Commit Graph

5577 Commits

Author SHA1 Message Date
Slavi Pantaleev
36658addcd Work around buggy docker_network sometimes failing to work
If a network like `matrix-whatever` already exists for some reason,
the `docker_network` module would not create our `matrix` network.
Working around it by avoiding `docker_network` and doing it manually.

Fixes Github issue #12
2018-10-15 07:49:44 +03:00
Slavi Pantaleev
17ea05683b Fix yum/apt module invocation
The old way is deprecated and would stop working
after Ansible 2.11.
2018-10-12 09:00:53 +03:00
Slavi Pantaleev
a1c1ec9b7f Update dependencies 2018-10-08 08:24:20 +03:00
Slavi Pantaleev
2185177957 Remove lt-cred-mech Coturn option
Coturn reports it as an option that conflicts with `use-auth-secret`.
Some reasoning is here: fa523e8d09
2018-10-08 08:22:40 +03:00
Slavi Pantaleev
cc3e34b128 Fix to_yaml silliness 2018-10-05 10:59:02 +03:00
Slavi Pantaleev
b49f4531e8 Make user presence-status tracking configurable 2018-10-05 10:35:16 +03:00
Slavi Pantaleev
7350842d9b Pull in homeserver.yaml template updates 2018-09-27 10:43:31 +03:00
Slavi Pantaleev
242f388af3 Make Synapse cache factor configurable 2018-09-27 10:03:31 +03:00
Slavi Pantaleev
161854e6d7 Disable Docker container logging
`--log-driver=none` is used for all Docker containers now.

All these containers are started through systemd anyway and get logged in journald,
so there's no need for Docker to be logging the same thing using the default `json-file` driver.
Doing that was growing `/var/lib/docker/containers/..` infinitely until service/container restart.

As a result of this, things like `docker logs matrix-synapse` won't work anymore.
`journalctl -u matrix-synapse` is how one can see the logs.
2018-09-26 09:11:19 +03:00
Slavi Pantaleev
4fbaa02bef Update Synapse (v0.33.4 -> v0.33.5.1) 2018-09-26 08:48:30 +03:00
Slavi Pantaleev
de5f4f7a05 Update matrix-corporal dependency 2018-09-20 10:34:11 +03:00
Slavi Pantaleev
2df4349606 Fix matrix-corporal nginx configuration trouble in certain conditions
If the playbook were to run with `--tags=setup-nginx-proxy`,
it wouldn't go into `setup_corporal.yml`, which meant it wouldn't
perform a bunch of `set_fact` calls which override important
nginx proxy configuration.

