Marcel Partap
1e971312e8
synapse workers: handle auth fallback endpoint on main process only
...
(allegedly breaks with SSO enabled)
2020-11-10 21:23:19 +01:00
Marcel Partap
e5072c20d9
synapse workers/nginx: handle media_repository worker endpoints on federation port
...
to prevent "404 on the federation port for the path `/_matrix/media`,
if a remote server is trying to get the media object on federation
port, see https://github.com/matrix-org/synapse/issues/8695 "
https://github.com/matrix-org/synapse/pull/8701
2020-11-10 20:35:39 +01:00
Aaron Raimist
31619e0968
Upgrade Element (1.7.12 -> 1.7.13)
2020-11-10 11:27:15 -06:00
Slavi Pantaleev
235299939d
Upgrade nginx (1.19.3 -> 1.19.4)
2020-11-10 09:30:00 +02:00
Scott Crossen
59bb6b2971
responded to reviewer comments
2020-11-09 13:32:58 -08:00
Scott Crossen
e894befd87
Updates to reviewer comments
2020-11-07 17:53:13 -08:00
Slavi Pantaleev
350c39d745
Update comment
2020-11-02 11:13:25 +02:00
Slavi Pantaleev
ef68d3d296
Add support for reverse-proxying /_synapse/oidc
...
This broke in 63a49bb2dc
.
Proxying the OpenID Connect endpoints is now possible,
but needs to be enabled explicitly now.
Supersedes #702 (Github Pull Request).
This patch builds up on the idea from that Pull Request,
but does things in a cleaner way.
2020-11-02 11:10:03 +02:00
Slavi Pantaleev
5c91e56898
Upgrade Synapse (v1.22.0 -> v1.22.1)
2020-10-30 19:35:55 +02:00
Aaron Raimist
c33d007306
Switch to the new vectorim/element-web Docker image
2020-10-29 11:46:58 -05:00
Marcel Partap
cce90b187a
synapse workers: fix undefined variable cases when removing workers
2020-10-28 23:09:21 +01:00
Slavi Pantaleev
c1c6eaefff
Upgrade Element (1.7.10 -> 1.7.12)
2020-10-28 17:34:39 +02:00
Slavi Pantaleev
9a46647010
Make https://matrix.DOMAIN/ redirect to https://element.DOMAIN/
...
Fixes #696 (Github Issue)
2020-10-28 10:39:12 +02:00
Slavi Pantaleev
4700e80389
Raise standalone default Matrix Client API client_max_body_size
...
We do this to match Synapse's new default "max_upload_size" (50MB).
This `matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb`
default value only affects standalone usage of the `matrix-nginx-proxy`
role. When the role is used in the context of the playbook,
the value is dynamically assigned from `group_vars/matrix_servers`.
Somewhat related to #692 (Github Issue).
2020-10-28 10:02:47 +02:00
Marcel Partap
e078e29ef8
synapse workers: fix self name in workers-doc-to-yaml.awk script
2020-10-28 08:39:31 +01:00
Slavi Pantaleev
ef07aa8e5d
Prevent certain nginx location blocks from being ignored
...
The regex introduced in 63a49bb2dc
seems to take precedence
over the bare location blocks, causing a regression.
> It is important to understand that, by default, Nginx will serve regular expression matches in preference to prefix matches.
> However, it evaluates prefix locations first, allowing for the administer to override this tendency by specifying locations using the = and ^~ modifiers.
Source: https://www.digitalocean.com/community/tutorials/understanding-nginx-server-and-location-block-selection-algorithms
2020-10-28 09:38:04 +02:00
Marcel Partap
2d1b9f2dbf
synapse workers: reworkings + get endpoints from upstream docs via awk
...
(yes, a bit awkward and brittle… xD)
2020-10-28 07:13:19 +01:00
Slavi Pantaleev
70f0b97a0a
Upgrade Synapse (v1.21.2 -> v1.22.0)
2020-10-27 14:24:02 +02:00
Slavi Pantaleev
63a49bb2dc
Do not expose /_synapse/admin publicly by default
...
Fixes #685 (Github Issue).
