Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy
This commit is contained in:
p5t2vspoqqw
@ -11,8 +11,10 @@ matrix_appservice_discord_base_path: "{{ matrix_base_data_path }}/appservice-dis
|
||||
matrix_appservice_discord_client_id: ''
|
||||
matrix_appservice_discord_bot_token: ''
|
||||
|
||||
# Controls whether the Appservice Discord container exposes the Client/Server API port (tcp/9005).
|
||||
matrix_appservice_discord_container_expose_client_server_api_port: false
|
||||
# Controls whether the matrix-appservice-discord container exposes its HTTP port (tcp/9005 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9005"), or empty string to not expose.
|
||||
matrix_appservice_discord_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_appservice_discord_container_extra_arguments: []
|
||||
|
||||
@ -61,9 +61,6 @@
|
||||
-l discord_bot
|
||||
when: "not appservice_discord_registration_file.stat.exists"
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_app_service_config_file_appservice_discord: '{{ matrix_appservice_discord_base_path }}/discord-registration.yml'
|
||||
|
||||
- name: Check if a matrix-appservice-discord invite_link file exists
|
||||
stat:
|
||||
path: "{{ matrix_appservice_discord_base_path }}/invite_link"
|
||||
@ -82,12 +79,12 @@
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_additional_volumes: >
|
||||
{{ matrix_synapse_container_additional_volumes|default([]) }}
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
{{ [{'src': '{{ matrix_appservice_discord_base_path }}/discord-registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_appservice_discord }}', 'options': 'ro'}] }}
|
||||
{{ ["--mount type=bind,src={{ matrix_appservice_discord_base_path }}/discord-registration.yaml,dst=/matrix-appservice-discord-registration.yaml,ro"] }}
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["{{ matrix_synapse_app_service_config_file_appservice_discord }}"] | to_nice_json }}
|
||||
{{ ["/matrix-appservice-discord-registration.yaml"] }}
|
||||
|
||||
@ -8,3 +8,12 @@
|
||||
with_items:
|
||||
- "matrix_appservice_discord_client_id"
|
||||
- "matrix_appservice_discord_bot_token"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed appservice-discord variables
|
||||
fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_appservice_discord_container_expose_client_server_api_port', 'new': '<superseded by matrix_appservice_discord_container_http_host_bind_port>'}
|
||||
|
||||
@ -19,8 +19,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-appservice-discord \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_appservice_discord_container_expose_client_server_api_port %}
|
||||
-p 127.0.0.1:9005:9005 \
|
||||
{% if matrix_appservice_discord_container_http_host_bind_port %}
|
||||
-p {{ matrix_appservice_discord_container_http_host_bind_port }}:9005 \
|
||||
{% endif %}
|
||||
-v {{ matrix_appservice_discord_base_path }}:/data \
|
||||
{% for arg in matrix_appservice_discord_container_extra_arguments %}
|
||||
|
||||
@ -7,8 +7,10 @@ matrix_appservice_irc_docker_image: "tedomum/matrix-appservice-irc:latest"
|
||||
|
||||
matrix_appservice_irc_base_path: "{{ matrix_base_data_path }}/appservice-irc"
|
||||
|
||||
# Controls whether the Appservice IRC container exposes the Client/Server API port (tcp/9999).
|
||||
matrix_appservice_irc_container_expose_client_server_api_port: false
|
||||
# Controls whether the matrix-appservice-discord container exposes its HTTP port (tcp/9999 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9999"), or empty string to not expose.
|
||||
matrix_appservice_irc_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_appservice_irc_container_extra_arguments: []
|
||||
|
||||
@ -70,20 +70,17 @@
|
||||
-l irc_bot
|
||||
when: "not appservice_irc_registration_file.stat.exists"
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_app_service_config_file_appservice_irc: '/app-registration/appservice-irc.yml'
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_additional_volumes: >
|
||||
{{ matrix_synapse_container_additional_volumes|default([]) }}
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
{{ [{'src': '{{ matrix_appservice_irc_base_path }}/registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_appservice_irc }}', 'options': 'ro'}] }}
|
||||
{{ ["--mount type=bind,src={{ matrix_appservice_irc_base_path }}/registration.yaml,dst=/matrix-appservice-irc-registration.yaml,ro"] }}
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["{{ matrix_synapse_app_service_config_file_appservice_irc }}"] | to_nice_json }}
|
||||
{{ ["/matrix-appservice-irc-registration.yaml"] }}
|
||||
|
||||
- name: Ensure IRC configuration directory permissions are correct
|
||||
file:
|
||||
|
||||
@ -14,3 +14,11 @@
|
||||
You need to define additional configuration in `matrix_appservice_irc_configuration_extension_yaml` or to override `matrix_appservice_irc_configuration`.
