Commit Graph

867 Commits

Author SHA1 Message Date
Slavi Pantaleev
17d80cb9e8 Move wsproxy to the matrix-addons network and adjust its Postgres connectivity
This is a bit of a compatibility break.
The role was defaulting the Postgres password to `some-password` and we
auto-generate it now.

However, rebuilding both Postgres and this service should unify the
database credentials and the service configs to the new value.
2024-01-13 18:13:06 +02:00
Slavi Pantaleev
ed63068e22 Make maubot talk to the homeserver via matrix_addons_homeserver_client_api_url 2024-01-13 18:04:21 +02:00
Slavi Pantaleev
c79f354dce Move Dimension to the addons network and connect to Homeserver via matrix_addons_homeserver_client_api_url 2024-01-13 17:58:41 +02:00
Slavi Pantaleev
0ceea3895e Move all monitoring-related services to their own container network (matrix_monitoring_container_network) 2024-01-13 17:46:52 +02:00
Slavi Pantaleev
782f1f5b1c Run postgres-backup in its own container network (not in matrix_docker_network) 2024-01-13 17:42:01 +02:00
Slavi Pantaleev
cdf28c39d3 Move matrix-user-verification service to its own container network 2024-01-13 17:31:03 +02:00
Slavi Pantaleev
0921087a21 Make Rageshake use its own container network 2024-01-13 17:29:14 +02:00
Slavi Pantaleev
c96a0156c0 Make matrix-dynamic-dns use its own container network 2024-01-13 17:18:22 +02:00
Slavi Pantaleev
c86cff2708 Fix NeDB to Postgres importing task for matrix-bridge-appservice-slack
Same as 250b91a40968e, but for Slack
2024-01-13 17:18:22 +02:00
Slavi Pantaleev
6b73073012 Fix NeDB to Postgres importing task for matrix-bridge-appservice-irc
Postgres is not in `matrix_docker_network` anymore, so what we had
before could not possibly work anymore.
2024-01-13 17:18:22 +02:00
Slavi Pantaleev
3f212feb1f Move matrix-email2matrix to its own container network 2024-01-13 17:18:22 +02:00
Slavi Pantaleev
e2157517af Hook matrix-homeserver-proxy to matrix-prometheus-nginxlog-exporter 2024-01-13 16:51:09 +02:00
Slavi Pantaleev
262caf0d59 Add native Traefik support to matrix-prometheus-nginxlog-exporter 2024-01-13 16:50:44 +02:00
Slavi Pantaleev
5d76b91dc2 Restore matrix-corporal functionality when matrix-nginx-proxy is not involved 2024-01-13 15:29:47 +02:00
Slavi Pantaleev
c23022ff86 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-13 15:07:07 +02:00
Slavi Pantaleev
71e0022d9a Upgrade prometheus-postgres-exporter (v0.14.0-2 -> v0.14.0-3) and stop using prometheus_postgres_exporter_server_fqn 2024-01-13 15:06:29 +02:00
Slavi Pantaleev
48e6344c9e Merge branch 'master' into bye-bye-nginx-proxy 2024-01-13 10:25:35 +02:00
Slavi Pantaleev
22dce1d4cc Upgrade matrix-reminder-bot and lock it down via the new allowlist setting 2024-01-13 10:22:06 +02:00
Slavi Pantaleev
48311bb96a Stop using deprecated variable name (prometheus_node_exporter_server_fqn) 2024-01-13 09:05:43 +02:00
Slavi Pantaleev
3c81d0b06a Only expose prometheus-node-exporter/prometheus-postgres-exporter metrics publicly if matrix_metrics_exposure_enabled 2024-01-12 17:58:11 +02:00
Slavi Pantaleev
c468a860f8 Switch to exposing prometheus-postgres-exporter via native Traefik labels, not via matrix-prometheus-services-proxy-connect.. and remove matrix-prometheus-services-proxy-connect role
This requires at least `v0.14.0-2` of the `prometheus-postgres-exporter`
Ansible role.
2024-01-12 17:54:54 +02:00
