Commit Graph

5183 Commits

Author SHA1 Message Date
c1bb4f680e enable oauth 2020-05-21 23:40:38 +01:00
ee3944bcdb Update postgres (12.2 -> 12.3, etc) 2020-05-21 11:40:40 -05:00
8fb3ce6f6d Upgrade Synapse (v1.12.4 -> v1.13.0) 2020-05-19 21:35:32 +03:00
a3259bbd77 Add |to_json to some variables 2020-05-19 21:15:23 +03:00
a03e95b7eb enable by default v2 api prefix for ma1sd 2020-05-19 17:06:11 +02:00
7a2dbdc2d7 Update components 2020-05-19 15:06:35 +03:00
ba23779b05 Fix incorrect Jitsi container image tags
Related to #508 (Github Pull Request).
2020-05-17 21:23:18 +03:00
47001258b5 Ensure prosody plugin path created / permissions 2020-05-17 14:19:58 +02:00
fbd8f3ec9b Jitsi prosody: add volume /prosody-plugins-custom 2020-05-16 15:12:51 +02:00
c2df3d7bbf Update jitsi containers to 4548-1 2020-05-16 15:00:44 +02:00
93f4111654 Prevent 404s when Riot tries to retrieve domain-specific config.json
Riot unconditionally asks for a config.${document.domain}.json, c.f.
https://github.com/vector-im/riot-web/blame/develop/src/vector/getconfig.ts#L24
2020-05-13 18:34:14 +02:00
787f12e70d Fix typo in validation 2020-05-08 13:56:31 -05:00
dd527d5968 Ensure correct dimension.db file ownership
This is mostly here to guard against problems happening
due to server migration and doing `chown -R matrix:matrix /matrix`.

Normally, the file is owned by `1000:1000`, as expected.

If ownership changes, Dimension could still start, but it will fail the
first time it tries to write to the database. Explicitly chowning
before startup guards against this.

Related to #485 and #486 (Github Pull Requests).
Also related to ccc7aaf0ce.
2020-05-06 11:28:09 +03:00
ae1b1be3f4 Do not use matrix:matrix for Dimension configuration
Dimension runs as the `node` user in the container (`1000:1000`).
It doesn't seem like we have a way around it. Thus, its configuration
must also be readable by that user (or group, in this case).
2020-05-06 11:20:14 +03:00
c1c8b8e62c Warn about matrix_user_uid/matrix_user_gid
We don't really need to fail in such a spectactular way,
but it's probably good to do. It will only happen for people
who are defining their own user/group id, which is rare.

It seems like a good idea to tell them that this doesn't work
as they expect anymore and to ask them to remove these variables,
which otherwise give them a fake sense of hope.

Related to #486 (Github Pull Request).
2020-05-06 10:17:19 +03:00
36c61b5b4e Introduce a separate group variable (matrix_user_groupname)
Related to #485 (Github Pull Request).
2020-05-06 10:02:47 +03:00
ccc7aaf0ce Fix "Migrating to a new server" flow due to dynamic user/group creation 2020-05-06 09:55:40 +03:00
6032affc20 Merge pull request #486 from FanchTheSystem/avoid_fixed_uid_and_gid
Remove default UID/GID
2020-05-06 09:46:49 +03:00
8fea6f5130 Make sure matrix_user_uid and matrix_user_gid are always set
If one runs the playbook with `--tags=setup-all`, it would have been
fine.

But running with a specific tag (e.g. `--tags=setup-riot-web`) would
have made that initialization be skipped, and the `matrix-riot-web` role
would fail, due to missing variables.
2020-05-06 09:43:30 +03:00
4359571d38 Upgrade riot-web to v1.6.0 2020-05-05 14:02:14 +03:00
a1c5a197a9 remove default UID/GID 2020-05-04 21:43:54 +02:00
e750c6c6ff Update coturn (4.5.1.1 -> 4.5.1.2) 2020-05-04 09:46:45 -05:00
d6266a8c47 fix skype bridge being rebuilt when upstream changed 2020-05-01 21:34:42 +02:00
7585bcc4ac Allow the matrix user username and groupname to be configured separately
No migration steps should be required.
2020-05-01 19:59:32 +02:00
cf0e56e92b Consistent usage of matrix username and groupname, not uid and gid
This should be a no-op, no migration necessary.
2020-05-01 19:39:17 +02:00
741064a178 Fix group ownership of Dimension base path and config
Ansible will migrate the ownership of the base path and config path, but
manual intervention will be required in order to migrate the ownership
of files in those directories (i.e. dimension.db).