|
||||
when: "matrix_appservice_irc_configuration.ircService|default(none) is none"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed appservice-irc variables
|
||||
fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_appservice_irc_container_expose_client_server_api_port', 'new': '<superseded by matrix_appservice_irc_container_http_host_bind_port>'}
|
||||
|
||||
@ -19,8 +19,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-appservice-irc \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_appservice_irc_container_expose_client_server_api_port %}
|
||||
-p 127.0.0.1:9999:9999 \
|
||||
{% if matrix_appservice_irc_container_http_host_bind_port %}
|
||||
-p {{ matrix_appservice_irc_container_http_host_bind_port }}:9999 \
|
||||
{% endif %}
|
||||
-v {{ matrix_appservice_irc_base_path }}:/data:z \
|
||||
{% for arg in matrix_appservice_irc_container_extra_arguments %}
|
||||
|
||||
@ -7,10 +7,6 @@ matrix_mautrix_facebook_docker_image: "tulir/mautrix-facebook:latest"
|
||||
|
||||
matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook"
|
||||
|
||||
# Get your own API keys at https://developers.facebook.com/docs/apis-and-sdks/
|
||||
matrix_mautrix_facebook_api_id: ''
|
||||
matrix_mautrix_facebook_api_hash: ''
|
||||
|
||||
matrix_mautrix_facebook_homeserver_address: 'https://{{ matrix_server_fqn_matrix }}'
|
||||
matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:8080'
|
||||
|
||||
@ -2,12 +2,6 @@
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
|
||||
tags:
|
||||
- setup-all
|
||||
- setup-mautrix-facebook
|
||||
|
||||
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
||||
when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool"
|
||||
tags:
|
||||
|
||||
@ -65,17 +65,14 @@
|
||||
python3 -m mautrix_facebook -g -c /data/config.yaml -r /data/registration.yaml
|
||||
when: "not mautrix_facebook_registration_file_stat.stat.exists"
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_app_service_config_file_mautrix_facebook: '/app-registration/mautrix-facebook.yml'
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_additional_volumes: >
|
||||
{{ matrix_synapse_container_additional_volumes|default([]) }}
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
{{ [{'src': '{{ matrix_mautrix_facebook_base_path }}/registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_mautrix_facebook }}', 'options': 'ro'}] }}
|
||||
{{ ["--mount type=bind,src={{ matrix_mautrix_facebook_base_path }}/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro"] }}
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["{{ matrix_synapse_app_service_config_file_mautrix_facebook }}"] | to_nice_json }}
|
||||
{{ ["/matrix-mautrix-facebook-registration.yaml"] }}
|
||||
|
||||
@ -1,10 +0,0 @@
|
||||
---
|
||||
|
||||
- name: Fail if required settings not defined
|
||||
fail:
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`).
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mautrix_facebook_api_id"
|
||||
- "matrix_mautrix_facebook_api_hash"
|
||||
@ -3,7 +3,7 @@
|
||||
|
||||
matrix_mautrix_telegram_enabled: true
|
||||
|
||||
matrix_mautrix_telegram_docker_image: "tulir/mautrix-telegram:v0.5.1"
|
||||
matrix_mautrix_telegram_docker_image: "tulir/mautrix-telegram:v0.5.2"
|
||||
|
||||
matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram"
|
||||
|
||||
@ -21,8 +21,10 @@ matrix_mautrix_telegram_homeserver_domain: '{{ matrix_domain }}'
|
||||
matrix_mautrix_telegram_appservice_address: 'http://matrix-mautrix-telegram:8080'
|
||||
matrix_mautrix_telegram_appservice_public_external: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mautrix_telegram_public_endpoint }}'
|
||||
|
||||
# Set this to a port number to expose on the host when not using matrix-nginx-proxy
|
||||
matrix_mautrix_telegram_container_exposed_port_number: ~
|
||||
# Controls whether the matrix-telegram container exposes its HTTP port (tcp/8080 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9006"), or empty string to not expose.
