pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
2632 commits 2 branches 0 tags 16 MiB
Commit graph

1624 commits

Author SHA1 Message Date
Slavi Pantaleev aa86e0dac6 Upgrade Synapse (v1.23.0 -> v1.24.0) 
Because the ARM images are not pushed yet, we hold back to v1.23.0
for now.
 2020-12-09 13:31:10 +02:00
benkuly ad92c61fdd updated matrix-sms-bridge 2020-12-09 09:45:44 +01:00
Slavi Pantaleev c07c927d9f Automatically enable openid listeners when ma1sd enabled 
ma1sd requires the openid endpoints for certain functionality.
Example: 90b2b5301c/src/main/java/io/kamax/mxisd/auth/AccountManager.java (L67-L99)

If federation is disabled, we still need to expose these openid APIs on the
federation port.

Previously, we were doing similar magic for Dimension.
As per its documentation, when running unfederated, one is to enable
the openid listener as well. As per their recommendation, people
are advised to do enable it on the Client-Server API port
and use the `federationUrl` variable to override where the federation
port is (making federation requests go to the Client-Server API).

Because ma1sd always uses the federation port (unless you do some
DNS overwriting magic using its configuration -- which we'd rather not
do), it's better if we just default to putting the `openid` listener
where it belongs - on the federation port.

With this commit, we retain the "automatically enable openid APIs" thing
we've been doing for Dimension, but move it to the federation port instead.
We also now do the same thing when ma1sd is enabled.
 2020-12-08 16:59:20 +02:00
Slavi Pantaleev 8c02f7b79b Upgrade services 2020-12-07 15:18:03 +02:00
Slavi Pantaleev d556aa943f Update docker-ce.repo to not hardcode $releasever=7 
This keeps it in line with https://download.docker.com/linux/centos/docker-ce.repo

Whether or not Docker works well on CentOS 8 for our purposes
hasn't been verified yet.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300
 2020-12-07 07:20:47 +02:00
Slavi Pantaleev 7372480e95 Properly serialize some ma1sd configuration values 
We've had a report of the `connection` value getting cut off,
supposedly because it contains something that breaks off the string.

Using `|to_json` takes care of it.
 2020-12-06 23:59:58 +02:00
Hardy Erlinger ec2a9d4852 Remove the recording button from the Jitsi UI if recording is disabled. 2020-12-06 13:50:45 +01:00
Béla Becker 6f9b4bd9ac Drop workaround for old Ansible docker_network bug 2020-12-05 19:02:10 +01:00
Béla Becker 6921ec4b8a Revert "Work around buggy docker_network sometimes failing to work" 
The docker_network bug was fixed two years ago
This reverts commit 36658addcd.
 2020-12-05 19:02:10 +01:00
Slavi Pantaleev a5ae7e9ef0 Add self-building support to matrix-corporal 2020-12-04 01:48:08 +02:00
Slavi Pantaleev b3d91ed488 Fix passing of matrix_appservice_discord_auth_usePrivilegedIntents 2020-12-04 01:06:42 +02:00
Slavi Pantaleev 05cecb5261 Merge branch 'discord-v1.0' 
This may be a bit premature, because the bridge didn't work for me
the last time I tried it (RC3).

Some bugs have been fixed to make our config compatible with v1.0.0
though, so it may work for some people (especially those starting
fresh).

I'm not for shipping potentially broken things, but given that we were
using `docker.io/halfshot/matrix-appservice-discord:latest` and that
points to v1.0.0 already (with no other tag we can use), our setup was
already broken in any case.

Now, at least it has some chance of running.
 2020-12-03 15:17:30 +02:00
Slavi Pantaleev edd40811a5 Update matrix-appservice-discord to v1.0.0 final 2020-12-03 15:16:26 +02:00
Marcel Partap b6b95fe742 synapse workers-doc-to-yaml script: compatibility++ with non-gnu awk 2020-12-02 23:22:02 +01:00
Marcel Partap 3156d96619 synapse workers-doc-to-yaml.awk: escape slash for non-gnu awk versions 2020-12-02 00:29:20 +01:00
Marcel Partap e892ac464f synapse workers: untangle config template and specify bind address 
.. to mitigate log noise - WARNING:
Failed to listen on 0.0.0.0, continuing because listening on [::]
 2020-12-01 23:49:23 +01:00
Marcel Partap f201bca519 synapse workers: define and expose METRICS port for each worker 
As seen on TV:
https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md#monitoring-workers
 2020-12-01 22:49:15 +01:00
Marcel Partap af08f18779 synapse workers default config: disable user_dir worker for now 
(until https://github.com/matrix-org/synapse/issues/8787 is resolved)
 2020-12-01 22:22:04 +01:00
Marcel Partap 414b812a29 synapse role workers setup: make configs clean action remote compatible 
Many people probably didn't even know this - that ansible can be
quite a bit picky about what it will be willing to work with remotely.

Thanks @maxklenk !
 2020-12-01 22:20:27 +01:00
Marcel Partap d5932ca393 synapse role workers setup: execute the endpoint extraction locally 
Thanks @maxklenk !
 2020-12-01 22:18:42 +01:00
Marcel Partap 851c25c47f matrix-synapse nginx template: fix invalid jinja comment syntax 2020-12-01 21:55:07 +01:00
Marcel Partap b73ac965ac Merge remote-tracking branch 'origin/master' into synapse-workers 2020-12-01 21:24:26 +01:00
Slavi Pantaleev 04da1bddf7 Update matrix-mautrix-facebook config a bit 
This also disables presence if it's disabled for Synapse.
 2020-12-01 11:55:18 +02:00
Slavi Pantaleev 90078dd296 Add matrix_services_autostart_enabled variable for preventing services autostart 
Some people requested that `--tags=start` not set up service autostart.

One can now do `--tags=start --extra-vars="matrix_services_autostart_enabled=false"`
to just start services ones and not set up autostarting.
 2020-11-30 20:58:21 +02:00
Slavi Pantaleev e0d7d5f0ca Disable Jitsi recording/transcriptions by default 
It's not like it worked anyway, because we don't have the necessary
services installed for transcription (Jigasi), nor recording (Jibri).

Disabling these, should hopefully disable their related elements
in the Jitsi Web UI.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/726
 2020-11-28 22:31:00 +02:00
Slavi Pantaleev be5263f397 Move self-building git repository URLs to variables (stop hardcoding) 2020-11-28 21:34:14 +02:00
Slavi Pantaleev b354155d7c Make JVB websockets reverse-proxying work 2020-11-27 17:57:15 +02:00
Slavi Pantaleev fa76128fd8 Update Jitsi to build 5142 
This supersedes/fixes-up this Pull Request:
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/719

The Jitsi Web and JVB containers now (in build 5142) always
start by bulding their own default configuration
(`config.js` and `sip-communicator.properties`, respectively).

The fact that we were generating these files ourselves was no longer of use,
because our configuration was thrown away in favor of the one created
by the containers on startup.

With this commit, we're completely redoing things. We no longer
generate these configuration files. We try to pass the proper
environment variables, so that Jitsi services can generate the
configuration files themselves.

Besides that, we try to use the "custom configuration" mechanism
provided by Jitsi Web and Jitsi JVB (`custom-config.js` and
`custom-sip-communicator.properties`, respectively), so that
we and our users can inject additional configuration.

Some configuration options we had are gone now. Others are no longer
controllable via variables and need to be injected using
the `_config_extension` variables that we provide.

The validation logic that is part of the role should take care
to inform people about how to upgrade (if they're using some custom
configuration, which needs special care now). Most users should not
have to do anything special though.
 2020-11-27 17:57:15 +02:00
benkuly f93a4f6474 updated matrix-sms-bridge 2020-11-27 16:01:24 +01:00
Slavi Pantaleev d702e74079 Fix matrix-nginx-proxy static files mounting when SSL retrieval is none 
Fixup for 12867e9f18.

This shouldn't have been caught in the `if`.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/734
 2020-11-26 18:40:15 +02:00
Slavi Pantaleev 12867e9f18 Do not try to mount /matrix/ssl when matrix_ssl_retrieval_method is 'none' 
Since the switch from `-v` to `--mount` (in 1fca917ad1),
we've regressed when `matrix_ssl_retrieval_method == 'none'`.

In such a case, we don't create `/matrix/ssl` directories at all
and shouldn't be trying to mount them into the `matrix-nginx-proxy`
container.

Previously, with `-v`, Docker would auto-create them, effectively hiding
our mistake. Now that `--mount` doesn't do such auto-creation magic,
the `matrix-nginx-proxy` container was failing to start.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/734
 2020-11-26 09:55:26 +02:00
Slavi Pantaleev 796c752b60 Ensure Postgres passwords are not longer than 99 characters 
Complements https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/732
 2020-11-26 09:51:48 +02:00
Slavi Pantaleev 47db2d5363
Merge pull request #730 from benkuly/master 
updates matrix-sms-bridge (changed SMS provider)
 2020-11-25 16:36:11 +02:00
Slavi Pantaleev 75f9fde7a4 Remove some more -v usage 
Continuation of 1fca917ad1.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/722
 2020-11-25 10:49:59 +02:00
Slavi Pantaleev 1fca917ad1 Replace some -v instances with --mount 
`-v` magically creates the source destination as a directory,
if it doesn't exist already. We'd like to avoid this magic
and the potential breakage that it might cause.

