From 67f3f2dbd1f9fb93affa90485e40b4cbde7c2575 Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Mon, 4 Dec 2023 09:15:08 +0100
Subject: [PATCH] move turn over to its own role

---
 ansible/inventory/runa.yml                    | 11 +--
 .../synapse/docker-compose.yaml-with-comments | 69 -------------------
 ansible/roles/elementweb/tasks/main.yml       |  6 +-
 .../synapse => synapse/files/basedir}/.env    |  0
 .../files/basedir}/config/homeserver.yaml     |  0
 .../files/basedir}/config/log.yaml            |  0
 .../config/synapse-worker-federation.yaml     |  0
 .../config/synapse-worker-generic.yaml        |  0
 .../basedir}/config/synapse-worker-sync.yaml  |  0
 .../files/basedir}/docker-compose.yaml        |  0
 .../files/basedir}/nginx/synapse.conf         |  0
 .../files/basedir}/www/index.html             |  0
 ansible/roles/synapse/tasks/main.yml          |  9 +++
 .../files/basedir}/docker-compose.yaml        |  0
 .../turn1 => turn/templates}/turnserver.conf  |  7 +-
 15 files changed, 23 insertions(+), 79 deletions(-)
 delete mode 100644 ansible/roles/docker-compose/files/synapse/docker-compose.yaml-with-comments
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/.env (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/config/homeserver.yaml (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/config/log.yaml (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/config/synapse-worker-federation.yaml (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/config/synapse-worker-generic.yaml (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/config/synapse-worker-sync.yaml (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/docker-compose.yaml (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/nginx/synapse.conf (100%)
 rename ansible/roles/{docker-compose/files/synapse => synapse/files/basedir}/www/index.html (100%)
 create mode 100644 ansible/roles/synapse/tasks/main.yml
 rename ansible/roles/{docker-compose/files/turn1 => turn/files/basedir}/docker-compose.yaml (100%)
 rename ansible/roles/{docker-compose/files/turn1 => turn/templates}/turnserver.conf (68%)

diff --git a/ansible/inventory/runa.yml b/ansible/inventory/runa.yml
index 9559f96..a8d45a7 100644
--- a/ansible/inventory/runa.yml
+++ b/ansible/inventory/runa.yml
@@ -10,6 +10,9 @@ runa:
       - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjWYALKYHTs6mX7GrrpxR0TPhxwVplmmcTPAA7zjhVCZajcUwLduy3Yct4YXBwRiEydGyhExoVVB8i7UhyvMQsTheRk751uJZyKWIkqbQJoJx1LPmZ00EJNaiIEiJih762D9KWZ1GoLBfB4QAEmoWDzVm3CFJ9tBVEsQ7i9BH+Cbe2GsnqflfWjb09bZhaOSTrmWNcBxgpXirZyi8EI0SrVtmnwVzdH8HXOalvFqW57aY1q/RjE1DIh7Pp+RiGscZz6CJ5oJtSEKbjZ2aUe4gomlQwYmGNVk22RdjvB7+0KDXMwdp702Z5ETv2xYk9v5YrA/lsWk/9JX8vGYb5Y5N+GGG9woZ5M1JIRjXduxNf68VMSQbxZTeonoWkh6Q8CNgDsHyyAyNuPAss7SCCGk5G8s0q/4IDGfV0A1QKFhHOId1qEqGQtLKaRbo6ZTi9wXSieA5D3kMNh+WWufutxI/t56USzNSaeYjqpYwiICBZ8jzWBJrDamiFne4KkW3PTao7Czv6yIeXHHfGYDtdvXppMSjamw+rbA/btTes5X+pYlFxniO5sZJUa+jnJOo3SYBGoRYftqxw7Usqm/i/koHP1RM8L3Iq+/xXNr5+AyFzRBCUUuDfRw1MY1n9OJXvYykNGth4ablfVFcP1R8Qq7jVGksK1dzckzD9SmCdubzwtw== nico-2014"
 
