basic installation

This commit is contained in:
olli 2023-08-24 09:29:26 +02:00
parent 43a0c203af
commit cde80d270c
2 changed files with 13 additions and 66 deletions

View File

@ -4,24 +4,25 @@
- debian.ansible.traefik.server
# Installation
´´´
```
ansible-playbook --connection=local --inventory $(hostname), --limit $(hostname) matrix.yml
´´´
```
# User Administration
Admin User is created while installation.
Username: mx-admin
Password can be found with
´´´
```
cat /home/docker/matrix.$(hostname)/env
´´´
```
Create a new user with
´´´
```
docker compose -f /home/docker/matrix.$(hostname)/docker-compose.yml exec -ti matrix.defiant.dedyn.io register_new_matrix_user -c /data/homeserver.yaml --no-admin http://localhost:8008
´´´
```
List users
. /home/docker/matrix.$(hostname)/env ; docker compose -f /home/docker/matrix.$(hostname)/docker-compose.yml exec -ti matrix.defiant.dedyn.io--db psql -U $POSTGRES_USER -d synapse -c "SELECT name from users"
# Debugging
https://federationtester.matrix.org

View File

@ -61,10 +61,13 @@
enabled: true
host: matrix.{{inventory_hostname}}--redis
port: 6379
media_retention:
local_media_lifetime: 28d
remote_media_lifetime: 14d
backup: yes
notify: Restart matrix
- name: /home/docker/matrix.{{inventory_hostname}}/genpw.sh (generate Random PW for Nextcloud and DB)
- name: /home/docker/matrix.{{inventory_hostname}}/genpw.sh (generate Random PW for Matrix and DB)
blockinfile:
path: /home/docker/matrix.{{inventory_hostname}}/genpw.sh
create: yes
@ -83,7 +86,6 @@
MATRIX_ADMIN_PASSWORD=!MATRIX_ADMIN_PASSWORD!
" >env
[ -f env.db ] || echo "POSTGRES_USER=!POSTGRESUSER!
POSTGRES_PASSWORD=!POSTGRESPASSWORD!
" >env.db
@ -190,27 +192,6 @@
}
backup: yes
- name: /home/docker/matrix.{{inventory_hostname}}/turnserver.conf
blockinfile:
path: /home/docker/matrix.{{inventory_hostname}}/turnserver.conf
mode: "0400"
owner: root
group: root
create: yes
marker: "# {mark} ANSIBLE MANAGED BLOCK"
block: |
syslog
listening-port=3478
fingerprint
use-auth-secret
static-auth-secret=
realm=matrix.{{inventory_hostname}}
total-quota=100
bps-capacity=0
stale-nonce
no-multicast-peers
backup: yes
- name: Element Web configuration
copy:
@ -344,6 +325,7 @@
matrix.{{inventory_hostname}}--db:
image: docker.io/postgres:latest
restart: unless-stopped
command: postgres -c wal_level=minimal -c max_wal_size=100MB -c max_wal_senders=0
volumes:
- ./matrixdb-data:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
@ -354,19 +336,6 @@
networks:
- matrix.{{inventory_hostname}}--network
matrix.{{inventory_hostname}}--coturn:
image: coturn/coturn:latest
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- ./turnserver.conf:/etc/coturn/turnserver.conf
networks:
- matrix.{{inventory_hostname}}--network
- traefik
ports:
- 3479:3478
- 3479:3478/udp
matrix.{{inventory_hostname}}--redis:
image: redis:latest
restart: unless-stopped
@ -479,34 +448,11 @@
# create: yes
# marker: "# {mark} ANSIBLE MANAGED BLOCK"
# block: |
# # Nextcloud maintenance and app-update
# cd /home/docker/matrix.{{inventory_hostname}} || continue
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ db:add-missing-columns
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ db:add-missing-indices
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ db:add-missing-primary-keys
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ app:update --all
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ dav:sync-birthday-calendar
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ trashbin:cleanup --all-users
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ files:cleanup
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ files:scan --all
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ maps:scan-photos
# docker-compose exec -T -u www-data matrix.{{inventory_hostname}} ./occ db:convert-filecache-bigint -n
# backup: yes
# validate: /bin/bash -n %s
# notify: run matrix.update
- name: Allow turn for audio/video tcp
community.general.ufw:
rule: allow
port: '3479'
proto: tcp
- name: Allow turn for audio/video udp
community.general.ufw:
rule: allow
port: '3479'
proto: udp
handlers:
- name: run genpw.sh