We'd rather fail while Docker tries to find things to `--mount`
than have it automatically create directories and fail anyway,
while having contaminated the filesystem.

There's a lot more `-v` instances remaining to be fixed later on.
This is just some start.

Things like `matrix_synapse_container_additional_volumes` and
`matrix_nginx_proxy_container_additional_volumes` were not changed to
use `--mount`, as options for each one are passed differently
(`ro` is `ro`, but `rw` doesn't exist and `slave` is `bind-propagation=slave`).
To avoid breaking people's custom volume mounts, we keep it as it is for now.

A deficiency with `--mount` is that it lacks the `z` option (SELinux
ownership changes), and some of our `-v` instances use that. I'm not
sure how supported SELinux is for us right now, but it might be,
and breaking that would not be a good idea.
 2020-11-24 10:26:05 +02:00
Slavi Pantaleev 27c9014cb8 Improve uninstallation instructions 
Also switches to using `docker system prune -a` for a less invasive
cleanup of Docker images and related resources.
 2020-11-24 09:38:17 +02:00
Slavi Pantaleev 3e2355282b Upgrade Postgres minor versions 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/727
 2020-11-24 09:06:19 +02:00
Aaron Raimist c9d2ef7981
Upgrade Element (1.7.13 -> 1.7.14) 2020-11-23 23:05:54 -06:00
benkuly ff9a4e90c4 updated matrix-sms-bridge 2020-11-23 13:43:04 +01:00
benkuly 3a2e058f2e updated version of matrix-sms-bridge 2020-11-23 13:07:08 +01:00
benkuly f1ceb49ae2 fixed wrong path of truststore 2020-11-23 12:52:16 +01:00
benkuly ad1f0a01ce fixed systemd service typo 2020-11-23 12:49:28 +01:00
benkuly 76b0b9dc34 fixed application.yml loading 2020-11-23 12:48:08 +01:00
benkuly 2fb42dd7f1 fixed typo in truststore path 2020-11-23 12:38:17 +01:00
benkuly 75600aa357 Merge remote-tracking branch 'github/master' 2020-11-23 12:31:14 +01:00
benkuly 4713e5d5f7 updated matrix-sms-bridge to 0.5.0 2020-11-23 12:30:39 +01:00
Slavi Pantaleev 6c85b84c1e Fix self-building for synapse-admin 2020-11-18 18:36:03 +02:00
Slavi Pantaleev b627d93cdc Update homeserver.yaml to keep up with Synapse v1.23.0 
Related to #724 (Github Pull Request)
 2020-11-18 16:57:50 +02:00
transcaffeine c58a7e03c7
synapse: update to 1.23.0 2020-11-18 14:16:46 +01:00
Slavi Pantaleev 41fa00edb4 Revert "Update jitsi web to stable-5142" 
This reverts commit 078592454c
due to reports of breakage both in the support chat room
and in here https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/719
 2020-11-18 12:54:43 +02:00
transcaffeine f7d7190bd0
update mautrix-telegram to 0.9.0 2020-11-17 21:20:12 +01:00
benkuly 8153e25d2d updated matrix-sms-bridge image 2020-11-16 13:59:03 +01:00
benkuly 787a9ef8ad updated matrix-sms-bridge image 2020-11-16 11:51:11 +01:00
benkuly 775b1ca7af updated matrix-sms-bridge image version 2020-11-15 12:12:44 +01:00
Slavi Pantaleev ccabc82d4c Use more fully-qualified container images 
This is both for consistency with 93cc71cb69976c
and for making things more obvious.
 2020-11-14 23:01:11 +02:00
Slavi Pantaleev 5eed874199 Improve self-building experience (avoid conflict with pullable images) 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/716

This patch makes us use more fully-qualified container image names
(either prefixed with docker.io/ or with localhost/).

The latter happens when self-building is enabled.

We've recently had issues where if an image was removed manually
and the service was restarted (making `docker run` fetch it from Docker Hub, etc.),
we'd end up with a pulled image, even though we're aiming for a self-built one.
Re-running the playbook would then not do a rebuild, because:
- the image with that name already exists (even though it's something
else)
- we sometimes had conditional logic where we'd build only if the git
repo changed

By explicitly changing the name of the images (prefixing with localhost/),
we avoid such confusion and the possibility that we'd automatically pul something
which is not what we expect.

Also, I've removed that condition where building would happen on git
changes only. We now always build (unless an image with that name
already exists). We just force-build when the git repo changes.
 2020-11-14 23:00:49 +02:00
João Marques 078592454c Update jitsi web to stable-5142 
Changelog https://github.com/jitsi/jitsi-meet/releases/tag/stable%2Fjitsi-meet_5142
 2020-11-13 18:13:45 +00:00
benkuly c985e17f18 updated matrix-sms-bridge 2020-11-13 08:44:21 +01:00
Slavi Pantaleev 6dbb90258e Mention and recommend enabling usePrivilegedIntents 2020-11-13 08:23:40 +02:00
Slavi Pantaleev fe7bed5df3 Upgrade appservice-discord 2020-11-12 08:21:02 +02:00
Marcel Partap 4678c5d7bd Merge remote-tracking branch 'origin/master' into synapse-workers 
Also, replace vague FIXME by a proper NOTE on the complete
story of the user_dir endpoints..
 2020-11-11 21:26:08 +01:00
Slavi Pantaleev 4dbec2470f Fix systemd_path being undefined breakage 
Regression since #681 (Github Pull Request).

Fixes #715 (Github Issue).
 2020-11-11 00:45:02 +02:00
Slavi Pantaleev 4d12a6f8e9
Merge pull request #681 from scottcrossen/slc/ddclient 
Dynamic DNS
 2020-11-10 23:54:21 +02:00
Slavi Pantaleev 1427286cec Integrate matrix-dynamic-dns with matrix-nginx-proxy without causing a dependency 
We'd like the roles to be self-contained (as much as possible).

Thus, the `matrix-nginx-proxy` shouldn't reference any variables from
other roles. Instead, we rely on injection via
`group_vars/matrix_servers`.

Related to #681 (Github Pull Request)
 2020-11-10 23:49:36 +02:00
Slavi Pantaleev 8782919d85 Ensure matrix_dynamic_dns_domain_configurations contains configurations 
If `matrix_dynamic_dns_enabled`, we'd like to ensure there's at least
one configuration defined.

Related to #681 (Github Pull Request)
 2020-11-10 23:49:36 +02:00
Slavi Pantaleev 97a7c8b0f0 Fix matrix_dynamic_dns_domain_configurations validation check 
- `item` was undefined
- `'key' in configurations == ''` was doing the wrong thing

Related to #681 (Github Pull Request)
 2020-11-10 23:49:36 +02:00
Slavi Pantaleev fef44b93d3 Define the matrix_dynamic_dns_domain_configurations variable in the role 
Having it unset in the role itself (while referencign it) is a little strange.

Now people can look at the `roles/matrix-dynamic-dns/defaults/main.yml`
file and figure out everything that's necessary to run the role.

Related to #681 (Github Pull Request)
 2020-11-10 23:49:36 +02:00
Marcel Partap f3d2797d9c synapse workers: make awk script invocation handle paths with spaces 
(quoting ftw)
 2020-11-10 22:40:48 +01:00
Marcel Partap b05d298ae4 synapse workers nginx rule: add client_max_body_size on media endpoints 
so transfer limits are properly set in accord to the relevant setting
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456#issuecomment-719996778
 2020-11-10 21:43:33 +01:00
Marcel Partap 1e971312e8 synapse workers: handle auth fallback endpoint on main process only 
(allegedly breaks with SSO enabled)
 2020-11-10 21:23:19 +01:00
Marcel Partap e5072c20d9 synapse workers/nginx: handle media_repository worker endpoints on federation port 
to prevent "404 on the federation port for the path `/_matrix/media`,
if a remote server is trying to get the media object on federation
port, see https://github.com/matrix-org/synapse/issues/8695 "

https://github.com/matrix-org/synapse/pull/8701
 2020-11-10 20:35:39 +01:00
Aaron Raimist 31619e0968
Upgrade Element (1.7.12 -> 1.7.13) 2020-11-10 11:27:15 -06:00
Slavi Pantaleev 235299939d Upgrade nginx (1.19.3 -> 1.19.4) 2020-11-10 09:30:00 +02:00
Scott Crossen 59bb6b2971 responded to reviewer comments 2020-11-09 13:32:58 -08:00
Scott Crossen e894befd87 Updates to reviewer comments 2020-11-07 17:53:13 -08:00
Slavi Pantaleev 350c39d745 Update comment 2020-11-02 11:13:25 +02:00
Slavi Pantaleev ef68d3d296 Add support for reverse-proxying /_synapse/oidc 
This broke in 63a49bb2dc.

Proxying the OpenID Connect endpoints is now possible,
but needs to be enabled explicitly now.

Supersedes #702 (Github Pull Request).

This patch builds up on the idea from that Pull Request,
but does things in a cleaner way.
 2020-11-02 11:10:03 +02:00
Slavi Pantaleev 5c91e56898 Upgrade Synapse (v1.22.0 -> v1.22.1) 2020-10-30 19:35:55 +02:00
Aaron Raimist c33d007306
Switch to the new vectorim/element-web Docker image 2020-10-29 11:46:58 -05:00
Marcel Partap cce90b187a synapse workers: fix undefined variable cases when removing workers 2020-10-28 23:09:21 +01:00
Sabine aabefe21f4 fixed yaml 2020-10-28 21:58:59 +01:00
Sabine 468cc39465 added a workaround for postgres's issue with initdb 2020-10-28 21:56:13 +01:00
Slavi Pantaleev c1c6eaefff Upgrade Element (1.7.10 -> 1.7.12) 2020-10-28 17:34:39 +02:00
Slavi Pantaleev 9a46647010 Make https://matrix.DOMAIN/ redirect to https://element.DOMAIN/ 
Fixes #696 (Github Issue)
 2020-10-28 10:39:12 +02:00
Slavi Pantaleev 4700e80389 Raise standalone default Matrix Client API client_max_body_size 
We do this to match Synapse's new default "max_upload_size" (50MB).

This `matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb`
default value only affects standalone usage of the `matrix-nginx-proxy`
role. When the role is used in the context of the playbook,
the value is dynamically assigned from `group_vars/matrix_servers`.

Somewhat related to #692 (Github Issue).
 2020-10-28 10:02:47 +02:00
Marcel Partap e078e29ef8 synapse workers: fix self name in workers-doc-to-yaml.awk script 2020-10-28 08:39:31 +01:00
Slavi Pantaleev ef07aa8e5d Prevent certain nginx location blocks from being ignored 
The regex introduced in 63a49bb2dc seems to take precedence
over the bare location blocks, causing a regression.

> It is important to understand that, by default, Nginx will serve regular expression matches in preference to prefix matches.
> However, it evaluates prefix locations first, allowing for the administer to override this tendency by specifying locations using the = and ^~ modifiers.

Source: https://www.digitalocean.com/community/tutorials/understanding-nginx-server-and-location-block-selection-algorithms
 2020-10-28 09:38:04 +02:00
Marcel Partap 2d1b9f2dbf synapse workers: reworkings + get endpoints from upstream docs via awk 
(yes, a bit awkward and brittle… xD)
 2020-10-28 07:13:19 +01:00
Slavi Pantaleev 70f0b97a0a Upgrade Synapse (v1.21.2 -> v1.22.0) 2020-10-27 14:24:02 +02:00
Slavi Pantaleev 63a49bb2dc Do not expose /_synapse/admin publicly by default 
Fixes #685 (Github Issue).
 2020-10-26 10:36:38 +02:00
Sabine Laszakovits dd50ee19ab fixed bridge permissions 2020-10-25 21:42:40 +01:00
Sabine Laszakovits 2211e678f3 fixed comments that were copied over from mautrix-telegram role 2020-10-25 21:01:25 +01:00
Sabine Laszakovits e59aa07b86 more cleanup 2020-10-25 20:47:10 +01:00
Sabine Laszakovits c36e1355cf cleanup 2020-10-25 20:46:57 +01:00
Sabine Laszakovits 8ebc39dea0 fixed dependencies of bridge service (not ideal, but correct) 2020-10-25 20:46:32 +01:00
Sabine Laszakovits 9b890e9ced moved some settings from role to group_vars 2020-10-25 20:45:24 +01:00
Sabine Laszakovits ff1d7921a0 moved registration.yaml contents to template 2020-10-25 20:16:24 +01:00
Sabine 7a54e11090 started moving settings to group_vars 2020-10-24 12:15:03 +02:00
Marcel Partap 87bd64ce9e Merge remote-tracking branch 'origin/master' into synapse-workers 2020-10-23 23:45:07 +02:00
Marcel Partap a4125d5446 synapse workers: polishing, cleansing and installation of jq dependency 2020-10-23 20:49:53 +02:00
Sabine 69efcb5c21 added mautrix-signal role 2020-10-22 23:29:34 +02:00
Marcel Partap 501efee07e synapse workers: supply systemd with actual worker PIDs (requires jq) 
also, worker.yaml.j2:
  - hone worker_name
  - remove worker_pid_file entry (would only be used if worker_daemonize
    set to true; also, synapse only knows about the container namespace
    and thus can not provide the required host-view PID)
 2020-10-22 20:53:41 +02:00
Slavi Pantaleev 24c6d7e81f Upgrade Element (1.7.9 -> 1.7.10) 2020-10-20 19:06:16 +03:00
Scott Crossen 94dcceb7b9 removed intentional delay 2020-10-19 11:26:37 -07:00
Scott Crossen efeb651789 Removed typo 2020-10-19 11:25:01 -07:00
Scott Crossen e7d79a95dc removed platform-specific stuff 2020-10-19 10:46:02 -07:00
Scott Crossen 19721be8b1 removed dhcp option 2020-10-18 21:05:32 -07:00
Scott Crossen de1511b4bb Fixed valdiation 2020-10-16 21:31:07 -07:00
Scott Crossen 806f98447c Removed directory creation 2020-10-16 21:26:58 -07:00
Scott Crossen 51cca4c312 Added containerization 2020-10-16 21:21:58 -07:00
Tobias Küchel 1cf5b1d80f e2ee_backup: rename variables to be consistent with naming scheme 2020-10-16 09:24:50 +02:00
Tobias Küchel 5158fa4df9 e2ee_backup_methods: rather leave the default empty, so that the system default may apply 2020-10-16 08:50:16 +02:00
Tobias Küchel 8f7e21892d fix indentation, updated to proposed changes from Slavi: no more ifdef 2020-10-16 08:47:37 +02:00
Tobias Küchel 4cfa112755 update default backup_methods as proposed by the system anyway 2020-10-16 08:44:04 +02:00
Tobias Küchel 6599204334 fix commata not being set when secure_backup_required false 2020-10-16 08:20:22 +02:00
Tobias Küchel 48f929dc91 add variables for secure_backup_required and secure_backup_setup_methods 2020-10-16 00:32:00 +02:00
Slavi Pantaleev f7ecc7a2a5 Upgrade Synapse (v1.21.1 -> v1.21.2) 2020-10-15 17:42:52 +03:00
jgbresson 640166e4c3
Upgrade Element (1.7.8 -> 1.7.9) 2020-10-15 00:09:54 -04:00
Dan Arnfield b65bfc38ce Update nginx (1.19.2 -> 1.19.3) 2020-10-14 06:23:33 -05:00
Scott Crossen 53bc7a77e1 fixed EOF issues 2020-10-13 16:47:09 -07:00
Scott Crossen fa5d85426b Renamed systemd descriptions for all bridges 2020-10-13 16:40:30 -07:00
Scott Crossen 1f988969a5 Added role for dynamic dns 2020-10-13 16:26:57 -07:00
Slavi Pantaleev 5abd511368 Upgrade Synapse (v1.21.0 -> v1.21.1) 2020-10-13 13:08:25 +03:00
Slavi Pantaleev d250727e8b Upgrade certbot (1.7.0 -> 1.9.0) 2020-10-13 09:44:32 +03:00
Aaron Raimist 78529cbd47
Upgrade Synapse (v1.20.1 -> v1.21.0) 2020-10-12 23:59:34 -05:00
Marcel Partap d2e61af224 Add worker_name to synapse worker config template 
& restrict federation listener; frontend_proxy / user_dir don't need it
 2020-10-11 21:52:08 +02:00
Marcel Partap 36e9be6092 matrix_synapse_workers_{avail,enabled}_list: sort non-generic workers 
.. alphabetically and put those not documented as multi-instance
capable on ports ending on zero.
 2020-10-11 21:44:42 +02:00
Marcel Partap e9241f5fb9 Improve synapse-workers systemd service template 
Is the PID magic gonna work? or will it need an ExecStartPost hack..
 2020-10-11 21:09:19 +02:00
Marcel Partap 40024e9b81 Prevent workers failing if their config doesn't exist 
- cherry-pick "Ensure worker config exists in systemd service (#7528)"
  from synapse d74cdc1a42e8b487d74c214b1d0ca575429d546a:
  "check that the worker config file exists instead of silently failing."
 2020-10-11 21:09:19 +02:00
Marcel Partap 93a8ea7e4a Merge remote-tracking branch 'master' into feature/add-worker-support 2020-10-11 20:59:05 +02:00
Fanch 1a9cafa3a3 add run-docker-prune command 2020-10-10 04:11:26 +02:00
Slavi Pantaleev 6a72e3fa54 Try to make importing SQLite from older Synapse version work 
If the SQLite database was from an older version of Synapse, it appears
that Synapse would try to run migrations on it first, before importing.
This was failing, because the file wasn't writable.

Hopefully, this fixes the problem.
 2020-10-07 08:54:46 +03:00
Slavi Pantaleev 23daec748c Require Ansible v2.7 or newer (because of items2dict and dict2items) 
Interestingly, no one has reported this failure before #662 (Github
Issue).

It doesn't make sense to keep saying that we support such old Ansible
versions, when we're not even testing on anything close to those.