     matrix_service: ""
+    turn:
+      realm: ""
+
     logs_dirs:
       - name: nginx
         uid: 101
@@ -21,11 +24,11 @@ runa:
     ank:
       hosts:
         mtx-turn-1.ankr.corp-services.app:
-          docker_compose:
-            - turn1
+          matrix_service: "turn"
+          turn:
+            realm: "turn-1.corp-serv.net"
+            external_ip: "135.125.151.180/10.80.24.41"
         mtx-turn-2.ankr.corp-services.app:
-          docker_compose:
-            - turn2
     lat:
       hosts:
         mtx-elem-1.lat.internal.ru.com:
diff --git a/ansible/roles/docker-compose/files/synapse/docker-compose.yaml-with-comments b/ansible/roles/docker-compose/files/synapse/docker-compose.yaml-with-comments
deleted file mode 100644
index 10a3656..0000000
--- a/ansible/roles/docker-compose/files/synapse/docker-compose.yaml-with-comments
+++ /dev/null
@@ -1,69 +0,0 @@
-version: '3'
-services:
-  synapse-main:
-    image: matrixdotorg/synapse:${SYNAPSE_VERSION}
-    ports:
-      - "8008:8008/tcp"
-    volumes:
-      - /mnt/synapse_data:/data
-      - ./config:/config
-    # ports:
-    #   - "8008:8008/tcp"
-    command:
-      - run
-      - --config-path=/config/homeserver.yaml
-    restart: always
-
-  synapse-worker-generic:
-    image: matrixdotorg/synapse:latest
-    command:
-      - run
-      - "--config-path=/config/homeserver.yaml"
-      - "--config-path=/config/synapse-worker-generic.yaml"
-    # ports:
-    #   - "8008:8008/tcp"
-    volumes:
-      - /mnt/synapse_data:/data
-      - ./config:/config
-    environment:
-      SYNAPSE_WORKER: synapse.app.generic_worker
-    depends_on:
-      - synapse-main
-    restart: unless-stopped
-    # healthcheck:
-    #   test: ["CMD-SHELL", "curl -fSs http://localhost:8081/health || exit 1"]
-    #   start_period: "5s"
-    #   interval: "15s"
-    #   timeout: "5s"
-
-
-  nginx:
-    image: nginx:${NGINX_VERSION}
-    ports:
-      - "80:80/tcp"
-      - "443:443/tcp"
-    volumes:
-      - ./nginx:/etc/nginx/conf.d
-      - /ssl:/ssl
-    restart: unless-stopped
-
-  redis:
-    image: "redis:latest"
-    ports:
-      - "6379:6379/tcp"
-    restart: "unless-stopped"
-
-  # synapse-federation-sender-1:
-  #   image: matrixdotorg/synapse:latest
-  #   container_name: synapse-federation-sender-1
-  #   restart: unless-stopped
-  #   entrypoint: ["/start.py", "run", "--config-path=/data/homeserver.yaml", "--config-path=/data/workers/synapse-federation-sender-1.yaml"]
-  #   healthcheck:
-  #     disable: true
-  #   network_mode: "host"
-  #   volumes:
-  #     - ./synapse:/data
-  #   environment:
-  #     SYNAPSE_WORKER: synapse.app.generic_worker
-  #   depends_on:
-  #     - synapse
diff --git a/ansible/roles/elementweb/tasks/main.yml b/ansible/roles/elementweb/tasks/main.yml
index 2f88241..e04c0f3 100644
--- a/ansible/roles/elementweb/tasks/main.yml
+++ b/ansible/roles/elementweb/tasks/main.yml
@@ -1,7 +1,7 @@
 - name: Copy docker-compose contents
   ansible.builtin.copy:
     src: files/basedir/
-    dest: /home/{{ ansible_user }}/docker_compose/{{ docker_compose }}
+    dest: /home/{{ ansible_user }}/docker_compose/{{ matrix_service }}
     owner: "{{ ansible_user }}"
     mode: '0644'
   tags:
@@ -10,7 +10,7 @@
 
