finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make self-check not validate self-signed certificates

Browse Source 
By default, `--tags=self-check` no longer validates certificates
when `matrix_ssl_retrieval_method` is set to `self-signed`.

Besides this default, people can also enable/disable validation using the
individual role variables manually.

Fixes #124 (Github Issue)
This commit is contained in:
Slavi Pantaleev
2019-03-22 09:39:17 +02:00
parent 1939fc9113
commit 73af8f7bbb
11 changed files with 29 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
group_vars/matrix-servers
View File

@ -181,6 +181,8 @@ matrix_mxisd_threepid_medium_email_connectors_smtp_host: "matrix-mailer"
matrix_mxisd_threepid_medium_email_connectors_smtp_port: 8025
matrix_mxisd_threepid_medium_email_connectors_smtp_tls: 0
matrix_mxisd_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else false }}"
matrix_mxisd_systemd_wanted_services_list: |
{{
(['matrix-corporal.service'] if matrix_corporal_enabled else ['matrix-synapse.service'])
@ -238,6 +240,8 @@ matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: "{{ matrix_mxisd_
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}"
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}"
matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else false }}"
matrix_nginx_proxy_systemd_wanted_services_list: |
{{
(['matrix-synapse.service'])
@ -313,6 +317,8 @@ matrix_riot_web_integrations_rest_url: "{{ matrix_dimension_integrations_rest_ur
matrix_riot_web_integrations_widgets_urls: "{{ matrix_dimension_integrations_widgets_urls if matrix_dimension_enabled else ['https://scalar.vector.im/api'] }}"
matrix_riot_web_integrations_jitsi_widget_url: "{{ matrix_dimension_integrations_jitsi_widget_url if matrix_dimension_enabled else 'https://scalar.vector.im/api/widgets/jitsi.html' }}"
matrix_riot_web_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else false }}"
######################################################################
#
# /matrix-riot-web
@ -375,6 +381,8 @@ matrix_synapse_turn_uris: |
matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
matrix_synapse_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else false }}"
matrix_synapse_systemd_required_services_list: |
{{
(['docker.service'])