We run these variable overrides on each call now (tagged with `always`)
to avoid such problems in the future.
2018-09-20 09:25:00 +03:00
Slavi Pantaleev
0d0ccde286 Add Service Discovery (/.well-known/matrix/client) support 2018-09-17 10:51:46 +03:00
Slavi Pantaleev
38e3ffa29c Rename variable (matrix_riot_web_default_identity_server_url -> matrix_identity_server_url) 2018-09-17 08:44:29 +03:00
Slavi Pantaleev
4f48508014 Rename variable (matrix_nginx_riot_web_data_path -> matrix_riot_web_data_path) 2018-09-17 08:43:31 +03:00
Slavi Pantaleev
3fed0ec594 Remove now-useless file 2018-09-17 08:18:15 +03:00
Slavi Pantaleev
2446b4845c Update matrix-corporal dependency 2018-09-15 11:50:02 +03:00
Slavi Pantaleev
8bbb6f0c60 Update dependencies 2018-09-12 20:04:54 +03:00
Slavi Pantaleev
21916c1a3c Update matrix-corporal (1.1 -> 1.1.1) 2018-09-08 11:19:39 +03:00
Slavi Pantaleev
620553e408 Update README 2018-09-07 23:35:04 +03:00
Hugues Morisset
6ef934a416 Mautrix telegram minimum config variable requirement 2018-09-07 20:03:56 +02:00
Hugues Morisset
45fb2df43f Fix some problem with permissions
Fix typo
Move mautrix variable in `defaults/main.yml` exclusively
2018-09-07 20:02:46 +02:00
Hugues Morisset
7b5f68c431 Add mautrix-telegram to bridge with telegram services 2018-09-07 20:02:46 +02:00
Slavi Pantaleev
7adcdf3040 Add the ability to control event_cache_size for Synapse
I've found the previous 10K default value to be way too low
on a bunch of servers I'm running, so it's now up to
100K and made configurable.
2018-09-07 16:15:40 +03:00
Slavi Pantaleev
b52d91e180 Add the ability to controll password-peppering for Synapse
Closes Github issue #5
2018-09-07 15:01:38 +03:00
Slavi Pantaleev
6d6a6412fa Add the ability to control statistics-reporting for Synapse
Closes Github issue #3
2018-09-07 14:49:51 +03:00
Slavi Pantaleev
88b4434da9 Fix incorrect path 2018-09-07 13:59:29 +03:00
Slavi Pantaleev
7310498f71 Update certbot 2018-09-06 18:23:16 +03:00
Slavi Pantaleev
49e0d0e6db Update dependencies 2018-09-06 18:13:06 +03:00
Slavi Pantaleev
7428b941c8 Remove old s3fs stuff
We've been using Goofys for a long time instead.
2018-08-29 10:14:48 +03:00
Slavi Pantaleev
23e4a4734b Switch from acmetool to certbot for SSL certificate retrieval 2018-08-29 09:37:44 +03:00
Slavi Pantaleev
d5346656e3 Use 0.16.1 for riot-web, as the image for 0.16.2 is still unavailable 2018-08-29 08:46:21 +03:00
Slavi Pantaleev
51ac3421b5 Update matrix-corporal (1.0.1 -> 1.1) 2018-08-24 17:13:58 +03:00
Slavi Pantaleev
314ff09846 Update dependencies 2018-08-24 10:01:25 +03:00
Slavi Pantaleev
92e6fdd279 Update dependencies 2018-08-23 08:35:38 +03:00
Slavi Pantaleev
861957b6f1 Add missing when statement 2018-08-23 08:35:30 +03:00
Slavi Pantaleev
5398d80f01 Add support for matrix-corporal 2018-08-21 13:34:34 +03:00
Slavi Pantaleev
02d5b54fa5 Add controls for influencing Matrix Synapse's rate-limiting 2018-08-20 21:25:06 +03:00
Slavi Pantaleev
14d7d3e670 Add support for matrix-synapse-shared-secret-auth 2018-08-20 17:11:55 +03:00
Slavi Pantaleev
f72882fe1a Fix user registration regression
Regression since a302a7d748,
which made the Matrix Client API only available on
the http port (8008) and not over the federation port (8448).
2018-08-17 12:23:25 +03:00
Slavi Pantaleev
b0f1a1c80f Fix nginx warning: adding already-default text/html to gzip_types 2018-08-17 10:44:34 +03:00
Slavi Pantaleev
832a4d71c1 Default to INFO logging for matrix-synapse-rest-auth, not DEBUG 2018-08-17 09:35:52 +03:00
Slavi Pantaleev
21a108262f Remove some leftover debug statements 2018-08-17 09:30:41 +03:00
Slavi Pantaleev
25becc63d5 Minor fixups for the matrix-synapse-rest-auth handling 2018-08-17 09:25:54 +03:00
Slavi Pantaleev
ea43d46b70 Add matrix-synapse-rest-auth support 2018-08-17 09:02:17 +03:00
Slavi Pantaleev
df79901f8b Improve compression support 2018-08-17 08:00:38 +03:00
Slavi Pantaleev
a302a7d748 Only run federation on 8448 and client on 80
This disables federation on the 80 port, as it's
not necessary. We also disable the old Angular webclient.

For the federation port (8448), we disable the client APIs
as those are not necessary. Those can even cause trouble
if one doesn't know about them and thinks that guarding the client
APIs at the 80 port is enough.
2018-08-17 07:55:58 +03:00
Slavi Pantaleev
74093dfb15 Add mxisd Identity Server support 2018-08-15 10:46:13 +03:00
Slavi Pantaleev
617712000e Minor wording improvements 2018-08-15 10:19:31 +03:00
Slavi Pantaleev
1c71cb110e Change SSL certificate obtaining a bit 2018-08-14 14:50:10 +03:00