Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						31396f0615 
					 
					
						
						
							
							Merge pull request  #1295  from nogweii/feat-support-upstream-https-forwarded  
						
						... 
						
						
						
						Support trusting the upstream server when it says the protocol is HTTPS 
						
						
					 
					
						2021-09-26 09:54:15 +03:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						a676b5358c 
					 
					
						
						
							
							Fix hydrogen OCSP typo  
						
						... 
						
						
						
						From 6f80292745 
						
						
					 
					
						2021-09-24 20:09:06 -05:00 
						 
				 
			
				
					
						
							
							
								Colin Shea 
							
						 
					 
					
						
						
							
						
						2578ca4cee 
					 
					
						
						
							
							rename matrix_nginx_proxy_x_forwarded_header_value -> matrix_nginx_proxy_x_forwarded_proto_value  
						
						
						
						
					 
					
						2021-09-24 05:22:30 -07:00 
						 
				 
			
				
					
						
							
							
								Colin Shea 
							
						 
					 
					
						
						
							
						
						d0cd67044e 
					 
					
						
						
							
							replace $scheme with X-Forwarded-Proto when enabled  
						
						
						
						
					 
					
						2021-09-24 05:14:38 -07:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						3055b3996e 
					 
					
						
						
							
							Updates Certbot -> v1.19.0, nginx ->1.21.3-alpine  
						
						
						
						
					 
					
						2021-09-14 16:51:01 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						ae6caf158a 
					 
					
						
						
							
							Added variable matrix_nginx_proxy_request_timeout ( #1265 )  
						
						... 
						
						
						
						* add timeout param for nginx proxy
default value matrix_nginx_proxy_request_timeout is 60s
* default matrix_nginx_proxy_request_timeout - 60s
* few more variables for request timeout
* Update nginx.conf.j2
* Update nginx.conf.j2 
						
						
					 
					
						2021-09-03 10:00:45 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						a911207854 
					 
					
						
						
							
							Revert "nginx update v1.21.2"  
						
						... 
						
						
						
						This reverts commit 732051b8fc 
						
						
					 
					
						2021-09-03 09:07:58 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						732051b8fc 
					 
					
						
						
							
							nginx update v1.21.2  
						
						... 
						
						
						
						http://nginx.org/en/CHANGES  
					
						2021-09-03 10:46:21 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						f5a7e6d78b 
					 
					
						
						
							
							Certbot update v1.18.0  
						
						
						
						
					 
					
						2021-08-20 19:47:11 +05:30 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						4d57a41b3f 
					 
					
						
						
							
							remove matrix_awx_enabled from these  
						
						
						
						
					 
					
						2021-08-11 17:18:57 +08:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						2e30802b87 
					 
					
						
						
							
							use group variables instead  
						
						
						
						
					 
					
						2021-08-11 15:21:09 +08:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						8238d65e5f 
					 
					
						
						
							
							simplify template conditional  
						
						
						
						
					 
					
						2021-08-11 14:19:19 +08:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						bfb61e776e 
					 
					
						
						
							
							GMH v0.5.7... maybe!  
						
						
						
						
					 
					
						2021-08-10 12:58:10 +08:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4105ba854b 
					 
					
						
						
							
							Merge pull request  #1147  from datenkollektiv-net/allow-custom-federation-fqn  
						
						... 
						
						
						
						Make federation domain customizable 
						
						
					 
					
						2021-07-20 09:12:16 +03:00 
						 
				 
			
				
					
						
							
							
								JokerGermany 
							
						 
					 
					
						
						
							
						
						9345d840be 
					 
					
						
						
							
							root path for the base domain is wrong ( #1189 )  
						
						... 
						
						
						
						* root path for the base domain
* Fix path when running in a container
Co-authored-by: Slavi Pantaleev <slavi@devture.com > 
						
						
					 
					
						2021-07-20 08:48:11 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						7a51268dfc 
					 
					
						
						
							
							Upgrade certbot & nginx  
						
						... 
						
						
						
						Upgrade certbot (v1.16.0 -> v1.17.0) nginx (1.21.0 -> 1.21.1) 
						
						
					 
					
						2021-07-09 17:51:27 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						6294e58304 
					 
					
						
						
							
							Fix Content-Security-Policy for Element  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1154 
According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy ,
having both a header and the `<meta>`-tag provided by Element itself is
not a problem. The 2 CSP policies get combined. 
						
						
					 
					
						2021-07-01 12:41:05 +03:00 
						 
				 
			
				
					
						
							
							
								oxmie 
							
						 
					 
					
						
						
							
						
						5df4d68829 
					 
					
						
						
							
							Make federation domain customizable  
						
						
						
						
					 
					
						2021-06-30 23:02:27 +02:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						0217644b48 
					 
					
						
						
							
							Content-Security-Policy For Element Web  
						
						... 
						
						
						
						https://github.com/vector-im/element-web#configuration-best-practices  
					
						2021-06-18 23:27:23 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						963f38ee7b 
					 
					
						
						
							
							Upgrade certbot (v1.14.0 -> v1.16.0)  
						
						
						
						
					 
					
						2021-06-10 12:18:42 +03:00 
						 
				 
			
				
					
						
							
							
								pushytoxin 
							
						 
					 
					
						
						
							
						
						bee14550ab 
					 
					
						
						
							
							Fix local/bin scripts autocompletion by adding rx perms to everyone  
						
						... 
						
						
						
						It's mildly annoying when trying to execute these scripts while logged
in as a regular user, as the missing execute permissions will hinder
autocompletion even when trying to use with sudo.
These shell scripts don't contain secrets, but may fail when ran by a
regular user. The failure is due to the lack of access to the /matrix
directory, and does not result in any damage. 
						
