Restart=always
|
||||||
|
RestartSec=60s
|
||||||
|
TimeoutRestartSec=60s
|
||||||
|
Type=exec
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
4
roles/element_web_docker/templates/element_web.env.j2
Normal file
4
roles/element_web_docker/templates/element_web.env.j2
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
VIRTUAL_HOST={{ domains.nginx_virtual_host.element_web }}
|
||||||
|
VIRTUAL_PORT=80
|
||||||
|
LETSENCRYPT_HOST={{ domains.letsencrypt_host.element_web }}
|
||||||
|
LETSENCRYPT_EMAIL={{ letsencrypt_email }}
|
1
site.yml
1
site.yml
|
@ -27,3 +27,4 @@
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- authentik_docker
|
- authentik_docker
|
||||||
|
- element_web_docker
|
||||||
|
|
Loading…
Reference in a new issue