diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup-install.yml b/roles/matrix-synapse/tasks/ext/rest-auth/setup-install.yml new file mode 100644 index 000000000..05429ca31 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/rest-auth/setup-install.yml @@ -0,0 +1,30 @@ +--- + +- name: Fail if REST Auth endpoint not configured + fail: + msg: "You have enabled the REST Auth password provider, but have not configured its endpoint in the `matrix_synapse_ext_password_provider_rest_auth_endpoint` variable. Consult the documentation." + when: "matrix_synapse_ext_password_provider_rest_auth_endpoint == ''" + +- name: Download matrix-synapse-rest-auth + get_url: + url: "{{ matrix_synapse_ext_password_provider_rest_auth_download_url }}" + dest: "{{ matrix_synapse_ext_path }}/rest_auth_provider.py" + force: true + mode: 0440 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + +- set_fact: + matrix_synapse_password_providers_enabled: true + +- set_fact: + matrix_synapse_container_additional_volumes: > + {{ matrix_synapse_container_additional_volumes }} + + + {{ [{'src': '{{ matrix_synapse_ext_path }}/rest_auth_provider.py', 'dst': '{{ matrix_synapse_in_container_python_packages_path }}/rest_auth_provider.py', 'options': 'ro'}] }} + +- set_fact: + matrix_synapse_additional_loggers: > + {{ matrix_synapse_additional_loggers }} + + + {{ [{'name': 'rest_auth_provider', 'level': 'INFO'}] }} diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup-uninstall.yml b/roles/matrix-synapse/tasks/ext/rest-auth/setup-uninstall.yml new file mode 100644 index 000000000..be8ad600b --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/rest-auth/setup-uninstall.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure matrix-synapse-rest-auth doesn't exist + file: + path: "{{ matrix_synapse_ext_path }}/rest_auth_provider.py" + state: absent diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml b/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml index 9cdb5a2dd..5e546e9fb 100644 --- a/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml +++ b/roles/matrix-synapse/tasks/ext/rest-auth/setup.yml @@ -1,48 +1,7 @@ --- -# -# Tasks related to setting up matrix-synapse-rest-auth -# +- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup-install.yml" + when: matrix_synapse_ext_password_provider_rest_auth_enabled -- name: Fail if REST Auth enabled, but endpoint not configured - fail: - msg: "You have enabled the REST Auth password provider, but have not configured its endpoint in the `matrix_synapse_ext_password_provider_rest_auth_endpoint` variable. Consult the documentation." - when: "matrix_synapse_ext_password_provider_rest_auth_enabled and matrix_synapse_ext_password_provider_rest_auth_endpoint == ''" - -- name: Download matrix-synapse-rest-auth - get_url: - url: "{{ matrix_synapse_ext_password_provider_rest_auth_download_url }}" - dest: "{{ matrix_synapse_ext_path }}/rest_auth_provider.py" - force: true - mode: 0440 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" - when: "matrix_synapse_ext_password_provider_rest_auth_enabled" - -- set_fact: - matrix_synapse_password_providers_enabled: true - when: "matrix_synapse_ext_password_provider_rest_auth_enabled" - -- set_fact: - matrix_synapse_container_additional_volumes: > - {{ matrix_synapse_container_additional_volumes }} - + - {{ [{'src': '{{ matrix_synapse_ext_path }}/rest_auth_provider.py', 'dst': '{{ matrix_synapse_in_container_python_packages_path }}/rest_auth_provider.py', 'options': 'ro'}] }} - when: "matrix_synapse_ext_password_provider_rest_auth_enabled" - -- set_fact: - matrix_synapse_additional_loggers: > - {{ matrix_synapse_additional_loggers }} - + - {{ [{'name': 'rest_auth_provider', 'level': 'INFO'}] }} - when: "matrix_synapse_ext_password_provider_rest_auth_enabled" - -# -# Tasks related to getting rid of matrix-synapse-rest-auth (if it was previously enabled) -# - -- name: Ensure matrix-synapse-rest-auth doesn't exist - file: - path: "{{ matrix_synapse_ext_path }}/rest_auth_provider.py" - state: absent - when: "not matrix_synapse_ext_password_provider_rest_auth_enabled" \ No newline at end of file +- import_tasks: "{{ role_path }}/tasks/ext/rest-auth/setup-uninstall.yml" + when: "not matrix_synapse_ext_password_provider_rest_auth_enabled" diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup-install.