Add matrix-appservice-webhooks and move nodejs tasks

This commit is contained in:
Alexandre Iooss 2019-03-12 17:56:12 +01:00
parent f7476481c2
commit 1a447b3807
19 changed files with 276 additions and 176 deletions

View file

@ -3,4 +3,5 @@
- hosts: codimd.adm.auro.re - hosts: codimd.adm.auro.re
roles: roles:
- debian-backports - debian-backports
- nodejs
- codimd - codimd

View file

@ -3,4 +3,5 @@
- hosts: pad.adm.auro.re - hosts: pad.adm.auro.re
roles: roles:
- debian-backports - debian-backports
- nodejs
- etherpad - etherpad

View file

@ -30,3 +30,7 @@ ssh_pub_keys: "{{ vault_ssh_pub_keys }}"
# Monitoring # Monitoring
monitoring_mail: 'monitoring.aurore@lists.crans.org' monitoring_mail: 'monitoring.aurore@lists.crans.org'
# Matrix
matrix_webhooks_secret: "{{ vault_matrix_webhooks_secret }}"

View file

@ -1,106 +1,112 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
38616339383037366465353638383665643938633061323863386539323861633135363964303364 30643064346235376335653933633134616531356562383833323336316264643335336437376462
6335326537383039316566623031306136633364336337320a343434623066313535363430303866 3364343634313734653033343663306565306564623939340a636266646265633634646531323363
61613635663336376530333463363037316230323339393463393465313366643438316565306564 35653136343933303034356333376539353561626638616234636333653764616433393866616536
3263613463653764330a363330623331323762306330336465633538353637373838396231643762 3935366266396632340a323866323438653935356265663835393366343833363639313933333464
35353137306132653861343736323934326161663436653737333462333938393330393861363764 32373862303166643331363463656265656531646135653238333566386236316163393738366133
38333837353564396563623039636438663662626330323632383234333662613835633138326161 33653332306664643336323864356364646138616130653861333637373436303433376633366661
33626537633863393864373937306332386131626562323762616439643830626339633833313638 65373636383862306134353738323564393262376561306134303361633161323239303563643934
65363930353162323635356430313030303734386339393730383135323937623939393233663335 63333530653561343862613033343435333336306135373136623139343634616232346364356464
39316564396463643134636363326262343538666234333837373164646434643232623666636162 39363838343538633130363831303064303334353261346239366635363763386262633063303434
61616637396561323166313131393163353166353764396564373330326262346666373034663465 34366531316338326233323634383730623838643535623939306535306634333438653434366662
35326563306538653562333864383662336338656566313432633831313363663131393930336234 35663463306239383835643034343735336131363339666366356138613731333836386266383763
61336230643539303532656437616638323266623434393863623661366237386537386232383332 31666535326630303536376364336432613736353134376230323631326130343262316630373934
38643433626466343633626665386633663964306566643436363839363462326632393863616230 63353166376630336431626530643733623561343335396336616235616532386434626634653631
62386662386363613737613839386436383734623461386363313832636661636334633132363433 35613930393536613633633463393434616131303763613033656262386663663839343662626535
30383135646465353232623936366337663130376232343231376565313563303534313462336462 36373236323733663334306134313433393366653066373464386134303265323564343262336562
39353861663230623536613735663865373238303832306636323532393734303538383837336237 39393738656337316239623466643933663938663433313866626665613263356534386535633837
36613732623539616237663962666263393138303064646335623336343432323266663335363061 61643036666161653434613061653539636137653235663064323766613061333563626563396439
36306361653035653334343031303663373334613365393635616362343461616535343964306666 39323137373162393237356135333632333163613961373533633432333233346463303034366336
36663030373133346663663839373363663163653961323533356361373533643636626339356332 62396363393163363639313763616533333965396162313662626161343362393363313632643031
34663063326363646638646330626666633564373763326636363764653831336134393131653864 35383433343764333238366265313363623561666162633739643232323962316165636436353766
62353163613534386364323430346435316339363338666563366262336536373162346265353165 65666132393366613561363462393966366637613062346337303139666439323861653233353533
66363834306536383465376339323462303265373263333065623837656133623035366366396335 37643138306463613933626162613865383038306133646365616337323164353362626638653765
34313566326565333930386336353333396237633333613336666566393465616563393563633335 38653035323164663130326435356532333864363237333738656636623130383533663130363764