2020-10-26 10:36:38 +02:00
Marcel Partap
87bd64ce9e
Merge remote-tracking branch 'origin/master' into synapse-workers
2020-10-23 23:45:07 +02:00
Marcel Partap
a4125d5446
synapse workers: polishing, cleansing and installation of jq dependency
2020-10-23 20:49:53 +02:00
Marcel Partap
501efee07e
synapse workers: supply systemd with actual worker PIDs (requires jq)
...
also, worker.yaml.j2:
- hone worker_name
- remove worker_pid_file entry (would only be used if worker_daemonize
set to true; also, synapse only knows about the container namespace
and thus can not provide the required host-view PID)
2020-10-22 20:53:41 +02:00
Slavi Pantaleev
24c6d7e81f
Upgrade Element (1.7.9 -> 1.7.10)
2020-10-20 19:06:16 +03:00
Scott Crossen
94dcceb7b9
removed intentional delay
2020-10-19 11:26:37 -07:00
Scott Crossen
efeb651789
Removed typo
2020-10-19 11:25:01 -07:00
Scott Crossen
e7d79a95dc
removed platform-specific stuff
2020-10-19 10:46:02 -07:00
Scott Crossen
19721be8b1
removed dhcp option
2020-10-18 21:05:32 -07:00
Scott Crossen
de1511b4bb
Fixed valdiation
2020-10-16 21:31:07 -07:00
Scott Crossen
806f98447c
Removed directory creation
2020-10-16 21:26:58 -07:00
Scott Crossen
51cca4c312
Added containerization
2020-10-16 21:21:58 -07:00
Tobias Küchel
1cf5b1d80f
e2ee_backup: rename variables to be consistent with naming scheme
2020-10-16 09:24:50 +02:00
Tobias Küchel
5158fa4df9
e2ee_backup_methods: rather leave the default empty, so that the system default may apply
2020-10-16 08:50:16 +02:00
Tobias Küchel
8f7e21892d
fix indentation, updated to proposed changes from Slavi: no more ifdef
2020-10-16 08:47:37 +02:00
Tobias Küchel
4cfa112755
update default backup_methods as proposed by the system anyway
2020-10-16 08:44:04 +02:00
Tobias Küchel
6599204334
fix commata not being set when secure_backup_required false
2020-10-16 08:20:22 +02:00
Tobias Küchel
48f929dc91
add variables for secure_backup_required and secure_backup_setup_methods
2020-10-16 00:32:00 +02:00
Slavi Pantaleev
f7ecc7a2a5
Upgrade Synapse (v1.21.1 -> v1.21.2)
2020-10-15 17:42:52 +03:00
jgbresson
640166e4c3
Upgrade Element (1.7.8 -> 1.7.9)
2020-10-15 00:09:54 -04:00
Dan Arnfield
b65bfc38ce
Update nginx (1.19.2 -> 1.19.3)
2020-10-14 06:23:33 -05:00
Scott Crossen
53bc7a77e1
fixed EOF issues
2020-10-13 16:47:09 -07:00
Scott Crossen
fa5d85426b
Renamed systemd descriptions for all bridges
2020-10-13 16:40:30 -07:00
Scott Crossen
1f988969a5
Added role for dynamic dns
2020-10-13 16:26:57 -07:00
Slavi Pantaleev
5abd511368
Upgrade Synapse (v1.21.0 -> v1.21.1)
2020-10-13 13:08:25 +03:00
Slavi Pantaleev
d250727e8b
Upgrade certbot (1.7.0 -> 1.9.0)
2020-10-13 09:44:32 +03:00
Aaron Raimist
78529cbd47
Upgrade Synapse (v1.20.1 -> v1.21.0)
2020-10-12 23:59:34 -05:00
Marcel Partap
d2e61af224
Add worker_name to synapse worker config template
...
& restrict federation listener; frontend_proxy / user_dir don't need it
2020-10-11 21:52:08 +02:00
Marcel Partap
36e9be6092
matrix_synapse_workers_{avail,enabled}_list: sort non-generic workers
...
.. alphabetically and put those not documented as multi-instance
capable on ports ending on zero.
2020-10-11 21:44:42 +02:00
Marcel Partap
e9241f5fb9
Improve synapse-workers systemd service template
...
Is the PID magic gonna work? or will it need an ExecStartPost hack..
2020-10-11 21:09:19 +02:00
Marcel Partap
40024e9b81
Prevent workers failing if their config doesn't exist
...
- cherry-pick "Ensure worker config exists in systemd service (#7528 )"
from synapse d74cdc1a42e8b487d74c214b1d0ca575429d546a:
"check that the worker config file exists instead of silently failing."
2020-10-11 21:09:19 +02:00
Marcel Partap
93a8ea7e4a
Merge remote-tracking branch 'master' into feature/add-worker-support
2020-10-11 20:59:05 +02:00
Fanch
1a9cafa3a3
add run-docker-prune command
2020-10-10 04:11:26 +02:00
Slavi Pantaleev
6a72e3fa54
Try to make importing SQLite from older Synapse version work
...
