Merge pull request #1402 from borisrunakov/matrix-synapse-container-client-api-port

make 8008 configurable
This commit is contained in:
Slavi Pantaleev 2021-11-17 10:34:40 +02:00 committed by GitHub
commit 6bbc2054b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
29 changed files with 76 additions and 51 deletions

View File

@ -19,9 +19,9 @@ matrix_container_global_registry_prefix: "docker.io/"
matrix_identity_server_url: "{{ ('https://' + matrix_server_fqn_matrix) if matrix_ma1sd_enabled else None }}" matrix_identity_server_url: "{{ ('https://' + matrix_server_fqn_matrix) if matrix_ma1sd_enabled else None }}"
# If Synapse workers are enabled and matrix-nginx-proxy is disabled, certain APIs may not work over 'http://matrix-synapse:8008'. # If Synapse workers are enabled and matrix-nginx-proxy is disabled, certain APIs may not work over 'http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}'.
# This is because we explicitly disable them for the main Synapse process. # This is because we explicitly disable them for the main Synapse process.
matrix_homeserver_container_url: "{{ 'http://matrix-nginx-proxy:12080' if matrix_nginx_proxy_enabled else 'http://matrix-synapse:8008' }}" matrix_homeserver_container_url: "{{ 'http://matrix-nginx-proxy:12080' if matrix_nginx_proxy_enabled else 'http://matrix-synapse:'+ matrix_synapse_container_client_api_port|string }}"
###################################################################### ######################################################################
# #
@ -113,6 +113,7 @@ matrix_appservice_webhooks_container_http_host_bind_port: "{{ '' if matrix_nginx
matrix_appservice_webhooks_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.as.token') | to_uuid }}" matrix_appservice_webhooks_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.as.token') | to_uuid }}"
matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
matrix_appservice_webhooks_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.hs.token') | to_uuid }}" matrix_appservice_webhooks_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.hs.token') | to_uuid }}"
matrix_appservice_webhooks_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.id.token') | to_uuid }}" matrix_appservice_webhooks_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'webhook.id.token') | to_uuid }}"
@ -151,6 +152,7 @@ matrix_appservice_slack_container_http_host_bind_port: "{{ '' if matrix_nginx_pr
matrix_appservice_slack_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.as.token') | to_uuid }}" matrix_appservice_slack_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.as.token') | to_uuid }}"
matrix_appservice_slack_homeserver_url: "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
matrix_appservice_slack_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.hs.token') | to_uuid }}" matrix_appservice_slack_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.hs.token') | to_uuid }}"
matrix_appservice_slack_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.id.token') | to_uuid }}" matrix_appservice_slack_id_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'slack.id.token') | to_uuid }}"
@ -567,6 +569,7 @@ matrix_sms_bridge_systemd_required_services_list: |
matrix_sms_bridge_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.as.token') | to_uuid }}" matrix_sms_bridge_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.as.token') | to_uuid }}"
matrix_sms_bridge_homeserver_port: "{{ matrix_synapse_container_client_api_port }}"
matrix_sms_bridge_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.hs.token') | to_uuid }}" matrix_sms_bridge_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sms.hs.token') | to_uuid }}"
###################################################################### ######################################################################
@ -1216,6 +1219,7 @@ matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
# ma1sd's web-server port. # ma1sd's web-server port.
matrix_ma1sd_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_ma1sd_default_port|string }}" matrix_ma1sd_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_ma1sd_default_port|string }}"
# We enable Synapse integration via its Postgres database by default. # We enable Synapse integration via its Postgres database by default.
# When using another Identity store, you might wish to disable this and define # When using another Identity store, you might wish to disable this and define
# your own configuration in `matrix_ma1sd_configuration_extension_yaml`. # your own configuration in `matrix_ma1sd_configuration_extension_yaml`.
@ -1308,6 +1312,9 @@ matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:1
# Settings controlling matrix-synapse-proxy.conf # Settings controlling matrix-synapse-proxy.conf
matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}" matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}"
matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:{{ matrix_synapse_container_client_api_port }}"
matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:{{matrix_synapse_container_federation_api_plain_port|string}}" matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:{{matrix_synapse_container_federation_api_plain_port|string}}"
matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_api_plain_port|string}}" matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_api_plain_port|string}}"
@ -1722,7 +1729,7 @@ matrix_synapse_account_threepid_delegates_msisdn: "{{ 'http://matrix-ma1sd:' + m
# you can expose Synapse's ports to the host. # you can expose Synapse's ports to the host.
# #
# For exposing the Matrix Client API's port (plain HTTP) to the local host. # For exposing the Matrix Client API's port (plain HTTP) to the local host.
matrix_synapse_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8008' }}" matrix_synapse_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_client_api_port|string }}"
# #
# For exposing the Matrix Federation API's plain port (plain HTTP) to the local host. # For exposing the Matrix Federation API's plain port (plain HTTP) to the local host.
matrix_synapse_container_federation_api_plain_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_federation_api_plain_port|string }}" matrix_synapse_container_federation_api_plain_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_federation_api_plain_port|string }}"

