Commit Graph

5728 Commits

Author SHA1 Message Date
Slavi Pantaleev
ef68d3d296 Add support for reverse-proxying /_synapse/oidc
This broke in 63a49bb2dc.

Proxying the OpenID Connect endpoints is now possible,
but needs to be enabled explicitly now.

Supersedes #702 (Github Pull Request).

This patch builds up on the idea from that Pull Request,
but does things in a cleaner way.
2020-11-02 11:10:03 +02:00
Slavi Pantaleev
5c91e56898 Upgrade Synapse (v1.22.0 -> v1.22.1) 2020-10-30 19:35:55 +02:00
Slavi Pantaleev
e805776736
Merge pull request #700 from aaronraimist/vectorim/element-web
Switch to the new vectorim/element-web Docker image
2020-10-29 18:52:04 +02:00
Aaron Raimist
c33d007306
Switch to the new vectorim/element-web Docker image 2020-10-29 11:46:58 -05:00
Slavi Pantaleev
56ebeb1ae2 Revert "Restore self-building on ARM for Synapse for now"
This reverts commit 7d211b71e2.

The multi-arch images are now available, as discussed in #699 (Github Issue).
2020-10-29 07:35:53 +02:00
Marcel Partap
cce90b187a synapse workers: fix undefined variable cases when removing workers 2020-10-28 23:09:21 +01:00
Sabine
cea2faa1b3 added docs for bridge permissions 2020-10-28 21:59:36 +01:00
Sabine
aabefe21f4 fixed yaml 2020-10-28 21:58:59 +01:00
Sabine
468cc39465 added a workaround for postgres's issue with initdb 2020-10-28 21:56:13 +01:00
Slavi Pantaleev
c1c6eaefff Upgrade Element (1.7.10 -> 1.7.12) 2020-10-28 17:34:39 +02:00
Slavi Pantaleev
9a46647010 Make https://matrix.DOMAIN/ redirect to https://element.DOMAIN/
Fixes #696 (Github Issue)
2020-10-28 10:39:12 +02:00
Slavi Pantaleev
4700e80389 Raise standalone default Matrix Client API client_max_body_size
We do this to match Synapse's new default "max_upload_size" (50MB).

This `matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb`
default value only affects standalone usage of the `matrix-nginx-proxy`
role. When the role is used in the context of the playbook,
the value is dynamically assigned from `group_vars/matrix_servers`.

Somewhat related to #692 (Github Issue).
2020-10-28 10:02:47 +02:00
Marcel Partap
e078e29ef8 synapse workers: fix self name in workers-doc-to-yaml.awk script 2020-10-28 08:39:31 +01:00
Slavi Pantaleev
ef07aa8e5d Prevent certain nginx location blocks from being ignored
The regex introduced in 63a49bb2dc seems to take precedence
over the bare location blocks, causing a regression.

> It is important to understand that, by default, Nginx will serve regular expression matches in preference to prefix matches.
> However, it evaluates prefix locations first, allowing for the administer to override this tendency by specifying locations using the = and ^~ modifiers.

Source: https://www.digitalocean.com/community/tutorials/understanding-nginx-server-and-location-block-selection-algorithms
2020-10-28 09:38:04 +02:00
Marcel Partap
2d1b9f2dbf synapse workers: reworkings + get endpoints from upstream docs via awk
(yes, a bit awkward and brittle… xD)
2020-10-28 07:13:19 +01:00
Slavi Pantaleev
67d0f26463 Improve wording a bit 2020-10-27 20:41:52 +02:00
Slavi Pantaleev
5a7d265997 Fix Synapse Admin not working due to unexposed Synapse Admin APIs
Regression since 63a49bb2dc.

Related to #685 (Github Issue).