Stop the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=stop

Fix the permissions on the server:

  (server)# chown -Rv "{{ matrix_user_username }}:{{ matrix_user_username }}" "{{ matrix_dimension_base_path }}"

which would typically look like:

  (server)# chown -Rv matrix:matrix /matrix/dimension/

Reconfigure Dimension and start the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=setup-dimension,start
2020-05-01 19:28:30 +02:00
0e26810162 Merge pull request #478 from cnvandijk/feature-jitsi-ldap-auth
Add support for Jitsi LDAP authentication
2020-04-30 10:09:48 +03:00
9d6614e80f Add support for Jitsi LDAP authentication 2020-04-29 17:57:38 +02:00
669780976f Update mappings configuration example 2020-04-29 09:29:03 +03:00
a2df0016eb Update matrix-appservice-irc to 0.16.0
Note the potential breaking change

Resolves #474
2020-04-28 11:43:52 -05:00
29f606bac7 Add 'permalinkPrefix' and 'default_theme' for configuring riot web (#472)
* add permalinkPrefix to riot-web config

* add feature to change default theme of riot-web via its config file

* remove matrix_riot_web_change_default_theme and provide sane default
2020-04-28 13:10:33 +03:00
37d427c05c Update Jitsi docker images to stable 4416 2020-04-28 03:52:43 +02:00
438652c732 Switch Slack image to a working tag
We've had reports of the `:latest` tag not working anymore,
leading to an error as described here:
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/341
2020-04-27 10:49:06 +03:00
9cc0c5955d Use |quote in some command calls 2020-04-24 09:59:30 +03:00
23bfaa72ec Upgrade Synapse (1.12.3 -> 1.12.4) 2020-04-23 13:30:50 -05:00
033dfcb26f Remove duplicated whitelist entry in skype main.yml 2020-04-23 09:06:08 -04:00
4149e03b69 Initial mx-puppet-slack bridge role 2020-04-23 09:06:08 -04:00
272888d917 Merge pull request #462 from cnvandijk/feature-dimension-unfederated
Add support for running dimension in an unfederated environment
2020-04-22 22:47:14 +03:00
0af5a8c4cc Simplify mx-puppet-skype blacklists a bit
Related to #466 (Github Pull Request).
2020-04-22 22:42:24 +03:00
b08a49d94d Allow skype more configurations for relay and provisioning 2020-04-22 15:26:31 -04:00
3f4bc9b881 Move config supprt for unfederated dimension into group_vars 2020-04-22 19:23:56 +02:00
9991d545dd Add note about synapse-janitor and require explicit confirmation for usage
Fixes #465 (Github Issue).

Related to https://github.com/xwiki-labs/synapse_scripts/pull/12.
2020-04-21 21:48:06 +03:00
554da8338a Merge pull request #463 from hooger/architecture
Architecture
2020-04-20 16:45:59 +03:00
46984a4f99 Nginx conf: more testing less b0rk 2020-04-19 21:42:34 +02:00
765c046beb add missing ; to matrix-synapse.conf.j2 2020-04-19 19:50:42 +02:00
5f63d287b7 Move synapse worker ports up 10k 2020-04-19 19:05:03 +02:00
e4763c21bc nginx config: route traffic to workers on matrix-synapse
FIXME: horrid duplication in template file
2020-04-19 19:05:03 +02:00
66a4073512 Publish synapse worker ports, need to be accessible to nginx 2020-04-19 19:05:03 +02:00
cf452fdf0a Fix corner-cases found through testing (aka ansible is nuts) 2020-04-19 19:05:03 +02:00
a14b9c09ad Add to synapse nginx template conditional URL rewrites for workers
· 😅 How to keep this in sync with the matrix-synapse documentation?
· regex location matching is expensive
· nginx syntax limit: one location only per block / statement
· thus, lots of duplicate statements in this file
2020-04-19 19:05:03 +02:00