Commit Graph

482 Commits

Author SHA1 Message Date
Sabine Laszakovits
a06c58c753 Merge branch 'master' into signal 2021-01-01 21:05:00 +01:00
Aaron Raimist
3dd0517f04
Check for buggy version of Ansible that Ubuntu 20.04 provides 2020-12-26 20:13:49 -06:00
Slavi Pantaleev
c0a62d6c17 Mention base domain serving 2020-12-24 11:56:36 +02:00
Slavi Pantaleev
d023355d2e Fix typo 2020-12-24 11:43:35 +02:00
Slavi Pantaleev
6403904f59 Try to make DNS SRV setup sound scarier (which it is)
We've had people who get the impression that well-known = bad,
DNS SRV = good, and who try to use DNS SRV for server delegation.

While it's true that DNS SRV can be superior for high-availability
scenarios, it's much harder to set up and comes with its own potential
downsides.

Using the well-known method is more straightforward and is enough
for almost all of us. Throwing people into the deep for no good
reason is not nice. Hopefully wording is better after this patch.
2020-12-24 11:38:06 +02:00
Jan
4675c8a715
Update updating-users-passwords.md
Fixed markdown error
2020-12-23 11:23:09 +01:00
louis
dcd4716636 add option to disable nginx access log 2020-12-21 21:26:49 +01:00
Agustin Ferrario
a06feba281 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2020-12-18 10:22:43 +01:00
Slavi Pantaleev
e2e6cfaa8b Document Ansible's Python interpreter discovery some more
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/570

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/641
2020-12-16 18:14:52 +02:00
Slavi Pantaleev
db69a51653 Do not recommend usePrivilegedIntents for appservice-discord
We're getting reports of it being broken and I can confirm that the
bridge works well without it, so I don't see why we'd be asking
people to enable it.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/751
2020-12-16 16:26:15 +02:00
Agustin Ferrario
ff6db5fd3b Document the new variables for ngingx SSL config
The new variables created to the nginx reverse proxy are properly added
to the documentation.
2020-12-16 10:50:08 +01:00
Tomas Strand
6a3f6fbcb5
Missing ` in traefik domains instructions 2020-12-15 14:15:40 +02:00
Slavi Pantaleev
6e1dfb62f0 Rename some doc files and commands related to importing
Since we'll likely have generic SQLite database importing
via [pgloader](https://pgloader.io/) for migrating bridge
databases from SQLite to Postgres, we'd rather avoid
calling the "import Synapse SQLite database" command
as just `--tags=import-sqlite-db`.

Similarly, for the media store, we'd like to mention that it's
related to Synapse as well.

We'd like to be more explicit, so as to be less confusing,
especially in light of other homeserver implementations
coming in the future.
2020-12-14 01:51:00 +02:00
Slavi Pantaleev
bae4113422
Mention that we possibly obtain a Jitsi certificate 2020-12-12 01:44:34 +02:00
chagai95
d96d7f2a43
Adding jitsi as well 2020-12-12 00:24:38 +01:00
Slavi Pantaleev
47613e5a27 Remove synapse-janitor support
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/746
2020-12-11 23:24:42 +02:00
Slavi Pantaleev
c07c927d9f Automatically enable openid listeners when ma1sd enabled
ma1sd requires the openid endpoints for certain functionality.
Example: 90b2b5301c/src/main/java/io/kamax/mxisd/auth/AccountManager.java (L67-L99)

If federation is disabled, we still need to expose these openid APIs on the
federation port.

Previously, we were doing similar magic for Dimension.
As per its documentation, when running unfederated, one is to enable
the openid listener as well. As per their recommendation, people
are advised to do enable it on the Client-Server API port
and use the `federationUrl` variable to override where the federation
port is (making federation requests go to the Client-Server API).

Because ma1sd always uses the federation port (unless you do some
DNS overwriting magic using its configuration -- which we'd rather not
do), it's better if we just default to putting the `openid` listener
where it belongs - on the federation port.

With this commit, we retain the "automatically enable openid APIs" thing
we've been doing for Dimension, but move it to the federation port instead.
We also now do the same thing when ma1sd is enabled.
2020-12-08 16:59:20 +02:00
Mike
9713ac9617
fixes config.js
comments in config.js must begin with two slashes
2020-12-06 23:42:44 +01:00
Slavi Pantaleev
a5ae7e9ef0 Add self-building support to matrix-corporal 2020-12-04 01:48:08 +02:00
Slavi Pantaleev
05cecb5261 Merge branch 'discord-v1.0'
This may be a bit premature, because the bridge didn't work for me
the last time I tried it (RC3).

Some bugs have been fixed to make our config compatible with v1.0.0
though, so it may work for some people (especially those starting
fresh).