View File

@ -5,10 +5,11 @@ import json
janitor_token = sys.argv[1] janitor_token = sys.argv[1]
synapse_container_ip = sys.argv[2] synapse_container_ip = sys.argv[2]
synapse_container_port = sys.argv[3]
# collect total amount of rooms # collect total amount of rooms
rooms_raw_url = 'http://' + synapse_container_ip + ':8008/_synapse/admin/v1/rooms' rooms_raw_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms'
rooms_raw_header = {'Authorization': 'Bearer ' + janitor_token} rooms_raw_header = {'Authorization': 'Bearer ' + janitor_token}
rooms_raw = requests.get(rooms_raw_url, headers=rooms_raw_header) rooms_raw = requests.get(rooms_raw_url, headers=rooms_raw_header)
rooms_raw_python = json.loads(rooms_raw.text) rooms_raw_python = json.loads(rooms_raw.text)
@ -19,7 +20,7 @@ total_rooms = rooms_raw_python["total_rooms"]
room_list_file = open("/tmp/room_list_complete.json", "w") room_list_file = open("/tmp/room_list_complete.json", "w")
for i in range(0, total_rooms, 100): for i in range(0, total_rooms, 100):
rooms_inc_url = 'http://' + synapse_container_ip + ':8008/_synapse/admin/v1/rooms?from=' + str(i) rooms_inc_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms?from=' + str(i)
rooms_inc = requests.get(rooms_inc_url, headers=rooms_raw_header) rooms_inc = requests.get(rooms_inc_url, headers=rooms_raw_header)
room_list_file.write(rooms_inc.text) room_list_file.write(rooms_inc.text)

View File

@ -2,7 +2,7 @@
- name: Collect entire room list into stdout - name: Collect entire room list into stdout
shell: | shell: |
curl -X GET --header "Authorization: Bearer {{ janitors_token.stdout[1:-1] }}" '{{ synapse_container_ip.stdout }}:8008/_synapse/admin/v1/rooms?from={{ item }}' curl -X GET --header "Authorization: Bearer {{ janitors_token.stdout[1:-1] }}" '{{ synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/rooms?from={{ item }}'
register: awx_rooms_output register: awx_rooms_output
- name: Print stdout to file - name: Print stdout to file

View File

@ -2,7 +2,7 @@
- name: Purge all rooms with more then N events - name: Purge all rooms with more then N events
shell: | shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_history/{{ item[1:-1] }}" curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
register: awx_purge_command register: awx_purge_command
- name: Print output of purge command - name: Print output of purge command

View File

@ -31,7 +31,7 @@
- name: Collect access token for janitor user - name: Collect access token for janitor user
shell: | shell: |
curl -X POST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:8008/_matrix/client/r0/login" | jq '.access_token' curl -X POST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: True
@ -47,7 +47,7 @@
- name: Run build_room_list.py script - name: Run build_room_list.py script
shell: | shell: |
runuser -u matrix -- python3 /usr/local/bin/matrix_build_room_list.py {{ awx_janitors_token.stdout[1:-1] }} {{ awx_synapse_container_ip.stdout }} runuser -u matrix -- python3 /usr/local/bin/matrix_build_room_list.py {{ awx_janitors_token.stdout[1:-1] }} {{ awx_synapse_container_ip.stdout }} {{ matrix_synapse_container_client_api_port.stdout }}
register: awx_rooms_total register: awx_rooms_total
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)

View File

@ -2,7 +2,7 @@
- name: Purge all rooms with no local users - name: Purge all rooms with no local users
shell: | shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "room_id": {{ item }} }' '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_room' curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "room_id": {{ item }} }' '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_room'
register: awx_purge_command register: awx_purge_command
- name: Print output of purge command - name: Print output of purge command