33313232646466313333633564653535343564626566353863613964303732616436626535656135 63313439373336346334336431633263333138326561353366323239343466383039343938386436
39313632346530636639333435643034666138633831313864316266376330336334333263356132 36333634613936393530396536353239316532346361396631393063343439373762306634653336
30613865336164353433383232316637663131653231393235343262666636623461653332323664 36663137613164383061333232646534363632656362616335373066306236636239363663316665
63323637396132666333633863393131363935626435313366646563366366356265346130373162 39313036666337616164633931323465613863316438366361303536633635653862333465316366
66306261303539323763336130616165323863646466643336316437663266303730313433343932 34663662633233353361306537393061373630616262653432653631323638386230666437346664
39643639376531303839636632333063323837306638373863663132386533353735343234666139 37646564623035356536356630376166376365326666323936616139656466343833386238313462
33633462346438356338613830313533306263383263383036363566323437356235386636333432 35623239643765633766623934653963356166323065343266303431353966353063363137613632
31383462626338346339353536653437623731643036363366666437316362356266396634383865 31656338373430326331346538613130363161623035306165666238613565333131376364323839
65663332383837373334393863386531663831643366613131663666303436306336313935643065 61306466666130616334313466643031633664353666346637346161326331383637336339646434
61336661313562326465393936643130393465346636363234386436616165613436393436623664 61643835386466633038663961303339646532643036343532393332636438366234383932376431
33396165376363316334613737613261396633306233643337393936393465313763343439646136 30376165353834616564633062396461393636663464613038383363306264666334616264343361
38643135346234653234316536363964303331303932656134323165333239623362333931323334 33346538386332633333343461623262336133306239646635303332613934306565663633616634
62323634373764663464343031626432653131306664336130396265363964663866663538376239 61383665656531343332353263303534323435383136646235343135373739323563326662316633
33653430366265623733376536613632646662646632653132336537383336303335623966396131 66343733396163353939643939653237393931386361623364653466623935333232666662313865
62303136613934656664386162373433323962336134663435373730366632666135663030653133 32373761346534316334346137653565326633326466316566666362366338353165343761396136
38613632623765616465383266356238313333336434376238396339343031323465343833323665 30346536386266363033323838313138633234346666343739316562356332323632643432333763
61666366326363303832663164363838353739653534313235336530396330346466656432386636 65393032353861303937386437646537623830333866343564313863653033396637626466343463
36613239613239613835633265363064316134346464616338333532376132373637356665346230 32343861623563653566623233363638636634646265643465373161326339346563623765326264
38343461613335663061393037643466383664323263336364356364363262346236326161653362 37366137623734633662366263356135313164343634306232353530313034356333633239383432
63653963303139616430333738373038333661333562376130363061366338346430303231363138 64646564343435303536343263323266663163666466653231363963393537356531313466653731
66373866303331333035316533373336376466346630326166373734353834306237383462356430 37306664303737346431623937343062376562353630383535396533643437353631336438353162
33633332366636613534313933323065633736656432656236653930623663616133336435313337 34373436613962643634333464303033323331666166383932306361643763393333616532623138
36623031663333386362306138343231363130626131323735316562363730656230376132303439 66323366353836306436353437336338386161613336316465663339333461383464376562323530
36323932666362613237666164653037353631353730346466303764326162366266376130316166 64373738656536313530346433663336306536333062653138663035653130376236613333346166
32363739373437333731643936366334376463383664373139363465666538666331636535626462 38643561353030373633336533303666666465373938666633366361333938353332396363393832
32323834616338376264393461626665393635336638383333653466336332316364363330333738 30633761646364393737653165396335353631376137653238386639633664313363333631366365
61303161303564383563653039653263343161336362373563616237373865653965343639343465 30623730353462663530646434326561383265343534636138333065373439636463353539303436
35363536613233313534633665373264303139393731626339646466663431363361373938623334 30353632303433373436383735383332616233363763326566343233613436303233363332363662
