Commit Graph

2390 Commits

Author SHA1 Message Date
Slavi Pantaleev
964aa0e84d Switch to using an external Ntfy role
The newly extracted role also has native Traefik support,
so we no longer need to rely on `matrix-nginx-proxy` for
reverse-proxying to Ntfy.

The new role uses port `80` inside the container (not `8080`, like
before), because that's the default assumption of the officially
published container image. Using a custom port (like `8080`), means the
default healthcheck command (which hardcodes port `80`) doesn't work.
Instead of fiddling to override the healthcheck command, we've decided
to stick to the default port instead. This only affects the
inside-the-container port, not any external ports.

The new role also supports adding the network ranges of the container's
multiple additional networks as "exempt hosts". Previously, only one
network's address range was added to "exempt hosts".
2023-02-17 09:54:33 +02:00
Slavi Pantaleev
38c4e464c1 Fix self-check for Hydrogen and Cinny when running under a subpath 2023-02-17 09:20:22 +02:00
Aine
954920dd4f Update ntfy 1.31.0 -> 2.0.0 2023-02-16 20:00:00 +00:00
Slavi Pantaleev
8fd8f12a0d Merge pull request #2493 from etkecc/patch-174
Update mautrix-whatsapp 0.8.1 -> 0.8.2
2023-02-16 20:08:50 +02:00
Aine
64ec1db077 Update mautrix-whatsapp 0.8.1 -> 0.8.2 2023-02-16 18:03:18 +00:00
Aine
649f6512ca Update mautrix-discord 0.1.0 -> 0.1.1 2023-02-16 18:02:25 +00:00
Slavi Pantaleev
bb7895678c Fix typo 2023-02-15 11:48:27 +02:00
Aine
4fe6015464 Update ntfy 1.30.1 -> 1.31.0 2023-02-15 09:02:36 +00:00
Slavi Pantaleev
7c5826f1c3 Break dependency between matrix-prometheus-nginxlog-exporter and the Grafana role
Wiring happens via `group_vars/matrix_servers` now.
2023-02-15 10:52:25 +02:00
Slavi Pantaleev
1006b8d899 Replace matrix-grafana with an external role 2023-02-15 10:32:24 +02:00
Slavi Pantaleev
94124263a7 Add matrix_prometheus_container_network/matrix_prometheus_container_additional_networks 2023-02-15 08:56:11 +02:00
Slavi Pantaleev
0b9dc56edf Add type support to matrix_coturn_container_additional_volumes
.. and try to auto-switch between `bind` and `volume` depending on
whether there's a slash in the `src` path.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2482
2023-02-15 06:03:55 +02:00
Slavi Pantaleev
1f0da1103a Merge pull request #2485 from etkecc/patch-171
update postmoogle 0.9.13 -> 0.9.14
2023-02-14 22:48:51 +02:00
Slavi Pantaleev
c85d48c45c Remove Traefik labels for Hydrogen & Cinny from matrix-nginx-proxy
Related to 6a52be7987 and 28e7ef9c71f02
2023-02-14 22:46:34 +02:00
Aine
4045d72e7b update postmoogle 0.9.13 -> 0.9.14
* make banlist consistent
* proper multi-error message
* ignore "." MX hosts
* try recipient domain directly, even when MX records found, but failed
2023-02-14 20:04:27 +00:00
Slavi Pantaleev
4d24e9bb7f Merge pull request #2484 from etkecc/patch-170
Update synapse 1.76.0 -> 1.77.0
2023-02-14 20:03:33 +02:00
Aine
3570808633 Update synapse 1.76.0 -> 1.77.0 2023-02-14 17:50:55 +00:00
Aine
c98f40c836 Update hydrogen 0.3.7 -> 0.3.8 2023-02-14 17:49:16 +00:00
Slavi Pantaleev
51cfd7b777 Merge pull request #2481 from moan0s/update
Bump element version
2023-02-14 15:29:34 +02:00
Julian-Samuel Gebühr
6727aa55ec Bump element version
Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net>
2023-02-14 13:36:04 +01:00
Slavi Pantaleev
f28e7ef9c7 Add (native) Traefik support to matrix-client-cinny
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now
2023-02-14 11:29:53 +02:00
Slavi Pantaleev
3bace0c7b9 Add matrix_synapse_admin_hostname and rename matrix_synapse_admin_public_endpoint (to matrix_synapse_admin_path_prefix) 2023-02-14 11:05:39 +02:00
Slavi Pantaleev
2e74187050 Add matrix_client_element_hostname and matrix_client_element_path_prefix variables 2023-02-14 11:02:18 +02:00
Slavi Pantaleev
eb7292f274 Add matrix_client_hydrogen_hostname and fix Hydrogen serving at non-root-path 2023-02-14 10:57:13 +02:00
Slavi Pantaleev
6a52be7987 Add (native) Traefik support to matrix-client-hydrogen
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now

Serving at a path other than `/` doesn't work well yet.
2023-02-14 09:58:35 +02:00
Slavi Pantaleev
64e2b26ed5 Fix Hydrogen failing to start
We were mounting our own configuration to
`/usr/share/nginx/html/config.json`, which is a symlink to
`/tmp/config.json`. So we effectively mount our file to
`/tmp/config.json`.