View File

@ -2,7 +2,7 @@
- name: Purge all rooms with more then N users - name: Purge all rooms with more then N users
shell: | shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_history/{{ item[1:-1] }}" curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
register: awx_purge_command register: awx_purge_command
- name: Print output of purge command - name: Print output of purge command

View File

@ -7,7 +7,7 @@
- name: Purge local media to specific date - name: Purge local media to specific date
shell: | shell: |
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/media/matrix.{{ matrix_domain }}/delete?before_ts={{ awx_epoche_time.stdout }}000' curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/media/matrix.{{ matrix_domain }}/delete?before_ts={{ awx_epoche_time.stdout }}000'
register: awx_purge_command register: awx_purge_command
- name: Print output of purge command - name: Print output of purge command

View File

@ -23,7 +23,7 @@
- name: Collect access token for janitor user - name: Collect access token for janitor user
shell: | shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:8008/_matrix/client/r0/login" | jq '.access_token' curl -XPOST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token register: awx_janitors_token
no_log: True no_log: True

View File

@ -7,7 +7,7 @@
- name: Purge remote media to specific date - name: Purge remote media to specific date
shell: | shell: |
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_media_cache?before_ts={{ awx_epoche_time.stdout }}000' curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_media_cache?before_ts={{ awx_epoche_time.stdout }}000'
register: awx_purge_command register: awx_purge_command
- name: Print output of purge command - name: Print output of purge command

View File

@ -91,7 +91,7 @@ matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
# Specifies where the homeserver is on the container network. # Specifies where the homeserver is on the container network.
# Where this is depends on whether there's a reverse-proxy in front of it, etc. # Where this is depends on whether there's a reverse-proxy in front of it, etc.
# This likely gets overriden elsewhere. # This likely gets overriden elsewhere.
matrix_homeserver_container_url: "http://matrix-synapse:8008" matrix_homeserver_container_url: ""
matrix_identity_server_url: ~ matrix_identity_server_url: ~

View File

@ -0,0 +1,9 @@
---
- name: Fail if required Matrix Base settings not defined
fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`) for using this playbook.
when: "vars[item] == ''"
with_items:
- "matrix_homeserver_container_url"

View File

@ -33,7 +33,7 @@ matrix_appservice_slack_slack_port: 9003
matrix_appservice_slack_container_http_host_bind_port: '' matrix_appservice_slack_container_http_host_bind_port: ''
matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}" matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_slack_homeserver_url: "http://matrix-synapse:8008" matrix_appservice_slack_homeserver_url: ""
matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}" matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack' matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack'
@ -82,7 +82,7 @@ matrix_appservice_slack_configuration_extension_yaml: |
# Optional # Optional
#matrix_admin_room: "!aBcDeF:matrix.org" #matrix_admin_room: "!aBcDeF:matrix.org"
#homeserver: #homeserver:
# url: http://localhost:8008 # url: http://localhost:{{ matrix_synapse_container_client_api_port }}
# server_name: my.server # server_name: my.server
# Optional # Optional
#tls: #tls:

View File

@ -8,5 +8,6 @@
with_items: with_items:
- "matrix_appservice_slack_control_room_id" - "matrix_appservice_slack_control_room_id"
- "matrix_appservice_slack_appservice_token" - "matrix_appservice_slack_appservice_token"
- "matrix_appservice_slack_homeserver_url"
- "matrix_appservice_slack_homeserver_token" - "matrix_appservice_slack_homeserver_token"
- "matrix_appservice_slack_id_token" - "matrix_appservice_slack_id_token"

View File

@ -36,7 +36,7 @@ matrix_appservice_webhooks_matrix_port: 6789
matrix_appservice_webhooks_container_http_host_bind_port: '' matrix_appservice_webhooks_container_http_host_bind_port: ''
matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}" matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:8008" matrix_appservice_webhooks_homeserver_url: ""
matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}" matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks' matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks'

View File

@ -7,6 +7,7 @@
when: "vars[item] == ''" when: "vars[item] == ''"
with_items: with_items:
- "matrix_appservice_webhooks_appservice_token" - "matrix_appservice_webhooks_appservice_token"
- "matrix_appservice_webhooks_homeserver_url"
- "matrix_appservice_webhooks_homeserver_token" - "matrix_appservice_webhooks_homeserver_token"
- "matrix_appservice_webhooks_id_token" - "matrix_appservice_webhooks_id_token"
- "matrix_appservice_webhooks_api_secret" - "matrix_appservice_webhooks_api_secret"

