Commit graph

3294 commits

Author SHA1 Message Date
HarHarLinks ebf33f46b7 update hookshot passkey.pem path according to docs
https://github.com/Half-Shot/matrix-hookshot/issues/133#issuecomment-1007541580
2022-01-08 16:55:27 +01:00
HarHarLinks 912c238847 Upgrade Hookshot (1.0.0 -> 1.1.0) 2022-01-08 16:53:52 +01:00
HarHarLinks 495bfedc0d refine hookshot role using --test 2022-01-08 16:53:48 +01:00
Slavi Pantaleev 4e4fb98a65 Do not install fuse unless necessary
Discussed here: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1510
2022-01-08 14:14:46 +02:00
Slavi Pantaleev 0f59c4056e Set up well-known when invoked with the setup-dendrite tag 2022-01-07 16:00:51 +02:00
Slavi Pantaleev 139c574cdb Move checks from unused validate_config.yml file elsewhere 2022-01-07 16:00:51 +02:00
Slavi Pantaleev 90c9801c56 Use ExecStopPost instead of ExecStop
This is the equivalent of b1b4ba501f for the matrix-dendrite role.
2022-01-07 16:00:51 +02:00
Slavi Pantaleev 61c0930325 Suppress output for ExecStartPre/ExecStop commands
This brings matrix-dendrite.service in line with all the other services.
2022-01-07 16:00:51 +02:00
Slavi Pantaleev 5c3c0d0d58 Set Dendrite's real_ip_header correctly 2022-01-07 16:00:51 +02:00
Slavi Pantaleev 05b4572fab Fix matrix_dimension_homeserver_federationUrl for Dendrite 2022-01-07 16:00:51 +02:00
Slavi Pantaleev 965890bf75 Derive secrets from matrix_homeserver_generic_secret_key, not matrix_synapse_macaroon_secret_key
We're trying to move away from implementation-specific variables,
hoping for a clean (implementation-neutral) examples/vars.yml file.
2022-01-07 16:00:42 +02:00
Slavi Pantaleev 1dfe21944f Make matrix_homeserver_implementation influence matrix_IMPLEMENTATION_enabled, not the other way around
Doing this seems more reasonable and simpler.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev 4139290cc9 Rename some variables for consistency 2022-01-07 15:59:35 +02:00
Slavi Pantaleev 2bd33e5cf2 Make --tags=register-user work for both Dendrite/Synapse
Also get rid of `--tags=update-user-password` in the
`matrix-dendrite` role, as what we had doesn't work.

We may be able to do it with some Ansible helper or something else.
For now, we'll omit this feature.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev f8a8d7d310 Fix /usr/local/bin/matrix-dendrite-create-account
We also need to fix `--tags=register-user`. This tag is currently
defined in both the `matrix-synapse` and `matrix-dendrite` roles.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev b297e8ee2b Delay Dendrite startup so that matrix-postgres.service can start 2022-01-07 15:59:35 +02:00
Slavi Pantaleev 9f6e8f5eaf Remove matrix_s3 references from matrix-dendrite role
All the `matrix_s3_*` stuff happens in the `matrix-synapse` role.

If we are to have such S3 support for Dendrite, we should probably
extract it out of the `matrix-synapse` role (into a `matrix-s3` role or
`matrix-goofys`, etc.) and wire `matrix-dendrite` accordingly.

This may or may not be done in the future though. For now, I'm
cleaning things up in the `matrix-dendrite` role.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev 3b9d5b13e9 Add support for not serving Dendrite federation APIs on the client port
Seems like Dendrite encourages serving both the Client and Federation
API at the same port.

Coming from Synapse and how things are done there, we have separate
ports. Using separate ports probably makes matrix-corporal (etc.)
integration easier, so separating the APIs by default probably makes
sense.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev ecc237bbad Initial work on getting nginx reverse proxying working with Dendrite 2022-01-07 15:59:35 +02:00
Slavi Pantaleev 2f57c51733 Remove useless check
Since 025a5ab5e5f6bdb3, we do a similar check in matrix-base.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev 3cf9f87097 Add matrix_homeserver_implementation, tracking the current homeserver implementation
The goal is to have a single variable which tells us which homeserver
software is in use. Much simpler than having if/elif/elif checks for
variables like (`matrix_synapse_enabled` and `matrix_dendrite_enabled`, etc.)
everywhere.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev 63968cb04f Upgrade Dendrite (0.5.0 -> 0.5.1) 2022-01-07 15:59:35 +02:00
Slavi Pantaleev b2b62b7221 Add a variable to control Dendrite's disable_federation setting 2022-01-07 15:59:35 +02:00
Slavi Pantaleev 5b148921a0 Upgrade Dendrite (0.3.11 -> 0.5.0) and update configuration
This brings dendrite.yaml up to date and cleans things up a bit.
2022-01-07 15:59:35 +02:00
Slavi Pantaleev ccd3dc7a57 Remove Dendrite file logging
We refrain from logging to files for all components,
because we rely on systemd-journald anyway.
2022-01-07 15:59:35 +02:00
Jip J. Dekker 953a9ac718 Upgrade Dendrite (0.3.9 -> 0.3.11) 2022-01-07 15:59:35 +02:00
Jip J. Dekker cde2504966 Upgrade Dendrite (0.3.8 -> 0.3.9) 2022-01-07 15:59:35 +02:00
Aaron Raimist 265d048597 Upgrade Dendrite (0.3.6 -> 0.3.8) 2022-01-07 15:59:35 +02:00
Aaron Raimist fc62537fcf Remove Synapse and Goofys stuff 2022-01-07 15:59:35 +02:00
Jip J. Dekker 07af05690c Add initial role for Dendrite as alternative Matrix server 2022-01-07 15:59:35 +02:00
rakshazi 2836667df2
self-build consistency: missing var 2022-01-07 13:21:41 +02:00
rakshazi c191bf54ca
self-build consistency: add deprecation warnings 2022-01-07 13:17:39 +02:00
rakshazi d9dd524db3
self-build consistency: rename vars everywhere 2022-01-07 12:18:45 +02:00
Slavi Pantaleev b0c801a497 Rename variable for consistency (matrix_bot_honoroit_container_self_build -> matrix_bot_honoroit_container_image_self_build)
Discussed in https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1514
2022-01-07 11:53:24 +02:00
rakshazi d66c812830
matrix-bot-honoroit: fix self-build 2022-01-07 09:06:25 +00:00
rakshazi d7af37e9e9
matrix-bot-honoroit feedback 2022-01-07 09:41:52 +02:00
rakshazi 407e8c4940
added honoroit 2022-01-06 20:30:10 +02:00
HarHarLinks b8ee1980ea refine hookshot role 2022-01-06 18:55:36 +01:00
Slavi Pantaleev 7dfb68b7f8 Add else statements to inline ifs
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1509
2022-01-06 11:05:02 +02:00
rakshazi 490f11ba0d
matrix-client-cinny: self_build feedback" 2022-01-06 09:11:28 +02:00
rakshazi 5788a16a2e
added matrix-client-cinny 2022-01-05 18:33:21 +02:00
Slavi Pantaleev b1b4ba501f Replace ExecStop with ExecStopPost
ExecStopPost should allow us to clean up (docker kill + docker rm)
even if the ExecStart (docker run ..) command failed, and not just after
a graceful service stop was initiated.

Source: https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStopPost=
2022-01-04 17:27:25 +02:00
Slavi Pantaleev 8515ac55e6 Upgrade nginx (1.21.4 -> 1.21.5) 2022-01-04 17:04:01 +02:00
Slavi Pantaleev b3a9160e0f
Merge pull request #1497 from jimeh/etherpad-add-optional-admin-access
feat(etherpad): add optional admin web-UI access
2022-01-04 09:20:39 +02:00
Slavi Pantaleev f0d7a8e99d
Use to_json 2022-01-04 09:18:31 +02:00
Slavi Pantaleev 3295eb15bf
Merge pull request #1500 from cnvandijk/deprecated-jitsi-interface-config
Remove Jitsi web interface_config.js in favour of custom-interface_config.js
2022-01-04 08:50:42 +02:00
Slavi Pantaleev bd91230cf8
Merge pull request #1502 from aaronraimist/mautrix-twitter
Update links to Mautrix Twitter bridge
2022-01-04 08:48:09 +02:00
HarHarLinks 621251c1e5 hookshot role groundwork 2022-01-03 21:25:03 +01:00
HarHarLinks c0f7c39f7d s/plabook/playbook 2022-01-03 18:34:21 +01:00
Aaron Raimist dc96526475
Update links to Mautrix Twitter bridge
Signed-off-by: Aaron Raimist <aaron@raim.ist>
2022-01-03 01:05:13 +00:00
Chris van Dijk bc5efa0dbc Remove Jitsi web interface_config.js in favour of custom-interface_config.js
As of docker-jitsi-meet stable-6433 [1], `/config/interface_config.js`
is regenerated on every boot. The correct way to modify the interface
config is now via `/config/custom-interface_config.js`, which is
appended to a default copy of `interface_config.js` by
`/etc/cont-init.d/10-config` on every boot of the docker image.

Given that `interface_config.js` is considered deprecated by upstream
(all options will eventually be moved to `config.js`), we also deprecate
the `matrix_jitsi_web_interface_config_*` variables in favour of
`matrix_jitsi_web_custom_interface_config_extension`.

[1] https://github.com/jitsi/docker-jitsi-meet/blob/stable-6433/CHANGELOG.md#stable-6433
2022-01-02 10:54:51 +01:00
Jim Myhrberg 993121e517
feat(etherpad): add optional admin web-UI access
Enables optional access to Etherpad's web-UI. This is useful for
managing Etherpad plugins.

