From 236d813994acd076ce96d764d569ee6bb3da98f9 Mon Sep 17 00:00:00 2001
From: Stonewall Jackson <stonewall@sacredheartsc.com>
Date: Wed, 31 May 2023 21:35:04 -0400
Subject: add synapse role

---
 playbooks/matrix.yml                   | 37 ++++++++++++++++++++++++++++++++++
 playbooks/site.yml                     |  1 +
 playbooks/webserver_public_example.yml | 23 +++++++++++++++++++++
 3 files changed, 61 insertions(+)
 create mode 100644 playbooks/matrix.yml

(limited to 'playbooks')

diff --git a/playbooks/matrix.yml b/playbooks/matrix.yml
new file mode 100644
index 0000000..8ddbc47
--- /dev/null
+++ b/playbooks/matrix.yml
@@ -0,0 +1,37 @@
+- name: configure matrix servers
+  hosts: matrix_servers
+  roles:
+    - role: common
+      tags: common
+
+    - role: synapse
+      tags: synapse
+
+    - role: apache_vhost
+      apache_server_name: '{{ synapse_server_name }}'
+      apache_server_aliases: []
+      apache_ssl_only: yes
+      apache_letsencrypt: yes
+      apache_listen_port: '{{ synapse_federation_port }}'
+      apache_config: '{{ synapse_apache_federation_config }}'
+      apache_config_name: '{{ synapse_server_name }}-federation'
+      tags: apache
+
+    - role: apache_vhost
+      apache_server_name: '{{ synapse_server_name }}'
+      apache_server_aliases: []
+      apache_ssl_only: yes
+      apache_letsencrypt: yes
+      apache_listen_port: '{{ synapse_client_port }}'
+      apache_config: '{{ synapse_apache_client_config }}'
+      apache_config_name: '{{ synapse_server_name }}-client'
+      tags: apache
+
+    - role: apache_vhost
+      apache_server_name: '{{ synapse_server_name }}'
+      apache_server_aliases: []
+      apache_letsencrypt: yes
+      apache_redirect_to_https: yes
+      apache_document_root: '{{ synapse_element_webroot }}'
+      apache_config_name: '{{ synapse_server_name }}-element'
+      tags: apache
diff --git a/playbooks/site.yml b/playbooks/site.yml
index d4bcd11..fa79f8d 100644
--- a/playbooks/site.yml
+++ b/playbooks/site.yml
@@ -35,3 +35,4 @@
 - import_playbook: turn.yml
 - import_playbook: xmpp.yml
 - import_playbook: asterisk.yml
+- import_playbook: matrix.yml
diff --git a/playbooks/webserver_public_example.yml b/playbooks/webserver_public_example.yml
index b509e85..d9cb468 100644
--- a/playbooks/webserver_public_example.yml
+++ b/playbooks/webserver_public_example.yml
@@ -10,6 +10,8 @@
       apache_canonical_hostname: www.example.com
       apache_letsencrypt: yes
       apache_document_root: /var/www/www.example.com
+      apache_config: |
+        Alias /.well-known/matrix /var/www/well-known/example.com/matrix
       tags: apache
 
     - role: archive_job
@@ -35,3 +37,24 @@
         group: webmasters
         mode: 02770
       tags: apache
+
+    - name: create well-known directories
+      file:
+        path: '/var/www/well-known/{{ item }}'
+        state: directory
+        recurse: yes
+      loop:
+        - example.com/matrix
+      tags: apache
+
+    - name: create .well-known/matrix/server for example.com
+      copy:
+        content: '{"m.server": "matrix.example.com:8448"}'
+        dest: /var/www/well-known/example.com/matrix/server
+      tags: apache
+
+    - name: create .well-known/matrix/client for example.com
+      copy:
+        content: '{"m.homeserver": {"base_url": "https://matrix.example.com:8443"}}'
+        dest: /var/www/well-known/example.com/matrix/client
+      tags: apache
-- 
cgit