I'm not for shipping potentially broken things, but given that we were
using `docker.io/halfshot/matrix-appservice-discord:latest` and that
points to v1.0.0 already (with no other tag we can use), our setup was
already broken in any case.

Now, at least it has some chance of running.
2020-12-03 15:17:30 +02:00
Slavi Pantaleev
fa76128fd8 Update Jitsi to build 5142
This supersedes/fixes-up this Pull Request:
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/719

The Jitsi Web and JVB containers now (in build 5142) always
start by bulding their own default configuration
(`config.js` and `sip-communicator.properties`, respectively).

The fact that we were generating these files ourselves was no longer of use,
because our configuration was thrown away in favor of the one created
by the containers on startup.

With this commit, we're completely redoing things. We no longer
generate these configuration files. We try to pass the proper
environment variables, so that Jitsi services can generate the
configuration files themselves.

Besides that, we try to use the "custom configuration" mechanism
provided by Jitsi Web and Jitsi JVB (`custom-config.js` and
`custom-sip-communicator.properties`, respectively), so that
we and our users can inject additional configuration.

Some configuration options we had are gone now. Others are no longer
controllable via variables and need to be injected using
the `_config_extension` variables that we provide.

The validation logic that is part of the role should take care
to inform people about how to upgrade (if they're using some custom
configuration, which needs special care now). Most users should not
have to do anything special though.
2020-11-27 17:57:15 +02:00
Slavi Pantaleev
84c7c19068 Add jitsi.DOMAIN to sample Traefik 2.0 config
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/735
2020-11-27 13:30:00 +02:00
benkuly
58baa0ac30
Update configuring-playbook-bridge-matrix-bridge-sms.md 2020-11-25 15:39:14 +01:00
Slavi Pantaleev
47db2d5363
Merge pull request #730 from benkuly/master
updates matrix-sms-bridge (changed SMS provider)
2020-11-25 16:36:11 +02:00
Slavi Pantaleev
27c9014cb8 Improve uninstallation instructions
Also switches to using `docker system prune -a` for a less invasive
cleanup of Docker images and related resources.
2020-11-24 09:38:17 +02:00
benkuly
2fb42dd7f1 fixed typo in truststore path 2020-11-23 12:38:17 +01:00
benkuly
4713e5d5f7 updated matrix-sms-bridge to 0.5.0 2020-11-23 12:30:39 +01:00
Slavi Pantaleev
6dbb90258e Mention and recommend enabling usePrivilegedIntents 2020-11-13 08:23:40 +02:00
Slavi Pantaleev
d910df2b1c Announce Dynamic DNS support
Related to #681 (Github Pull Request)
2020-11-11 00:01:08 +02:00
Slavi Pantaleev
4d12a6f8e9
Merge pull request #681 from scottcrossen/slc/ddclient
Dynamic DNS
2020-11-10 23:54:21 +02:00
Slavi Pantaleev
2708f9aec7 Remove duplicate configuration in docs page
Related to #681 (Github Pull Request)
2020-11-10 23:50:44 +02:00
Slavi Pantaleev
5c5f828405 Use more YAML-like syntax for the dynamic DNS configurations
Related to #681 (Github Pull Request)
2020-11-10 23:49:36 +02:00
Slavi Pantaleev
73d5faa1f9 Fix variable name typo 2020-11-10 23:30:38 +02:00
Scott Crossen
59bb6b2971 responded to reviewer comments 2020-11-09 13:32:58 -08:00
Eneko Nieto
2c33aa3ec5 Fixed entrypoint name. 2020-11-09 00:03:15 +01:00
Eneko Nieto
c448aa54a1 Added docker-compose example for launching Traefik. 2020-11-08 22:39:08 +01:00
Scott Crossen
e894befd87 Updates to reviewer comments 2020-11-07 17:53:13 -08:00
Slavi Pantaleev
ef68d3d296 Add support for reverse-proxying /_synapse/oidc
This broke in 63a49bb2dc.

Proxying the OpenID Connect endpoints is now possible,
but needs to be enabled explicitly now.

Supersedes #702 (Github Pull Request).

This patch builds up on the idea from that Pull Request,
but does things in a cleaner way.
2020-11-02 11:10:03 +02:00
Aaron Raimist
c33d007306
Switch to the new vectorim/element-web Docker image 2020-10-29 11:46:58 -05:00
Sabine
cea2faa1b3 added docs for bridge permissions 2020-10-28 21:59:36 +01:00
Slavi Pantaleev
67d0f26463 Improve wording a bit 2020-10-27 20:41:52 +02:00
Slavi Pantaleev
5a7d265997 Fix Synapse Admin not working due to unexposed Synapse Admin APIs
Regression since 63a49bb2dc.

