Neutron
1ad9bba88f
Skip importing validate_config task when Synapse is disabled
2021-07-02 20:58:57 +03:00
Stuart Mumford
2aa457efcc
Use a prom variable and not a synapse role variable
2021-07-02 15:41:36 +00:00
Michael-GMH
7acaef89df
GoMatrixHosting v0.5.1
2021-07-02 14:11:09 +08:00
Slavi Pantaleev
ccde2362fc
Merge branch 'master' into mjolnir-0.1.18
2021-07-02 08:52:58 +03:00
Slavi Pantaleev
55452c3068
Update Mjolnir (v0.1.17 -> v0.1.18)
2021-07-02 08:28:44 +03:00
Aaron Raimist
fc16fbda5b
Remove a bunch of redundant Ansible <2.8 self building checks
2021-07-02 00:14:37 -05:00
Aaron Raimist
19ed8d1d17
Upgrade mjolnir (0.1.17 -> 0.1.18) and implement self building
2021-07-02 00:10:59 -05:00
sak
7b2211da8e
remove jibri
2021-07-01 15:37:20 +05:30
Slavi Pantaleev
6294e58304
Fix Content-Security-Policy for Element
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1154
According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy ,
having both a header and the `<meta>`-tag provided by Element itself is
not a problem. The 2 CSP policies get combined.
2021-07-01 12:41:05 +03:00
Stuart Mumford
09ee5ce52e
we index from 0 apparently
2021-06-30 21:32:19 +00:00
Stuart Mumford
3d063f6ace
make them show as jobs in grafana
2021-06-30 21:30:18 +00:00
oxmie
5df4d68829
Make federation domain customizable
2021-06-30 23:02:27 +02:00
Stuart Mumford
7b52e6ad5e
Add worker metrics to prometheus exporter
2021-06-30 20:52:49 +00:00
Davy Landman
c9d73c6606
Updating to latest synapse release (performance regression)
...
https://github.com/matrix-org/synapse/releases/tag/v1.37.1
2021-06-30 16:15:00 +02:00
sakkiii
d338090f00
postgres minor updates
2021-06-30 10:00:52 +05:30
Slavi Pantaleev
3da4b684a5
Upgrade Synapse (1.36.0 -> 1.37.0)
2021-06-29 13:55:09 +03:00
Thom Wiggers
eb5619fd4b
Update IRC bridge
2021-06-29 12:45:21 +02:00
Michael Sasser
7578a355c4
heisenbridge fix service name
2021-06-29 12:15:03 +02:00
sakkiii
8a369f61f3
Merge branch 'spantaleev:master' into jitsi-fix
2021-06-26 21:54:42 +05:30
hanthor
ddbb4b2acc
Update main.yml
...
update to v0.2.0
2021-06-24 12:10:45 -04:00
Slavi Pantaleev
2d740dbebd
Mount /data in matrix-redis container
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1140
2021-06-24 10:10:52 +03:00
sakkiii
2b881e245b
Update prometheus v2.27.1 -> v2.28.0
2021-06-24 10:07:14 +05:30
sakkiii
0cc17ab2ca
matrix_jitsi_jicofo_component_secret validation
2021-06-23 23:55:55 +05:30
sakkiii
f2f1b20e44
jicofo client proxy connection
2021-06-23 23:17:24 +05:30
sakkiii
b132941e71
Merge branch 'spantaleev:master' into jitsi-fix
2021-06-23 21:31:25 +05:30
Slavi Pantaleev
18533b5000
Merge pull request #1135 from sakkiii/patch-1
...
Coturn update 4.5.2 -> 4.5.2-r2
2021-06-23 11:15:41 +03:00
Slavi Pantaleev
d019e9078a
Remove unused variables from mx-puppet-* bridges
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1131
2021-06-23 09:56:31 +03:00
sakkiii
6ede9c8cd6
network-alias added to fix domains
2021-06-22 23:59:49 +05:30
sakkiii
d9e943aaaa
minor fix
2021-06-22 23:32:32 +05:30
sakkiii
0c8a3c401f
jibri service
2021-06-22 23:20:09 +05:30
sakkiii
04805f35a7
Coturn update 4.5.2 -> 4.5.2-r2
2021-06-22 22:39:35 +05:30
Slavi Pantaleev
b19fa3acb2
Upgrade Element (1.7.30 -> 1.7.31)
2021-06-22 10:18:58 +03:00
sakkiii
1250208907
whitespaces
2021-06-22 12:24:35 +05:30
sakkiii
c0cd2a3c93
JICOFO_RESERVATION_ENABLED contains whitespaces.
2021-06-22 12:14:14 +05:30
sakkiii
f8be36327c
jibri service
2021-06-22 11:11:01 +05:30
sakkiii
3e011bafd5
jibri env
2021-06-22 00:18:29 +05:30
sakkiii
8af2d818b1
domain_fix
2021-06-21 23:55:26 +05:30
sakkiii
2ca92b76b6
stable-5963
2021-06-21 23:37:08 +05:30
Slavi Pantaleev
5a1dabe14f
Bump exim-relay Docker image tag
...
