Commit Graph

8233 Commits

Author SHA1 Message Date
Slavi Pantaleev
f186d6236d Add some missing tags to Synapse role
Without these:

- `--tags=install-synapse` and `--tags=install-all` would be incomplete
and will not contain Synapse worker configuration

- `--tags=install-synapse-reverse-proxy-companion` and
  `--tags=setup-synapse-reverse-proxy-companion` would not contain
  Synapse worker configuration
2022-12-09 10:15:40 +02:00
Slavi Pantaleev
da82c3bd4f Merge pull request #2327 from ikkemaniac/fix-nginxlog-prometheus
fix: nginxlog prometheus config port
2022-12-08 13:15:34 +02:00
Slavi Pantaleev
bdf1bea873 Merge pull request #2326 from ikkemaniac/fix-nginxlox-systemd
fix: nginxlog systemd entry
2022-12-08 13:14:57 +02:00
ikkemaniac
e6fc6b7a86 fix: nginxlog prometheus config port 2022-12-08 01:10:05 +01:00
ikkemaniac
8ef6341fd7 fix: systemd entry 2022-12-08 00:02:54 +01:00
Slavi Pantaleev
7900839d40 Merge pull request #2324 from thedanbob/delete-matrix-scripts
Only delete playbook scripts from /usr/local/bin
2022-12-07 21:37:14 +02:00
Dan Arnfield
5823f1f298 Only delete playbook scripts from /usr/local/bin 2022-12-07 13:26:02 -06:00
Slavi Pantaleev
6a5a09ba9b Remove matrix-change-user-admin-status mentions and provide an alternative 2022-12-07 20:36:28 +02:00
Rhys
fd79140201 Changes to allow a user to set the max participants on a jitsi conference (#2323)
* Changes to allow a user to set the max participants on a jitsi
conference

* changed var name from jitsi_max_participants to matrix_prosody_jitsi_max_participants
2022-12-07 17:54:58 +02:00
ikkemaniac
8ebf18a885 add prometheus-nginxlog-exporter role (#2315)
* add prometheus-nginxlog-exporter role

* Rename matrix_prometheus_nginxlog_exporter_container_url to matrix_prometheus_nginxlog_exporter_container_hostname

* avoid referencing variables from other roles, handover info using group_vars/matrix_servers

* fix: stop service when uninstalling

fix: typo

move available arch's into a var

fix: text

* fix: prometheus enabled condition

Co-authored-by: ikkemaniac <ikkemaniac@localhost>
2022-12-07 16:58:36 +02:00
Slavi Pantaleev
48d601008c Merge pull request #2322 from etkecc/patch-133
postmoogle - add missing join()s
2022-12-07 13:53:12 +02:00
Aine
fda65a0a56 postmoogle - add missing join()s 2022-12-07 11:38:47 +00:00
Slavi Pantaleev
87448c04de Merge pull request #2321 from etkecc/postmoogle-0910
update postmoogle 0.9.9 -> 0.9.10
2022-12-07 08:59:05 +02:00
Aine
ba13231c58 update postmoogle 0.9.9 -> 0.9.10 2022-12-06 22:51:17 +02:00
Slavi Pantaleev
b4cb085fb5 Merge pull request #2320 from etkecc/patch-132
Update element v1.11.15 -> v1.11.16
2022-12-06 16:51:41 +02:00
Aine
ba4580a1fd Update element v1.11.15 -> v1.11.16 2022-12-06 14:50:56 +00:00
Slavi Pantaleev
9edc7da67d Do not specify now-unnecessary worker_main_http_uri Synapse worker setting
Related to

- c15e9a0edb
- 01a0527892
2022-12-06 15:54:06 +02:00
Slavi Pantaleev
13e7399104 Handle /timestamp_to_event via Synapse workers
Related to 8f10c8b054
2022-12-06 15:52:16 +02:00
Slavi Pantaleev
663fe29ddb Do not specify start_pushers in Synapse config
It's unnecessary when `pusher_instances` is populated.

