From eb7292f274bb7c4cfa9ce26ff72aa92da0018154 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 14 Feb 2023 10:56:16 +0200 Subject: [PATCH] Add matrix_client_hydrogen_hostname and fix Hydrogen serving at non-root-path --- .../matrix-client-hydrogen/defaults/main.yml | 18 ++++++++++++++---- .../tasks/validate_config.yml | 11 ----------- .../templates/config.json.j2 | 2 +- .../matrix-synapse-admin/defaults/main.yml | 2 +- 4 files changed, 16 insertions(+), 17 deletions(-) diff --git a/roles/custom/matrix-client-hydrogen/defaults/main.yml b/roles/custom/matrix-client-hydrogen/defaults/main.yml index d429707c..6ead5f44 100644 --- a/roles/custom/matrix-client-hydrogen/defaults/main.yml +++ b/roles/custom/matrix-client-hydrogen/defaults/main.yml @@ -33,10 +33,9 @@ matrix_client_hydrogen_container_http_host_bind_port: '' # To inject your own other container labels, see `matrix_client_hydrogen_container_labels_additional_labels`. matrix_client_hydrogen_container_labels_traefik_enabled: true matrix_client_hydrogen_container_labels_traefik_docker_network: "{{ matrix_client_hydrogen_container_network }}" -matrix_client_hydrogen_container_labels_traefik_hostname: "{{ matrix_server_fqn_element }}" +matrix_client_hydrogen_container_labels_traefik_hostname: "{{ matrix_client_hydrogen_hostname }}" # The path prefix must either be `/` or not end with a slash (e.g. `/hydrogen`). -# For now, only `/` is supported due to problems with serving Hydrogen at a subpath. -matrix_client_hydrogen_container_labels_traefik_path_prefix: / +matrix_client_hydrogen_container_labels_traefik_path_prefix: "{{ matrix_client_hydrogen_path_prefix }}" matrix_client_hydrogen_container_labels_traefik_rule: "Host(`{{ matrix_client_hydrogen_container_labels_traefik_hostname }}`){% if matrix_client_hydrogen_container_labels_traefik_path_prefix != '/' %} && PathPrefix(`{{ matrix_client_hydrogen_container_labels_traefik_path_prefix }}`){% endif %}" matrix_client_hydrogen_container_labels_traefik_priority: 0 matrix_client_hydrogen_container_labels_traefik_entrypoints: web-secure @@ -124,6 +123,18 @@ matrix_client_hydrogen_floc_optout_enabled: true # See: `matrix_client_hydrogen_http_header_strict_transport_security` matrix_client_hydrogen_hsts_preload_enabled: false +# The hostname at which Hydrogen is served. +# Only works with with Traefik reverse-proxying. +# For matrix-nginx-proxy, `matrix_server_fqn_hydrogen` is used and this variable has no effect. +matrix_client_hydrogen_hostname: "{{ matrix_server_fqn_hydrogen }}" + +# The path at which Hydrogen is exposed. +# When matrix-nginx-proxy is used, setting this to values other than `/` will cause configuration mismatches and trouble. +# +# If Traefik is used, the hostname is also configurable - see `matrix_client_hydrogen_container_labels_traefik_hostname`. +# This value must either be `/` or not end with a slash (e.g. `/hydrogen`). +matrix_client_hydrogen_path_prefix: / + # Controls whether the self-check feature should validate SSL certificates. matrix_client_hydrogen_self_check_validate_certificates: true @@ -135,7 +146,6 @@ matrix_client_hydrogen_push: matrix_client_hydrogen_default_hs_url: "" matrix_client_hydrogen_bugReportEndpointUrl: "https://element.io/bugreports/submit" # noqa var-naming - # Default Hydrogen configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # diff --git a/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml b/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml index bc772594..dd880ddb 100644 --- a/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml +++ b/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml @@ -27,14 +27,3 @@ msg: >- matrix_client_hydrogen_container_labels_traefik_path_prefix (`{{ matrix_client_hydrogen_container_labels_traefik_path_prefix }}`) must either be `/` or not end with a slash (e.g. `/hydrogen`). when: "matrix_client_hydrogen_container_labels_traefik_path_prefix != '/' and matrix_client_hydrogen_container_labels_traefik_path_prefix[-1] == '/'" - - # For example, we're getting errors like this: - # > main.js:51 Failed to load stylesheet from https://DOMAIN/assets/theme-element-light.5316e268.css: - # despite having set a prefix of `/hydrogen`. - # This is yet to be investigated and workaround around. - - name: Fail if matrix_client_hydrogen_container_labels_traefik_path_prefix is not / - ansible.builtin.fail: - msg: >- - matrix_client_hydrogen_container_labels_traefik_path_prefix can only be set to `/` right now. - Serving Hydrogen from another path doesn't work just yet. - when: "matrix_client_hydrogen_container_labels_traefik_path_prefix != '/'" diff --git a/roles/custom/matrix-client-hydrogen/templates/config.json.j2 b/roles/custom/matrix-client-hydrogen/templates/config.json.j2 index b6b1b9be..e503c105 100644 --- a/roles/custom/matrix-client-hydrogen/templates/config.json.j2 +++ b/roles/custom/matrix-client-hydrogen/templates/config.json.j2 @@ -3,7 +3,7 @@ "defaultHomeServer": {{ matrix_client_hydrogen_default_hs_url | string | to_json }}, "bugReportEndpointUrl": {{ matrix_client_hydrogen_bugReportEndpointUrl | to_json }}, "themeManifests": [ - "assets/theme-element.json" + "{{ matrix_client_hydrogen_path_prefix }}assets/theme-element.json" ], "defaultTheme": { "light": "element-light", diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index 1d655d73..4345a026 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -134,6 +134,6 @@ matrix_synapse_admin_hsts_preload_enabled: false # The path at which Synapse Admin will be exposed on `matrix.DOMAIN` when matrix-nginx-proxy is used. # A path of `/` is likely not a good choice when matrix-nginx-proxy is used. # -# If Traefik is used, the hostname name is configurable - see `matrix_synapse_admin_container_labels_traefik_hostname`. +# If Traefik is used, the hostname is also configurable - see `matrix_synapse_admin_container_labels_traefik_hostname`. # This value must either be `/` or not end with a slash (e.g. `/synapse-admin`). matrix_synapse_admin_public_endpoint: /synapse-admin