The new one is based on Alpine 3.14, instead of Alpine 3.13.
2021-06-21 15:32:34 +03:00
Slavi Pantaleev
282844209a
Merge pull request #1105 from blaztinn/centos-stream-8
...
Add support for CentOS (Stream) 8
2021-06-21 15:32:11 +03:00
Marcel Ackermann
a790096adf
matrix_mx_puppet_slack_client_id deprecated
2021-06-21 12:13:20 +02:00
Marcel Ackermann
ed078998b5
deprecated
2021-06-21 12:12:07 +02:00
Slavi Pantaleev
efa7486b88
Merge pull request #1127 from sakkiii/patch-3
...
Content-Security-Policy For Element Web
2021-06-20 10:01:43 +03:00
sakkiii
b826171139
Update grafana 8.0.2 -> 8.0.3
2021-06-18 23:32:30 +05:30
sakkiii
0217644b48
Content-Security-Policy For Element Web
...
https://github.com/vector-im/element-web#configuration-best-practices
2021-06-18 23:27:23 +05:30
Slavi Pantaleev
3dd32d2512
Update worker endpoints
...
Should have been part of 9daeb39710
2021-06-15 19:28:21 +03:00
Slavi Pantaleev
9daeb39710
Upgrade Synapse (1.35.1 -> 1.36.0)
2021-06-15 19:25:41 +03:00
Michael-GMH
4fb1134ad1
GoMatrixHosting v0.5.0
2021-06-14 22:36:49 +08:00
Slavi Pantaleev
a7fcb7c04d
Merge pull request #1122 from sakkiii/patch-2
...
update hydrogen v0.1.56 -> v0.1.57
2021-06-14 17:26:30 +03:00
sakkiii
4cd5835e11
update hydrogen v0.1.56 -> v0.1.57
...
https://github.com/vector-im/hydrogen-web/releases/tag/v0.1.57
2021-06-14 19:46:08 +05:30
sakkiii
08d1a5c2e7
Update grafana 8.0.0 -> 8.0.2
2021-06-14 19:41:23 +05:30
Blaž Tomažič
72bc9b5cfc
Add support for CentOS (Stream) 8
2021-06-12 10:49:38 +02:00
Slavi Pantaleev
1cf4d5ea7f
Upgrade Redis (6.0.10 -> 6.2.4)
2021-06-10 12:25:55 +03:00
Slavi Pantaleev
963f38ee7b
Upgrade certbot (v1.14.0 -> v1.16.0)
2021-06-10 12:18:42 +03:00
SkepticalWaves
2e8a2bdf7d
Add empty default for jitsi-prosody modules
2021-06-08 22:56:09 -04:00
SkepticalWaves
2886dc3939
Add module configuration to jitsi-prosody env file
2021-06-08 22:55:19 -04:00
Slavi Pantaleev
6c9c78ddae
Merge pull request #1112 from sakkiii/patch-2
...
coturn update
2021-06-08 22:46:11 +03:00
sakkiii
be1d1d0b7c
matrix_grafana_content_security_policy_customized default false
2021-06-09 00:52:52 +05:30
sakkiii
2d9ba82337
Update element 7.5.7 -> 8.0.0
2021-06-09 00:48:55 +05:30
sakkiii
1cc1202df2
update coturn
2021-06-08 23:59:31 +05:30
rakshazi
77fd1bff22
Update element 1.7.29 -> 1.7.30
2021-06-08 14:57:49 +00:00
Slavi Pantaleev
fa76c1ee5b
Do not run self-build Ansible version-check, if component not enabled
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1108
2021-06-08 08:59:02 +03:00
Slavi Pantaleev
bec9eaeb50
Merge pull request #1108 from tommes0815/fix-hydrogen-for-ansible2.7
...
fix error when running with Ansible 2.7 in the hydrogen setup
2021-06-07 22:09:39 +03:00
Thom Wiggers
3c05cc04bc
Update IRC appservice
2021-06-07 10:41:18 +02:00
Thomas Kühne
7f4e71b22a
fix error when running with Ansible 2.7 in the hydrogen setup
...
Without this the hydrogen task would fail for Ansible 2.7 even when hydrogen is not enabled.
