finallycoffee/matrix-docker-ansible-deploy
finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7,543 Commits 3 Branches 0 Tags
Commit Graph

819 Commits

Author SHA1 Message Date
Slavi Pantaleev
f8966cd8da Default etherpad_hostname to matrix_server_fqn_etherpad for backward compatibility 2023-03-03 09:47:13 +02:00
Slavi Pantaleev
124fbeda04 Switch to using an external Etherpad role 
This new role also adds native Traefik support and support for other
(non-`amd64`) architectures via self-building.
 2023-03-02 22:50:13 +02:00
Slavi Pantaleev
b0845984b3 Only enable Traefik certs dumper if the ACME certificate resolver for Traefik is enabled 
If someone disables ACME, then they're using their own certificates
somehow. There's nothing to dump from an `acme.json` file.
 2023-03-01 09:45:16 +02:00
Slavi Pantaleev
f7149103e4 Remove matrix_playbook_traefik_certs_dumper_role_enabled in favor of just devture_traefik_certs_dumper_enabled 
We don't need these 2 roughly-the-same settings related to the
traefik-certs-dumper role.

For Traefik, it makes sense, because it's a component used by the
various related playbooks and they could step onto each other's toes
if the role is enabled, but Traefik is disabled (in that case, uninstall
tasks will run).

As for Traefik certs dumper, the other related playbooks don't have it,
so there's no conflict. Even if they used it, each one would use its own
instance (different `devture_traefik_certs_dumper_identifier`), so there
wouldn't be a conflict and uninstall tasks can run without any danger.
 2023-03-01 09:31:48 +02:00
Slavi Pantaleev
b388a01ab7 Wire all certResolver variables to devture_traefik_certResolver_primary 
This allows people wishing to change or unset the resolver,
to have a single variable which they can toggle.

Unsetting the resolver is useful for using your own certificates
(not coming from a certificate resolver).
 2023-02-27 17:09:19 +02:00
Slavi Pantaleev
9e7415afa2 Ensure Buscarron is part of the Postgres network 2023-02-27 17:07:44 +02:00
Slavi Pantaleev
058a54fd05 Add native Traefik support to Dimension 2023-02-26 23:06:36 +02:00
Slavi Pantaleev
b84f25309b Add matrix_homeserver_container_network 2023-02-26 22:09:37 +02:00
Slavi Pantaleev
d20ff688db Add native Traefik support to Sygnal 2023-02-26 11:03:42 +02:00
Slavi Pantaleev
348dd8e76b Remove double space 2023-02-25 19:37:35 +02:00
Slavi Pantaleev
725b2beed7 Add native Traefik support to Buscarron 2023-02-25 15:50:48 +02:00
Slavi Pantaleev
bc5dda2b3a Reorder some Buscarron default variables and fix some typos 
Fixes a regression introduced in 0220c851e8781e4468b1
 2023-02-25 15:11:23 +02:00
Slavi Pantaleev
0220c851e8 Add multiple container networks support to Buscarron 2023-02-25 15:03:03 +02:00
Slavi Pantaleev
233e253264 Add native Traefik support to rageshake 2023-02-25 13:46:42 +02:00
Slavi Pantaleev
306679103b Require self-building of rageshake for arm64 
There are no arm64 images published.. yet
 2023-02-25 12:32:19 +02:00
Slavi Pantaleev
55f43dcc6d Fixup matrix-rageshake section in group vars 2023-02-25 12:09:23 +02:00
Benjamin Kampmann
40f037b36d Add rageshake server 2023-02-24 16:55:49 +01:00
Slavi Pantaleev
5e7f30a129 Fix appservice-discord/appservice-slack/appservice-webhooks port troubles with external reverse-proxy 
Continuation of 6cda711
 2023-02-19 11:20:58 +02:00
Slavi Pantaleev
632026513e Add matrix_synapse_uid, matrix_synapse_gid and matrix_synapse_username 2023-02-17 17:16:50 +02:00
Slavi Pantaleev
990a6369e1 Switch to using an external Redis role 2023-02-17 16:23:59 +02:00
Slavi Pantaleev
964aa0e84d Switch to using an external Ntfy role 
The newly extracted role also has native Traefik support,
so we no longer need to rely on `matrix-nginx-proxy` for
reverse-proxying to Ntfy.

The new role uses port `80` inside the container (not `8080`, like
before), because that's the default assumption of the officially
published container image. Using a custom port (like `8080`), means the
default healthcheck command (which hardcodes port `80`) doesn't work.
Instead of fiddling to override the healthcheck command, we've decided
to stick to the default port instead. This only affects the
inside-the-container port, not any external ports.

