--- - name: Setup postgres include_role: name: postgre vars: postgres_users: - name: bridge_signal_user password: "{{ matrix_bridge_signal_postgre_user_pwd }}" databases: - name: bridge_signal owner: bridge_signal_user local: C template: template0 no_log: {{ enable_no_log | default('true') }} - name: Install the pgp key for the signald repo. copy: src: signald-keyring.gpg dest: /etc/apt/trusted.gpg.d/signald-keyring.gpg mode: 0644 - name: Add signald repo to source list ansible.builtin.apt_repository: repo: "deb https://updates.signald.org unstable main" state: present - name: Install dependencies apt: name: - signald - python3 - python3-virtualenv - python3-pip - libolm-dev # for encryption - python3-dev # - build-essential # state: latest update_cache: true register: apt_result retries: 3 until: apt_result is succeeded - name: Enable the signald daemon systemd: name: signald state: started enabled: yes - name: Create the mautrix-signal user user: name: mautrix-signal home: /opt/mautrix-signal groups: - signald password_lock: yes system: yes - name: Install bridge become: yes become_user: mautrix-signal pip: name: mautrix-signal[all] state: latest virtualenv: /opt/mautrix-signal virtualenv_command: virtualenv virtualenv_python: /usr/bin/python3 - name: Check if the bridge is already configured stat: path: /opt/mautrix-signal/config.yaml register: register_config - name: Set read token variable block: - name: read config file slurp: src: /opt/mautrix-signal/config.yaml register: encoded_config - name: decode config file set_fact: signal_config: "{{ encoded_config.content | b64decode | from_yaml }}" - name: extract tokens set_fact: matrix_bridge_signal_as_token: "{{ signal_config.appservice.as_token }}" matrix_bridge_signal_hs_token: "{{ signal_config.appservice.hs_token }}" when: register_config.stat.exists - name: Configure the bridge template: src: config.yaml dest: /opt/mautrix-signal/config.yaml owner: mautrix-signal group: nogroup mode: '0600' notify: Restart the signal bridge no_log: {{ enable_no_log | default('true') }} - name: Generate signal-registration.yaml become: yes become_user: mautrix-signal shell: cmd: "/opt/mautrix-signal/bin/python -m mautrix_signal -g" chdir: /opt/mautrix-signal creates: /opt/mautrix-signal/registration.yaml notify: Restart synapse no_log: {{ enable_no_log | default('true') }} - name: Ensure the registration directory exists file: path: /etc/matrix-synapse/registrations state: directory group: root owner: root mode: u=rwx,g=rx,o=rx - name: Copy registration for synapse file: src: /opt/mautrix-signal/registration.yaml dest: /etc/matrix-synapse/registrations/signal-registration.yaml state: link - name: Ensure the log directory exists file: path: /var/log/bridge_signal state: directory group: nogroup owner: mautrix-signal mode: u=rwx,g=rx,o= - name: Copy the daemon configuration template: src: bridge_signal.service dest: /etc/systemd/system/bridge_signal.service notify: Restart the signal bridge - name: Enable the daemon systemd: name: bridge_signal state: started enabled: yes