Slavi Pantaleev
b94ae91d0a
Fix ansible-lint-reported errors
2024-05-28 10:52:17 +03:00
Slavi Pantaleev
3a4e58c34d
Add migration task for Debiant apt repositories for Docker referencing /etc/apt/keyrings/docker.asc key
...
Related to:
- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3337
- https://github.com/geerlingguy/ansible-role-docker/pull/436
2024-05-28 10:38:50 +03:00
Slavi Pantaleev
a967f44c10
Ensure matrix-ssl-nginx-proxy-reload.{timer,service} are removed
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3307
2024-05-07 09:31:44 +03:00
Slavi Pantaleev
50813c600d
Only run Debian Signed-By migration if Docker installation is managed by the playbook
2024-03-26 17:04:04 +02:00
Slavi Pantaleev
b1413a5645
Ensure matrix-ssl-lets-encrypt-certificates-renew systemd timer and service are gone
...
We may have had another migration task before, but I cannot find it now.
Some people have reported a leftover systemd timer and service,
so it's evident that not everyone has gone through that previous migration.
2024-02-23 08:50:04 +02:00
Slavi Pantaleev
1468c08065
Wire matrix_server_fqn_matrix_federation to matrix_SERVICE_*_public_federation_api_traefik_hostname for ease of use
2024-01-26 16:04:55 +02:00
Slavi Pantaleev
dafeee92f4
Adjust matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_hostname validation check message to mention matrix_static_files_file_matrix_server_property_m_server
2024-01-26 12:17:49 +02:00
Slavi Pantaleev
b48b06d2f8
Add missing bracket
2024-01-26 12:10:34 +02:00
Slavi Pantaleev
5ca4d6ebc5
Add validation check for matrix_nginx_proxy_container_labels_traefik_proxy_matrix_federation_hostname
2024-01-26 12:09:54 +02:00
Slavi Pantaleev
474db10238
Reorder Ansible task module parameters to make ansible-lint happy
2024-01-17 17:27:31 +02:00
Slavi Pantaleev
f9e19e9623
Always uninstall matrix-nginx-proxy, if discovered
...
This changes the behavior of
`matrix_playbook_migration_matrix_nginx_proxy_uninstallation_enabled`
and is against what we initially described in the changelog entry,
but I've discovered some problems when the `matrix-nginx-proxy` service
and container remain running. They need to go.
2024-01-17 17:22:08 +02:00
Slavi Pantaleev
042c74f90c
Remove some useless oidc variables and /_synapse/oidc route handling
...
After some checking, it seems like there's `/_synapse/client/oidc`,
but no such thing as `/_synapse/oidc`.
I'm not sure why we've been reverse-proxying these paths for so long
(even in as far back as the `matrix-nginx-proxy` days), but it's time we
put a stop to it.
The OIDC docs have been simplified. There's no need to ask people to
expose the useless `/_synapse/oidc` endpoint. OIDC requires
`/_synapse/client/oidc` and `/_synapse/client` is exposed by default
already.
2024-01-17 14:45:19 +02:00
Slavi Pantaleev
1036ae212f
Update deprecation message for matrix_playbook_ssl_retrieval_method
2024-01-16 10:12:43 +02:00
Slavi Pantaleev
8f56166e6b
Restore invocation of matrix-mailer migration tasks
...
Seems like calling these tasks got removed at some point
while merge the `bye-bye-nginx-proxy` branch.
2024-01-16 09:40:01 +02:00
Slavi Pantaleev
b91ad453be
Adjust TLS variables for homeservers to follow devture_traefik_config_entrypoint_web_secure_enabled (via matrix_federation_traefik_entrypoint_tls)
2024-01-15 09:39:36 +02:00
Slavi Pantaleev
8f64262e31
Fix yamllint-reported errors
2024-01-14 18:52:18 +02:00
Slavi Pantaleev
f4f3d57520
Remove all traces of matrix-nginx-proxy, add validation & uninstallation tasks
2024-01-14 18:42:14 +02:00
Slavi Pantaleev
aff57d67c0
Adjust Synapse OIDC variable wiring and docs
...
Auto-enabling the OIDC APIs is convenient for people
using the new `matrix_synapse_oidc_*` variables.
2024-01-14 12:34:25 +02:00
Slavi Pantaleev
b2aeb8cde9
Rename label-related variables for homeservers
...
We'd be adding integration with an internal Traefik entrypoint
(`matrix_playbook_internal_matrix_client_api_traefik_entrypoint`),
so renaming helps disambiguate things.
There's no need for deperecation tasks, because the old names
have only been part of this `bye-bye-nginx-proxy` branch and not used by
anyone publicly.
2024-01-14 10:48:54 +02:00
Slavi Pantaleev
39bddefd39
Make addons communicate with the homeserver via a new internal Traefik entrypoint
...
This also adds labels for Synapse. Support for other homeservers and
components will be added later.
2024-01-14 10:48:54 +02:00
Slavi Pantaleev
49066d41a9
Deprecate matrix_docker_network
2024-01-13 17:49:38 +02:00
Slavi Pantaleev
07d0ec4217
Fix variable name typo in validation task
2024-01-13 17:48:39 +02:00
Slavi Pantaleev
d6e91116ab
Update documentation related to variables for prometheus-node-exporter/prometheus-postgres-exporter metrics exposure
2024-01-12 18:04:18 +02:00
Slavi Pantaleev
c468a860f8
Switch to exposing prometheus-postgres-exporter via native Traefik labels, not via matrix-prometheus-services-proxy-connect.. and remove matrix-prometheus-services-proxy-connect
role
...
