From 10b3ceff7229abebdd3d41fed38fefc7a64421a0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 9 Jun 2020 08:29:03 +0300 Subject: [PATCH] Make Matrix federation port configurable Fixes #523 (Github Issue). --- group_vars/matrix_servers | 4 +++- roles/matrix-base/defaults/main.yml | 2 ++ .../templates/static-files/well-known/matrix-server.j2 | 2 +- roles/matrix-synapse/tasks/self_check_federation_api.yml | 2 +- roles/matrix-synapse/vars/main.yml | 2 +- 5 files changed, 8 insertions(+), 4 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 90c249a6a..ff69cd8fb 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -638,6 +638,8 @@ matrix_nginx_proxy_proxy_matrix_federation_api_enabled: true matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container: "matrix-synapse:8048" matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:8048" +matrix_nginx_proxy_container_federation_host_bind_port: "{{ matrix_federation_public_port }}" + matrix_nginx_proxy_proxy_synapse_metrics: "{{ matrix_synapse_metrics_enabled }}" matrix_nginx_proxy_proxy_synapse_metrics_addr_with_container: "matrix-synapse:{{ matrix_synapse_metrics_port }}" matrix_nginx_proxy_proxy_synapse_metrics_addr_sans_container: "127.0.0.1:{{ matrix_synapse_metrics_port }}" @@ -788,7 +790,7 @@ matrix_synapse_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy matrix_synapse_container_federation_api_plain_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8048' }}" # # For exposing the Matrix Federation API's TLS port (HTTPS) to the internet on all network interfaces. -matrix_synapse_container_federation_api_tls_host_bind_port: "{{ '8448' if (matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled) else '' }}" +matrix_synapse_container_federation_api_tls_host_bind_port: "{{ matrix_federation_public_port if (matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled) else '' }}" # # For exposing the Synapse Metrics API's port (plain HTTP) to the local host. matrix_synapse_container_metrics_api_host_bind_port: "{{ '127.0.0.1:9100' if (matrix_synapse_metrics_enabled and not matrix_nginx_proxy_enabled) else '' }}" diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 1aa09800e..76c363e4c 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -21,6 +21,8 @@ matrix_server_fqn_dimension: "dimension.{{ matrix_domain }}" # This is where you access Jitsi. matrix_server_fqn_jitsi: "jitsi.{{ matrix_domain }}" +matrix_federation_public_port: 8448 + matrix_user_username: "matrix" matrix_user_groupname: "matrix" diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-server.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-server.j2 index de0f57225..8349a15c2 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-server.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-server.j2 @@ -1,4 +1,4 @@ #jinja2: lstrip_blocks: "True" { - "m.server": "{{ matrix_server_fqn_matrix }}:8448" + "m.server": "{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}" } diff --git a/roles/matrix-synapse/tasks/self_check_federation_api.yml b/roles/matrix-synapse/tasks/self_check_federation_api.yml index fd4b338cc..2a716d6b5 100644 --- a/roles/matrix-synapse/tasks/self_check_federation_api.yml +++ b/roles/matrix-synapse/tasks/self_check_federation_api.yml @@ -11,7 +11,7 @@ - name: Fail if Matrix Federation API not working fail: - msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port 8448 open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}" + msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port {{ matrix_federation_public_port }} open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}" when: "matrix_synapse_enabled|bool and matrix_synapse_federation_enabled|bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)" - name: Fail if Matrix Federation API unexpectedly enabled diff --git a/roles/matrix-synapse/vars/main.yml b/roles/matrix-synapse/vars/main.yml index bb0a06f25..b53dceb82 100644 --- a/roles/matrix-synapse/vars/main.yml +++ b/roles/matrix-synapse/vars/main.yml @@ -3,7 +3,7 @@ matrix_synapse_id_servers_public: ['vector.im', 'matrix.org'] matrix_synapse_client_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/versions" -matrix_synapse_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}:8448/_matrix/federation/v1/version" +matrix_synapse_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}/_matrix/federation/v1/version" # Tells whether this role had executed or not. Toggled to `true` during runtime. matrix_synapse_role_executed: false