Update to 2021-12-01 19:13

2025-07-26 15:55:56 +02:00 · 2021-12-01 19:13:34 +01:00
commit 4c4556c660
2153 changed files with 60999 additions and 0 deletions
--- a/roles/matrix_ma1sd/tasks/archive_post.yml
+++ b/roles/matrix_ma1sd/tasks/archive_post.yml
@@ -0,0 +1,8 @@
+---
+
+- import_tasks: ../includes/webapps_compress_archive.yml
+  vars:
+    - root_dir: "{{ ma1sd_root_dir }}"
+    - version: "{{ ma1sd_current_version }}"
+  tags: matrix
+
--- a/roles/matrix_ma1sd/tasks/archive_pre.yml
+++ b/roles/matrix_ma1sd/tasks/archive_pre.yml
@@ -0,0 +1,22 @@
+---
+
+- name: Stop the service
+  service: name=matrix-ma1sd state=stopped
+  tags: matrix
+
+- name: Create archive dir
+  file: path={{ ma1sd_root_dir }}/archives/{{ ma1sd_current_version }} state=directory
+  tags: matrix
+
+- name: Archive current version
+  synchronize:
+    src: "{{ ma1sd_root_dir }}/{{ item }}"
+    dest: "{{ ma1sd_root_dir }}/archives/{{ ma1sd_current_version }}/"
+    recursive: True
+    delete: True
+  delegate_to: "{{ inventory_hostname }}"
+  loop:
+    - app
+    - db
+    - etc
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/cleanup.yml
+++ b/roles/matrix_ma1sd/tasks/cleanup.yml
@@ -0,0 +1,8 @@
+---
+
+- name: Remove tmp files
+  file: path={{ ma1sd_root_dir }}/tmp/{{ item }} state=absent
+  loop:
+    - ma1sd
+    - ma1sd.zip
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/conf.yml
+++ b/roles/matrix_ma1sd/tasks/conf.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Deploy service config
+  template: src=ma1sd.yaml.j2 dest={{ ma1sd_root_dir }}/etc/ma1sd.yaml group={{ ma1sd_user }} mode=640
+  notify: restart ma1sd
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/directories.yml
+++ b/roles/matrix_ma1sd/tasks/directories.yml
@@ -0,0 +1,18 @@
+---
+
+- name: Create needed directories
+  file: path={{ ma1sd_root_dir }}/{{ item.dir }} state=directory mode={{ item.mode }} group={{ ma1sd_user }}
+  with_items:
+    - dir: /
+      mode: 750
+    - dir: etc
+      mode: 770
+    - dir: db
+      mode: 770
+    - dir: archives
+      mode: 700
+    - dir: meta
+      mode: 700
+    - dir: tmp
+      mode: 700
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/facts.yml
+++ b/roles/matrix_ma1sd/tasks/facts.yml
@@ -0,0 +1,32 @@
+---
+
+- import_tasks: ../includes/webapps_set_install_mode.yml
+  vars:
+    - root_dir: "{{ ma1sd_root_dir }}"
+    - version: "{{ ma1sd_version }}"
+  tags: matrix
+- set_fact: ma1sd_install_mode={{ (install_mode == 'upgrade' and not ma1sd_manage_upgrade) | ternary('none',install_mode) }}
+  tags: matrix
+- set_fact: ma1sd_current_version={{ current_version | default('') }}
+  tags: matrix
+
+- name: Detect if mxisd is installed
+  stat: path=/opt/matrix/mxisd
+  register: ma1sd_mxisd_dir
+  tags: matrix
+
+- name: Detect if ma1sd db already exists
+  stat: path={{ ma1sd_root_dir }}/db/ma1sd.sqlite
+  register: ma1sd_sqlite
+  tags: matrix
+
+- name: Detect if ma1sd signing key already exists
+  stat: path={{ ma1sd_root_dir }}/etc/signing.key
+  register: ma1sd_signingkey
+  tags: matrix
+
+- name: Check if the jar already exists
+  stat: path={{ ma1sd_root_dir }}/app/build/libs/app.jar
+  register: ma1sd_jar
+  tags: matrix
+
--- a/roles/matrix_ma1sd/tasks/install.yml
+++ b/roles/matrix_ma1sd/tasks/install.yml
@@ -0,0 +1,39 @@
+---
+
+- name: Install needed packages
+  yum:
+    name:
+      - java-1.8.0-openjdk-devel
+    state: latest
+  tags: matrix
+
+- name: Download ma1sd archive
+  get_url:
+    url: "{{ ma1sd_archive_url }}"
+    dest: "{{ ma1sd_root_dir }}/tmp/"
+    checksum: sha1:{{ ma1sd_archive_sha1 }}
