Compare commits
23 Commits
6cfcada2d6
...
fa397886e1
Author | SHA1 | Date | |
---|---|---|---|
fa397886e1 | |||
c6a384b972 | |||
7ed4c9ff6c | |||
|
7934cde90f | ||
|
92af6c162d | ||
|
35153093fc | ||
|
952275789a | ||
|
d82b98a522 | ||
|
f542a3a7c8 | ||
|
efd7e0f589 | ||
|
8527c0a8d9 | ||
|
e38ac094e3 | ||
|
8b9c7b18ac | ||
|
9de35bf1c5 | ||
|
255cb97c41 | ||
|
b166f0175a | ||
|
84d345b6c3 | ||
|
8b7fefb604 | ||
|
b3cfa2a1ba | ||
|
3055b3996e | ||
|
4543a22508 | ||
|
4adbefab82 | ||
|
4b46913278 |
@ -121,7 +121,7 @@ This is similar to the [EMnify/matrix-synapse-auto-deploy](https://github.com/EM
|
|||||||
|
|
||||||
- this one **can be executed more than once** without causing trouble
|
- this one **can be executed more than once** without causing trouble
|
||||||
|
|
||||||
- works on various distros: **CentOS** (7.0+), Debian-based distributions (**Debian** 9/Stretch+, **Ubuntu** 16.04+), **Archlinux**
|
- works on various distros: **CentOS** (7.0+), Debian-based distributions (**Debian** 10/Buster+, **Ubuntu** 18.04+), **Archlinux**
|
||||||
|
|
||||||
- this one installs everything in a single directory (`/matrix` by default) and **doesn't "contaminate" your server** with files all over the place
|
- this one installs everything in a single directory (`/matrix` by default) and **doesn't "contaminate" your server** with files all over the place
|
||||||
|
|
||||||
|
@ -4,8 +4,8 @@ To install Matrix services using this Ansible playbook, you need:
|
|||||||
|
|
||||||
- (Recommended) An **x86** server ([What kind of server specs do I need?](faq.md#what-kind-of-server-specs-do-i-need)) running one of these operating systems:
|
- (Recommended) An **x86** server ([What kind of server specs do I need?](faq.md#what-kind-of-server-specs-do-i-need)) running one of these operating systems:
|
||||||
- **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300))
|
- **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300))
|
||||||
- **Debian** (9/Stretch or newer)
|
- **Debian** (10/Buster or newer)
|
||||||
- **Ubuntu** (16.04 or newer, although [20.04 may be problematic](ansible.md#supported-ansible-versions))
|
- **Ubuntu** (18.04 or newer, although [20.04 may be problematic](ansible.md#supported-ansible-versions))
|
||||||
- **Archlinux**
|
- **Archlinux**
|
||||||
|
|
||||||
Generally, newer is better. We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there.
|
Generally, newer is better. We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there.
|
||||||
|
@ -14,7 +14,7 @@ matrix_domain: YOUR_BARE_DOMAIN_NAME_HERE
|
|||||||
#
|
#
|
||||||
# In case SSL renewal fails at some point, you'll also get an email notification there.
|
# In case SSL renewal fails at some point, you'll also get an email notification there.
|
||||||
#
|
#
|
||||||
# If you decide to use another method for managing SSL certifites (different than the default Let's Encrypt),
|
# If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt),
|
||||||
# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
|
# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
|
||||||
#
|
#
|
||||||
# Example value: someone@example.com
|
# Example value: someone@example.com
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
matrix_bot_mjolnir_enabled: true
|
matrix_bot_mjolnir_enabled: true
|
||||||
|
|
||||||
matrix_bot_mjolnir_version: "v0.1.19"
|
matrix_bot_mjolnir_version: "v1.1.20"
|
||||||
|
|
||||||
matrix_bot_mjolnir_container_image_self_build: false
|
matrix_bot_mjolnir_container_image_self_build: false
|
||||||
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
|
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
|
||||||
|
@ -7,7 +7,7 @@ matrix_appservice_irc_container_self_build: false
|
|||||||
matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git"
|
matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git"
|
||||||
matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src"
|
matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src"
|
||||||
|
|
||||||
matrix_appservice_irc_version: release-0.30.0
|
matrix_appservice_irc_version: release-0.31.0
|
||||||
matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}"
|
matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}"
|
||||||
matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"
|
matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
matrix_heisenbridge_enabled: true
|
matrix_heisenbridge_enabled: true
|
||||||
|
|
||||||
matrix_heisenbridge_version: 1.0.1
|
matrix_heisenbridge_version: 1.1.1
|
||||||
matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
|
matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
|
||||||
matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}"
|
matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
|
@ -3,7 +3,7 @@ matrix_client_element_enabled: true
|
|||||||
matrix_client_element_container_image_self_build: false
|
matrix_client_element_container_image_self_build: false
|
||||||
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
|
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
|
||||||
|
|
||||||
matrix_client_element_version: v1.8.2
|
matrix_client_element_version: v1.8.5
|
||||||
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
|
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
|
||||||
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
|
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||||
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
|
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
|
|
||||||
matrix_grafana_enabled: false
|
matrix_grafana_enabled: false
|
||||||
|
|
||||||
matrix_grafana_version: 8.1.3
|
matrix_grafana_version: 8.1.4
|
||||||
matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}"
|
matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}"
|
||||||
matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}"