Slavi Pantaleev
beb0f2387d Switch to exposing prometheus-node-exporter via native Traefik labels, not via matrix-prometheus-services-proxy-connect
This requires at least `v1.7.0-2` of the `prometheus-node-exporter`
Ansible role.
2024-01-12 17:41:54 +02:00
Slavi Pantaleev
7fba83924c Remove etherpad-proxy-connect role 2024-01-12 17:22:46 +02:00
Slavi Pantaleev
4018aa38b3 Move matrix-registration service to its own network and add native Traefik support 2024-01-12 17:17:12 +02:00
Slavi Pantaleev
41a52945d6 Add support for exposing metrics for Synapse workers 2024-01-12 12:16:06 +02:00
Slavi Pantaleev
22f5f0ba75 Add support for exposing metrics for Synapse (without workers) 2024-01-12 12:15:57 +02:00
Slavi Pantaleev
18254cd0b2 Remvoe all Traefik labels from matrix-nginx-proxy and update docs for delegation via SRV 2024-01-11 12:31:56 +02:00
Slavi Pantaleev
c4d6144bb9 Add metrics-exposure support for Dendrite 2024-01-11 12:02:15 +02:00
Slavi Pantaleev
e902214070 Automatically expose /_synapse/admin for Dendrite when synapse-admin is enabled
This is what we do for Synapse as well.
2024-01-11 11:31:12 +02:00
Slavi Pantaleev
d8eb768e03 Add native Traefik support to matrix-dendrite 2024-01-11 11:30:42 +02:00
Slavi Pantaleev
f78adfde47 Remove Synapse support from matrix-nginx-proxy 2024-01-11 09:24:01 +02:00
Slavi Pantaleev
030e8065e4 Remove Conduit support from matrix-nginx-proxy 2024-01-11 09:21:00 +02:00
Slavi Pantaleev
9ae8ccac36 Add matrix_conduit_hostname 2024-01-11 09:17:13 +02:00
Slavi Pantaleev
4639eebf12 Add native Traefik support to matrix-conduit 2024-01-11 08:56:51 +02:00
Slavi Pantaleev
53b5d8286f Merge branch 'master' into bye-bye-nginx-proxy 2024-01-11 08:35:53 +02:00
Slavi Pantaleev
6766216fcb Wire Conduit to advertise usage of the Coturn TURN server
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3089
2024-01-11 07:52:48 +02:00
Slavi Pantaleev
f54b68956d Adapt matrix-media-repo to new container network setup, etc. 2024-01-09 18:52:38 +02:00
Slavi Pantaleev
db272ab995 Move ma1sd out matrix-addons and into matrix-homeserver container network
Such a core service probably belongs better when it's in the homeserver network
2024-01-09 18:51:25 +02:00
Slavi Pantaleev
fc79afadd1 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-09 16:07:54 +02:00
Slavi Pantaleev
3e19c8b102 Define matrix_media_repo_homeservers_auto in group vars
This is mostly so as to avoid referring to variables from other roles,
like `matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container`.
2024-01-09 16:07:23 +02:00
Slavi Pantaleev
c7a637bfde Merge branch 'master' into bye-bye-nginx-proxy 2024-01-09 16:03:01 +02:00
Slavi Pantaleev
883afa11dc Do not hardcode devture_postgres_identifier in matrix-media-repo role
This should come (and already does) from group_vars/matrix_servers
2024-01-09 16:02:31 +02:00
Slavi Pantaleev
aea66442a1 Move matrix-ma1sd to its own container network and add native Traefik support 2024-01-09 15:27:13 +02:00
Slavi Pantaleev
61216d51cc Move matrix-ldap-registration-proxy to its own container network and add native Traefik support
This also makes it handle the `/_matrix/client/v3/register` endpoint,
not just `/_matrix/client/r0/register`
2024-01-09 11:28:20 +02:00
Slavi Pantaleev
998e9ce655 Revert "Auto-generate matrix_bot_matrix_registration_bot_bot_password via group vars"
This reverts commit bf95ad2235.

