Commit Graph

647 Commits

Author SHA1 Message Date
Sylvia van Os
ed0ecf5bea string before to_json when string value is expected
This prevents Ansible from sometimes failing to decrypt vault variables
2019-05-06 10:10:27 +02:00
Slavi Pantaleev
e6fecd51d5 Explain DNS SRV vs /.well-known/matrix/server better
Hopefully, we no longer lead people to believe that DNS SRV
records are going away forever and for all use-cases.

Fixes #156 (Github Issue)
2019-05-05 11:04:52 +03:00
Slavi Pantaleev
e0b7b4dc61
Merge pull request #159 from TheLastProject/feature/docker_add_hosts
Add the possibility to pass extra flags to the docker container
2019-05-05 10:22:59 +03:00
Slavi Pantaleev
1653e40239
Merge pull request #158 from lpopov/master
Add the ability to update user passwords with ansible
2019-05-05 10:21:45 +03:00
Slavi Pantaleev
92eb437bb1
Merge pull request #162 from Cadair/master
urlencode mxisd password
2019-05-04 09:59:12 +03:00
Stuart Mumford
e1d0667ead
url encode username as well 2019-05-03 22:23:03 +01:00
Slavi Pantaleev
6bea3237c9
Merge pull request #163 from aaronraimist/synapse-0.99.3.1
Update Synapse (0.99.3 -> 0.99.3.1)
2019-05-03 22:10:20 +03:00
Aaron Raimist
8051ea9ef9
Update Synapse (0.99.3.1 -> 0.99.3.2) 2019-05-03 13:34:45 -05:00
Aaron Raimist
d1646bb497
Update Synapse (0.99.3 -> 0.99.3.1) 2019-05-03 12:07:58 -05:00
Stuart Mumford
4e998f52c5
urlencode mxisd password 2019-05-03 17:39:43 +01:00
Dan Arnfield
172d59ba05
Fix template indentation 2019-05-03 10:37:14 -05:00
Lyubomir Popov
c9a2380193 Merge remote-tracking branch 'upstream/master' 2019-05-03 11:05:03 +03:00
Lyubomir Popov
a206b65ed7 Use the '-p' non-interactive option to generate password hash instead of 'expect' 2019-05-03 11:02:17 +03:00
Slavi Pantaleev
0e391b5870 Add explicit |int casting for more variables
As discussed in #151 (Github Pull Request), it's
a good idea to not selectively apply casting, but to do it in all
cases involving arithmetic operations.
2019-04-30 18:26:03 +03:00
Sylvia van Os
75b1528d13 Add the possibility to pass extra flags to the docker container 2019-04-30 16:35:18 +02:00
Lyubomir Popov
134faa3139 Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 16:30:26 +03:00
Slavi Pantaleev
1495be1e0e
Merge pull request #157 from TheLastProject/feature/allow_disabling_url_previews
Add variable to disable homeserver url preview
2019-04-30 14:59:40 +03:00
Sylvia van Os
bf77f776a2 Add variable to disable homeserver url preview 2019-04-30 13:58:48 +02:00
Slavi Pantaleev
5be1d50b3a Revert "Enable Native Python Types for Jinja2"
This reverts commit 3387035400.

Enabling `jinja2_native` does help with the issue it is trying to
address - #151 (Github Pull Request), but it introduces a regression
when generating templates.

An example is
`roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-riot-web.conf.j2`,
which yields a strange resulting value of:

```
location /.well-known/acme-challenge {
    resolver 127.0.0.11 valid=5s;
    set $backend "matrix-certbot:8080";
    proxy_pass http://$backend;

    resolver 127.0.0.11 valid=5s;
    set $backend "matrix-certbot:8080";
    proxy_pass http://$backend;
}
```

For whatever reason (still to be investigated), the `if` block's
contents seem to have been outputted twice.

Reverting until this is resolved.
Until then, #151 would rely on the workaround and not on `jinja2_native`.
2019-04-29 09:07:05 +03:00
Slavi Pantaleev
db977ea584
Merge pull request #151 from huguesdk/bugfix/nginx_proxy_tmpfs_size
Fix value of nginx-proxy tmpfs size
2019-04-29 09:00:37 +03:00
Slavi Pantaleev
3387035400 Enable Native Python Types for Jinja2
Helps with #151 (Github Pull Request), but only for Ansible >= 2.7
and when Jinja >= 2.10 is in use.

For other version combinations we still need the workaround proposed
in the pull rqeuest.
2019-04-29 08:51:03 +03:00
Slavi Pantaleev
7c246b4a99 Make error about unset matrix_ssl_lets_encrypt_support_email more descriptive
Previously, we'd show an error like this:

{"changed": false, "item": null, "msg": "Detected an undefined required variable"}

.. which didn't mention the variable name
(`matrix_ssl_lets_encrypt_support_email`).
2019-04-28 11:02:17 +03:00
Slavi Pantaleev
00ec22688a Upgrade mxisd (1.4.1 -> 1.4.2)
Looks like we may not have to do this,
since 1.4.2 fixes edge cases for people who used the broken
1.4.0 release.