Among other things, plugins makes it easy to manage/delete pads if you
install the adminpads2 plugin.
2022-01-01 03:12:14 +00:00
Slavi Pantaleev 948c411106 Remove sudo requirement for generating SSL certificates
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1492
2021-12-30 10:47:06 +02:00
Toni Spets cdf76bdbb7
Upgrade Heisenbridge (1.8.2 -> 1.9.0) 2021-12-29 21:05:41 +02:00
Slavi Pantaleev d166a90514
Merge pull request #1493 from SierraKiloBravo/allow-configuring-mautrix-telegram-name-templates
Allow editing of MXID/dispname templates for mautrix-telegram users
2021-12-29 10:19:49 +02:00
Slavi Pantaleev 908dc6c07a
Merge pull request #1491 from HarHarLinks/webhooks_fork
switch appservice-webhooks fork
2021-12-28 18:25:03 +02:00
HarHarLinks c2f3586ac6 switch appservice-webhooks fork
turt2live/matrix-appservice-webhooks -> redoonetworks/matrix-appservice-webhooks
2021-12-28 17:12:28 +01:00
pushytoxin 1066baed38 Upgrade etherpad to 1.8.16
Extend the config template with the lines added in the past year
2021-12-28 15:02:28 +01:00
SierraKiloBravo 56e9ff1740 Added defaults and edited config template for mautrix-telegram, allowing editing of MXID/displayname templates for bridged users 2021-12-28 11:40:22 +01:00
Slavi Pantaleev 280c6c5424
Add |to_json 2021-12-27 21:45:13 +02:00
Alejo Diaz 297ed9ce36 Add encryption_enabled_by_default_for_room_type
This commit simply add encryption_enabled_by_default_for_room_type
variable.

Signed-off-by: Alejo Diaz <xlejo@protonmail.com>
2021-12-27 14:20:23 -03:00
Toni Spets 5df486f31e
Upgrade Heisenbridge (1.8.0 -> 1.8.2) 2021-12-25 18:05:41 +02:00
Slavi Pantaleev dcab14d9a8 Add self-building support to Beeper LinkedIn bridge
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1480

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1242
2021-12-23 13:04:09 +02:00
Toni Spets 061d6ac86f
Upgrade Heisenbridge (1.7.1 -> 1.8.0) 2021-12-22 19:04:21 +02:00
Slavi Pantaleev f6f81a85de
Enable notifications during backfill
.. as per the default bridge config.

Source: f848710c01/mautrix_twitter/example-config.yamll (L147)
2021-12-22 15:27:35 +02:00
Shreyas Ajjarapu ed0fcd618c
Update config.yaml.j2 2021-12-21 21:37:09 -06:00
Shreyas Ajjarapu 99b59f73f4
Merge branch 'spantaleev:master' into master 2021-12-21 21:36:09 -06:00
Catalan Lover eb0c332f80
Update Synapse Version from 1.49.1 to 1.49.2
This upgrade is technically not needed due to 1.49.1 and 1.49.2 being identical with a lone fix to Debian packaging being the only change. 

Still some might want us to be on the absolutely latest version even tho these 2 are practically identical.

ARM64 has yet to be built so this has to wait for that before merge.
2021-12-21 19:29:56 +01:00
Shreyas Ajjarapu bae375f3af
Merge branch 'spantaleev:master' into master 2021-12-21 09:32:16 -06:00
Catalan Lover 6c9f6c28de
Update Synapse from 1.49.0 to 1.49.1
This update fixes a sync issue that would cause some users to experience sync issues that could cause initial sync to completely fail.
2021-12-21 14:15:13 +01:00
Shreyas Ajjarapu 3509f648af
Update config.yaml.j2 2021-12-21 00:28:55 -06:00
Shreyas Ajjarapu cddbb1ffa0
Update config.yaml.j2 2021-12-21 00:27:45 -06:00
Shreyas Ajjarapu 6a9775520b
Update validate_config.yml 2021-12-21 00:13:08 -06:00
Shreyas Ajjarapu 87bc9bd146
Update validate_config.yml 2021-12-20 23:36:05 -06:00
Shreyas Ajjarapu 3441e1a307
Merge branch 'spantaleev:master' into master 2021-12-20 23:25:39 -06:00
array-in-a-matrix 2d49b95006 missing uppercase in bot name 2021-12-20 16:55:15 -05:00
WobbelTheBear dad1a23aa8
Update Element version (v1.9.7 -> v1.9.8) 2021-12-20 17:44:08 +01:00
Slavi Pantaleev 01b6bba9d7 Make Synapse's url_preview_accept_language default to 'en-US, en'
Related to https://github.com/matrix-org/synapse/issues/11604

Getting an upstream fix is preferable. In any case, it's probably nice
to have this defined explicitly in our configuration. This way, people
can more easily discover that they can override the URL preview
language.
2021-12-18 15:17:14 +02:00
SkepticalWaves e8237ea37e
Update synapse-admin to newest tagged release 2021-12-17 15:23:44 -05:00
Slavi Pantaleev afd7f03bb5 Minor comment changes 2021-12-17 17:30:40 +02:00
Slavi Pantaleev fa704f104b Add support for using custom ACME CA servers (other than Let's Encrypt')
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1468
2021-12-17 17:30:21 +02:00
Slavi Pantaleev 4625b34acc Fix failure trying to stop orphaned systemd services
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1461
2021-12-17 17:18:35 +02:00
Alexander Bersenev 45119ea9df
Remove a space from XMPP_INTERNAL_MUC_DOMAIN
The domain is invalid with space, so it shouldn't be here
2021-12-17 05:47:47 +05:00
Slavi Pantaleev d45d30cc3f
Merge pull request #1467 from GoMatrixHosting/gomatrixhosting-testing
GoMatrixHosting v0.6.7
2021-12-16 08:16:17 +02:00
PC-Admin 2579f6f49b add new defaults for AWX section 2021-12-16 07:51:27 +08:00
Slavi Pantaleev 60592fd6a8 Fix Jitsi logging.properties conditional being interpreted as Jinja code
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1464
2021-12-15 21:22:29 +02:00
Slavi Pantaleev 0f569df629
Merge pull request #1464 from sakkiii/jitsi-update
Update Jitsi to stable-6726-1
2021-12-15 17:46:24 +02:00
sakkiii 42cd4d2c8d crontab mount dir should exists 2021-12-15 20:14:47 +05:30
Slavi Pantaleev a2cdc8b543
Merge pull request #1466 from sakkiii/patch-3
Update coturn (4.5.2-r4 -> 4.5.2-r8)
2021-12-15 15:24:37 +02:00
sakkiii 980c2b9a80
Update coturn (4.5.2-r4 -> 4.5.2-r8) 2021-12-15 18:35:13 +05:30
sakkiii 8a0c7913be
Grafana Updata (8.3.1 -> 8.3.3) 2021-12-15 18:33:09 +05:30
sakkiii 55860bf38f Jitsi update - sentry logging added 2021-12-15 18:23:29 +05:30
sakkiii 12832d8a68 jitsi update 2021-12-15 18:05:52 +05:30
PC-Admin 9b4e4477d9 Merge remote-tracking branch 'upstream/master' into gomatrixhosting-testing 2021-12-15 15:10:06 +08:00
PC-Admin aef9a1ea1f GoMatrixHosting v0.6.7 2021-12-15 15:07:41 +08:00
Wm Salt Hale 3001b2d32d
Merge branch 'spantaleev:master' into default_room_version_9 2021-12-14 18:19:26 -08:00
Slavi Pantaleev 5be1310541 Upgrade Synapse (1.48.0 -> 1.49.0) 2021-12-14 16:54:35 +02:00
Matthew Cengia 2b83aeb87e Update Mautrix-Twitter image path 2021-12-14 22:36:23 +11:00
Matthew Cengia cb608c06aa Remove references to sqlite
Remove references to sqlite since we should just use postgres from the
outset.
2021-12-14 22:36:23 +11:00
Matthew Cengia 68e6311a9f Update mautrix-twitter config to be Jinja2 template
Updates based off the variable names used in mautrix-facebook role.

Also update port number in defauts/main.yml, and disable presence
checking, because Twitter doesn't support that.
2021-12-14 22:36:23 +11:00
Matthew Cengia 8282ab48c7 Replace bridge config with one from upstream
Source: 12f420ab95/mautrix_twitter/example-config.yaml
2021-12-14 22:36:23 +11:00
Matthew Cengia 7afe8103da Find/replace Facebook with Twitter
find roles/matrix-bridge-mautrix-twitter -type f -exec sed -i \
  -e 's/facebook/twitter/g' \
  -e 's/Facebook/Twitter/g' \
  -e 's/FB/Twitter/g' \
  -e 's/fb/twitter/g' {} +
2021-12-14 22:36:23 +11:00
Matthew Cengia e9e4d8f250 Rename mautrix-twitter systemd file 2021-12-14 22:36:23 +11:00
Matthew Cengia 6b9b824964 Copy matrix-bridge-mautrix-facebook as base for matrix-bridge-mautrix-twitter 2021-12-14 22:36:23 +11:00
rakshazi 1f0d56fb75
(Security fix) Update Element 1.9.6 -> 1.9.7
Ref: https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk
2021-12-13 15:55:40 +00:00
ppacheco28 eca26e49e1 Update Jitsi to version stable-6727 2021-12-11 11:09:06 -03:00
laszabine dd903ffcc2
Updated signald docker image path 2021-12-11 16:16:41 +00:00
SkepticalWaves bbab82ee64
Fix email sending broken by #1406 2021-12-11 10:26:55 -05:00
AnonyPla ece163b29f
Upgrade Mjolnir from 1.1.20 to version 1.2.1 (#1422)
* Upgrade Mjolnir from 1.1.20 to version 1.2.1

https://hub.docker.com/r/matrixdotorg/mjolnir/tags

using the "latest" tag seems inefficient as it doesn't actually redirect to the latest release

In any case, the latest release is now 1.2.1

docker pull matrixdotorg/mjolnir:v1.2.1

* Fixup

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2021-12-11 10:16:33 +02:00
Slavi Pantaleev b1d8e39612
Merge pull request #1446 from hypn0tick/master
Add support for creation of Jitsi internal authentication users in vars.yml
2021-12-11 10:14:50 +02:00
Slavi Pantaleev 6568b68759
Fix validation message
The check was checking for an empty string in `matrix_jitsi_prosody_auth_internal_accounts`,
which is unlikely to happen. We should check for an empty list instead.

