This playbook not only installs the various Matrix services for you, but can also upgrade them as new versions are made available.
While this playbook helps you to set up Matrix services and maintain them, it will not automatically run the maintenance task for you. You will need to update the playbook and re-run it manually.
The upstream projects, which this playbook makes use of, occasionally if not often suffer from security vulnerabilities (for example, see here for known ones on Element Web).
Since it is unsafe to keep outdated services running on the server connected to the internet, please consider to update the playbook and re-run it periodically, in order to keep the services up-to-date.
The developers of this playbook strive to maintain the playbook updated, so that you can re-run the playbook to address such vulnerabilities. It is your responsibility to keep your server and the services on it up-to-date.
If you want to be notified when new versions of Synapse are released, you should join the Synapse Homeowners room: #homeowners:matrix.org.
Before updating the playbook and the Ansible roles in the playbook, take a look at the changelog to see if there have been any backward-incompatible changes that you need to take care of.
If it looks good to you, go to the matrix-docker-ansible-deploy directory, update your playbook directory and all upstream Ansible roles (defined in the requirements.yml file) by running:
- either:
just update - or: a combination of
git pullandjust roles(ormake rolesif you havemakeprogram on your computer instead ofjust)
If you don't have either just tool or make program, you can run the ansible-galaxy tool directly: rm -rf roles/galaxy; ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
Note: for details about just commands, take a look at: Running just commands.
After updating the Ansible roles, then re-run the playbook setup and restart all services:
ansible-playbook -i inventory/hosts setup.yml --tags=install-all,startIf you remove components from vars.yml, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with --tags=setup-all instead of --tags=install-all. See this page on the playbook tags for more information.
If you want to invoke the ansible-playbook command with less typing, you can run just to execute the shortcut command: just install-all (or just setup-all). Note that it restarts all services automatically.
Major version upgrades to the internal PostgreSQL database are not done automatically. Upgrades must be performed manually.
For details about upgrading it, refer to the upgrading PostgreSQL guide.