This was a bad idea.
It's better to have people manually define the password.

Otherwise, `matrix_homeserver_generic_secret_key` changing some day in
the future would break the bot and one would have to figure out how to
reset its password manually.

Using an explicit password is more stable.
2024-01-09 10:22:20 +02:00
Slavi Pantaleev
bf95ad2235 Auto-generate matrix_bot_matrix_registration_bot_bot_password via group vars 2024-01-09 10:19:57 +02:00
Slavi Pantaleev
fce84a2b3c Rename variable for consistency (matrix_homeserver_proxy_ident -> matrix_homeserver_proxy_identifier) 2024-01-09 09:54:42 +02:00
Slavi Pantaleev
2f27a57d00 Rename variable for consistency (matrix_static_files_ident -> matrix_static_files_identifier) 2024-01-09 09:54:00 +02:00
Slavi Pantaleev
ea992496a3 Add matrix-cactus-comments-client role
This is split out from matrix-cactus-comments (see 241779b583),
but also heavily inspired by `matrix-static-files`.
2024-01-09 09:53:01 +02:00
Slavi Pantaleev
14b252c5f0 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-08 20:00:10 +02:00
Slavi Pantaleev
7c5cbecd78 Enable self-building for cactus-comments on non-amd64 architectures
The container image has only ever been available for amd64,
so not enabling self-building for the other architectures was a mistake
that orignally landed in:
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2089
2024-01-08 19:58:41 +02:00
Slavi Pantaleev
241779b583 Initial work on moving matrix-cactus-comments to its own container network and splitting cactus-client out of it 2024-01-08 19:57:18 +02:00
Slavi Pantaleev
30d82cc651 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-08 18:18:34 +02:00
Slavi Pantaleev
b6916d3adc Add public_address to mautrix-discord
Related to https://github.com/mautrix/discord/issues/95
2024-01-08 18:16:02 +02:00
Slavi Pantaleev
594e6d9679 Move matrix-sms-bridge to its own container network and add support for non-Synapse homeservers 2024-01-08 18:10:38 +02:00
Slavi Pantaleev
8e8c9cc03b Move matrix-bridge-mx-puppet-twitter to its own container network and add native Traefik support 2024-01-08 17:56:37 +02:00
Slavi Pantaleev
1e19fee772 Move matrix-bridge-mx-puppet-steam to its own container network 2024-01-08 17:56:12 +02:00
Slavi Pantaleev
3c099541a7 Move matrix-bridge-mx-puppet-slack to its own container network and add native Traefik support 2024-01-08 17:56:12 +02:00
Slavi Pantaleev
150a40ec26 Move matrix-bridge-mx-puppet-instagram to its own container network 2024-01-08 17:16:50 +02:00
Slavi Pantaleev
f94f2b9823 Move matrix-bridge-mx-puppet-groupme to its own container network 2024-01-08 17:16:50 +02:00
Slavi Pantaleev
82de4581e3 Add support for disabling presence on matrix-bridge-mx-puppet-discord 2024-01-08 17:06:38 +02:00
Slavi Pantaleev
6d0ecb0269 Move matrix-bridge-mx-puppet-discord to its own container network 2024-01-08 17:03:48 +02:00
Slavi Pantaleev
8b28f8e122 Move matrix-bridge-mautrix-twitter to its own container network and add native Traefik support 2024-01-07 17:54:46 +02:00
Slavi Pantaleev
f9b4ae8241 Move matrix-bridge-mautrix-telegram to its own container network and add native Traefik support 2024-01-07 17:35:10 +02:00
Slavi Pantaleev
0f89156e94 Move matrix-bridge-mautrix-slack to its own container network 2024-01-07 17:22:43 +02:00
Slavi Pantaleev
d6911503a0 Move matrix-bridge-mautrix-signal to its own container network and add native Traefik support 2024-01-07 17:16:38 +02:00
Slavi Pantaleev
7ec6fd3dfe Make bridges/bots use matrix_addons_homeserver_client_api_url (instead of matrix_homeserver_container_url) 2024-01-07 17:04:23 +02:00
Slavi Pantaleev
142de83b41 Move matrix-bridge-mautrix-hangouts to its own container network 2024-01-07 15:37:39 +02:00
Slavi Pantaleev
f8f3318bb2 Move matrix-bridge-mautrix-googlechat to its own container network 2024-01-07 15:24:11 +02:00
Slavi Pantaleev
c6c88c2503 Move matrix-bridge-mautrix-gmessages to its own container network 2024-01-07 15:24:11 +02:00
Slavi Pantaleev
5e7b882ce9 Adjust homeserver URL for Buscarron 2024-01-07 15:24:11 +02:00
Slavi Pantaleev
39e45b0298 Move matrix-bridge-heisenbridge to its own container network 2024-01-07 15:24:10 +02:00
