diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index df3683ea1..545baaeb7 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -3364,12 +3364,6 @@ matrix_nginx_proxy_proxy_matrix_federation_api_enabled: |- matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container: "matrix-nginx-proxy:12088" matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:12088" -matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}" -matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "{{ 'matrix-synapse-reverse-proxy-companion:8008' if matrix_synapse_reverse_proxy_companion_enabled else 'matrix-synapse:8008' }}" -matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:8008" -matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "{{ 'matrix-synapse-reverse-proxy-companion:8048' if matrix_synapse_reverse_proxy_companion_enabled else 'matrix-synapse:8048' }}" -matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "127.0.0.1:8048" - matrix_nginx_proxy_proxy_dendrite_enabled: "{{ matrix_dendrite_enabled }}" matrix_nginx_proxy_proxy_dendrite_client_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port | string }}" matrix_nginx_proxy_proxy_dendrite_client_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port | string }}" diff --git a/roles/custom/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml index f54bd67b8..7419f6be3 100644 --- a/roles/custom/matrix-nginx-proxy/defaults/main.yml +++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml @@ -117,19 +117,6 @@ matrix_nginx_proxy_container_federation_host_bind_port: '8448' # Option to disable the access log matrix_nginx_proxy_access_log_enabled: true -# Controls whether proxying for Synapse should be done. -matrix_nginx_proxy_proxy_synapse_enabled: false -matrix_nginx_proxy_proxy_synapse_hostname: "matrix-nginx-proxy" -matrix_nginx_proxy_proxy_synapse_federation_api_enabled: "{{ matrix_nginx_proxy_proxy_matrix_federation_api_enabled }}" -# The addresses where the Matrix Client API is, when using Synapse. -matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "" -matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "" -# The addresses where the Federation API is, when using Synapse. -matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "" -matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "" -# A list of strings containing additional configuration blocks to add to the Synapse's server configuration (matrix-synapse.conf). -matrix_nginx_proxy_proxy_synapse_additional_server_configuration_blocks: [] - # Controls whether proxying for Dendrite should be done. matrix_nginx_proxy_proxy_dendrite_enabled: false matrix_nginx_proxy_proxy_dendrite_hostname: "matrix-nginx-proxy" diff --git a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index c76005da4..e82b9d701 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -44,19 +44,6 @@ mode: 0644 when: matrix_nginx_proxy_enabled | bool -- name: Ensure Matrix nginx-proxy configuration for matrix-synapse exists - ansible.builtin.template: - src: "{{ role_path }}/templates/nginx/conf.d/matrix-synapse.conf.j2" - dest: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf" - mode: 0644 - when: matrix_nginx_proxy_proxy_synapse_enabled | bool - -- name: Ensure Matrix nginx-proxy configuration for matrix-synapse deleted - ansible.builtin.file: - path: "{{ matrix_nginx_proxy_confd_path }}/matrix-synapse.conf" - state: absent - when: "not matrix_nginx_proxy_proxy_synapse_enabled | bool" - - name: Ensure Matrix nginx-proxy configuration for matrix-dendrite exists ansible.builtin.template: src: "{{ role_path }}/templates/nginx/conf.d/matrix-dendrite.conf.j2" diff --git a/roles/custom/matrix-nginx-proxy/tasks/validate_config.yml b/roles/custom/matrix-nginx-proxy/tasks/validate_config.yml index bea661183..f14dde1e5 100644 --- a/roles/custom/matrix-nginx-proxy/tasks/validate_config.yml +++ b/roles/custom/matrix-nginx-proxy/tasks/validate_config.yml @@ -40,7 +40,6 @@ with_items: - {'old': 'host_specific_matrix_ssl_support_email', 'new': 'matrix_ssl_lets_encrypt_support_email'} - {'old': 'host_specific_matrix_ssl_lets_encrypt_support_email', 'new': 'matrix_ssl_lets_encrypt_support_email'} - - {'old': 'matrix_nginx_proxy_proxy_synapse_workers_enabled_list', 'new': ''} when: "item.old in vars" - name: Fail if required variables are undefined @@ -48,22 +47,4 @@ msg: "The `{{ item }}` variable must be defined and have a non-null value" with_items: - "matrix_ssl_lets_encrypt_support_email" - - "matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container" - - "matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container" - - "matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container" - - "matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container" when: "vars[item] == '' or vars[item] is none" - -- name: (Deprecation) Catch and report old metrics usage - ansible.builtin.fail: - msg: >- - Your configuration contains a variable (`{{ item }}`), which refers to the old metrics collection system for Synapse, - which exposed metrics on `https://matrix.DOMAIN/_synapse/metrics` and `https://matrix.DOMAIN/_synapse-worker-TYPE-ID/metrics`. - - We now recommend exposing Synapse metrics in another way, from another URL. - Refer to the changelog for more details: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#2022-06-22 - with_items: - - matrix_nginx_proxy_proxy_synapse_metrics - - matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled - - matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_key - when: "item in vars" diff --git a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 deleted file mode 100644 index 4d121e7d9..000000000 --- a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-synapse.conf.j2 +++ /dev/null @@ -1,71 +0,0 @@ -#jinja2: lstrip_blocks: "True" - -server { - listen 12080; - {% if matrix_nginx_proxy_enabled %} - server_name {{ matrix_nginx_proxy_proxy_synapse_hostname }}; - {% endif %} - - server_tokens off; - root /dev/null; - - gzip on; - gzip_types text/plain application/json; - - {% for configuration_block in matrix_nginx_proxy_proxy_synapse_additional_server_configuration_blocks %} - {{- configuration_block }} - {% endfor %} - - {# Everything else just goes to the API server ##} - location / { - {% if matrix_nginx_proxy_enabled %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; - set $backend "{{ matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container }}"; - proxy_pass http://$backend; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container }}; - {% endif %} - - proxy_set_header Host $host; - - client_body_buffer_size 25M; - client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb }}M; - proxy_max_temp_file_size 0; - } -} - -{% if matrix_nginx_proxy_proxy_synapse_federation_api_enabled %} -server { - listen 12088; - {% if matrix_nginx_proxy_enabled %} - server_name {{ matrix_nginx_proxy_proxy_synapse_hostname }}; - {% endif %} - - server_tokens off; - - root /dev/null; - - gzip on; - gzip_types text/plain application/json; - - location / { - {% if matrix_nginx_proxy_enabled %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; - set $backend "{{ matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container }}"; - proxy_pass http://$backend; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://{{ matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container }}; - {% endif %} - - proxy_set_header Host $host; - - client_body_buffer_size 25M; - client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb }}M; - proxy_max_temp_file_size 0; - } -} -{% endif %} diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index c4d3ebf97..9516c2973 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -114,6 +114,14 @@ - {'old': 'matrix_nginx_proxy_proxy_conduit_federation_api_addr_sans_container', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_conduit_additional_server_configuration_blocks', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_conduit_additional_server_configuration_blocks', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_synapse_enabled', 'new': 'matrix_synapse_container_labels_traefik_enabled'} + - {'old': 'matrix_nginx_proxy_proxy_synapse_federation_api_enabled', 'new': 'matrix_synapse_container_labels_federation_api_enabled'} + - {'old': 'matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_synapse_additional_server_configuration_blocks', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_synapse_additional_server_configuration_blocks', 'new': ''} - name: (Deprecation) Catch and report matrix_postgres variables ansible.builtin.fail: