Agustin Ferrario 
							
						 
					 
					
						
						
							
						
						2082242499 
					 
					
						
						
							
							Add matrix_nginx_proxy_ssl_config  
						
						... 
						
						
						
						A new variable called `matrix_nginx_proxy_ssl_config` is created for
configuring how the nginx proxy configures SSL. Also a new configuration
validation option and other auxiliary variables are created.
A new variable configuration called `matrix_nginx_proxy_ssl_config` is
created. This allow to set the SSL configuration easily using the
default options proposed by Mozilla. The default configuration is set to
"Intermediate", removing the weak ciphers used in the old
configurations.
The new variable can also be set to "Custom" for a more granular control.
This allows to set another three variables called:
- `matrix_nginx_proxy_ssl_protocols`,
- `matrix_nginx_proxy_ssl_prefer_server_ciphers`
- `matrix_nginx_proxy_ssl_ciphers`
Also a new task is added to validate the SSL configuration variable. 
						
						
					 
					
						2020-12-16 10:35:37 +01:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						8c02f7b79b 
					 
					
						
						
							
							Upgrade services  
						
						
						
						
					 
					
						2020-12-07 15:18:03 +02:00 
						 
				 
			
				
					
						
							
							
								Marcel Partap 
							
						 
					 
					
						
						
							
						
						b73ac965ac 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/master' into synapse-workers  
						
						
						
						
					 
					
						2020-12-01 21:24:26 +01:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						ccabc82d4c 
					 
					
						
						
							
							Use more fully-qualified container images  
						
						... 
						
						
						
						This is both for consistency with 93cc71cb69976c
and for making things more obvious. 
						
						
					 
					
						2020-11-14 23:01:11 +02:00 
						 
				 
			
				
					
						
							
							
								Marcel Partap 
							
						 
					 
					
						
						
							
						
						4678c5d7bd 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/master' into synapse-workers  
						
						... 
						
						
						
						Also, replace vague FIXME by a proper NOTE on the complete
story of the user_dir endpoints.. 
						
						
					 
					
						2020-11-11 21:26:08 +01:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4d12a6f8e9 
					 
					
						
						
							
							Merge pull request  #681  from scottcrossen/slc/ddclient  
						
						... 
						
						
						
						Dynamic DNS 
						
						
					 
					
						2020-11-10 23:54:21 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						1427286cec 
					 
					
						
						
							
							Integrate matrix-dynamic-dns with matrix-nginx-proxy without causing a dependency  
						
						... 
						
						
						
						We'd like the roles to be self-contained (as much as possible).
Thus, the `matrix-nginx-proxy` shouldn't reference any variables from
other roles. Instead, we rely on injection via
`group_vars/matrix_servers`.
Related to #681  (Github Pull Request) 
						
						
					 
					
						2020-11-10 23:49:36 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						235299939d 
					 
					
						
						
							
							Upgrade nginx (1.19.3 -> 1.19.4)  
						
						
						
						
					 
					
						2020-11-10 09:30:00 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						350c39d745 
					 
					
						
						
							
							Update comment  
						
						
						
						
					 
					
						2020-11-02 11:13:25 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						ef68d3d296 
					 
					
						
						
							
							Add support for reverse-proxying /_synapse/oidc  
						
						... 
						
						
						
						This broke in 63a49bb2dc#702  (Github Pull Request).
This patch builds up on the idea from that Pull Request,
but does things in a cleaner way. 
						
						
					 
					
						2020-11-02 11:10:03 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						9a46647010 
					 
					
						
						
							
							Make  https://matrix.DOMAIN/  redirect to  https://element.DOMAIN/  
						
						... 
						
						
						
						Fixes  #696  (Github Issue) 
					
						2020-10-28 10:39:12 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4700e80389 
					 
					
						
						
							
							Raise standalone default Matrix Client API client_max_body_size  
						
						... 
						
						
						
						We do this to match Synapse's new default "max_upload_size" (50MB).
This `matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb`
default value only affects standalone usage of the `matrix-nginx-proxy`
role. When the role is used in the context of the playbook,
the value is dynamically assigned from `group_vars/matrix_servers`.
Somewhat related to #692  (Github Issue). 
						