38613766643861326538663563656662383665376137393333616566646136336339306333653066 65393062373335666265343830373730646639323730383238616531623934653931646164373765
34373864353230343032386236386165616462316562363062613330636264303632396339646632 30333331336635313935656562383066323834636136303461326433626163363232653037626361
37316630303536316436356138626533653865366137666131363064643964333838633266366365 34356532356263636131363233323336353434383562303166376162306338373461336134653861
64663661333764616635383263376662616239323930643261613161313265633236623834376263 34316330356336303162303963303763643735656139616533616234643233646365386536616335
31623565633964376632346533373037333166346332313266316138613665353530336562643739 30613662333437343233636364663562386363313034343061343137653062626338383432643230
32393161396338353630363838643130323431343339376431373165313238383064616335323064 35323130373561343666326331333561323562623231303066353464653665356165643337323562
36313366633161303635383062656538343538363039343931623736623766343762343563646134 32386139303034333764666662613436623933353964316536363430346631653630643832306634
33626264643639333364343131636163646361626130646237326435373731613237663736393439 35653636326635353839316238643232353465616635633939323837353833386164323861653965
37376639333930396337333938373866383133613730613162356364323265373431633836653838 64636437646166666538386231623338356261346563323831653965613965366633313662303165
34323532613437313064383035313030306636346435396666653933626232313638656531366234 37333066356635623063333637633864303964303635666164316230353239303335623834376632
34313837623136656361393230653637633535333063333662363137323962353232386366656264 38336231336234343433373734313866316332633831396132313164626265643263636262643934
30303164363531343261626262653962383664313131333535313038343461303464326464373337 61313963373638336264653066613531656461386665316635313662343239353565336239306362
34646537353031386265313066313136613533663335306636346237613264313061666233376131 31633738653439386162626235656434363534653735323732636565353862623165613436623961
62346537666362373539626334376630633539343932623133653431393731356266623730353036 34346261383434373231393738353165303465313134303365393261306139613438383138326334
64626133623638303132356639663538363537623739386166333337333431363939666362663137 63623636333132356363366635333834653037353863646633636436383432663663623238643437
62303664306663376136353235613031623435393065376635353032666136396332613861376630 30306433323161316434326332643931346663393935643263333636623037653462626632376634
65633061623466313838383664613839663033333736396536333863636435306263666466313265 36363166393835636163643466383365653731383335656462376533363333363065336137363730
62633539623037616535333164316538616439333838633730313066366232616566646435376530 38386466363636356366383637646265333038663033663763646633613738366666393839346238
66316164323737396230373339333936313532343266303765356530633534643439626236313136 30393961343064653261646337373434626363303534333338613536306336323265393935373363
65373833633461393734353737363566353634353764333961643033393932353236633336393436 34383965353264643266303434316432656531346363353731623834373637343062623538346137
61333537666263666238303736316462356138396232373839343434643730643766333535643565 36346632636666623663396339633830623238366232613862633365663738396434366161653564
38333163353634633637393766346261613931663134363230353633336533643339353832653632 36343066386331303364623865346532613262663161366237363739633565653739626432363330
64343438353266343937373138643635616331336164316166343536643434616665326331353161 39313562623236663130366231396236666139363333383332616333333164396331323465336233
39303732663037653634303263386134366536333830363366663639383033323832653364393766 32626139656132383063376266613335643565303762663962373039393135393961343333303964
30333438313361613764633239373036336230353333343262613761323930656265313031323065 37323563653732373839313361383136313535643738663636306631396432313563323933616561
39666562393565326139373061313061396265386239343462346535623766313364343136343038 30646431656163373938326634373363376565316133616636376338316136343462613963313463
39373462663434633731636662653966383233396163643137373530303134633465643130383265 65653932636431633738613961346566393566636664396137666366313130313666383063373230
61376538626365396236643139336366643966306131393635623438393932313164623766353233 62643531373737626630303837353066376566333165336137323633346239386531353331363462