We jumped straight to 1.4.1, so maybe we're okay.
Still, upgrading anyway, just in case.
2019-04-28 10:15:46 +03:00
Slavi Pantaleev
817c7143ca
Merge pull request #154 from aaronraimist/mxisd-1.4.1
Update mxisd (1.3.1 -> 1.4.1)
2019-04-28 09:00:47 +03:00
Slavi Pantaleev
528f537db7
Merge pull request #152 from huguesdk/bugfix/remove_hardcoded_values_in_remove_all
Remove hardcoded values in matrix-remove-all
2019-04-28 08:54:34 +03:00
Slavi Pantaleev
8a862e2414
Merge pull request #147 from aaronraimist/enable_presence_by_hs_url
Set Riot's enable_presence_by_hs_url to false if presence is disabled
2019-04-28 08:44:22 +03:00
Aaron Raimist
e42fe4b18c
Include Slavi's improvements to keep roles independent 2019-04-27 17:09:21 -05:00
Aaron Raimist
5586eaddef
Set Riot's enable_presence_by_hs_url to false if presence is disabled 2019-04-27 16:35:26 -05:00
Aaron Raimist
ed442af96f
Update mxisd (1.3.1 -> 1.4.1) 2019-04-27 16:28:40 -05:00
Hugues De Keyzer
1e344d5a7a Remove hardcoded values in matrix-remove-all
Use matrix_docker_network and matrix_base_data_path in matrix-remove-all
instead of hardcoded default values.
2019-04-27 22:12:05 +02:00
Hugues De Keyzer
6aa6633ee7 Fix value of nginx-proxy tmpfs size
Use an int conversion in the computation of the value of
matrix_nginx_proxy_tmp_directory_size_mb, to have the integer value
multiplied by 50 instead of having the string repeated 50 times.
2019-04-27 21:54:21 +02:00
Slavi Pantaleev
55bc1c39d2
Merge pull request #148 from Sporiff/fix-inline-url-preview
Fixed default url preview settings
2019-04-26 16:39:30 +03:00
Ciaran Ainsworth
8624cf4a57 Fixed default url preview settings 2019-04-26 14:11:40 +01:00
Slavi Pantaleev
f99b24f3be
Merge pull request #144 from dhoffend/welcome
make welcome.html customizable
2019-04-25 08:15:00 +03:00
Daniel Hoffend
ca15d219b9 make welcome.html customizable 2019-04-25 01:05:28 +02:00
Slavi Pantaleev
ec0f936227 Try SSL renewal more frequently and reload later
It doesn't hurt to attempt renewal more frequently, as it only does
real work if it's actually necessary.

Reloading, we postpone some more, because certbot adds some random delay
(between 1 and 8 * 60 seconds) when renewing. We want to ensure
we reload at least 8 minutes later, which wasn't the case.

To make it even safer (in case future certbot versions use a longer
delay), we reload a whole hour later. We're in no rush to start using
the new certificates anyway, especially given that we attempt renewal
often.

Somewhat fixes #146 (Github Issue)
2019-04-23 17:59:02 +03:00
Slavi Pantaleev
892abdc700 Do not refer to Synapse as "Matrix Synapse" 2019-04-23 10:20:56 +03:00
Slavi Pantaleev
39566aa7fe Generate a Synapse signing key file, if missing
The code used to check for a `homeserver.yaml` file and generate
a configuration (+ key) only if such a configuration file didn't exist.

Certain rare cases (setting up with one server name and then
changing to another) lead to `homeserver.yaml` being there,
but a `matrix.DOMAIN.signing.key` file missing (because the domain
changed).
A new signing key file would never get generated, because `homeserver.yaml`'s
existence used to be (incorrectly) satisfactory for us.

From now on, we don't mix things up like that.
We don't care about `homeserver.yaml` anymore, but rather
about the actual signing key.

The rest of the configuration (`homeserver.yaml` and
`matrix.DOMAIN.log.config`) is rebuilt by us in any case, so whether
it exists or not is irrelevant and doesn't need checking.
2019-04-23 10:06:42 +03:00
Slavi Pantaleev
18a562c000 Upgrade services 2019-04-21 08:57:49 +03:00
Slavi Pantaleev
9ea5088761 Add TURN server configuration documentation 2019-04-19 09:57:41 +03:00
Slavi Pantaleev
a4da1535dd Split additional configuration options in groups
It's too many configuration options to keep them in a single list.
Trying to put some order.
2019-04-19 09:54:18 +03:00
Slavi Pantaleev
d4f2cb91d7
Merge pull request #137 from jdreichmann/master
Add some examples for caddy as an external webserver
2019-04-16 22:16:53 +03:00
jreichmann
aba8327991
Give a hint to look into the examples if using caddy 2019-04-16 19:46:17 +02:00
jreichmann
084be8a194
Added comments noting that the TLS Certs might differ when using own certs 2019-04-16 19:41:38 +02:00
jreichmann
6d49fdea21
Remove single all-host config file (used as source for examples) 2019-04-16 19:38:43 +02:00
jreichmann
265dc2949d
Added example Caddyfiles for the containers 2019-04-16 19:36:03 +02:00
Slavi Pantaleev
9c401efb2d Add a note about beta/pre-release distros 2019-04-16 13:10:31 +03:00
Slavi Pantaleev
c1a9549d54 Mention matrix_coturn_turn_external_ip_address in examples/hosts 2019-04-16 13:10:31 +03:00
Slavi Pantaleev
ed00b0a77c
Merge pull request #135 from lpopov/master
Add additional room config options
2019-04-16 12:53:03 +03:00
Lyubomir Popov
eab8f31eed Add additional room config options:
- matrix_enable_room_list_search - Controls whether searching the public room list is enabled.
 - matrix_alias_creation_rules - Controls who's allowed to create aliases on this server.
 - matrix_room_list_publication_rules - Controls who can publish and which rooms can be published in the public room list.
2019-04-16 12:40:38 +03:00