Commit Graph

3455 Commits

Author SHA1 Message Date
Slavi Pantaleev
fa76c1ee5b Do not run self-build Ansible version-check, if component not enabled
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1108
2021-06-08 08:59:02 +03:00
Slavi Pantaleev
bec9eaeb50 Merge pull request #1108 from tommes0815/fix-hydrogen-for-ansible2.7
fix error when running with Ansible 2.7 in the hydrogen setup
2021-06-07 22:09:39 +03:00
Thom Wiggers
3c05cc04bc Update IRC appservice 2021-06-07 10:41:18 +02:00
Thomas Kühne
7f4e71b22a fix error when running with Ansible 2.7 in the hydrogen setup
Without this the hydrogen task would fail for Ansible 2.7 even when hydrogen is not enabled.
2021-06-06 14:37:17 +02:00
Michael-GMH
122a92fa1c GoMatrixHosting v0.4.9 update 2021-06-04 13:10:45 +08:00
Slavi Pantaleev
b1f1c28ef0 Upgrade Synapse (1.34.0 -> 1.35.0) 2021-06-01 19:14:59 +03:00
Michael-GMH
ad7bbd6442 merge upstream 2021-06-01 16:00:13 +08:00
Michael-GMH
6f40d78353 fix random edits to upstream 2021-05-25 21:25:40 +08:00
Michael-GMH
ea6e344d05 merge upstream 2021-05-25 21:10:34 +08:00
Michael-GMH
85777e8f96 merge with upstream 2021-05-25 21:08:00 +08:00
Slavi Pantaleev
1ed0857019 Fix syntax error
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
2021-05-25 11:45:17 +03:00
sakkiii
4a4a7f136e changes added to hydrogen client 2021-05-25 11:42:51 +05:30
sakkiii
25e67b51d1 Merge branch 'spantaleev:master' into master 2021-05-25 11:40:56 +05:30
sakkiii
3436f9c10a rename to matrix_nginx_proxy_hsts_preload_enabled 2021-05-25 00:56:59 +05:30
Slavi Pantaleev
0648b1b618 Upgrade Element (1.7.28 -> 1.7.29) 2021-05-24 20:38:48 +03:00
sakkiii
7cc5328ede Comments & Ref 2021-05-24 17:20:54 +05:30
sakkiii
df2d91970d matrix_nginx_proxy_xss_protection 2021-05-24 17:02:47 +05:30
Slavi Pantaleev
d4c7a90b5c Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility
Allow Jitsi XMPP websocket support for users using own webserver.
2021-05-24 11:07:05 +03:00
ewang
409cd2b9a3 Source port binding from group vars in line other components 2021-05-23 14:06:18 +02:00
Eagle-251
ef6a7e051c Fix missing port binding. 2021-05-22 15:55:50 +02:00
ewang
1bb6ed97ae Make port bindings default for those disabling nginx proxy
I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```.
Hopefully that should make it the default behaviour now.
2021-05-22 15:53:42 +02:00
Aaron Raimist
3c0452ff5a Remove unnecessary bind for config.json, use proper nginx.conf 2021-05-21 17:22:40 -05:00
ewang
4a772e50f4 Allow Jitsi XMPP webscoket support for users using own webserver.
Added:
 - Conditional localhost Port bindings for Jitsi Prosody systemd template
- Added variable to main.yml to allow overriding from vars.yml
2021-05-21 15:26:06 +02:00
Slavi Pantaleev
6f80292745 Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-21 13:40:37 +03:00
Slavi Pantaleev
d0de21ab34 Delete Hydrogen nginx configuration file when disabled 2021-05-21 12:58:32 +03:00
Aaron Raimist
ac4ede20af Add docs 2021-05-21 04:43:04 -05:00
Aaron Raimist
1633f61018 Only install config.json when self building 2021-05-21 04:23:06 -05:00
Aaron Raimist
04548f8df2 Merge branch 'master' into hydrogen 2021-05-21 04:09:18 -05:00
Aaron Raimist
9437f78c9e Build using custom config.json, add CSP, update to 0.1.53 2021-05-21 03:45:21 -05:00
Slavi Pantaleev
47b4608b96 Fail in a friendlier way when trying to self-build on Ansible <= 2.8
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070

Related discussion here: 1ab507349c (commitcomment-51108407)
2021-05-21 11:15:05 +03:00
Slavi Pantaleev
1ab507349c Fix self-building for various components on Ansible < 2.8
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
2021-05-20 08:43:20 +03:00
Slavi Pantaleev
66615c43a3 Merge pull request #1065 from sakkiii/patch-1
Update grafana (7.5.6->7.5.7)
2021-05-19 22:07:59 +03:00
Tobias K
3dcbed6353 roles/matrix-grafana: Set root_url in granafa.ini 2021-05-19 19:52:58 +02:00
sakkiii
8529ca4c17 Update grafana (7.5.6->7.5.7) 2021-05-19 22:30:03 +05:30
Slavi Pantaleev
073d920a62 Merge pull request #1061 from sakkiii/ssl_enhancement
Optimize SSL session
2021-05-19 17:14:52 +03:00
Toni Spets
544915ff76 Add Heisenbridge 2021-05-19 10:42:21 +03:00
Slavi Pantaleev
21eb39f986 Mention matrix_common_after_systemd_service_start_wait_for_timeout_seconds in failure message
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:46:13 +03:00
Slavi Pantaleev
ee46fabdca Make waiting time for --tags=start configurable
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:39:55 +03:00
sakkiii
e9b878b9e9 Optimize SSL session 2021-05-18 19:39:43 +05:30
Slavi Pantaleev
e6afa05f7b Enable OCSP stapling for the federation port
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057

Not sure if this is beneficial though.
2021-05-18 08:15:42 +03:00
Slavi Pantaleev
57a6a98a50 Fix incorrect SSL certificate path
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-18 07:58:47 +03:00
Slavi Pantaleev
b9c4e8ce16 Merge pull request #1057 from sakkiii/ssl_staple
Enable OCSP Stapling
2021-05-18 07:50:35 +03:00
sakkiii
d31b55b2a7 SSL-enabled block only 2021-05-18 03:24:06 +05:30
rakshazi
400371f6dd Updated Element version (1.7.27 -> 1.7.28) 2021-05-17 13:15:12 +00:00
Slavi Pantaleev
d156c8caa2 Upgrade Synapse (1.33.2 -> 1.34.0) 2021-05-17 14:58:07 +03:00
Slavi Pantaleev
e4dd933cf0 Make missing /_synapse/admin correctly return 404 responses
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058

We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.

For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints)
2021-05-17 11:45:35 +03:00
sakkiii
2c3da6599b Added warning 2021-05-15 16:07:52 +05:30
sakkiii
0dd4459799 matrix_nginx_proxy_ocsp_stapling_enabled variable added 2021-05-15 16:01:49 +05:30
sakkiii
c05021640d Enable OCSP Stapling 2021-05-15 15:57:05 +05:30
Aaron Raimist
ca361af616 Add Hydrogen 2021-05-15 04:23:36 -05:00