Commit Graph

8281 Commits

Author SHA1 Message Date
Slavi Pantaleev
4a9fe21d44 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-07 08:43:40 +02:00
Slavi Pantaleev
9c0287f4f8 Update configuring-playbook-own-webserver.md to note that Traefik is the default reverse-proxy since 1 year ago 2024-01-07 08:43:33 +02:00
Slavi Pantaleev
b122c7092a Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 18:12:44 +02:00
Slavi Pantaleev
d116d863e6 Move exim-relay service to its own network and connect Synapse & ma1sd to it automatically 2024-01-05 18:10:24 +02:00
Slavi Pantaleev
0bb40d1337 Fix integration between ma1sd and exim-relay
Regression since ba0a4e864a
2024-01-05 17:59:27 +02:00
Slavi Pantaleev
377fce5855 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 17:55:49 +02:00
Slavi Pantaleev
ba0a4e864a Replace matrix-mailer with an external role 2024-01-05 17:54:50 +02:00
Slavi Pantaleev
f308bcdcac Upgrade backup-borg (v1.2.7-1.8.5-2 -> v1.2.7-1.8.6-0) 2024-01-05 17:53:23 +02:00
Slavi Pantaleev
1f6bb281e9 Fix typo in old devture-traefik migration task 2024-01-05 17:09:19 +02:00
Slavi Pantaleev
9488e3857a Put all homeservers in the matrix-homeserver container network 2024-01-05 16:49:48 +02:00
Slavi Pantaleev
1be90cf87d Move Postgres to its own network for better isolation
A lot of services are yet to be updated to start connecting to
`devture_postgres_container_network` as an additional network.
Many are already done, but I'll go through all the others later.
2024-01-05 16:38:32 +02:00
Slavi Pantaleev
7766db2a5f Merge pull request #3083 from Braindot-fr/3082-mautrix-signal-config
[#3082] Analog Signal spaces configuration with rest of playbook
2024-01-05 16:01:08 +02:00
Slavi Pantaleev
e7b7b48db5 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 11:07:50 +02:00
Pierre 'McFly' Marty
a266da1b78 fix: space sync config 2024-01-05 10:49:09 +02:00
Slavi Pantaleev
724021cfde Merge pull request #3076 from cvwright/cvwright/worker-keepalive
Add keepalive on worker upstreams and use persistent connections
2024-01-05 10:48:32 +02:00
Slavi Pantaleev
9b6c393414 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 10:20:33 +02:00
Slavi Pantaleev
fc151fed77 Add raw/endraw around problematic texts in matrix-bridge-mautrix-signal/templates/config.yaml
Fixes: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3082

Related to: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3079
2024-01-05 10:20:00 +02:00
Slavi Pantaleev
e60ad025e4 Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 07:57:54 +02:00
Slavi Pantaleev
1d6f52db44 Upgrade Postgres (v16.1-3 -> v16.1-4) 2024-01-05 07:57:25 +02:00
Slavi Pantaleev
b37a02720f Move all Matrix client apps into the matrix-addons container network
Putting each client into its own network was good for isolation,
but it's quite wasteful in terms of the container network pool.
2024-01-05 07:17:11 +02:00
Slavi Pantaleev
2ec6448cdb Merge branch 'master' into bye-bye-nginx-proxy 2024-01-05 07:05:34 +02:00
Slavi Pantaleev
06f561f0dd Build latest/main branch of rust-synapse-compress-state for non-amd64 users
The latest tagged release (v0.1.3) does not pin any versions in its
Dockerfile and as such fails to build right now.

The `main` branch of rust-synapse-compress-state has already addressed
this and is buildable, but there's no tagged release yet.

Reported here: https://github.com/matrix-org/rust-synapse-compress-state/issues/134
2024-01-05 07:05:28 +02:00
Slavi Pantaleev
d262ca0fe6 Only enable matrix-synapse-reverse-proxy-companion when Synapse workers are enabled
This allows us to eliminate the companion and decrease overhead for
simple servers which do not use workers.
2024-01-05 07:00:50 +02:00
Slavi Pantaleev
14278c51c2 Merge pull request #3079 from IUCCA/master
update mautrix-signal
2024-01-05 06:36:45 +02:00
Slavi Pantaleev
499e4887f7 Connect sliding-sync directly to the homeserver
This saves up 1 container network and avoids going through extra proxies
unnecessarily.
2024-01-05 06:28:42 +02:00
Slavi Pantaleev
7a6a6270d1 Fix API endpoints for Synapse when companion is disabled (removing leading http://) 2024-01-05 06:26:56 +02:00
Slavi Pantaleev
3fb016cd6b Put bots and bridges in the same network and remove a few variables
Downsides: decreasing security slightly due to less networking isolation