If the SQLite database was from an older version of Synapse, it appears
that Synapse would try to run migrations on it first, before importing.
This was failing, because the file wasn't writable.
Hopefully, this fixes the problem.
2020-10-07 08:54:46 +03:00
Slavi Pantaleev
23daec748c
Require Ansible v2.7 or newer (because of items2dict and dict2items)
...
Interestingly, no one has reported this failure before #662 (Github
Issue).
It doesn't make sense to keep saying that we support such old Ansible
versions, when we're not even testing on anything close to those.
Time is also passing and such versions are getting more and more
ancient. It's time we bumped our requirements to something that is more
likely to work.
2020-10-02 11:53:19 +03:00
Slavi Pantaleev
07fa8404bf
Upgrade matrix-corporal (1.10.1 -> 1.11.0)
2020-10-01 18:30:30 +03:00
Slavi Pantaleev
9e8c14bf65
Merge pull request #660 from clemsos/master
...
Element web : update welcome page template
2020-10-01 09:44:48 +03:00
Dan Arnfield
3a3383fada
Add support for postgres 13
2020-09-30 16:50:59 -05:00
Slavi Pantaleev
43c5f3ec6e
Do not create /home/matrix when creating the matrix user
2020-09-29 18:14:37 +03:00
Clement Renaud
ac3ba1d919
element web : update welcome page template
2020-09-29 12:33:47 +02:00
Slavi Pantaleev
7eb8192a51
Comlain about version requirement on Ansible v1
...
I don't believe Ansible v1 would even go as far as executing this
sanity check, but.. Adding an extra defensive check for completeness.
2020-09-29 12:37:39 +03:00
Slavi Pantaleev
3d702fe03b
Avoid set_fact with error message to prevent confusion
2020-09-29 12:23:39 +03:00
Slavi Pantaleev
3818d82852
Upgrade Element (1.7.7 -> 1.7.8)
2020-09-28 22:20:36 +03:00
Slavi Pantaleev
263727095d
Merge pull request #657 from cnvandijk/feature-client-well-known
...
Client well known compatibility
2020-09-28 09:19:25 +03:00
Slavi Pantaleev
3e2f0a4240
Upgrade matrix-synapse-admin (0.4.1 -> 0.5.0)
...
Related to #658 (Github Issue).
2020-09-28 09:11:05 +03:00
Chris van Dijk
b9c8d059d0
Support both the im.vector.riot and io.element variants in client .well-known
...
According to the docs, "e2ee" is already under "io.element":
https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md#disabling-encryption-by-default
however "jitsi" is still under "im.vector.riot":
https://github.com/vector-im/element-web/blob/develop/docs/jitsi.md#configuring-element-to-use-your-self-hosted-jitsi-server
For now let's just maintain backward and forward compatibility for both
settings since the client version is out of the control of this
playbook.
2020-09-26 16:57:02 +00:00
Chris van Dijk
f6b0f0a477
Rename matrix_riot_jitsi_preferredDomain and matrix_riot_e2ee_default to Element
2020-09-26 16:24:09 +00:00
Slavi Pantaleev
9fba46e694
Merge pull request #655 from aaronraimist/element-showLabs
...
Allow configuration of Element's bug_report_endpoint_url and showLabsSettings
2020-09-25 12:02:29 +03:00
Aaron Raimist
dc2def914e
Allow configuration of Element's bug_report_endpoint_url and showLabsSettings
...
showLabsSettings is the new enableLabs I guess. enableLabs doesn't seem to do anything anymore. It had been deprecated for a while.
This PR also removes @riot-bot:matrix.org as the default welcome_user_id since it doesn't exist anymore.
2020-09-24 18:37:31 -05:00
Slavi Pantaleev
e68450f094
Upgrade Synapse (v1.20.0 -> v1.20.1)
2020-09-24 18:43:54 +03:00
Slavi Pantaleev
329fef048f
Upgrade matrix-corporal (1.10.0 -> 1.10.1)
2020-09-22 19:43:23 +03:00
Slavi Pantaleev
32ac4706cb
Upgrade matrix-corporal (1.9.0 -> 1.10.0)
2020-09-22 19:28:27 +03:00
Slavi Pantaleev
dd217137b6
Upgrade Synapse (v1.19.3 -> v1.20.0)
2020-09-22 19:28:07 +03:00
Slavi Pantaleev
65e22a6888
Upgrade Synapse (v1.19.2 -> v1.19.3)
2020-09-18 17:37:04 +03:00
Slavi Pantaleev
6db3a46f88
Merge pull request #650 from dwiegreffe/master
...