2021-06-06 14:37:17 +02:00
Michael-GMH
122a92fa1c
GoMatrixHosting v0.4.9 update
2021-06-04 13:10:45 +08:00
Slavi Pantaleev
b1f1c28ef0
Upgrade Synapse (1.34.0 -> 1.35.0)
2021-06-01 19:14:59 +03:00
Michael-GMH
ad7bbd6442
merge upstream
2021-06-01 16:00:13 +08:00
Michael-GMH
6f40d78353
fix random edits to upstream
2021-05-25 21:25:40 +08:00
Michael-GMH
ea6e344d05
merge upstream
2021-05-25 21:10:34 +08:00
Michael-GMH
85777e8f96
merge with upstream
2021-05-25 21:08:00 +08:00
Slavi Pantaleev
1ed0857019
Fix syntax error
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
2021-05-25 11:45:17 +03:00
sakkiii
4a4a7f136e
changes added to hydrogen client
2021-05-25 11:42:51 +05:30
sakkiii
25e67b51d1
Merge branch 'spantaleev:master' into master
2021-05-25 11:40:56 +05:30
sakkiii
3436f9c10a
rename to matrix_nginx_proxy_hsts_preload_enabled
2021-05-25 00:56:59 +05:30
Slavi Pantaleev
0648b1b618
Upgrade Element (1.7.28 -> 1.7.29)
2021-05-24 20:38:48 +03:00
sakkiii
7cc5328ede
Comments & Ref
2021-05-24 17:20:54 +05:30
sakkiii
df2d91970d
matrix_nginx_proxy_xss_protection
2021-05-24 17:02:47 +05:30
Slavi Pantaleev
d4c7a90b5c
Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility
...
Allow Jitsi XMPP websocket support for users using own webserver.
2021-05-24 11:07:05 +03:00
ewang
409cd2b9a3
Source port binding from group vars in line other components
2021-05-23 14:06:18 +02:00
Eagle-251
ef6a7e051c
Fix missing port binding.
2021-05-22 15:55:50 +02:00
ewang
1bb6ed97ae
Make port bindings default for those disabling nginx proxy
...
I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```.
Hopefully that should make it the default behaviour now.
2021-05-22 15:53:42 +02:00
Aaron Raimist
3c0452ff5a
Remove unnecessary bind for config.json, use proper nginx.conf
2021-05-21 17:22:40 -05:00
ewang
4a772e50f4
Allow Jitsi XMPP webscoket support for users using own webserver.
...
Added:
- Conditional localhost Port bindings for Jitsi Prosody systemd template
- Added variable to main.yml to allow overriding from vars.yml
2021-05-21 15:26:06 +02:00
Slavi Pantaleev
6f80292745
Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-21 13:40:37 +03:00
Slavi Pantaleev
d0de21ab34
Delete Hydrogen nginx configuration file when disabled
2021-05-21 12:58:32 +03:00
Aaron Raimist
ac4ede20af
Add docs
2021-05-21 04:43:04 -05:00
Aaron Raimist
1633f61018
Only install config.json when self building
2021-05-21 04:23:06 -05:00
Aaron Raimist
04548f8df2
Merge branch 'master' into hydrogen
2021-05-21 04:09:18 -05:00
Aaron Raimist
9437f78c9e
Build using custom config.json, add CSP, update to 0.1.53
2021-05-21 03:45:21 -05:00
Slavi Pantaleev
47b4608b96
Fail in a friendlier way when trying to self-build on Ansible <= 2.8
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
Related discussion here: 1ab507349c (commitcomment-51108407)
2021-05-21 11:15:05 +03:00
Slavi Pantaleev
1ab507349c
Fix self-building for various components on Ansible < 2.8
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
2021-05-20 08:43:20 +03:00
Slavi Pantaleev
66615c43a3
Merge pull request #1065 from sakkiii/patch-1
...
Update grafana (7.5.6->7.5.7)
2021-05-19 22:07:59 +03:00
Tobias K
3dcbed6353
roles/matrix-grafana: Set root_url in granafa.ini
2021-05-19 19:52:58 +02:00
sakkiii
8529ca4c17
Update grafana (7.5.6->7.5.7)
2021-05-19 22:30:03 +05:30
Slavi Pantaleev
073d920a62
Merge pull request #1061 from sakkiii/ssl_enhancement
...
Optimize SSL session
2021-05-19 17:14:52 +03:00
Toni Spets
544915ff76
Add Heisenbridge
2021-05-19 10:42:21 +03:00
Slavi Pantaleev
21eb39f986
Mention matrix_common_after_systemd_service_start_wait_for_timeout_seconds in failure message
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:46:13 +03:00
Slavi Pantaleev
ee46fabdca
Make waiting time for --tags=start configurable
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:39:55 +03:00
sakkiii
e9b878b9e9
Optimize SSL session
2021-05-18 19:39:43 +05:30
Slavi Pantaleev
e6afa05f7b
Enable OCSP stapling for the federation port
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
Not sure if this is beneficial though.
2021-05-18 08:15:42 +03:00
Slavi Pantaleev
57a6a98a50
Fix incorrect SSL certificate path
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-18 07:58:47 +03:00
Slavi Pantaleev
b9c4e8ce16
Merge pull request #1057 from sakkiii/ssl_staple
...
