Commit graph

33 commits

Author SHA1 Message Date
Slavi Pantaleev e1690722f7 Replace cronjobs with systemd timers
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/756

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/737

I feel like timers are somewhat more complicated and dirty (compared to
cronjobs), but they come with these benefits:

- log output goes to journald
- on newer systemd distros, you can see when the timer fired, when it
will fire, etc.
- we don't need to rely on cron (reducing our dependencies to just
systemd + Docker)

Cronjobs work well, but it's one more dependency that needs to be
installed. We were even asking people to install it manually
(in `docs/prerequisites.md`), which could have gone unnoticed.

Once in a while someone says "my SSL certificates didn't renew"
and it's likely because they forgot to install a cron daemon.

Switching to systemd timers means that installation is simpler
and more unified.
2021-01-14 23:35:50 +02:00
Slavi Pantaleev 88acc98c23 Mention LXC 2021-01-13 19:39:08 +02:00
Slavi Pantaleev e2e6cfaa8b Document Ansible's Python interpreter discovery some more
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/570

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/641
2020-12-16 18:14:52 +02:00
Slavi Pantaleev c07c927d9f Automatically enable openid listeners when ma1sd enabled
ma1sd requires the openid endpoints for certain functionality.
Example: 90b2b5301c/src/main/java/io/kamax/mxisd/auth/AccountManager.java (L67-L99)

If federation is disabled, we still need to expose these openid APIs on the
federation port.

Previously, we were doing similar magic for Dimension.
As per its documentation, when running unfederated, one is to enable
the openid listener as well. As per their recommendation, people
are advised to do enable it on the Client-Server API port
and use the `federationUrl` variable to override where the federation
port is (making federation requests go to the Client-Server API).

Because ma1sd always uses the federation port (unless you do some
DNS overwriting magic using its configuration -- which we'd rather not
do), it's better if we just default to putting the `openid` listener
where it belongs - on the federation port.

With this commit, we retain the "automatically enable openid APIs" thing
we've been doing for Dimension, but move it to the federation port instead.
We also now do the same thing when ma1sd is enabled.
2020-12-08 16:59:20 +02:00
Slavi Pantaleev 3fd198e89a Add notes about running Ansible on Ubuntu 20.04
Discussed in #669 (Github Issue).
2020-10-15 11:35:29 +03:00
Chris van Dijk cb94167ccb Add missing parenthesis in docs 2020-05-27 17:00:44 +02:00
Chris van Dijk 84e2e31d07 Linking to a file is more robust than linking to a line number 2020-05-27 16:40:05 +02:00
Chris van Dijk 1b47197c91 Minor docs formatting cleanup 2020-05-27 15:55:11 +02:00
Chris van Dijk 256de59a75 Add note on port forwarding to docs when running Jitsi behind NAT 2020-05-27 14:33:17 +02:00
Horvath Gergely 441278412b add explicit information for the Rapsberry pi 2020-04-19 13:51:26 +02:00
skoal ab58b3fc9e
Update prerequisites.md
Added Jitsi firewall ports
2020-04-09 14:31:42 +02:00
Christian Wolf 1b87dbf54b Added documentation to README file 2020-03-28 17:33:51 +01:00
Slavi Pantaleev 22ce50875a Mention that root access is a requirement
Fixes #396 (Github Issue).
2020-03-15 13:04:55 +02:00
Horvath Gergely 447dd94ff9 update documentation 2020-03-14 20:41:01 +01:00
Horvath Gergely 470b9875e7 Document raspberry pi support 2020-02-23 19:32:00 +01:00
Slavi Pantaleev 50614f1bad Simplify Prerequisites a bit
Don't mention systemd-journald adjustment anymore, because
we've changed log levels to WARNING and Synapse is not chatty by default
anymore.

The "excessive log messages may get dropped on CentOS" issue no longer
applies to most users and we shouldn't bother them with it.
2019-11-10 08:35:17 +02:00
Slavi Pantaleev 9b84e06201 Add a note about CentOS 8 support 2019-11-10 08:31:08 +02:00
Aaron Raimist cb2cb70b31
Mention that ARM is not supported
Feel free to reword but we have had a couple of issues created now asking about Raspberry Pi support.
2019-11-08 08:55:36 -06:00
Slavi Pantaleev 0e4030f05c Add missing word 2019-07-09 09:14:57 +03:00
Slavi Pantaleev ef5e4ad061 Make Synapse not log to text files
Somewhat related to #213 (Github Pull Request).

We've been moving in the opposite direction for quite a long time.
All services should just leave logging to systemd's journald.
2019-07-04 17:46:31 +03:00
Slavi Pantaleev 9c401efb2d Add a note about beta/pre-release distros 2019-04-16 13:10:31 +03:00
Borjan Tchakaloff cbd629e7ea Specify that cron is likely required on the server
When using Let's Encrypt SSL certificates, a cronjob is set up to
automatically renew them. Though it does require a `cron`-compatible
program on the server.

This fixes the error that is caused by the `/etc/cron.d` directory
not existing and the `ansible-cron` module trying to write out a
file there -- without checking if the directory exists first.
2019-03-22 17:44:24 +01:00
Slavi Pantaleev 59e37105e8 Add TLS support to Coturn 2019-03-19 10:24:39 +02:00
Slavi Pantaleev 10d9293121 Indicate that TURN ports are a range 2019-03-13 08:23:10 +02:00
Slavi Pantaleev c545d3eb85 Add support for serving base domain via matrix-nginx-proxy 2019-03-12 23:01:16 +02:00
Slavi Pantaleev a1f9869eb2 Improve documentation about getting the playbook 2019-03-10 17:02:20 +02:00
Slavi Pantaleev 747574ab56 Update Prerequisites a bit 2019-02-20 11:39:04 +02:00
Slavi Pantaleev 5148f8edf4 Update docs 2019-02-06 09:36:03 +02:00
Slavi Pantaleev b540427974 Mention alternative ways to do Server Delegation 2019-02-05 13:02:15 +02:00
Slavi Pantaleev f6ebd4ce62 Initial work on Synapse 0.99/1.0 preparation 2019-02-05 12:09:46 +02:00
Slavi Pantaleev 5135c0cc0a Add Ansible guide and Ansible version checks
After having multiple people report issues with retrieving
SSL certificates, we've finally discovered the culprit to be
Ansible 2.5.1 (default and latest version on Ubuntu 18.04 LTS).

As silly as it is, certain distributions ("LTS" even) are 13 bugfix
versions of Ansible behind.

From now on, we try to auto-detect buggy Ansible versions and tell the
user. We also provide some tips for how to upgrade Ansible or
run it from inside a Docker container.

My testing shows that Ansible 2.4.0 and 2.4.6 are OK.
All other intermediate 2.4.x versions haven't been tested, but we
trust they're OK too.

From the 2.5.x releases, only 2.5.0 and 2.5.1 seem to be affected.
Ansible 2.5.2 corrects the problem with `include_tasks` + `with_items`.
2019-01-03 16:24:14 +02:00
Slavi Pantaleev c48e31381d Add minimum version requirement for Ansible 2018-12-29 15:31:05 +02:00
Slavi Pantaleev 30c53cdea2 Split README into a bunch of files in docs/ 2018-08-08 10:07:02 +03:00