Slavi Pantaleev
493a9abafa Move matrix-bridge-go-skype-bridge to its own container network 2024-01-07 14:48:21 +02:00
Slavi Pantaleev
205663a4be Move matrix-bridge-beeper-linkedin to its own container network 2024-01-07 13:56:40 +02:00
Slavi Pantaleev
a5618a893b Move matrix-bridge-appservice-webhooks to its own container network 2024-01-07 12:48:30 +02:00
Slavi Pantaleev
5f329f72ab Fix variable name typo in Honoroit group vars 2024-01-07 12:27:24 +02:00
Slavi Pantaleev
db53a17a38 Move matrix-bridge-appservice-slack to its own container network 2024-01-07 12:22:51 +02:00
Slavi Pantaleev
3fe3d5a78c Move matrix-bridge-appservice-kakaotalk to its own container network 2024-01-07 12:04:27 +02:00
Slavi Pantaleev
dcdc43b6aa Move matrix-bridge-appservice-irc to its own container network 2024-01-07 12:00:46 +02:00
Slavi Pantaleev
bf11a3c2ca Tie up some loose ends for matrix-appservice-discord 2024-01-07 11:56:05 +02:00
Slavi Pantaleev
0994730f4d Minor improvements to mautrix-facebook group vars wiring 2024-01-07 10:24:06 +02:00
Slavi Pantaleev
7d625011a1 Move matrix-bridge-appservice-discord to its own container network 2024-01-07 10:23:01 +02:00
Slavi Pantaleev
c5006c3ac2 Move matrix-bot-maubot to its own container network and add native Traefik support 2024-01-07 10:16:42 +02:00
Slavi Pantaleev
a794db4c38 Reorder matrix-bot-matrix-reminder-bot group vars for consistency 2024-01-07 09:35:18 +02:00
Slavi Pantaleev
87c8c29c47 Move matrix-bot-matrix-registration-bot to its own container network 2024-01-07 09:33:37 +02:00
Slavi Pantaleev
628496d022 Move matrix-bot-honoroit to its own container network 2024-01-07 09:30:08 +02:00
Slavi Pantaleev
835f623bb8 Move matrix-bot-go-neb to its own container network 2024-01-07 09:23:24 +02:00
Slavi Pantaleev
867af6385a Move matrix-bot-mjolnir to its own container network 2024-01-07 09:20:24 +02:00
Slavi Pantaleev
88ad58fccb Move matrix-bot-draupnir to its own container network 2024-01-07 09:04:38 +02:00
Slavi Pantaleev
d8b867b6fb Move matrix-bot-buscarron to its own container network 2024-01-07 09:04:35 +02:00
Slavi Pantaleev
14d57bb7a6 Reorganize mautrix-facebook group vars for consistency 2024-01-07 08:58:06 +02:00
Slavi Pantaleev
b122c7092a Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 18:12:44 +02:00
Slavi Pantaleev
d116d863e6 Move exim-relay service to its own network and connect Synapse & ma1sd to it automatically 2024-01-05 18:10:24 +02:00
Slavi Pantaleev
0bb40d1337 Fix integration between ma1sd and exim-relay
Regression since ba0a4e864a
2024-01-05 17:59:27 +02:00
Slavi Pantaleev
377fce5855 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 17:55:49 +02:00
Slavi Pantaleev
ba0a4e864a Replace matrix-mailer with an external role 2024-01-05 17:54:50 +02:00
Slavi Pantaleev
9488e3857a Put all homeservers in the matrix-homeserver container network 2024-01-05 16:49:48 +02:00
Slavi Pantaleev
1be90cf87d Move Postgres to its own network for better isolation
A lot of services are yet to be updated to start connecting to
`devture_postgres_container_network` as an additional network.
Many are already done, but I'll go through all the others later.
2024-01-05 16:38:32 +02:00
Slavi Pantaleev
b37a02720f Move all Matrix client apps into the matrix-addons container network
Putting each client into its own network was good for isolation,
but it's quite wasteful in terms of the container network pool.
2024-01-05 07:17:11 +02:00
Slavi Pantaleev
d262ca0fe6 Only enable matrix-synapse-reverse-proxy-companion when Synapse workers are enabled
This allows us to eliminate the companion and decrease overhead for
simple servers which do not use workers.
2024-01-05 07:00:50 +02:00
Slavi Pantaleev
499e4887f7 Connect sliding-sync directly to the homeserver
This saves up 1 container network and avoids going through extra proxies
unnecessarily.
2024-01-05 06:28:42 +02:00
Slavi Pantaleev
7a6a6270d1 Fix API endpoints for Synapse when companion is disabled (removing leading http://) 2024-01-05 06:26:56 +02:00
Slavi Pantaleev
3fb016cd6b Put bots and bridges in the same network and remove a few variables
Downsides: decreasing security slightly due to less networking isolation