Time is also passing and such versions are getting more and more
ancient. It's time we bumped our requirements to something that is more
likely to work.
 2020-10-02 11:53:19 +03:00
Slavi Pantaleev 07fa8404bf Upgrade matrix-corporal (1.10.1 -> 1.11.0) 2020-10-01 18:30:30 +03:00
Slavi Pantaleev 9e8c14bf65
Merge pull request #660 from clemsos/master 
Element web : update welcome page template
 2020-10-01 09:44:48 +03:00
Dan Arnfield 3a3383fada Add support for postgres 13 2020-09-30 16:50:59 -05:00
Slavi Pantaleev 43c5f3ec6e Do not create /home/matrix when creating the matrix user 2020-09-29 18:14:37 +03:00
Clement Renaud ac3ba1d919 element web : update welcome page template 2020-09-29 12:33:47 +02:00
Slavi Pantaleev 7eb8192a51 Comlain about version requirement on Ansible v1 
I don't believe Ansible v1 would even go as far as executing this
sanity check, but.. Adding an extra defensive check for completeness.
 2020-09-29 12:37:39 +03:00
Slavi Pantaleev 3d702fe03b Avoid set_fact with error message to prevent confusion 2020-09-29 12:23:39 +03:00
Slavi Pantaleev 3818d82852 Upgrade Element (1.7.7 -> 1.7.8) 2020-09-28 22:20:36 +03:00
Slavi Pantaleev 263727095d
Merge pull request #657 from cnvandijk/feature-client-well-known 
Client well known compatibility
 2020-09-28 09:19:25 +03:00
Slavi Pantaleev 3e2f0a4240 Upgrade matrix-synapse-admin (0.4.1 -> 0.5.0) 
Related to #658 (Github Issue).
 2020-09-28 09:11:05 +03:00
Chris van Dijk b9c8d059d0 Support both the im.vector.riot and io.element variants in client .well-known 
According to the docs, "e2ee" is already under "io.element":
  https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md#disabling-encryption-by-default
however "jitsi" is still under "im.vector.riot":
  https://github.com/vector-im/element-web/blob/develop/docs/jitsi.md#configuring-element-to-use-your-self-hosted-jitsi-server

For now let's just maintain backward and forward compatibility for both
settings since the client version is out of the control of this
playbook.
 2020-09-26 16:57:02 +00:00
Chris van Dijk f6b0f0a477 Rename matrix_riot_jitsi_preferredDomain and matrix_riot_e2ee_default to Element 2020-09-26 16:24:09 +00:00
Slavi Pantaleev 9fba46e694
Merge pull request #655 from aaronraimist/element-showLabs 
Allow configuration of Element's bug_report_endpoint_url and showLabsSettings
 2020-09-25 12:02:29 +03:00
Aaron Raimist dc2def914e
Allow configuration of Element's bug_report_endpoint_url and showLabsSettings 
showLabsSettings is the new enableLabs I guess. enableLabs doesn't seem to do anything anymore. It had been deprecated for a while.

This PR also removes @riot-bot:matrix.org as the default welcome_user_id since it doesn't exist anymore.
 2020-09-24 18:37:31 -05:00
Slavi Pantaleev e68450f094 Upgrade Synapse (v1.20.0 -> v1.20.1) 2020-09-24 18:43:54 +03:00
Slavi Pantaleev 329fef048f Upgrade matrix-corporal (1.10.0 -> 1.10.1) 2020-09-22 19:43:23 +03:00
Slavi Pantaleev 32ac4706cb Upgrade matrix-corporal (1.9.0 -> 1.10.0) 2020-09-22 19:28:27 +03:00
Slavi Pantaleev dd217137b6 Upgrade Synapse (v1.19.3 -> v1.20.0) 2020-09-22 19:28:07 +03:00
Slavi Pantaleev 65e22a6888 Upgrade Synapse (v1.19.2 -> v1.19.3) 2020-09-18 17:37:04 +03:00
Slavi Pantaleev 6db3a46f88
Merge pull request #650 from dwiegreffe/master 
New docker image appservice-slack
 2020-09-18 14:31:39 +03:00
Daniel Wiegreffe b3926e7cca
Update main.yml 2020-09-18 13:26:07 +02:00
Max Klenk fc2edcbecf
fix media routing 2020-09-18 10:45:01 +02:00
Max Klenk 132daba1af
fix worker routes 2020-09-18 10:18:32 +02:00
Slavi Pantaleev e10e3e354d Upgrade Synapse (v1.19.1 -> v1.19.2) 2020-09-16 16:35:17 +03:00
Dan Arnfield faa96ca0c3 Update element (1.7.5 -> 1.7.7) 2020-09-15 06:15:30 -05:00
Daniel Wiegreffe 8f41041f6d replacement of the docker image for appservice-slack to the officially maintained image 2020-09-15 09:11:56 +02:00
Scott Crossen b24333dd0f
Use the same naming convention as the other mx-puppet suite. 2020-09-14 11:11:30 -07:00
Slavi Pantaleev 6e8a39119b Update matrix-reminder-bot (0.1.0 -> 0.2.0) 2020-09-14 10:19:47 +03:00
0hlov3 c19abe4a76 Changes matrix_dimension_integrations_ui_url from /riot to /element https://dimension.t2bot.io/ 2020-09-13 04:19:19 +02:00
Max Klenk 1e68d8b2e5
allow to pass arguments to the postgres process 2020-09-11 14:29:10 +02:00
Max Klenk 880025324a
fix redis config if no password is set 2020-09-11 10:35:50 +02:00
Max Klenk 4fdfc0a34f
add missing ratelimiting options required for load testing 2020-09-11 09:46:20 +02:00
Max Klenk 9a3d84b931
Merge branch 'master' into feature/add-worker-support 2020-09-10 13:57:11 +02:00
Max Klenk a25a429a52
add redis support 2020-09-10 13:39:00 +02:00
Slavi Pantaleev 5bb2c43502 Add support for enabling Jitsi lobby 
Related to #643 (Github Issue)
 2020-09-10 09:08:45 +03:00
Slavi Pantaleev 2a1ec38e3a Stop using Ansible's cron module 
This is mainly to address SSL renewal not working for us due to:
- https://github.com/ansible/ansible/issues/71213
- https://github.com/ansible/ansible/pull/71207

Using the cron module was hacky anyway. We shouldn't need an extra
level of buggy abstraction to manage a cronjob file.
 2020-09-06 10:49:19 +03:00
Slavi Pantaleev bed16fd065 Upgrade Element (1.7.4 -> 1.7.5) 2020-09-01 20:51:51 +03:00
Slavi Pantaleev 6def66940f Fix broken cover photo for matrix-registration 2020-09-01 18:17:04 +03:00
Slavi Pantaleev da38a7869f Add matrix-registration support 2020-09-01 13:46:05 +03:00
Slavi Pantaleev a456e3a9e7 Surface certain messages at the end of playbook execution 
Fixes #106 (Github Issue).
 2020-09-01 13:12:35 +03:00
Slavi Pantaleev e3dca2f66f Try to avoid Docker logs growing too much for one-off containers 
We recently had a report of the Postgres backup container's log file
growing the size of /var/lib/docker until it ran out of disk space.

Trying to prevent similar problems in the future.
 2020-09-01 09:03:48 +03:00
Max Klenk 06bc430c7c
refactor to use new workers and routes they serve 2020-08-28 13:53:39 +02:00
Max Klenk 53ccc783b7
remove duplicated key 2020-08-27 15:26:46 +02:00
Max Klenk 59d1fb76b6
only apply worker redirects if workers are enabled 2020-08-27 15:25:32 +02:00
Max Klenk 567d0318b0
Merge branch 'synapse-workers' into feature/add-worker-support 2020-08-27 15:22:12 +02:00
Slavi Pantaleev 3c285bc6f5 Install lsb-release on Debian distros if unavailable 
Certain more-minimal Debian installations may not have
lsb-release installed, which makes the playbook fail.