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup-install.yml new file mode 100644 index 000000000..128cba3c7 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup-install.yml @@ -0,0 +1,30 @@ +--- + +- name: Fail if Shared Secret Auth secret not set + fail: + msg: "Shared Secret Auth is enabled, but no secret has been set in matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret" + when: "matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret == ''" + +- name: Download matrix-synapse-shared-secret-auth + get_url: + url: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_download_url }}" + dest: "{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py" + force: true + mode: 0440 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + +- set_fact: + matrix_synapse_password_providers_enabled: true + +- set_fact: + matrix_synapse_container_additional_volumes: > + {{ matrix_synapse_container_additional_volumes }} + + + {{ [{'src': '{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py', 'dst': '{{ matrix_synapse_in_container_python_packages_path }}/shared_secret_authenticator.py', 'options': 'ro'}] }} + +- set_fact: + matrix_synapse_additional_loggers: > + {{ matrix_synapse_additional_loggers }} + + + {{ [{'name': 'shared_secret_authenticator', 'level': 'INFO'}] }} diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup-uninstall.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup-uninstall.yml new file mode 100644 index 000000000..e564909e7 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup-uninstall.yml @@ -0,0 +1,6 @@ +--- + +- name: Ensure matrix-synapse-shared-secret-auth doesn't exist + file: + path: "{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py" + state: absent diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml index 34680adda..a541ab15b 100644 --- a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml +++ b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup.yml @@ -1,48 +1,7 @@ --- -# -# Tasks related to setting up matrix-synapse-shared-secret-auth -# +- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup-install.yml" + when: matrix_synapse_ext_password_provider_shared_secret_auth_enabled -- name: Fail if Shared Secret Auth enabled, but no secret set - fail: - msg: "Shared Secret Auth is enabled, but no secret has been set in matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret" - when: "matrix_synapse_ext_password_provider_shared_secret_auth_enabled and matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret == ''" - -- name: Download matrix-synapse-shared-secret-auth - get_url: - url: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_download_url }}" - dest: "{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py" - force: true - mode: 0440 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_username }}" - when: "matrix_synapse_ext_password_provider_shared_secret_auth_enabled" - -- set_fact: - matrix_synapse_password_providers_enabled: true - when: "matrix_synapse_ext_password_provider_shared_secret_auth_enabled" - -- set_fact: - matrix_synapse_container_additional_volumes: > - {{ matrix_synapse_container_additional_volumes }} - + - {{ [{'src': '{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py', 'dst': '{{ matrix_synapse_in_container_python_packages_path }}/shared_secret_authenticator.py', 'options': 'ro'}] }} - when: "matrix_synapse_ext_password_provider_shared_secret_auth_enabled" - -- set_fact: - matrix_synapse_additional_loggers: > - {{ matrix_synapse_additional_loggers }} - + - {{ [{'name': 'shared_secret_authenticator', 'level': 'INFO'}] }} - when: "matrix_synapse_ext_password_provider_shared_secret_auth_enabled" - -# -# Tasks related to getting rid of matrix-synapse-shared-secret-auth (if it was previously enabled) -# - -- name: Ensure matrix-synapse-shared-secret-auth doesn't exist - file: - path: "{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py" - state: absent - when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled" \ No newline at end of file +- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup-uninstall.yml" + when: "not matrix_synapse_ext_password_provider_shared_secret_auth_enabled"