Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy
This commit is contained in:
commit
51d5741bb3
15
CHANGELOG.md
15
CHANGELOG.md
|
@ -1,3 +1,18 @@
|
||||||
|
# 2019-08-03
|
||||||
|
|
||||||
|
## Synapse logging level has been reduced to WARNING
|
||||||
|
|
||||||
|
After [some discussion in our support room](https://matrix.to/#/!PukFFdIcHgtaaHZflT:devture.com/$156476852524179TBeKy:matrix.org?via=devture.com&via=matrix.org&via=librem.one), we've decided to change the default logging level for Synapse from `INFO` to `WARNING`.
|
||||||
|
|
||||||
|
This greatly reduces the number of log messages that are being logged, leading to:
|
||||||
|
|
||||||
|
- much less disk space dedicated to Synapse and thus, logs kept for longer
|
||||||
|
- easier to find some important `WARNING`, `ERROR` and `CRITICAL` messages, as they're not longer buried in thousands of non-important `INFO` messages
|
||||||
|
|
||||||
|
If you'd like to track down an issue, you [can always increase the logging level as described here](./docs/maintenance-and-troubleshooting.md#increasing-synapse-logging).
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# 2019-07-08
|
# 2019-07-08
|
||||||
|
|
||||||
## Synapse Maintenance docs and synapse-janitor support are available
|
## Synapse Maintenance docs and synapse-janitor support are available
|
||||||
|
|
|
@ -29,7 +29,7 @@ You are required to specify an access token for Dimension to work.
|
||||||
To get an access token, follow these steps:
|
To get an access token, follow these steps:
|
||||||
|
|
||||||
1. In a private browsing session (incognito window), open Riot.
|
1. In a private browsing session (incognito window), open Riot.
|
||||||
2. It's better to you use dedicated user for getting access token, so log in with this user's username and password.
|
2. It's preferable to use a dedicated user for the access token, so create and log in with that user's username and password.
|
||||||
3. Set the display name and avatar, if required.
|
3. Set the display name and avatar, if required.
|
||||||
4. In the settings page choose "Help & About", scroll down to the bottom and click `Access Token: <click to reveal>`.
|
4. In the settings page choose "Help & About", scroll down to the bottom and click `Access Token: <click to reveal>`.
|
||||||
5. Copy the highlighted text to your configuration.
|
5. Copy the highlighted text to your configuration.
|
||||||
|
|
|
@ -16,6 +16,24 @@ You can see the logs by using journalctl. Example:
|
||||||
sudo journalctl -fu matrix-synapse
|
sudo journalctl -fu matrix-synapse
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Increasing Synapse logging
|
||||||
|
|
||||||
|
Because the [Synapse](https://github.com/matrix-org/synapse) Matrix server is originally very chatty when it comes to logging, we intentionally reduce its [logging level](https://docs.python.org/3/library/logging.html#logging-levels) from `INFO` to `WARNING`.
|
||||||
|
|
||||||
|
If you'd like to debug an issue or [report a Synapse bug](https://github.com/matrix-org/synapse/issues/new/choose) to the developers, it'd be better if you temporarily increasing the logging level to `INFO` or even `DEBUG`.
|
||||||
|
|
||||||
|
Example configuration (`inventory/host_vars/matrix.DOMAIN/vars.yml`):
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
matrix_synapse_log_level: "DEBUG"
|
||||||
|
matrix_synapse_storage_sql_log_level: "DEBUG"
|
||||||
|
matrix_synapse_root_log_level: "DEBUG"
|
||||||
|
```
|
||||||
|
|
||||||
|
Re-run the playbook after making these configuration changes.
|
||||||
|
|
||||||
|
|
||||||
## Postgres
|
## Postgres
|
||||||
|
|
||||||
See the dedicated [PostgreSQL Maintenance](maintenance-postgres.md) documentation page.
|
See the dedicated [PostgreSQL Maintenance](maintenance-postgres.md) documentation page.