|
matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
matrix_nginx_proxy_enabled: true
|
matrix_nginx_proxy_enabled: true
|
||||||
matrix_nginx_proxy_version: 1.21.1-alpine
|
matrix_nginx_proxy_version: 1.21.3-alpine
|
||||||
|
|
||||||
# We use an official nginx image, which we fix-up to run unprivileged.
|
# We use an official nginx image, which we fix-up to run unprivileged.
|
||||||
# An alternative would be an `nginxinc/nginx-unprivileged` image, but
|
# An alternative would be an `nginxinc/nginx-unprivileged` image, but
|
||||||
@ -426,7 +426,7 @@ matrix_ssl_additional_domains_to_obtain_certificates_for: []
|
|||||||
|
|
||||||
# Controls whether to obtain production or staging certificates from Let's Encrypt.
|
# Controls whether to obtain production or staging certificates from Let's Encrypt.
|
||||||
matrix_ssl_lets_encrypt_staging: false
|
matrix_ssl_lets_encrypt_staging: false
|
||||||
matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.18.0"
|
matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.19.0"
|
||||||
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
|
matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
|
||||||
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
|
matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
|
||||||
matrix_ssl_lets_encrypt_support_email: ~
|
matrix_ssl_lets_encrypt_support_email: ~
|
||||||
|
@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont
|
|||||||
# amd64 gets released first.
|
# amd64 gets released first.
|
||||||
# arm32 relies on self-building, so the same version can be built immediately.
|
# arm32 relies on self-building, so the same version can be built immediately.
|
||||||
# arm64 users need to wait for a prebuilt image to become available.
|
# arm64 users need to wait for a prebuilt image to become available.
|
||||||
matrix_synapse_version: v1.42.0
|
matrix_synapse_version: v1.43.0
|
||||||
matrix_synapse_version_arm64: v1.42.0
|
matrix_synapse_version_arm64: v1.43.0
|
||||||
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}"
|
||||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
|
@ -357,6 +357,24 @@ update_user_directory: false
|
|||||||
daemonize: false
|
daemonize: false
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
|
# Connection settings for the manhole
|
||||||
|
#
|
||||||
|
manhole_settings:
|
||||||
|
# The username for the manhole. This defaults to 'matrix'.
|
||||||
|
#
|
||||||
|
#username: manhole
|
||||||
|
|
||||||
|
# The password for the manhole. This defaults to 'rabbithole'.
|
||||||
|
#
|
||||||
|
#password: mypassword
|
||||||
|
|
||||||
|
# The private and public SSH key pair used to encrypt the manhole traffic.
|
||||||
|
# If these are left unset, then hardcoded and non-secret keys are used,
|
||||||
|
# which could allow traffic to be intercepted if sent over a public network.
|
||||||
|
#
|
||||||
|
#ssh_priv_key_path: /data/id_rsa
|
||||||
|
#ssh_pub_key_path: /data/id_rsa.pub
|
||||||
|
|
||||||
# Forward extremities can build up in a room due to networking delays between
|
# Forward extremities can build up in a room due to networking delays between
|
||||||
# homeservers. Once this happens in a large room, calculation of the state of
|
# homeservers. Once this happens in a large room, calculation of the state of
|
||||||
# that room can become quite expensive. To mitigate this, once the number of
|
# that room can become quite expensive. To mitigate this, once the number of
|
||||||
@ -2258,7 +2276,7 @@ password_config:
|
|||||||
#
|
#
|
||||||
#require_lowercase: true
|
#require_lowercase: true
|
||||||
|
|
||||||
# Whether a password must contain at least one lowercase letter.
|
# Whether a password must contain at least one uppercase letter.
|
||||||
# Defaults to 'false'.
|
# Defaults to 'false'.
|
||||||
#
|
#
|
||||||
#require_uppercase: true
|
#require_uppercase: true
|
||||||
|
@ -32,6 +32,8 @@ matrix_synapse_workers_generic_worker_endpoints:
|
|||||||
- ^/_matrix/federation/v1/user/devices/
|
- ^/_matrix/federation/v1/user/devices/
|
||||||
- ^/_matrix/federation/v1/get_groups_publicised$
|
- ^/_matrix/federation/v1/get_groups_publicised$
|
||||||
- ^/_matrix/key/v2/query
|
- ^/_matrix/key/v2/query
|
||||||
|
- ^/_matrix/federation/unstable/org.matrix.msc2946/spaces/
|
||||||
|
- ^/_matrix/federation/unstable/org.matrix.msc2946/hierarchy/
|
||||||
|
|
||||||
# Inbound federation transaction request
|
# Inbound federation transaction request
|
||||||
- ^/_matrix/federation/v1/send/
|
- ^/_matrix/federation/v1/send/
|
||||||
@ -43,6 +45,9 @@ matrix_synapse_workers_generic_worker_endpoints:
|
|||||||
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/context/.*$
|
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/context/.*$
|
||||||
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/members$
|
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/members$
|
||||||
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/state$
|
- ^/_matrix/client/(api/v1|r0|unstable)/rooms/.*/state$
|
||||||
|
- ^/_matrix/client/unstable/org.matrix.msc2946/rooms/.*/spaces$
|
||||||
|
- ^/_matrix/client/unstable/org.matrix.msc2946/rooms/.*/hierarchy$
|
||||||
|
- ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$
|
||||||
- ^/_matrix/client/(api/v1|r0|unstable)/account/3pid$
|
- ^/_matrix/client/(api/v1|r0|unstable)/account/3pid$
|
||||||
- ^/_matrix/client/(api/v1|r0|unstable)/devices$
|
- ^/_matrix/client/(api/v1|r0|unstable)/devices$
|
||||||
- ^/_matrix/client/(api/v1|r0|unstable)/keys/query$
|
- ^/_matrix/client/(api/v1|r0|unstable)/keys/query$
|
||||||
|
Loading…
x
Reference in New Issue
Block a user