We need lsb-release on Debian, so that ansible_lsb
could tell us if this is Debian or Raspbian.
 2020-08-27 13:58:35 +03:00
Slavi Pantaleev 6e9600ffec Upgrade Synapse (v1.19.0 -> v1.19.1) 2020-08-27 12:59:11 +03:00
Slavi Pantaleev daf13107a0 Add support for rust-synapse-compress-state 2020-08-21 13:53:39 +03:00
Slavi Pantaleev b4a549b772 Upgrade Element (1.7.3 -> 1.7.4) 2020-08-17 17:03:19 +03:00
Slavi Pantaleev 9952ec6c16 Upgrade Synapse (v1.18.0 -> v1.19.0) 2020-08-17 17:02:40 +03:00
Slavi Pantaleev fc1655cd4b
Merge pull request #633 from thedanbob/certbot-1.7.0 
Update certbot (1.6.0 -> 1.7.0)
 2020-08-17 16:47:12 +03:00
Slavi Pantaleev 5abbeb75c9
Merge pull request #632 from thedanbob/nginx-1.19.2 
Update nginx (1.19.1 -> 1.19.2)
 2020-08-17 16:44:37 +03:00
Dan Arnfield c8754f422a Update certbot (1.6.0 -> 1.7.0) 2020-08-16 15:01:13 -05:00
Dan Arnfield 8d373409b8 Update nginx (1.19.1 -> 1.19.2) 2020-08-16 14:59:48 -05:00
Dan Arnfield 20eea648a5 Update postgres versions (12.3 -> 12.4, etc) 2020-08-16 14:41:40 -05:00
Justin Croonenberghs 31e2a1f06b
Undo ill-advised change 
In #628 I proposed a CORS change that turns out not to be the root of the issue. Caffeine-addled diagnosis leads to sloppy thinking, and this change should be reverted. In fact, if left it will cause problems for new installations.
 2020-08-09 14:20:37 -05:00
Justin Croonenberghs c5d18733d2
Update CORS for ma1sd 
Even with the v2 updates listed in #503 and partially addressed in #614, this is still needed to enable identity services to function with Element Desktop/Web. Testing on multiple clients with a clean config has confirmed this, at least for my installation.
 2020-08-08 23:19:07 -05:00
Slavi Pantaleev e6dd0fbaee Upgrade Element (1.7.2 -> 1.7.3) 2020-08-06 19:25:52 +03:00
merklaw fa6d85636f Add note about installing 'docker' Python package if Docker installation is disabled 2020-08-05 17:35:25 +02:00
merklaw 87df15441c Add note about installilng 'docker' Python package if Docker installation is disabled 2020-08-05 17:31:16 +02:00
Slavi Pantaleev 4b0a462aef
Merge pull request #620 from NachvollCiba/synapse-admin_selfbuild 
Allow self-build images for Synapse-Admin
 2020-08-04 17:23:30 +03:00
Dennis Ciba b22b593d83 Changed setup of synapse-admin to allow for self-build images 2020-08-04 15:42:00 +02:00
Slavi Pantaleev 54195b22c7 Allow framing Jitsi 
Hopefully fixes a regression caused by b106a9592e.

Related to #597 (Github Pull Request).
 2020-08-04 16:08:11 +03:00
benkuly 7755e5efd4
Update sms-bridge (0.3.1 -> 0.3.2) 2020-07-30 16:25:07 +03:00
Slavi Pantaleev f78a5d4ee8 Upgrade Synapse (v1.17.0 -> v1.18.0) 2020-07-30 14:21:44 +03:00
Slavi Pantaleev a7382924fc
Merge pull request #614 from vractal/enable-ma1sd-hashing 
Enable ma1sd hashing by default
 2020-07-30 09:30:06 +03:00
Slavi Pantaleev 68b2f2c33c
Merge pull request #613 from vractal/fix-gpg-dep 
Replace gpg dependency for gnupg for debian compatibility
 2020-07-30 09:29:25 +03:00
vractal 627c225101 Enable ma1sd hashing by default 2020-07-29 12:38:07 -04:00
Benjamin Fichtner 6539f2a156 Make ansible check mode runs silent, for all tasks which can't be idempotent 2020-07-29 13:23:15 +02:00
vractal 9b61fef271 Replace gpg dependency for gnupg for better debian compatibility 2020-07-28 15:26:16 -04:00
Slavi Pantaleev 3dcef4faa9
Merge pull request #609 from jdreichmann/newTelegramBridgeVersion 
Bump version of mautrix-telegram to 0.8.2
 2020-07-28 20:59:51 +03:00
Slavi Pantaleev be5ca5258b Upgrade Element (1.7.1 -> 1.7.2) 2020-07-28 19:04:11 +03:00
Johanna Dorothea Reichmann 2004143f14
Bump version of mautrix-telegram to 0.8.2 
fixes matrix users unable to delete messages
 2020-07-27 15:53:33 +02:00
Slavi Pantaleev ae002d8ae4 Fix synapse-admin uninstallation 2020-07-26 18:09:29 +03:00
Slavi Pantaleev 3f8e5b4363 Allow framing Dimension 
Fix regression since 2a50b8b6bb (#597).

Dimension is intended to be embedded in various clients,
be it the Element service that we host (at element.DOMAIN),
some other Element (element-desktop running locally), etc.
 2020-07-25 07:08:32 +03:00
Tommy Kelly d76d91a33e Update jitsi-web version 
Changelog here https://github.com/jitsi/jitsi-meet/releases/tag/stable%2Fjitsi-meet_4857
 2020-07-24 13:23:29 +03:00
Slavi Pantaleev 2a50b8b6bb
Merge pull request #597 from TwoTwenty/nginx-proxy-headers 
Nginx proxy headers
 2020-07-24 12:53:50 +03:00
Dan Arnfield 7a3491a32a Fix capability names for synapse-admin 2020-07-22 21:18:15 -05:00
TwoTwenty b106a9592e
Update matrix-jitsi.conf.j2 2020-07-22 10:39:24 -07:00
TwoTwenty c97e7c5a3e
Update matrix-dimension.conf.j2 2020-07-22 10:39:07 -07:00
TwoTwenty 18ba885ca2
Update matrix-client-element.conf.j2 2020-07-22 10:38:50 -07:00
Slavi Pantaleev 31b79553e0 Make matrix-reminder-bot default to in-container networking 2020-07-22 16:37:14 +03:00
Slavi Pantaleev 46135fb30c Add trailing-slash redirect for /synapse-admin 2020-07-22 13:15:05 +03:00
Slavi Pantaleev b2ae669566 Add synapse-admin support 
Fixes #562 (Github Issue)
 2020-07-22 08:10:26 +03:00
Slavi Pantaleev 78b1ef9a5f Add support for matrix-reminder-bot 2020-07-20 14:13:08 +03:00
hungrymonkey d093b9b148 Added gpg as base dependency for Debian 10 
AWS Debian marketplace image does not have gpg preinstalled

https://aws.amazon.com/marketplace/pp/B0859NK4HC?ref=cns_srchrow

TASK [matrix-base : Ensure Docker's APT key is trusted] *******************************************************************************************************************************************************
fatal: [matrix.domain.com]: FAILED! => {"changed": false, "msg": "Failed to find required executable gpg in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}

Closes #590
 2020-07-18 07:56:30 -07:00
Slavi Pantaleev b872053a50
Merge pull request #588 from mattcen/fix-ma1sd-image-build 
Fix issues building ma1sd Docker image
 2020-07-17 11:48:50 +03:00
Slavi Pantaleev 28855d1bb4
Document matrix_ma1sd_docker_src_files_path naming 2020-07-17 11:47:15 +03:00
Slavi Pantaleev ab188018f3
Move when statement to block 
The when statement is supposed to be on the block, not on the individual task.

It affects all tasks within the block (they're all to be executed when ma1sd is enabled and self-building is requested0.
 2020-07-17 11:44:26 +03:00
Slavi Pantaleev c6ab1c6a90 Riot is now Element 
Fixes #586 (Github Issue)
 2020-07-17 11:31:20 +03:00
Matt Cengia fede58fe96 Correctly tag self-built ma1sd Docker image 2020-07-17 17:12:16 +10:00
Slavi Pantaleev de0efe96e7 Fix incorrect when statement 2020-07-17 08:59:00 +03:00
Slavi Pantaleev 298d277c6c Upgrade riot-web (1.7.0 -> 1.7.1) 2020-07-17 08:56:08 +03:00
Matt Cengia b0e984136f Fix issues building ma1sd Docker image 
The tag format used in the `ma1sd` repo have change. Versions no longer
start with 'v', and when building for non-amd64, we also need to strip
off the '-$arch' bit from the Docker image name.

Further, when building the .jar file, `ma1sd` currently names the .jar
based on the project's directory, which we call 'docker-src'. This means
other parts of the `ma1sd` build can't find the .jar file. Remedy this
by ensuring that the dir is called `docker-src/ma1sd`.
 2020-07-17 13:57:47 +10:00
Dan Arnfield c47a55d170 Update nginx (1.19.0 -> 1.19.1) and certbot (1.5.0 -> 1.6.0) 2020-07-16 06:34:14 -05:00
Slavi Pantaleev 820dc6d7fa Fix translation issue (Riot.im -> Element) 2020-07-15 14:46:39 +03:00
Slavi Pantaleev 7c55e94cff Upgrade riot-web (1.6.7 -> 1.7.0) 2020-07-15 14:28:23 +03:00
benkuly a1e248e0e1
updated matrix-sms-bridge (#581) 
* updated matrix sms bridge container