						
					 
					
						2020-10-28 10:02:47 +02:00 
						 
				 
			
				
					
						
							
							
								Marcel Partap 
							
						 
					 
					
						
						
							
						
						2d1b9f2dbf 
					 
					
						
						
							
							synapse workers: reworkings + get endpoints from upstream docs via awk  
						
						... 
						
						
						
						(yes, a bit awkward and brittle… xD) 
						
						
					 
					
						2020-10-28 07:13:19 +01:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						63a49bb2dc 
					 
					
						
						
							
							Do not expose /_synapse/admin publicly by default  
						
						... 
						
						
						
						Fixes  #685  (Github Issue). 
					
						2020-10-26 10:36:38 +02:00 
						 
				 
			
				
					
						
							
							
								Marcel Partap 
							
						 
					 
					
						
						
							
						
						87bd64ce9e 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/master' into synapse-workers  
						
						
						
						
					 
					
						2020-10-23 23:45:07 +02:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						b65bfc38ce 
					 
					
						
						
							
							Update nginx (1.19.2 -> 1.19.3)  
						
						
						
						
					 
					
						2020-10-14 06:23:33 -05:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						d250727e8b 
					 
					
						
						
							
							Upgrade certbot (1.7.0 -> 1.9.0)  
						
						
						
						
					 
					
						2020-10-13 09:44:32 +03:00 
						 
				 
			
				
					
						
							
							
								Max Klenk 
							
						 
					 
					
						
						
							
						
						fc2edcbecf 
					 
					
						
						
							
							fix media routing  
						
						
						
						
					 
					
						2020-09-18 10:45:01 +02:00 
						 
				 
			
				
					
						
							
							
								Max Klenk 
							
						 
					 
					
						
						
							
						
						132daba1af 
					 
					
						
						
							
							fix worker routes  
						
						
						
						
					 
					
						2020-09-18 10:18:32 +02:00 
						 
				 
			
				
					
						
							
							
								Max Klenk 
							
						 
					 
					
						
						
							
						
						06bc430c7c 
					 
					
						
						
							
							refactor to use new workers and routes they serve  
						
						
						
						
					 
					
						2020-08-28 13:53:39 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						fc1655cd4b 
					 
					
						
						
							
							Merge pull request  #633  from thedanbob/certbot-1.7.0  
						
						... 
						
						
						
						Update certbot (1.6.0 -> 1.7.0) 
						
						
					 
					
						2020-08-17 16:47:12 +03:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						c8754f422a 
					 
					
						
						
							
							Update certbot (1.6.0 -> 1.7.0)  
						
						
						
						
					 
					
						2020-08-16 15:01:13 -05:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						8d373409b8 
					 
					
						
						
							
							Update nginx (1.19.1 -> 1.19.2)  
						
						
						
						
					 
					
						2020-08-16 14:59:48 -05:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						c6ab1c6a90 
					 
					
						
						
							
							Riot is now Element  
						
						... 
						
						
						
						Fixes  #586  (Github Issue) 
					
						2020-07-17 11:31:20 +03:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						c47a55d170 
					 
					
						
						
							
							Update nginx (1.19.0 -> 1.19.1) and certbot (1.5.0 -> 1.6.0)  
						
						
						
						
					 
					
						2020-07-16 06:34:14 -05:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						88a4a3ab55 
					 
					
						
						
							
							Update components  
						
						
						
						
					 
					
						2020-06-06 08:25:27 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						7a2dbdc2d7 
					 
					
						
						
							
							Update components  
						
						
						
						
					 
					
						2020-05-19 15:06:35 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						554da8338a 
					 
					
						
						
							
							Merge pull request  #463  from hooger/architecture  
						
						... 
						
						
						
						Architecture 
						
						
					 
					
						2020-04-20 16:45:59 +03:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						e2de6a1569 
					 
					
						
						
							
							Update nginx (1.17.9 -> 1.17.10)  
						
						
						
						
					 
					
						2020-04-19 08:38:53 -05:00 
						 
				 
			
				
					
						
							
							
								Horvath Gergely 
							
						 
					 
					
						
						
							
						
						bd61598faf 
					 
					
						
						
							
							add experimental(?) architecture support for arm32 and arm64  
						
						... 
						