When starting:

- if Hydrogen sees a `CONFIG_OVERRIDE` environment variable,
  it will try to save it into our read-only config file and fail.

- if Hydrogen doesn't see a `CONFIG_OVERRIDE` environment variable (the
  path we go through, because we don't pass such a variable),
  it will try to copy its bundled configuration (`/config.json.bundled`)
  to `/tmp/config.json`. Because our configuration is mounted as read-only, it will
  fail.

In both cases, it will fail with:

> cp: can't create '/tmp/config.json': File exists

Source: 3720de36bb/docker/dynamic-config.sh

We work around this by mounting our configuration on top of the bundled
one (`/config.json.bundled`). We then let Hydrogen's startup script copy
it to `/tmp/config.json` (a tmpfs we've mounted into the container) and use it from there.
2023-02-14 09:49:22 +02:00
Slavi Pantaleev
799cbb44fb Add the ability to control (Traefik) routing priority for Element and synapse-admin
This may proof useful to someone in the future.
2023-02-14 09:04:50 +02:00
Slavi Pantaleev
5c7cd70684 Make use of the existing matrix_synapse_admin_public_endpoint variable 2023-02-14 08:51:20 +02:00
Slavi Pantaleev
c33ed94352 Add security headers to synapse-admin (on Traefik)
We've had it on `matrix-nginx-proxy` before, but
our initial support for Traefik did not include any of these security
headers.
2023-02-14 08:49:04 +02:00
Slavi Pantaleev
71597132e0 Move around some matrix-client-element variables 2023-02-14 08:45:32 +02:00
Slavi Pantaleev
5ab5f28d14 Add support for running synapse-admin (on Traefik) at the root path
Previously, we had to run it at a subpath, like `/synapse-admin`.

We can now dedicate a whole domain and the `/` path to it, should we
wish to do so.
2023-02-14 08:42:50 +02:00
Slavi Pantaleev
ff1338e003 Add support for hosting Element (on Traefik) at a subpath 2023-02-14 08:31:26 +02:00
Slavi Pantaleev
e34174b1b4 Add various security headers to matrix-client-element when behind Traefik 2023-02-13 19:03:20 +02:00
Slavi Pantaleev
e51e4eec09 Add (native) Traefik support to matrix-client-element
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now
2023-02-13 19:03:20 +02:00
Slavi Pantaleev
f2ed5e4b04 Delete /matrix/nginx-proxy/conf.d/matrix-client-element.conf if matrix_nginx_proxy_proxy_element_enabled not enabled 2023-02-13 19:03:20 +02:00
Aine
9f820a506a Update postmoogle 0.9.12 -> 0.9.13
* live SSL certificates reload on file changes (e.g., on automatic certs renewal)
* print all errors when trying connection to an SMTP server
2023-02-13 14:08:09 +00:00
Slavi Pantaleev
31aa87fdb6 Merge pull request #2475 from etkecc/patch-167
Update coturn 4.6.1-r1 -> 4.6.1-r2
2023-02-13 15:12:37 +02:00
Slavi Pantaleev
3d9aa8387e Add (native) Traefik support to synapse-admin
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now.
2023-02-13 15:08:42 +02:00
Aine
f6f7bbd2a1 Update coturn 4.6.1-r1 -> 4.6.1-r2 2023-02-13 12:54:55 +00:00
Slavi Pantaleev
38904c08b0 Wire backup_borg_username
It's probably unnecessary, as this user is only used in the borg container
internally, but.. It doesn't hurt to set it to `matrix`.
2023-02-13 11:01:54 +02:00
Slavi Pantaleev
78c35136b2 Replace matrix-backup-borg with an external role 2023-02-13 10:53:11 +02:00
td
af10d350bc fix: missing endif in client well-known 2023-02-13 12:32:43 +05:30
Jayesh Nirve
6939a3d6d3 fix: only add element related entries to client well-known if element is enabled (#2453)
* fix: only add element related entries to client well-known if element is enabled

* Fix matrix-base/defaults/main.yml syntax

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2023-02-13 08:36:20 +02:00
Array in a Matrix
79413e7717 updated dendrite 2023-02-12 13:09:53 -05:00
Slavi Pantaleev
f1a1ce8a91 Merge pull request #2464 from spantaleev/traefik
Reverse-proxy configuration changes and initial Traefik support
2023-02-12 16:05:56 +02:00
Catalan Lover
cba63bd4b9 Upgrade Drapunir from 1.8.0 Beta to 1.8.0 release. 2023-02-11 23:51:13 +01:00
Slavi Pantaleev
6b0650641b Update matrix_playbook_reverse_proxy_type documentation 2023-02-11 08:58:53 +02:00
Slavi Pantaleev
8309a21303 Rename reverse proxy types and fix Hookshot http/https urlPrefix issue 2023-02-11 08:44:11 +02:00
Slavi Pantaleev
3f2cb840b9 Merge branch 'master' into traefik 2023-02-11 07:46:35 +02:00
Slavi Pantaleev
ad22bdb884 Do not run matrix-user-verification-service validation tasks unless the service is enabled 2023-02-10 19:40:03 +02:00