The check was not validating username/password values, so telling the user that they need a non-empty
username/password is misleading. It was merely checking if there's at least one entry in the list.

This patch adjusts the check and message accordingly.
2021-12-11 10:14:33 +02:00
ppacheco28 c116f268f2 Fixed type mismatch 2021-12-09 19:30:32 -03:00
Slavi Pantaleev a9e222d523 Remove useless variable (matrix_appservice_webhooks_control_room_id)
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1447

Seems like there's such a variable in the
`matrix-bridge-appservice-slack` role, which is probably where it got
copied over from.
2021-12-09 19:46:20 +02:00
Slavi Pantaleev f6238c9305
Merge pull request #1443 from aaronraimist/v3-again
Run `workers-doc-to-yaml.sh`
2021-12-09 15:48:59 +02:00
Slavi Pantaleev 9b6bb9cad7
Merge pull request #1444 from aaronraimist/patch-1
Fix comments about `_database_*` variables
2021-12-09 15:45:33 +02:00
ppacheco28 0c101f20c4 Fixed unnecessary checking of user attributes, added check for matrix_jitsi_enable_auth boolean 2021-12-09 07:54:40 -03:00
ppacheco28 4c25c1df06 Changed matrix_jitsi_prosody_auth_internal_accounts default to an empty array, removed unused configuration declaration, and moved jibri configuration back to its proper place 2021-12-09 07:50:31 -03:00
ppacheco28 a26abb2f1b Removed an empty line (formatting) 2021-12-09 07:44:50 -03:00
ppacheco28 6e38ce42d8 Added check before stopping service, fixed unnecessary checking of user attributes, and created sections to clarify the file's purpose 2021-12-09 07:40:25 -03:00
ppacheco28 d086668f52 Ensure internal authentication users are properly configured 2021-12-09 02:42:36 -03:00
ppacheco28 dd1feffcc2 Add support for Jitsi internal authentication user creation 2021-12-08 20:14:18 -03:00
ppacheco28 f2cd37685c Add support for Jitsi internal authentication user creation 2021-12-08 19:52:05 -03:00
John M 286871b9b5 Add self-build for Dimension
Add a self-build option for the Dimension Dockerfile.
 - This helps further support arm64 hosts (i.e. A1.Flex w/Oracle)
2021-12-08 04:48:59 -08:00
Aaron Raimist fac497faa5
Fix comments in other roles 2021-12-08 10:13:12 +00:00
Aaron R 421b055cb5
Fix comment about matrix_mautrix_whatsapp_database_* variables
Was renamed in 087dbe4ddc

It is unclear to me if there is anything you actually need to adjust with these variables. It looks like that is done automatically in `matrix_servers`.
2021-12-08 04:09:09 -06:00
Aaron Raimist 0071828503
Run workers-doc-to-yaml.sh
1472958e25 reverted some of the v3 changes. I'm not sure why. Running the `workers-doc-to-yaml.sh` script now puts them back 🤷‍♂️.
2021-12-08 08:37:55 +00:00
Catalan Lover 18daf8f3da
Update Grafana from 8.3.0 to 8.3.1 due to Security Flaw
https://grafana.com/blog/2021/12/07/grafana-8.3.1-8.2.7-8.1.8-and-8.0.7-released-with-high-severity-security-fix/
2021-12-07 21:52:49 +01:00
Slavi Pantaleev ff720bedce Upgrade matrix-postgres-backup default to v14
Related to c08880d175
2021-12-07 19:43:33 +02:00
WobbelTheBear 391e095cb9
Update main.yml 2021-12-06 19:56:13 +01:00
Slavi Pantaleev 9babaa5a2b Fix mx-puppet-discord media URLs using container-network URLs (http://matrix-nginx-proxy:12080) 2021-12-06 13:40:01 +02:00
Jan 20bc3eb24b Update signal bridge configuration template 2021-12-04 22:08:59 +01:00
Slavi Pantaleev 42352b491c
Merge pull request #1432 from wol-win/prometheus
Update prometheus (v2.30.3 -> v2.31.1)
2021-12-02 15:01:03 +02:00
Slavi Pantaleev 971a751a5e
Merge pull request #1433 from wol-win/redis
Update redis (6.2.4 -> 6.2.6)
2021-12-02 15:00:45 +02:00
WobbelTheBear 229b93d7c8
Update redis (6.2.4 -> 6.2.6) 2021-12-02 13:54:57 +01:00
WobbelTheBear 3f0e8122ec
Update prometheus 2021-12-02 13:41:12 +01:00
WobbelTheBear 27e1451cbc
Update main.yml 2021-12-02 13:31:57 +01:00
Slavi Pantaleev d584b44f10 Upgrade matrix-corporal (2.2.1 -> 2.2.2) 2021-12-01 08:23:35 +02:00
Slavi Pantaleev 1472958e25 Upgrade Synapse (1.47.1 -> 1.48.0) 2021-11-30 16:35:23 +02:00
SkepticalWaves 8e1463a6a1
Update matrix-bridge-mautrix-telegram version 2021-11-28 21:59:33 -05:00
Slavi Pantaleev 61391647e9 Make /.well-known/matrix/client and /.well-known/matrix/server customizable
We recently had someone need to inject additional configuration into
`/.well-known/matrix/client` as described here:
22b245bbd1/docs/bigbluebutton.md (have-dimension-create-meetings-with-elements-video-call-button)

There may be other use cases as well.
2021-11-26 15:28:03 +02:00
Slavi Pantaleev cfc79ebe29 Upgrade exim-relay (4.94.2-r0-5 -> 4.95-r0) 2021-11-25 09:21:05 +02:00
Slavi Pantaleev 3a9fe48deb Make matrix-nginx-proxy's X-Forwarded-For header customizable
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1393
2021-11-24 11:32:06 +02:00
PC-Admin 37191d98c5 GoMatrixHosting v0.6.6 2021-11-24 10:43:25 +08:00
Toni Spets e8a57ad432 Upgrade Heisenbridge (1.7.0 -> 1.7.1) 2021-11-23 15:03:09 +02:00
Slavi Pantaleev 6b07ee3b58 Upgrade Synapse (1.47.0 -> 1.47.1) - security fixes
Learn more here: https://github.com/matrix-org/synapse/releases/tag/v1.47.1
2021-11-23 14:50:07 +02:00
WobbelTheBear e11e31e2c6
Update main.yml 2021-11-22 16:53:20 +01:00
Slavi Pantaleev fc751f0330 Upgrade exim-relay (4.94.2-r0-4 -> 4.94.2-r0-5) 2021-11-20 09:31:04 +02:00
Slavi Pantaleev 2734adfb4e Upgrade matrix-corporal (2.2.0 -> 2.2.1) 2021-11-20 09:28:27 +02:00
Slavi Pantaleev 3b27ce2ff6
Merge pull request #1404 from aaronraimist/v3
Allow workers to serve new v3 APIs
2021-11-19 10:54:47 +02:00
Slavi Pantaleev 2e73dac39f Upgrade matrix-corporal (2.1.4 -> 2.2.0)
There was also a 2.1.5 security release made today.
2.2.0 contains the same security fix + more.

Both make handling of Client-Server API v3-prefixed requests better.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1404
2021-11-19 10:53:09 +02:00
Toni Spets 110d91b06e Upgrade Heisenbridge (1.6.0 -> 1.7.0) 2021-11-18 13:05:30 +02:00
rakshazi d41e9230da
expose smtp_user and smtp_pass to ansible configs (role: matrix-synapse) 2021-11-17 21:34:46 +02:00
Slavi Pantaleev e1a6d1e4b2 Upgrade Synapse (1.46.0 -> 1.47.0)
We had to remove UID/GID environment variables that we used to pass
to the Synapse container, because it was causing a problem after
https://github.com/matrix-org/synapse/pull/11209