61643732303837366139356236353937303036343232363537623231303661653035383831343830 64366532373032373339623232383531323761316336343434653035623331366665613261373462
64663763383563303461633335313663643161336435343735333536393661663235636665383662 39336137336134363465613666616531336535323432353430386335616163363333376666306365
37393139333361323136366564383132633830386335376137396563343937306431653665316161 62303339613264333537386262653531623162366635633561663733636530623963353437373134
38323137643437383636373033326236613936396564626466386432393733633361623032326135 39663534363064343162316665666338316134396138396534643934643561386561353730636437
61346166393964313637356330653339646365326365326130386537343535353038643538393336 33303865366261393161353732306338343337376631623531346337396237323662653536313861
66366335316538393333613631346365393038623261303536363732383637643430346632343139 66346561383937616136376234363636663239616666306232613038646433373838653133346164
61643265333466323666633834333462613161653165663432613934353036343937343939303033 36636663393066313434373131646335303730303266313261646531656261396534623964643834
35636134343761666534656636383632363562633634383364323039613431666239346136616231 38613230353034316666643932343837333134656465306239383134366237396438366533643566
37383838316338666462376133613632663633663935643563346333356464663434393734366433 61366236353538316431366165353734326130363239373631656661323966303530373338653539
37376539366139396536323535316539643261636533303065326164643132313439313632306664 38393531326335613831313937303537623933613233313439366330303134643836303466353061
33386136393734613739396336396635353439393531393363326137363562646363333762386135 30353030633936326238353630386663626132636363663638643732643331666664333962323562
32376162373766393763343634326434323034336533336166666635636135393066353238626161 30633837366161356661643963353163636663616339663230353738646463653761393862313861
37376132306339626263313663376638633337656162333431313439643930303332666138643962 63363834623765393461656239613737613231666337333332663262356233633536326531336337
37313331616563643638343464653535653038613136313637336534636537343763376634626538 66626231636634396632343466323433396233636639393136333538386330313837626135306537
64633133656237346461346330333061636663336262646264326237373736366337663331323764 65653130366433303036396530303835643266316333383761643166373838623037356539653166
65353931373266336232366434356631383338386537616535656664323334363963666631363331 63396561616462366461316338323662366232383963376161626132343236643766623431303066
37653666316236613931386161346439663935656466396137643765626632643263323163623138 31386231356361336632663266336661613938313634313038353431343463343433616238356563
34326363373633303365353530383633623936313436616635353733643837656233613635383966 35643739373831383337336136626637313565633365643037363039353134343536333938333239
37356665626530626532356632323338623062386332616332643061623031366366613433383734 37343463313632376333653266303162633838363933373164366563333538333561663539313331
33623732636637363237336439373432616332643638303131363332393230663565323139303163 37666634343138356539366431386361623130613865333439373464336135613036333731633066
36643134363861383834656539626166386164326236336266633435626163383437366338353930 34316234656430343633366361323830303232623565653736316539346662663537336263663331
33373932333832373237343532623537363931366636346132616162343839303965386337316164 66636639333030623061616533356136306239323764373238353734613064616434353666323538
61656233616633323933306165643666306661366632613933383932616664613663663234653431 33363934333930366432363434366365306431623438326534656266303837613034336130623066
30306163346630653239323966396638643162303766363131646430303366303435343866353639 30666632333332623934306338653765386163396535393636376266396663633033663939353765
66373465393764396335346131346331353561643434633364656530626238326333333731383361 35616237306566346230343933633464653537343039623132643538643634333238393961383335
35653232373235383633616634643966636336333461663237653764626534346336 30323831643263613530373135666437383337636236373563313232393431323332353136633565
33356236386537363039643861323131323738643864306133636266373731666631646262333032
33376662336635663464323866626636343032663632326631613866396434623332303833326238
34386230303233353966373362303365653636623632376331326466623532396661313264666463
38333766313365376533663262366134373730363163343365326433626636363663363466313733
39353164343463643462663635383266646161663235336264636463633231633935366663343237
613361633163336661313532636238353634