Enable OCSP Stapling
2021-05-18 07:50:35 +03:00
sakkiii
d31b55b2a7
SSL-enabled block only
2021-05-18 03:24:06 +05:30
rakshazi
400371f6dd
Updated Element version (1.7.27 -> 1.7.28)
2021-05-17 13:15:12 +00:00
Slavi Pantaleev
d156c8caa2
Upgrade Synapse (1.33.2 -> 1.34.0)
2021-05-17 14:58:07 +03:00
Slavi Pantaleev
e4dd933cf0
Make missing /_synapse/admin correctly return 404 responses
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058
We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.
For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints)
2021-05-17 11:45:35 +03:00
sakkiii
2c3da6599b
Added warning
2021-05-15 16:07:52 +05:30
sakkiii
0dd4459799
matrix_nginx_proxy_ocsp_stapling_enabled variable added
2021-05-15 16:01:49 +05:30
sakkiii
c05021640d
Enable OCSP Stapling
2021-05-15 15:57:05 +05:30
Aaron Raimist
ca361af616
Add Hydrogen
2021-05-15 04:23:36 -05:00
sakkiii
b191e461a5
Merge branch 'spantaleev:master' into master
2021-05-15 12:20:02 +05:30
sakkiii
4bd7d8b5e4
Update grafana (7.5.5->7.5.6)
2021-05-14 18:59:21 +05:30
sakkiii
d5cd3d443d
Update prometheus (2.26.0->2.27.0)
2021-05-14 18:56:33 +05:30
sakkiii
322b750aad
Merge branch 'spantaleev:master' into master
2021-05-14 18:54:47 +05:30
Slavi Pantaleev
f481b1a84b
Upgrade matrix-mailer (4.94.2-r0 -> 4.94.2-r0-1)
...
Related to https://github.com/devture/exim-relay/pull/9
2021-05-12 18:09:08 +03:00
Slavi Pantaleev
8e6f1876f5
Switch to :latest version of synapse-admin
...
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132
We should switch back when >0.8.0 gets released.
2021-05-11 19:25:12 +03:00
sakkiii
8fc55b30c5
Upgrade Synapse (1.33.1 -> 1.33.2)
...
This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation. Server admins are encouraged to upgrade.
Ref: https://github.com/matrix-org/synapse/releases/tag/v1.33.2
2021-05-11 19:06:30 +05:30
Slavi Pantaleev
2d4b039c55
Merge pull request #1046 from GoMatrixHosting/master
...
GoMatrixHosting v0.4.6
2021-05-11 09:07:48 +03:00
Michael-GMH
2b4bada72a
fix conditional
2021-05-11 14:05:45 +08:00
Michael-GMH
0adcef65e6
fix conditional
2021-05-11 13:58:42 +08:00
Michael-GMH
f70102e40c
no dashes in usernames
2021-05-11 13:55:13 +08:00
Slavi Pantaleev
f4657b2cdb
Upgrade Element (1.7.26 -> 1.7.27)
2021-05-11 08:22:43 +03:00
Michael-GMH
4e6f6e179b
GMH 0.4.6 update
2021-05-10 18:50:10 +08:00
sakkiii
29cf6a0087
Merge branch 'spantaleev:master' into master
2021-05-10 15:10:18 +05:30
Slavi Pantaleev
3dcc006932
Fix self-building for Coturn
...
689dcea773
wasn't enough. The `upstream/..` tags are
just upstream sources, without the alpine-based Dockerfile.
We need to use the `docker/..` tags for that (or `master`)
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1032
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
2021-05-10 11:35:53 +03:00
Slavi Pantaleev
33f0074862
Upgrade matrix-mailer (4.94-r0 -> 4.94.2-r0)
...
Related to https://github.com/devture/exim-relay/issues/6
2021-05-10 11:23:44 +03:00
Slavi Pantaleev
c19508087a
Merge pull request #1036 from sakkiii/grafana-csp
...
Grafana csp template backward compatible with older browsers
2021-05-10 10:09:13 +03:00
Slavi Pantaleev
a198b87455
Upgrade synapse-admin (0.7.2 -> 0.8.0)
...
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132
2021-05-10 10:06:12 +03:00
Slavi Pantaleev
867ebb52ab
Merge pull request #1037 from pushytoxin/jitsi-5765-1
...
Update Jitsi (5142 -> 5765-1)
2021-05-08 12:35:29 +03:00
sakkiii
bb0810302d
Merge branch 'spantaleev:master' into master
2021-05-07 23:03:55 +05:30
Slavi Pantaleev
61220ea487
Upgrade Synapse (1.33.0 -> 1.33.1)
2021-05-06 20:47:09 +03:00
sakkiii
9174448e5e
get rid of this {% else %}
2021-05-06 12:46:17 +05:30
sakkiii
0d5fe2d9f7
Update roles/matrix-grafana/templates/grafana.ini.j2
...
Co-authored-by: Aaron Raimist <aaron@raim.ist>
2021-05-06 12:38:40 +05:30
Béla Becker
b10655ebb1
Jitsi XMPP Websocket support
...
Jitsi-meet enabled websockets by default, claiming better reliability.