Benefits:

- decreased complexity
- having a generically-named `matrix-addons` network we may use for other things now (client apps, etc.)
- not exhausting the container networks pool with 2 (or more) networks and using just 1
2024-01-05 06:13:12 +02:00
Slavi Pantaleev
170f321a01 Minor sliding-sync improvements 2024-01-05 06:04:44 +02:00
IUCCA
2b2c1880cb Updated mautrix-signal docker image 2024-01-05 00:09:40 +01:00
Slavi Pantaleev
b1caf5eb59 Merge pull request #3080 from spantaleev/renovate/vectorim-element-web-1.x
chore(deps): update vectorim/element-web docker tag to v1.11.53
2024-01-04 19:24:36 +02:00
renovate[bot]
04de14a462 chore(deps): update vectorim/element-web docker tag to v1.11.53 2024-01-04 17:00:48 +00:00
Slavi Pantaleev
015acb6d08 Add native Traefik support to matrix-synapse 2024-01-04 19:00:23 +02:00
Slavi Pantaleev
fe7c06d6f5 Fix duplicate labels in matrix-synapse-reverse-proxy-companion 2024-01-04 18:07:24 +02:00
IUCCA
0222e75c19 added new options to mautrix-signal config template 2024-01-04 16:06:58 +01:00
IUCCA
9c3d8687bf added new options to mautrix-signal config template 2024-01-04 15:09:42 +01:00
IUCCA
8f88b5d25e updated mautrix-signal docker image 2024-01-04 15:04:06 +01:00
Slavi Pantaleev
ab15991814 Fix some ansible-lint-reported errors 2024-01-04 13:00:46 +02:00
Slavi Pantaleev
abde681b56 Clean up some matrix_nginx_proxy_proxy_matrix_metrics_* references 2024-01-04 12:49:00 +02:00
Slavi Pantaleev
54fb153acf Expose /_synapse/* APIs via matrix-synapse-reverse-proxy-companion
This also updates validation tasks and documentation, pointing to
variables in the matrix-synapse role which don't currently exist yet
(e.g. `matrix_synapse_container_labels_client_synapse_admin_api_enabled`).

These variables will be added soon, as Traefik labels are added to the
`matrix-synapse` role. At that point, the `matrix-synapse-reverse-proxy-companion` role
will be updated to also use them.
2024-01-04 11:37:17 +02:00
Slavi Pantaleev
0ea3fa0e85 Add matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname to simplify wiring 2024-01-04 10:53:43 +02:00
Slavi Pantaleev
84cedff355 Adjust validation message 2024-01-04 10:38:07 +02:00
Slavi Pantaleev
4752e7f9a0 Get rid of matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain 2024-01-04 10:27:32 +02:00
Slavi Pantaleev
e678adfeda Add root path (/) handling to matrix-synapse-reverse-proxy-companion (redirect or /_matrix/static/ serving) 2024-01-04 10:24:33 +02:00
Charles Wright
c053336ad2 Add keepalive on worker upstreams and use HTTP 1.1 for persistent connections 2024-01-03 14:43:01 -06:00
Slavi Pantaleev
354c887602 Fix incorrect variable name 2024-01-03 17:11:39 +02:00
Slavi Pantaleev
bbd9493b8f Handle /_matrix Client-Server and Federation APIs directly at matrix-synapse-reverse-proxy-companion 2024-01-03 17:05:59 +02:00
Slavi Pantaleev
97f40a95fb Make compress middleware for /.well-known/matrix/* configurable 2024-01-03 16:18:39 +02:00
Slavi Pantaleev
e81a395a98 Drop some matrix_nginx_proxy_proxy_riot_compat_* variables
matrix-nginx-proxy is going away and this is one of the features it
offered.

This feature will have no equivalent in our new Traefik-only
setup, although it's possible to implement it manually by using
`matrix_client_element_container_labels_additional_labels`
2024-01-03 14:43:45 +02:00
Slavi Pantaleev
cc75be9c65 Add support for serving the base domain via matrix-static-files 2024-01-03 14:39:17 +02:00
Slavi Pantaleev
da48a605bb More progress on matrix-static-files role and cleaning up of matrix-base and matrix-nginx-proxy 2024-01-03 13:46:25 +02:00