Commit Graph

117 Commits

Author SHA1 Message Date
6d253ff571 Switch to a better riot-web image (avhost/docker-matrix-riot -> bubuntux/riot-web)
The new container image is about 20x smaller in size, faster to start up, etc.

This also fixes #26 (Github issue).
2019-01-11 21:20:21 +02:00
14a237885a Fix missing SMTP configuration for mxisd
Regression since 9a9b7383e9.
2019-01-11 20:26:40 +02:00
9a9b7383e9 Completely redo how mxisd configuration gets generated
This change is provoked by a few different things:

- #54 (Github Pull Request), which rightfully says that we need a
way to support ALL mxisd configuration options easily

- the upcoming mxisd 1.3.0 release, which drops support for
property-style configuration (dot-notation), forcing us to
redo the way we generate the configuration file

With this, mxisd is much more easily configurable now
and much more easily maintaneable by us in the future
(no need to introduce additional playbook variables and logic).
2019-01-11 19:33:54 +02:00
46c5d11d56 Update components 2019-01-10 19:29:56 +02:00
b222d26c86 Switch to managing cronjobs with the Ansible cron module
As suggested in #65 (Github issue), this patch switches
cronjob management from using templates to using Ansible's `cron` module.

It also moves the management of the nginx-reload cronjob to `setup_ssl_lets_encrypt.yml`,
which is a more fitting place for it (given that this cronjob is only required when
Let's Encrypt is used).

Pros:
- using a module is more Ansible-ish than templating our own files in
special directories

- more reliable: will fail early (during playbook execution) if `/usr/bin/crontab`
is not available, which is more of a guarantee that cron is working fine
(idea: we should probably install some cron package using the playbook)

Cons:
- invocation schedule is no longer configurable, unless we define individual
variables for everything or do something smart (splitting on ' ', etc.).
Likely not necessary, however.

- requires us to deprecate and clean-up after the old way of managing cronjobs,
because it's not compatible (using the same file as before means appending
additional jobs to it)
2019-01-08 12:52:03 +02:00
4c2e1a0588 Make SQLite database import work with server files, not local
This is a simplification and a way to make it consistent with
how we do Postgres imports (see 6d89319822), using
files coming from the server, not from the local machine.
2019-01-01 15:21:52 +02:00
6d89319822 Add support for importing an existing Postgres database 2019-01-01 14:45:37 +02:00
b9b5674b8a Lowercase host_specific_hostname_identity to prevent troubles
If uppercase is used, certain tools (like certbot) would cause trouble.
They would retrieve a certificate for the lowercased domain name,
but we'd try to use it from an uppercase-named directory, which will
fail.

Besides certbot, we may experience other trouble too.
(it hasn't been investigated how far the breakage goes).

To fix it all, we lowercase `host_specific_hostname_identity` by default,
which takes care of the general use-case (people only setting that
and relying on us to build the other domain names - `hostname_matrix`
and `hostname_riot`).

For others, who decide to override these other variables directly
(and who may work around us and introduce uppercase there directly),
we also have the sanity-check tool warn if uppercase is detected
in any of the final domains.
2018-12-23 19:25:57 +02:00
d28bdb3258 Add support for 2 more SSL certificate retrieval methods
Adds support for managing certificates manually and for
having the playbook generate self-signed certificates for you.

With this, Let's Encrypt usage is no longer required.

Fixes Github issue #50.
2018-12-23 11:00:12 +02:00
bfcba5256e Upgrade mxisd (1.2.1 -> 1.2.2) 2018-12-23 08:49:21 +02:00
57ee350420 Raise default timeout value for matrix-corporal
This is in line with what the recommendation is for matrix-corporal.

A value higher than 30 seconds is required to satisfy Riot
(and other clients') default long-polling behavior.
2018-12-21 12:19:16 +02:00
cc9d3aef59 Upgrade matrix-corporal (1.2.1 -> 1.2.2) 2018-12-21 11:55:35 +02:00
40626ff8df Upgrade Synapse (0.33.9/Python 2 -> 0.33.4/Python 3) 2018-12-21 10:15:58 +02:00
b9e5ad6c66 Upgrade Docker images for various components 2018-12-20 15:10:53 +02:00
97280c7cc1 Change Goofys Docker image (clodproto/goofys -> ewoutp/goofys)
The new image is built in a much better way (2-stage build)
and is 10x smaller.

In terms of Goofys version recency, it's about the same..
Both images (and others alike) seem to not use version tags,
but rather some `:latest` (master), with ewoutp/goofys being a bit
more recent than clodproto/goofys.

Not using version tags is good (in this case),
because the last Goofys release seems to be from about a year ago
and there had been a bunch of bugfixes afterwards.
2018-12-20 14:30:24 +02:00
b11a4c07a8 Upgrade mxisd (1.2.0 -> 1.2.1) 2018-12-13 10:18:56 +09:00
57bfb970a9 Enable support for custom HTML in riot-web homepage
* Add default template file for homepage HTML
* Add default riot-web config options for homepage
2018-12-11 13:48:54 +00:00
22523c0e42 Support configuring mxisd's identity stores (two of them)
mxisd supports several identity stores. Add support to configure two of them:

* synapseSql (storing identities directly in Synapse's database)
* LDAP

This removed the need to copy `mxisd.yaml.j2` to the inventory in case one wants
to use LDAP as identity store. Note that the previous solution (copying
`mxisd.yaml.j2` was poor because of two reasons:

* The copy remains outdated in case the original is updated in future versions
  of this repo.
* The role's configuration should be in one place (configured only through role
  variables) instead of in multiple.