|
||||
matrix_mautrix_telegram_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mautrix_telegram_container_extra_arguments: []
|
||||
|
||||
@ -76,43 +76,40 @@
|
||||
python3 -m mautrix_telegram -g -c /data/config.yaml -r /data/registration.yaml
|
||||
when: "not mautrix_telegram_registration_file_stat.stat.exists"
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_app_service_config_file_mautrix_telegram: '/app-registration/mautrix-telegram.yml'
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_additional_volumes: >
|
||||
{{ matrix_synapse_container_additional_volumes|default([]) }}
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
{{ [{'src': '{{ matrix_mautrix_telegram_base_path }}/registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_mautrix_telegram }}', 'options': 'ro'}] }}
|
||||
{{ ["--mount type=bind,src={{ matrix_mautrix_telegram_base_path }}/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro"] }}
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["{{ matrix_synapse_app_service_config_file_mautrix_telegram }}"] | to_nice_json }}
|
||||
{{ ["/matrix-mautrix-telegram-registration.yaml"] }}
|
||||
|
||||
- block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
fail:
|
||||
msg: >
|
||||
msg: >-
|
||||
Trying to append Mautrix Telegram's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your plabook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
||||
when: matrix_nginx_proxy_role_executed|bool
|
||||
when: matrix_nginx_proxy_role_executed|default(False)|bool
|
||||
|
||||
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
|
||||
set_fact:
|
||||
matrix_mautrix_telegram_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_telegram_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled %}
|
||||
{% if matrix_nginx_proxy_enabled|default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-telegram:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
proxy_pass http://127.0.0.1:9006;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
@ -120,20 +117,19 @@
|
||||
set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
|
||||
+
|
||||
[matrix_mautrix_telegram_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
when: "matrix_nginx_proxy_enabled|default(False)"
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
debug:
|
||||
msg: >
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix Telegram bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_telegram_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-telegram container.
|
||||
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
|
||||
when: "matrix_nginx_proxy_enabled is not defined"
|
||||
|
||||
@ -9,3 +9,12 @@
|
||||
- "matrix_mautrix_telegram_api_id"
|
||||
- "matrix_mautrix_telegram_api_hash"
|
||||
- "matrix_mautrix_telegram_public_endpoint"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed Telegram variables
|
||||
fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_mautrix_telegram_container_exposed_port_number', 'new': '<superseded by matrix_mautrix_telegram_container_http_host_bind_port>'}
|
||||
|
||||
@ -26,8 +26,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-mautrix-telegram \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_mautrix_telegram_container_exposed_port_number is not none %}
|
||||
-p 127.0.0.1:{{ matrix_mautrix_telegram_container_exposed_port_number }}:8080 \
|
||||
{% if matrix_mautrix_telegram_container_http_host_bind_port %}
|
||||
-p {{ matrix_mautrix_telegram_container_http_host_bind_port }}:8080 \
|
||||
{% endif %}
|
||||
-v {{ matrix_mautrix_telegram_base_path }}:/data:z \
|
||||
{% for arg in matrix_mautrix_telegram_container_extra_arguments %}
|
||||
|
||||
@ -65,17 +65,14 @@
|
||||
/usr/bin/mautrix-whatsapp -g -c /data/config.yaml -r /data/registration.yaml
|
||||
when: "not mautrix_whatsapp_registration_file_stat.stat.exists"
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_app_service_config_file_mautrix_whatsapp: '/app-registration/mautrix-whatsapp.yml'
|
||||
|
||||
# If the matrix-synapse role is not used, these variables may not exist.
|
||||
- set_fact:
|
||||
matrix_synapse_container_additional_volumes: >
|
||||
{{ matrix_synapse_container_additional_volumes|default([]) }}
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
{{ [{'src': '{{ matrix_mautrix_whatsapp_base_path }}/registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_mautrix_whatsapp }}', 'options': 'ro'}] }}
|
||||
{{ ["--mount type=bind,src={{ matrix_mautrix_whatsapp_base_path }}/registration.yaml,dst=/matrix-mautrix-whatsapp-registration.yaml,ro"] }}
|
||||
|
||||
matrix_synapse_app_service_config_files: >
|
||||
{{ matrix_synapse_app_service_config_files|default([]) }}
|
||||
+
|
||||
{{ ["{{ matrix_synapse_app_service_config_file_mautrix_whatsapp }}"] | to_nice_json }}
|
||||
{{ ["/matrix-mautrix-whatsapp-registration.yaml"] }}
|
||||
|
||||
@ -36,6 +36,6 @@
|
||||
msg: >-
|
||||
{{ item }} was not detected to be running.