This requires at least `v0.14.0-2` of the `prometheus-postgres-exporter`
Ansible role.
2024-01-12 17:54:54 +02:00
Slavi Pantaleev
beb0f2387d
Switch to exposing prometheus-node-exporter via native Traefik labels, not via matrix-prometheus-services-proxy-connect
...
This requires at least `v1.7.0-2` of the `prometheus-node-exporter`
Ansible role.
2024-01-12 17:41:54 +02:00
Slavi Pantaleev
7fba83924c
Remove etherpad-proxy-connect role
2024-01-12 17:22:46 +02:00
Slavi Pantaleev
41a52945d6
Add support for exposing metrics for Synapse workers
2024-01-12 12:16:06 +02:00
Slavi Pantaleev
bea41e28b0
Remove Dendrite support from matrix-nginx-proxy
2024-01-11 11:33:33 +02:00
Slavi Pantaleev
f78adfde47
Remove Synapse support from matrix-nginx-proxy
2024-01-11 09:24:01 +02:00
Slavi Pantaleev
030e8065e4
Remove Conduit support from matrix-nginx-proxy
2024-01-11 09:21:00 +02:00
Slavi Pantaleev
aea66442a1
Move matrix-ma1sd to its own container network and add native Traefik support
2024-01-09 15:27:13 +02:00
Slavi Pantaleev
377fce5855
Merge branch 'master' into bye-bye-nginx-proxy
2024-01-05 17:55:49 +02:00
Slavi Pantaleev
ba0a4e864a
Replace matrix-mailer with an external role
2024-01-05 17:54:50 +02:00
Slavi Pantaleev
1f6bb281e9
Fix typo in old devture-traefik migration task
2024-01-05 17:09:19 +02:00
Slavi Pantaleev
abde681b56
Clean up some matrix_nginx_proxy_proxy_matrix_metrics_* references
2024-01-04 12:49:00 +02:00
Slavi Pantaleev
54fb153acf
Expose /_synapse/* APIs via matrix-synapse-reverse-proxy-companion
...
This also updates validation tasks and documentation, pointing to
variables in the matrix-synapse role which don't currently exist yet
(e.g. `matrix_synapse_container_labels_client_synapse_admin_api_enabled`).
These variables will be added soon, as Traefik labels are added to the
`matrix-synapse` role. At that point, the `matrix-synapse-reverse-proxy-companion` role
will be updated to also use them.
2024-01-04 11:37:17 +02:00
Slavi Pantaleev
84cedff355
Adjust validation message
2024-01-04 10:38:07 +02:00
Slavi Pantaleev
4752e7f9a0
Get rid of matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain
2024-01-04 10:27:32 +02:00
Slavi Pantaleev
e81a395a98
Drop some matrix_nginx_proxy_proxy_riot_compat_* variables
...
matrix-nginx-proxy is going away and this is one of the features it
offered.
This feature will have no equivalent in our new Traefik-only
setup, although it's possible to implement it manually by using
`matrix_client_element_container_labels_additional_labels`
2024-01-03 14:43:45 +02:00
Slavi Pantaleev
cc75be9c65
Add support for serving the base domain via matrix-static-files
2024-01-03 14:39:17 +02:00
Slavi Pantaleev
da48a605bb
More progress on matrix-static-files role and cleaning up of matrix-base and matrix-nginx-proxy
2024-01-03 13:46:25 +02:00
Slavi Pantaleev
065b70203d
[WIP] Initial work on matrix-static-files role
2024-01-03 13:05:59 +02:00
Slavi Pantaleev
4a6287c528
Initial work on matrix-homeserver-proxy role and eliminating matrix-nginx-proxy
...
This is still very far from usable.
Various bridges and bots are still talking to
`matrix-nginx-proxy` instead of the new `matrix-homeserver-proxy` role.
These services need to be reworked. While reworking them,
various cleanups are being done as well as adding Traefik-labels to
those that need them.
2024-01-02 16:07:40 +02:00
Slavi Pantaleev
36c94b9364
Fix potential Docker apt repository signed-by conflict on Debian-based systems
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2999
Related to https://github.com/geerlingguy/ansible-role-docker/pull/410
2023-11-21 15:41:00 +02:00
Slavi Pantaleev
1d00d15482
Switch to exported Jitsi role
2023-04-03 08:53:46 +03:00
Slavi Pantaleev
14b8efcad2
Replace matrix-prometheus with an external Prometheus role
2023-03-21 07:38:12 +02:00
Slavi Pantaleev
d974c0c166
Make yamllint happy
2023-03-20 11:09:59 +02:00
Slavi Pantaleev
220d80ac3a
Move matrix-aux outside of this playbook
2023-03-20 11:06:27 +02:00
Slavi Pantaleev
dddfee16bc
Fix all 300+ ansible-lint-reported errors
2023-03-07 17:28:15 +02:00
Slavi Pantaleev
6e3aab6594
Make devture-traefik to matrix-traefik migration code a little safer
2023-03-06 11:00:42 +02:00