The new role also supports adding the network ranges of the container's
multiple additional networks as "exempt hosts". Previously, only one
network's address range was added to "exempt hosts".
 2023-02-17 09:54:33 +02:00
Slavi Pantaleev
e80b98c3ad Do not mount SSL certificates into Coturn if TLS is disabled for it 2023-02-16 09:22:29 +02:00
Slavi Pantaleev
bb7895678c Fix typo 2023-02-15 11:48:27 +02:00
Slavi Pantaleev
7c5826f1c3 Break dependency between matrix-prometheus-nginxlog-exporter and the Grafana role 
Wiring happens via `group_vars/matrix_servers` now.
 2023-02-15 10:52:25 +02:00
Slavi Pantaleev
1006b8d899 Replace matrix-grafana with an external role 2023-02-15 10:32:24 +02:00
Slavi Pantaleev
94124263a7 Add matrix_prometheus_container_network/matrix_prometheus_container_additional_networks 2023-02-15 08:56:11 +02:00
Slavi Pantaleev
c85d48c45c Remove Traefik labels for Hydrogen & Cinny from matrix-nginx-proxy 
Related to 6a52be79877 and 28e7ef9c71f02
 2023-02-14 22:46:34 +02:00
Slavi Pantaleev
f28e7ef9c7 Add (native) Traefik support to matrix-client-cinny 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now
 2023-02-14 11:29:53 +02:00
Slavi Pantaleev
6a52be7987 Add (native) Traefik support to matrix-client-hydrogen 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now

Serving at a path other than `/` doesn't work well yet.
 2023-02-14 09:58:35 +02:00
Slavi Pantaleev
e51e4eec09 Add (native) Traefik support to matrix-client-element 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now
 2023-02-13 19:03:20 +02:00
Slavi Pantaleev
b2d8718233 Fix synapse-admin reverse-proxying regression for "playbook-managed-nginx" 
Regression since 3d9aa8387e4adc3
 2023-02-13 16:08:59 +02:00
Slavi Pantaleev
6cda711c0b Fix incorrect host_bind_port syntax (extra :) affecting certain deployments 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2474

Seems like this affected all "own webserver" deployments, which required
port exposure.

`playbook-managed-traefik` and `playbook-managed-nginx` were not affected.
 2023-02-13 15:38:24 +02:00
Slavi Pantaleev
3d9aa8387e Add (native) Traefik support to synapse-admin 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now.
 2023-02-13 15:08:42 +02:00
Aine
33b4f7031b
restore borg prefixes 2023-02-13 10:44:42 +00:00
Slavi Pantaleev
266195ab45 Upgrade backup_borg (v1.2.3-1.7.5-1 -> v1.2.3-1.7.6-0) 
Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2472
 2023-02-13 12:26:49 +02:00
Slavi Pantaleev
23f7720247 Add missing backup_borg_base_path override 2023-02-13 11:44:19 +02:00
Slavi Pantaleev
38904c08b0 Wire backup_borg_username 
It's probably unnecessary, as this user is only used in the borg container
internally, but.. It doesn't hurt to set it to `matrix`.
 2023-02-13 11:01:54 +02:00
Slavi Pantaleev
78c35136b2 Replace matrix-backup-borg with an external role 2023-02-13 10:53:11 +02:00
Slavi Pantaleev
972043cfaf Fix trying to start devture-traefik when not necessarily enabled 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2465
 2023-02-12 17:14:25 +02:00
Slavi Pantaleev
f1a1ce8a91
Merge pull request #2464 from spantaleev/traefik 
Reverse-proxy configuration changes and initial Traefik support
 2023-02-12 16:05:56 +02:00
Slavi Pantaleev
b3f6436a0d Do not enable the Traefik role when reverse-proxy = other-traefik-container 2023-02-12 15:50:18 +02:00
Catalan Lover
be471250dd
Move services that crash without hs connectivity to after proxy. 2023-02-11 17:58:19 +01:00
Slavi Pantaleev
94be74e633 Improve traefik-certs-dumper defaults for other-traefik-container setups 
We'd like to auto-enable traefik-certs-dumper for these setups.

`devture_traefik_certs_dumper_ssl_dir_path` will be empty though,
so the role's validation will point people in the right direction.
 2023-02-11 08:54:07 +02:00
Slavi Pantaleev
f37a7a21f1 Delay Postmoogle startup to help Traefik-based setups 2023-02-11 08:53:32 +02:00
Slavi Pantaleev
8309a21303 Rename reverse proxy types and fix Hookshot http/https urlPrefix issue 2023-02-11 08:44:11 +02:00
Slavi Pantaleev
97f65e8dff Minor fixes to allow for Traefik without SSL 2023-02-10 19:36:06 +02:00
Slavi Pantaleev
28d2eb593c Add matrix_playbook_reverse_proxy_type variable which influences all other services 2023-02-10 16:04:34 +02:00
Slavi Pantaleev
06ccd71edc Merge branch 'master' into traefik 2023-02-10 14:37:59 +02:00
Slavi Pantaleev
01ccec2dbe Merge branch 'master' into pr-jitsi-matrix-authentication 2023-02-10 14:12:47 +02:00
Slavi Pantaleev
7cdf59d79b
Merge pull request #2451 from FSG-Cat/draupnir 
Add Draupnir support to the project.
 2023-02-10 11:43:30 +02:00