Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy

2019-05-02 14:31:18 +02:00 · 2019-05-02 14:31:18 +02:00 · 79ad60cf0a
parent e0bc86875b 0e391b5870
commit 79ad60cf0a
9 changed files with 41 additions and 24 deletions
--- a/group_vars/matrix-servers
+++ b/group_vars/matrix-servers
@ -321,6 +321,13 @@ matrix_riot_web_self_check_validate_certificates: "{{ false if matrix_ssl_retrie

 matrix_riot_web_registration_enabled: "{{ matrix_synapse_enable_registration }}"

+matrix_riot_web_enable_presence_by_hs_url: |
+  {{
+    none
+    if matrix_synapse_use_presence
+    else {matrix_riot_web_default_hs_url: false}
+  }}
+
 ######################################################################
 #
 # /matrix-riot-web
--- a/roles/matrix-base/templates/usr-local-bin/matrix-remove-all.j2
+++ b/roles/matrix-base/templates/usr-local-bin/matrix-remove-all.j2
@ -26,9 +26,9 @@ else
 	echo "Remove every docker images"
 	docker rmi $(docker images -aq)
 	echo "Remove docker matrix network"
-	docker network rm matrix
-	echo "Remove /matrix directory"
-	rm -fr /matrix
+	docker network rm {{ matrix_docker_network }}
+	echo "Remove {{ matrix_base_data_path }} directory"
+	rm -fr "{{ matrix_base_data_path }}"
 	exit 0
 fi

--- a/roles/matrix-mxisd/defaults/main.yml
+++ b/roles/matrix-mxisd/defaults/main.yml
@ -1,6 +1,6 @@
 matrix_mxisd_enabled: true

-matrix_mxisd_docker_image: "kamax/mxisd:1.3.1"
+matrix_mxisd_docker_image: "kamax/mxisd:1.4.2"
 matrix_mxisd_base_path: "{{ matrix_base_data_path }}/mxisd"
 matrix_mxisd_config_path: "{{ matrix_mxisd_base_path }}/config"
 matrix_mxisd_data_path: "{{ matrix_mxisd_base_path }}/data"
--- a/roles/matrix-nginx-proxy/defaults/main.yml
+++ b/roles/matrix-nginx-proxy/defaults/main.yml
@ -87,12 +87,12 @@ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: 25
 matrix_nginx_proxy_proxy_matrix_federation_api_enabled: false
 matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container: "matrix-synapse:8048"
 matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "localhost:8048"
-matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb: "{{ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb * 3 }}"
+matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb: "{{ (matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb | int) * 3 }}"
 matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate: "{{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/fullchain.pem"
 matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate_key: "{{ matrix_ssl_config_dir_path }}/live/{{ matrix_nginx_proxy_proxy_matrix_hostname }}/privkey.pem"

 # The tmpfs at /tmp needs to be large enough to handle multiple concurrent file uploads.
-matrix_nginx_proxy_tmp_directory_size_mb: "{{ matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb * 50 }}"
+matrix_nginx_proxy_tmp_directory_size_mb: "{{ (matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb | int) * 50 }}"

 # A list of strings containing additional configuration blocks to add to the matrix domain's server configuration.
 matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: []
--- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml
+++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml
@ -30,8 +30,8 @@
  fail:
    msg: "Detected an undefined required variable"
  with_items:
-    - "{{ matrix_ssl_lets_encrypt_support_email }}"
-  when: "matrix_ssl_retrieval_method == 'lets-encrypt' and item is none"
+    - "matrix_ssl_lets_encrypt_support_email"
+  when: "matrix_ssl_retrieval_method == 'lets-encrypt' and vars[item] is none"

 - name: Ensure certbot Docker image is pulled
  docker_image:
--- a/roles/matrix-riot-web/defaults/main.yml
+++ b/roles/matrix-riot-web/defaults/main.yml
@ -31,3 +31,6 @@ matrix_riot_web_self_check_validate_certificates: true

