From 654b17974b5bedb1ac36d678e10d636fd54dc633 Mon Sep 17 00:00:00 2001 From: loooph Date: Sun, 7 Nov 2021 19:02:09 +0100 Subject: [PATCH] remove unused parts from matrix-synapse role --- roles/matrix-synapse/defaults/main.yml | 11 ----- roles/matrix-synapse/tasks/goofys/setup.yml | 7 --- .../tasks/goofys/setup_install.yml | 41 ------------------ .../tasks/goofys/setup_uninstall.yml | 33 -------------- .../tasks/import_media_store.yml | 6 --- roles/matrix-synapse/tasks/init.yml | 11 ----- roles/matrix-synapse/tasks/main.yml | 10 ----- roles/matrix-synapse/tasks/register_user.yml | 31 ------------- roles/matrix-synapse/tasks/setup_synapse.yml | 2 +- .../tasks/update_user_password.yml | 43 ------------------- .../templates/goofys/env-goofys.j2 | 3 -- .../goofys/systemd/matrix-goofys.service.j2 | 39 ----------------- .../synapse/systemd/matrix-synapse.service.j2 | 6 --- 13 files changed, 1 insertion(+), 242 deletions(-) delete mode 100644 roles/matrix-synapse/tasks/goofys/setup.yml delete mode 100644 roles/matrix-synapse/tasks/goofys/setup_install.yml delete mode 100644 roles/matrix-synapse/tasks/goofys/setup_uninstall.yml delete mode 100644 roles/matrix-synapse/tasks/register_user.yml delete mode 100644 roles/matrix-synapse/tasks/update_user_password.yml delete mode 100644 roles/matrix-synapse/templates/goofys/env-goofys.j2 delete mode 100644 roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 460483e0..4b4d4edd 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -530,17 +530,6 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: [] -matrix_s3_media_store_enabled: false -matrix_s3_media_store_custom_endpoint_enabled: false -matrix_s3_goofys_docker_image: "ewoutp/goofys:latest" -matrix_s3_goofys_docker_image_force_pull: "{{ matrix_s3_goofys_docker_image.endswith(':latest') }}" -matrix_s3_media_store_custom_endpoint: "your-custom-endpoint" -matrix_s3_media_store_bucket_name: "your-bucket-name" -matrix_s3_media_store_aws_access_key: "your-aws-access-key" -matrix_s3_media_store_aws_secret_key: "your-aws-secret-key" -matrix_s3_media_store_region: "eu-central-1" -matrix_s3_media_store_path: "{{ matrix_synapse_media_store_path }}" - # Controls whether the self-check feature should validate SSL certificates. matrix_synapse_self_check_validate_certificates: true diff --git a/roles/matrix-synapse/tasks/goofys/setup.yml b/roles/matrix-synapse/tasks/goofys/setup.yml deleted file mode 100644 index 6370408d..00000000 --- a/roles/matrix-synapse/tasks/goofys/setup.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- - -- import_tasks: "{{ role_path }}/tasks/goofys/setup_install.yml" - when: matrix_s3_media_store_enabled|bool - -- import_tasks: "{{ role_path }}/tasks/goofys/setup_uninstall.yml" - when: "not matrix_s3_media_store_enabled|bool" diff --git a/roles/matrix-synapse/tasks/goofys/setup_install.yml b/roles/matrix-synapse/tasks/goofys/setup_install.yml deleted file mode 100644 index b5e95614..00000000 --- a/roles/matrix-synapse/tasks/goofys/setup_install.yml +++ /dev/null @@ -1,41 +0,0 @@ -- name: Ensure Goofys Docker image is pulled - docker_image: - name: "{{ matrix_s3_goofys_docker_image }}" - source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_s3_goofys_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_s3_goofys_docker_image_force_pull }}" - -# This will throw a Permission Denied error if already mounted -- name: Check Matrix Goofys external storage mountpoint path - stat: - path: "{{ matrix_s3_media_store_path }}" - register: local_path_matrix_s3_media_store_path_stat - ignore_errors: yes - -- name: Ensure Matrix Goofys external storage mountpoint exists - file: - path: "{{ matrix_s3_media_store_path }}" - state: directory - mode: 0750 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - when: "not local_path_matrix_s3_media_store_path_stat.failed and not local_path_matrix_s3_media_store_path_stat.stat.exists" - -- name: Ensure goofys environment variables file created - template: - src: "{{ role_path }}/templates/goofys/env-goofys.j2" - dest: "{{ matrix_synapse_config_dir_path }}/env-goofys" - owner: root - mode: 0600 - -- name: Ensure matrix-goofys.service installed - template: - src: "{{ role_path }}/templates/goofys/systemd/matrix-goofys.