mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-27 03:18:31 +01:00
Announce HTTP-compression and timeout adjustments for Traefik-based setups
This commit is contained in:
parent
57c5271d9d
commit
91787fc0bd
46
CHANGELOG.md
46
CHANGELOG.md
@ -1,3 +1,49 @@
|
||||
# 2024-11-14
|
||||
|
||||
## HTTP-compression support for Traefik-based setups
|
||||
|
||||
The playbook now **automatically enables HTTP-compression support** for major services powered by the playbook, like [Cinny](./docs/configuring-playbook-client-cinny.md), [Element Web](./docs/configuring-playbook-client-element-web.md), [Hydrogen](./docs/configuring-playbook-client-hydrogen.md), as well as for Matrix Client-Server and Federation APIs (`matrix.example.com`).
|
||||
|
||||
Other services installed by the playbook are currently not compression-enabled, but may become so over time.
|
||||
This change is rolled out on a per-service basis (as opposed to doing it globally, at the Traefik entrypoint level) to allow certain services or route endpoints which do not behave well when compressed (e.g. [issue 3749](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3749)) to be excluded from compression.
|
||||
|
||||
A long time ago, various services were operating with `gzip`-compression enabled at the nginx level. Since the switch to Traefik (see [Goodbye, `matrix-nginx-proxy` 🪦](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/57c5271d9d6265a34a9d9cceb93365f685074f96/CHANGELOG.md#goodbye-matrix-nginx-proxy-)), all services (with the exception of Matrix APIs for Synapse worker-enabled setups which are powered by `nginx` via `synapse-reverse-proxy-companion`) have been operating without HTTP-compression support.
|
||||
|
||||
HTTP-compression is now done via Traefik's [compress](https://doc.traefik.io/traefik/middlewares/http/compress/) middleware. We use the default configuration for this middleware, which enables `zstd`, `br` and `gzip` support (in this order).
|
||||
This middleware's configuration can be configured via variables in the Traefik role (see `traefik_config_http_middlewares_compression_middleware_options`).
|
||||
|
||||
If you're using your own Traefik reverse-proxy server ([Traefik managed by you](./docs/configuring-playbook-own-webserver.md#traefik-managed-by-you)) instead of the playbook's integrated Traefik service, you can benefit from the same by:
|
||||
|
||||
- defining a [compress](https://doc.traefik.io/traefik/middlewares/http/compress/) middleware (via the [file](https://doc.traefik.io/traefik/providers/file/) or [Docker](https://doc.traefik.io/traefik/providers/docker/) providers)
|
||||
- setting `matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled` to `true`
|
||||
- specifying the middleware's name in `matrix_playbook_reverse_proxy_traefik_middleware_compession_name` (e.g. `matrix_playbook_reverse_proxy_traefik_middleware_compession_name: my-compression-middleware@file`)
|
||||
|
||||
## Timeout adjustments for Traefik-based setups
|
||||
|
||||
The playbook now supports configuring various [transport.respondingTimeouts](https://doc.traefik.io/traefik/routing/entrypoints/#respondingtimeouts) timeout values (`readTimeout`, `writeTimeout`, `idleTimeout`) for the `web`, `web-secure` and `matrix-federation` entrypoints.
|
||||
|
||||
If you're using your own Traefik reverse-proxy server ([Traefik managed by you](./docs/configuring-playbook-own-webserver.md#traefik-managed-by-you)) instead of the playbook's integrated Traefik service, you may wish to do similar configuration changes to your setup manually.
|
||||
|
||||
The most interesting of these is the `readTimeout` configuration value (the maximum duration for reading the entire request, including the body), which used to default to `60s`.
|
||||
For large and slowly progressing file uploads, `60s` would often not be enough for the transfer to finish and uploads would end up being interrupted.
|
||||
The playbook now raises the `readTimeout` value to 5 minutes (`300s`) to improve this use-case.
|
||||
|
||||
The `traefik_config_entrypoint_web_transport_respondingTimeouts_*` variables (for the `web` entrypoint) cascade to affecting the timeout values for the `web-secure` and `matrix-federation` entrypoints, so you can easily adjust all timeout values using them.
|
||||
|
||||
Example of the default timeout values used by the playbook:
|
||||
|
||||
```yml
|
||||
traefik_config_entrypoint_web_transport_respondingTimeouts_readTimeout: 300s
|
||||
|
||||
# 0s means "no timeout"
|
||||
traefik_config_entrypoint_web_transport_respondingTimeouts_writeTimeout: 0s
|
||||
|
||||
traefik_config_entrypoint_web_transport_respondingTimeouts_idleTimeout: 180s
|
||||
```
|
||||
|
||||
Alternatively, you may adjust the timeout values for specific entrypoints (like `web-secure` and `matrix-federation`) using dedicated variables (like `traefik_config_entrypoint_web_secure_transport_respondingTimeouts_readTimeout` and `matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_transport_respondingTimeouts_readTimeout`).
|
||||
|
||||
|
||||
# 2024-11-08
|
||||
|
||||
## Support for synapse-admin auto-configuration via /.well-known/matrix/client
|
||||
|
@ -41,6 +41,14 @@ traefik_certs_dumper_ssl_dir_path: "/path/to/your/traefiks/acme.json/directory"
|
||||
# Uncomment and adjust the variable below if the name of your federation entrypoint is different
|
||||
# than the default value (matrix-federation).
|
||||
# matrix_federation_traefik_entrypoint_name: matrix-federation
|
||||
|
||||
# Uncomment and adjust the variables below if you'd like to enable HTTP-compression.
|
||||
#
|
||||
# For this to work, you will need to define a compress middleware (https://doc.traefik.io/traefik/middlewares/http/compress/) for your Traefik instance
|
||||
# using a file (https://doc.traefik.io/traefik/providers/file/) or Docker (https://doc.traefik.io/traefik/providers/docker/) configuration provider.
|
||||
#
|
||||
# matrix_playbook_reverse_proxy_traefik_middleware_compession_enabled: true
|
||||
# matrix_playbook_reverse_proxy_traefik_middleware_compession_name: my-compression-middleware@file
|
||||
```
|
||||
|
||||
In this mode all roles will still have Traefik labels attached. You will, however, need to configure your Traefik instance and its entrypoints.
|
||||
@ -84,7 +92,7 @@ version: "3.3"
|
||||
services:
|
||||
|
||||
traefik:
|
||||
image: "docker.io/traefik:v2.9.6"
|
||||
image: "docker.io/traefik:v3.2.0"
|
||||
restart: always
|
||||
container_name: "traefik"
|
||||
networks:
|
||||
|
Loading…
Reference in New Issue
Block a user