Related to #685 (Github Issue).

We now automatically expose the APIs when Synapse Admin is enabled.
2020-10-27 20:33:37 +02:00
Sabine Laszakovits
dd50ee19ab fixed bridge permissions 2020-10-25 21:42:40 +01:00
Sabine Laszakovits
d6940d9f10 added docs 2020-10-25 18:44:19 +01:00
Ivar Troost
1227349d0c
Fix docker mount instruction in documentation
The SSL certificates should be accessible to the nginx proxy container, not the synapse container.
2020-10-24 17:03:24 +02:00
Scott Crossen
8e6d7d9022 changed domain naming 2020-10-16 21:28:43 -07:00
Slavi Pantaleev
3fd198e89a Add notes about running Ansible on Ubuntu 20.04
Discussed in #669 (Github Issue).
2020-10-15 11:35:29 +03:00
Scott Crossen
1f988969a5 Added role for dynamic dns 2020-10-13 16:26:57 -07:00
Fanch
4d5068e283 add some doc about the run-docker-prune tag 2020-10-10 14:27:07 +02:00
Slavi Pantaleev
898f319e11 Add additional notice to SQLite importing docs 2020-10-07 09:06:59 +03:00
Hardy Erlinger
ee8dd44837 Use up-to-date PostgreSQL container version for backups. 2020-10-02 22:53:06 +02:00
Slavi Pantaleev
23daec748c Require Ansible v2.7 or newer (because of items2dict and dict2items)
Interestingly, no one has reported this failure before #662 (Github
Issue).

It doesn't make sense to keep saying that we support such old Ansible
versions, when we're not even testing on anything close to those.

Time is also passing and such versions are getting more and more
ancient. It's time we bumped our requirements to something that is more
likely to work.
2020-10-02 11:53:19 +03:00
jens quade
8029ca59c9
Update configuring-playbook-dimension.md
Improved formatting for a header that was attached to the previous paragraph (...by inserting a newline).
2020-09-16 13:14:29 +02:00
Slavi Pantaleev
6300c87396
Merge pull request #647 from banym/jitsi-ldap-docs-example
Update configuring-playbook-jitsi.md
2020-09-13 09:48:47 +03:00
Dominik Zajac
b0511603fd
Update configuring-playbook-jitsi.md
modified example for jitsi ldap authentication to show all available variables.
2020-09-12 22:10:41 +02:00
Aaron Raimist
77635c4529
Fix links to using your own webserver doc 2020-09-12 14:11:16 -05:00
Aki Salminen
5733f4d157
Update configuring-playbook-telemetry.md
Change anonymized to more proper term as server vice this is not anonymized. Server name is the first parameter that is collected. And if server happens to be for individual use these statistics would be at personal level without any anonymising.
2020-09-07 17:14:34 +03:00
Slavi Pantaleev
4ef873ceb0 Clarify Discord bridging docs 2020-09-03 16:31:27 +03:00
Slavi Pantaleev
1fd81835b6 Mention CAPTCHA for public-registration servers 2020-09-01 14:00:17 +03:00
Slavi Pantaleev
7901293438 Relocate docs page for consistency 2020-09-01 13:47:58 +03:00
Slavi Pantaleev
da38a7869f Add matrix-registration support 2020-09-01 13:46:05 +03:00
Slavi Pantaleev
e3dca2f66f Try to avoid Docker logs growing too much for one-off containers
We recently had a report of the Postgres backup container's log file
growing the size of /var/lib/docker until it ran out of disk space.