Benefits:

- decreased complexity
- having a generically-named `matrix-addons` network we may use for other things now (client apps, etc.)
- not exhausting the container networks pool with 2 (or more) networks and using just 1
2024-01-05 06:13:12 +02:00
Slavi Pantaleev
170f321a01 Minor sliding-sync improvements 2024-01-05 06:04:44 +02:00
Slavi Pantaleev
015acb6d08 Add native Traefik support to matrix-synapse 2024-01-04 19:00:23 +02:00
Slavi Pantaleev
abde681b56 Clean up some matrix_nginx_proxy_proxy_matrix_metrics_* references 2024-01-04 12:49:00 +02:00
Slavi Pantaleev
54fb153acf Expose /_synapse/* APIs via matrix-synapse-reverse-proxy-companion
This also updates validation tasks and documentation, pointing to
variables in the matrix-synapse role which don't currently exist yet
(e.g. `matrix_synapse_container_labels_client_synapse_admin_api_enabled`).

These variables will be added soon, as Traefik labels are added to the
`matrix-synapse` role. At that point, the `matrix-synapse-reverse-proxy-companion` role
will be updated to also use them.
2024-01-04 11:37:17 +02:00
Slavi Pantaleev
0ea3fa0e85 Add matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname to simplify wiring 2024-01-04 10:53:43 +02:00
Slavi Pantaleev
4752e7f9a0 Get rid of matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain 2024-01-04 10:27:32 +02:00
Slavi Pantaleev
e678adfeda Add root path (/) handling to matrix-synapse-reverse-proxy-companion (redirect or /_matrix/static/ serving) 2024-01-04 10:24:33 +02:00
Slavi Pantaleev
bbd9493b8f Handle /_matrix Client-Server and Federation APIs directly at matrix-synapse-reverse-proxy-companion 2024-01-03 17:05:59 +02:00
Slavi Pantaleev
e81a395a98 Drop some matrix_nginx_proxy_proxy_riot_compat_* variables
matrix-nginx-proxy is going away and this is one of the features it
offered.