View File

@ -26,7 +26,7 @@ matrix_sms_bridge_systemd_wanted_services_list: []
matrix_sms_bridge_appservice_url: 'http://matrix-sms-bridge:8080' matrix_sms_bridge_appservice_url: 'http://matrix-sms-bridge:8080'
matrix_sms_bridge_homeserver_hostname: 'matrix-synapse' matrix_sms_bridge_homeserver_hostname: 'matrix-synapse'
matrix_sms_bridge_homeserver_port: '8008' matrix_sms_bridge_homeserver_port: ""
matrix_sms_bridge_homserver_domain: "{{ matrix_domain }}" matrix_sms_bridge_homserver_domain: "{{ matrix_domain }}"
matrix_sms_bridge_default_room: '' matrix_sms_bridge_default_room: ''

View File

@ -7,6 +7,7 @@
when: "vars[item] == ''" when: "vars[item] == ''"
with_items: with_items:
- "matrix_sms_bridge_appservice_token" - "matrix_sms_bridge_appservice_token"
- "matrix_sms_bridge_homeserver_port"
- "matrix_sms_bridge_homeserver_token" - "matrix_sms_bridge_homeserver_token"
- "matrix_sms_bridge_default_region" - "matrix_sms_bridge_default_region"
- "matrix_sms_bridge_default_timezone" - "matrix_sms_bridge_default_timezone"

View File

@ -36,7 +36,7 @@ matrix_corporal_var_dir_path: "{{ matrix_corporal_base_path }}/var"
matrix_corporal_matrix_homeserver_domain_name: "{{ matrix_domain }}" matrix_corporal_matrix_homeserver_domain_name: "{{ matrix_domain }}"
# Controls where matrix-corporal can reach your Synapse server (e.g. "http://matrix-synapse:8008"). # Controls where matrix-corporal can reach your Synapse server (e.g. "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}").
# If Synapse runs on the same machine, you may need to add its service to `matrix_corporal_systemd_required_services_list`. # If Synapse runs on the same machine, you may need to add its service to `matrix_corporal_systemd_required_services_list`.
matrix_corporal_matrix_homeserver_api_endpoint: "" matrix_corporal_matrix_homeserver_api_endpoint: ""

View File

@ -83,7 +83,7 @@ matrix_ma1sd_threepid_medium_email_connectors_smtp_password: ""
# so that ma1sd can rewrite the original URL to one that would reach the homeserver. # so that ma1sd can rewrite the original URL to one that would reach the homeserver.
matrix_ma1sd_dns_overwrite_enabled: false matrix_ma1sd_dns_overwrite_enabled: false
matrix_ma1sd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix }}" matrix_ma1sd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix }}"
matrix_ma1sd_dns_overwrite_homeserver_client_value: "http://matrix-synapse:8008" matrix_ma1sd_dns_overwrite_homeserver_client_value: ""
# Override the default session templates # Override the default session templates
# To use this, fill in the template variables with the full desired template as a multi-line YAML variable # To use this, fill in the template variables with the full desired template as a multi-line YAML variable

View File

@ -46,6 +46,7 @@
when: "vars[item] == ''" when: "vars[item] == ''"
with_items: with_items:
- "matrix_ma1sd_threepid_medium_email_connectors_smtp_host" - "matrix_ma1sd_threepid_medium_email_connectors_smtp_host"
- "matrix_ma1sd_dns_overwrite_homeserver_client_value"
- name: (Deprecation) Catch and report renamed ma1sd variables - name: (Deprecation) Catch and report renamed ma1sd variables
fail: fail:

View File

@ -197,8 +197,8 @@ matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container: "matrix-nginx-pr
matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container: "127.0.0.1:12080" matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container: "127.0.0.1:12080"
# The addresses where the Matrix Client API is, when using Synapse. # The addresses where the Matrix Client API is, when using Synapse.
matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "matrix-synapse:8008" matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: ""
matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:8008" matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: ""
# This needs to be equal or higher than the maximum upload size accepted by Synapse. # This needs to be equal or higher than the maximum upload size accepted by Synapse.
matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: 50 matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: 50