* remove force pull

* updated matrix-sms-bridge container

* updated matrix-sms-bridge container

* updated version of matrix-sms-bridge

* updates matrix-sms-bridge
 2020-07-14 14:02:34 +03:00
Slavi Pantaleev b50cfe8d18 Upgrade mautrix-telegram (0.7.2 -> 0.8.1) 2020-07-14 10:37:07 +03:00
Slavi Pantaleev 200f912c04 Upgrade Synapse (v1.16.1 -> v1.17.0) 
Fixes #579 (Github Issue).
 2020-07-13 14:08:50 +03:00
shadow ddfc945fcf Remove unused validate_config.yml, since it causes ansible warnings 2020-07-11 00:40:12 +03:00
Slavi Pantaleev eff55e4d00 Upgrade Synapse (v1.16.0 -> v1.16.1) 2020-07-10 14:33:18 +03:00
benkuly 3553d3d513 updated version of matrix-sms-bridge 2020-07-08 18:15:18 +03:00
benkuly 8e1a418a45 updated matrix-sms-bridge container 2020-07-08 18:15:18 +03:00
benkuly bd3223cdd4 updated matrix-sms-bridge container 2020-07-08 18:15:18 +03:00
benkuly 226d5a9c64 remove force pull 2020-07-08 18:15:18 +03:00
benkuly c5f9e02103 updated matrix sms bridge container 2020-07-08 18:15:18 +03:00
Slavi Pantaleev 928982cffe Upgrade Synapse (v1.15.2 -> v1.16.0) 2020-07-08 14:08:46 +03:00
Slavi Pantaleev 18ab677a96 Remove useless file 2020-07-08 00:22:47 +03:00
Slavi Pantaleev 227f1a28e3 Allow matrix_user_uid/matrix_user_gid to be specified manually 2020-07-06 11:05:34 +03:00
Panagiotis Vasilopoulos baed917a13
Fixed repository link for mx-puppet-steam 
- https://github.com/icewind1991/mx-puppet-steam is the link that's referenced by the documentation.
- The previous link, https://github.com/matrix-steam/mx-puppet-steam, is invalid/inaccessible to the public.
 2020-07-05 23:28:03 +03:00
shadow 6293f1bdb0 Run all API self checks in check_mode 2020-07-04 15:24:33 +02:00
Slavi Pantaleev f758ee90cb
Add |to_json to some values 2020-07-04 09:31:52 +03:00
Justin Croonenberghs 35c2655fa4 Removed troublesome #s 2020-07-03 19:01:03 -05:00
Justin Croonenberghs 1f21f0c09a Add variables for reCAPTCHA validation 2020-07-03 18:33:25 -05:00
Slavi Pantaleev b08ee2f2fa Move Jitsi container image tag to a variable 
Related to #554 (Github Pull Request).
 2020-07-03 13:10:59 +03:00
Slavi Pantaleev 3710e04e10
Merge pull request #557 from izissise/mx-puppet-steam 
Add mx-puppet-steam
 2020-07-03 12:05:41 +03:00
Slavi Pantaleev d5eb7eb949
Merge pull request #560 from aaronraimist/synapse-1.15.2 
Upgrade Synapse (1.15.1 -> 1.15.2)
 2020-07-02 18:41:51 +03:00
Aaron Raimist 78382b0ce4
Upgrade Synapse (1.15.1 -> 1.15.2) 2020-07-02 10:38:25 -05:00
Hugues Morisset 57f498217a Add mx-puppet-steam 2020-07-01 21:01:00 +02:00
Hugues Morisset eb0df37247 Mx-puppet-discord Use official docker image 
https://github.com/matrix-discord/mx-puppet-discord/issues/80

Thanks Sorunome for setting up the automated build
 2020-07-01 13:33:01 +02:00
Hugues Morisset 42e7f5e9bc Add mx-puppet-discord 2020-07-01 13:31:31 +02:00
Slavi Pantaleev 744667b270 Merge branch 'master' into mx-puppet-twitter 2020-06-30 17:37:19 +03:00
Slavi Pantaleev 31f9e7bbea
Merge pull request #551 from jdreichmann/feat-mx-puppet-instagram 
Add mx-puppet-instagram
 2020-06-30 17:33:37 +03:00
Slavi Pantaleev 8b59402f79 Upgrade Coturn (4.5.1.2 -> 4.5.1.3) 
4.5.1.3 fixes a security vulnerability:
https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm
 2020-06-30 14:28:41 +03:00
Slavi Pantaleev f41c5e89e5 Upgrade riot-web (1.6.6 -> 1.6.7) 2020-06-29 18:41:06 +03:00
Tulir Asokan 5b960bcfb5 Make sender_localpart configurable for mx-puppet-twitter 2020-06-29 18:04:40 +03:00
Tulir Asokan 13186a1ddc Add mx-puppet-twitter 
Signed-off-by: Tulir Asokan <tulir@maunium.net>
 2020-06-29 15:28:43 +03:00
Slavi Pantaleev de545f9c5f Update docs on self-building and remove useless variable 
`matrix_container_images_self_build` was not really doing anything
anymore. It previously was influencing `matrix_*_self_build` variables,
but it's no longer the case since some time ago.

Individual `matrix_*_self_build` variables are still available.
People that would like to toggle self-building for a specific component
ought to use those.

These variables are also controlled automatically (via
`group_vars/matrix_servers`) depending on `matrix_architecture`.

In other words, self-building is being done automatically for
all components when they don't have a prebuilt image for the specified
architecture. Some components only support `amd64`, while others also
have images for other architectures.
 2020-06-29 14:58:03 +03:00
Slavi Pantaleev 635f385971 Use pre-built arm64 image for ma1sd 
ma1sd 2.4.0 announced experimental support for arm64.
We're making use of those arm64 images instead of self-building.
 2020-06-29 14:53:23 +03:00
Slavi Pantaleev f30d5e0950
Merge pull request #554 from teutat3s/jitsi-update-4627-1 
Update Jitsi to stable-4627-1
 2020-06-29 09:12:47 +03:00
teutat3s 784cb3e325
Update Jitsi to stable-4627-1 2020-06-28 22:00:08 +02:00
teutat3s 4cf59098ad
Update ma1sd to v2.4.0 2020-06-28 21:47:19 +02:00
Slavi Pantaleev 19b9a1b16c Expose mautrix-hangouts port if matrix-nginx-proxy is disabled 2020-06-28 09:01:48 +03:00
jdreichmann 0fea35cdd2
mx-puppet-instagram: add role 2020-06-27 15:23:21 +02:00
Slavi Pantaleev a081979d39
Merge pull request #548 from pcorace/master 
Add variables to fine tune jitsi
 2020-06-27 08:01:54 +03:00
Pablo 69570de8a9 Rename variables 2020-06-25 11:20:40 -03:00
Slavi Pantaleev 5c5f1c6ab9 Add support for telling Riot to not default to E2EE 
Related to https://github.com/vector-im/riot-web/pull/13914
 2020-06-24 11:39:51 +03:00
Pablo c341608480 Add variables to fine tune jitsi 2020-06-23 19:22:52 -03:00
Slavi Pantaleev d2a0ec6aa9 Upgrade riot-web (1.6.5 -> 1.6.6) 2020-06-23 18:03:58 +03:00
Slavi Pantaleev 105b3524bb Upgrade riot-web (1.6.4 -> 1.6.5) 2020-06-16 19:22:45 +03:00
Slavi Pantaleev 10bc85962e Upgrade Synapse (1.15.0 -> 1.15.1) 2020-06-16 13:55:27 +03:00
Slavi Pantaleev 7729511a84 Make vars.yml snapshotting optional and more configurable 
Certain people organize their inventory in a different way
and we'd like to accommodate them.

Related to #542 (Github Issue).
 2020-06-14 10:01:22 +03:00
Slavi Pantaleev 67ab7e7a1b Preserve vars.yml on the server for easily restoring 
Fixes #542 (Github Issues).
 2020-06-13 07:52:01 +03:00
benkuly d49ee51035 remove force pull matrix-sms-bridge docker image 2020-06-12 10:23:51 +02:00
benkuly a0661a6012 updated sms bridge docker image 2020-06-12 08:37:08 +02:00
benkuly 11e53c4fbc add default region 2020-06-11 15:37:46 +02:00
benkuly 99639d7d7a Merge remote-tracking branch 'github/master' 2020-06-11 15:36:02 +02:00
Slavi Pantaleev 6538ae34f5 Upgrade Synapse (v1.14 -> v1.15) 
Fixes #539 (Github Issue).
 2020-06-11 16:02:01 +03:00
Hugues Morisset d4938333e6 Fix missing conf for double puppeting in mx-puppet-slack 2020-06-11 11:10:13 +02:00
Slavi Pantaleev 440569c47b Update mautrix-facebook configuration 2020-06-10 09:20:06 +03:00
Slavi Pantaleev 10b3ceff72 Make Matrix federation port configurable 
Fixes #523 (Github Issue).
 2020-06-09 08:29:03 +03:00
Slavi Pantaleev 65e5020596 Proxy other /_synapse endpoints to the client API 
Besides /_synapse/admin, there are other things like
/_synapse/oidc, etc.

We should just proxy everything.

Fixes #534 (Github Issue).
 2020-06-09 08:12:58 +03:00
Slavi Pantaleev ab32f6adf6 Add self-building support to matrix-mailer (exim-relay) 2020-06-08 09:52:34 +03:00
Slavi Pantaleev 1f414a44ff Upgrade matrix-mailer 2020-06-08 09:37:28 +03:00
Slavi Pantaleev 0113852504 Upgrade matrix-synapse-shared-secret-auth (1.0.1 -> 1.0.2) 
There's no change in the source code. Just a release bump for packaing
reasons. It doesn't matter much for us here, but let's be on the latest
tag anyway.
 2020-06-08 09:29:55 +03:00
dasTholo 331c77a651
Add Docker Network for matrix-mautrix-telegram-db for Telegram Bridge with Postgress 
Postgres setup like
matrix_mautrix_telegram_configuration_extension_yaml: |
  appservice:
    database: "postgres://XXX:XXX@matrix-postgres:5432/mxtg"

 will fail without the right Dockernetwork
 2020-06-06 12:42:25 +02:00
benkuly 77fd23149b added gammu hard reset for sms modem 2020-06-06 08:28:08 +02:00
Slavi Pantaleev e4edfd5b12 Remove now-unnecessary /dev/null hacks from riot-web 
`/etc/nginx/conf.d/default.conf` was previously causing
some issues when used with our `--user`.

