Merge pull request #2092 from etkecc/postmoogle-091
Update Postmoogle 0.9.0 -> 0.9.1
This commit is contained in:
commit
5714ddf894
|
@ -29,7 +29,7 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco
|
||||||
## DNS settings for optional services/features
|
## DNS settings for optional services/features
|
||||||
|
|
||||||
| Type | Host | Priority | Weight | Port | Target |
|
| Type | Host | Priority | Weight | Port | Target |
|
||||||
| ----- | ---------------------------- | -------- | ------ | ---- | ---------------------- |
|
| ----- | ------------------------------ | -------- | ------ | ---- | --------------------------- |
|
||||||
| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.<your-domain>` |
|
| SRV | `_matrix-identity._tcp` | 10 | 0 | 443 | `matrix.<your-domain>` |
|
||||||
| CNAME | `dimension` | - | - | - | `matrix.<your-domain>` |
|
| CNAME | `dimension` | - | - | - | `matrix.<your-domain>` |
|
||||||
| CNAME | `jitsi` | - | - | - | `matrix.<your-domain>` |
|
| CNAME | `jitsi` | - | - | - | `matrix.<your-domain>` |
|
||||||
|
@ -40,6 +40,10 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco
|
||||||
| CNAME | `hydrogen` | - | - | - | `matrix.<your-domain>` |
|
| CNAME | `hydrogen` | - | - | - | `matrix.<your-domain>` |
|
||||||
| CNAME | `cinny` | - | - | - | `matrix.<your-domain>` |
|
| CNAME | `cinny` | - | - | - | `matrix.<your-domain>` |
|
||||||
| CNAME | `buscarron` | - | - | - | `matrix.<your-domain>` |
|
| CNAME | `buscarron` | - | - | - | `matrix.<your-domain>` |
|
||||||
|
| MX | `matrix` | 10 | 0 | - | `matrix.<your-domain>` |
|
||||||
|
| TXT | `matrix` | - | - | - | `v=spf1 ip4:<your-ip> -all` |
|
||||||
|
| TXT | `_dmarc.matrix` | - | - | - | `v=DMARC1; p=quarantine;` |
|
||||||
|
| TXT | `postmoogle._domainkey.matrix` | - | - | - | get it from `!pm dkim` |
|
||||||
|
|
||||||
## Subdomains setup
|
## Subdomains setup
|
||||||
|
|
||||||
|
@ -77,3 +81,8 @@ This is an optional feature for the optionally-installed [ma1sd service](configu
|
||||||
Note: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation.
|
Note: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation.
|
||||||
|
|
||||||
When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md).
|
When you're done with the DNS configuration and ready to proceed, continue with [Getting the playbook](getting-the-playbook.md).
|
||||||
|
|
||||||
|
## `_dmarc`, `postmoogle._domainkey` TXT and `matrix` MX records setup
|
||||||
|
|
||||||
|
To make the [postmoogle](configuring-playbook-bot-postmoogle.md) email bridge enable its email sending features, you need to configure
|
||||||
|
SPF (TXT), DMARC (TXT), DKIM (TXT) and MX records
|
||||||
|
|
|
@ -35,6 +35,9 @@ matrix_bot_postmoogle_enabled: true
|
||||||
matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT
|
matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT
|
||||||
```
|
```
|
||||||
|
|
||||||
|
You will also need to add several DNS records so that postmoogle can send emails.
|
||||||
|
See [Configuring DNS](configuring-dns.md).
|
||||||
|
|
||||||
|
|
||||||
## Installing
|
## Installing
|
||||||
|
|
||||||
|
|
|
@ -1210,6 +1210,9 @@ matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in
|
||||||
|
|
||||||
# We don't enable bots by default.
|
# We don't enable bots by default.
|
||||||
matrix_bot_postmoogle_enabled: false
|
matrix_bot_postmoogle_enabled: false
|
||||||
|
matrix_bot_postmoogle_ssl_path: "{{ matrix_ssl_config_dir_path }}"
|
||||||
|
matrix_bot_postmoogle_tls_cert: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem"
|
||||||
|
matrix_bot_postmoogle_tls_key: "/ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem"
|
||||||
|
|
||||||
matrix_bot_postmoogle_systemd_required_services_list: |
|
matrix_bot_postmoogle_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
|
@ -1791,6 +1794,8 @@ matrix_ssl_domains_to_obtain_certificates_for: |
|
||||||
+
|
+
|
||||||
([matrix_server_fqn_ntfy] if matrix_ntfy_enabled else [])
|
([matrix_server_fqn_ntfy] if matrix_ntfy_enabled else [])
|
||||||
+
|
+
|
||||||
|
([matrix_bot_postmoogle_domain] if matrix_bot_postmoogle_enabled else [])
|
||||||
|
+
|
||||||
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
|
||||||
+
|
+
|
||||||
matrix_ssl_additional_domains_to_obtain_certificates_for
|
matrix_ssl_additional_domains_to_obtain_certificates_for
|
||||||
|
|
|
@ -9,7 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git"
|
||||||
matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}"
|
matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}"
|
||||||
matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src"
|
matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src"
|
||||||
|
|
||||||
matrix_bot_postmoogle_version: v0.9.0
|
matrix_bot_postmoogle_version: v0.9.1
|
||||||
matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}"
|
matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}"
|
||||||
matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
|
||||||
matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}"
|
matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}"
|
||||||
|
@ -110,11 +110,35 @@ matrix_bot_postmoogle_noencryption: false
|
||||||
|
|
||||||
matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}"
|
matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}"
|
||||||
|
|
||||||
# in-container port
|
# in-container ports
|
||||||
matrix_bot_postmoogle_port: '2525'
|
matrix_bot_postmoogle_port: '2525'
|
||||||
|
matrix_bot_postmoogle_tls_port: '25587'
|
||||||
|
|
||||||
# on-host port
|
# on-host ports
|
||||||
matrix_bot_postmoogle_smtp_host_bind_port: '25'
|
matrix_bot_postmoogle_smtp_host_bind_port: '25'
|
||||||
|
matrix_bot_postmoogle_submission_host_bind_port: '587'
|
||||||
|
|
||||||
|
### SSL
|
||||||
|
## on-host SSL dir
|
||||||
|
matrix_bot_postmoogle_ssl_path: ""