Matrix-nginx-proxy configuration has been set up according to the
Prosody documentation: https://prosody.im/doc/websocket
2021-05-05 19:10:58 +02:00
Béla Becker
116bcaa13b
Update jitsi to stable-5765-1
...
Changelog:
https://github.com/jitsi/docker-jitsi-meet/blob/stable-5765-1/CHANGELOG.md
2021-05-05 19:10:58 +02:00
sakkiii
37de7fc96a
Updated Reference
2021-05-05 22:25:38 +05:30
sakkiii
303de935d5
grafana CSP backward compatible with older browsers
2021-05-05 22:12:56 +05:30
Slavi Pantaleev
d4d1e2e922
Upgrade Synapse (1.32.2 -> 1.33.0)
2021-05-05 19:18:53 +03:00
Slavi Pantaleev
b09a805939
Merge pull request #1031 from thedanbob/nginx-1.20.0
...
Update nginx (1.19.10 -> 1.20.0)
2021-05-04 10:41:02 +03:00
Slavi Pantaleev
6fdc71c40b
Merge pull request #1030 from thedanbob/grafana-7.5.5
...
Update grafana (7.5.4 -> 7.5.5)
2021-05-04 10:40:21 +03:00
Dan Arnfield
cfaa3e598a
Update nginx (1.19.10 -> 1.20.0)
2021-05-03 16:00:11 -05:00
Dan Arnfield
bec5933db4
Update grafana (7.5.4 -> 7.5.5)
2021-05-03 15:57:06 -05:00
Michael-GMH
067b61e779
GoMatrixHosting v0.4.5 update
2021-04-29 08:06:45 +08:00
Slavi Pantaleev
2409c33ea2
Upgrade Element (1.7.25 -> 1.7.26)
2021-04-27 17:21:31 +03:00
benkuly
49cb2635a2
updated matrix-sms-bridge
2021-04-27 14:39:58 +02:00
Michael-GMH
a14bf6c2ed
GoMatrixHosting v0.4.4 update
2021-04-26 20:00:32 +08:00
Slavi Pantaleev
689dcea773
Fix self-building for Coturn
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
2021-04-24 20:31:25 +03:00
sakkiii
40fe6bd5c1
variable matrix_nginx_proxy_hsts_preload_enable added
2021-04-24 20:04:20 +05:30
Slavi Pantaleev
389dc26615
Fix Synapse generic worker balancing
...
Potentially fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1022
2021-04-24 11:52:45 +03:00
sakkiii
5b4fdf9b87
Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
2021-04-24 12:15:34 +05:30
sakkiii
0ccf0fbf1c
HSTS preload + X-XSS enables
...
**HSTS Preloading:**
In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts ) includes all subdomains, and indicates a willingness to be “preloaded” into browsers:
`Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`
**X-Xss-Protection:**
`1; mode=block` which tells the browser to block the response if it detects an attack rather than sanitising the script.
2021-04-24 12:12:34 +05:30
sakkiii
3564635f0f
Merge branch 'master' into master
2021-04-24 11:46:52 +05:30
sakkiii
29bba5161b
Element More security headers
...
More Production ready nginx headers for Matrix client element.
2021-04-24 11:10:40 +05:30
Slavi Pantaleev
f6b371164c
Remove useless variable
2021-04-23 07:07:18 +03:00
Slavi Pantaleev
62c0587b6a
Use Alpine-based Coturn
2021-04-22 15:05:37 +03:00
Slavi Pantaleev
72a7cb4145
Merge pull request #1018 from GoMatrixHosting/master
...
GoMatrixHosting v0.4.3
2021-04-22 14:23:30 +03:00
Slavi Pantaleev
e3fa3e12bc
Upgrade Synapse (1.31 -> 1.32.2)
2021-04-22 14:22:07 +03:00
Michael-GMH
50d7209c5b
GMH v04.3
2021-04-22 11:45:59 +08:00
Slavi Pantaleev
378fabf177
Revert "Upgrade Synapse (1.31 -> 1.32.1)"
...
This reverts commit 1fb54a37cb
.
Seems like it's been pulled or something. It used to exist, but not
anymore. Not sure what's going on.
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1017
Related to
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
2021-04-21 23:36:58 +03:00
Slavi Pantaleev
1fb54a37cb
Upgrade Synapse (1.31 -> 1.32.1)
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
2021-04-21 18:47:15 +03:00
Slavi Pantaleev
d691cc0920
Move variable definition a bit
2021-04-21 13:59:20 +03:00
Slavi Pantaleev
e00ef04b57
Add opt-out-of-FLoC headers by default
2021-04-21 13:58:24 +03:00
Slavi Pantaleev
42783972fd
Merge pull request #1011 from aaronraimist/synapse-admin
...
Upgrade synapse-admin (0.7.0 -> 0.7.2)
2021-04-21 09:24:30 +03:00
Slavi Pantaleev
ca786cc343
Revert "Upgrade Synapse (1.31 -> 1.32)"
...
