Commit Graph

9234 Commits

Author SHA1 Message Date
Slavi Pantaleev
2ebbe26e25 Merge pull request #3055 from Curious-r/master
Fix "SSL_do_handshake() failed" in nginx reverse-proxy
2023-12-22 08:34:46 +02:00
Curious
a4c3bedf4b Fix "SSL_do_handshake() failed" in nginx reverse-proxy
In nginx reverse-proxy, when the upstream server relies on SNI, the reverser-proxy may return 502 by follow error:
```
*10 SSL_do_handshake() failed (SSL: error:0A000410:SSL routines::sslv3 alert handshake failure:SSL alert number 40) while SSL handshaking to upstream, client: 172.19.0.1, server: example.host, request: "GET /.well-known/matrix/client HTTP/2.0", upstream: "https://<ip>/.well-known/matrix/client", host: "<domain>"
```
This problem often arises when the upstream server is behind the CDN, setting `proxy_ssl_server_name` to `on` will solve it.
2023-12-22 07:44:34 +08:00
Pierre 'McFly' Marty
1894f84b8a chore: update bridge docker tag 2023-12-21 18:27:32 +01:00
Pierre 'McFly' Marty
a8e14ac79e fix: ansible yaml syntax 2023-12-21 14:03:37 +01:00
Michael Hollister
0908c6b662 Added Traefik support to MMR 2023-12-20 13:38:46 -06:00
Pierre 'McFly' Marty
7163b9df3c Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-20 17:52:51 +01:00
Slavi Pantaleev
8051fd7012 Merge pull request #3053 from spantaleev/renovate/vectorim-element-web-1.x
chore(deps): update vectorim/element-web docker tag to v1.11.52
2023-12-19 19:09:03 +02:00
Slavi Pantaleev
06f62e031a Merge pull request #3052 from spantaleev/renovate/grafana-10.x
chore(deps): update dependency grafana to v10.2.3-0
2023-12-19 19:08:44 +02:00
renovate[bot]
8ca3b7c5c6 chore(deps): update vectorim/element-web docker tag to v1.11.52 2023-12-19 16:56:18 +00:00
renovate[bot]
b898ae661c chore(deps): update dependency grafana to v10.2.3-0 2023-12-19 16:56:14 +00:00
Pierre 'McFly' Marty
81e015db9d feat: auto removal of signal-daemon service 2023-12-19 12:37:13 +01:00
Pierre 'McFly' Marty
b426a68316 chore: update mautrix-signal for legacy compat. 2023-12-19 12:33:05 +01:00
Pierre 'McFly' Marty
c93b642f90 doc: check typo 2023-12-18 16:51:35 +01:00
Pierre 'McFly' Marty
c9a1d79954 Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-18 16:39:34 +01:00
Pierre 'McFly' Marty
2f6525ccb3 refactor: remove signalgo and update signal to 'after merge' 2023-12-18 16:38:52 +01:00
Michael Hollister
42f33339c5 Updated MMR docs with updated fields in main.yaml (#3047)
* Updated MMR docs with updated fields in main.yaml

* Removed uneeded placeholder db password
2023-12-18 11:01:59 +02:00
Joshua Hoffmann
09b8f49871 Update prerequisites.md (#3050)
* Update prerequisites.md

Document that sudo is required.