|
||||
It's possible that there's a configuration problem or another service on your server interferes with it (uses the same ports, etc.).
|
||||
Try running `systemctl status {{ item }}` and `systemctl -fu {{ item }}` on the server to investigate.
|
||||
Try running `systemctl status {{ item }}` and `journalctl -fu {{ item }}` on the server to investigate.
|
||||
with_items: "{{ matrix_systemd_services_list }}"
|
||||
when: "ansible_facts.services[item + '.service']|default(none) is none or ansible_facts.services[item + '.service'].state != 'running'"
|
||||
|
||||
@ -3,8 +3,15 @@
|
||||
|
||||
matrix_corporal_enabled: true
|
||||
|
||||
# Controls whether the matrix-corporal web server's ports (`41080` and `41081`) are exposed outside of the container.
|
||||
matrix_corporal_container_expose_ports: false
|
||||
# Controls whether the matrix-corporal container exposes its gateway HTTP port (tcp/41080 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:41080"), or empty string to not expose.
|
||||
matrix_corporal_container_http_gateway_host_bind_port: ''
|
||||
|
||||
# Controls whether the matrix-corporal container exposes its API HTTP port (tcp/41081 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:41081"), or empty string to not expose.
|
||||
matrix_corporal_container_http_api_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_corporal_container_extra_arguments: []
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
- name: Fail if required matrix-corporal settings not defined
|
||||
fail:
|
||||
msg: >
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using matrix-corporal.
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
@ -15,3 +15,13 @@
|
||||
fail:
|
||||
msg: "The Matrix Corporal HTTP API is enabled (`matrix_corporal_http_api_enabled`), but no auth token has been set in `matrix_corporal_http_api_auth_token`"
|
||||
when: "matrix_corporal_http_api_enabled|bool and matrix_corporal_http_api_auth_token == ''"
|
||||
|
||||
|
||||
- name: (Deprecation) Catch and report renamed corporal variables
|
||||
fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_corporal_container_expose_ports', 'new': '<superseded by matrix_corporal_container_http_gateway_host_bind_port and matrix_corporal_container_http_api_host_bind_port>'}
|
||||
|
||||
@ -17,9 +17,11 @@ ExecStart=/usr/bin/docker run --rm --name matrix-corporal \
|
||||
--cap-drop=ALL \
|
||||
--read-only \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_corporal_container_expose_ports %}
|
||||
-p 127.0.0.1:41080:41080 \
|
||||
-p 127.0.0.1:41081:41081 \
|
||||
{% if matrix_corporal_container_http_gateway_host_bind_port %}
|
||||
-p {{ matrix_corporal_container_http_gateway_host_bind_port }}:41080 \
|
||||
{% endif %}
|
||||
{% if matrix_corporal_container_http_api_host_bind_port %}
|
||||
-p {{ matrix_corporal_container_http_api_host_bind_port }}:41081 \
|
||||
{% endif %}
|
||||
-v {{ matrix_corporal_config_dir_path }}:/etc/matrix-corporal:ro \
|
||||
-v {{ matrix_corporal_cache_dir_path }}:/var/cache/matrix-corporal:rw \
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
- name: Fail if required Coturn settings not defined
|
||||
fail:
|
||||
msg: >
|
||||
msg: >-
|
||||
You need to define a required configuration setting (`{{ item }}`) for using Coturn.
