Commit Graph

85 Commits

Author SHA1 Message Date
57bfb970a9 Enable support for custom HTML in riot-web homepage
* Add default template file for homepage HTML
* Add default riot-web config options for homepage
2018-12-11 13:48:54 +00:00
9dad4c7c2d Fix /.well-known/matrix/client for CORS
This is provoked by Github issue #46.

No client had made use of the well-known mechanism
so far, so the set up performed by this playbook was not tested
and turned out to be a little deficient.

Even though /.well-known/matrix/client is usually requested with a
simple request (no preflight), it's still considered cross-origin
and [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)
applies. Thus, the file always needs to be served with the appropriate
`Access-Control-Allow-Origin` header.

Github issue #46 attempts to fix it at the "reverse-proxying" layer,
which may work, but would need to be done for every server.
It's better if it's done "upstream", so that all reverse-proxy
configurations can benefit.
2018-11-29 09:13:25 +02:00
bb849bd34f Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into new-cmds 2018-11-28 11:03:47 +01:00
caba16ea0d add script + doc to remove everything 2018-11-28 11:02:51 +01:00
2bdc35de63 add script + doc to change a user to admin 2018-11-28 11:02:15 +01:00
9f212adc1d Rename variable (matrix_synapse_ext_password_provider_ldap -> matrix_synapse_ext_password_provider_ldap_enabled)
This makes it more consistent with other usage throughout the playbook.
2018-11-28 11:19:19 +02:00
bbf8928831 fix template and vars for ldap auth, add setup 2018-11-28 09:04:09 +01:00
5a2069fa63 Fix well known self check 2018-11-16 16:12:13 -06:00
4c0970d31e Make postgres_start_wait_time (affecting upgrades) configurable
This also raises the default from 5 seconds to 15 seconds.
2018-11-01 10:11:08 +02:00
e417ac4922 Add support for Postgres 11 2018-11-01 09:48:56 +02:00
a0a4ee526e Fix bug in Postgres dump/import causing upgrades to fail
Regression since 3fd6fd647f
2018-11-01 09:48:56 +02:00
009bb1b776 Add support for configuring Postgres auto-upgrade-backup path 2018-11-01 09:48:56 +02:00
ac8d5a839d Merge pull request #21 from Cadair/flags
Allow specifying which parts of the role run from playbooks
2018-11-01 08:58:42 +02:00
fb5115a544 Rename playbook variables so they are consistently prefixed
Pretty much all variables live in their own `matrix_<whatever>`
prefix now and are grouped closer together in the default
variables file (`roles/matrix-server/defaults/main.yml`).
2018-11-01 08:46:47 +02:00
67e2bf285d A simple idea to allow playbooks to control which bit of the role to run 2018-10-30 20:49:39 +00:00
8498c4c5de comment out all the things 2018-10-28 15:16:21 +00:00
7a94fc0e24 Add mautrix-whatsapp 2018-10-24 17:09:23 +02:00
c7188e06f9 Relocate some playbook task files to make it easier to navigate 2018-10-21 13:14:47 +03:00
d0c2ef10e4 Add self-check command 2018-10-21 12:58:25 +03:00
2313907faa Add missing tag to task
The setup-all should include the setup_well_known task as well
2018-10-19 15:07:31 +01:00
36658addcd Work around buggy docker_network sometimes failing to work
If a network like `matrix-whatever` already exists for some reason,
the `docker_network` module would not create our `matrix` network.
Working around it by avoiding `docker_network` and doing it manually.

Fixes Github issue #12
2018-10-15 07:49:44 +03:00
17ea05683b Fix yum/apt module invocation
The old way is deprecated and would stop working
after Ansible 2.11.
2018-10-12 09:00:53 +03:00
242f388af3 Make Synapse cache factor configurable 2018-09-27 10:03:31 +03:00
2df4349606 Fix matrix-corporal nginx configuration trouble in certain conditions
If the playbook were to run with `--tags=setup-nginx-proxy`,
it wouldn't go into `setup_corporal.yml`, which meant it wouldn't
perform a bunch of `set_fact` calls which override important
nginx proxy configuration.