This feature will have no equivalent in our new Traefik-only
setup, although it's possible to implement it manually by using
`matrix_client_element_container_labels_additional_labels`
2024-01-03 14:43:45 +02:00
Slavi Pantaleev
cc75be9c65 Add support for serving the base domain via matrix-static-files 2024-01-03 14:39:17 +02:00
Slavi Pantaleev
da48a605bb More progress on matrix-static-files role and cleaning up of matrix-base and matrix-nginx-proxy 2024-01-03 13:46:25 +02:00
Slavi Pantaleev
065b70203d [WIP] Initial work on matrix-static-files role 2024-01-03 13:05:59 +02:00
Slavi Pantaleev
128a7b82d5 Switch mautrix-instagram from matrix-nginx-proxy to matrix-homeserver-proxy
This is completely untested.
2024-01-03 09:25:05 +02:00
Slavi Pantaleev
feaf1ee7e7 Switch mautrix-whatsapp from matrix-nginx-proxy to matrix-homeserver-proxy 2024-01-02 17:41:36 +02:00
Slavi Pantaleev
20c7cabfe4 Switch mautrix-discord from matrix-nginx-proxy to matrix-homeserver-proxy 2024-01-02 17:22:23 +02:00
Slavi Pantaleev
77b0ef4799 Add Traefik support to Hookshot 2024-01-02 17:10:26 +02:00
Slavi Pantaleev
4a6287c528 Initial work on matrix-homeserver-proxy role and eliminating matrix-nginx-proxy
This is still very far from usable.

Various bridges and bots are still talking to
`matrix-nginx-proxy` instead of the new `matrix-homeserver-proxy` role.
These services need to be reworked. While reworking them,
various cleanups are being done as well as adding Traefik-labels to
those that need them.
2024-01-02 16:07:40 +02:00
Pierre 'McFly' Marty
811c6b1af5
Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-26 09:39:46 +01:00
Aine
87a74335f9
add automatic registration of chatgpt bot's user (if password is provided) 2023-12-23 13:30:39 +02:00
Slavi Pantaleev
11ee949e9e Add native Traefik support to matrix-corporal (HTTP API) 2023-12-23 10:36:20 +02:00
Pierre 'McFly' Marty
055406b255
Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-22 16:48:06 +01:00
Slavi Pantaleev
e7a911a7fa Add note about matrix_nginx_proxy_proxy_media_repo_enabled 2023-12-22 09:18:44 +02:00
Slavi Pantaleev
ce013a325c Remove duplicate matrix_media_repo_identifier definition from group_vars/matrix_servers
`matrix_media_repo_identifier` is already defined in the role defaults,
which is a better role to have it anyway.
2023-12-22 08:43:30 +02:00
Michael Hollister
0908c6b662 Added Traefik support to MMR 2023-12-20 13:38:46 -06:00
Pierre 'McFly' Marty
c93b642f90
doc: check typo 2023-12-18 16:51:35 +01:00
Pierre 'McFly' Marty
2f6525ccb3
refactor: remove signalgo and update signal to 'after merge' 2023-12-18 16:38:52 +01:00
Pierre 'McFly' Marty
0e4c878ee3
Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-16 12:34:56 +01:00
Slavi Pantaleev
dbf1a685bf Do not connect Hookshot to Redis unless encryption is enabled
It seems like connectivity is problematic, even though the networks
appear to be configured correctly:

> [ioredis] Unhandled error event: Error: connect ECONNREFUSED 172.22.0.2:6739
> at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1595:16)

For now, I disable pointing the queue host to Redis to avoid it.
It should be investigated.

People who enable Hookshot's new experimental encryption may encounter
this also.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3042
2023-12-16 09:54:09 +02:00
Slavi Pantaleev
94c1503a60 Add support for experimental encryption in Hookshot
Squashed based on the work done in https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3042

commit 49932b8f3c17c4c4db7a884658c42f9a8b0550ca
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:21:31 2023 +0200

    Fix syntax in matrix-bridge-hookshot/tasks/reset_encryption.yml

    Also, this task always does work and side-effects, so it should always report changes
    (`changed_when: true`).

commit 6bdf7a9dcb73385313a1f34d52e27ad0cf95fb3e
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:12:41 2023 +0200