We were using both `--user` and UID/GID environment variables until now.
2021-11-17 17:21:15 +02:00
Aaron Raimist f8fe68b385
Allow workers to serve new v3 APIs
1f196f59cb
2021-11-17 14:54:49 +00:00
Slavi Pantaleev 75cb4ce3b0 Add warning about matrix_ma1sd_default_port being renamed
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1403
2021-11-17 10:38:52 +02:00
Slavi Pantaleev b4fb819481
Merge pull request #1403 from borisrunakov/rename-matrix-ma1sd-default-port
remove default from variable name
2021-11-17 10:35:54 +02:00
Slavi Pantaleev 6bbc2054b8
Merge pull request #1402 from borisrunakov/matrix-synapse-container-client-api-port
make 8008 configurable
2021-11-17 10:34:40 +02:00
boris runakov 394ecb0acc remove default from variable name 2021-11-16 21:14:28 +02:00
boris runakov d3a9ec98de refactoring 2021-11-16 21:03:21 +02:00
Slavi Pantaleev 5fc533eca5
Merge pull request #1400 from IUCCA/master
Updated Mautrix-WhatsApp config
2021-11-16 15:50:06 +02:00
iucca 949ae80117 added server_map variable and renamed secret_map 2021-11-16 14:22:06 +01:00
iucca b272e6147a Resolved server_map 2021-11-16 13:37:11 +01:00
boris runakov 1ec67f49b0 replaced 8008 where possible 2021-11-15 22:43:05 +02:00
IUCCA adf2dc13b3
Update main.yml 2021-11-15 19:27:49 +01:00
iucca 3535c97117 updated whatsapp config 2021-11-15 19:25:08 +01:00
iucca ae122466fc updated whatsapp config 2021-11-15 19:23:28 +01:00
Slavi Pantaleev e72ae8bc48 Upgrade matrix-corporal (2.1.3 -> 2.1.4) 2021-11-15 17:23:25 +02:00
Slavi Pantaleev c1bc7b9f93 Rename variables to prevent confusion
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1397
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1399
2021-11-15 14:56:11 +02:00
Slavi Pantaleev ba48aa70f7 Fix variable name typo
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1397
2021-11-15 14:52:08 +02:00
Slavi Pantaleev dc4452ac21
Merge branch 'master' into matrix-federation-api-port 2021-11-15 14:49:03 +02:00
Slavi Pantaleev edf63bfdd7
Add some to_json invocations 2021-11-15 14:48:25 +02:00
Slavi Pantaleev 994c0e504c Ensure some matrix-nginx-proxy variables are defined
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1397
2021-11-15 14:46:44 +02:00
Slavi Pantaleev 0152ecef1c
Merge pull request #1397 from borisrunakov/synapse_container_federation_port
Synapse container federation port
2021-11-15 14:45:34 +02:00
boris runakov 8c3e25de1b renamed var to matrix_synapse_container_federation_api_port 2021-11-15 13:01:22 +02:00
boris runakov 28d9c3192e Merge branch 'master' into matrix-federation-api-port 2021-11-15 12:49:47 +02:00
b 07496069c8 rellocating variables for consistency 2021-11-15 12:07:54 +02:00
Slavi Pantaleev 0d4764a213 Upgrade matrix-corporal (2.1.2 -> 2.1.3)
2.1.3 fixes a security vulnerability, which allowed attackers to
circuimvent policy checks by sending HTTP requests with trailing slashes.

Learn more in the matrix-corporal changelog: https://github.com/devture/matrix-corporal/blob/master/CHANGELOG.md
2021-11-15 11:24:12 +02:00
Slavi Pantaleev c08880d175 Upgrade postgres-backup to v14 2021-11-15 09:15:44 +02:00
Slavi Pantaleev 10523b700c
Merge pull request #1396 from aaronraimist/postgres
Postgres Minor Updates (14.1, 13.5, 12.9, 11.14, 10.19)
2021-11-15 08:35:26 +02:00
Slavi Pantaleev 8abe1ac483 Warn people if on an old SQLite-supporting mautrix-facebook version
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1401

https://github.com/mautrix/facebook/releases/tag/v0.3.2 says that this
version re-adds SQLite support.
2021-11-15 08:28:20 +02:00
Arthur Brugière 708a7108b3
Upgrade Mautrix Facebook bridge version 2021-11-15 10:29:13 +07:00
iucca 4ff8fddd72 updated whatsapp config, backfill doesn't work 2021-11-14 23:57:52 +01:00
iucca 1d0e594def updated whatsapp config, backfill doesn't work 2021-11-14 23:45:07 +01:00
b afccc2b11f make 8448 configurable instead of hard coded 2021-11-14 23:32:25 +02:00
Aaron Raimist 61b743f86d
Postgres Minor Updates (14.1, 13.5, 12.9, 11.14, 10.19) 2021-11-14 19:10:56 +00:00
b 5e97f5a4e6 fixed matrix_dimension_homeserver_federationUrl 2021-11-14 20:57:27 +02:00
b 7756cc4c8e replace port 8048 with matrix_synapse_container_default_federation_port 2021-11-14 20:30:13 +02:00
JokerGermany c0656448f7 Port 80 for IPv6 2021-11-13 01:18:22 +01:00
Toni Spets f01b9c3865 Upgrade Heisenbridge (1.5.0 -> 1.6.0) 2021-11-12 04:50:29 +02:00
Slavi Pantaleev c4d2c8394c Abort if on an unsupported Postgres version (v9.6)
Official support ends today (2021-11-11).
Synapse still supports v9.6, but we'd better force users to transition
to newer versions anyway.
2021-11-11 15:42:34 +02:00
sakkiii cd26af2f6f
Certbot Update (v1.20.0 -> v1.21.0) 2021-11-10 22:58:45 +05:30
sakkiii 7a4f49c457
Nginx Minio Update (1.21.3 -> 1.21.4) 2021-11-10 22:52:23 +05:30
Slavi Pantaleev 735c966ab6 Disable systemd services when stopping to uninstall them
Until now, we were leaving services "enabled"
(symlinks in /etc/systemd/system/multi-user.target.wants/).

We clean these up now. Broken symlinks may still exist in older
installations that enabled/disabled services. We're not taking care
to fix these up. It's just a cosmetic defect anyway.
2021-11-10 17:39:21 +02:00
teutat3s 367cddb715
Upgrade Element (v1.9.4) 2021-11-09 15:01:18 +01:00
Slavi Pantaleev 143b0f26d9 Restore usage of some _environment_variables_extension Jitsi variables
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1377

Regresion since https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1139
2021-11-08 10:34:09 +02:00
b 6eaa8ac65a add server_name to matrix-synapsel.conf only if matrix_nginx_proxy_enabled 2021-11-05 15:31:10 +02:00
Toni Spets 09ac6a0e8c Upgrade Heisenbridge (1.4.1 -> 1.5.0) 2021-11-05 10:31:31 +02:00
Slavi Pantaleev 7b8b595e81 Upgrade Synapse (1.45.1 -> 1.46.0) 2021-11-02 17:42:13 +02:00
Slavi Pantaleev dae117c91b Bump Hydrogen (0.2.7 -> 0.2.19) 2021-11-02 15:57:18 +02:00
Slavi Pantaleev 4586efebd7
Merge pull request #1369 from borisrunakov/configurable-ma1sd-port
change port 8090 to matrix_ma1sd_default_port
2021-11-01 10:50:14 +02:00
Slavi Pantaleev 0434e3bf8f Allow force-patching webpack.config.js when self-building Element
We were applying the low-memory system patch to webpack.config.js
on systems with < 4GB memory.

From now on, we also let people force-enable patching by toggling the
`matrix_client_element_container_image_self_build_low_memory_system_patch_enabled`
variable.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
2021-11-01 09:08:18 +02:00
b dcda17595a change port 8090 to matrix_ma1sd_default_port 2021-10-31 21:06:22 +02:00
Toni Spets 17fc055d53
Upgrade Heisenbridge (1.4.0 -> 1.4.1) 2021-10-31 18:31:31 +02:00
PC-Admin c6c68e00a4 merge upstream 2021-10-31 08:56:48 +08:00
Patrick C. F. Ernzer 65182ea0f2 fixes #1365
docker-ce does not like quotes around the shm-size value
2021-10-30 13:13:30 +02:00
Slavi Pantaleev fc593bc8ab Increase shm-size for Postgres container to fix VACUUM
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1268

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1364

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1362
2021-10-30 09:53:56 +03:00
Slavi Pantaleev c8a8035de4 Make it possible to self-build Element on low-memory devices (<4G RAM)
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
2021-10-29 11:13:01 +03:00
Slavi Pantaleev 39fa852ed6 Remove unnecessary if checks
Should have been done in 63f5a88fa0.
2021-10-29 10:41:11 +03:00
Slavi Pantaleev 63f5a88fa0 Separate install/uninstall tasks for Element and Hydrogen 2021-10-29 10:29:54 +03:00
Toni Spets 124b9608fc Upgrade Heisenbridge (1.3.0 -> 1.4.0) 2021-10-28 21:07:11 +03:00
Thom Wiggers 32f15e9bf0
update IRC appservice
https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.32.1
2021-10-28 15:21:58 +02:00
sakkiii 0231302db9
Upgrade grafana (8.1.4 -> 8.2.2) 2021-10-27 23:14:14 +05:30
sakkiii d09609b3bd
Update prometheus (2.29.2 -> 2.30.3) 2021-10-27 23:11:01 +05:30
throwawayay d31cdb071a
Upgrade Element (v1.9.3)
https://github.com/vector-im/element-web/releases/tag/v1.9.3
2021-10-25 12:44:58 -04:00
Slavi Pantaleev 06bcdcf9d2
Merge pull request #1311 from HarHarLinks/master
add auto proxy synapse worker metrics
2021-10-25 09:21:11 +03:00
Kim Brose 5f6bbafa17
fix space before tab in indent 2021-10-24 16:00:42 +02:00
Toni Spets d7af78066b Upgrade Heisenbridge (1.2.1 -> 1.3.0) 2021-10-21 19:55:13 +03:00
Slavi Pantaleev 09ac950d17 Fix dump importing (backup restore) into Postgres v14
In short, the problem is that older Postgres versions store passwords
hashed as md5. When you dump such a database, the dump naturally also
contains md5-hashed passwords.
Restoring from that dump used to create users and updates their passwords
with these md5 hashes.
However, Postgres v14 prefers does not like md5-hashed passwords now (by default),
which breaks connectivity. Postgres v14 prefers `scram-sha-256` for
authentication.