View File

@ -45,5 +45,7 @@
- "matrix_ssl_lets_encrypt_support_email" - "matrix_ssl_lets_encrypt_support_email"
- "matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container" - "matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container"
- "matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container" - "matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container"
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container"
- "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container"
when: "vars[item] == '' or vars[item] is none" when: "vars[item] == '' or vars[item] is none"
when: "matrix_ssl_retrieval_method == 'lets-encrypt'" when: "matrix_ssl_retrieval_method == 'lets-encrypt'"

View File

@ -27,11 +27,13 @@ matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage"
matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store" matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store"
matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext" matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext"
matrix_synapse_container_client_api_port: 8008
matrix_synapse_container_federation_api_tls_port: 8448 matrix_synapse_container_federation_api_tls_port: 8448
matrix_synapse_container_federation_api_plain_port: 8048 matrix_synapse_container_federation_api_plain_port: 8048
# Controls whether the matrix-synapse container exposes the Client/Server API port (tcp/8008 in the container). # Controls whether the matrix-synapse container exposes the Client/Server API port (tcp/{{ matrix_synapse_container_client_api_port }} in the container).
# #
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8008"), or empty string to not expose. # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8008"), or empty string to not expose.
matrix_synapse_container_client_api_host_bind_port: '' matrix_synapse_container_client_api_host_bind_port: ''

View File

@ -289,7 +289,7 @@ listeners:
# Unsecure HTTP listener (Client API): for when matrix traffic passes through a reverse proxy # Unsecure HTTP listener (Client API): for when matrix traffic passes through a reverse proxy
# that unwraps TLS. # that unwraps TLS.
- port: 8008 - port: {{ matrix_synapse_container_client_api_port|to_json }}
tls: false tls: false
bind_addresses: ['::'] bind_addresses: ['::']
type: http type: http

View File

@ -40,7 +40,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \ --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
--network={{ matrix_docker_network }} \ --network={{ matrix_docker_network }} \
{% if matrix_synapse_container_client_api_host_bind_port %} {% if matrix_synapse_container_client_api_host_bind_port %}
-p {{ matrix_synapse_container_client_api_host_bind_port }}:8008 \ -p {{ matrix_synapse_container_client_api_host_bind_port }}:{{ matrix_synapse_container_client_api_port }} \
{% endif %} {% endif %}
{% if matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled and matrix_synapse_container_federation_api_tls_host_bind_port %} {% if matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled and matrix_synapse_container_federation_api_tls_host_bind_port %}
-p {{ matrix_synapse_container_federation_api_tls_host_bind_port }}:{{ matrix_synapse_container_federation_api_tls_port }} \ -p {{ matrix_synapse_container_federation_api_tls_host_bind_port }}:{{ matrix_synapse_container_federation_api_tls_port }} \

View File

@ -11,7 +11,7 @@ password=$2
admin=$3 admin=$3
if [ "$admin" -eq "1" ]; then if [ "$admin" -eq "1" ]; then
docker exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --admin http://localhost:8008 docker exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --admin http://localhost:{{ matrix_synapse_container_client_api_port }}
else else
docker exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --no-admin http://localhost:8008 docker exec matrix-synapse register_new_matrix_user -u "$user" -p "$password" -c /data/homeserver.yaml --no-admin http://localhost:{{ matrix_synapse_container_client_api_port }}
fi fi

View File

@ -38,7 +38,7 @@ worker_listeners:
{% endif %} {% endif %}
{% if matrix_synapse_worker_details.type == 'frontend_proxy' %} {% if matrix_synapse_worker_details.type == 'frontend_proxy' %}
worker_main_http_uri: http://matrix-synapse:8008 worker_main_http_uri: http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}
{% endif %} {% endif %}
worker_daemonize: false worker_daemonize: false

View File

@ -319,7 +319,7 @@ matrix_synapse_workers_frontend_proxy_endpoints:
# the `worker_main_http_uri` setting in the `frontend_proxy` worker configuration # the `worker_main_http_uri` setting in the `frontend_proxy` worker configuration
# file. For example: # file. For example:
# worker_main_http_uri: http://127.0.0.1:8008 # worker_main_http_uri: http://127.0.0.1:{{ matrix_synapse_container_client_api_port }}
matrix_synapse_workers_avail_list: matrix_synapse_workers_avail_list:
- appservice - appservice