Split Traefik rules for Matrix Client and Matrix Federation APIs

This helps people who run federation on another domain (etc.).
They should now easily be able to add a custom rule for federation traffic.
This commit is contained in:
Slavi Pantaleev 2023-02-27 17:26:22 +02:00
parent b388a01ab7
commit 7716c306f1
3 changed files with 8 additions and 3 deletions

View File

@ -57,7 +57,10 @@ matrix_nginx_proxy_container_labels_traefik_proxy_base_domain_rule: "Host(`{{ ma
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_enabled: false matrix_nginx_proxy_container_labels_traefik_proxy_matrix_enabled: false
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_hostname: "{{ matrix_server_fqn_matrix }}" matrix_nginx_proxy_container_labels_traefik_proxy_matrix_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls: "{{ matrix_nginx_proxy_container_labels_traefik_entrypoints != 'web' }}" matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls: "{{ matrix_nginx_proxy_container_labels_traefik_entrypoints != 'web' }}"
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_rule: "Host(`{{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_hostname }}`)" matrix_nginx_proxy_container_labels_traefik_proxy_matrix_client_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_client_rule: "Host(`{{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_client_hostname }}`)"
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_rule: "Host(`{{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_hostname }}`)"
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint: "{{ matrix_federation_traefik_entrypoint }}" matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint: "{{ matrix_federation_traefik_entrypoint }}"
matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoints: "{{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint }}" matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoints: "{{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_entrypoint }}"

View File

@ -14,6 +14,8 @@
- {'old': 'matrix_nginx_proxy_proxy_riot_enabled', 'new': 'matrix_nginx_proxy_proxy_element_enabled'} - {'old': 'matrix_nginx_proxy_proxy_riot_enabled', 'new': 'matrix_nginx_proxy_proxy_element_enabled'}
- {'old': 'matrix_ssl_lets_encrypt_renew_cron_time_definition', 'new': '<not configurable anymore>'} - {'old': 'matrix_ssl_lets_encrypt_renew_cron_time_definition', 'new': '<not configurable anymore>'}
- {'old': 'matrix_nginx_proxy_reload_cron_time_definition', 'new': '<not configurable anymore>'} - {'old': 'matrix_nginx_proxy_reload_cron_time_definition', 'new': '<not configurable anymore>'}
- {'old': 'matrix_nginx_proxy_container_labels_traefik_proxy_matrix_rule', 'new': '<split into matrix_nginx_proxy_container_labels_traefik_proxy_matrix_client_rule and matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_rule>'}
- {'old': 'matrix_nginx_proxy_container_labels_traefik_proxy_matrix_hostname', 'new': '<split into matrix_nginx_proxy_container_labels_traefik_proxy_matrix_client_hostname and matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_hostname>'}
- name: Fail on unknown matrix_ssl_retrieval_method - name: Fail on unknown matrix_ssl_retrieval_method
ansible.builtin.fail: ansible.builtin.fail:

View File

@ -20,7 +20,7 @@ traefik.http.routers.matrix-nginx-proxy-base-domain.entrypoints={{ matrix_nginx_
{% if matrix_nginx_proxy_container_labels_traefik_proxy_matrix_enabled %} {% if matrix_nginx_proxy_container_labels_traefik_proxy_matrix_enabled %}
# Matrix Client # Matrix Client
traefik.http.routers.matrix-nginx-proxy-matrix-client.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_rule }} traefik.http.routers.matrix-nginx-proxy-matrix-client.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_client_rule }}
traefik.http.routers.matrix-nginx-proxy-matrix-client.service=matrix-nginx-proxy-web traefik.http.routers.matrix-nginx-proxy-matrix-client.service=matrix-nginx-proxy-web
traefik.http.routers.matrix-nginx-proxy-matrix-client.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls | to_json }} traefik.http.routers.matrix-nginx-proxy-matrix-client.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls | to_json }}
{% if matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls %} {% if matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls %}
@ -29,7 +29,7 @@ traefik.http.routers.matrix-nginx-proxy-matrix-client.tls.certResolver={{ matrix
traefik.http.routers.matrix-nginx-proxy-matrix-client.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }} traefik.http.routers.matrix-nginx-proxy-matrix-client.entrypoints={{ matrix_nginx_proxy_container_labels_traefik_entrypoints }}
# Matrix Federation # Matrix Federation
traefik.http.routers.matrix-nginx-proxy-matrix-federation.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_rule }} traefik.http.routers.matrix-nginx-proxy-matrix-federation.rule={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_rule }}
traefik.http.routers.matrix-nginx-proxy-matrix-federation.service=matrix-nginx-proxy-federation traefik.http.routers.matrix-nginx-proxy-matrix-federation.service=matrix-nginx-proxy-federation
traefik.http.routers.matrix-nginx-proxy-matrix-federation.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls | to_json }} traefik.http.routers.matrix-nginx-proxy-matrix-federation.tls={{ matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls | to_json }}
{% if matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls %} {% if matrix_nginx_proxy_container_labels_traefik_proxy_matrix_tls %}