Andrea Tartaglia 
							
						 
					 
					
						
						
							
						
						68424e68e5 
					 
					
						
						
							
							feat: make synapse htpasswd file path configurable  
						
						... 
						
						
						
						When setting `matrix_nginx_proxy_enabled: false` and enabling authentication on the metrics endpoint, the htpasswd file is hardcoded to the nginx-proxy container dir, this changes the hardcoded value to a variable so the path can be updated 
						
						
					 
					
						2022-04-23 11:13:36 +01:00 
						 
				 
			
				
					
						
							
							
								borisrunakov 
							
						 
					 
					
						
						
							
						
						acaebfbf67 
					 
					
						
						
							
							optional media cache with range requests support ( #1759 )  
						
						
						
						
					 
					
						2022-04-21 10:31:26 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						0364c6c634 
					 
					
						
						
							
							Suppress old container cleanup (kill/rm) failures  
						
						... 
						
						
						
						People often report and ask about these "failures".
More-so previously, when the `docker kill/rm` output was collected,
but it still happens now when people do `systemctl status
matrix-something` and notice that it says "FAILURE".
Suppressing to avoid further time being wasted on saying "this is
expected". 
						
						
					 
					
						2022-04-11 09:05:33 +03:00 
						 
				 
			
				
					
						
							
							
								Kim Brose 
							
						 
					 
					
						
						
							
						
						5ed23e81ef 
					 
					
						
						
							
							Fix index in external_prometheus.yml.example.j2  
						
						... 
						
						
						
						For an unknown reason prometheus ignored the given "numeric" index and replaced it by 1. This made it not work properly, plus multiple workers of same types were not differentiable. With a "string" index, it works as intended. 
						
						
					 
					
						2022-03-17 18:37:37 +01:00 
						 
				 
			
				
					
						
							
							
								Alejo Diaz 
							
						 
					 
					
						
						
							
						
						4ec24ec344 
					 
					
						
						
							
							Add support for obtain ECDSA keys ( #1667 )  
						
						... 
						
						
						
						* Add support for obtain ECDSA keys
* Replace matrix_ssl_lets_encrypt_use_ecdsa_keys for matrix_ssl_lets_encrypt_key_type 
						
						
					 
					
						2022-03-03 18:15:39 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						86c36523df 
					 
					
						
						
							
							Replace ExecStopPost with ExecStop  
						
						... 
						
						
						
						Reverts b1b4ba501f90c9801c56a3c84f78ca 
						
						
					 
					
						2022-02-05 12:13:36 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						29bc22a085 
					 
					
						
						
							
							Add matrix_nginx_proxy_container_additional_networks  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1498  
						
						
					 
					
						2022-01-10 11:51:57 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						3b9d5b13e9 
					 
					
						
						
							
							Add support for not serving Dendrite federation APIs on the client port  
						
						... 
						
						
						
						Seems like Dendrite encourages serving both the Client and Federation
API at the same port.
Coming from Synapse and how things are done there, we have separate
ports. Using separate ports probably makes matrix-corporal (etc.)
integration easier, so separating the APIs by default probably makes
sense. 
						
						
					 
					
						2022-01-07 15:59:35 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						ecc237bbad 
					 
					
						
						
							
							Initial work on getting nginx reverse proxying working with Dendrite  
						
						
						
						
					 
					
						2022-01-07 15:59:35 +02:00 
						 
				 
			
				
					
						
							
							
								rakshazi 
							
						 
					 
					
						
						
							
						
						5788a16a2e 
					 
					
						
						
							
							added matrix-client-cinny  
						
						
						
						
					 
					
						2022-01-05 18:33:21 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						b1b4ba501f 
					 
					
						
						
							
							Replace ExecStop with ExecStopPost  
						
						... 
						
						
						
						ExecStopPost should allow us to clean up (docker kill + docker rm)
even if the ExecStart (docker run ..) command failed, and not just after
a graceful service stop was initiated.
Source: https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStopPost=  
						
						
					 
					
						2022-01-04 17:27:25 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						3a9fe48deb 
					 
					
						
						
							
							Make matrix-nginx-proxy's X-Forwarded-For header customizable  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1393  
						
						
					 
					
						2021-11-24 11:32:06 +02:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						f8fe68b385 
					 
					
						
						
							
							Allow workers to serve new v3 APIs  
						
						... 
						