Configuring more identity stores through role variables can be supported in the
future.
2018-12-04 17:19:49 +01:00
f8987cb775 Set default mautrix-telegram image to 0.4.0 2018-11-30 19:32:29 +01:00
9f212adc1d Rename variable (matrix_synapse_ext_password_provider_ldap -> matrix_synapse_ext_password_provider_ldap_enabled)
This makes it more consistent with other usage throughout the playbook.
2018-11-28 11:19:19 +02:00
bbf8928831 fix template and vars for ldap auth, add setup 2018-11-28 09:04:09 +01:00
9cf9a1ec54 [auth-ldap] add template + vars for ldap auth 2018-11-27 16:40:22 +01:00
18e1dda4c8 Revert "Update riot-web (0.17.6 -> 0.17.7)"
As Github issue #42 says, 0.17.7 is not available.
We shouldn't have tried to use it.

This reverts commit 529b5b222d.
2018-11-27 16:40:26 +02:00
529b5b222d Update riot-web (0.17.6 -> 0.17.7) 2018-11-25 09:57:30 +02:00
5b70ec67a4 Add support for controlling Synapse's autocreate_auto_join_rooms 2018-11-23 11:16:40 +02:00
bc15db3316 Fix a few minor things for consistency
Trying to:

- stay closer to naming in Synapse (autojoin -> auto_join)

- not create new variable namespaces (`matrix_homeserver_`),
when existing ones (`matrix_synapse_`) are more suitable

- allow `null` (`~`) values for `matrix_riot_web_welcome_user_id`

- render things like `auto_join_rooms` in `homeserver.yaml` more prettily

- fix breakage in `config.json` where `matrix_riot_web_roomdir_servers`
was rendered as YAML and not as JSON

- simplify code (especially in riot-web's `config.json`), which used
`if` statements that could have been omitted

- avoid changing comments in `homeserver.yaml` which are not ours,
so that we can keep closer to the configuration file generated by upstream
2018-11-23 11:00:08 +02:00
4febb117f4 Merge remote-tracking branch 'upstream/master' into fix/add/config 2018-11-23 00:58:32 +00:00
792bed3f5a Fix add/config based on comments by @spantaleev 2018-11-23 00:42:54 +00:00
d13aa7316e Remove riot.im from list of trusted identity servers
This brings the list in line with the new default as of https://github.com/matrix-org/synapse/pull/4207
2018-11-20 20:15:26 -06:00
0e02dbd569 Update dependencies 2018-11-20 09:02:27 +02:00
ddec99b899 Allow Synapse log levels to be configured (#23) 2018-11-14 13:39:52 -06:00
12c4591a58 Update mxisd 2018-11-12 08:32:13 +02:00
19257677c5 Update dependencies 2018-11-10 10:41:10 +02:00
f88b0ca33f Merge branch 'master' into riot-web-config-json 2018-11-03 12:00:48 +02:00
ef2e330d22 Allow a few parts of Riot config.json to be configured (#24) 2018-11-02 20:14:03 -05:00
ebab95c9ec Add new variable matrix_nginx_proxy_ssl_protocols 2018-11-02 18:20:05 -05:00
9e8f216b9b Upgrade Synapse (v0.33.7 -> v0.33.8) 2018-11-01 12:50:33 +02:00
e417ac4922 Add support for Postgres 11 2018-11-01 09:48:56 +02:00
ac8d5a839d Merge pull request #21 from Cadair/flags
Allow specifying which parts of the role run from playbooks
2018-11-01 08:58:42 +02:00
fb5115a544 Rename playbook variables so they are consistently prefixed
Pretty much all variables live in their own `matrix_<whatever>`
prefix now and are grouped closer together in the default
variables file (`roles/matrix-server/defaults/main.yml`).
2018-11-01 08:46:47 +02:00
1955aac4bd Update riot-web (0.17.0 -> 0.17.3) 2018-10-31 11:47:17 -05:00
67e2bf285d A simple idea to allow playbooks to control which bit of the role to run 2018-10-30 20:49:39 +00:00
cf0a5b3d2e Merge pull request #20 from izissise/mautrix-whatsapp
Mautrix whatsapp
2018-10-26 19:39:14 +03:00
67a445a74a Add support for controlling Matrix federation 2018-10-25 18:02:04 +03:00
7a94fc0e24 Add mautrix-whatsapp 2018-10-24 17:09:23 +02:00
83a17f8439 Expose mautrix-telegram public endpoint through nginx
It used to allow user to logging with their own account to the bot
see: https://github.com/tulir/mautrix-telegram/wiki/Authentication#replacing-telegram-accounts-matrix-puppet-with-matrix-account
for more informations
2018-10-21 23:20:37 +02:00
a0320346e1 Upgrade Synapse (v0.33.7rc2 -> 0.33.7) 2018-10-18 18:15:07 +03:00
9b3c882483 Update riot-web (0.16.4 -> 0.17.0) 2018-10-18 15:13:13 +03:00
6cc528ba5a Upgrade Synapse (v0.33.5.1 -> v0.33.7rc2)
We skipped v0.33.6 because of matrix-org/synapse#4014,
but v0.33.7rc2 fixed the problem.
2018-10-18 14:49:21 +03:00
a1c1ec9b7f Update dependencies 2018-10-08 08:24:20 +03:00