It's not the case anymore, so we can remove it.

Fixes #369 (Github Issue).
 2020-06-06 08:47:56 +03:00
Slavi Pantaleev 88a4a3ab55 Update components 2020-06-06 08:25:27 +03:00
Slavi Pantaleev b0b744dede Add periodic reconnection configuration to mautrix-facebook bridge 2020-06-05 15:21:41 +03:00
Slavi Pantaleev c838bd2f46
Merge pull request #514 from benkuly/master 
added matrix-sms-bridge
 2020-06-05 14:52:41 +03:00
benkuly f68e47d3c4 renamed role matrix-sms-bridge to matrix-bridge-sms 2020-06-05 12:25:41 +02:00
Slavi Pantaleev 0fce642179 Upgrade riot-web (1.6.2 -> 1.6.3) 2020-06-04 19:52:55 +03:00
benkuly 85c6befc04 removed unused delivery report 2020-06-03 20:02:37 +02:00
benkuly b60a4ac643 mount as slave 2020-06-03 14:25:23 +02:00
benkuly 3a3b95abfc added dev volume to find serial by id 2020-06-03 13:13:25 +02:00
benkuly 41b1925b2a remove dev mount 2020-06-03 13:07:36 +02:00
benkuly 0967bc3cd9 added missing z flag 2020-06-03 12:03:44 +02:00
Slavi Pantaleev c00a7c2fe9 Update mautrix-facebook configuration (invitation, backfilling support) 2020-06-03 09:35:31 +03:00
Slavi Pantaleev 5da31ba579 Move configuration templates outside of defaults/main.yml files 2020-06-03 09:33:28 +03:00
benkuly 26846a5f6c try privileged way 2020-06-02 22:04:52 +02:00
benkuly 2fd8216fbc try to fix device reconnect issues 2020-06-02 18:27:33 +02:00
benkuly cd17928805 revert remove of frequency 2020-06-02 14:56:22 +02:00
benkuly f383b152da removed gammu reset frequency 
because the tty port will change
 2020-06-02 14:49:55 +02:00
benkuly 0b7d6744bf added more docs and timeout value 2020-06-02 08:39:30 +02:00
Slavi Pantaleev f56a9a0f5f
Merge pull request #524 from cnvandijk/fix-executable-path 
Remove hardcoded paths to commands on the host machine
 2020-05-28 15:39:25 +03:00
Slavi Pantaleev 8bae39050e Update settings for Synapse v1.14.0 2020-05-28 15:23:05 +03:00
tctovsli 45ba01510d
Synapse v.1.14.0 2020-05-28 14:04:37 +02:00
Chris van Dijk 74df10633a Remove hardcoded command paths in playbook cron usage 2020-05-27 23:14:58 +02:00
Chris van Dijk 6e3b877dc2 Remove hardcoded command paths in playbook shell usage 2020-05-27 23:14:56 +02:00
Chris van Dijk 6334f6c1ea Remove hardcoded command paths in systemd unit files 
Depending on the distro, common commands like sleep and chown may either
be located in /bin or /usr/bin.

Systemd added path lookup to ExecStart in v239, allowing only the
command name to be put in unit files and not the full path as
historically required. At least Ubuntu 18.04 LTS is however still on
v237 so we should maintain portability for a while longer.
 2020-05-27 23:14:54 +02:00
Ugurtan 5ace3f4a1c
fix for importing sqllite database 
the current version fails the import, because the volume for the media is missing. It still fails if you have the optional shared secret password provider is enabled, so that might need another mount. Commenting out the password provider in the hoimeserver.yaml during the run works as well.
 2020-05-27 18:13:36 +02:00
benkuly e4f128a1ba fixed wrong gammu path 2020-05-26 18:19:22 +02:00
benkuly 3d63ee6d13 add group dialout to container 2020-05-26 18:12:26 +02:00
Slavi Pantaleev a353217cf3 Add delivery_receipts option for matrix-bridge-mautrix-facebook 2020-05-26 09:49:12 +03:00
benkuly a7fd27c43c removed jinja command 2020-05-25 19:36:19 +02:00
benkuly ecf3116c4a fixed wrong gammu config dest 2020-05-25 19:34:40 +02:00
benkuly f8663512de fixed wrong paths 2020-05-25 19:31:03 +02:00
benkuly 805708e089 fix wrong used paath for gammu config file 2020-05-25 19:21:07 +02:00
benkuly 73b71a34c8 try to fix gammu-smsdrc is not a file 2020-05-25 19:19:30 +02:00
benkuly 1f570b3251 revert last change 2020-05-25 19:09:08 +02:00
benkuly 469554b836 try to use other mount option 
to prevent docker from using dir instead of file
 2020-05-25 19:04:56 +02:00
benkuly eb8e3572fd fixed wrong behaviour of gammu 2020-05-25 15:37:46 +02:00
benkuly f0ff8112c7 database admin username must be neo4j 2020-05-23 20:51:07 +02:00
benkuly fe54690ea1 fixed missing registration var 2020-05-23 15:32:16 +02:00
benkuly 63705f94f1 removed templates 2020-05-23 15:30:31 +02:00
benkuly c802009b5c fixed wrong var name 2020-05-23 15:12:56 +02:00
benkuly be101a3114 added missing service to service list 2020-05-23 14:16:44 +02:00
benkuly 9ed80e754b added missing variable 2020-05-23 13:54:07 +02:00
benkuly 1ffa4a326c matrix-sms-bridge: 
added docs, added seperate service for database, pr comments
 2020-05-23 13:14:24 +02:00
Slavi Pantaleev 4c4f208613 Upgrade mautrix-telegram (0.7.0 -> 0.7.2) 2020-05-22 19:54:30 +03:00
Slavi Pantaleev 5c7e5c57bd Upgrade riot-web (1.6.1 -> 1.6.2) 2020-05-22 18:08:17 +03:00
benkuly 4913ca4bb2 matri-sms-bridge: 
better path handling, fixed some mistakes
 2020-05-22 13:59:38 +02:00
benkuly 2d75fca257 added matrix-sms-bridge 2020-05-22 13:50:59 +02:00
Slavi Pantaleev 3198ed0dc9 Add missing matrix_mx_puppet_slack_container_http_host_bind_port variable 2020-05-22 11:12:06 +03:00
Slavi Pantaleev 4111e42070
Merge pull request #513 from joao-p-marques/fix/mx-puppet-bridge 
Fix/mx puppet bridge
 2020-05-22 10:53:37 +03:00
joao-p-marques afd6d7e45a change var name to correct one 2020-05-21 23:40:54 +01:00
joao-p-marques c1bb4f680e enable oauth 2020-05-21 23:40:38 +01:00
Dan Arnfield ee3944bcdb Update postgres (12.2 -> 12.3, etc) 2020-05-21 11:40:40 -05:00
Slavi Pantaleev 8fb3ce6f6d Upgrade Synapse (v1.12.4 -> v1.13.0) 2020-05-19 21:35:32 +03:00
Slavi Pantaleev a3259bbd77
Add |to_json to some variables 2020-05-19 21:15:23 +03:00
louis a03e95b7eb enable by default v2 api prefix for ma1sd 2020-05-19 17:06:11 +02:00
Slavi Pantaleev 7a2dbdc2d7 Update components 2020-05-19 15:06:35 +03:00
Slavi Pantaleev ba23779b05 Fix incorrect Jitsi container image tags 
Related to #508 (Github Pull Request).
 2020-05-17 21:23:18 +03:00
teutat3s 47001258b5
Ensure prosody plugin path created / permissions 2020-05-17 14:19:58 +02:00
teutat3s fbd8f3ec9b
Jitsi prosody: add volume /prosody-plugins-custom 2020-05-16 15:12:51 +02:00
teutat3s c2df3d7bbf
Update jitsi containers to 4548-1 2020-05-16 15:00:44 +02:00
Marcel Partap 93f4111654 Prevent 404s when Riot tries to retrieve domain-specific config.json 
Riot unconditionally asks for a config.${document.domain}.json, c.f.
https://github.com/vector-im/riot-web/blame/develop/src/vector/getconfig.ts#L24
 2020-05-13 18:34:14 +02:00
Dan Arnfield 787f12e70d Fix typo in validation 2020-05-08 13:56:31 -05:00
Slavi Pantaleev dd527d5968 Ensure correct dimension.db file ownership 
This is mostly here to guard against problems happening
due to server migration and doing `chown -R matrix:matrix /matrix`.

Normally, the file is owned by `1000:1000`, as expected.

If ownership changes, Dimension could still start, but it will fail the
first time it tries to write to the database. Explicitly chowning
before startup guards against this.