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
|
||||
@ -18,7 +18,10 @@ matrix_dimension_docker_image: "turt2live/matrix-dimension:latest"
|
||||
matrix_dimension_user_uid: 1000
|
||||
matrix_dimension_user_gid: 1000
|
||||
|
||||
matrix_dimension_container_expose_port: false
|
||||
# Controls whether the matrix-dimension container exposes its HTTP port (tcp/8184 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8184"), or empty string to not expose.
|
||||
matrix_dimension_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_dimension_container_extra_arguments: []
|
||||
|
||||
@ -13,3 +13,12 @@
|
||||
with_items:
|
||||
- "matrix_synapse_federation_enabled"
|
||||
when: "matrix_dimension_enabled|bool and not matrix_synapse_federation_enabled|bool"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed Dimension variables
|
||||
fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_dimension_container_expose_port', 'new': '<superseded by matrix_dimension_container_http_host_bind_port>'}
|
||||
|
||||
@ -17,8 +17,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-dimension \
|
||||
{% if matrix_dimension_widgets_allow_self_signed_ssl_certificates %}
|
||||
-e NODE_TLS_REJECT_UNAUTHORIZED=0 \
|
||||
{% endif %}
|
||||
{% if matrix_dimension_container_expose_port %}
|
||||
-p 127.0.0.1:8184:8184 \
|
||||
{% if matrix_dimension_container_http_host_bind_port %}
|
||||
-p {{ matrix_dimension_container_http_host_bind_port }}:8184 \
|
||||
{% endif %}
|
||||
-v {{ matrix_dimension_base_path }}:/data:rw \
|
||||
{% for arg in matrix_dimension_container_extra_arguments %}
|
||||
|
||||
@ -1,12 +1,17 @@
|
||||
# mxisd is a Federated Matrix Identity Server
|
||||
# See: https://github.com/kamax-matrix/mxisd
|
||||
|
||||
matrix_mxisd_enabled: true
|
||||
|
||||
matrix_mxisd_docker_image: "kamax/mxisd:1.4.3"
|
||||
matrix_mxisd_docker_image: "kamax/mxisd:1.4.4"
|
||||
matrix_mxisd_base_path: "{{ matrix_base_data_path }}/mxisd"
|
||||
matrix_mxisd_config_path: "{{ matrix_mxisd_base_path }}/config"
|
||||
matrix_mxisd_data_path: "{{ matrix_mxisd_base_path }}/data"
|
||||
|
||||
# Controls whether the mxisd web server's port (`8090`) is exposed outside of the container.
|
||||
matrix_mxisd_container_expose_port: false
|
||||
# Controls whether the matrix-mxisd container exposes its HTTP port (tcp/8090 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8090"), or empty string to not expose.
|
||||
matrix_mxisd_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mxisd_container_extra_arguments: []
|
||||
|
||||
@ -45,3 +45,13 @@
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_mxisd_threepid_medium_email_connectors_smtp_host"
|
||||
|
||||
|
||||
- name: (Deprecation) Catch and report renamed mxisd variables
|
||||
fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_mxisd_container_expose_port', 'new': '<superseded by matrix_mxisd_container_http_host_bind_port>'}
|
||||
|
||||
@ -23,8 +23,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-mxisd \
|
||||
--read-only \
|
||||
--tmpfs=/tmp:rw,exec,nosuid,size=10m \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_mxisd_container_expose_port %}
|
||||
-p 127.0.0.1:8090:8090 \
|
||||
{% if matrix_mxisd_container_http_host_bind_port %}
|
||||
-p {{ matrix_mxisd_container_http_host_bind_port }}:8090 \
|
||||
{% endif %}
|
||||
-v {{ matrix_mxisd_config_path }}:/etc/mxisd:ro \
|
||||
-v {{ matrix_mxisd_data_path }}:/var/mxisd:rw \
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
fail:
|
||||
msg: >
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
|
||||
@ -169,6 +169,25 @@ server {
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
location /_synapse/admin {
|
||||
{% if matrix_nginx_proxy_enabled %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container }}";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container }};
|
||||
{% endif %}
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
}
|
||||
|
||||
location / {
|
||||
rewrite ^/$ /_matrix/static/ last;
|
||||
}
|
||||
|
||||
@ -1,10 +1,13 @@
|
||||
matrix_riot_web_enabled: true
|
||||
|
||||
matrix_riot_web_docker_image: "bubuntux/riot-web:v1.1.2"
|
||||
matrix_riot_web_docker_image: "bubuntux/riot-web:v1.2.0"
|
||||
|
||||
matrix_riot_web_data_path: "{{ matrix_base_data_path }}/riot-web"
|
||||
|
||||
matrix_riot_web_container_expose_port: false
|
||||
# Controls whether the matrix-riot-web container exposes its HTTP port (tcp/8080 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8765"), or empty string to not expose.