|
||||||
|
|
|
@ -49,7 +49,7 @@
|
||||||
|
|
||||||
- name: Ensure Docker repository is enabled (Debian)
|
- name: Ensure Docker repository is enabled (Debian)
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: "deb https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
|
repo: "deb [arch=amd64] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
|
||||||
state: present
|
state: present
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
when: ansible_os_family == 'Debian'
|
when: ansible_os_family == 'Debian'
|
||||||
|
|
|
@ -86,6 +86,8 @@ matrix_appservice_discord_configuration_yaml: |
|
||||||
# enable:
|
# enable:
|
||||||
# - "DiscordBot"
|
# - "DiscordBot"
|
||||||
database:
|
database:
|
||||||
|
userStorePath: "/data/user-store.db"
|
||||||
|
roomStorePath: "/data/room-store.db"
|
||||||
# You may either use SQLite or Postgresql for the bridge database, which contains
|
# You may either use SQLite or Postgresql for the bridge database, which contains
|
||||||
# important mappings for events and user puppeting configurations.
|
# important mappings for events and user puppeting configurations.
|
||||||
# Use the filename option for SQLite, or connString for Postgresql.
|
# Use the filename option for SQLite, or connString for Postgresql.
|
||||||
|
|
|
@ -32,10 +32,12 @@
|
||||||
failed_when: false
|
failed_when: false
|
||||||
when: "matrix_appservice_discord_stat_db.stat.exists"
|
when: "matrix_appservice_discord_stat_db.stat.exists"
|
||||||
|
|
||||||
# In addition to this, there used to be some `user-store-db` and `room-store.db` files.
|
|
||||||
# They're no longer in use, so we're not relocating them in an effort to point them out as neither `./data`, nor `./config`.
|
|
||||||
- name: (Data relocation) Move AppService Discord discord.db file to ./data directory
|
- name: (Data relocation) Move AppService Discord discord.db file to ./data directory
|
||||||
command: "mv {{ matrix_appservice_discord_base_path }}/discord.db {{ matrix_appservice_discord_data_path }}/discord.db"
|
command: "mv {{ matrix_appservice_discord_base_path }}/{{ item }} {{ matrix_appservice_discord_data_path }}/{{ item }}"
|
||||||
|
with_items:
|
||||||
|
- discord.db
|
||||||
|
- user-store.db
|
||||||
|
- room-store.db
|
||||||
when: "matrix_appservice_discord_stat_db.stat.exists"
|
when: "matrix_appservice_discord_stat_db.stat.exists"
|
||||||
|
|
||||||
- name: Ensure AppService Discord config.yaml installed
|
- name: Ensure AppService Discord config.yaml installed
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
|
|
||||||
matrix_mautrix_facebook_enabled: true
|
matrix_mautrix_facebook_enabled: true
|
||||||
|
|
||||||
matrix_mautrix_facebook_docker_image: "tulir/mautrix-facebook:latest"
|
# See: https://mau.dev/tulir/mautrix-facebook/container_registry
|
||||||
|
matrix_mautrix_facebook_docker_image: "dock.mau.dev/tulir/mautrix-facebook:latest"
|
||||||
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
|
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook"
|
matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook"
|
||||||
|
@ -12,7 +13,7 @@ matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data
|
||||||
|
|
||||||
matrix_mautrix_facebook_homeserver_address: 'http://matrix-synapse:8008'
|
matrix_mautrix_facebook_homeserver_address: 'http://matrix-synapse:8008'
|
||||||
matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}'
|
matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}'
|
||||||
matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:8080'
|
matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:29319'
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
# A list of extra arguments to pass to the container
|
||||||
matrix_mautrix_facebook_container_extra_arguments: []
|
matrix_mautrix_facebook_container_extra_arguments: []