						
						
						1f196f59cb 
					
						2021-11-17 14:54:49 +00:00 
						 
				 
			
				
					
						
							
							
								JokerGermany 
							
						 
					 
					
						
						
							
						
						c0656448f7 
					 
					
						
						
							
							Port 80 for IPv6  
						
						
						
						
					 
					
						2021-11-13 01:18:22 +01:00 
						 
				 
			
				
					
						
							
							
								b 
							
						 
					 
					
						
						
							
						
						6eaa8ac65a 
					 
					
						
						
							
							add server_name to matrix-synapsel.conf only if matrix_nginx_proxy_enabled  
						
						
						
						
					 
					
						2021-11-05 15:31:10 +02:00 
						 
				 
			
				
					
						
							
							
								Kim Brose 
							
						 
					 
					
						
						
							
						
						5f6bbafa17 
					 
					
						
						
							
							fix space before tab in indent  
						
						
						
						
					 
					
						2021-10-24 16:00:42 +02:00 
						 
				 
			
				
					
						
							
							
								HarHarLinks 
							
						 
					 
					
						
						
							
						
						7b33fc8e19 
					 
					
						
						
							
							fixup! auto-generate prometheus.yml for workers metrics  
						
						
						
						
					 
					
						2021-10-20 13:30:38 +02:00 
						 
				 
			
				
					
						
							
							
								HarHarLinks 
							
						 
					 
					
						
						
							
						
						ce41674e61 
					 
					
						
						
							
							auto-generate prometheus.yml for workers metrics  
						
						
						
						
					 
					
						2021-10-20 12:51:00 +02:00 
						 
				 
			
				
					
						
							
							
								HarHarLinks 
							
						 
					 
					
						
						
							
						
						4209c4208c 
					 
					
						
						
							
							add own variable for worker metrics  
						
						... 
						
						
						
						https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1311#issuecomment-945718866  
					
						2021-10-20 12:51:00 +02:00 
						 
				 
			
				
					
						
							
							
								HarHarLinks 
							
						 
					 
					
						
						
							
						
						d9fa2f7ed4 
					 
					
						
						
							
							add auto proxy synapse worker metrics  
						
						... 
						
						
						
						when matrix_nginx_proxy_proxy_synapse_metrics is enabled 
						
						
					 
					
						2021-10-04 21:44:50 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						31396f0615 
					 
					
						
						
							
							Merge pull request  #1295  from nogweii/feat-support-upstream-https-forwarded  
						
						... 
						
						
						
						Support trusting the upstream server when it says the protocol is HTTPS 
						
						
					 
					
						2021-09-26 09:54:15 +03:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						a676b5358c 
					 
					
						
						
							
							Fix hydrogen OCSP typo  
						
						... 
						
						
						
						From 6f80292745 
						
						
					 
					
						2021-09-24 20:09:06 -05:00 
						 
				 
			
				
					
						
							
							
								Colin Shea 
							
						 
					 
					
						
						
							
						
						2578ca4cee 
					 
					
						
						
							
							rename matrix_nginx_proxy_x_forwarded_header_value -> matrix_nginx_proxy_x_forwarded_proto_value  
						
						
						
						
					 
					
						2021-09-24 05:22:30 -07:00 
						 
				 
			
				
					
						
							
							
								Colin Shea 
							
						 
					 
					
						
						
							
						
						d0cd67044e 
					 
					
						
						
							
							replace $scheme with X-Forwarded-Proto when enabled  
						
						
						
						
					 
					
						2021-09-24 05:14:38 -07:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						ae6caf158a 
					 
					
						
						
							
							Added variable matrix_nginx_proxy_request_timeout ( #1265 )  
						
						... 
						
						
						
						* add timeout param for nginx proxy
default value matrix_nginx_proxy_request_timeout is 60s
* default matrix_nginx_proxy_request_timeout - 60s
* few more variables for request timeout
* Update nginx.conf.j2
* Update nginx.conf.j2 
						
						
					 
					
						2021-09-03 10:00:45 +03:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						2e30802b87 
					 
					
						
						
							
							use group variables instead  
						
						
						
						
					 
					
						2021-08-11 15:21:09 +08:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						8238d65e5f 
					 
					
						
						
							
							simplify template conditional  
						
						
						
						
					 
					
						2021-08-11 14:19:19 +08:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						bfb61e776e 
					 
					
						
						
							
							GMH v0.5.7... maybe!  
						
