Commit Graph

146 Commits

Author SHA1 Message Date
Slavi Pantaleev
bce165f247 Do not suggest DEBUG logging when submitting issues
It's been pointed out that DEBUG logs could contain sensitive
information (access tokens, etc.), which makes them unsuitable
for sharing with others. INFO should be enough.
2019-08-06 07:14:52 +03:00
Slavi Pantaleev
d222640140 Add firewall notice about email2matrix 2019-08-05 14:10:24 +03:00
Slavi Pantaleev
4be35822dd Add Email2Matrix support 2019-08-05 13:09:49 +03:00
Esko
f084bb4ae5
Clarify sentence about dedicated user for access token 2019-08-04 05:18:16 +02:00
Slavi Pantaleev
6fe4bafc2a Decrease default Synapse logging level
Also discussed previously in #213 (Github Pull Request).

shared-secret-auth and rest-auth logging is still at `INFO`
intentionally, as user login events seem more important to keep.
Those modules typically don't spam as much.
2019-08-03 07:48:04 +03:00
Slavi Pantaleev
99283ef684 Add note about SMTPS not being supported
Fixes #216 (Github Issue).
2019-07-10 08:43:27 +03:00
Slavi Pantaleev
0e4030f05c Add missing word 2019-07-09 09:14:57 +03:00
Slavi Pantaleev
76862f4f2a Suggest running start tag after janitor and Postgres vacuum
We do restart Synapse explicitly, but some other services
(bridges, matrix-corporal, ..) may not restart sometimes.

It's best to restart all services explicitly.
2019-07-08 11:09:23 +03:00
Slavi Pantaleev
e317de5ac1 Fix broken link 2019-07-08 09:40:52 +03:00
Slavi Pantaleev
0ca21d80d7 Add Synapse Maintenance docs and synapse-janitor integration 2019-07-08 09:38:36 +03:00
Slavi Pantaleev
ef5e4ad061 Make Synapse not log to text files
Somewhat related to #213 (Github Pull Request).

We've been moving in the opposite direction for quite a long time.
All services should just leave logging to systemd's journald.
2019-07-04 17:46:31 +03:00
Slavi Pantaleev
da6edc9cba Add support for disabling Synapse's local database for user auth
This is a new feature of Synapse v1.1.0.

Discussed in #145 (Github Pull Request).
2019-07-04 17:11:51 +03:00
Slavi Pantaleev
8529efcd1c Make Discord bridge configuration playbook-managed
Well, `config.yaml` has been playbook-managed for a long time.
It's now extended to match the default sample config of the Discord
bridge.

With this patch, we also make `registration.yaml` playbook-managed,
which leads us to consistency with all other bridges.

Along with that, we introduce `./config` and `./data` separation,
like we do for the other bridges.
2019-06-26 10:35:00 +03:00
Slavi Pantaleev
59b56fa504 Update Docker image of Ansible (2.7.0 -> 2.8.1) 2019-06-26 07:40:36 +03:00
Slavi Pantaleev
174a6fcd1b Make IRC bridge configuration entirely managed by the playbook 2019-06-19 12:29:44 +03:00
Slavi Pantaleev
5002c7edaa Fix broken docs link 2019-06-19 10:30:04 +03:00
Slavi Pantaleev
2e16257e50 Do not ask for _matrix._tcp SRV records anymore
With most people on Synapse v0.99+ and Synapse v1.0 now available,
we should no longer try to be backward compatible with Synapse 0.34,
because this just complicates the instructions for no good reason.
2019-06-12 14:51:10 +03:00
Slavi Pantaleev
8a7b3d5bd0
Make instructions simpler and safer
Changes to the original are:
- it tells people to stop and disable services, so that:
   - services won't be running while you are copying files
   - services won't accidentally start again later
- it does the file-copying in 1 step
- it does copying before running `--tags=setup-all`, so that existing files (SSL certificates, etc.) can be reused. Otherwise, the playbook starts from a blank slate, retrieves them anew, generates new signing keys anew, etc. Only to have those replaced by your own old backup later.
- it mentions DNS changes
- combines `--tags=setup-all,start` into a single step, thanks to the files being already copied
2019-06-12 09:36:19 +03:00
Michael Haak
a8dc0befa9 Added a basic guide on migrating to another server 2019-06-11 22:06:25 +02:00
Slavi Pantaleev
4f0bcc624f Fix typo 2019-06-07 14:29:51 +03:00
Slavi Pantaleev
04bc50a282 Make Facebook bridge docs more detailed 2019-06-07 13:51:43 +03:00
Slavi Pantaleev
70487061f4 Prefer --mount instead of -v for mounting volumes
This doesn't replace all usage of `-v`, but it's a start.

People sometimes troubleshoot by deleting files (especially bridge
config files). Restarting Synapse with a missing registration.yaml file
for a given bridge, causes the `-v
/something/registration.yaml:/something/registration.yaml:ro` option
to force-create `/something/registration.yaml` as a directory.

When a path that's provided to the `-v` option is missing, Docker
auto-creates that path as a directory.
This causes more breakage and confusion later on.

We'd rather fail, instead of magically creating directories.
Using `--mount`, instead of `-v` is the solution to this.

