Merge pull request #1397 from borisrunakov/synapse_container_federation_port

Synapse container federation port
This commit is contained in:
Slavi Pantaleev 2021-11-15 14:45:34 +02:00 committed by GitHub
commit 0152ecef1c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 15 additions and 7 deletions

View File

@ -1047,6 +1047,8 @@ matrix_dimension_enabled: false
# the Dimension HTTP port to the local host. # the Dimension HTTP port to the local host.
matrix_dimension_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8184' }}" matrix_dimension_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8184' }}"
matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:{{matrix_synapse_container_federation_port|string}}"
matrix_integration_manager_rest_url: "{{ matrix_dimension_integrations_rest_url if matrix_dimension_enabled else None }}" matrix_integration_manager_rest_url: "{{ matrix_dimension_integrations_rest_url if matrix_dimension_enabled else None }}"
matrix_integration_manager_ui_url: "{{ matrix_dimension_integrations_ui_url if matrix_dimension_enabled else None }}" matrix_integration_manager_ui_url: "{{ matrix_dimension_integrations_ui_url if matrix_dimension_enabled else None }}"
@ -1306,6 +1308,9 @@ matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:1
# Settings controlling matrix-synapse-proxy.conf # Settings controlling matrix-synapse-proxy.conf
matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}" matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}"
matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:{{matrix_synapse_container_federation_port|string}}"
matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_port|string}}"
# When matrix-nginx-proxy is disabled, the actual port number that the vhost uses may begin to matter. # When matrix-nginx-proxy is disabled, the actual port number that the vhost uses may begin to matter.
matrix_nginx_proxy_proxy_matrix_federation_port: "{{ matrix_federation_public_port }}" matrix_nginx_proxy_proxy_matrix_federation_port: "{{ matrix_federation_public_port }}"
@ -1720,7 +1725,7 @@ matrix_synapse_account_threepid_delegates_msisdn: "{{ 'http://matrix-ma1sd:' + m
matrix_synapse_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8008' }}" matrix_synapse_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8008' }}"
# #
# For exposing the Matrix Federation API's plain port (plain HTTP) to the local host. # For exposing the Matrix Federation API's plain port (plain HTTP) to the local host.
matrix_synapse_container_federation_api_plain_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8048' }}" matrix_synapse_container_federation_api_plain_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_federation_port|string }}"
# #
# For exposing the Matrix Federation API's TLS port (HTTPS) to the internet on all network interfaces. # For exposing the Matrix Federation API's TLS port (HTTPS) to the internet on all network interfaces.
matrix_synapse_container_federation_api_tls_host_bind_port: "{{ matrix_federation_public_port if (matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled) else '' }}" matrix_synapse_container_federation_api_tls_host_bind_port: "{{ matrix_federation_public_port if (matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled) else '' }}"

View File

@ -39,7 +39,7 @@ matrix_dimension_integrations_rest_url: "https://{{ matrix_server_fqn_dimension
matrix_dimension_integrations_widgets_urls: ["https://{{ matrix_server_fqn_dimension }}/widgets"] matrix_dimension_integrations_widgets_urls: ["https://{{ matrix_server_fqn_dimension }}/widgets"]
matrix_dimension_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_dimension }}/widgets/jitsi" matrix_dimension_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_dimension }}/widgets/jitsi"
matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:8048" matrix_dimension_homeserver_federationUrl: ""
# Database-related configuration fields. # Database-related configuration fields.