|
||||
matrix_riot_web_container_http_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_riot_web_container_extra_arguments: []
|
||||
|
||||
@ -8,9 +8,9 @@
|
||||
with_items:
|
||||
- "matrix_riot_web_default_hs_url"
|
||||
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
- name: (Deprecation) Catch and report renamed riot-web variables
|
||||
fail:
|
||||
msg: >
|
||||
msg: >-
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
@ -20,3 +20,4 @@
|
||||
- {'old': 'matrix_riot_web_homepage_template_technical', 'new': '<removed>'}
|
||||
- {'old': 'matrix_riot_web_homepage_template_building', 'new': '<removed>'}
|
||||
- {'old': 'matrix_riot_web_homepage_template_contributing', 'new': '<removed>'}
|
||||
- {'old': 'matrix_riot_web_container_expose_port', 'new': '<superseded by matrix_riot_web_container_http_host_bind_port>'}
|
||||
|
||||
@ -17,8 +17,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-riot-web \
|
||||
--cap-drop=ALL \
|
||||
--read-only \
|
||||
--network={{ matrix_docker_network }} \
|
||||
{% if matrix_riot_web_container_expose_port %}
|
||||
-p 127.0.0.1:8765:8080 \
|
||||
{% if matrix_riot_web_container_http_host_bind_port %}
|
||||
-p {{ matrix_riot_web_container_http_host_bind_port }}:8080 \
|
||||
{% endif %}
|
||||
--tmpfs=/tmp:rw,noexec,nosuid,size=10m \
|
||||
-v {{ matrix_riot_web_data_path }}/nginx.conf:/etc/nginx/nginx.conf:ro \
|
||||
|
||||
@ -1,3 +1,3 @@
|
||||
---
|
||||
|
||||
matrix_riot_web_embedded_pages_home_url: "{{ (none if matrix_riot_web_embedded_pages_home_path is none else 'home.html') }}"
|
||||
matrix_riot_web_embedded_pages_home_url: "{{ ('' if matrix_riot_web_embedded_pages_home_path is none else 'home.html') }}"
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
|
||||
matrix_synapse_enabled: true
|
||||
|
||||
matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.5.1"
|
||||
matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.5.2"
|
||||
|
||||
matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"
|
||||
matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config"
|
||||
@ -12,16 +12,32 @@ matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage"
|
||||
matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store"
|
||||
matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext"
|
||||
|
||||
# Controls whether the Synapse container exposes the Client/Server API port (tcp/8008).
|
||||
matrix_synapse_container_expose_client_api_port: false
|
||||
# Controls whether the matrix-synapse container exposes the Client/Server API port (tcp/8008 in the container).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8008"), or empty string to not expose.
|
||||
matrix_synapse_container_client_api_host_bind_port: ''
|
||||
|
||||
# Controls whether the Synapse container exposes the Server/Server (Federation) API port (tcp/8048).
|
||||
# This is for the plain HTTP API. If you need Synapse to handle TLS encryption,
|
||||
# that would be on another port (tcp/8448) controlled by `matrix_synapse_tls_federation_listener_enabled`.
|
||||
matrix_synapse_container_expose_federation_api_port: false
|
||||
# Controls whether the matrix-synapse container exposes the plain (unencrypted) Server/Server (Federation) API port (tcp/8048 in the container).
|
||||
#
|
||||
# Takes effect only if federation is enabled (matrix_synapse_federation_enabled).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8048"), or empty string to not expose.
|
||||
matrix_synapse_container_federation_api_plain_host_bind_port: ''
|
||||
|
||||
# Controls whether the matrix-synapse container exposes the metrics port (tcp/9100).
|
||||
matrix_synapse_container_expose_metrics_port: false
|
||||
# Controls whether the matrix-synapse container exposes the tls (encrypted) Server/Server (Federation) API port (tcp/8448 in the container).
|
||||
#
|
||||
# Takes effect only if federation is enabled (matrix_synapse_federation_enabled)
|
||||
# and TLS support is enabled (matrix_synapse_tls_federation_listener_enabled).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "8448"), or empty string to not expose.