 - name: Create nginx dir
   ansible.builtin.file:
-    path: /home/{{ ansible_user }}/docker_compose/nginx
+    path: /home/{{ ansible_user }}/docker_compose/{{ matrix_service }}/nginx
     state: directory
     owner: "{{ ansible_user }}"
     mode: '0755'
@@ -21,7 +21,7 @@
 - name: Create nginx config
   ansible.builtin.template:
     src: "nginx/elementweb.conf"
-    dest: /home/{{ ansible_user }}/docker_compose/nginx/elementweb.conf
+    dest: /home/{{ ansible_user }}/docker_compose/{{ matrix_service }}/nginx/elementweb.conf
     owner: "{{ ansible_user }}"
     mode: '0644'
   tags:
diff --git a/ansible/roles/docker-compose/files/synapse/.env b/ansible/roles/synapse/files/basedir/.env
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/.env
rename to ansible/roles/synapse/files/basedir/.env
diff --git a/ansible/roles/docker-compose/files/synapse/config/homeserver.yaml b/ansible/roles/synapse/files/basedir/config/homeserver.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/config/homeserver.yaml
rename to ansible/roles/synapse/files/basedir/config/homeserver.yaml
diff --git a/ansible/roles/docker-compose/files/synapse/config/log.yaml b/ansible/roles/synapse/files/basedir/config/log.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/config/log.yaml
rename to ansible/roles/synapse/files/basedir/config/log.yaml
diff --git a/ansible/roles/docker-compose/files/synapse/config/synapse-worker-federation.yaml b/ansible/roles/synapse/files/basedir/config/synapse-worker-federation.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/config/synapse-worker-federation.yaml
rename to ansible/roles/synapse/files/basedir/config/synapse-worker-federation.yaml
diff --git a/ansible/roles/docker-compose/files/synapse/config/synapse-worker-generic.yaml b/ansible/roles/synapse/files/basedir/config/synapse-worker-generic.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/config/synapse-worker-generic.yaml
rename to ansible/roles/synapse/files/basedir/config/synapse-worker-generic.yaml
diff --git a/ansible/roles/docker-compose/files/synapse/config/synapse-worker-sync.yaml b/ansible/roles/synapse/files/basedir/config/synapse-worker-sync.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/config/synapse-worker-sync.yaml
rename to ansible/roles/synapse/files/basedir/config/synapse-worker-sync.yaml
diff --git a/ansible/roles/docker-compose/files/synapse/docker-compose.yaml b/ansible/roles/synapse/files/basedir/docker-compose.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/docker-compose.yaml
rename to ansible/roles/synapse/files/basedir/docker-compose.yaml
diff --git a/ansible/roles/docker-compose/files/synapse/nginx/synapse.conf b/ansible/roles/synapse/files/basedir/nginx/synapse.conf
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/nginx/synapse.conf
rename to ansible/roles/synapse/files/basedir/nginx/synapse.conf
diff --git a/ansible/roles/docker-compose/files/synapse/www/index.html b/ansible/roles/synapse/files/basedir/www/index.html
similarity index 100%
rename from ansible/roles/docker-compose/files/synapse/www/index.html
rename to ansible/roles/synapse/files/basedir/www/index.html
diff --git a/ansible/roles/synapse/tasks/main.yml b/ansible/roles/synapse/tasks/main.yml
new file mode 100644
index 0000000..b0ab0bd
--- /dev/null
+++ b/ansible/roles/synapse/tasks/main.yml
@@ -0,0 +1,9 @@
+- name: Copy docker-compose contents
+  ansible.builtin.copy:
+    src: files/basedir/
+    dest: /home/{{ ansible_user }}/docker_compose/{{ matrix_service }}
+    owner: "{{ ansible_user }}"
+    mode: '0644'
+  tags:
+    - files
+    - test
diff --git a/ansible/roles/docker-compose/files/turn1/docker-compose.yaml b/ansible/roles/turn/files/basedir/docker-compose.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/turn1/docker-compose.yaml
rename to ansible/roles/turn/files/basedir/docker-compose.yaml
diff --git a/ansible/roles/docker-compose/files/turn1/turnserver.conf b/ansible/roles/turn/templates/turnserver.conf
similarity index 68%
rename from ansible/roles/docker-compose/files/turn1/turnserver.conf
rename to ansible/roles/turn/templates/turnserver.conf
index 8983501..a46be04 100644
--- a/ansible/roles/docker-compose/files/turn1/turnserver.conf
+++ b/ansible/roles/turn/templates/turnserver.conf
@@ -1,13 +1,14 @@
-realm=turn-1.corp-serv.net
+realm={{ turn.realm }}
 no-tcp-relay
 listening-ip=0.0.0.0
 listening-port=3478
 min-port=49152
 max-port=65535
 
-external-ip=135.125.151.180/10.80.24.41
+external-ip={{ turn.external_ip }}
 
-log-file=stdout
+#log-file=stdout
+log-file=/logs/turn-{{ inventory_hostname }}.log
 verbose
 pidfile=/var/tmp/turnserver.pid
 use-auth-secret