Our solution is to just ignore setting passwords (`ALTER ROLE ..`
statements) when restoring dumps. We don't need to set passwords as
defined in the dump anyway, because the playbook creates users
and manages their passwords by itself.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1340
2021-10-21 16:38:56 +03:00
PC-Admin 7f140e9be2 Merge remote-tracking branch 'upstream/master' into gomatrixhosting-testing 2021-10-21 10:27:45 +08:00
PC-Admin 725150565a GoMatrixHosting v0.6.3 hotfix2 2021-10-21 10:25:23 +08:00
Slavi Pantaleev 86614d6357
Merge pull request #1345 from GoMatrixHosting/gomatrixhosting-testing
GoMatrixHosting v0.6.3 [hotfix]
2021-10-20 17:04:55 +03:00
Slavi Pantaleev 5dc2868269 Upgrade Synapse (1.45.0 -> 1.45.1) 2021-10-20 15:08:07 +03:00
HarHarLinks 7b33fc8e19 fixup! auto-generate prometheus.yml for workers metrics 2021-10-20 13:30:38 +02:00
HarHarLinks ce41674e61 auto-generate prometheus.yml for workers metrics 2021-10-20 12:51:00 +02:00
HarHarLinks 4209c4208c add own variable for worker metrics
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1311#issuecomment-945718866
2021-10-20 12:51:00 +02:00
PC-Admin 75cfad57ca GoMatrixHosting v0.6.3 hotfix 2021-10-20 18:00:55 +08:00
Slavi Pantaleev 1dab178a44 Upgrade Synapse (1.44.0 -> 1.45.0) 2021-10-19 16:25:00 +03:00
PC-Admin d65607c48f Merge remote-tracking branch 'upstream/master' into gomatrixhosting-testing 2021-10-19 17:48:23 +08:00
PC-Admin 18395e73d3 GMH v0.6.3 2021-10-19 17:45:15 +08:00
Slavi Pantaleev 5284afc60e
Merge pull request #1333 from Samonitari/add-support-for-suse-linux
Add support for suse linux
2021-10-15 09:50:02 +03:00
Slavi Pantaleev 8c15555d00 Upgrade Element (1.9.0 -> 1.9.2) 2021-10-15 09:27:26 +03:00
Wm Salt Hale a1cbd5459c
Update Synapse default room version (6 -> 9)
From the [Synapse 1.43.0 release highlights](https://matrix.org/blog/2021/09/21/synapse-1-43-0-released):
> Asks clients to prefer [room version 9](https://github.com/matrix-org/matrix-doc/pull/3375) when creating restricted rooms ([#10772](https://github.com/matrix-org/synapse/issues/10772)), via the API defined in [MSC3244: room version capabilities](https://github.com/matrix-org/matrix-doc/pull/3244).
2021-10-12 09:49:16 -07:00
Luke 1dac525e63 Added Mautrix Google Chat 2021-10-12 11:45:04 +00:00
Slavi Pantaleev fb709152f3 Add self-building support for mautrix-whatsapp
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1322
2021-10-12 10:02:07 +03:00
Slavi Pantaleev 0c21b5a055
Merge pull request #1326 from GoMatrixHosting/gomatrixhosting-testing
GoMatrixHosting v0.6.2
2021-10-12 08:53:11 +03:00
Michael Collins fc0296b56e update element section 2021-10-12 12:20:53 +08:00
Aaron R 25d0ae7b67
Update matrix-appservice-slack (1.5.0 -> 1.8.0)
I am not using this bridge and haven't tested this but multiple people have said 1.5.0 isn't working and 1.8.0 works for them so it seems to make sense to update.

https://github.com/matrix-org/matrix-appservice-slack/issues/618#issuecomment-929849093
2021-10-11 18:36:07 -05:00
Michael Collins c630bc3eaa update element section 2021-10-11 15:13:09 +08:00
Michael Collins 46cba52e79 update element section 2021-10-11 15:00:11 +08:00
Michael Collins b4654f8992 update element section 2021-10-11 14:53:52 +08:00
Michael Collins 927633321a update element section 2021-10-11 13:34:46 +08:00
Michael Collins 676ba70971 update element section 2021-10-11 12:57:16 +08:00
Michael Collins 53f4b84d1f update element section 2021-10-11 12:55:49 +08:00
Michael Collins 8ff0ae27b8 update element section 2021-10-11 12:15:15 +08:00
Michael Collins 9f0a8965d5 update element config 2021-10-11 11:43:58 +08:00
Michael Collins 36883150c6 update 2021-10-11 11:30:30 +08:00
Michael Collins 291efc1163 update element section 2021-10-11 11:20:28 +08:00
Michael Collins 6a8799afcc wrap brand variable in single quotes too 2021-10-11 10:55:39 +08:00
Michael Collins 85bc12d14c saner handling of background variable 2021-10-11 10:37:02 +08:00
Michael Collins 79acf6fc7e update conditionals 2021-10-11 10:30:12 +08:00
Michael Collins a352ea4674 derp 2021-10-11 10:23:37 +08:00
Michael Collins 1ae103bbbe stop configure element from double wrapping this 2021-10-11 10:07:34 +08:00
Michael Collins 89c8ae94d6 update 2021-10-10 16:16:31 +08:00
Michael Collins a631587ebd this isnt needed 2021-10-10 14:44:27 +08:00
Michael Collins 07a5433c24 fix lineinfile 2021-10-10 14:39:36 +08:00
Michael Collins dd6e643581 first round of variable name changes 2021-10-10 14:10:06 +08:00
Michael Collins 175bdb100b first round of variable name changes 2021-10-10 13:23:49 +08:00
Michael Collins 6b9af38228 update? 2021-10-10 09:19:01 +08:00
Michael Collins f4410514f5 update variable names 2021-10-09 15:45:49 +08:00
Michael Collins de084c4d4d fix variable name change 2021-10-09 15:43:47 +08:00
Michael Collins fb23c7b697 Merge remote-tracking branch 'upstream/master' into gomatrixhosting-testing 2021-10-09 15:38:32 +08:00
Michael Collins a60a43cb08 change naming scheme of variables that feature in deploy. 2021-10-09 15:21:10 +08:00
Michael Collins 42af090a7c update naming scheme 1 2021-10-09 10:21:27 +08:00
Michael Collins df9da052ab fix conditional 2021-10-09 09:24:39 +08:00
Michael Collins 384dfdce4b update? 2021-10-09 08:58:10 +08:00
Samonitari 6f99f95aa2 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into add-support-for-suse-linux 2021-10-08 10:27:32 +02:00
Michael Collins b0d56f6c18 update conditionals 2021-10-08 14:28:37 +08:00
Michael Collins 208dce51d8 add new survey entries for welcome page link, headline and text 2021-10-08 14:18:59 +08:00
Michael Collins 0f4cb513b8 update survey 2021-10-08 13:16:09 +08:00
Michael Collins 8d9d176c36 update? 2021-10-07 13:29:55 +08:00
Michael Collins d1754915d1 improve conditional 2021-10-07 12:53:32 +08:00
Michael Collins ecc0437520 add logo section 2021-10-07 12:49:59 +08:00
Slavi Pantaleev 2bf052369d Upgrade certbot (v1.19.0 -> v1.20.0) 2021-10-06 15:14:38 +03:00
Slavi Pantaleev 278bbae4d5 Upgrade Synapse (1.43.0 -> 1.44.0) 2021-10-05 17:13:21 +03:00
Slavi Pantaleev bad2c5296e
Merge pull request #1312 from HarHarLinks/patch-4
add how to generate htpasswd
2021-10-05 11:29:44 +03:00
Michael Collins e3183ba267 Merge remote-tracking branch 'upstream/master' into gomatrixhosting-testing 2021-10-05 11:39:07 +08:00
Kim Brose 1ba7760ea4
add how to generate htpasswd
for matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_key
resolves #1308
2021-10-04 22:18:05 +02:00
HarHarLinks d9fa2f7ed4 add auto proxy synapse worker metrics
when matrix_nginx_proxy_proxy_synapse_metrics is enabled
2021-10-04 21:44:50 +02:00
Michael Collins 40506d5c5a no log 2021-10-02 12:43:14 +08:00
Slavi Pantaleev b5d8444764 Add self-building support to matrix-bridge-appservice-webhooks 2021-10-01 16:37:37 +03:00
Michael Collins c8744ef9a9 update deploy role for new awx token authentication method 2021-10-01 18:56:38 +08:00
Slavi Pantaleev 096c960b84 Add support for Postgres v14 2021-10-01 11:27:40 +03:00
Slavi Pantaleev 256d3ffec5
Merge pull request #1304 from apmechev/update-linkedin-0.5.1
Upgrade LinkedIn (0.5.0 -> 0.5.1)
2021-10-01 10:15:08 +03:00
Toni Spets 3119ef4574 Upgrade Heisenbridge (1.2.0 -> 1.2.1) 2021-09-30 08:42:58 +03:00
Slavi Pantaleev b4b14539a7 Use ntp (instead of systemd-timesyncd) on Ubuntu 18.04
Seems like Ubuntu 18.04 does not have a dedicated `systemd-timesyncd` package, nor
does it include the `systemd-timesyncd` binary in the main `systemd` package.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1302

Regression since https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1192
2021-09-28 13:38:27 +03:00
Alexandar Mechev f02c08dc7f Upgrade LinkedIn (0.5.0 -> 0.5.1) 2021-09-28 11:07:43 +02:00
Oli 59d4532efb
Upgrade Element (1.8.5 -> 1.9.0) 2021-09-28 07:40:00 +02:00
Jan 0ed585baa7
Archlinux: remove package systemd-timesyncd
#1192 lead to the following error for me on Archlinux:
`TASK [matrix-base : Install host dependencies] *******************************************************************************************************************************
fatal: [matrix.***.de]: FAILED! => changed=false 
  msg: |-
    failed to install systemd-timesyncd: error: target not found: systemd-timesyncd`

There is no package called `systemd-timesyncd` on Archlinux. The service is installed with the [`systemd`](https://archlinux.org/packages/core/x86_64/systemd/) package itself.