|
||||||
|
|
||||||
|
## in-container SSL paths
|
||||||
|
# matrix_bot_postmoogle_tls_cert is the SSL certificate's certificate.
|
||||||
|
# This is likely set via group_vars/matrix_servers, so you don't need to set it.
|
||||||
|
# If you do need to set it manually, note that this is an in-container path.
|
||||||
|
# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path
|
||||||
|
# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/fullchain.pem
|
||||||
|
matrix_bot_postmoogle_tls_cert: ""
|
||||||
|
|
||||||
|
# matrix_bot_postmoogle_tls_key is the SSL certificate's key.
|
||||||
|
# This is likely set via group_vars/matrix_servers, so you don't need to set it.
|
||||||
|
# If you do need to set it manually, note that this is an in-container path.
|
||||||
|
# To mount a certificates volumes into the container, use matrix_bot_postmoogle_ssl_path
|
||||||
|
# Example value: /ssl/live/{{ matrix_bot_postmoogle_domain }}/privkey.pem
|
||||||
|
matrix_bot_postmoogle_tls_key: ""
|
||||||
|
|
||||||
|
# Mandatory TLS, even on plain SMTP port
|
||||||
|
matrix_bot_postmoogle_tls_required: false
|
||||||
|
|
||||||
# Additional environment variables to pass to the postmoogle container
|
# Additional environment variables to pass to the postmoogle container
|
||||||
#
|
#
|
||||||
|
|
|
@ -10,7 +10,10 @@ POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }}
|
||||||
POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }}
|
POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }}
|
||||||
POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }}
|
POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }}
|
||||||
POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }}
|
POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }}
|
||||||
POSTMOOGLE_USERS={{ matrix_bot_postmoogle_users | join(' ') }}
|
|
||||||
POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }}
|
POSTMOOGLE_ADMINS={{ matrix_bot_postmoogle_admins | join(' ') }}
|
||||||
|
POSTMOOGLE_TLS_PORT={{ matrix_bot_postmoogle_tls_port }}
|
||||||
|
POSTMOOGLE_TLS_CERT={{ matrix_bot_postmoogle_tls_cert }}
|
||||||
|
POSTMOOGLE_TLS_KEY={{ matrix_bot_postmoogle_tls_key }}
|
||||||
|
POSTMOOGLE_TLS_REQUIRED={{ matrix_bot_postmoogle_tls_required }}
|
||||||
|
|
||||||
{{ matrix_bot_postmoogle_environment_variables_extension }}
|
{{ matrix_bot_postmoogle_environment_variables_extension }}
|
||||||
|
|
|
@ -24,7 +24,13 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle
|
||||||
--network={{ matrix_docker_network }} \
|
--network={{ matrix_docker_network }} \
|
||||||
--env-file={{ matrix_bot_postmoogle_config_path }}/env \
|
--env-file={{ matrix_bot_postmoogle_config_path }}/env \
|
||||||
-p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \
|
-p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \
|
||||||
|
{% if matrix_bot_postmoogle_ssl_path %}
|
||||||
|
-p {{ matrix_bot_postmoogle_submission_host_bind_port }}:{{ matrix_bot_postmoogle_tls_port }} \
|
||||||
|
{% endif %}
|
||||||
--mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \
|
--mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \
|
||||||
|
{% if matrix_bot_postmoogle_ssl_path %}
|
||||||
|
--mount type=bind,src={{ matrix_bot_postmoogle_ssl_path }},dst=/ssl \
|
||||||
|
{% endif %}
|
||||||
{% for arg in matrix_bot_postmoogle_container_extra_arguments %}
|
{% for arg in matrix_bot_postmoogle_container_extra_arguments %}
|
||||||
{{ arg }} \
|
{{ arg }} \
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
|
|
||||||
- name: Obtain Let's Encrypt certificates
|
- name: Obtain Let's Encrypt certificates
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml"
|
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml"
|
||||||
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}"
|
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: domain_name
|
loop_var: domain_name
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
- name: Verify certificates
|
- name: Verify certificates
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml"
|
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_manually_managed_verify_for_domain.yml"
|
||||||
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}"
|
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: domain_name
|
loop_var: domain_name
|
||||||
when: "matrix_ssl_retrieval_method == 'manually-managed'"
|
when: "matrix_ssl_retrieval_method == 'manually-managed'"
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
|
|
||||||
- name: Generate self-signed certificates
|
- name: Generate self-signed certificates
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml"
|
ansible.builtin.include_tasks: "{{ role_path }}/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml"
|
||||||
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for }}"
|
with_items: "{{ matrix_ssl_domains_to_obtain_certificates_for | unique }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: domain_name
|
loop_var: domain_name
|
||||||
when: "matrix_ssl_retrieval_method == 'self-signed'"
|
when: "matrix_ssl_retrieval_method == 'self-signed'"
|
||||||
|
|
Loading…
Reference in a new issue