This reverts commit f825c7c263
.
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
2021-04-20 23:40:55 +03:00
Aaron Raimist
bb64b80697
Upgrade synapse-admin (0.7.0 -> 0.7.2)
2021-04-20 15:14:08 -05:00
Slavi Pantaleev
f825c7c263
Upgrade Synapse (1.31 -> 1.32)
2021-04-20 17:47:34 +03:00
Slavi Pantaleev
7eda6a3c12
Merge pull request #1009 from thedanbob/coturn-official
...
Switch to official coturn image
2021-04-19 18:41:17 +03:00
Slavi Pantaleev
adcecaffaf
Fix connectivity between prometheus and prometheus-node-exporter
...
Expected to have regressed after https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1008
This patch comes with its own downsides (as described in the comments
for matrix_prometheus_node_exporter_container_http_host_bind_port),
but at least there's:
- no security issue
- metrics remain readable from matrix-prometheus (even if the network metrics are inaccurate)
A better patch is certainly welcome.
2021-04-19 18:29:03 +03:00
Dan Arnfield
b2ca1f2829
Add capability required by new image
2021-04-19 10:16:26 -05:00
Slavi Pantaleev
398b9f5d66
Merge pull request #1008 from sakkiii/master
...
security** node-exporter data & port publicly exposed
2021-04-19 17:31:00 +03:00
Dan Arnfield
29177d4922
Switch to official coturn docker image
2021-04-19 09:04:08 -05:00
sak
88a30fb5ed
security** node-exporter data & port publicly exposed
2021-04-19 15:35:23 +05:30
sak
0f9a455719
Revert "security** node-exporter data & port publicly exposed"
...
This reverts commit d0cd709c08
.
2021-04-19 15:24:36 +05:30
sak
d0cd709c08
security** node-exporter data & port publicly exposed
2021-04-19 15:15:59 +05:30
Slavi Pantaleev
4a1739f604
Merge pull request #1007 from teutat3s/fix/nginx-dont-send-version
...
Don't expose nginx version with each response
2021-04-18 21:33:11 +03:00
teutat3s
2bf7c26cfa
Don't expose nginx version with each response
2021-04-18 16:24:13 +02:00
Slavi Pantaleev
c565e72f0d
Merge pull request #1003 from sakkiii/patch-2
...
updated matrix_grafana_docker_image to v7.5.4
2021-04-18 09:56:12 +03:00
Slavi Pantaleev
51b46697c5
Merge pull request #1005 from sakkiii/master
...
Improve security for grafana
2021-04-18 09:50:59 +03:00
Dan Arnfield
f04614a993
Fix prometheus network for ansible < 2.8
2021-04-17 20:15:26 -05:00
Slavi Pantaleev
badd81e0ec
Revert "Attempt to fix docker_network result discrepancy between Ansible versions"
...
This reverts commit 68ca81c8c2
.
2021-04-17 19:31:20 +03:00
sakkiii
1958d0792d
Update matrix-client-element.conf.j2
2021-04-17 21:33:07 +05:30
sakkiii
b6d45c5fd8
Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
2021-04-17 21:03:26 +05:30
sakkiii
05042f5ff1
Improve security grafana
...
- duplicate X-Content-Type-Options
- X-Frame-Options header
- Referrer-Policy [Might consider adding variable]
- Secure flag with cookies
- matrix_grafana_content_security_policy variable for [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy )
2021-04-17 21:03:05 +05:30
sakkiii
27377e099d
updated matrix_grafana_docker_image to v7.5.4
...
Latest stable grafana version is [7.5.4 (2021-04-14)](https://github.com/grafana/grafana/releases/tag/v7.5.4 )
2021-04-17 17:31:14 +05:30
Slavi Pantaleev
68ca81c8c2
Attempt to fix docker_network result discrepancy between Ansible versions
...
Supposedly fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/907
2021-04-17 11:42:06 +03:00
Slavi Pantaleev
9c1f41eadf
Merge pull request #1002 from thedanbob/node-exporter-1.1.2
...
Update prometheus node exporter (1.1.0->1.1.2)
2021-04-17 11:15:13 +03:00
Dan Arnfield
8a550ce67c
Update prometheus (2.24.1->2.26.0)
2021-04-16 09:25:45 -05:00
Dan Arnfield
83cc5c9e6a
Update prometheus node exporter (1.1.0 -> 1.1.2)
2021-04-16 09:17:04 -05:00
sakkiii
5dc642ace1
Nginx element web: XSS protection & nosniff header
...
X-XSS-Protection: 1; mode=block; header, for basic XSS protection in legacy browsers.
X-Content-Type-Options: nosniff header, to disable MIME sniffing
2021-04-16 14:45:04 +05:30
Slavi Pantaleev
fcb9e9618a
Make Coturn TLSv1/v1.1 configurable
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/999
2021-04-16 09:29:32 +03:00
sakkiii
540416e32d
Disable support for TLS 1.0 and TLS 1.1
...