New docker image appservice-slack
2020-09-18 14:31:39 +03:00
Daniel Wiegreffe
b3926e7cca
Update main.yml
2020-09-18 13:26:07 +02:00
Max Klenk
fc2edcbecf
fix media routing
2020-09-18 10:45:01 +02:00
Max Klenk
132daba1af
fix worker routes
2020-09-18 10:18:32 +02:00
Slavi Pantaleev
e10e3e354d
Upgrade Synapse (v1.19.1 -> v1.19.2)
2020-09-16 16:35:17 +03:00
Dan Arnfield
faa96ca0c3
Update element (1.7.5 -> 1.7.7)
2020-09-15 06:15:30 -05:00
Daniel Wiegreffe
8f41041f6d
replacement of the docker image for appservice-slack to the officially maintained image
2020-09-15 09:11:56 +02:00
Scott Crossen
b24333dd0f
Use the same naming convention as the other mx-puppet suite.
2020-09-14 11:11:30 -07:00
Slavi Pantaleev
6e8a39119b
Update matrix-reminder-bot (0.1.0 -> 0.2.0)
2020-09-14 10:19:47 +03:00
0hlov3
c19abe4a76
Changes matrix_dimension_integrations_ui_url from /riot to /element https://dimension.t2bot.io/
2020-09-13 04:19:19 +02:00
Max Klenk
1e68d8b2e5
allow to pass arguments to the postgres process
2020-09-11 14:29:10 +02:00
Max Klenk
880025324a
fix redis config if no password is set
2020-09-11 10:35:50 +02:00
Max Klenk
4fdfc0a34f
add missing ratelimiting options required for load testing
2020-09-11 09:46:20 +02:00
Max Klenk
9a3d84b931
Merge branch 'master' into feature/add-worker-support
2020-09-10 13:57:11 +02:00
Max Klenk
a25a429a52
add redis support
2020-09-10 13:39:00 +02:00
Slavi Pantaleev
5bb2c43502
Add support for enabling Jitsi lobby
...
Related to #643 (Github Issue)
2020-09-10 09:08:45 +03:00
Slavi Pantaleev
2a1ec38e3a
Stop using Ansible's cron module
...
This is mainly to address SSL renewal not working for us due to:
- https://github.com/ansible/ansible/issues/71213
- https://github.com/ansible/ansible/pull/71207
Using the cron module was hacky anyway. We shouldn't need an extra
level of buggy abstraction to manage a cronjob file.
2020-09-06 10:49:19 +03:00
Slavi Pantaleev
bed16fd065
Upgrade Element (1.7.4 -> 1.7.5)
2020-09-01 20:51:51 +03:00
Slavi Pantaleev
6def66940f
Fix broken cover photo for matrix-registration
2020-09-01 18:17:04 +03:00
Slavi Pantaleev
da38a7869f
Add matrix-registration support
2020-09-01 13:46:05 +03:00
Slavi Pantaleev
a456e3a9e7
Surface certain messages at the end of playbook execution
...
Fixes #106 (Github Issue).
2020-09-01 13:12:35 +03:00
Slavi Pantaleev
e3dca2f66f
Try to avoid Docker logs growing too much for one-off containers
...
We recently had a report of the Postgres backup container's log file
growing the size of /var/lib/docker until it ran out of disk space.
Trying to prevent similar problems in the future.
2020-09-01 09:03:48 +03:00
Max Klenk
06bc430c7c
refactor to use new workers and routes they serve
2020-08-28 13:53:39 +02:00
Max Klenk
53ccc783b7
remove duplicated key
2020-08-27 15:26:46 +02:00
Max Klenk
59d1fb76b6
only apply worker redirects if workers are enabled
2020-08-27 15:25:32 +02:00
Max Klenk
567d0318b0
Merge branch 'synapse-workers' into feature/add-worker-support
2020-08-27 15:22:12 +02:00
Slavi Pantaleev
3c285bc6f5
Install lsb-release on Debian distros if unavailable
...
Certain more-minimal Debian installations may not have
lsb-release installed, which makes the playbook fail.
We need lsb-release on Debian, so that ansible_lsb
could tell us if this is Debian or Raspbian.
2020-08-27 13:58:35 +03:00
Slavi Pantaleev
6e9600ffec
Upgrade Synapse (v1.19.0 -> v1.19.1)
2020-08-27 12:59:11 +03:00