						
						
						the changes are necessary because certbot images are tagged, so docker does not recognize the necessary architecture 
						
						
					 
					
						2020-04-18 22:55:19 +02:00 
						 
				 
			
				
					
						
							
							
								Marcel Partap 
							
						 
					 
					
						
						
							
						
						874e2e1fc0 
					 
					
						
						
							
							Rename variables (s/mxisd/ma1sd/) and adapt roles  
						
						
						
						
					 
					
						2020-04-02 11:31:38 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						8bcc9712d0 
					 
					
						
						
							
							Make follow_redirects configurable when checking /.well-known/matrix/client  
						
						... 
						
						
						
						Discussed in #101  (Github Issue). 
						
						
					 
					
						2020-03-31 11:45:32 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						cdd9ee1962 
					 
					
						
						
							
							Add Jitsi support  
						
						
						
						
					 
					
						2020-03-23 17:19:15 +02:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						c7440b723a 
					 
					
						
						
							
							Update certbot (1.2.0 -> 1.3.0)  
						
						
						
						
					 
					
						2020-03-18 06:54:10 -05:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						4065d74a5f 
					 
					
						
						
							
							Update nginx (1.17.8 -> 1.17.9)  
						
						
						
						
					 
					
						2020-03-18 06:53:59 -05:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						da98a06553 
					 
					
						
						
							
							Merge pull request  #377  from thedanbob/certbot-1.2.0  
						
						... 
						
						
						
						Update certbot (1.0.0 -> 1.2.0) 
						
						
					 
					
						2020-02-12 13:58:32 +01:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						bb08022623 
					 
					
						
						
							
							Update certbot (1.0.0 -> 1.2.0)  
						
						
						
						
					 
					
						2020-02-12 06:56:25 -06:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						74235df820 
					 
					
						
						
							
							Update nginx (1.17.7 -> 1.17.8)  
						
						
						
						
					 
					
						2020-02-12 06:52:11 -06:00 
						 
				 
			
				
					
						
							
							
								Daniel Hoffend 
							
						 
					 
					
						
						
							
						
						b280b05c25 
					 
					
						
						
							
							matrix-nginx-proxy: adding additional configuration blocks  
						
						
						
						
					 
					
						2020-02-10 23:42:41 +01:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						f18037ae42 
					 
					
						
						
							
							Disable TLSv1.1 by default  
						
						
						
						
					 
					
						2020-01-30 12:56:20 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						a84a24d9f5 
					 
					
						
						
							
							Upgrade nginx (1.17.6 -> 1.17.7)  
						
						
						
						
					 
					
						2020-01-11 17:32:02 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						89dbe5cfc5 
					 
					
						
						
							
							Add the ability to control the certbot HTTP bind port  
						
						... 
						
						
						
						Fixes  #330  (Github Issue). 
					
						2019-12-19 09:07:24 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						a78002f12b 
					 
					
						
						
							
							Upgrade certbot (0.40.1 -> 1.0.0)  
						
						
						
						
					 
					
						2019-12-13 14:52:29 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						ca3b158d94 
					 
					
						
						
							
							Add support to matrix-nginx-proxy to work in HTTP-only mode  
						
						
						
						
					 
					
						2019-12-06 11:53:15 +02:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						24646dc506 
					 
					
						
						
							
							Update nginx (1.17.5 -> 1.17.6)  
						
						
						
						
					 
					
						2019-11-21 09:38:59 -06:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						140002ed49 
					 
					
						
						
							
							Update certbot (0.38.0 -> 0.40.1)  
						
						
						
						
					 
					
						2019-11-13 15:19:38 -06:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						9b187eca8f 
					 
					
						
						
							
							Update nginx (1.17.4 -> 1.17.5)  
						
						
						
						
					 
					
						2019-10-29 11:08:56 -05:00 
						 
				 
			
				
					
						
							
							
								Paul Tötterman 
							
						 
					 
					
						
						
							
						
						aabb16d78b 
					 
					
						
						
							
							Fix spelling ngnix -> nginx  
						
						
						
						
					 
					
						2019-10-04 11:07:37 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						810d0fb0e4 
					 
					
						
						
							
							Make it possible to serve static websites from the base domain  
						
						
						
						
					 
					
						2019-10-03 11:24:04 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						1dd1f9602f 
					 
					
						
						
							
							Merge pull request  #271  from thedanbob/certbot-0.38  
						
						... 
						
						
						
						Update certbot (0.37.1 -> 0.38.0) 
						
						
					 
					
						2019-09-25 16:31:36 +03:00