These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.
2021-04-15 19:25:23 +05:30
Michael-GMH
89cb5a3d7a
GMH v0.4.2 update
2021-04-15 17:07:03 +08:00
Michael
f41bfb69d2
update survey template formatting
2021-04-04 12:01:53 +08:00
Michael
814bdf5a88
update spelling
2021-04-04 11:52:26 +08:00
Michael
fbe22289bd
merge with upstream and testing branch
2021-04-04 11:41:06 +08:00
Slavi Pantaleev
995c483856
Merge pull request #962 from aaronraimist/mjolnir
...
Add mjolnir
2021-04-03 10:45:29 +03:00
Slavi Pantaleev
f183add44d
Merge pull request #977 from aaronraimist/simple-antispam
...
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3)
2021-04-03 08:45:14 +03:00
Aaron Raimist
81dddd2e25
Upgrade Element (1.7.24 -> 1.7.24.1)
2021-04-02 18:43:30 -05:00
Aaron Raimist
c43bd412dd
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3)
2021-04-02 18:08:08 -05:00
Aaron Raimist
1ecee625d5
Depend on more services, add a delay
2021-04-02 17:07:24 -05:00
Slavi Pantaleev
a88391edf5
Merge pull request #972 from JohannesKleine/nginx-config
...
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
2021-03-31 10:30:57 +03:00
teutat3s
0b5e903693
Updates to mautrix-signal config
...
See these last commits:
tulir/mautrix-signal@4fc34330c1
tulir/mautrix-signal@64bc5c36a5
tulir/mautrix-signal@ddda1666d4
2021-03-31 02:51:23 +02:00
Christoph Johannes Kleine
fcd66b2889
rename variables
2021-03-30 16:41:32 +02:00
Christoph Johannes Kleine
8ba1105010
rename variable
2021-03-30 15:59:10 +02:00
Christoph Johannes Kleine
3a772f2f65
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
2021-03-30 14:11:20 +02:00
Slavi Pantaleev
93960b70be
Do not fail if _matrix-identity
DNS SRV record missing
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/963
This also simplifies Prerequisites, which is great.
It'd be nice if we were doing these checks in some optional manner
and reporting them as helpful messages (using
`matrix_playbook_runtime_results`), but that's more complicated.
I'd rather drop these checks completely.
2021-03-30 11:24:04 +03:00
Slavi Pantaleev
5e1cf7f8b9
Upgrade Element (1.7.23 -> 1.7.24)
2021-03-29 17:58:02 +03:00
Slavi Pantaleev
9409588513
Fix variable name typo (take 2)
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
2021-03-29 10:59:57 +03:00
Slavi Pantaleev
179b416ed5
Fix variable name typo
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
2021-03-29 09:24:35 +03:00
Slavi Pantaleev
77d598b315
Fix Go-NEB variable definitions using the wrong type
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/969
2021-03-28 12:10:22 +03:00
Slavi Pantaleev
49868db3de
Upgrade Synapse for ARM64 (1.30.0 -> 1.30.1)
2021-03-26 16:48:15 +02:00
Slavi Pantaleev
94487dc6a7
Upgrade Synapse for amd64 (1.30.0 -> 1.30.1)
2021-03-26 15:37:11 +02:00
transcaffeine
dbae18fd6a
feat: push ephemeral events to appservices
...
This adds https://github.com/matrix-org/matrix-doc/pull/2409 to the
appservice registrations, enabling synapse to push EDUs to appservices.
2021-03-25 18:49:54 +01:00
Dan Arnfield
97d8527e00
Update nginx (1.19.6 -> 1.19.8)
2021-03-24 09:42:08 -05:00
Slavi Pantaleev
5a4ea5f866
Make AWX enabling/disabling consistent with other playbook roles
...
That is:
- enabled in the role by default
- disabled in the compilation (playbook), if considered an optional
component
2021-03-24 14:02:53 +02:00
Aaron Raimist
bab8b950ca
Add mjolnir
2021-03-23 22:46:08 -05:00
Slavi Pantaleev
06c74728eb
Move matrix_nginx_proxy_proxy_synapse_federation_api_enabled definition to the role
...
This variable was previously undefined in the role and was only getting
defined via `group_vars/matrix_servers`.
We now properly initialize it (and its good default value) in the role
itself.
2021-03-23 10:28:32 +02:00
Slavi Pantaleev
d09609daa8
Fix Jinja2 syntax error
...