* Relocate sudo requirement in prerequisites and reword

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2023-12-18 10:58:28 +02:00
Slavi Pantaleev
64db27c7fa Merge pull request #3049 from Michael-Hollister/michael/synapse-add-cp-config-variables
Added Synapse connection pool config variables
2023-12-17 09:18:21 +02:00
Slavi Pantaleev
fd3d9640d8 Merge pull request #3048 from spantaleev/renovate/dock.mau.dev-mautrix-whatsapp-0.x
chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.10.5
2023-12-17 09:17:54 +02:00
Slavi Pantaleev
530d291a52 Merge pull request #3046 from spantaleev/renovate/dock.mau.dev-mautrix-gmessages-0.x
chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.2.3
2023-12-17 09:15:22 +02:00
Michael Hollister
a66a2d2692 Added Synapse connection pool config variables 2023-12-16 19:16:05 -06:00
renovate[bot]
d925409567 chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.10.5 2023-12-17 00:21:33 +00:00
Michael Hollister
805280355c Changed mxc links to matrix_domain instead of matrix_server_fqn_matrix 2023-12-16 16:52:04 -06:00
renovate[bot]
90d576dac9 chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.2.3 2023-12-16 22:39:09 +00:00
Michael Hollister
ae759bd86e Added missing MMR federation directives 2023-12-16 14:27:41 -06:00
Pierre 'McFly' Marty
0e4c878ee3 Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-16 12:34:56 +01:00
Slavi Pantaleev
9f5d4018c7 Upgrade matrix-mailer (4.96.2-r0-0 -> 4.97-r0-0) 2023-12-16 12:39:22 +02:00
Slavi Pantaleev
ace00fe92b Upgrade devture/ansible (2.14.5-r0-0 -> 2.16.1-r0-0) 2023-12-16 09:59:07 +02:00
Slavi Pantaleev
dbf1a685bf Do not connect Hookshot to Redis unless encryption is enabled
It seems like connectivity is problematic, even though the networks
appear to be configured correctly:

> [ioredis] Unhandled error event: Error: connect ECONNREFUSED 172.22.0.2:6739
> at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1595:16)

For now, I disable pointing the queue host to Redis to avoid it.
It should be investigated.

People who enable Hookshot's new experimental encryption may encounter
this also.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3042
2023-12-16 09:54:09 +02:00
Slavi Pantaleev
ae983491e7 Add undefined matrix_hookshot_container_ident variable (and rename it to matrix_hookshot_ident)
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3042
2023-12-16 09:54:04 +02:00
Slavi Pantaleev
94c1503a60 Add support for experimental encryption in Hookshot
Squashed based on the work done in https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3042

commit 49932b8f3c
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:21:31 2023 +0200

    Fix syntax in matrix-bridge-hookshot/tasks/reset_encryption.yml

    Also, this task always does work and side-effects, so it should always report changes
    (`changed_when: true`).

commit 6bdf7a9dcb
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:12:41 2023 +0200

    Add Hookshot validation task to ensure queue settings are set when encryption is enabled

commit 8c531b7971
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:10:17 2023 +0200

    Add missing variables rewiring in group_vars/matrix_servers for Hookshot

commit 7d26dabc2f
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:08:19 2023 +0200

    Add defaults for matrix_hookshot_queue_host and matrix_hookshot_queue_port

commit 74f91138c9
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:06:17 2023 +0200

    Fix syntax for connecting to additional networks for Hookshot

commit ca7b41f3f2
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:05:28 2023 +0200

    Fix indentation and remove unnecessary if-statements

commit ac4a918d58
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:04:44 2023 +0200

    Add missing --network for Hookshot

    This seems to have been removed by accident.

commit 6a81fa208f
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:02:47 2023 +0200

    Make automatic Redis enabling safer, when Hookshot encryption enabled

    If we ever default encryption to enabled for Hookshot, we only wish to force-enable Redis if Hookshot is actually enabled.

commit 75a8e0f2a6
Author: Slavi Pantaleev <slavi@devture.com>
Date:   Sat Dec 16 09:01:10 2023 +0200

    Fix typo

commit 98ad182eac
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:37:40 2023 +0100

    Add defaults for Hookshot's encryption

commit 29fa9fab15
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:35:11 2023 +0100

    Improve wording of Hookshot's encryption section

commit 4f835e0560
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:28:52 2023 +0100

    use safer mount options for the container's files

commit 8c93327e25
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:26:01 2023 +0100

    fix filename

commit 03a7bb6e77
Merge: e55d7694 06047763
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:23:44 2023 +0100

    Merge branch 'HarHarLinks/hookshot-encryption' of https://github.com/real-joshua/matrix-docker-ansible-deploy into HarHarLinks/hookshot-encryption

commit 06047763bb
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:15:54 2023 +0100

    Update roles/custom/matrix-bridge-hookshot/templates/config.yml.j2

    change the if statement to not require a variable with a length > 0 and add a filter to json for the redis host

    Co-authored-by: Slavi Pantaleev <slavi@devture.com>

commit e55d769465
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:13:50 2023 +0100

    clarify that Redis is required, standardadise on Hookshot with an upper-case first letter for consistency

commit 66706e4535
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 22:08:20 2023 +0100