I suggest removing the `systemd-timesyncd` from 2453876eb9/roles/matrix-base/tasks/server_base/setup_archlinux.yml (L7)
2021-09-26 11:48:03 +02:00
Slavi Pantaleev 31396f0615
Merge pull request #1295 from nogweii/feat-support-upstream-https-forwarded
Support trusting the upstream server when it says the protocol is HTTPS
2021-09-26 09:54:15 +03:00
Slavi Pantaleev 4f841a7001
Merge pull request #1192 from sakkiii/patch-1
migrate from ntp to systemd-timesyncd for ubuntu & Archlinux
2021-09-25 10:15:40 +03:00
Slavi Pantaleev 62ce06e28c
Merge pull request #1298 from GoMatrixHosting/gomatrixhosting-testing
GoMatrixHosting v0.6.0
2021-09-25 09:35:53 +03:00
Michael Collins 9a4187c852 Merge remote-tracking branch 'upstream/master' into gomatrixhosting-testing 2021-09-25 10:56:26 +08:00
Aaron Raimist a676b5358c
Fix hydrogen OCSP typo
From 6f80292745
2021-09-24 20:09:06 -05:00
Colin Shea 2578ca4cee rename matrix_nginx_proxy_x_forwarded_header_value -> matrix_nginx_proxy_x_forwarded_proto_value 2021-09-24 05:22:30 -07:00
Colin Shea d0cd67044e replace $scheme with X-Forwarded-Proto when enabled 2021-09-24 05:14:38 -07:00
Toni Spets ff63f4efce Upgrade Heisenbridge (1.1.1 -> 1.2.0) 2021-09-23 10:18:46 +03:00
Michael Collins 33c471477f remove commented section 2021-09-22 09:44:52 +08:00
Slavi Pantaleev 7934cde90f Upgrade Synapse (1.42.0 -> 1.43.0)
Related to:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1287
- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1288

.. but does it in a more complete way
2021-09-21 18:17:50 +03:00
Slavi Pantaleev 35153093fc
Merge pull request #1283 from wol-win/irc-update
Update irc bridge version (release-0.30.0 -> release-0.31.0)
2021-09-21 10:51:11 +03:00
WobbelTheBear d82b98a522
Upgrade mjolnir (v0.1.19 -> v1.1.20)
Upgrade mjolnir (v0.1.19 -> v1.1.20)

Remark: interesting version number increase :-)
2021-09-20 16:53:13 +02:00
WobbelTheBear f542a3a7c8
Update release (release-0.30.0 -> release-0.31.0)
Update release (release-0.30.0 -> release-0.31.0)
2021-09-20 16:49:30 +02:00
Michael Collins 6902ee5aa7 add rotate ssh module to matrix-awx 2021-09-19 17:12:12 +08:00
Toni Spets 8b9c7b18ac Upgrade Heisenbridge (1.1.0 -> 1.1.1) 2021-09-17 21:31:02 +03:00
sakkiii 255cb97c41
Upgrade grafana (8.1.3 -> 8.1.4) 2021-09-17 15:50:06 +05:30
Slavi Pantaleev b166f0175a Upgrade Element (1.8.4 -> 1.8.5) 2021-09-15 09:36:21 +03:00
sakkiii 3055b3996e
Updates Certbot -> v1.19.0, nginx ->1.21.3-alpine 2021-09-14 16:51:01 +05:30
Toni Spets 4adbefab82 Upgrade Heisenbridge (1.0.1 -> 1.1.0) 2021-09-14 11:17:28 +03:00
Krisztian Szegi f364fba182 Fix tripping on timesync setup 2021-09-14 08:35:20 +02:00
Slavi Pantaleev 4b46913278 Upgrade Element (1.8.2 -> 1.8.4) to patch a security issue
See:
- https://github.com/vector-im/element-web/releases/tag/v1.8.4
- https://matrix.org/blog/2021/09/10/pre-disclosure-upcoming-critical-fix-for-several-popular-matrix-clients
2021-09-13 16:24:09 +03:00
Aaron Raimist f7e614b644
Add comment explaining why this step goes here 2021-09-11 20:44:00 -05:00
Aaron Raimist 82641092a7
Revert "Move some related tasks closer together in matrix-client-hydrogen"
This reverts commit e913347fe1.
2021-09-11 20:43:08 -05:00
WobbelTheBear df13ea5f14
Upgrade grafana (8.1.2 -> 8.1.3) (#1269)
Upgrade grafana (8.1.2 -> 8.1.3)
2021-09-09 09:33:22 +03:00
Slavi Pantaleev 0faad74a44 Upgrade Synapse (1.41.1 -> 1.42.0) 2021-09-07 20:44:18 +03:00
Michael Collins 8339103594 revert unneeded changes 2021-09-04 15:08:07 +08:00
Michael Collins ca705cf9dd Merge remote-tracking branch 'upstream/master' into testing 2021-09-04 14:24:13 +08:00
sakkiii ae6caf158a
Added variable matrix_nginx_proxy_request_timeout (#1265)
* add timeout param for nginx proxy

default value matrix_nginx_proxy_request_timeout is 60s

* default matrix_nginx_proxy_request_timeout - 60s

* few more variables for request timeout

* Update nginx.conf.j2

* Update nginx.conf.j2
2021-09-03 10:00:45 +03:00
Slavi Pantaleev a911207854 Revert "nginx update v1.21.2"
This reverts commit 732051b8fc.

There's no such container image published yet.
2021-09-03 09:07:58 +03:00
Slavi Pantaleev 115f365860
Merge pull request #1263 from hifi/feature/heisenbridge-1.0.1
Bump Heisenbridge to v1.0.1
2021-09-03 08:43:01 +03:00
sakkiii 732051b8fc
nginx update v1.21.2
http://nginx.org/en/CHANGES
2021-09-03 10:46:21 +05:30
Toni Spets c228343339 Bump Heisenbridge to v1.0.1 2021-09-03 07:58:48 +03:00
Slavi Pantaleev e913347fe1 Move some related tasks closer together in matrix-client-hydrogen 2021-09-01 16:47:43 +03:00
Slavi Pantaleev d384d0d7a0 Upgrade Element (1.8.1 -> 1.8.2) 2021-09-01 11:14:04 +03:00
Slavi Pantaleev 1c9124e3b7
Merge pull request #1260 from aaronraimist/self-build
Pull correct version when self building Mautrix Facebook and Synapse Admin
2021-08-31 17:30:49 +03:00
Aaron Raimist 3ab01a5f9e
Pull correct version when self building Mautrix Facebook and Synapse Admin 2021-08-31 08:43:52 -05:00
Catalan Lover 777ba6bc5a
Upgrade to Synaspe v 1.41.1 (Security Update)
Synapse 1.41.1 Patches 2 exploits that can reveal information about rooms an user is not supposed to have access to information about.
2021-08-31 14:54:23 +02:00
sakkiii 2453876eb9
Update main.yml 2021-08-31 16:24:26 +05:30
sakkiii 087a5d62f1
systemd-timesyncd for any archlinux version 2021-08-31 15:53:59 +05:30
Slavi Pantaleev 7fc1a94c30
Merge pull request #1258 from sakkiii/jitsi-fix
Jitsi Update (stable-5963 -> stable-6173)
2021-08-30 10:41:00 +03:00
Slavi Pantaleev 9d06dd61a6 Upgrade exim-relay (4.94.2-r0-3 -> 4.94.2-r0-4) 2021-08-30 10:09:51 +03:00
sakkiii 510f299c04 Syntex fixed 2021-08-29 21:43:39 +05:30
sakkiii 465d436b1b
Merge branch 'spantaleev:master' into jitsi-fix 2021-08-29 19:35:09 +05:30
sakkiii a43b109653 Jitsi Update stable-5963 2021-08-29 19:34:30 +05:30
sakkiii 6feb99076a
Update Coturn (4.5.2-r3 -> 4.5.2-r4) 2021-08-29 15:40:00 +05:30
WobbelTheBear 972077aa33
Update prometheus (2.29.1 -> 2.29.2)
Update prometheus (2.29.1 -> 2.29.2)
2021-08-27 16:51:38 +02:00
Slavi Pantaleev ad3d2a5aee
Merge pull request #1252 from sakkiii/patch-4
mjolnir & hydrogen Minor Updates
2021-08-25 20:23:57 +03:00
sakkiii e4ea32b89f
Hydrogen v0.2.7 2021-08-25 22:49:12 +05:30
sakkiii 44709465c9
mjolnir releases v0.1.19 2021-08-25 22:45:21 +05:30
sakkiii 86f5ba8348
Grafana Grafana v8.1 2021-08-25 22:43:07 +05:30
Slavi Pantaleev a4db9557db Update homeserver.yaml to match the one in Synapse v1.41.0
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1247
2021-08-25 09:51:50 +03:00
Slavi Pantaleev bb0e59de48
Merge pull request #1250 from wol-win/worker_trial
Endpoint changes for Client and media API due to migration to 1.41.0
2021-08-25 09:37:43 +03:00
Slavi Pantaleev b447fa8f34
Merge pull request #1247 from FSG-Cat/patch-1
Update Synapse from 1.40.0 to 1.41.0
2021-08-25 09:37:20 +03:00
Wolfgang Winter ee75d35193 Endpoint changes for Client and media API due to migration to 1.41.0 2021-08-24 21:46:38 +02:00
Joseph Walton-Rivers a787f406f9
Update main.yml
Fix incorrect docker version tag for matrix-appservice-irc
2021-08-24 18:41:39 +01:00
Catalan Lover 1e070f1e56
Update Synapse from 1.40.0 to 1.41.0 2021-08-24 19:09:28 +02:00
Michael Collins 6ecd947c72 remove delete subscription section 2021-08-24 19:05:58 +08:00
Michael Collins 463e9a6196 woops bool not bools 2021-08-24 18:48:43 +08:00
Michael Collins f19856e125 change template name 2021-08-24 18:35:49 +08:00
Michael Collins c6f8bc5d83 missing one template from deletion section 2021-08-24 18:35:00 +08:00
Michael Collins a49da05cf9 delegate locally 2021-08-24 18:20:26 +08:00
Michael Collins ef4b5a187d alter delete_job_template template 2021-08-24 14:33:50 +08:00
Michael Collins b120b8aeba delay these till the next playbook 2021-08-24 14:27:50 +08:00
sakkiii 01a5f521cd Merge branch 'patch-2' of https://github.com/sakkiii/matrix-docker-ansible-deploy into patch-2 2021-08-24 10:26:20 +05:30
sakkiii 00d1804dd9 prometheus & its exporter updates 2021-08-24 10:24:54 +05:30
Slavi Pantaleev 57414ec2be Upgrade matrix-corporal (2.1.1 -> 2.1.2) 2021-08-23 15:39:54 +03:00
Slavi Pantaleev 4b643db31b Upgrade devture/exim-relay (4.94.2-r0-2 -> 4.94.2-r0-3)
Related to https://github.com/devture/exim-relay/pull/11
2021-08-23 15:31:37 +03:00
Slavi Pantaleev ca7e0b9df2
Merge pull request #1243 from sakkiii/patch-3
Postgres Minor Updates
2021-08-23 15:29:14 +03:00
Slavi Pantaleev 2ec06b7477
Merge pull request #1242 from apmechev/add_beeper_linkedin_bridge
Add beeper LinkedIn bridge
2021-08-23 15:15:35 +03:00
Slavi Pantaleev 603ad7c52b Remove (non-working) SQLite support from beeper-linkedin bridge
This bridge doesn't support SQLite anyway, so it's not necessary
to carry around configuration fields and code for migration from SQLite
to Postgres. There's nothing to migrate.
2021-08-23 15:12:19 +03:00
Slavi Pantaleev 78c22138a5
Do not reference variables from other roles
This configuration is supposed to be kept clean and not reference variables defined in other roles.

