mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-03-06 21:04:15 +01:00
Rework client_body_buffer_size/client_max_body_size and proxy_max_temp_file_size configuration for matrix-synapse-reverse-proxy-companion
Until now, most sections were specifying their own values for these. For `client_max_body_size`, a value of 25MB was hardcoded in most places. This was generally OK, but.. Some sections (those generated by the `render_locations_to_upstream` macro), were not specifying these options and were ending up with a default value for configuration options for `client_max_body_size` (likely 1MB), etc. From now on: - we use individual variables for defining these for the Client-Server and Federation API and apply these once at the `server` level - we keep auto-determining the `client_max_body_size` for the Client-Server API based on `matrix_synapse_max_upload_size_mb` - we keep auto-calculating the `client_max_body_size` for the Federation API based on the one for the Client API, but now also add a "minimum" value (`matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb_minimum: 100`) to ensure we don't go too low Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4100
This commit is contained in:
Slavi Pantaleev
parent
771fd4e58c
commit
10fabc32bc
@ -203,14 +203,26 @@ matrix_synapse_reverse_proxy_companion_hostname: "matrix-synapse-reverse-proxy-c
|
||||
|
||||
# matrix_synapse_reverse_proxy_companion_client_api_addr specifies the address where the Client-Server API is
|
||||
matrix_synapse_reverse_proxy_companion_client_api_addr: 'matrix-synapse:{{ matrix_synapse_container_client_api_port }}'
|
||||
|
||||
# The maximum body size for client requests to any of the endpoints on the Client-Server API.
|
||||
# This needs to be equal or higher than the maximum upload size accepted by Synapse.
|
||||
matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb: 50
|
||||
matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb: 100
|
||||
|
||||
# The buffer size for client requests to any of the endpoints on the Client-Server API.
|
||||
matrix_synapse_reverse_proxy_companion_client_api_client_body_buffer_size_mb: "{{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}"
|
||||
|
||||
# matrix_synapse_reverse_proxy_companion_federation_api_enabled specifies whether reverse proxying for the Federation (Server-Server) API should be done
|
||||
matrix_synapse_reverse_proxy_companion_federation_api_enabled: true
|
||||
# matrix_synapse_reverse_proxy_companion_federation_api_addr specifies the address where the Federation (Server-Server) API is
|
||||
matrix_synapse_reverse_proxy_companion_federation_api_addr: 'matrix-synapse:{{ matrix_synapse_container_federation_api_plain_port }}'
|
||||
matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb: "{{ (matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb | int) * 3 }}"
|
||||
|
||||
# The maximum body size for client requests to any of the endpoints on the Federation API.
|
||||
# We auto-calculate this based on the Client-Server API's maximum body size, but use a minimum value to ensure we don't go to low.
|
||||
matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb: "{{ [matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb_minimum, (matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb | int) * 3] | max }}"
|
||||
matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb_minimum: 100
|
||||
|
||||
# The buffer size for client requests to any of the endpoints on the Federation API.
|
||||
matrix_synapse_reverse_proxy_companion_federation_api_client_body_buffer_size_mb: "{{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}"
|
||||
|
||||
# A list of strings containing additional configuration blocks to add to the nginx vhost handling the Synapse Client-Server API
|
||||
matrix_synapse_reverse_proxy_companion_synapse_client_api_additional_server_configuration_blocks: []
|
||||
|
||||
@ -91,6 +91,12 @@ server {
|
||||
server_tokens off;
|
||||
root /dev/null;
|
||||
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
|
||||
client_body_buffer_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_body_buffer_size_mb }}M;
|
||||
|
||||
proxy_buffering on;
|
||||
proxy_max_temp_file_size 0;
|
||||
|
||||
{% if matrix_synapse_reverse_proxy_companion_synapse_workers_enabled %}
|
||||
# Client-server overrides — These locations must go to the main Synapse process
|
||||
location ~ {{ matrix_synapse_reverse_proxy_companion_client_server_main_override_locations_regex }} {
|
||||
@ -101,10 +107,6 @@ server {
|
||||
proxy_pass http://$backend;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
}
|
||||
|
||||
# Client-server SSO overrides — These locations must go to the main Synapse process
|
||||
@ -116,10 +118,6 @@ server {
|
||||
proxy_pass http://$backend;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
}
|
||||
|
||||
# QR code login (`rendezvous`) locations need to go to the same Synapse process.
|
||||
@ -133,10 +131,6 @@ server {
|
||||
proxy_pass http://$backend;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
}
|
||||
|
||||
{# Workers redirects BEGIN #}
|
||||
@ -199,12 +193,7 @@ server {
|
||||
proxy_pass http://media_repository_workers_upstream$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
|
||||
{% if matrix_synapse_reverse_proxy_companion_synapse_cache_enabled %}
|
||||
proxy_buffering on;
|
||||
proxy_cache {{ matrix_synapse_reverse_proxy_companion_synapse_cache_keys_zone_name }};
|
||||
proxy_cache_valid any {{ matrix_synapse_reverse_proxy_companion_synapse_cache_proxy_cache_valid_time }};
|
||||
proxy_force_ranges on;
|
||||
@ -233,10 +222,6 @@ server {
|
||||
proxy_pass http://$backend;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_client_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
}
|
||||
}
|
||||
|
||||
@ -246,9 +231,14 @@ server {
|
||||
server_name {{ matrix_synapse_reverse_proxy_companion_hostname }};
|
||||
|
||||
server_tokens off;
|
||||
|
||||
root /dev/null;
|
||||
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
|
||||
client_body_buffer_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_body_buffer_size_mb }}M;
|
||||
|
||||
proxy_buffering on;
|
||||
proxy_max_temp_file_size 0;
|
||||
|
||||
{% if matrix_synapse_reverse_proxy_companion_synapse_workers_enabled %}
|
||||
# Federation overrides — These locations must go to the main Synapse process
|
||||
location ~ {{ matrix_synapse_reverse_proxy_companion_federation_override_locations_regex }} {
|
||||
@ -259,10 +249,6 @@ server {
|
||||
proxy_pass http://$backend;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
}
|
||||
|
||||
{% if room_workers | length > 0 %}
|
||||
@ -282,10 +268,6 @@ server {
|
||||
proxy_pass http://media_repository_workers_upstream$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
|
||||
{% if matrix_synapse_reverse_proxy_companion_synapse_cache_enabled %}
|
||||
proxy_buffering on;
|
||||
proxy_cache {{ matrix_synapse_reverse_proxy_companion_synapse_cache_keys_zone_name }};
|
||||
@ -323,10 +305,6 @@ server {
|
||||
proxy_pass http://$backend;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
|
||||
client_body_buffer_size 25M;
|
||||
client_max_body_size {{ matrix_synapse_reverse_proxy_companion_federation_api_client_max_body_size_mb }}M;
|
||||
proxy_max_temp_file_size 0;
|
||||
}
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user