We now automatically expose the APIs when Synapse Admin is enabled.
2020-10-27 20:33:37 +02:00
Slavi Pantaleev
7d211b71e2 Restore self-building on ARM for Synapse for now
While v1.22.0 supposedly has multi-arch Docker images
(thanks to https://github.com/matrix-org/synapse/pull/7921),
I can't them on Docker Hub yet, so I'm backing out of this change
for now and letting people fall back to self-building there.
2020-10-27 14:32:32 +02:00
Slavi Pantaleev
70f0b97a0a Upgrade Synapse (v1.21.2 -> v1.22.0) 2020-10-27 14:24:02 +02:00
Slavi Pantaleev
5430a65411
Merge pull request #684 from deSagaz/patch-1
Fix docker mount instruction in documentation
2020-10-26 10:44:03 +02:00
Slavi Pantaleev
63a49bb2dc Do not expose /_synapse/admin publicly by default
Fixes #685 (Github Issue).
2020-10-26 10:36:38 +02:00
Sabine Laszakovits
dd50ee19ab fixed bridge permissions 2020-10-25 21:42:40 +01:00
Sabine Laszakovits
2211e678f3 fixed comments that were copied over from mautrix-telegram role 2020-10-25 21:01:25 +01:00
Sabine Laszakovits
e59aa07b86 more cleanup 2020-10-25 20:47:10 +01:00
Sabine Laszakovits
c36e1355cf cleanup 2020-10-25 20:46:57 +01:00
Sabine Laszakovits
8ebc39dea0 fixed dependencies of bridge service (not ideal, but correct) 2020-10-25 20:46:32 +01:00
Sabine Laszakovits
9b890e9ced moved some settings from role to group_vars 2020-10-25 20:45:24 +01:00
Sabine Laszakovits
ff1d7921a0 moved registration.yaml contents to template 2020-10-25 20:16:24 +01:00
Sabine Laszakovits
d6940d9f10 added docs 2020-10-25 18:44:19 +01:00
Ivar Troost
1227349d0c
Fix docker mount instruction in documentation
The SSL certificates should be accessible to the nginx proxy container, not the synapse container.
2020-10-24 17:03:24 +02:00
Sabine
7a54e11090 started moving settings to group_vars 2020-10-24 12:15:03 +02:00
Marcel Partap
87bd64ce9e Merge remote-tracking branch 'origin/master' into synapse-workers 2020-10-23 23:45:07 +02:00
Marcel Partap
a4125d5446 synapse workers: polishing, cleansing and installation of jq dependency 2020-10-23 20:49:53 +02:00
Sabine
69efcb5c21 added mautrix-signal role 2020-10-22 23:29:34 +02:00
Marcel Partap
501efee07e synapse workers: supply systemd with actual worker PIDs (requires jq)
also, worker.yaml.j2:
  - hone worker_name
  - remove worker_pid_file entry (would only be used if worker_daemonize
    set to true; also, synapse only knows about the container namespace
    and thus can not provide the required host-view PID)
2020-10-22 20:53:41 +02:00
Slavi Pantaleev
24c6d7e81f Upgrade Element (1.7.9 -> 1.7.10) 2020-10-20 19:06:16 +03:00
Scott Crossen
94dcceb7b9 removed intentional delay 2020-10-19 11:26:37 -07:00
Scott Crossen
efeb651789 Removed typo 2020-10-19 11:25:01 -07:00
Scott Crossen
e7d79a95dc removed platform-specific stuff 2020-10-19 10:46:02 -07:00
Scott Crossen
19721be8b1 removed dhcp option 2020-10-18 21:05:32 -07:00
Scott Crossen
de1511b4bb Fixed valdiation 2020-10-16 21:31:07 -07:00
Scott Crossen
8e6d7d9022 changed domain naming 2020-10-16 21:28:43 -07:00
Scott Crossen
806f98447c Removed directory creation 2020-10-16 21:26:58 -07:00
Scott Crossen
51cca4c312 Added containerization 2020-10-16 21:21:58 -07:00
Slavi Pantaleev
9e6d087224
Merge pull request #679 from hgka/master
add variables for secure_backup_required and secure_backup_setup_methods
2020-10-16 10:31:56 +03:00
Tobias Küchel
1cf5b1d80f e2ee_backup: rename variables to be consistent with naming scheme 2020-10-16 09:24:50 +02:00
Tobias Küchel
5158fa4df9 e2ee_backup_methods: rather leave the default empty, so that the system default may apply 2020-10-16 08:50:16 +02:00
Tobias Küchel
8f7e21892d fix indentation, updated to proposed changes from Slavi: no more ifdef 2020-10-16 08:47:37 +02:00
Tobias Küchel
4cfa112755 update default backup_methods as proposed by the system anyway 2020-10-16 08:44:04 +02:00
Tobias Küchel
6599204334 fix commata not being set when secure_backup_required false 2020-10-16 08:20:22 +02:00