|
||||
matrix_synapse_container_federation_api_tls_host_bind_port: ''
|
||||
|
||||
# Controls whether the matrix-synapse container exposes the metrics port (tcp/9100 in the container).
|
||||
#
|
||||
# Takes effect only if metrics are enabled (matrix_synapse_metrics_enabled).
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9100"), or empty string to not expose.
|
||||
matrix_synapse_container_metrics_api_host_bind_port: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_synapse_container_extra_arguments: []
|
||||
@ -154,6 +170,11 @@ matrix_synapse_federation_domain_whitelist: ~
|
||||
# A list of additional "volumes" to mount in the container.
|
||||
# This list gets populated dynamically based on Synapse extensions that have been enabled.
|
||||
# Contains definition objects like this: `{"src": "/outside", "dst": "/inside", "options": "rw|ro|slave|.."}
|
||||
#
|
||||
# Note: internally, this uses the `-v` flag for mounting the specified volumes.
|
||||
# It's better (safer) to use the `--mount` flag for mounting volumes.
|
||||
# To use `--mount`, specifiy it in `matrix_synapse_container_extra_arguments`.
|
||||
# Example: `matrix_synapse_container_extra_arguments: ['--mount type=bind,src=/outside,dst=/inside,ro']
|
||||
matrix_synapse_container_additional_volumes: []
|
||||
|
||||
# A list of additional loggers to register in synapse.log.config.
|
||||
@ -163,7 +184,7 @@ matrix_synapse_additional_loggers: []
|
||||
|
||||
# A list of appservice config files (in-container filesystem paths).
|
||||
# This list gets populated dynamically based on Synapse extensions that have been enabled.
|
||||
# You may wish to use this together with `matrix_synapse_container_additional_volumes`.
|
||||
# You may wish to use this together with `matrix_synapse_container_additional_volumes` or `matrix_synapse_container_extra_arguments`.
|
||||
matrix_synapse_app_service_config_files: []
|
||||
|
||||
# This is set dynamically during execution depending on whether
|
||||
|
||||
@ -1,8 +1,6 @@
|
||||
- set_fact:
|
||||
matrix_synapse_password_providers_enabled: true
|
||||
when: matrix_synapse_ext_password_provider_ldap_enabled|bool
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_additional_loggers: >
|
||||
{{ matrix_synapse_additional_loggers }}
|
||||
+
|
||||
|
||||
@ -17,13 +17,11 @@
|
||||
- set_fact:
|
||||
matrix_synapse_password_providers_enabled: true
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_container_additional_volumes: >
|
||||
{{ matrix_synapse_container_additional_volumes }}
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
{{ [{'src': '{{ matrix_synapse_ext_path }}/rest_auth_provider.py', 'dst': '{{ matrix_synapse_in_container_python_packages_path }}/rest_auth_provider.py', 'options': 'ro'}] }}
|
||||
{{ ["--mount type=bind,src={{ matrix_synapse_ext_path }}/rest_auth_provider.py,dst={{ matrix_synapse_in_container_python_packages_path }}/rest_auth_provider.py,ro"] }}
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_additional_loggers: >
|
||||
{{ matrix_synapse_additional_loggers }}
|
||||
+
|
||||
|
||||
@ -17,13 +17,11 @@
|
||||
- set_fact:
|
||||
matrix_synapse_password_providers_enabled: true
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_container_additional_volumes: >
|
||||
{{ matrix_synapse_container_additional_volumes }}
|
||||
matrix_synapse_container_extra_arguments: >
|
||||
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||
+
|
||||
{{ [{'src': '{{ matrix_synapse_ext_path }}/shared_secret_authenticator.py', 'dst': '{{ matrix_synapse_in_container_python_packages_path }}/shared_secret_authenticator.py', 'options': 'ro'}] }}
|
||||
{{ ["--mount type=bind,src={{ matrix_synapse_ext_path }}/shared_secret_authenticator.py,dst={{ matrix_synapse_in_container_python_packages_path }}/shared_secret_authenticator.py,ro"] }}