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-goofys.service" - mode: 0644 - register: matrix_goofys_systemd_service_result - -- name: Ensure systemd reloaded after matrix-goofys.service installation - service: - daemon_reload: yes - when: "matrix_goofys_systemd_service_result.changed" diff --git a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml b/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml deleted file mode 100644 index 91d43456..00000000 --- a/roles/matrix-synapse/tasks/goofys/setup_uninstall.yml +++ /dev/null @@ -1,33 +0,0 @@ -- name: Check existence of matrix-goofys service - stat: - path: "{{ matrix_systemd_path }}/matrix-goofys.service" - register: matrix_goofys_service_stat - -- name: Ensure matrix-goofys is stopped - service: - name: matrix-goofys - state: stopped - daemon_reload: yes - register: stopping_result - when: "matrix_goofys_service_stat.stat.exists" - -- name: Ensure matrix-goofys.service doesn't exist - file: - path: "{{ matrix_systemd_path }}/matrix-goofys.service" - state: absent - when: "matrix_goofys_service_stat.stat.exists" - -- name: Ensure systemd reloaded after matrix-goofys.service removal - service: - daemon_reload: yes - when: "matrix_goofys_service_stat.stat.exists" - -- name: Ensure goofys environment variables file doesn't exist - file: - path: "{{ matrix_synapse_config_dir_path }}/env-goofys" - state: absent - -- name: Ensure Goofys Docker image doesn't exist - docker_image: - name: "{{ matrix_s3_goofys_docker_image }}" - state: absent diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 487bcb35..0368b0eb 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -7,11 +7,6 @@ msg: "The `server_path_media_store` variable needs to be provided to this playbook, via --extra-vars" when: "server_path_media_store is not defined or server_path_media_store.startswith('<')" -- name: Fail if media store is on Amazon S3 - fail: - msg: "Your media store is on Amazon S3. Due to technical limitations, restoring is not supported." - when: matrix_s3_media_store_enabled|bool - - name: Check if the provided media store directory exists stat: path: "{{ server_path_media_store }}" @@ -68,7 +63,6 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" recurse: yes - when: "not matrix_s3_media_store_enabled|bool" # We don't chown for Goofys, because due to the way it's mounted, # all files become owned by whoever needs to own them. diff --git a/roles/matrix-synapse/tasks/init.yml b/roles/matrix-synapse/tasks/init.yml index bc23fc86..45e8e091 100644 --- a/roles/matrix-synapse/tasks/init.yml +++ b/roles/matrix-synapse/tasks/init.yml @@ -1,10 +1,3 @@ -# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070 -# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 -- name: Fail if trying to self-build on Ansible < 2.8 - fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" - when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_synapse_container_image_self_build and matrix_synapse_enabled" - # Unless `matrix_synapse_workers_enabled_list` is explicitly defined, # we'll generate it dynamically. - import_tasks: "{{ role_path }}/tasks/synapse/workers/init.yml" @@ -20,7 +13,3 @@ loop_control: loop_var: matrix_synapse_worker_details when: matrix_synapse_enabled|bool and matrix_synapse_workers_enabled|bool - -- set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-goofys.service'] }}" - when: matrix_s3_media_store_enabled|bool diff --git a/roles/matrix-synapse/tasks/main.yml b/roles/matrix-synapse/tasks/main.yml index 8bf1c563..eba2b5ed 100644 --- a/roles/matrix-synapse/tasks/main.yml +++ b/roles/matrix-synapse/tasks/main.yml @@ -19,11 +19,6 @@ tags: - import-synapse-media-store -- import_tasks: "{{ role_path }}/tasks/register_user.yml" - when: run_synapse_register_user|bool - tags: - - register-user - - import_tasks: "{{ role_path }}/tasks/self_check_client_api.yml" delegate_to: 127.0.0.1 become: false @@ -38,11 +33,6 @@ tags: - self-check -- import_tasks: "{{ role_path }}/tasks/update_user_password.yml" - when: run_synapse_update_user_password|bool - tags: - - update-user-password - - import_tasks: "{{ role_path }}/tasks/rust-synapse-compress-state/main.yml" when: run_synapse_rust_synapse_compress_state|bool tags: diff --git a/roles/matrix-synapse/tasks/register_user.yml b/roles/matrix-synapse/tasks/register_user.yml deleted file mode 100644 index 9c2a3ea0..00000000 --- a/roles/matrix-synapse/tasks/register_user.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- - -- name: Fail if playbook called incorrectly - fail: - msg: "The `username` variable needs to be provided to this playbook, via --extra-vars" - when: "username is not defined or username == ''" - -- name: Fail if playbook called incorrectly - fail: - msg: "The `password` variable needs to be provided to this playbook, via --extra-vars" - when: "password is not defined or password == ''" - -- name: Fail if playbook called incorrectly - fail: - msg: "The `admin` variable needs to be provided to this playbook, via --extra-vars" - when: "admin is not defined or admin not in ['yes', 'no']" - -- name: Ensure matrix-synapse is started - service: - name: matrix-synapse - state: started - daemon_reload: yes - register: start_result - -- name: Wait a while, so that Synapse can manage to start - pause: - seconds: 7 - when: "start_result.changed" - -- name: Register user - command: "{{ matrix_local_bin_path }}/matrix-synapse-register-user {{ username|quote }} {{ password|quote }} {{ '1' if admin == 'yes' else '0' }}" diff --git a/roles/matrix-synapse/tasks/setup_synapse.yml b/roles/matrix-synapse/tasks/setup_synapse.yml index f8bc05a1..e36dcdb9 100644 --- a/roles/matrix-synapse/tasks/setup_synapse.yml +++ b/roles/matrix-synapse/tasks/setup_synapse.yml @@ -14,7 +14,7 @@ # We handle matrix_synapse_media_store_path elsewhere (in ./synapse/setup_install.yml), # because if it's using Goofys and it's already mounted (from before), # trying to chown/chmod it here will cause trouble. - when: "(matrix_synapse_enabled|bool or matrix_s3_media_store_enabled|bool) and item.when" + when: "(matrix_synapse_enabled|bool) and item.when" - import_tasks: "{{ role_path }}/tasks/ext/setup.yml" diff --git a/roles/matrix-synapse/tasks/update_user_password.yml b/roles/matrix-synapse/tasks/update_user_password.yml deleted file mode 100644 index 78136785..00000000 --- a/roles/matrix-synapse/tasks/update_user_password.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- - -- name: Fail if playbook called incorrectly - fail: - msg: "The `username` variable needs to be provided to this playbook, via --extra-vars" - when: "username is not defined or username == ''" - -- name: Fail if playbook called incorrectly - fail: - msg: "The `password` variable needs to be provided to this playbook, via --extra-vars" - when: "password is not defined or password == ''" - -- name: Fail if not using matrix-postgres container - fail: - msg: "This command is working only when matrix-postgres container is being used" - when: "not matrix_postgres_enabled|bool" - -- name: Ensure