						
						
						
					 
					
						2021-08-10 12:58:10 +08:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4105ba854b 
					 
					
						
						
							
							Merge pull request  #1147  from datenkollektiv-net/allow-custom-federation-fqn  
						
						... 
						
						
						
						Make federation domain customizable 
						
						
					 
					
						2021-07-20 09:12:16 +03:00 
						 
				 
			
				
					
						
							
							
								JokerGermany 
							
						 
					 
					
						
						
							
						
						9345d840be 
					 
					
						
						
							
							root path for the base domain is wrong ( #1189 )  
						
						... 
						
						
						
						* root path for the base domain
* Fix path when running in a container
Co-authored-by: Slavi Pantaleev <slavi@devture.com > 
						
						
					 
					
						2021-07-20 08:48:11 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						6294e58304 
					 
					
						
						
							
							Fix Content-Security-Policy for Element  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1154 
According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy ,
having both a header and the `<meta>`-tag provided by Element itself is
not a problem. The 2 CSP policies get combined. 
						
						
					 
					
						2021-07-01 12:41:05 +03:00 
						 
				 
			
				
					
						
							
							
								oxmie 
							
						 
					 
					
						
						
							
						
						5df4d68829 
					 
					
						
						
							
							Make federation domain customizable  
						
						
						
						
					 
					
						2021-06-30 23:02:27 +02:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						0217644b48 
					 
					
						
						
							
							Content-Security-Policy For Element Web  
						
						... 
						
						
						
						https://github.com/vector-im/element-web#configuration-best-practices  
					
						2021-06-18 23:27:23 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4880dcceb0 
					 
					
						
						
							
							Fix OCSP-stapling-related errors due to missing resolver  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-28 11:14:33 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						1ed0857019 
					 
					
						
						
							
							Fix syntax error  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024  
						
						
					 
					
						2021-05-25 11:45:17 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						4a4a7f136e 
					 
					
						
						
							
							changes added to hydrogen client  
						
						
						
						
					 
					
						2021-05-25 11:42:51 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						25e67b51d1 
					 
					
						
						
							
							Merge branch 'spantaleev:master' into master  
						
						
						
						
					 
					
						2021-05-25 11:40:56 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						3436f9c10a 
					 
					
						
						
							
							rename to matrix_nginx_proxy_hsts_preload_enabled  
						
						
						
						
					 
					
						2021-05-25 00:56:59 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						df2d91970d 
					 
					
						
						
							
							matrix_nginx_proxy_xss_protection  
						
						
						
						
					 
					
						2021-05-24 17:02:47 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						6f80292745 
					 
					
						
						
							
							Add OCSP stapling support and other SSL optimizations to Hydrogen vhost  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061 
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-21 13:40:37 +03:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						04548f8df2 
					 
					
						
						
							
							Merge branch 'master' into hydrogen  
						
						
						
						
					 
					
						2021-05-21 04:09:18 -05:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						9437f78c9e 
					 
					
						
						
							
							Build using custom config.json, add CSP, update to 0.1.53  
						
						
						
						
					 
					
						2021-05-21 03:45:21 -05:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						e9b878b9e9 
					 
					
						
						
							
							Optimize SSL session  
						
						
						
						
					 
					
						2021-05-18 19:39:43 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						e6afa05f7b 
					 
					
						
						
							
							Enable OCSP stapling for the federation port  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057 
Not sure if this is beneficial though. 
						
						
					 
					
						2021-05-18 08:15:42 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						57a6a98a50 
					 
					
						
						
							
							Fix incorrect SSL certificate path  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-18 07:58:47 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						b9c4e8ce16 
					 
					
						
						
							
							Merge pull request  #1057  from sakkiii/ssl_staple  
						
						... 
						
						
						
						Enable OCSP Stapling 
						
						
					 
					
						2021-05-18 07:50:35 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						d31b55b2a7 
					 
					
						
						
							
							SSL-enabled block only  
						
						
						
						
					 
					
						2021-05-18 03:24:06 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						e4dd933cf0 
					 
					
						
						
							
							Make missing /_synapse/admin correctly return 404 responses  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058 
We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.
For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints) 
						
						
					 
					
						2021-05-17 11:45:35 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						c05021640d 
					 
					
						
						
							
							Enable  OCSP Stapling  
						
						
						
						
					 
					
						2021-05-15 15:57:05 +05:30 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						ca361af616 
					 
					
						
						
							
							Add Hydrogen  
						
						
						
						
					 
					
						2021-05-15 04:23:36 -05:00