|
||||
|
||||
- set_fact:
|
||||
matrix_synapse_additional_loggers: >
|
||||
{{ matrix_synapse_additional_loggers }}
|
||||
+
|
||||
|
||||
@ -15,7 +15,7 @@
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_synapse_container_expose_api_port', 'new': 'matrix_synapse_container_expose_client_api_port'}
|
||||
- {'old': 'matrix_synapse_container_expose_api_port', 'new': '<superseded by matrix_synapse_container_federation_api_plain_host_bind_port>'}
|
||||
- {'old': 'matrix_synapse_no_tls', 'new': '<removed>'}
|
||||
- {'old': 'matrix_enable_room_list_search', 'new': 'matrix_synapse_enable_room_list_search'}
|
||||
- {'old': 'matrix_alias_creation_rules', 'new': 'matrix_synapse_alias_creation_rules'}
|
||||
@ -27,3 +27,6 @@
|
||||
- {'old': 'matrix_synapse_federation_rc_sleep_delay', 'new': '<sleep_delay subkey of matrix_synapse_rc_federation>'}
|
||||
- {'old': 'matrix_synapse_federation_rc_reject_limit', 'new': '<reject_limit subkey of matrix_synapse_rc_federation>'}
|
||||
- {'old': 'matrix_synapse_federation_rc_concurrent', 'new': '<concurrent subkey of matrix_synapse_rc_federation>'}
|
||||
- {'old': 'matrix_synapse_container_expose_client_api_port', 'new': '<superseded by matrix_synapse_container_client_api_host_bind_port>'}
|
||||
- {'old': 'matrix_synapse_container_expose_federation_api_port', 'new': '<superseded by matrix_synapse_container_federation_api_plain_host_bind_port>'}
|
||||
- {'old': 'matrix_synapse_container_expose_metrics_port', 'new': '<superseded by matrix_synapse_container_metrics_api_host_bind_port>'}
|
||||
|
||||
@ -893,7 +893,7 @@ report_stats: {{ matrix_synapse_report_stats|to_json }}
|
||||
|
||||
# A list of application service config files to use
|
||||
#
|
||||
app_service_config_files: {{ matrix_synapse_app_service_config_files }}
|
||||
app_service_config_files: {{ matrix_synapse_app_service_config_files|to_json }}
|
||||
|
||||
# Uncomment to enable tracking of application service IP addresses. Implicitly
|
||||
# enables MAU tracking for application service users.
|
||||
|
||||
@ -29,17 +29,17 @@ ExecStart=/usr/bin/docker run --rm --name matrix-synapse \
|
||||
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
|
||||
--network={{ matrix_docker_network }} \
|
||||
-e SYNAPSE_CACHE_FACTOR={{ matrix_synapse_cache_factor }} \
|
||||
{% if matrix_synapse_container_expose_client_api_port %}
|
||||
-p 127.0.0.1:8008:8008 \
|
||||
{% if matrix_synapse_container_client_api_host_bind_port %}
|
||||
-p {{ matrix_synapse_container_client_api_host_bind_port }}:8008 \
|
||||
{% endif %}
|
||||
{% if matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled %}
|
||||
-p 8448:8448 \
|
||||
{% if matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled and matrix_synapse_container_federation_api_tls_host_bind_port %}
|
||||
-p {{ matrix_synapse_container_federation_api_tls_host_bind_port }}:8448 \
|
||||
{% endif %}
|
||||
{% if matrix_synapse_federation_enabled and matrix_synapse_container_expose_federation_api_port %}
|
||||
-p 127.0.0.1:8048:8048 \
|
||||
{% if matrix_synapse_federation_enabled and matrix_synapse_container_federation_api_plain_host_bind_port %}
|
||||
-p {{ matrix_synapse_container_federation_api_plain_host_bind_port }}:8048 \
|
||||
{% endif %}
|
||||
{% if matrix_synapse_container_expose_metrics_port %}
|
||||
-p 127.0.0.1:{{ matrix_synapse_metrics_port }}:{{ matrix_synapse_metrics_port }} \
|
||||
{% if matrix_synapse_metrics_enabled and matrix_synapse_container_metrics_api_host_bind_port %}
|
||||
-p {{ matrix_synapse_container_metrics_api_host_bind_port }}:{{ matrix_synapse_metrics_port }} \
|
||||
{% endif %}
|
||||
-v {{ matrix_synapse_config_dir_path }}:/data:ro \
|
||||
-v {{ matrix_synapse_run_path }}:/matrix-run:rw \
|
||||
|
||||
Reference in New Issue
Block a user