Fixes a regression introduced in ffe649a240
2021-03-22 17:13:10 +02:00
Slavi Pantaleev
6a3433fbad
Update Synapse for ARM64 (1.29.0 -> 1.30.0)
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
2021-03-22 16:43:23 +02:00
Slavi Pantaleev
ffe649a240
Update homeserver.yaml to keep up with Synapse v1.30.0
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
2021-03-22 16:43:10 +02:00
rakshazi
74106f2a80
Updated synapse 1.29.0 -> 1.30.0
2021-03-22 14:03:42 +00:00
Thom Wiggers
54fe59f05c
Update IRC appservice
2021-03-22 12:37:35 +01:00
Slavi Pantaleev
2737ebc290
Complain if people try to use matrix-sygnal on non-amd64
2021-03-20 13:38:27 +02:00
Slavi Pantaleev
b824522b33
Remove unnecessary with_items statement
2021-03-20 13:34:22 +02:00
Slavi Pantaleev
9a0222fa47
Add Sygnal support
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/683
2021-03-20 13:32:22 +02:00
Michael
af240aef37
remove sections from task list that arent needed
2021-03-20 17:35:30 +08:00
Michael
85127bacba
Merge remote-tracking branch 'upstream/master'
2021-03-20 17:21:27 +08:00
Michael
1e54b1d1a5
merge upstream
2021-03-20 17:21:02 +08:00
Slavi Pantaleev
f99dcd611f
Pass proper UID/GID to Synapse
...
Fixes a regression caused by a5ee39266c
.
If the user id and group id were different than 991:991
(which used to be a hardcoded default for us long ago),
there was a mismatch between what Synapse was trying to use (991:991)
and what it was actually started with (in `--user=..`). It was then
trying to change ownership, which was failing.
This was mostly affecting newer installations which were not using the
991:991 defaults we had long ago (since a1c5a197a9
).
2021-03-19 16:44:10 +02:00
Slavi Pantaleev
a5ee39266c
Go through start.py when launching Synapse
...
This allows us to benefit from helpful things it does for us,
like enabling jemalloc: https://github.com/matrix-org/synapse/pull/8553
We weren't going through `start.py` before, because it was causing some
conflict with our `docker run --user=...` stuff, but it doesn't seem
to be a problem anymore.
Having done this, we won't need to do things like
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/941
anymore.
2021-03-19 08:16:59 +02:00
Aaron Raimist
32b3650c12
Set X-Forwarded-Proto on federation requests
2021-03-17 18:51:10 -05:00
Béla Becker
2d7e7680e5
matrix.{{ matrix_domain }} -> {{ matrix_server_fqn_matrix }}
2021-03-17 12:36:45 +01:00
Aaron Raimist
466827139a
Also check if matrix_ssl_lets_encrypt_support_email is blank
2021-03-17 00:54:05 -05:00
Slavi Pantaleev
97c0bf1a73
Merge pull request #942 from pushytoxin/etherpad1_8_12
...
Upgrade Etherpad (1.8.7 -> 1.8.12)
2021-03-16 20:07:34 +02:00
Béla Becker
60aa40845f
Upgrade Etherpad (1.8.7 -> 1.8.12)
2021-03-16 18:55:58 +01:00
Yannick Goossens
27416607d9
Another field with 'invalid input syntax for type smallint'
2021-03-16 16:38:59 +01:00
Michael
5a6bdb0c3d
merge upstream
2021-03-16 21:52:26 +08:00
Michael
571b70a1f4
fix for running outside of AWX
2021-03-16 21:37:19 +08:00
Michael
5a1f3b7d67
GMH v0.3.0
2021-03-14 14:35:38 +08:00
Michael
33ec5710d9
0.2.1 revision
2021-02-28 22:21:40 +08:00
Michael
4c882c513b
initial PR
2021-02-20 17:19:17 +08:00
Marcus Proest
2ca8211184
Merge remote-tracking branch 'upstream/master'
2021-02-19 19:02:48 +01:00
Marcus Proest
b99372a3c5
initial commit of mautrix-instagram role
2021-02-19 17:20:26 +01:00
Slavi Pantaleev
108aed53be
Fix invalid matrix-postgres.service when matrix_postgres_process_extra_arguments is empty
...
This only seems to be affecting some people badly enough to cause
matrix-postgres not to start. Certain systemd versions probably handle
it better or something.
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/889
(hopefully)
2021-02-19 16:33:23 +02:00
Slavi Pantaleev
1dbdfeec07
Fix matrix-postgres stopping for consistency with other services
...
This probably got lost somehow in all the work that happened in
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
2021-02-19 15:53:30 +02:00
Slavi Pantaleev
9f91eaa54b
Fix incorrect service name
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/887
2021-02-19 12:12:21 +02:00
Slavi Pantaleev
91c987ca7d
Merge pull request #872 from xangelix/add-mx-puppet-groupme-gh
...
Add mx-puppet-groupme support
2021-02-19 11:42:41 +02:00
Slavi Pantaleev
d94d0e2ca5
Merge pull request #456 from eMPee584/synapse-workers
...
Synapse workers
2021-02-19 11:40:36 +02:00
Slavi Pantaleev
9dc87bb948
Add Synapse worker presets for easier configuration
...
Adding more presets in the future would be nice.
2021-02-19 11:38:47 +02:00