finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adjust TLS variables for homeservers to follow devture_traefik_config_entrypoint_web_secure_enabled (via matrix_federation_traefik_entrypoint_tls)

Browse Source
This commit is contained in:
Slavi Pantaleev
2024-01-15 09:39:36 +02:00
parent 3fa21d19be
commit b91ad453be
9 changed files with 41 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/custom/matrix-synapse/defaults/main.yml
View File

@ -259,7 +259,8 @@ matrix_synapse_container_labels_public_federation_api_traefik_path_prefix: /_mat
matrix_synapse_container_labels_public_federation_api_traefik_rule: "Host(`{{ matrix_synapse_container_labels_public_federation_api_traefik_hostname }}`) && PathPrefix(`{{ matrix_synapse_container_labels_public_federation_api_traefik_path_prefix }}`)"
matrix_synapse_container_labels_public_federation_api_traefik_priority: 0
matrix_synapse_container_labels_public_federation_api_traefik_entrypoints: ''
matrix_synapse_container_labels_public_federation_api_traefik_tls: "{{ matrix_synapse_container_labels_public_federation_api_traefik_entrypoints != 'web' }}"
# TLS is force-enabled here, because the spec (https://spec.matrix.org/v1.9/server-server-api/#tls) says that the federation API must use HTTPS.
matrix_synapse_container_labels_public_federation_api_traefik_tls: true
matrix_synapse_container_labels_public_federation_api_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# Controls whether labels will be added that expose metrics (see `matrix_synapse_metrics_proxying_enabled`) for the main Synapse process