Source: 6acb6d772a
2022-12-06 15:49:56 +02:00
Slavi Pantaleev
135bb5af3e Do not specify send_federation in Synapse config
It's unnecessary when `federation_sender_instances` is populated.

Source: 6acb6d772a
2022-12-06 15:49:28 +02:00
Slavi Pantaleev
84d529b542 Upgrade Synapse (v1.72.0 -> v1.73.0)
Synapse Worker configuration updates are coming later.
2022-12-06 15:47:07 +02:00
Slavi Pantaleev
9ab2a72e86 More matrix_postgres -> devture_postgres changes
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2319
2022-12-06 10:12:31 +02:00
Slavi Pantaleev
86b436792d Merge pull request #2319 from felixx9/master
matrix_ to devture_
2022-12-06 10:11:53 +02:00
felixx9
7f2cdd9889 matrix_ to devture_
I'm not sure, but this should be changed to devture_postgres_... !?
https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#2022-11-28

```yaml
matrix_postgres_process_extra_arguments: [
  "-c 'max_connections=200'"
]
```
2022-12-06 08:47:54 +01:00
Slavi Pantaleev
b1c77f9bf2 Add comment to matrix-backup-borg.service
Related to 8005557061
2022-12-05 15:45:33 +02:00
Slavi Pantaleev
8005557061 Give backup-borg container more permissions to perform the backup
Running with a user (like `matrix:matrix`) fails if Etherpad is enabled,
because `/matrix/etherpad` is owned by `matrix_etherpad_user_uid`/`matrix_etherpad_user_gid` (`5001:5001`).

The `matrix` user can't acccess the Etherpad directory for this reason
and Borgmatic fails when trying to make a backup.

There may be other things under `/matrix` which similarly use
non-`matrix:matrix` permissions.

Another workaround might have been to add `/matrix/etherpad` (and
potentially other things) to `matrix_backup_borg_location_exclude_patterns`, but:

- that means Etherpad won't be backed up - not great
- only excluding Etherpad may not be enough. There may be other files we
  need to exclude as well

---

Running with `root` is still not enough though.

We need at least the `CAP_DAC_OVERRIDE` capability, or we won't be able to read the
`/etc/borgmatic.d/config.yaml` configuration file (owned by
`matrix:matrix` with `0640` permissions).

---

Additionally, it seems like the backup process tries to write to at least a few directories:
- `/root/.borgmatic`
- `/root/.ssh`
- `/root/.config`

> [Errno 30] Read-only file system: '/root/.borgmatic'
> Error while creating a backup.
> /etc/borgmatic.d/config.yaml: Error running configuration file

We either need to stop mounting the container filesystem as readonly
(remove `--read-only`) or to allow writing via a `tmpfs`.

I've gone the `tmpfs` route which seems to work.

In any case, the mounted source directories (`matrix_backup_borg_location_source_directories`)
are read-only regardless, so our actual source files are protected from unintentional changes.
2022-12-05 15:42:57 +02:00
Slavi Pantaleev
7b123907e0 Fix borg repository URL format
Reference: https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls

Otherwise, we'd get:

> /etc/borgmatic.d/config.yaml: Remote repository paths without ssh:// syntax are deprecated. Interpreting "user@hostname:matrix" as "ssh://user@hostname/./matrix"
2022-12-05 15:15:47 +02:00
Slavi Pantaleev
64b03c2dfd Fix backup-borg repository initialization for borgmatic 1.7+ (or borg 2.0) 2022-12-05 15:00:11 +02:00
Slavi Pantaleev
1f1a3dfc38 Ensure database port is passed to Borg as an integer
Without this, it's a string and borg says:

> At 'hooks.postgresql_databases[INDEX_HERE].port': '5432' is not of type 'integer'
> /etc/borgmatic/config.yaml /etc/borgmatic.d /tmp/.config/borgmatic/config.yaml /tmp/.config/borgmatic.d: No valid configuration files found

.. and fails to do anything.
2022-12-05 14:42:02 +02:00
Slavi Pantaleev
d8df03dfc9 Mark Postgres v15 as supported for borg backup
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2257