Related to #485 and #486 (Github Pull Requests).
Also related to ccc7aaf0ce.
 2020-05-06 11:28:09 +03:00
Slavi Pantaleev ae1b1be3f4 Do not use matrix:matrix for Dimension configuration 
Dimension runs as the `node` user in the container (`1000:1000`).
It doesn't seem like we have a way around it. Thus, its configuration
must also be readable by that user (or group, in this case).
 2020-05-06 11:20:14 +03:00
Slavi Pantaleev c1c8b8e62c Warn about matrix_user_uid/matrix_user_gid 
We don't really need to fail in such a spectactular way,
but it's probably good to do. It will only happen for people
who are defining their own user/group id, which is rare.

It seems like a good idea to tell them that this doesn't work
as they expect anymore and to ask them to remove these variables,
which otherwise give them a fake sense of hope.

Related to #486 (Github Pull Request).
 2020-05-06 10:17:19 +03:00
Slavi Pantaleev 36c61b5b4e Introduce a separate group variable (matrix_user_groupname) 
Related to #485 (Github Pull Request).
 2020-05-06 10:02:47 +03:00
Slavi Pantaleev ccc7aaf0ce Fix "Migrating to a new server" flow due to dynamic user/group creation 2020-05-06 09:55:40 +03:00
Slavi Pantaleev 6032affc20
Merge pull request #486 from FanchTheSystem/avoid_fixed_uid_and_gid 
Remove default UID/GID
 2020-05-06 09:46:49 +03:00
Slavi Pantaleev 8fea6f5130 Make sure matrix_user_uid and matrix_user_gid are always set 
If one runs the playbook with `--tags=setup-all`, it would have been
fine.

But running with a specific tag (e.g. `--tags=setup-riot-web`) would
have made that initialization be skipped, and the `matrix-riot-web` role
would fail, due to missing variables.
 2020-05-06 09:43:30 +03:00
Slavi Pantaleev 4359571d38 Upgrade riot-web to v1.6.0 2020-05-05 14:02:14 +03:00
Fanch a1c5a197a9 remove default UID/GID 2020-05-04 21:43:54 +02:00
Dan Arnfield e750c6c6ff Update coturn (4.5.1.1 -> 4.5.1.2) 2020-05-04 09:46:45 -05:00
Horvath Gergely d6266a8c47 fix skype bridge being rebuilt when upstream changed 2020-05-01 21:34:42 +02:00
Chris van Dijk 7585bcc4ac Allow the matrix user username and groupname to be configured separately 
No migration steps should be required.
 2020-05-01 19:59:32 +02:00
Chris van Dijk cf0e56e92b Consistent usage of matrix username and groupname, not uid and gid 
This should be a no-op, no migration necessary.
 2020-05-01 19:39:17 +02:00
Chris van Dijk 741064a178 Fix group ownership of Dimension base path and config 
Ansible will migrate the ownership of the base path and config path, but
manual intervention will be required in order to migrate the ownership
of files in those directories (i.e. dimension.db).

Stop the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=stop

Fix the permissions on the server:

  (server)# chown -Rv "{{ matrix_user_username }}:{{ matrix_user_username }}" "{{ matrix_dimension_base_path }}"

which would typically look like:

  (server)# chown -Rv matrix:matrix /matrix/dimension/

Reconfigure Dimension and start the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=setup-dimension,start
 2020-05-01 19:28:30 +02:00
Slavi Pantaleev 0e26810162
Merge pull request #478 from cnvandijk/feature-jitsi-ldap-auth 
Add support for Jitsi LDAP authentication
 2020-04-30 10:09:48 +03:00
Chris van Dijk 9d6614e80f Add support for Jitsi LDAP authentication 2020-04-29 17:57:38 +02:00
Slavi Pantaleev 669780976f
Update mappings configuration example 2020-04-29 09:29:03 +03:00
John Goerzen a2df0016eb Update matrix-appservice-irc to 0.16.0 
Note the potential breaking change

Resolves #474
 2020-04-28 11:43:52 -05:00
GuillauG 29f606bac7
Add 'permalinkPrefix' and 'default_theme' for configuring riot web (#472) 
* add permalinkPrefix to riot-web config

* add feature to change default theme of riot-web via its config file

* remove matrix_riot_web_change_default_theme and provide sane default
 2020-04-28 13:10:33 +03:00
teutat3s 37d427c05c
Update Jitsi docker images to stable 4416 2020-04-28 03:52:43 +02:00
Slavi Pantaleev 438652c732 Switch Slack image to a working tag 
We've had reports of the `:latest` tag not working anymore,
leading to an error as described here:
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/341
 2020-04-27 10:49:06 +03:00
Slavi Pantaleev 9cc0c5955d Use |quote in some command calls 2020-04-24 09:59:30 +03:00
Aaron Raimist 23bfaa72ec
Upgrade Synapse (1.12.3 -> 1.12.4) 2020-04-23 13:30:50 -05:00
Rodrigo Belem 033dfcb26f Remove duplicated whitelist entry in skype main.yml 2020-04-23 09:06:08 -04:00
Rodrigo Belem 4149e03b69 Initial mx-puppet-slack bridge role 2020-04-23 09:06:08 -04:00
Slavi Pantaleev 272888d917
Merge pull request #462 from cnvandijk/feature-dimension-unfederated 
Add support for running dimension in an unfederated environment
 2020-04-22 22:47:14 +03:00
Slavi Pantaleev 0af5a8c4cc Simplify mx-puppet-skype blacklists a bit 
Related to #466 (Github Pull Request).
 2020-04-22 22:42:24 +03:00
Rodrigo Belem b08a49d94d Allow skype more configurations for relay and provisioning 2020-04-22 15:26:31 -04:00
Chris van Dijk 3f4bc9b881 Move config supprt for unfederated dimension into group_vars 2020-04-22 19:23:56 +02:00
Slavi Pantaleev 9991d545dd Add note about synapse-janitor and require explicit confirmation for usage 
Fixes #465 (Github Issue).

Related to https://github.com/xwiki-labs/synapse_scripts/pull/12.
 2020-04-21 21:48:06 +03:00
Slavi Pantaleev 554da8338a
Merge pull request #463 from hooger/architecture 
Architecture
 2020-04-20 16:45:59 +03:00
Marcel Partap 46984a4f99 Nginx conf: more testing less b0rk 2020-04-19 21:42:34 +02:00
Christoph Johannes Kleine 765c046beb
add missing ; to matrix-synapse.conf.j2 2020-04-19 19:50:42 +02:00
Marcel Partap 5f63d287b7 Move synapse worker ports up 10k 2020-04-19 19:05:03 +02:00
Marcel Partap e4763c21bc nginx config: route traffic to workers on matrix-synapse 
FIXME: horrid duplication in template file
 2020-04-19 19:05:03 +02:00
Marcel Partap 66a4073512 Publish synapse worker ports, need to be accessible to nginx 2020-04-19 19:05:03 +02:00
Marcel Partap cf452fdf0a Fix corner-cases found through testing (aka ansible is nuts) 2020-04-19 19:05:03 +02:00
Marcel Partap a14b9c09ad Add to synapse nginx template conditional URL rewrites for workers 
· 😅 How to keep this in sync with the matrix-synapse documentation?
· regex location matching is expensive
· nginx syntax limit: one location only per block / statement
· thus, lots of duplicate statements in this file
 2020-04-19 19:05:03 +02:00
Marcel Partap 353bc7c362 Add initial support for synapse workers 
· needs documentation; no checks yet for port clashes or typos in worker name
· according to https://github.com/matrix-org/synapse/wiki/Workers-setup-with-nginx#results
  about 90% of requests go to the synchrotron endpoint
· thus, the synchrotron worker is especially suited to be load-balanced
· most of the other workers are documented to support only a single instance
· https://github.com/matrix-org/synapse/blob/master/docs/workers.md
 2020-04-19 19:05:03 +02:00
Dan Arnfield e2de6a1569 Update nginx (1.17.9 -> 1.17.10) 2020-04-19 08:38:53 -05:00
Horvath Gergely bd61598faf add experimental(?) architecture support for arm32 and arm64 
the changes are necessary because certbot images are tagged, so docker does not recognize the necessary architecture
 2020-04-18 22:55:19 +02:00
Chris van Dijk da2e90dcc1 Remove check for "Fail if Matrix Federation is disabled" 
This playbook now suports running dimension in both a federated and an
unfederated environment.
 2020-04-18 19:01:45 +02:00
Chris van Dijk 3ddb8cd148 Add support for running dimension in an unfederated environment 
This config change follows:

  https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md
 2020-04-18 19:00:20 +02:00
Horvath Gergely 203a319881 force build docker image if git master changes 2020-04-18 12:56:36 +02:00
Slavi Pantaleev c13c29f48e Fix |to_nice_yaml breaking formatting 
Well, actually 8cd9cde won't work, unless we put the
`|to_nice_yaml` thing on a new line.

We can, but that takes more lines and makes things look uglier.
Using `|to_json` seems good enough.

The whole file is parsed as YAML later on and merged with the
`_extension` variable before being dumped as YAML again in the end.
 2020-04-18 11:06:53 +03:00
Slavi Pantaleev 8cd9cdead0 Improve consistency 2020-04-18 11:05:47 +03:00
Slavi Pantaleev 27cae3d90c
Merge pull request #461 from lampholder/toml/allowed_local_3pids 
Expose allowed local 3pids as a configurable option
 2020-04-18 11:05:01 +03:00