matrix-synapse is started - service: - name: matrix-synapse - state: started - daemon_reload: yes - register: start_result - -- name: Ensure matrix-postgres is started - service: - name: matrix-postgres - state: started - daemon_reload: yes - register: postgres_start_result - - -- name: Wait a while, so that Matrix Synapse can manage to start - pause: - seconds: 7 - when: "start_result.changed or postgres_start_result.changed" - -- name: Generate password hash - shell: "{{ matrix_host_command_docker }} exec matrix-synapse /usr/local/bin/hash_password -c /data/homeserver.yaml -p {{ password|quote }}" - register: password_hash - -- name: Update user password hash - command: "{{ matrix_local_bin_path }}/matrix-postgres-update-user-password-hash {{ username|quote }} {{ password_hash.stdout|quote }}" diff --git a/roles/matrix-synapse/templates/goofys/env-goofys.j2 b/roles/matrix-synapse/templates/goofys/env-goofys.j2 deleted file mode 100644 index 2955efdd..00000000 --- a/roles/matrix-synapse/templates/goofys/env-goofys.j2 +++ /dev/null @@ -1,3 +0,0 @@ -#jinja2: lstrip_blocks: "True" -AWS_ACCESS_KEY={{ matrix_s3_media_store_aws_access_key }} -AWS_SECRET_KEY={{ matrix_s3_media_store_aws_secret_key }} diff --git a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 b/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 deleted file mode 100644 index df4a4f23..00000000 --- a/roles/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2 +++ /dev/null @@ -1,39 +0,0 @@ -#jinja2: lstrip_blocks: "True" -[Unit] -Description=Matrix Goofys media store -After=docker.service -Requires=docker.service -DefaultDependencies=no - -[Service] -Type=simple -Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_docker }} kill %n -ExecStartPre=-{{ matrix_host_command_docker }} rm %n - -ExecStart={{ matrix_host_command_docker }} run --rm --name %n \ - --log-driver=none \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --mount type=bind,src=/etc/passwd,dst=/etc/passwd,ro \ - --mount type=bind,src=/etc/group,dst=/etc/group,ro \ - --mount type=bind,src={{ matrix_s3_media_store_path }},dst=/s3,bind-propagation=shared \ - --security-opt apparmor:unconfined \ - --cap-add mknod \ - --cap-add sys_admin \ - --device=/dev/fuse \ - --env-file={{ matrix_synapse_config_dir_path }}/env-goofys \ - --entrypoint /bin/sh \ - {{ matrix_s3_goofys_docker_image }} \ - -c 'goofys -f{% if not matrix_s3_media_store_custom_endpoint_enabled %} --storage-class=STANDARD_IA{% endif %}{% if matrix_s3_media_store_custom_endpoint_enabled %} --endpoint={{ matrix_s3_media_store_custom_endpoint }}{% endif %} --region {{ matrix_s3_media_store_region }} --stat-cache-ttl 60m0s --type-cache-ttl 60m0s --dir-mode 0700 --file-mode 0700 {{ matrix_s3_media_store_bucket_name }} /s3' - -TimeoutStartSec=5min -ExecStop=-{{ matrix_host_command_docker }} stop %n -ExecStop=-{{ matrix_host_command_docker }} kill %n -ExecStop=-{{ matrix_host_command_docker }} rm %n -ExecStop=-{{ matrix_host_command_fusermount }} -u {{ matrix_s3_media_store_path }} -Restart=always -RestartSec=5 -SyslogIdentifier=matrix-goofys - -[Install] -WantedBy=multi-user.target diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index 2fbaac7b..7ff64e77 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -23,12 +23,6 @@ Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null' ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null' -{% if matrix_s3_media_store_enabled %} -# Allow for some time before starting, so that media store can mount. -# Mounting can happen later too, but if we start writing, -# we'd write files to the local filesystem and fusermount will complain. -ExecStartPre={{ matrix_host_command_sleep }} 3 -{% endif %} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ --log-driver=none \