						
					 
					
						2021-05-28 10:39:27 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4880dcceb0 
					 
					
						
						
							
							Fix OCSP-stapling-related errors due to missing resolver  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-28 11:14:33 +03:00 
						 
				 
			
				
					
						
							
							
								rakshazi 
							
						 
					 
					
						
						
							
						
						4ddd8bbb84 
					 
					
						
						
							
							Updated nginx-proxy (1.20.0 -> 1.21.0)  
						
						
						
						
					 
					
						2021-05-25 17:06:39 +00:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						1ed0857019 
					 
					
						
						
							
							Fix syntax error  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024  
						
						
					 
					
						2021-05-25 11:45:17 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						4a4a7f136e 
					 
					
						
						
							
							changes added to hydrogen client  
						
						
						
						
					 
					
						2021-05-25 11:42:51 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						25e67b51d1 
					 
					
						
						
							
							Merge branch 'spantaleev:master' into master  
						
						
						
						
					 
					
						2021-05-25 11:40:56 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						3436f9c10a 
					 
					
						
						
							
							rename to matrix_nginx_proxy_hsts_preload_enabled  
						
						
						
						
					 
					
						2021-05-25 00:56:59 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						7cc5328ede 
					 
					
						
						
							
							Comments & Ref  
						
						
						
						
					 
					
						2021-05-24 17:20:54 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						df2d91970d 
					 
					
						
						
							
							matrix_nginx_proxy_xss_protection  
						
						
						
						
					 
					
						2021-05-24 17:02:47 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						6f80292745 
					 
					
						
						
							
							Add OCSP stapling support and other SSL optimizations to Hydrogen vhost  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061 
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-21 13:40:37 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						d0de21ab34 
					 
					
						
						
							
							Delete Hydrogen nginx configuration file when disabled  
						
						
						
						
					 
					
						2021-05-21 12:58:32 +03:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						04548f8df2 
					 
					
						
						
							
							Merge branch 'master' into hydrogen  
						
						
						
						
					 
					
						2021-05-21 04:09:18 -05:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						9437f78c9e 
					 
					
						
						
							
							Build using custom config.json, add CSP, update to 0.1.53  
						
						
						
						
					 
					
						2021-05-21 03:45:21 -05:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						e9b878b9e9 
					 
					
						
						
							
							Optimize SSL session  
						
						
						
						
					 
					
						2021-05-18 19:39:43 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						e6afa05f7b 
					 
					
						
						
							
							Enable OCSP stapling for the federation port  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057 
Not sure if this is beneficial though. 
						
						
					 
					
						2021-05-18 08:15:42 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						57a6a98a50 
					 
					
						
						
							
							Fix incorrect SSL certificate path  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-18 07:58:47 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						b9c4e8ce16 
					 
					
						
						
							
							Merge pull request  #1057  from sakkiii/ssl_staple  
						
						... 
						
						
						
						Enable OCSP Stapling 
						
						
					 
					
						2021-05-18 07:50:35 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						d31b55b2a7 
					 
					
						
						
							
							SSL-enabled block only  
						
						
						
						
					 
					
						2021-05-18 03:24:06 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						e4dd933cf0 
					 
					
						
						
							
							Make missing /_synapse/admin correctly return 404 responses  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058 
We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.
For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints) 
						
						
					 
					
						2021-05-17 11:45:35 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						2c3da6599b 
					 
					
						
						
							
							Added warning  
						
						
						
						
					 
					
						2021-05-15 16:07:52 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						0dd4459799 
					 
					
						
						
							
							matrix_nginx_proxy_ocsp_stapling_enabled variable added  
						
						
						
						
					 
					
						2021-05-15 16:01:49 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						c05021640d 
					 
					
						
						
							
							Enable  OCSP Stapling  
						
						
						
						
					 
					
						2021-05-15 15:57:05 +05:30 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						ca361af616 
					 
					
						
						
							
							Add Hydrogen  
						
						
						
						
					 
					
						2021-05-15 04:23:36 -05:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						29cf6a0087 
					 
					
						
						
							
							Merge branch 'spantaleev:master' into master  
						
						
						
						
					 
					
						2021-05-10 15:10:18 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						bb0810302d 
					 
					
						
						
							
							Merge branch 'spantaleev:master' into master  
						
						
						
						
					 
					
						2021-05-07 23:03:55 +05:30 
						 
				 
			
				
					
						
							
							
								Béla Becker 
							
						 
					 
					
						
						
							
						
						b10655ebb1 
					 
					
						
						
							
							Jitsi XMPP Websocket support  
						
						... 
						
						
						
						Jitsi-meet enabled websockets by default, claiming better reliability.
Matrix-nginx-proxy configuration has been set up according to the
Prosody documentation: https://prosody.im/doc/websocket  
						
						
					 
					
						2021-05-05 19:10:58 +02:00 
						 
				 
			
				
					
						
							
							
								Dan Arnfield 
							
						 
					 
					
						
						
							
						
						cfaa3e598a 
					 
					
						
						
							
							Update nginx (1.19.10 -> 1.20.0)  
						
						
						
						
					 
					
						2021-05-03 16:00:11 -05:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						40fe6bd5c1 
					 
					
						
						
							
							variable matrix_nginx_proxy_hsts_preload_enable added  
						
						
						
						
					 
					
						2021-04-24 20:04:20 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						389dc26615 
					 
					
						
						
							
							Fix Synapse generic worker balancing  
						
						... 
						
						
						
						Potentially fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1022  
						
						
					 
					
						2021-04-24 11:52:45 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						5b4fdf9b87 
					 
					
						
						
							
							Merge branch 'master' of  https://github.com/sakkiii/matrix-docker-ansible-deploy  
						
						
						
						
					 
					
						2021-04-24 12:15:34 +05:30