matrix: correct /.well-known/matrix/, /_matrix/identity and /_matrix/federation paths
This commit is contained in:
parent
8d3de8b430
commit
966482c47d
GPG Key ID:
03624C433676E465
32
docker-compose.yml
Normal file
32
docker-compose.yml
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
version: "3"
|
||||||
|
services:
|
||||||
|
web:
|
||||||
|
image: registry.gitlab.com/jcgruenhage/docker-caddy:latest
|
||||||
|
container_name: web
|
||||||
|
volumes:
|
||||||
|
- /opt/docker/Caddy:/caddy:z
|
||||||
|
- /opt/docker/Caddy/Caddyfile:/etc/caddy/Caddyfile:z
|
||||||
|
- /nas/services/web/webhosts:/webhosts:z
|
||||||
|
- /nas/services/certMgmt/certData/certs:/tls_certs:z
|
||||||
|
- /nas/services/matrix/ssl/config:/matrix_tls_certs:z
|
||||||
|
- /nas/services/matrix/static-files:/matrix_static:z
|
||||||
|
- /nas/users/jreichmann/public:/public/transcaffeine:z
|
||||||
|
- /opt/docker/Caddy/webroot:/var/webroot:z
|
||||||
|
- /nas/services/masto_dark/public:/services/mastodon/public:z
|
||||||
|
environment:
|
||||||
|
- GID=1001
|
||||||
|
- UID=1001
|
||||||
|
ports:
|
||||||
|
- "443:443"
|
||||||
|
- "8448:8448"
|
||||||
|
networks:
|
||||||
|
- frontend
|
||||||
|
- matrix
|
||||||
|
|
||||||
|
networks:
|
||||||
|
frontend:
|
||||||
|
external:
|
||||||
|
name: frontend
|
||||||
|
matrix:
|
||||||
|
external:
|
||||||
|
name: matrix
|
||||||
@ -1,16 +1,22 @@
|
|||||||
https://matrix.finallycoffee.eu {
|
https://matrix.finallycoffee.eu {
|
||||||
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||||
root /matrix_static
|
|
||||||
header / {
|
header / {
|
||||||
Access-Control-Allow-Origin *
|
Access-Control-Allow-Origin *
|
||||||
Strict-Transport-Security "max-age=31536000;"
|
Strict-Transport-Security "max-age=31536000;"
|
||||||
X-Frame-Options "DENY"
|
X-Frame-Options "DENY"
|
||||||
X-XSS-Protection "1; mode=block"
|
X-XSS-Protection "1; mode=block"
|
||||||
}
|
}
|
||||||
proxy /_matrix/identity matrix-mxisd:8090 {
|
proxy /_matrix/identity matrix-ma1sd:8090 {
|
||||||
|
header_downstream Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
||||||
|
header_downstream Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
|
||||||
|
transparent
|
||||||
|
}
|
||||||
|
proxy /_matrix/federation matrix-synapse:8048 {
|
||||||
transparent
|
transparent
|
||||||
}
|
}
|
||||||
proxy /_matrix matrix-synapse:8008 {
|
proxy /_matrix matrix-synapse:8008 {
|
||||||
|
header_downstream Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
||||||
|
header_downstream Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
|
||||||
transparent
|
transparent
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -35,6 +41,19 @@ https://chat.finallycoffee.eu {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
https://finallycoffee.eu/.well-known/matrix/ {
|
||||||
|
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||||
|
root /matrix_static
|
||||||
|
mime . application/json
|
||||||
|
header / {
|
||||||
|
Content-Type "application/json"
|
||||||
|
X-Content-Type-Options "nosniff"
|
||||||
|
Access-Control-Allow-Origin *
|
||||||
|
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
||||||
|
Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# Federation listens on all IPs because older Synapse versions do not support SNI
|
# Federation listens on all IPs because older Synapse versions do not support SNI
|
||||||
https://:8448 {
|
https://:8448 {
|
||||||
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user