View File

@ -115,9 +115,10 @@ matrix_nginx_proxy_proxy_riot_compat_redirect_hostname: "riot.{{ matrix_domain }
matrix_nginx_proxy_proxy_synapse_enabled: false matrix_nginx_proxy_proxy_synapse_enabled: false
matrix_nginx_proxy_proxy_synapse_hostname: "matrix-nginx-proxy" matrix_nginx_proxy_proxy_synapse_hostname: "matrix-nginx-proxy"
matrix_nginx_proxy_proxy_synapse_federation_api_enabled: "{{ matrix_nginx_proxy_proxy_matrix_federation_api_enabled }}" matrix_nginx_proxy_proxy_synapse_federation_api_enabled: "{{ matrix_nginx_proxy_proxy_matrix_federation_api_enabled }}"
# The addresses where the Federation API is, when using Synapse. # The addresses where the Federation API is, when using Synapse.
matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:8048" matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: ""
matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:8048" matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: ""
# Controls whether proxying the Element domain should be done. # Controls whether proxying the Element domain should be done.
matrix_nginx_proxy_proxy_element_enabled: false matrix_nginx_proxy_proxy_element_enabled: false

View File

@ -27,6 +27,8 @@ matrix_synapse_storage_path: "{{ matrix_synapse_base_path }}/storage"
matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store" matrix_synapse_media_store_path: "{{ matrix_synapse_storage_path }}/media-store"
matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext" matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext"
matrix_synapse_container_federation_port: 8048
# Controls whether the matrix-synapse container exposes the Client/Server API port (tcp/8008 in the container). # Controls whether the matrix-synapse container exposes the Client/Server API port (tcp/8008 in the container).
# #
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8008"), or empty string to not expose. # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8008"), or empty string to not expose.
@ -146,7 +148,7 @@ matrix_synapse_federation_rr_transactions_per_room_per_second: 50
# Controls whether the TLS federation listener is enabled (tcp/8448). # Controls whether the TLS federation listener is enabled (tcp/8448).
# Only makes sense if federation is enabled (`matrix_synapse_federation_enabled`). # Only makes sense if federation is enabled (`matrix_synapse_federation_enabled`).
# Note that federation may potentially be enabled as non-TLS on tcp/8048 as well. # Note that federation may potentially be enabled as non-TLS on `matrix_synapse_container_federation_port` as well.
# If you're serving Synapse behind an HTTPS-capable reverse-proxy, # If you're serving Synapse behind an HTTPS-capable reverse-proxy,
# you can disable the TLS listener (`matrix_synapse_tls_federation_listener_enabled: false`). # you can disable the TLS listener (`matrix_synapse_tls_federation_listener_enabled: false`).
matrix_synapse_tls_federation_listener_enabled: true matrix_synapse_tls_federation_listener_enabled: true

View File

@ -302,7 +302,7 @@ listeners:
{% if matrix_synapse_federation_port_enabled %} {% if matrix_synapse_federation_port_enabled %}
# Unsecure HTTP listener (Federation API): for when matrix traffic passes through a reverse proxy # Unsecure HTTP listener (Federation API): for when matrix traffic passes through a reverse proxy
# that unwraps TLS. # that unwraps TLS.
- port: 8048 - port: {{ matrix_synapse_container_default_federation_port|to_json }}
tls: false tls: false
bind_addresses: ['::'] bind_addresses: ['::']
type: http type: http

View File

@ -46,7 +46,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
-p {{ matrix_synapse_container_federation_api_tls_host_bind_port }}:8448 \ -p {{ matrix_synapse_container_federation_api_tls_host_bind_port }}:8448 \
{% endif %} {% endif %}
{% if matrix_synapse_federation_enabled and matrix_synapse_container_federation_api_plain_host_bind_port %} {% if matrix_synapse_federation_enabled and matrix_synapse_container_federation_api_plain_host_bind_port %}
-p {{ matrix_synapse_container_federation_api_plain_host_bind_port }}:8048 \ -p {{ matrix_synapse_container_federation_api_plain_host_bind_port }}:{{ matrix_synapse_container_federation_port }} \
{% endif %} {% endif %}
{% if matrix_synapse_metrics_enabled and matrix_synapse_container_metrics_api_host_bind_port %} {% if matrix_synapse_metrics_enabled and matrix_synapse_container_metrics_api_host_bind_port %}
-p {{ matrix_synapse_container_metrics_api_host_bind_port }}:{{ matrix_synapse_metrics_port }} \ -p {{ matrix_synapse_container_metrics_api_host_bind_port }}:{{ matrix_synapse_metrics_port }} \