From Docker's documentation:

> When you use --mount with type=bind, the host-path must refer to an existing path on the host.
> The path will not be created for you and the service will fail with an error if the path does not exist.
2019-05-29 09:59:50 +03:00
Slavi Pantaleev
5bfd22d13b Fix incorrect inventory host_vars paths 2019-05-24 08:06:42 +09:00
Slavi Pantaleev
1e1c7933e2 Mention Postgres + SSL in the docs
Refers to #89 (Github Issue)
2019-05-22 09:17:33 +09:00
Marcel Partap
66388c1f5b Provide a sample rest_auth_endpoint close to actual setup 2019-05-15 01:51:02 +02:00
Aaron Raimist
2d1fbdb51d
Move around options on updating-users-passwords.md
and provide an example for using the admin API
2019-05-11 21:39:31 -05:00
Aaron Raimist
59e05672d0
Convert registering-users.md to use ``` syntax for code blocks
The bit about the matrix-make-user-admin script was messed up (it wasn't actually a code block so the "<username>" was hidden). For me at least it seems like the ``` syntax is much harder to accidentally mess up.
2019-05-10 15:38:22 -05:00
Aaron Raimist
12b7cccbc6
Mention the Synapse User Admin API on updating-users-passwords.md 2019-05-10 15:33:15 -05:00
Slavi Pantaleev
2dd8d07ac9 Add docs about using other S3-compatible object stores 2019-05-09 10:28:01 +03:00
Slavi Pantaleev
216cdf8c74
Merge pull request #166 from izissise/mautrix-facebook
Mautrix facebook
2019-05-09 10:05:14 +03:00
Slavi Pantaleev
d91cff3f7a Add docs about integrating mxisd's Registration feature
Docs for #161 (Github issue) and #168 (Github Pull Request).
2019-05-09 09:55:03 +03:00
Slavi Pantaleev
ccb33369a7
Merge pull request #169 from verb/federation-tester
Update URL for Matrix federation tester
2019-05-09 09:22:10 +03:00
Lee Verberne
8b5c1b0bd5 Update URL for Matrix federation tester
The previous URL returns a 404.
2019-05-09 07:04:46 +02:00
Hugues Morisset
d4372d5ba8 Add mautrix-facebook doc 2019-05-08 17:11:07 +02:00
Slavi Pantaleev
e6fecd51d5 Explain DNS SRV vs /.well-known/matrix/server better
Hopefully, we no longer lead people to believe that DNS SRV
records are going away forever and for all use-cases.

Fixes #156 (Github Issue)
2019-05-05 11:04:52 +03:00
Lyubomir Popov
134faa3139 Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 16:30:26 +03:00
Slavi Pantaleev
892abdc700 Do not refer to Synapse as "Matrix Synapse" 2019-04-23 10:20:56 +03:00
Slavi Pantaleev
9ea5088761 Add TURN server configuration documentation 2019-04-19 09:57:41 +03:00
Slavi Pantaleev
a4da1535dd Split additional configuration options in groups
It's too many configuration options to keep them in a single list.
Trying to put some order.
2019-04-19 09:54:18 +03:00
aba8327991
Give a hint to look into the examples if using caddy 2019-04-16 19:46:17 +02:00
Slavi Pantaleev
9c401efb2d Add a note about beta/pre-release distros 2019-04-16 13:10:31 +03:00
Slavi Pantaleev
9202b2b8d9 Ensure systemd services are running when doing --tags=start
Fixes #129 (Github Issue).

Unfortunately, we rely on `service_facts`, which is only available
in Ansible >= 2.5.

There's little reason to stick to an old version such as Ansible 2.4:
- some time has passed since we've raised version requirements - it's
time to move into the future (a little bit)
- we've recently (in 82b4640072) improved the way one can run
Ansible in a Docker container

From now on, Ansible >= 2.5 is required.
2019-04-03 11:19:06 +03:00
Slavi Pantaleev
82b4640072 Use a more suitable Docker image for running Ansible
Inspired by #128 (Github Issue), we've created a new Docker image
to replace https://hub.docker.com/r/qmxme/ansible

Adding dnspython or dig to `qmxme/ansible` doesn't seem like a good
idea (that might be accepted by them), given that it's specific to our
use case. That's why we'll be maintaining our own image from now on.
2019-04-03 10:28:23 +03:00
Slavi Pantaleev
631b7cc6a6 Add support for adjusting Synapse rate-limiting configuration 2019-04-01 21:40:14 +03:00
Borjan Tchakaloff
cbd629e7ea Specify that cron is likely required on the server
When using Let's Encrypt SSL certificates, a cronjob is set up to
automatically renew them. Though it does require a `cron`-compatible
program on the server.

This fixes the error that is caused by the `/etc/cron.d` directory
not existing and the `ansible-cron` module trying to write out a
file there -- without checking if the directory exists first.
2019-03-22 17:44:24 +01:00
Slavi Pantaleev
1939fc9113 Improve documentation a bit 2019-03-19 18:23:54 +02:00
Slavi Pantaleev
59e37105e8 Add TLS support to Coturn 2019-03-19 10:24:39 +02:00
Slavi Pantaleev
10d9293121 Indicate that TURN ports are a range 2019-03-13 08:23:10 +02:00
Slavi Pantaleev
c545d3eb85 Add support for serving base domain via matrix-nginx-proxy 2019-03-12 23:01:16 +02:00
Slavi Pantaleev
1974935bc6 Update docs a bit 2019-03-12 11:38:59 +02:00