Commit Graph

5253 Commits

Author SHA1 Message Date
Slavi Pantaleev
c7e9f04756 Merge pull request #936 from irregulator/nginx_check_cors
matrix-nginx-proxy: specify Origin header, comply with CORS
2021-03-15 14:49:23 +02:00
Alexandros Afentoulis
28c255539c matrix-nginx-proxy: specify Origin header, comply with CORS
Self-checks against the .well-known URIs look for the HTTP header
"Access-Control-Allow-Origin" indicating that the remode endpoint
supports CORS. But the remote server is not required to include
said header in the response if the HTTP request does not include
the "Origin" header. This is in accordance with the specification
[1] stating: 'A CORS request is an HTTP request that includes an
"Origin" header.'

This is in fact true for Gitlab pages hosting and that's why the
issue was identified.

Let's specify "Origin" header in the respective uri tasks performing
the HTTP request and ensure a CORS request.

[1] https://fetch.spec.whatwg.org/#http-requests
2021-03-15 14:24:55 +02:00
Yannick Goossens
9f95cef494 Change value of client_secret to avoid confusion 2021-03-15 13:08:59 +01:00
Yannick Goossens
bfe0ca6cf8 Update docs, remove hard coded matrix_domain 2021-03-15 13:04:31 +01:00
Slavi Pantaleev
7215fd4319 Merge pull request #933 from pmontepagano/fork/require-auth-synapse-configs
Adding vars to synapse for private servers
2021-03-15 08:03:43 +02:00
Michael
5a1f3b7d67 GMH v0.3.0 2021-03-14 14:35:38 +08:00
Pablo Montepagano
52fe8a05b0 Adding vars to synapse for private servers. 2021-03-14 00:39:44 -03:00
Yannick Goossens
7d6bf446a3 Added a link to the doc in the README 2021-03-12 16:57:49 +01:00
Yannick Goossens
86cf5d8c74 api_key doesn't seem to work for the imgur service, using client_id works 2021-03-12 15:57:23 +01:00
Yannick Goossens
a640d8f9a6 Remove hard coded references to homeserver and matrix domain 2021-03-12 15:36:13 +01:00
Yannick Goossens
9689948e73 Use the matrix_domain var for the AcceptVerificationFromUsers field 2021-03-12 14:59:42 +01:00
Yannick Goossens
49028f1b05 Added |to_json to the config.yaml template 2021-03-12 14:55:57 +01:00
Yannick Goossens
aaf93cb9fd Fix indentation spaces to tabs 2021-03-12 11:11:10 +01:00
Yannick Goossens
20c6bd686e Added the matrix_bot_go_neb_container_http_host_bind_port variable to allow the container to expose its listen port 2021-03-12 11:10:00 +01:00
Yannick Goossens
ce14e3e8af Enable the bot in the role and disable it in the group_vars 2021-03-12 11:03:13 +01:00
Yannick Goossens
7d1d3b47bc Fix the description on the service file 2021-03-12 10:31:08 +01:00
Yannick Goossens
51e2547484 Added support for the Go-NEB bot 2021-03-11 19:23:01 +01:00
Slavi Pantaleev
9b72384df7 Upgrade Synapse (1.28.0 -> 1.29.0) 2021-03-08 17:24:09 +02:00
Slavi Pantaleev
f0698ee641 Do not overwrite X-Forwarded-For when reverse-proxying to Synapse
We have a flow like this:
1. matrix.DOMAIN vhost (matrix-domain.conf)
2. matrix-synapse vhost (matrix-synapse.conf); or matrix-corporal container, if enabled
3. (optional) matrix-synapse vhost (matrix-synapse.conf), if matrix-corporal enabled
4. matrix-synapse container

We are setting `X-Forwarded-For` correctly in step #1, but were
overwriting it in step #2 with something inaccurate.

Not doing anything in step #2 is better than doing the wrong thing.
It's probably best if we append another reverse-proxy address there
though, although what we're doing now (with this patch) seems to yield
the correct result (when matrix-corporal is not enabled).

When matrix-corporal is enabled, we still seem to do the wrong thing for
some reason. It's something to be fixed later on.
2021-03-08 17:24:09 +02:00
Slavi Pantaleev
5516bc8896 Merge pull request #923 from aaronraimist/patch-1
Make steps in configuring-playbook.md numbered
2021-03-07 09:53:49 +02:00
Aaron Raimist
df5cbcc2e1 Make steps in configuring-playbook.md numbered
instead of bullet points which make it more difficult to tell whether or not you completed all of the steps
2021-03-06 12:35:12 -06:00
foxcris
88d59f97c2 - 2021-03-06 11:43:59 +01:00
Slavi Pantaleev
11f8b5f3a7 Merge pull request #916 from jokey2k/patch-2
Adjust wait timeout
2021-03-05 10:43:36 +02:00
Markus Ullmann
be23249f4b Adjust wait timeout
During first setup postgres takes its time to get up and running, resulting in "postgres in startup" exceptions from synapse if you run without additional services that come in between. Hence suggesting increasing the time a bit to avoid having an error which heals itself and thus is hard to spot for newcomers.
2021-03-02 20:07:59 +01:00
Slavi Pantaleev
7d1522d884 Add Ko-fi donation link 2021-03-02 13:29:04 +02:00
Slavi Pantaleev
0f647594ac Merge pull request #915 from SierraKiloBravo/add-nginx-worker-config
Added nginx proxy worker configuration to template and defaults
2021-03-02 13:04:28 +02:00
SierraKiloBravo
0de0716527 Added nginx proxy worker configuration to template and defaults 2021-03-02 11:30:09 +01:00
Slavi Pantaleev
31d2e013f7 Fix typo 2021-03-02 08:02:31 +02:00
Slavi Pantaleev
009efdad49 Fix matrix.DOMAIN/_synapse/metrics exposing
This is something that got lost during
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
and more specifically 4d62a75f6f.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/914
2021-03-02 07:59:59 +02:00
Slavi Pantaleev
a25b8135b8 Fix point overlap between matrix-domain and Jitsi
Mostly affects people who disable the integrated `matrix-nginx-proxy`.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
and more specifically 4d62a75f6f.
2021-03-01 20:27:45 +02:00
Slavi Pantaleev
c527f2930e Upgrade Element (1.7.21 -> 1.7.22) 2021-03-01 15:53:54 +02:00
Slavi Pantaleev
fef6d57626 Remove alembic migrations for mautrix-facebook
They're gone now: b8ce80e476
2021-02-28 18:42:31 +02:00
Michael
f4e462af51 Merge remote-tracking branch 'upstream/master' 2021-02-28 22:37:49 +08:00
Michael
33ec5710d9 0.2.1 revision 2021-02-28 22:21:40 +08:00
Slavi Pantaleev
c8d4a42367 Merge pull request #910 from hardye/le-timers-update
Run Let's Encrypt renewal checks daily instead of weekly.
2021-02-28 11:55:00 +02:00
Hardy Erlinger
f4930d789e Run Let's Encrypt renewal checks daily instead of weekly.
This ensures more timely updates of certifcates.
2021-02-27 21:11:22 +01:00
Slavi Pantaleev
6baa91dd9f Do not delete matrix-ssl-lets-encrypt-certificates-renew only to recreate it later
This seems to have been added to the list of "deprecated files to
remove" by mistake.
2021-02-26 13:37:51 +02:00
Slavi Pantaleev
ccf5915874 Upgrade Synapse for ARM64 (v1.26.0 -> v1.28.0) 2021-02-25 19:09:46 +02:00
Slavi Pantaleev
ae091d7b2d Upgrade Synapse (v1.27.0 -> v1.28.0) 2021-02-25 13:40:35 +02:00
Slavi Pantaleev
1ef683d366 Make nginx proxy config (when disabled) obey matrix_federation_public_port
People who were disabling matrix-nginx-proxy (in favor of their own
nginx webserver) and also overriding `matrix_federation_public_port`,
found that the generated nginx configuration still hardcoded `8448`,
which forced their nginx server to use that, regardless of the fact
that `matrix_federation_public_port` was pointing elsewhere.

We now allow for the in-container federation port to be configurable,
and also automatically wire things properly.
2021-02-24 08:19:20 +02:00
Slavi Pantaleev
2ef1d9c537 Make healthchecks work for Synapse worker containers
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
2021-02-24 07:59:14 +02:00
Slavi Pantaleev
f9a0ec6fd1 Fix some bridges failing when Synapse workers enabled
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/904
2021-02-23 13:17:52 +02:00
Slavi Pantaleev
8f7f45d6e4 Revert "trust the reverse proxy by default"
This reverts commit fd3d48bb6d.

Normally this environment variable gets referred to from `settings.json.docker`,
but we have our own full configuration, which hardcodes `"trustProxy": true`,
thus making this useless.

This has been pointed out here:
fd3d48bb6d (commitcomment-47403097)
2021-02-22 13:03:09 +02:00
Slavi Pantaleev
50ec607433 Merge pull request #902 from tctovsli/patch-2
Added paragraph about updating DNS to get stats
2021-02-22 11:54:06 +02:00
tctovsli
2b96fb0cf1 Added paragraph about updating DNS to get stats
This document didn't describe that it is necessary to have a DNS-entry for stats sub-domain.
2021-02-22 10:32:02 +01:00
Slavi Pantaleev
fd18769e55 Merge pull request #901 from marcquark/backup_postgres
Recommend a better way of backing up postgres
2021-02-22 08:37:21 +02:00
Slavi Pantaleev
ca22355910 Update backup docs a bit 2021-02-22 08:36:42 +02:00
Marc Leuser
53869ac14a recommend a better way of backing up postgres
don't spawn an extra container
run pg_dumpall within matrix-postgres instead, ensures correct version
store under /matrix so a backup of the folder will contain a DB dump
use absolute paths just in case something in the ENV is messed up
2021-02-21 21:38:20 +01:00
Slavi Pantaleev
994afcfeb0 Merge pull request #899 from gsouquet/patch-2
Update lower power config example
2021-02-21 14:05:56 +02:00
Germain
6768bdcf81 Update lower power config example
All other examples show the config to lower the memory usage on the server
2021-02-21 11:57:05 +00:00