    Add Hookshot validation task to ensure queue settings are set when encryption is enabled

commit 8c531b7971b5dfd15ca541b5072b3eb8237cdcf9
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:10:17 2023 +0200

    Add missing variables rewiring in group_vars/matrix_servers for Hookshot

commit 7d26dabc2fe692f5e1236c0e250f85996f3fd0c2
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:08:19 2023 +0200

    Add defaults for matrix_hookshot_queue_host and matrix_hookshot_queue_port

commit 74f91138c92f1d1b69eb973803b882849e31a259
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:06:17 2023 +0200

    Fix syntax for connecting to additional networks for Hookshot

commit ca7b41f3f2d0c2900b2805294476f70e82461304
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:05:28 2023 +0200

    Fix indentation and remove unnecessary if-statements

commit ac4a918d58fc76e7332446a65609b56c5e4da00c
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:04:44 2023 +0200

    Add missing --network for Hookshot

    This seems to have been removed by accident.

commit 6a81fa208fca28951fc131cbf33b95ec78748a40
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:02:47 2023 +0200

    Make automatic Redis enabling safer, when Hookshot encryption enabled

    If we ever default encryption to enabled for Hookshot, we only wish to force-enable Redis if Hookshot is actually enabled.

commit 75a8e0f2a6cbf1562cb99c68ad1f20e4d47735ed
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:01:10 2023 +0200

    Fix typo

commit 98ad182eaccc7ab457ead4e03cc0d4f2a525a47d
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:37:40 2023 +0100

    Add defaults for Hookshot's encryption

commit 29fa9fab151f513908d3e45882003da107a63c93
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:35:11 2023 +0100

    Improve wording of Hookshot's encryption section

commit 4f835e0560012754d7ce0b56619a97c68a297992
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:28:52 2023 +0100

    use safer mount options for the container's files

commit 8c93327e25c5e6af2442c676d5f264d4051c80e2
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:26:01 2023 +0100

    fix filename

commit 03a7bb6e7798dd95f7894311e4dd34dfa09f70fa
Merge: e55d7694 06047763
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:23:44 2023 +0100

    Merge branch 'HarHarLinks/hookshot-encryption' of https://github.com/real-joshua/matrix-docker-ansible-deploy into HarHarLinks/hookshot-encryption

commit 06047763bbd427dde117c6635ac7301198571158
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:15:54 2023 +0100

    Update roles/custom/matrix-bridge-hookshot/templates/config.yml.j2

    change the if statement to not require a variable with a length > 0 and add a filter to json for the redis host

    Co-authored-by: Slavi Pantaleev <slavi@devture.com>

commit e55d769465bd299081464e68d34851729d42d5ff
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:13:50 2023 +0100

    clarify that Redis is required, standardadise on Hookshot with an upper-case first letter for consistency

commit 66706e4535704deba63e5aa2102f324f9b14dae3
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:08:20 2023 +0100

    Update roles/custom/matrix-bridge-hookshot/templates/config.yml.j2

    fix for a typo

    Co-authored-by: Slavi Pantaleev <slavi@devture.com>

commit f6aaeb9a16f84409d31188e696885afed89fbdcc
Merge: e5d34002 869dd33f
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 00:22:34 2023 +0100

    Merge branch 'master' into HarHarLinks/hookshot-encryption

commit e5d34002fd6c39c3e18df04e20d0c8b25475db78
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 00:09:27 2023 +0100