+  when: ma1sd_install_mode != 'none'
+  tags: matrix
+
+- name: Extract ma1sd
+  unarchive:
+    src: "{{ ma1sd_root_dir }}/tmp/ma1sd.zip"
+    dest: "{{ ma1sd_root_dir }}/tmp/"
+    remote_src: True
+  when: ma1sd_install_mode != 'none'
+  tags: matrix
+
+- name: Move ma1sd to its final dir
+  synchronize:
+    src: "{{ ma1sd_root_dir }}/tmp/ma1sd/"
+    dest: "{{ ma1sd_root_dir }}/app/"
+    recursive: True
+    delete: True
+  delegate_to: "{{ inventory_hostname }}"
+  when: ma1sd_install_mode != 'none'
+  tags: matrix
+
+- name: Deploy systemd unit
+  template: src=matrix-ma1sd.service.j2 dest=/etc/systemd/system/matrix-ma1sd.service
+  notify: reload systemd
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/iptables.yml
+++ b/roles/matrix_ma1sd/tasks/iptables.yml
@@ -0,0 +1,8 @@
+---
+
+- name: Handle ma1sd port
+  iptables_raw:
+    name: ma1sd_port
+    state: "{{ (ma1sd_src_ip is defined and ma1sd_src_ip | length > 0) | ternary('present','absent') }}"
+    rules: "-A INPUT -m state --state NEW -p tcp --dport {{ ma1sd_port }} -s {{ ma1sd_src_ip | join(',') }} -j ACCEPT"
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/main.yml
+++ b/roles/matrix_ma1sd/tasks/main.yml
@@ -0,0 +1,19 @@
+---
+
+- include: facts.yml
+- include: user.yml
+- include: directories.yml
+- include: archive_pre.yml
+  when: ma1sd_install_mode == 'upgrade'
+- include: migrate_mxisd.yml
+  when: ma1sd_mxisd_dir.stat.exists
+- include: install.yml
+- include: conf.yml
+- include: iptables.yml
+  when: iptables_manage | default(True)
+- include: service.yml
+- include: write_version.yml
+- include: archive_post.yml
+  when: ma1sd_install_mode == 'upgrade'
+- include: cleanup.yml
+
--- a/roles/matrix_ma1sd/tasks/migrate_mxisd.yml
+++ b/roles/matrix_ma1sd/tasks/migrate_mxisd.yml
@@ -0,0 +1,37 @@
+---
+
+- name: Stop mxisd service
+  service: name=matrix-mxisd state=stopped
+  tags: matrix
+
+- name: Reload systemd
+  systemd: daemon_reload=True
+  tags: matrix
+
+- name: Migrate database
+  copy: src=/opt/matrix/mxisd/db/mxisd.sqlite dest={{ ma1sd_root_dir }}/db/ma1sd.sqlite owner={{ ma1sd_user }} group={{ ma1sd_user }} mode=0640 remote_src=True
+  when: not ma1sd_sqlite.stat.exists
+  tags: matrix
+
+- name: Migration signing keys
+  copy: src=/opt/matrix/mxisd/etc/signing.key dest={{ ma1sd_root_dir }}/etc/ owner={{ ma1sd_user }} group={{ ma1sd_user }} mode=0750 remote_src=True
+  when: not ma1sd_signingkey.stat.exists
+  tags: matrix
+
+- name: Remove iptables rules
+  iptables_raw:
+    name: mxisd_port
+    state: absent
+  when: iptables_manage | default(True)
+  tags: matrix
+
+- name: Remove mxisd files
+  file: path={{ item }} state=absent
+  loop:
+    - /etc/systemd/system/matrix-mxisd.service
+    - /opt/matrix/mxisd
+  tags: matrix
+
+- name: Remove mxisd user
+  user: name=mxisd state=absent
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/service.yml
+++ b/roles/matrix_ma1sd/tasks/service.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Start and enable the service
+  service: name=matrix-ma1sd state=started enabled=True
+  register: ma1sd_started
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/user.yml
+++ b/roles/matrix_ma1sd/tasks/user.yml
@@ -0,0 +1,5 @@
+---
+
+- name: Create ma1sd user account
+  user: name={{ ma1sd_user }} home={{ ma1sd_root_dir }} shell=/bin/bash state=present
+  tags: matrix
--- a/roles/matrix_ma1sd/tasks/write_version.yml
+++ b/roles/matrix_ma1sd/tasks/write_version.yml
@@ -0,0 +1,6 @@
+---
+
+- name: Write version
+  copy: content={{ ma1sd_version }} dest={{ ma1sd_root_dir }}/meta/ansible_version
+  tags: matrix
+