Rename some variables for consistency

This commit is contained in:
Slavi Pantaleev 2021-12-23 15:23:41 +02:00
parent 32bbcf5ed6
commit 4139290cc9
3 changed files with 45 additions and 28 deletions

View File

@ -1415,10 +1415,10 @@ matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-syn
matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_api_plain_port|string}}" matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_api_plain_port|string}}"
matrix_nginx_proxy_proxy_dendrite_enabled: "{{ matrix_dendrite_enabled }}" matrix_nginx_proxy_proxy_dendrite_enabled: "{{ matrix_dendrite_enabled }}"
matrix_nginx_proxy_proxy_dendrite_client_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_container_client_api_port }}" matrix_nginx_proxy_proxy_dendrite_client_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port|string }}"
matrix_nginx_proxy_proxy_dendrite_client_api_addr_sans_container: "127.0.0.1:{{ matrix_synapse_container_client_api_port }}" matrix_nginx_proxy_proxy_dendrite_client_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port|string }}"
matrix_nginx_proxy_proxy_dendrite_federation_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_container_federation_api_plain_port|string }}" matrix_nginx_proxy_proxy_dendrite_federation_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port|string }}"
matrix_nginx_proxy_proxy_dendrite_federation_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_container_federation_api_plain_port|string }}" matrix_nginx_proxy_proxy_dendrite_federation_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port|string }}"
# When matrix-nginx-proxy is disabled, the actual port number that the vhost uses may begin to matter. # When matrix-nginx-proxy is disabled, the actual port number that the vhost uses may begin to matter.
matrix_nginx_proxy_proxy_matrix_federation_port: "{{ matrix_federation_public_port }}" matrix_nginx_proxy_proxy_matrix_federation_port: "{{ matrix_federation_public_port }}"
@ -2209,11 +2209,11 @@ matrix_postgres_backup_databases: |
# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it,
# you can expose Dendrite's ports to the host. # you can expose Dendrite's ports to the host.
# #
# For exposing the Matrix Client API's port (plain HTTP) to the local host. # For exposing Dendrite's plain HTTP server to the local host.
matrix_dendrite_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:8008' }}" matrix_dendrite_container_http_host_bind_address: "{{ '' if matrix_nginx_proxy_enabled else ('127.0.0.1:' + matrix_dendrite_http_bind_port|string) }}"
# #
# For exposing the Matrix Federation API's TLS port (HTTPS) to the internet on all network interfaces. # For exposing Dendrite's HTTPS server to the local host.
matrix_dendrite_container_federation_api_tls_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else matrix_federation_public_port }}" matrix_dendrite_container_https_host_bind_address: "{{ '' if matrix_nginx_proxy_enabled or not matrix_dendrite_https_bind_port else ('127.0.0.1:' + matrix_dendrite_https_bind_port|string) }}"
matrix_dendrite_registration_shared_secret: "{{ matrix_dendrite_generic_secret_key | password_hash('sha512', 'dendrite.rss') | to_uuid }}" matrix_dendrite_registration_shared_secret: "{{ matrix_dendrite_generic_secret_key | password_hash('sha512', 'dendrite.rss') | to_uuid }}"