We run these variable overrides on each call now (tagged with `always`)
to avoid such problems in the future.
2018-09-20 09:25:00 +03:00
0d0ccde286 Add Service Discovery (/.well-known/matrix/client) support 2018-09-17 10:51:46 +03:00
4f48508014 Rename variable (matrix_nginx_riot_web_data_path -> matrix_riot_web_data_path) 2018-09-17 08:43:31 +03:00
6ef934a416 Mautrix telegram minimum config variable requirement 2018-09-07 20:03:56 +02:00
45fb2df43f Fix some problem with permissions
Fix typo
Move mautrix variable in `defaults/main.yml` exclusively
2018-09-07 20:02:46 +02:00
7b5f68c431 Add mautrix-telegram to bridge with telegram services 2018-09-07 20:02:46 +02:00
88b4434da9 Fix incorrect path 2018-09-07 13:59:29 +03:00
7428b941c8 Remove old s3fs stuff
We've been using Goofys for a long time instead.
2018-08-29 10:14:48 +03:00
23e4a4734b Switch from acmetool to certbot for SSL certificate retrieval 2018-08-29 09:37:44 +03:00
861957b6f1 Add missing when statement 2018-08-23 08:35:30 +03:00
5398d80f01 Add support for matrix-corporal 2018-08-21 13:34:34 +03:00
14d7d3e670 Add support for matrix-synapse-shared-secret-auth 2018-08-20 17:11:55 +03:00
b0f1a1c80f Fix nginx warning: adding already-default text/html to gzip_types 2018-08-17 10:44:34 +03:00
832a4d71c1 Default to INFO logging for matrix-synapse-rest-auth, not DEBUG 2018-08-17 09:35:52 +03:00
21a108262f Remove some leftover debug statements 2018-08-17 09:30:41 +03:00
25becc63d5 Minor fixups for the matrix-synapse-rest-auth handling 2018-08-17 09:25:54 +03:00
ea43d46b70 Add matrix-synapse-rest-auth support 2018-08-17 09:02:17 +03:00
74093dfb15 Add mxisd Identity Server support 2018-08-15 10:46:13 +03:00
1c71cb110e Change SSL certificate obtaining a bit 2018-08-14 14:50:10 +03:00
21da2f572b Add email-sending support 2018-08-14 14:47:44 +03:00
700602eed3 Rename a bunch of playbook variables for better consistency 2018-08-08 09:17:18 +03:00
336785d1ed Rename Ansible playbook tag (setup-main -> setup-all) 2018-08-08 09:03:37 +03:00
3fd6fd647f Put all containers in their own isolated Docker network (matrix)
Moving away from using the default bridge network to using our own.
This isolates our services from other Docker containers running
on the default network on the same host.

The benefits are that:

- isolation is a little better - we no longer share a default
bridge network with any other containers that might be running on the host

- there are no longer hard dependencies - we do service discovery
by DNS name, and not via explicit `--link` usage during container start,
so containers can start out of order and fail without bringing down others
with them
(`matrix-nginx-proxy` can continue running, even if one of the other services dies)

In the future, when other services get introduced,
the increased resilience and simplicity will help as well.
2018-08-08 08:57:48 +03:00
cdf4eefdf9 Fix typos 2018-08-07 15:08:46 +03:00
839b401b28 Set up Synapse configuration using a template (not line/regexp replacements)
Until now, we were starting from a fresh configuration, as generated
by Synapse and manipulating it with regex and line replacements,
until we made it work.

This is more fragile and less predictable, so we're moving to a static
configuration file generated from a Jinja template.

The upside is that configuration will be stable and predictable.

The downside of this new approach is that any manual configuration changes
after the playbook is done, will be thrown away on future playbook
invocations.

There are 2 ways to work around the need for manual configuration
changes though:
- making them part of this playbook and its default template
configuration files (which benefits everyone)
- going your own way for a given host and overriding the template files
that gets used (that is, the
`matrix_synapse_template_synapse_homeserver` or
`matrix_synapse_template_synapse_log` variables)
2018-06-26 21:05:59 +03:00
053328be08 Fix nginx failing to start on certain low-cache CPUs 2018-06-26 20:40:48 +03:00
62d1b13c91 Minor improvements to the Postgres-upgrade tasks 2018-05-29 11:23:17 +03:00