From ffa20357ea7dd1e703f6caca70a747de1f4999c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 13:33:29 +0200 Subject: [PATCH] Use http_bin_port and make networking clearer --- roles/matrix-bot-maubot/defaults/main.yml | 14 ++++++++++++++ roles/matrix-bot-maubot/tasks/setup_install.yml | 2 +- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 937320216..d5be023f9 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -36,6 +36,20 @@ matrix_bot_maubot_database_uri: "{{ }[matrix_bot_maubot_database_engine] }}" + +# Defines the port number where the management interface is +# To actually expose the management interface outside of the container, use `matrix_bot_maubot_management_interface_http_bind_port` +matrix_bot_maubot_management_interface_port: 29316 + +# Controls whether the maubot container exposes its HTTP management interface port (tcp/29316 in the container). +# +# Takes an ":" or "" value (e.g. "127.0.0.1:29316"), or empty string to not expose. +# If you'll be setting this at all, it should be defined in terms of `matrix_bot_maubot_management_interface_port`. +# Example: +# matrix_bot_maubot_management_interface_http_bind_port: "127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}" +matrix_bot_maubot_management_interface_http_bind_port: '' + + matrix_bot_maubot_port: 29316 matrix_bot_maubot_unshared_secret: 'generate' diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 56d8c6a88..b4b03165b 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -37,7 +37,7 @@ proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 4ba1ac5d0..497c25a6b 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -27,7 +27,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %} - -p {{ matrix_bot_maubot_port }}:29316 \ + -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /data/config.yaml