View File

@ -14,31 +14,42 @@ matrix_dendrite_storage_path: "{{ matrix_dendrite_base_path }}/storage"
matrix_dendrite_media_store_path: "{{ matrix_dendrite_storage_path }}/media-store" matrix_dendrite_media_store_path: "{{ matrix_dendrite_storage_path }}/media-store"
matrix_dendrite_ext_path: "{{ matrix_dendrite_base_path }}/ext" matrix_dendrite_ext_path: "{{ matrix_dendrite_base_path }}/ext"
matrix_dendrite_container_http_bind_port: 8008 # By default, we make Dendrite only serve HTTP (not HTTPS).
# HTTPS is usually served at the reverse-proxy side (usually via `matrix-nginx-proxy`).
#
# To enable HTTPS serving by Dendrite (directly):
# - `matrix_dendrite_https_bind_port` must be set
# - `-tls-cert` and `-tls-key` must be passed to Dendrite via `matrix_dendrite_process_extra_arguments`
# - the TLS certificate files must be mounted into the container using `matrix_dendrite_container_additional_volumes`
matrix_dendrite_http_bind_port: 8008
matrix_dendrite_https_bind_port: ~
# This is passed as a flag `-http-bind-address` flag to the Dendrite server in the container # This is passed as an `-http-bind-address` flag to the Dendrite server in the container
matrix_dendrite_container_http_bind_address: ":{{ matrix_dendrite_container_http_bind_port }}" matrix_dendrite_http_bind_address: "{{ (':' + matrix_dendrite_http_bind_port|string) if matrix_dendrite_http_bind_port else '' }}"
# Dendrite monolith exposes both the Client API and the Federation API on the same port # This is passed as an `-https-bind-address` flag to the Dendrite server in the container
matrix_dendrite_container_client_api_port: "{{ matrix_dendrite_container_http_bind_port }}" matrix_dendrite_https_bind_address: "{{ (':' + matrix_dendrite_https_bind_port|string) if matrix_dendrite_https_bind_port else '' }}"
matrix_dendrite_container_federation_api_plain_port: "{{ matrix_dendrite_container_http_bind_port }}"
# Controls whether the matrix-dendrite container exposes the Client/Server API port (tcp/8008 in the container). # Controls whether the matrix-dendrite container exposes the HTTP port (tcp/{{ matrix_dendrite_http_bind_port }} in the container).
# #
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8008"), or empty string to not expose. # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8008"), or empty string to not expose.
matrix_dendrite_container_client_api_host_bind_port: "" matrix_dendrite_container_http_host_bind_address: ""
# Controls whether the matrix-dendrite container exposes the tls (encrypted) Server/Server (Federation) API port (tcp/8448 in the container). # Controls whether the matrix-dendrite container exposes the HTTPS port (tcp/{{ matrix_dendrite_https_bind_port }} in the container).
# #
# Takes effect only if federation is enabled (matrix_dendrite_federation_enabled) # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8448"), or empty string to not expose.
# and TLS support is enabled (matrix_dendrite_tls_federation_listener_enabled). matrix_dendrite_container_https_host_bind_address: ""
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "8448"), or empty string to not expose.
matrix_dendrite_container_federation_api_tls_host_bind_port: ""
# A list of extra arguments to pass to the container # A list of extra arguments to pass to the container (`docker run` command)
matrix_dendrite_container_extra_arguments: [] matrix_dendrite_container_extra_arguments: []
# A list of extra arguments to pass to the container process (`dendrite-monolith` command)
# Example:
# matrix_dendrite_process_extra_arguments:
# - "-tls-cert /some/path.crt"
# - "-tls-key /some/path.pem"
matrix_dendrite_process_extra_arguments: []
# List of systemd services that matrix-dendrite.service depends on # List of systemd services that matrix-dendrite.service depends on
matrix_dendrite_systemd_required_services_list: ["docker.service"] matrix_dendrite_systemd_required_services_list: ["docker.service"]

View File

@ -29,11 +29,11 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \
--read-only \ --read-only \
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_dendrite_tmp_directory_size_mb }}m \ --tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_dendrite_tmp_directory_size_mb }}m \
--network={{ matrix_docker_network }} \ --network={{ matrix_docker_network }} \
{% if matrix_dendrite_container_client_api_host_bind_port %} {% if matrix_dendrite_container_http_host_bind_address and matrix_dendrite_http_bind_port %}
-p {{ matrix_dendrite_container_client_api_host_bind_port }}:8008 \ -p {{ matrix_dendrite_container_http_host_bind_address }}:{{ matrix_dendrite_http_bind_port }} \
{% endif %} {% endif %}
{% if matrix_dendrite_container_federation_api_tls_host_bind_port %} {% if matrix_dendrite_container_https_host_bind_address and matrix_dendrite_https_bind_port %}
-p {{ matrix_dendrite_container_federation_api_tls_host_bind_port }}:8448 \ -p {{ matrix_dendrite_container_https_host_bind_address }}:{{ matrix_dendrite_https_bind_port }} \
{% endif %} {% endif %}
--mount type=bind,src={{ matrix_dendrite_config_dir_path }},dst=/data,ro \ --mount type=bind,src={{ matrix_dendrite_config_dir_path }},dst=/data,ro \
--mount type=bind,src={{ matrix_dendrite_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \ --mount type=bind,src={{ matrix_dendrite_storage_path }},dst=/matrix-media-store-parent,bind-propagation=slave \
@ -45,7 +45,13 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \
{% endfor %} {% endfor %}
{{ matrix_dendrite_docker_image }} \ {{ matrix_dendrite_docker_image }} \
-config /data/dendrite.yaml \ -config /data/dendrite.yaml \
-http-bind-address {{ matrix_dendrite_container_http_bind_address }} {% if matrix_dendrite_http_bind_address %}
-http-bind-address {{ matrix_dendrite_http_bind_address }}
{% endif %}
{% if matrix_dendrite_https_bind_address %}
-https-bind-address {{ matrix_dendrite_https_bind_address }}
{% endif %}
{{ matrix_dendrite_process_extra_arguments|join(' ') }}
ExecStop=-{{ matrix_host_command_docker }} kill matrix-dendrite ExecStop=-{{ matrix_host_command_docker }} kill matrix-dendrite
ExecStop=-{{ matrix_host_command_docker }} rm matrix-dendrite ExecStop=-{{ matrix_host_command_docker }} rm matrix-dendrite