finallycoffee/matrix-docker-ansible-deploy

Upstream: https://github.com/spantaleev/matrix-docker-ansible-deploy Used for deploying https://matrix.finallycoffee.eu/

Go to file

Slavi Pantaleev bfcceb1e82 Make it safer to override matrix_synapse_media_store_path This is described in Github issue #58. Until now, we had the variable, but if you redefined it, you'd run into multiple problems: - we actually always mounted some "storage" directory to the Synapse container. So if your media store is not there, you're out of luck - homeserver.yaml always hardcoded the path to the media store, as a directory called "media-store" inside the storage directory. Relocating to outside the storage directory was out of the question. Moreover, even if you had simply renamed the media store directory (e.g. "media-store" -> "media_store"), it would have also caused trouble. With this patch, we mount the media store's parent to the Synapse container. This way, we don't care where the media store is (inside storage or not). We also don't assume (anymore) that the final part of the path is called "media-store" -- anything can be used. The "storage" directory and variable (`matrix_synapse_storage_path`) still remain for compatibility purposes. People who were previously overriding `matrix_synapse_storage_path` can continue doing so and their media store will be at the same place. The playbook no longer explicitly creates the `matrix_synapse_storage_path` directory though. It's not necessary. If the media store is specified to be within it, it will get created when the media store directory is created by the playbook.		2018-12-20 13:39:01 +02:00
docs	Update documentation about email configuration (relayhost brackets)	2018-12-13 16:32:10 +09:00
examples	Fix add/config based on comments by @spantaleev	2018-11-23 00:42:54 +00:00
inventory	Fix README instructions typo about Ansible host_vars	2018-01-17 15:57:01 +02:00
roles/matrix-server	Make it safer to override matrix_synapse_media_store_path	2018-12-20 13:39:01 +02:00
.gitignore	Initial commit	2017-07-31 23:08:20 +03:00
ansible.cfg	Initial commit	2017-07-31 23:08:20 +03:00
CHANGELOG.md	update changelog	2018-11-28 11:05:35 +01:00
LICENSE	Add LICENSE file	2018-08-17 09:01:06 +03:00
README.md	Add LDAP auth password provider documentation and changelog description	2018-11-28 11:21:03 +02:00
setup.yml	Switch from playbook vars to role defaults	2017-08-30 12:05:13 +03:00

README.md

Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker

Purpose

This Ansible playbook is meant to easily let you run your own Matrix homeserver.

That is, it lets you join the Matrix network with your own @<username>:<your-domain> identifier, all hosted on your own server.

Using this playbook, you can get the following services configured on your server:

a Matrix Synapse homeserver - storing your data and managing your presence in the Matrix network
(optional) Amazon S3 storage for your Matrix Synapse's content repository (media_store) files using Goofys
(optional, default) PostgreSQL database for Matrix Synapse. Using an external PostgreSQL server is also possible.
a coturn STUN/TURN server for WebRTC audio/video calls
free Let's Encrypt SSL certificate, which secures the connection to the Synapse server and the Riot web UI
(optional, default) a Riot web UI, which is configured to connect to your own Matrix Synapse server by default
(optional, default) an mxisd Matrix Identity server
(optional, default) a Postfix mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server)
(optional, default) an nginx web server, listening on ports 80 and 443 - standing in front of all the other services. Using your own webserver is possible
(optional, advanced) the matrix-synapse-rest-auth REST authentication password provider module
(optional, advanced) the matrix-synapse-shared-secret-auth password provider module
(optional, advanced) the matrix-synapse-ldap3 LDAP Auth password provider module
(optional, advanced) the Matrix Corporal reconciliator and gateway for a managed Matrix server
(optional) the mautrix-telegram bridge for bridging your Matrix server to Telegram
(optional) the mautrix-whatsapp bridge for bridging your Matrix server to Whatsapp

Basically, this playbook aims to get you up-and-running with all the basic necessities around Matrix, without you having to do anything else.

Note: the list above is exhaustive. It includes optional or even some advanced components that you will most likely not need. Sticking with the defaults (which install a subset of the above components) is the best choice, especially for a new installation. You can always re-run the playbook later to add or remove components.

What's different about this Ansible playbook?

This is similar to the EMnify/matrix-synapse-auto-deploy Ansible deployment, but:

this one is a complete Ansible playbook (instead of just a role), so it's easier to run - especially for folks not familiar with Ansible
this one installs and hooks together a lot more Matrix-related services for you (see above)
this one can be re-ran many times without causing trouble
works on both CentOS (7.0+) and Debian-based distributions (Debian 9/Stretch+, Ubuntu 16.04+)
this one installs everything in a single directory (/matrix by default) and doesn't "contaminate" your server with files all over the place
this one doesn't necessarily take over ports 80 and 443. By default, it sets up nginx for you there, but you can also use your own webserver
this one runs everything in Docker containers, so it's likely more predictable and less fragile (see Docker images used by this playbook)
this one retrieves and automatically renews free Let's Encrypt SSL certificates for you
this one optionally can store the media_store content repository files on Amazon S3 (but defaults to storing files on the server's filesystem)
this one optionally allows you to use an external PostgreSQL server for Matrix Synapse's database (but defaults to running one in a container)

Installation

To configure and install Matrix on your own server, follow the README in the docs/ directory.

Changes

This playbook evolves over time, sometimes with backward-incompatible changes.

When updating the playbook, refer to the changelog to catch up with what's new.

Docker images used by this playbook

This playbook sets up your server using the following Docker images:

matrixdotorg/synapse - the official Matrix Synapse server
instrumentisto/coturn - the Coturn STUN/TURN server
avhost/docker-matrix-riot - the Riot.im web client (optional)
kamax/mxisd - the mxisd Matrix Identity server (optional)
postgres - the Postgres database server (optional)
cloudproto/goofys - the Goofys Amazon S3 file-system-mounting program (optional)
panubo/postfix - the Postfix email server (optional)
devture/matrix-corporal - Matrix Corporal: reconciliator and gateway for a managed Matrix server (optional)
nginx - the nginx web server (optional)
certbot/certbot - the certbot tool for obtaining SSL certificates from Let's Encrypt
tulir/mautrix-telegram - the mautrix-telegram bridge to Telegram (optional)
tulir/mautrix-whatsapp - the mautrix-whatsapp bridge to Whatsapp (optional)

Deficiencies

This Ansible playbook can be improved in the following ways:

setting up automatic backups to one or more storage providers

Support

Matrix room: #matrix-docker-ansible-deploy:devture.com
IRC channel: #matrix-docker-ansible-deploy on the Freenode IRC network (irc.freenode.net)
Github issues: spantaleev/matrix-docker-ansible-deploy/issues