Commit Graph

3346 Commits

Author SHA1 Message Date
Michael-GMH
85777e8f96 merge with upstream 2021-05-25 21:08:00 +08:00
Slavi Pantaleev
1ed0857019 Fix syntax error
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
2021-05-25 11:45:17 +03:00
sakkiii
4a4a7f136e changes added to hydrogen client 2021-05-25 11:42:51 +05:30
sakkiii
25e67b51d1 Merge branch 'spantaleev:master' into master 2021-05-25 11:40:56 +05:30
sakkiii
3436f9c10a rename to matrix_nginx_proxy_hsts_preload_enabled 2021-05-25 00:56:59 +05:30
Slavi Pantaleev
0648b1b618 Upgrade Element (1.7.28 -> 1.7.29) 2021-05-24 20:38:48 +03:00
sakkiii
7cc5328ede Comments & Ref 2021-05-24 17:20:54 +05:30
sakkiii
df2d91970d matrix_nginx_proxy_xss_protection 2021-05-24 17:02:47 +05:30
Slavi Pantaleev
d4c7a90b5c Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility
Allow Jitsi XMPP websocket support for users using own webserver.
2021-05-24 11:07:05 +03:00
ewang
409cd2b9a3 Source port binding from group vars in line other components 2021-05-23 14:06:18 +02:00
Eagle-251
ef6a7e051c Fix missing port binding. 2021-05-22 15:55:50 +02:00
ewang
1bb6ed97ae Make port bindings default for those disabling nginx proxy
I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```.
Hopefully that should make it the default behaviour now.
2021-05-22 15:53:42 +02:00
Aaron Raimist
3c0452ff5a Remove unnecessary bind for config.json, use proper nginx.conf 2021-05-21 17:22:40 -05:00
ewang
4a772e50f4 Allow Jitsi XMPP webscoket support for users using own webserver.
Added:
 - Conditional localhost Port bindings for Jitsi Prosody systemd template
- Added variable to main.yml to allow overriding from vars.yml
2021-05-21 15:26:06 +02:00
Slavi Pantaleev
6f80292745 Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-21 13:40:37 +03:00
Slavi Pantaleev
d0de21ab34 Delete Hydrogen nginx configuration file when disabled 2021-05-21 12:58:32 +03:00
Aaron Raimist
ac4ede20af Add docs 2021-05-21 04:43:04 -05:00
Aaron Raimist
1633f61018 Only install config.json when self building 2021-05-21 04:23:06 -05:00
Aaron Raimist
04548f8df2 Merge branch 'master' into hydrogen 2021-05-21 04:09:18 -05:00
Aaron Raimist
9437f78c9e Build using custom config.json, add CSP, update to 0.1.53 2021-05-21 03:45:21 -05:00
Slavi Pantaleev
47b4608b96 Fail in a friendlier way when trying to self-build on Ansible <= 2.8
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070

Related discussion here: 1ab507349c (commitcomment-51108407)
2021-05-21 11:15:05 +03:00
Slavi Pantaleev
1ab507349c Fix self-building for various components on Ansible < 2.8
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
2021-05-20 08:43:20 +03:00
Slavi Pantaleev
66615c43a3 Merge pull request #1065 from sakkiii/patch-1
Update grafana (7.5.6->7.5.7)
2021-05-19 22:07:59 +03:00
Tobias K
3dcbed6353 roles/matrix-grafana: Set root_url in granafa.ini 2021-05-19 19:52:58 +02:00
sakkiii
8529ca4c17 Update grafana (7.5.6->7.5.7) 2021-05-19 22:30:03 +05:30
Slavi Pantaleev
073d920a62 Merge pull request #1061 from sakkiii/ssl_enhancement
Optimize SSL session
2021-05-19 17:14:52 +03:00
Toni Spets
544915ff76 Add Heisenbridge 2021-05-19 10:42:21 +03:00
Slavi Pantaleev
21eb39f986 Mention matrix_common_after_systemd_service_start_wait_for_timeout_seconds in failure message
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:46:13 +03:00
Slavi Pantaleev
ee46fabdca Make waiting time for --tags=start configurable
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:39:55 +03:00
sakkiii
e9b878b9e9 Optimize SSL session 2021-05-18 19:39:43 +05:30
Slavi Pantaleev
e6afa05f7b Enable OCSP stapling for the federation port
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057

Not sure if this is beneficial though.
2021-05-18 08:15:42 +03:00
Slavi Pantaleev
57a6a98a50 Fix incorrect SSL certificate path
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-18 07:58:47 +03:00
Slavi Pantaleev
b9c4e8ce16 Merge pull request #1057 from sakkiii/ssl_staple
Enable OCSP Stapling
2021-05-18 07:50:35 +03:00
sakkiii
d31b55b2a7 SSL-enabled block only 2021-05-18 03:24:06 +05:30
rakshazi
400371f6dd Updated Element version (1.7.27 -> 1.7.28) 2021-05-17 13:15:12 +00:00
Slavi Pantaleev
d156c8caa2 Upgrade Synapse (1.33.2 -> 1.34.0) 2021-05-17 14:58:07 +03:00
Slavi Pantaleev
e4dd933cf0 Make missing /_synapse/admin correctly return 404 responses
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058

We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.

For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints)
2021-05-17 11:45:35 +03:00
sakkiii
2c3da6599b Added warning 2021-05-15 16:07:52 +05:30
sakkiii
0dd4459799 matrix_nginx_proxy_ocsp_stapling_enabled variable added 2021-05-15 16:01:49 +05:30
sakkiii
c05021640d Enable OCSP Stapling 2021-05-15 15:57:05 +05:30
Aaron Raimist
ca361af616 Add Hydrogen 2021-05-15 04:23:36 -05:00
sakkiii
b191e461a5 Merge branch 'spantaleev:master' into master 2021-05-15 12:20:02 +05:30
sakkiii
4bd7d8b5e4 Update grafana (7.5.5->7.5.6) 2021-05-14 18:59:21 +05:30
sakkiii
d5cd3d443d Update prometheus (2.26.0->2.27.0) 2021-05-14 18:56:33 +05:30
sakkiii
322b750aad Merge branch 'spantaleev:master' into master 2021-05-14 18:54:47 +05:30
Slavi Pantaleev
f481b1a84b Upgrade matrix-mailer (4.94.2-r0 -> 4.94.2-r0-1)
Related to https://github.com/devture/exim-relay/pull/9
2021-05-12 18:09:08 +03:00
Slavi Pantaleev
8e6f1876f5 Switch to :latest version of synapse-admin
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132

We should switch back when >0.8.0 gets released.
2021-05-11 19:25:12 +03:00
sakkiii
8fc55b30c5 Upgrade Synapse (1.33.1 -> 1.33.2)
This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation. Server admins are encouraged to upgrade.

Ref: https://github.com/matrix-org/synapse/releases/tag/v1.33.2
2021-05-11 19:06:30 +05:30
Slavi Pantaleev
2d4b039c55 Merge pull request #1046 from GoMatrixHosting/master
GoMatrixHosting v0.4.6
2021-05-11 09:07:48 +03:00
Michael-GMH
2b4bada72a fix conditional 2021-05-11 14:05:45 +08:00