Move matrix-ma1sd to its own container network and add native Traefik support
This commit is contained in:
Slavi Pantaleev
@ -228,37 +228,6 @@ matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: false
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
|
||||
matrix_nginx_proxy_proxy_matrix_corporal_api_addr_sans_container: "127.0.0.1:41081"
|
||||
|
||||
# Controls whether proxying for the User Directory Search API (`/_matrix/client/r0/user_directory/search`) should be done (on the matrix domain).
|
||||
# This can be used to forward the API endpoint to another service, augmenting the functionality of Synapse's own User Directory Search.
|
||||
# To learn more, see: https://github.com/ma1uta/ma1sd/blob/master/docs/features/directory.md
|
||||
matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: false
|
||||
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "matrix-ma1sd:{{ matrix_ma1sd_container_port }}"
|
||||
matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "127.0.0.1:{{ matrix_ma1sd_container_port }}"
|
||||
|
||||
# Controls whether the user directory search API will be URL-rewritten (/_matrix/client/v3/user_directory/search -> /_matrix/client/r0/user_directory/search).
|
||||
# This is to assist identity servers which only handle the r0 endpoints.
|
||||
# The v3 endpoints are the same (spec-wise), so they can usually be redirected without downsides.
|
||||
# If this is disabled, API requests will be forwarded as-is, without any URL rewriting.
|
||||
matrix_nginx_proxy_proxy_matrix_user_directory_search_v3_to_r0_redirect_enabled: true
|
||||
|
||||
# Controls whether proxying for 3PID-based registration (`/_matrix/client/r0/register/(email|msisdn)/requestToken`) should be done (on the matrix domain).
|
||||
# This allows another service to control registrations involving 3PIDs.
|
||||
# To learn more, see: https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md
|
||||
matrix_nginx_proxy_proxy_matrix_3pid_registration_enabled: false
|
||||
matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container: "matrix-ma1sd:{{ matrix_ma1sd_container_port }}"
|
||||
matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container: "127.0.0.1:{{ matrix_ma1sd_container_port }}"
|
||||
|
||||
# Controls whether the user directory search API will be URL-rewritten (/_matrix/client/v3/register/(email|msisdn)/requestToken -> /_matrix/client/r0/register/(email|msisdn)/requestToken).
|
||||
# This is to assist identity servers which only handle the r0 endpoints.
|
||||
# The v3 endpoints are the same (spec-wise), so they can usually be redirected without downsides.
|
||||
# If this is disabled, API requests will be forwarded as-is, without any URL rewriting.
|
||||
matrix_nginx_proxy_proxy_matrix_3pid_registration_v3_to_r0_redirect_enabled: true
|
||||
|
||||
# Controls whether proxying for the Identity API (`/_matrix/identity`) should be done (on the matrix domain)
|
||||
matrix_nginx_proxy_proxy_matrix_identity_api_enabled: false
|
||||
matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container: "matrix-ma1sd:{{ matrix_ma1sd_container_port }}"
|
||||
matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container: "127.0.0.1:{{ matrix_ma1sd_container_port }}"
|
||||
|
||||
# Controls whether proxying for the media repo (`/_matrix/media`) should be done (on the matrix domain)
|
||||
matrix_nginx_proxy_proxy_media_repo_enabled: false
|
||||
matrix_nginx_proxy_proxy_media_repo_addr_with_container: "matrix-media-repo:{{ matrix_media_repo_port }}"
|
||||
|
||||
@ -51,24 +51,6 @@
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_proxy_matrix_identity_api_enabled %}
|
||||
location ^~ /_matrix/identity {
|
||||
{% if matrix_nginx_proxy_enabled %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s;
|
||||
set $backend "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }};
|
||||
{% endif %}
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For {{ matrix_nginx_proxy_x_forwarded_for }};
|
||||
proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }};
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_proxy_media_repo_enabled %}
|
||||
# Redirect all media endpoints to the media-repo
|
||||
location ^~ /_matrix/media {
|
||||
@ -162,53 +144,6 @@
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled %}
|
||||
location ~ ^/_matrix/client/(r0|v3)/user_directory/search {
|
||||
{% if matrix_nginx_proxy_enabled %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s;
|
||||
set $backend "{{ matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container }}";
|
||||
{% if matrix_nginx_proxy_proxy_matrix_user_directory_search_v3_to_r0_redirect_enabled %}
|
||||
rewrite ^(.*?)/v3/(.*?)$ $1/r0/$2 break;
|
||||
{% endif %}
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{% if matrix_nginx_proxy_proxy_matrix_user_directory_search_v3_to_r0_redirect_enabled %}
|
||||
rewrite ^(.*?)/v3/(.*?)$ $1/r0/$2 break;
|
||||
{% endif %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container }};
|
||||
{% endif %}
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For {{ matrix_nginx_proxy_x_forwarded_for }};
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_nginx_proxy_proxy_matrix_3pid_registration_enabled %}
|
||||
location ~ ^/_matrix/client/(r0|v3)/register/(email|msisdn)/requestToken$ {
|
||||
{% if matrix_nginx_proxy_enabled %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s;
|
||||
set $backend "{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container }}";
|
||||
{% if matrix_nginx_proxy_proxy_matrix_3pid_registration_v3_to_r0_redirect_enabled %}
|
||||
rewrite ^(.*?)/v3/(.*?)$ $1/r0/$2 break;
|
||||
{% endif %}
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{% if matrix_nginx_proxy_proxy_matrix_3pid_registration_v3_to_r0_redirect_enabled %}
|
||||
rewrite ^(.*?)/v3/(.*?)$ $1/r0/$2 break;
|
||||
{% endif %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://{{ matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container }};
|
||||
{% endif %}
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For {{ matrix_nginx_proxy_x_forwarded_for }};
|
||||
proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }};
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% for configuration_block in matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks %}
|
||||
{{- configuration_block }}
|
||||
{% endfor %}
|
||||
|
||||
Reference in New Issue
Block a user