Move matrix-registration service to its own network and add native Traefik support
This commit is contained in:
Slavi Pantaleev
@ -379,7 +379,7 @@ devture_systemd_service_manager_services_list_auto: |
|
||||
+
|
||||
([{'name': (redis_identifier + '.service'), 'priority': 750, 'groups': ['matrix', 'redis']}] if redis_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-registration.service', 'priority': 4000, 'groups': ['matrix', 'registration']}] if matrix_registration_enabled else [])
|
||||
([{'name': 'matrix-registration.service', 'priority': 4000, 'groups': ['matrix', 'registration', 'matrix-registration']}] if matrix_registration_enabled else [])
|
||||
+
|
||||
([{'name': 'matrix-sliding-sync.service', 'priority': 4000, 'groups': ['matrix', 'sliding-sync']}] if matrix_sliding_sync_enabled else [])
|
||||
+
|
||||
@ -4697,12 +4697,38 @@ grafana_default_home_dashboard_path: |-
|
||||
|
||||
matrix_registration_enabled: false
|
||||
|
||||
# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-registration over the container network.
|
||||
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
|
||||
# matrix-registration's HTTP port to the local host.
|
||||
matrix_registration_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
|
||||
matrix_registration_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_registration_path_prefix: /matrix-registration
|
||||
|
||||
matrix_registration_systemd_required_services_list_auto: |
|
||||
{{
|
||||
([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_registration_database_hostname == devture_postgres_connection_hostname) else [])
|
||||
}}
|
||||
|
||||
matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
|
||||
matrix_registration_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '8767') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
|
||||
|
||||
matrix_registration_riot_instance: "{{ ('https://' + matrix_server_fqn_element) if matrix_client_element_enabled else 'https://riot.im/app/' }}"
|
||||
matrix_registration_container_network: "{{ matrix_addons_container_network }}"
|
||||
|
||||
matrix_registration_container_additional_networks_auto: |-
|
||||
{{
|
||||
(
|
||||
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
|
||||
+
|
||||
([devture_postgres_container_network] if (devture_postgres_enabled and matrix_registration_database_hostname == devture_postgres_connection_hostname and matrix_mautrix_facebook_container_network != devture_postgres_container_network) else [])
|
||||
+
|
||||
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_registration_container_labels_traefik_enabled) else [])
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_registration_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
|
||||
matrix_registration_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
|
||||
matrix_registration_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
|
||||
matrix_registration_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
||||
|
||||
matrix_registration_riot_instance: "{{ ('https://' + matrix_server_fqn_element) if matrix_client_element_enabled else 'https://element.io/app/' }}"
|
||||
|
||||
matrix_registration_shared_secret: |-
|
||||
{{
|
||||
@ -4713,19 +4739,10 @@ matrix_registration_shared_secret: |-
|
||||
}[matrix_homeserver_implementation]
|
||||
}}
|
||||
|
||||
matrix_registration_server_location: "{{ matrix_homeserver_container_url }}"
|
||||
matrix_registration_server_location: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
matrix_registration_api_validate_certs: "{{ false if matrix_playbook_ssl_retrieval_method == 'self-signed' else true }}"
|
||||
|
||||
matrix_registration_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
|
||||
|
||||
matrix_registration_systemd_required_services_list: |
|
||||
{{
|
||||
['docker.service']
|
||||
+
|
||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||
}}
|
||||
|
||||
# Postgres is the default, except if not using internal Postgres server
|
||||
matrix_registration_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
||||
matrix_registration_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||
|
||||
Reference in New Issue
Block a user