    Add Jinja loop to allow adding multiple networks

commit 69f947782d6e072c3edc4ee4c7d5ccf69eccf3fd
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Thu Dec 14 23:52:41 2023 +0100

    split if statements for the message queue and experimental encryption support into seperate statements

commit 4c13be1c89ffb1b06475c7da546f7956e67b36a1
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Thu Dec 14 23:31:19 2023 +0100

    change variable name per spantaleev's suggestion (https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2979#discussion_r1379015551)

commit 9905309aa9448f91297f8c7618bf62682eee2af7
Author: HarHarLinks <kim.brose@rwth-aachen.de>
Date:   Wed Nov 1 16:14:04 2023 +0100

    amend docs

commit 94abf2d5bde63919c6b5597f3142eea5fed73815
Author: HarHarLinks <kim.brose@rwth-aachen.de>
Date:   Wed Nov 1 16:05:22 2023 +0100

    draft encryption support for hookshot
2023-12-16 09:23:35 +02:00
Slavi Pantaleev
f4806aadcb Make "just install-service nginx-proxy" properly restart it 2023-12-16 08:39:23 +02:00
Pierre 'McFly' Marty
c028d75f9e
fix: sqlite backend is sqlite3-fk-wal 2023-12-15 23:08:25 +01:00
Pierre 'McFly' Marty
173286470c
fix: signalgo starts properly 2023-12-14 22:30:25 +01:00
Pierre 'McFly' Marty
a42aacb41c
fix: remove unsued signalgo-daemon.service 2023-12-14 21:44:14 +01:00
Pierre 'McFly' Marty
0f7b89523f
feat: enroll signalgo to nginx proxy 2023-12-14 18:23:55 +01:00
Slavi Pantaleev
7cf713f591 Switch from devture_traefik_container_additional_networks to devture_traefik_container_additional_networks_auto
Related to e3375d56f3
2023-12-05 09:17:20 +02:00
Aine
5bc8903422
fix included postgres role name in matrix_servers 2023-11-19 16:00:34 +02:00
Slavi Pantaleev
c0595d6e44 Add explicit names for roles (affects their install paths) 2023-11-19 14:08:03 +02:00
Chikage
7d668a488e add self-build for matrix_user_verification
Currently v3.0.0 tested with no issues.
So remove matrix_user_verification_service_docker_image from groups_vars.

/.npm must be writable or an error will be reported.
2023-11-08 04:35:24 +09:00
Slavi Pantaleev
670ae6f602 Upgrade Jitsi (v8960-2 -> v8960-3) and pass jitsi_user_username explicitly
It would work even without explicitly passing `jitsi_user_username` as
auto-detection logic will run. Passing it explicitly spares the Jitsi
role some work.

Related to:

- https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/pull/2
- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2974#issuecomment-1784256903
2023-10-31 08:33:36 +02:00
Aine
ffc2aef0b2
fix jitsi auth (w/ auth; w/o auth), closes #2589 2023-10-26 22:34:08 +03:00
Slavi Pantaleev
29b62f77a5 Upgrade Postgres (v16.0-5 -> v16.0-6) - adds auto-tuning 2023-10-18 08:24:52 +03:00
Slavi Pantaleev
dc9ff4e01b Add support for external-IP-address-autodetection to Coturn 2023-10-10 11:10:21 +03:00
Slavi Pantaleev
5bc6ca2af5 Switch from devture_postgres_systemd_services_to_stop_for_maintenance_list to devture_postgres_systemd_services_to_stop_for_maintenance_list_auto
Only available since v16.0-2 of the Postgres role.
2023-09-16 11:41:07 +03:00
Slavi Pantaleev
bff851c858 Properly stop all services when doing Postgres maintenance, not just the homeserver 2023-09-16 11:39:39 +03:00
Slavi Pantaleev
35294046b4
Do not enable SchildiChat by default
Related to #2851 

Fixes #2861
2023-09-01 12:02:57 +03:00
Aine
86655db995
add SchildiChat client 2023-08-30 19:23:52 +03:00
Slavi Pantaleev
a036987ba4 Do not define devture_traefik_provider_configuration_extension_yaml in group_vars/matrix_servers
`devture_traefik_provider_configuration_extension_yaml` should not be
set automatically by the playbook. It's a variable to be used by users.

Moreover, setting for for everyone (not just people who have additional JVBs)
means that for most people the following error will be produced:

> 'dict object' has no attribute 'jitsi_jvb_servers'

.. as detailed in https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2844

Fixes a regression introduced in: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2842
2023-08-25 15:44:51 +03:00