View file

@ -6,10 +6,12 @@
mxisd_deb: "{{ mxisd_releases }}/download/v1.3.1/mxisd_1.3.1_all.deb" mxisd_deb: "{{ mxisd_releases }}/download/v1.3.1/mxisd_1.3.1_all.deb"
roles: roles:
- debian-backports - debian-backports
- nodejs
- matrix-synapse - matrix-synapse
- matrix-mxisd - matrix-mxisd
- matrix-appservice-discord - matrix-appservice-discord
- matrix-appservice-irc - matrix-appservice-irc
- matrix-appservice-webhooks
# Install Matrix Riot on corresponding containers # Install Matrix Riot on corresponding containers
- hosts: riot.adm.auro.re - hosts: riot.adm.auro.re

View file

@ -1,14 +1,4 @@
--- ---
# For NodeJS package
- name: Configure NodeJS pin
when:
- ansible_distribution == 'Debian'
- ansible_distribution_release == 'stretch'
template:
src: apt/nodejs.j2
dest: /etc/apt/preferences.d/nodejs
mode: 0644
# For HTTPS apt # For HTTPS apt
- name: Install HTTPS apt - name: Install HTTPS apt
apt: apt:
@ -33,12 +23,7 @@
# Install CodiMD dependencies # Install CodiMD dependencies
- name: Install required packages - name: Install required packages
apt: apt:
name: name: yarn
- git
- nodejs
- npm
- build-essential
- yarn
update_cache: true update_cache: true
register: apt_result register: apt_result
retries: 3 retries: 3

View file

@ -1,24 +0,0 @@
---
# For NodeJS package
- name: Configure NodeJS pin
when:
- ansible_distribution == 'Debian'
- ansible_distribution_release == 'stretch'
template:
src: apt/nodejs.j2
dest: /etc/apt/preferences.d/nodejs
mode: 0644
# Install EtherPad dependencies
- name: Install required packages
apt:
name:
- build-essential
- curl
- git
- nodejs
- npm
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded

View file

@ -1,6 +1,12 @@
--- ---
# Install APT dependencies # Install EtherPad dependencies
- include_tasks: 0_apt_dependencies.yml - name: Install required packages
apt:
name: curl
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded
# Create EtherPad user and group # Create EtherPad user and group
- include_tasks: 1_user_group.yml - include_tasks: 1_user_group.yml

View file

@ -1,7 +1,4 @@
--- ---
# Install APT dependencies
- include_tasks: 0_apt_dependencies.yml
# Create CodiMD user and group # Create CodiMD user and group
- include_tasks: 1_user_group.yml - include_tasks: 1_user_group.yml

View file

@ -1,21 +0,0 @@
---
- name: Configure NodeJS pin
when:
- ansible_distribution == 'Debian'
- ansible_distribution_release == 'stretch'
template:
src: apt/nodejs.j2
dest: /etc/apt/preferences.d/nodejs
mode: 0644
- name: Install required packages
apt:
name:
- git
- nodejs
- npm
- build-essential
update_cache: true
register: apt_result
retries: 3
until: apt_result is succeeded

View file

@ -1,7 +1,4 @@
--- ---
# Install APT dependencies
- include_tasks: 0_apt_dependencies.yml
# Create matrix-appservice-irc user and group # Create matrix-appservice-irc user and group
- include_tasks: 1_user_group.yml - include_tasks: 1_user_group.yml

View file

@ -0,0 +1,5 @@
---
# Reload systemd daemons when a service file changes
- name: Reload systemd daemons
systemd:
daemon_reload: true

View file

@ -0,0 +1,26 @@
---
# Security #1
- name: Create matrix-appservice-webhooks system group
group:
name: matrix-appservice-webhooks
system: true
state: present
# Security #2
- name: Create matrix-appservice-webhooks user
user:
name: matrix-appservice-webhooks
group: matrix-appservice-webhooks
home: /var/local/matrix-appservice-webhooks
comment: Matrix Appservice WebHooks
system: true
state: present
# Security #3
- name: Secure matrix-appservice-webhooks home directory
file:
path: /var/local/matrix-appservice-webhooks
state: directory
owner: matrix-appservice-webhooks
group: matrix-appservice-webhooks
mode: 0750