    Update roles/custom/matrix-bridge-hookshot/templates/config.yml.j2

    fix for a typo

    Co-authored-by: Slavi Pantaleev <slavi@devture.com>

commit f6aaeb9a16
Merge: e5d34002 869dd33f
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 00:22:34 2023 +0100

    Merge branch 'master' into HarHarLinks/hookshot-encryption

commit e5d34002fd
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Fri Dec 15 00:09:27 2023 +0100

    Add Jinja loop to allow adding multiple networks

commit 69f947782d
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Thu Dec 14 23:52:41 2023 +0100

    split if statements for the message queue and experimental encryption support into seperate statements

commit 4c13be1c89
Author: Joshua Hoffmann <joshua.hoffmann@b1-systems.de>
Date:   Thu Dec 14 23:31:19 2023 +0100

    change variable name per spantaleev's suggestion (https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2979#discussion_r1379015551)

commit 9905309aa9
Author: HarHarLinks <kim.brose@rwth-aachen.de>
Date:   Wed Nov 1 16:14:04 2023 +0100

    amend docs

commit 94abf2d5bd
Author: HarHarLinks <kim.brose@rwth-aachen.de>
Date:   Wed Nov 1 16:05:22 2023 +0100

    draft encryption support for hookshot
2023-12-16 09:23:35 +02:00
Slavi Pantaleev
f4806aadcb Make "just install-service nginx-proxy" properly restart it 2023-12-16 08:39:23 +02:00
Pierre 'McFly' Marty
c028d75f9e fix: sqlite backend is sqlite3-fk-wal 2023-12-15 23:08:25 +01:00
Pierre 'McFly' Marty
44068b444f doc: marks Mautrix-Signal (Deprecated) 2023-12-15 23:08:24 +01:00
Pierre 'McFly' Marty
c49cf35ba6 Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-15 22:28:03 +01:00
Pierre 'McFly' Marty
3dc4923e6e fix: signalgo puppet-ed user regex
Co-authored-by: lon <114724657+longregen@users.noreply.github.com>
2023-12-15 22:23:37 +01:00
Slavi Pantaleev
cfea80b52a Upgrade matrix-corporal (2.6.0 -> 2.7.0) 2023-12-15 22:20:09 +02:00
Pierre 'McFly' Marty
e3fdd6b955 Merge branch 'spantaleev:master' into 3031-feat-add-signalgo-bridge 2023-12-15 20:36:31 +01:00
Slavi Pantaleev
26d1f3216e Merge pull request #3044 from Braindot-fr/3043-vector-im-now-element-hq
[#3043] vector im now element hq
2023-12-15 17:49:13 +02:00
Pierre 'McFly' Marty
6bd581ef7f refactor: update links to avoid future issue 2023-12-15 11:18:18 +01:00
Pierre 'McFly' Marty
4a8d8d8ce5 fix: hydrogen client docker/sources url 2023-12-15 11:08:23 +01:00
Pierre 'McFly' Marty
173286470c fix: signalgo starts properly 2023-12-14 22:30:25 +01:00
Pierre 'McFly' Marty
078d1ea531 doc: add signalgo docs for config 2023-12-14 22:01:12 +01:00
Pierre 'McFly' Marty
a42aacb41c fix: remove unsued signalgo-daemon.service 2023-12-14 21:44:14 +01:00
Pierre 'McFly' Marty
7a83c2026c fix: escape jinja '.' 2023-12-14 19:57:12 +01:00
Pierre 'McFly' Marty
0f7b89523f feat: enroll signalgo to nginx proxy 2023-12-14 18:23:55 +01:00
Pierre 'McFly' Marty
69a7847097 feat: add files for signalgo installation 2023-12-14 16:01:44 +01:00
Slavi Pantaleev
869dd33fb2 Merge pull request #3040 from joecool1029/readme
Update README.md: add mash-playbook, remove archived playbooks
2023-12-14 11:35:07 +02:00
Slavi Pantaleev
9cc4c8f169 Reword the Related secton of the README 2023-12-14 11:35:01 +02:00
Joe Kappus
cc70203008 Update README.md: add mash-playbook, remove archived playbooks 2023-12-14 03:28:33 -05:00