Fixed in d134cd7c4c
(thanks to `alpine:latest` now being `alpine:3.17.0`, which includes
Postgres v15)
2022-12-05 11:46:49 +02:00
Slavi Pantaleev
b2a40effaf Fix Element self-building by switching to docker-buildx
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2318
2022-12-05 10:02:54 +02:00
Slavi Pantaleev
6414599079 Upgrade Coturn (4.6.0 -> 4.6.1) 2022-12-05 09:46:11 +02:00
Slavi Pantaleev
9b47a85322 Merge pull request #2316 from qlyoung/fix-s3-ensure-data-directory
fix s3 storage provider not ensuring data dir
2022-12-04 10:20:27 +02:00
Slavi Pantaleev
7464604ddd Make use of matrix_synapse_ext_s3_storage_provider_data_path in a few more places 2022-12-04 10:17:55 +02:00
Quentin Young
b31731ebf8 fix s3 storage provider not ensuring data dir
This path is accessed by the s3 storage provider stuff and needs to be
ensured.

Broken by 7c5c3aedc
2022-12-04 01:16:58 -05:00
Slavi Pantaleev
ceb2c30277 Upgrade mautrix-signal (v0.4.1 -> v0.4.2) 2022-12-03 15:37:17 +02:00
Slavi Pantaleev
4589f94053 Upgrade Postgres (minor versions upgrade) 2022-12-02 19:17:35 +02:00
Slavi Pantaleev
d59bbfdfc9 Upgrade Hookshot (2.4.0 -> 2.5.0) 2022-12-02 19:15:04 +02:00
Slavi Pantaleev
a353bda7a1 Upgrade appservice-slack (2.0.1 -> 2.0.2) 2022-12-01 23:30:09 +02:00
Slavi Pantaleev
9e93030159 Upgrade Grafana (9.3.0 -> 9.3.1) 2022-12-01 23:29:33 +02:00
Slavi Pantaleev
7dc612743d Merge pull request #2311 from etkecc/patch-131
Update prometheus 2.40.4 -> 2.40.5
2022-12-01 17:40:03 +02:00
Aine
ea401170e1 Update prometheus 2.40.4 -> 2.40.5 2022-12-01 15:16:33 +00:00
Slavi Pantaleev
5e595611fe Merge pull request #2309 from etkecc/patch-130
fix hookshot role
2022-11-30 14:33:40 +02:00
Aine
8ca6cdd016 fix hookshot role 2022-11-30 12:25:51 +00:00
Slavi Pantaleev
e3d21e8096 Rename some default Hookshot variables
Fixup for 7e2e2626a0

Some references were left unrenamed which caused `validate_config.yml`
to trigger.
2022-11-30 11:55:23 +02:00
Slavi Pantaleev
dc817f30ce Upgrade Grafana (9.2.7 -> 9.3.0) 2022-11-30 11:50:21 +02:00
Slavi Pantaleev
9d5b5d7a01 Merge pull request #2308 from etkecc/patch-129
Update grafana 9.2.6 -> 9.2.7
2022-11-30 11:28:39 +02:00
Slavi Pantaleev
0a018ac22b Add internal Postgres instance (if enabled) to postgres-backup dependencies 2022-11-30 11:22:00 +02:00
Slavi Pantaleev
d5ea17d66f Make postgres-backup priority start later 2022-11-30 11:18:39 +02:00
Slavi Pantaleev
4eed49f931 Replace custom/matrix-postgres-backup role with galaxy/com.devture.ansible.role.postgres_backup
This role is usable on its own and it's not tied to Matrix, so
extracting it out into an independent role that we install via
ansible-galaxy makes sense.

This also fixes the confusion from the other day, where
`matrix_postgres_*` had to be renamed to `devture_postgres_*`
(unless it was about `matrix_postgres_backup_*`).
We now can safely say that ALL `matrix_postgres_*` variables need to be
renamed.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2305
2022-11-30 11:01:19 +02:00