Trying to prevent similar problems in the future.
2020-09-01 09:03:48 +03:00
Slavi Pantaleev
daf13107a0 Add support for rust-synapse-compress-state 2020-08-21 13:53:39 +03:00
Slavi Pantaleev
073c96a3fd Be more clear that Corporal requires Shared Secret Auth 2020-08-19 09:29:39 +03:00
merklaw
48b93091f9 Revert notes about the docker package being needed 2020-08-05 16:38:39 +02:00
merklaw
a460420b34 Better wording 2020-08-05 15:59:52 +02:00
merklaw
0cd243095d The docker package is a requirement and was not previously mentioned 2020-08-05 12:49:40 +02:00
merklaw
205c15a80b Add note about certificate exceptions when using self-signed 2020-08-05 12:47:32 +02:00
merklaw
e167b80f94 Added notes about disabling ma1sd 2020-08-05 12:46:30 +02:00
merklaw
f57b2f6e92 Better wording 2020-08-05 12:45:44 +02:00
Slavi Pantaleev
fffe9da5a9 Mention self-building support for synapse-admin
Related to #620 (Github Pull Request).
2020-08-04 17:24:31 +03:00
vaivars
e73b863329
Change the url to reflect the most common usecase 2020-07-30 10:52:49 +03:00
vaivars
fad1f72df8
Add a secondary option on how to get access token
Potentially the CURLing could be a better approach, since then you don't leave spare sessions hanging.
2020-07-29 19:53:39 +03:00
Slavi Pantaleev
196eb2da70
Merge pull request #607 from matthiasjo/docs_traefik_synapse_admin
Added config sample for synapse admin with traefik 2
2020-07-27 07:17:10 +03:00
Matthias
95954fda43
Update configuring-playbook-synapse-admin.md 2020-07-26 21:27:54 +02:00
Matthias
f005049dbe
Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Matthias
038b398d0e added config sample for synapse admin with traefik 2 2020-07-26 17:31:43 +02:00
Slavi Pantaleev
f404a771cf
Try to improve wording a bit 2020-07-26 18:24:53 +03:00
rebru
8a0d8651d0
Update configuring-playbook-ma1sd.md
Add an example to open all domains for registration in relation to black- and whitelists.
2020-07-25 23:50:36 +02:00
Slavi Pantaleev
16251355d9 Add information about deleting SSL renewal config 2020-07-23 08:15:18 +03:00
Slavi Pantaleev
b2ae669566 Add synapse-admin support
Fixes #562 (Github Issue)
2020-07-22 08:10:26 +03:00
Slavi Pantaleev
0fe1899d96
Be explicit about the type of DNS record to use
Fixes #595 (Github Issue)
2020-07-21 11:20:00 +00:00
Slavi Pantaleev
6fe477c2fd Improve wording a bit 2020-07-20 14:24:49 +03:00
Slavi Pantaleev
78b1ef9a5f Add support for matrix-reminder-bot 2020-07-20 14:13:08 +03:00
Rónán Duddy
46f1137c42
Update configuring-dns.md
Adding a comment with regard to DNS propagation
2020-07-19 15:05:27 +01:00
Slavi Pantaleev
c3284d6f03 Improve Riot -> Element migration docs a bit 2020-07-17 18:56:40 +03:00
Slavi Pantaleev
484fccecdb Fix incorrect directory name 2020-07-17 12:10:06 +03:00
Slavi Pantaleev
c6ab1c6a90 Riot is now Element
Fixes #586 (Github Issue)
2020-07-17 11:31:20 +03:00
Slavi Pantaleev
4eb87c1dcb Add more notes on migrating data from another installation
Related to #583 (Github Issue).
2020-07-14 16:25:39 +03:00
bertiebaggio
866d6fc1c9 Fix sed formatting 2020-07-13 15:12:17 +01:00
bertiebaggio
000b482d18 Add 'Troubleshooting' w/workaround for ownership
If a Postgres dump contains ALTER TABLE ... OWNER_TO <username>
statements which set the owner to a username different from
'synapse' the post Postgres import task will fail complaining
about lack of role.

Changing the matrix_postgres_connection_username group var has no
effect. However, the ALTER TABLE statements (and accompanying comments)
can be rewritten to change the username to 'synapse', which permits the
import task to succeed.

From a sample of 1, having the owner set in this was causes no
discernable side effects on the homeserver.
2020-07-13 15:03:24 +01:00
Julian Strobl
c23a0620f2 Fix default SSL path for federation api in docs
One could also remove the two variables from the docs completely,
because they are set by the playbook automatically.

Error: javax.net.ssl.SSLPeerUnverifiedException: Certificate for
<matrix.<your-domain>> doesn't match any of the subject alternative
names: [<your-domain>]

Fixes #577 (Github Issue).
2020-07-13 14:13:56 +03:00
Slavi Pantaleev
0074ca646e Improve Goofys documentation example for GCS
Fixes #573 (Github Issue).
2020-07-12 09:50:39 +03:00
Panagiotis Vasilopoulos
8b19ceb6fc
Fixed Steam link 2020-07-05 10:26:34 +03:00
Slavi Pantaleev
b6b5435746 Fix some broken links 2020-07-04 14:20:02 +03:00
Slavi Pantaleev
f7e4281751
Simplify enabling recaptcha instructions a bit 2020-07-04 09:35:20 +03:00
Justin Croonenberghs
b2a0830638 Better URL for reCAPTCHA doc 2020-07-03 19:10:00 -05:00
Justin Croonenberghs
1f21f0c09a Add variables for reCAPTCHA validation 2020-07-03 18:33:25 -05:00
Slavi Pantaleev
a8f7ccf3f3 Announce mx-puppet-steam bridging support
Related to #557 (Github Pull Request).
2020-07-03 12:10:57 +03:00
Hugues Morisset
57f498217a Add mx-puppet-steam 2020-07-01 21:01:00 +02:00