|
||||||
|
@ -51,7 +52,7 @@ matrix_mautrix_facebook_configuration_yaml: |
|
||||||
|
|
||||||
# The hostname and port where this appservice should listen.
|
# The hostname and port where this appservice should listen.
|
||||||
hostname: 0.0.0.0
|
hostname: 0.0.0.0
|
||||||
port: 8080
|
port: 29319
|
||||||
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
|
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
|
||||||
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
|
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
|
||||||
max_body_size: 1
|
max_body_size: 1
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
|
|
||||||
matrix_mautrix_telegram_enabled: true
|
matrix_mautrix_telegram_enabled: true
|
||||||
|
|
||||||
matrix_mautrix_telegram_docker_image: "tulir/mautrix-telegram:v0.6.0"
|
# See: https://mau.dev/tulir/mautrix-telegram/container_registry
|
||||||
|
matrix_mautrix_telegram_docker_image: "dock.mau.dev/tulir/mautrix-telegram:v0.6.0"
|
||||||
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
|
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram"
|
matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram"
|
||||||
|
|
|
@ -3,7 +3,8 @@
|
||||||
|
|
||||||
matrix_mautrix_whatsapp_enabled: true
|
matrix_mautrix_whatsapp_enabled: true
|
||||||
|
|
||||||
matrix_mautrix_whatsapp_docker_image: "tulir/mautrix-whatsapp:latest"
|
# See: https://mau.dev/tulir/mautrix-whatsapp/container_registry
|
||||||
|
matrix_mautrix_whatsapp_docker_image: "dock.mau.dev/tulir/mautrix-whatsapp"
|
||||||
matrix_mautrix_whatsapp_docker_image_force_pull: "{{ matrix_mautrix_whatsapp_docker_image.endswith(':latest') }}"
|
matrix_mautrix_whatsapp_docker_image_force_pull: "{{ matrix_mautrix_whatsapp_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp"
|
matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp"
|
||||||
|
|
|
@ -2,7 +2,7 @@ matrix_mailer_enabled: true
|
||||||
|
|
||||||
matrix_mailer_base_path: "{{ matrix_base_data_path }}/mailer"
|
matrix_mailer_base_path: "{{ matrix_base_data_path }}/mailer"
|
||||||
|
|
||||||
matrix_mailer_docker_image: "devture/exim-relay:4.92-r0-0"
|
matrix_mailer_docker_image: "devture/exim-relay:4.92.1-r0-1"
|
||||||
matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
|
matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
# The user/group that the container runs with.
|
# The user/group that the container runs with.
|
||||||
|
|
|
@ -3,7 +3,7 @@ matrix_nginx_proxy_enabled: true
|
||||||
# We use an official nginx image, which we fix-up to run unprivileged.
|
# We use an official nginx image, which we fix-up to run unprivileged.
|
||||||
# An alternative would be an `nginxinc/nginx-unprivileged` image, but
|
# An alternative would be an `nginxinc/nginx-unprivileged` image, but
|
||||||
# that is frequently out of date.
|
# that is frequently out of date.
|
||||||
matrix_nginx_proxy_docker_image: "nginx:1.17.1-alpine"
|
matrix_nginx_proxy_docker_image: "nginx:1.17.2-alpine"
|
||||||
matrix_nginx_proxy_docker_image_force_pull: "{{ matrix_nginx_proxy_docker_image.endswith(':latest') }}"
|
matrix_nginx_proxy_docker_image_force_pull: "{{ matrix_nginx_proxy_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_nginx_proxy_base_path: "{{ matrix_base_data_path }}/nginx-proxy"
|
matrix_nginx_proxy_base_path: "{{ matrix_base_data_path }}/nginx-proxy"
|
||||||
|
|
|
@ -10,3 +10,8 @@
|
||||||
- {'old': 'matrix_nginx_proxy_matrix_client_api_addr_with_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container'}
|
- {'old': 'matrix_nginx_proxy_matrix_client_api_addr_with_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container'}
|
||||||
- {'old': 'matrix_nginx_proxy_matrix_client_api_addr_sans_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container'}
|
- {'old': 'matrix_nginx_proxy_matrix_client_api_addr_sans_proxy_container', 'new': 'matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container'}
|
||||||
|
|
||||||
|
- name: Fail on unknown matrix_ssl_retrieval_method
|
||||||
|
fail:
|
||||||
|
msg: >-
|
||||||
|
`matrix_ssl_retrieval_method` needs to be set to a known value.