View file

@ -0,0 +1,50 @@
---
# Create matrix-appservice-webhooks user and group
- include_tasks: 1_user_group.yml
- name: Clone matrix-appservice-webhooks project
git:
repo: https://github.com/matrix-org/matrix-appservice-webhooks.git
dest: /var/local/matrix-appservice-webhooks/matrix-appservice-webhooks
version: master
become: true
become_user: matrix-appservice-webhooks
# Setup dependencies
- name: Install matrix-appservice-webhooks dependencies
npm:
path: /var/local/matrix-appservice-webhooks/matrix-appservice-webhooks
production: true
become: true
become_user: matrix-appservice-webhooks
register: npm_result
retries: 3
until: npm_result is succeeded
# Configure
- name: Configure matrix-appservice-webhooks
template:
src: config.yaml.j2
dest: /var/local/matrix-appservice-webhooks/matrix-appservice-webhooks/config/config.yaml
owner: matrix-appservice-webhooks
group: matrix-appservice-webhooks
mode: 0600
# Service file
- name: Install matrix-appservice-webhooks systemd unit
template:
src: 'systemd/matrix-appservice-webhooks.service.j2'
dest: '/etc/systemd/system/matrix-appservice-webhooks.service'
owner: root
group: root
mode: 0644
notify: Reload systemd daemons
# TODO: See https://github.com/turt2live/matrix-appservice-webhooks
# Run
#- name: Ensure that matrix-appservice-webhooks is started
# service:
# name: matrix-appservice-webhooks
# state: started
# enabled: true

View file

@ -0,0 +1,5 @@
# {{ ansible_managed }}
Package: node* libuv1*
Pin: release a=stretch-backports
Pin-Priority: 600

View file

@ -0,0 +1,39 @@
# {{ ansible_managed }}
# Configuration specific to the application service. All fields (unless otherwise marked) are required.
homeserver:
# The domain for the client-server API calls.
url: "http://auro.re"
# The domain part for user IDs on this home server. Usually, but not always, this is the same as the
# home server's URL.
domain: "auro.re"
# Configuration specific to the bridge. All fields (unless otherwise marked) are required.
webhookBot:
# The localpart to use for the bot. May require re-registering the application service.
localpart: "_webhook"
# Appearance options for the Matrix bot
appearance:
displayName: "Webhook Bridge"
avatarUrl: "http://i.imgur.com/IDOBtEJ.png" # webhook icon
# Provisioning API options
provisioning:
# Your secret for the API. Required for all provisioning API requests.
secret: '{{ matrix_webhooks_secret }}'
# Configuration related to the web portion of the bridge. Handles the inbound webhooks
web:
hookUrlBase: 'http://localhost:9000/'
logging:
file: logs/webhook.log
console: true
consoleLevel: info
fileLevel: verbose
writeFiles: true
rotate:
size: 52428800 # bytes, default is 50mb
count: 5

View file

@ -0,0 +1,17 @@
# {{ ansible_managed }}
[Unit]
Description=A bridge between Matrix and WebHooks
After=syslog.target network-online.target mysql.service postgresql.service
Conflicts=shutdown.target
[Service]
Type=simple
User=matrix-appservice-webhooks
Group=matrix-appservice-webhooks
WorkingDirectory=/var/local/matrix-appservice-webhooks/matrix-appservice-webhooks
ExecStart=/usr/bin/nodejs /var/local/matrix-appservice-webhooks/matrix-appservice-webhooks/app.js -c config.yaml -f my_registration_file.yaml -p 9999
Restart=always
[Install]
WantedBy=multi-user.target

View file

@ -11,10 +11,9 @@
- name: Install required packages - name: Install required packages
apt: apt:
name: name:
- git
- nodejs - nodejs
- npm - npm
- build-essential - build-essential # To build npm packages
update_cache: true update_cache: true
register: apt_result register: apt_result
retries: 3 retries: 3

View file

@ -0,0 +1,5 @@
# {{ ansible_managed }}
Package: node* libuv1*
Pin: release a=stretch-backports
Pin-Priority: 600