 # don't show the registration button on welcome page
 matrix_riot_web_registration_enabled: false
+
+# Controls whether Riot shows the presence features
+matrix_riot_web_enable_presence_by_hs_url: ~
--- a/roles/matrix-riot-web/templates/config.json.j2
+++ b/roles/matrix-riot-web/templates/config.json.j2
@ -14,6 +14,9 @@
 		"servers": {{ matrix_riot_web_roomdir_servers|to_json }}
 	},
 	"welcomeUserId": {{ matrix_riot_web_welcome_user_id|to_json }},
+	{% if matrix_riot_web_enable_presence_by_hs_url is not none %}
+		"enable_presence_by_hs_url": {{ matrix_riot_web_enable_presence_by_hs_url|to_json }},
+	{% endif %}
 	"embeddedPages": {
 		"homeUrl": {{ matrix_riot_web_embedded_pages_home_url|to_json }}
 	}
--- a/roles/matrix-synapse/defaults/main.yml
+++ b/roles/matrix-synapse/defaults/main.yml
@ -167,6 +167,10 @@ matrix_synapse_password_providers_enabled: false
 # to load message content directly from the homeserver.
 matrix_synapse_push_include_content: true

+# If url previews should be generated. This will cause a request from Synapse to
+# URLs shared by users.
+matrix_synapse_url_preview_enabled: true
+
 # Enable exposure of metrics to Prometheus
 # See https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.rst
 matrix_synapse_metrics_enabled: false
--- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
+++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
@ -525,7 +525,7 @@ max_upload_size: "{{ matrix_synapse_max_upload_size_mb }}M"
 # an explicit url_preview_ip_range_blacklist of IPs that the spider is
 # denied from accessing.
 #
-#url_preview_enabled: false
+url_preview_enabled: {{ matrix_synapse_url_preview_enabled|to_json }}

 # List of IP address CIDR ranges that the URL preview spider is denied
 # from accessing.  There are no defaults: you must explicitly
@ -534,18 +534,18 @@ max_upload_size: "{{ matrix_synapse_max_upload_size_mb }}M"
 # to connect to, otherwise anyone in any Matrix room could cause your
 # synapse to issue arbitrary GET requests to your internal services,
 # causing serious security issues.
-#
-#url_preview_ip_range_blacklist:
-#  - '127.0.0.0/8'
-#  - '10.0.0.0/8'
-#  - '172.16.0.0/12'
-#  - '192.168.0.0/16'
-#  - '100.64.0.0/10'
-#  - '169.254.0.0/16'
-#  - '::1/128'
-#  - 'fe80::/64'
-#  - 'fc00::/7'
-#
+
+url_preview_ip_range_blacklist:
+  - '127.0.0.0/8'
+  - '10.0.0.0/8'
+  - '172.16.0.0/12'
+  - '192.168.0.0/16'
+  - '100.64.0.0/10'
+  - '169.254.0.0/16'
+  - '::1/128'
+  - 'fe80::/64'
+  - 'fc00::/7'
+
 # List of IP address CIDR ranges that the URL preview spider is allowed
 # to access even if they are specified in url_preview_ip_range_blacklist.
 # This is useful for specifying exceptions to wide-ranging blacklisted
@ -590,8 +590,8 @@ max_upload_size: "{{ matrix_synapse_max_upload_size_mb }}M"
 #  - netloc: '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'

 # The largest allowed URL preview spidering size in bytes
-#
-#max_spider_size: 10M
+
+max_spider_size: 10M


 ## Captcha ##
@ -1169,4 +1169,4 @@ alias_creation_rules: {{ matrix_alias_creation_rules|to_json }}
 #    room_id: "*"
 #    action: allow

-room_list_publication_rules: {{ matrix_room_list_publication_rules|to_json }}
+room_list_publication_rules: {{ matrix_room_list_publication_rules|to_json }}