|
||||||
|
when: "matrix_ssl_retrieval_method not in ['lets-encrypt', 'self-signed', 'manually-managed', 'none']"
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
matrix_riot_web_enabled: true
|
matrix_riot_web_enabled: true
|
||||||
|
|
||||||
matrix_riot_web_docker_image: "bubuntux/riot-web:v1.2.4"
|
matrix_riot_web_docker_image: "bubuntux/riot-web:v1.3.0"
|
||||||
matrix_riot_web_docker_image_force_pull: "{{ matrix_riot_web_docker_image.endswith(':latest') }}"
|
matrix_riot_web_docker_image_force_pull: "{{ matrix_riot_web_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_riot_web_data_path: "{{ matrix_base_data_path }}/riot-web"
|
matrix_riot_web_data_path: "{{ matrix_base_data_path }}/riot-web"
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
matrix_synapse_enabled: true
|
matrix_synapse_enabled: true
|
||||||
|
|
||||||
matrix_synapse_docker_image: "matrixdotorg/synapse:v1.1.0"
|
matrix_synapse_docker_image: "matrixdotorg/synapse:v1.2.1"
|
||||||
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"
|
matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"
|
||||||
|
@ -77,9 +77,9 @@ matrix_synapse_tmp_directory_size_mb: "{{ matrix_synapse_max_upload_size_mb * 50
|
||||||
# Possible options are defined here https://docs.python.org/3/library/logging.html#logging-levels
|
# Possible options are defined here https://docs.python.org/3/library/logging.html#logging-levels
|
||||||
# warning: setting log level to DEBUG will make synapse log sensitive information such
|
# warning: setting log level to DEBUG will make synapse log sensitive information such
|
||||||
# as access tokens
|
# as access tokens
|
||||||
matrix_synapse_log_level: "INFO"
|
matrix_synapse_log_level: "WARNING"
|
||||||
matrix_synapse_storage_sql_log_level: "INFO"
|
matrix_synapse_storage_sql_log_level: "WARNING"
|
||||||
matrix_synapse_root_log_level: "INFO"
|
matrix_synapse_root_log_level: "WARNING"
|
||||||
|
|
||||||
# Rate limits
|
# Rate limits
|
||||||
matrix_synapse_rc_message:
|
matrix_synapse_rc_message:
|
||||||
|
|
|
@ -797,6 +797,17 @@ enable_registration: {{ matrix_synapse_enable_registration|to_json }}
|
||||||
# renew_at: 1w
|
# renew_at: 1w
|
||||||
# renew_email_subject: "Renew your %(app)s account"
|
# renew_email_subject: "Renew your %(app)s account"
|
||||||
|
|
||||||
|
# Time that a user's session remains valid for, after they log in.
|
||||||
|
#
|
||||||
|
# Note that this is not currently compatible with guest logins.
|
||||||
|
#
|
||||||
|
# Note also that this is calculated at login time: changes are not applied
|
||||||
|
# retrospectively to users who have already logged in.
|
||||||
|
#
|
||||||
|
# By default, this is infinite.
|
||||||
|
#
|
||||||
|
#session_lifetime: 24h
|
||||||
|
|
||||||
# The user must provide all of the below types of 3PID when registering.
|
# The user must provide all of the below types of 3PID when registering.
|
||||||
#
|
#
|
||||||
#registrations_require_3pid:
|
#registrations_require_3pid:
|
||||||
|
@ -1474,3 +1485,27 @@ room_list_publication_rules: {{ matrix_synapse_room_list_publication_rules|to_js
|
||||||
# module: "my_custom_project.SuperRulesSet"
|
# module: "my_custom_project.SuperRulesSet"
|
||||||
# config:
|
# config:
|
||||||
# example_option: 'things'
|
# example_option: 'things'
|
||||||
|
|
||||||
|
|
||||||
|
## Opentracing ##
|
||||||
|
|
||||||
|
# These settings enable opentracing, which implements distributed tracing.
|
||||||
|
# This allows you to observe the causal chains of events across servers
|
||||||
|
# including requests, key lookups etc., across any server running
|
||||||
|
# synapse or any other other services which supports opentracing
|
||||||
|
# (specifically those implemented with Jaeger).
|
||||||
|
#
|
||||||
|
opentracing:
|
||||||
|
# tracing is disabled by default. Uncomment the following line to enable it.
|
||||||
|
#
|
||||||
|
#enabled: true
|
||||||
|
|
||||||
|
# The list of homeservers we wish to send and receive span contexts and span baggage.
|
||||||
|
# See docs/opentracing.rst
|
||||||
|
# This is a list of regexes which are matched against the server_name of the
|
||||||
|
# homeserver.
|
||||||
|
#
|
||||||
|
# By defult, it is empty, so no servers are matched.
|
||||||
|
#
|
||||||
|
#homeserver_whitelist:
|
||||||
|
# - ".*"
|
||||||
|
|
Loading…
Reference in a new issue