`group_vars/matrix_servers` redefines these to hook our various roles together.
2021-08-23 15:06:00 +03:00
Thom Wiggers 78b62664cd
Update to version v0.30.0
https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.30.0
2021-08-23 10:29:05 +02:00
sakkiii 48548eb561
Postgres Minor Updates 2021-08-22 18:45:25 +05:30
Alexandar Mechev b13cf1871f add code for LinkedIn Bridge 2021-08-21 17:32:45 +02:00
Slavi Pantaleev 24793adb2f
Merge pull request #1241 from sakkiii/patch-3
Certbot update v1.18.0
2021-08-20 22:05:29 +03:00
Slavi Pantaleev 9860fb4675 Upgrade Sygnal (v0.9.0 -> v0.10.1) 2021-08-20 17:48:24 +03:00
sakkiii f5a7e6d78b
Certbot update v1.18.0 2021-08-20 19:47:11 +05:30
Michael Collins 3125ee56e2 add abort_deletion.yml task list 2021-08-20 13:27:10 +08:00
Michael Collins e75ecd858d launch cleanup job after deleting subscription 2021-08-20 11:14:15 +08:00
Michael Collins a37e5b6d60 job templates cant delete themselves 2021-08-20 09:58:55 +08:00
Michael Collins 14effd5e2b delegate delete tasks locally 2021-08-20 09:35:12 +08:00
Michael Collins 312bcc444b no log 2021-08-20 09:28:54 +08:00
nono d9d9554a74 Update the docker image version for mautrix-telegram 2021-08-19 14:08:53 +02:00
Michael Collins 92b26ec846 check if matrix_vars.yml file exists 2021-08-19 18:05:47 +08:00
Michael Collins 7203d4ec21 replace module only if file exists 2021-08-19 18:01:26 +08:00
Michael Collins 9ac5ad148a merge upstream 2021-08-19 17:38:38 +08:00
Michael Collins b2f96df1a9 end play after deleting subscription in AWX 2021-08-19 17:13:34 +08:00
Michael Collins fa43d04ad7 syntax error 2021-08-19 17:02:28 +08:00
Michael Collins 7b9929e17b add << SUBSCRIPTION DELETION IN PROGRESS >> job template 2021-08-19 16:55:58 +08:00
AtomHare 4240df6401
update link 2021-08-18 17:25:45 +02:00
AtomHare 7d0ce01792
update links 2021-08-18 17:24:54 +02:00
AtomHare 7eec01e359
update mautrix new repo name 2021-08-18 17:21:20 +02:00
AtomHare 43c9eab6b9
update mautrix new repo name 2021-08-18 17:20:18 +02:00
AtomHare 1ae4032cb7
update new repo name mautrix 2021-08-18 17:17:44 +02:00
AtomHare b9124c0080
update new repo name mautrix-hangouts 2021-08-18 17:16:58 +02:00
AtomHare 69f333ea25
Update main.yml 2021-08-18 17:14:18 +02:00
Michael Collins 517ecbf0d1 move delete-subscription to deploy 2021-08-18 21:07:44 +08:00
Slavi Pantaleev dc8000760b Bump Coturn version tag (4.5.2-r2 -> 4.5.2-r3)
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1236
2021-08-18 09:50:10 +03:00
Slavi Pantaleev 511a267b00
Merge pull request #1229 from wol-win/feature/signal_config
Feature/signal config
2021-08-18 09:42:46 +03:00
Slavi Pantaleev 2c80e0bc89
Merge pull request #1235 from wol-win/element_web
Upgrade Element (1.8.0 -> 1.8.1)
2021-08-17 20:21:44 +03:00
WobbelTheBear 12dbb29675
Upgrade Element (1.8.0 -> 1.8.1)
Element web/desktop has just been updated to fix some regressions in regard to VoIP.
2021-08-17 12:47:52 +02:00
pushytoxin 854ea91195 Mautrix-Facebook repo location update, pin v0.3.1
The Github link is just a redirect to Tulir's own GitLab, so I replaced the self-build link
The docker container repository was rearranged hierarchically (dock.mau.dev/tulir/mautrix-facebook -> dock.mau.dev/mautrix/facebook)
Tagged versions have been made available, thus :latest -> :v0.3.1
2021-08-17 10:35:49 +02:00
Michael Collins bdf10462d2 Merge remote-tracking branch 'upstream/master' 2021-08-17 16:24:34 +08:00
Slavi Pantaleev 62bba12551
Merge pull request #1233 from hifi/feature/heisenbridge-1.0.0
Pin Heisenbridge to 1.0.0
2021-08-17 09:12:45 +03:00
Slavi Pantaleev 71c7d0ba7f
Merge pull request #1232 from thedanbob/debian-bullseye
docker-ce is now available for Debian Bullseye
2021-08-17 09:12:17 +03:00
Michael Collins 41c335b967 merge upstream 2021-08-17 13:20:39 +08:00
Toni Spets 4fe27a7645 Pin Heisenbridge to 1.0.0 2021-08-17 07:50:53 +03:00
Wolfgang Winter 4b7506ca1a Preset the permissions inline with other bridges 2021-08-16 18:24:12 +02:00
Wolfgang Winter b1c94efcd8 Make template generic for the pemission settings 2021-08-16 18:23:40 +02:00
Slavi Pantaleev 70d412e523 Upgrade Element (1.7.34 -> 1.8.0) 2021-08-16 18:10:22 +03:00
Dan Arnfield df82ec13b2 docker-ce is now available for Debian Bullseye 2021-08-16 08:44:02 -05:00
Wolfgang Winter d0b557eb6f Replace tabs to spaces to prevent problems in YAML 2021-08-15 08:42:21 +02:00
Slavi Pantaleev f5a2d732ea
Merge pull request #1224 from GoMatrixHosting/master
GoMatrixHosting v0.5.7
2021-08-15 08:45:56 +03:00
Wolfgang Winter 7486db0d1a Missing ticks 2021-08-14 17:58:08 +02:00
WobbelTheBear f988fd3339
Change sequence of permissions
As per earlier comment (see from tulir) the sequence has been changed.
2021-08-14 17:47:31 +02:00
WobbelTheBear d249fe874e
Update roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
Updated settings in template file:
* relay for any user
* user permissions only for HS domain users

Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com>
2021-08-14 17:36:43 +02:00
WobbelTheBear ae9639585c
Update roles/matrix-bridge-mautrix-signal/defaults/main.yml
Improved setup through template file

Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com>
2021-08-14 17:35:49 +02:00
Wolfgang Winter a34241e4cc Remove intial permissions seting
Permissions, when set in the template, will be augmented rahter than replaced when using matrix_mautrix_signal_configuration_extension_yaml. Therefore, permissions shall only be set in the defaults/vars.yml or in the HS specific vars.yml file
2021-08-13 21:11:41 +02:00
Wolfgang Winter 5ca28ba872 Default relay bot functionality setting
Per default relay bot functionality is disabled; the bridge user permissions depends on the relay bot, if enabled the base domain users are on level relay, else remain on user;
2021-08-13 17:48:05 +02:00
Wolfgang Winter e6b77284f2 Relay bot configurable + permissions
Enable / disable relay bot functionality as configuratoin paramter; set bridge permissions for base domain users to user level
2021-08-13 17:46:37 +02:00
Michael Collins 98e6cd685d sync with previous repo 2021-08-13 16:05:57 +08:00
Jaffex e90b33c4e3 Update matrix-mautrix-signal config to 0.2.0 to enable relay mode 2021-08-12 12:52:55 +02:00
Michael Collins 4c12c1892c use saner folder permissions 2021-08-11 17:32:38 +08:00
Michael Collins 4d57a41b3f remove matrix_awx_enabled from these 2021-08-11 17:18:57 +08:00
Michael Collins 2e30802b87 use group variables instead 2021-08-11 15:21:09 +08:00
Michael Collins 8238d65e5f simplify template conditional 2021-08-11 14:19:19 +08:00
Toni Spets bce94c5860 Allow configuring synapse database transaction limit 2021-08-10 21:09:28 +03:00
Slavi Pantaleev 05ad620386 Update homeserver.yaml to keep up with Synapse v1.40.0
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1225
2021-08-10 17:36:44 +03:00
WobbelTheBear 2469ada520
Update Synapse (1.39.0 -> 1.40.0) 2021-08-10 15:32:07 +02:00
Michael Collins bfb61e776e GMH v0.5.7... maybe! 2021-08-10 12:58:10 +08:00
Sebastian Gumprich 24589b91f4 irc appservice image tag has a 'v' now 2021-08-09 19:01:51 +02:00
Slavi Pantaleev 6de8b5925a
Merge pull request #1222 from wol-win/feature/signal
New version of Mautrix Signal bridge (version 0.2.0)
2021-08-09 13:59:17 +03:00
Wolfgang Winter 6ecfbe98b1 New version of Mautrix Signal bridge version 0.2.0 provided through new GitLab repository location 2021-08-09 11:19:12 +02:00
Thom Wiggers d11d6f52ae
Update IRC appservice
https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.29.0
2021-08-09 10:57:45 +02:00
Sebastian Gumprich d2a1b8b134
whatsapp bridge has new docker image location
See https://github.com/mautrix/whatsapp/releases/tag/v0.1.8
2021-08-07 15:47:24 +02:00
Slavi Pantaleev 2e23166ed3
Merge pull request #1216 from aaronraimist/hydrogen
Upgrade Hydrogen (0.2.3 -> 0.2.5)
2021-08-07 11:34:04 +03:00
Aaron Raimist f3aae70f70
Upgrade Hydrogen (0.2.3 -> 0.2.5) 2021-08-07 02:47:51 -05:00
Slavi Pantaleev 23006fd64e Fix email2matrix path initialization
Regression since 421f85defa
2021-08-04 17:59:49 +03:00
Slavi Pantaleev 421f85defa Add self-building support to matrix-email2matrix 2021-08-04 15:03:45 +03:00
Slavi Pantaleev 2697590d28 Remove some useless if conditions 2021-08-04 14:51:15 +03:00
Slavi Pantaleev a68ac9cb4f Split install/uninstall tasks in matrix-email2matrix 2021-08-04 14:45:07 +03:00
Slavi Pantaleev 5fc61ed964 Upgrade Element (1.7.33 -> 1.7.34) 2021-08-04 09:09:35 +03:00
Slavi Pantaleev 179775b92d Upgrade Synapse (1.38.1 -> 1.39.0) 2021-07-29 18:51:22 +03:00
Slavi Pantaleev dfa7b6e4fd
Merge pull request #1171 from BackInBash/patch-1
Updating to ma1sd v2.5.0
2021-07-28 11:09:39 +03:00
Slavi Pantaleev 676101e999 Minor fixups for ma1sd 2.5.0
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1171
2021-07-28 11:08:50 +03:00
Michael Collins 67db5a0024 GoMatrixHosting v0.5.5 2021-07-27 15:12:03 +08:00
Slavi Pantaleev 49abe66f1d
Remove unnecessary if condition
All of `setup_install.yml` only runs if `matrix_bot_matrix_reminder_bot_enabled`,
so it's not necessary to add that condition once again.
2021-07-26 08:54:35 +03:00
Nate 012440c309 Allow for self-building of reminder-bot 2021-07-25 14:16:37 -07:00
Hardy Erlinger 03e8c75a30 Restore authentication for Jitsi Meet. 2021-07-25 16:23:51 +02:00
sakkiii 4a2b169fc9
systemd-timesyncd for ubuntu 2021-07-22 23:42:53 +05:30
sakkiii f4a9c4dff2
Update prometheus node exporter (1.1.2 -> 1.2.0) 2021-07-22 23:29:43 +05:30
Slavi Pantaleev 112d8d8243 Upgrade Synapse (1.38.0 -> 1.38.1) 2021-07-22 19:48:29 +03:00
sakkiii 7f0b8fef0a
Merge branch 'spantaleev:master' into patch-1 2021-07-21 23:50:19 +05:30
Slavi Pantaleev 31244e7fcc
Merge pull request #1180 from Toorero/master
Fixed self-build functionality for mautrix-signal
2021-07-21 15:17:57 +03:00
Slavi Pantaleev 7d9ee3e2fb
Remove unnecessary if-condition 2021-07-21 15:17:17 +03:00
Slavi Pantaleev a21696f687
Fix some if-checks
We'd rather not suppress pull errors or run self-build tasks if pulling fails.
2021-07-21 15:16:14 +03:00
Toorero ead4b00c09 Reverted back to manual self-build detection 2021-07-21 14:05:21 +02:00
Slavi Pantaleev 30339cd313
Merge pull request #1139 from sakkiii/jitsi-fix
Jitsi Update -> stable-5963
2021-07-20 09:57:11 +03:00
sakkiii d08a78ff1f
remove prosody JICOFO_COMPONENT_SECRET 2021-07-20 12:09:11 +05:30
Slavi Pantaleev 4105ba854b
Merge pull request #1147 from datenkollektiv-net/allow-custom-federation-fqn
Make federation domain customizable
2021-07-20 09:12:16 +03:00
Slavi Pantaleev 25e6eb27ab
Merge pull request #1183 from Toorero/mautrix-telegram-selfbuild-fix
Fixed mautrix-telegram selfbuild not working on non amd64 platforms
2021-07-20 09:06:04 +03:00
Slavi Pantaleev fb221c8179
Do not needlessly ignore errors 2021-07-20 09:05:13 +03:00
Slavi Pantaleev 51b94d9987
Merge pull request #1194 from meyerrj/master
Update main.yml for matrix-reminder-bot
2021-07-20 08:57:59 +03:00
Slavi Pantaleev 931b16fa66
Merge pull request #1193 from sakkiii/patch-2
Upgrade hydrogen (v0.2.0 -> v0.2.3)
2021-07-20 08:57:23 +03:00
JokerGermany 9345d840be
root path for the base domain is wrong (#1189)
* root path for the base domain

* Fix path when running in a container

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2021-07-20 08:48:11 +03:00
Richard Meyer a8373d6bd4
Update main.yml
Fixes an issue related to https://github.com/anoadragon453/matrix-reminder-bot/issues/86
2021-07-19 19:02:29 -05:00
sakkiii 8b304445e5
Upgrade hydrogen (v0.2.0 -> v0.2.3) 2021-07-19 23:31:39 +05:30
sakkiii 5209a17da1
migrate from ntp to chrony 2021-07-19 23:11:30 +05:30
Slavi Pantaleev 70cb27138c Upgrade Element (1.7.32 -> 1.7.33) 2021-07-19 18:57:19 +03:00
Toorero b3793f3595 Masked TARGETARCH via docker.build.arg directive 2021-07-17 14:40:21 +02:00
Toorero 3a28100131 Renamed matrix_lottieconverter to matrix_telegram_lottieconverter 2021-07-17 14:05:13 +02:00
Toorero 7f15787d54 Fixed mautrix-telegram selfbuild not working on non amd64 platforms 2021-07-16 18:58:55 +02:00
Toorero f933ba14ae Fixed self-build functionality for mautrix-signal and added self-build functionality for signald 2021-07-16 13:27:36 +02:00
sakkiii e90979e91f
Upgrade grafana (8.0.5 -> 8.0.6) 2021-07-15 23:10:45 +05:30
Slavi Pantaleev a435c64c13
Merge pull request #1176 from GoMatrixHosting/master
GoMatrixHosting v0.5.4
2021-07-15 09:28:59 +03:00
Michael-GMH 86e4649578 GoMatrixHosting v0.5.5 2021-07-15 12:47:00 +08:00
Michael-GMH 03006eb5ab GoMatrixHosting v0.5.5 2021-07-15 12:46:38 +08:00
Michael-GMH 245986c793 Merge remote-tracking branch 'upstream/master' 2021-07-15 12:44:54 +08:00
Toorero f732a75ca5 Added selfbuild functionality to mautrix-signal bridge 2021-07-14 03:11:13 +02:00
Janar Juusu c198320f65
feat: update synapse to 1.38.0 2021-07-13 20:56:47 +03:00
Slavi Pantaleev 2e0eddde9d Upgrade matrix-corporal (2.1.0 -> 2.1.1) 2021-07-10 19:40:53 +03:00
Markus 83b9908c9d
Update to ma1sd v2.5.0 2021-07-10 14:09:08 +02:00
sakkiii cd54147144
Upgrade grafana (8.0.3 -> 8.0.5) 2021-07-09 17:55:15 +05:30
sakkiii 7a51268dfc
Upgrade certbot & nginx
Upgrade certbot (v1.16.0 -> v1.17.0) nginx (1.21.0 -> 1.21.1)
2021-07-09 17:51:27 +05:30
Slavi Pantaleev 3fa895fe96 Upgrade Element (1.7.31 -> 1.7.32) 2021-07-09 11:26:13 +03:00
Michael-GMH f6e0cbe5f3 did i even update this 2021-07-08 09:46:29 +08:00
sakkiii 49455a9ce0
prometheus version 2.28.0 -> 2.28.1 2021-07-07 21:53:05 +05:30
Michael-GMH 1c938c72fd GoMatrixHosting 0.5.2 2021-07-06 14:51:36 +08:00
Slavi Pantaleev b4d7ab0b53
Merge pull request #1153 from Cadair/worker_prom
Add worker metrics to prometheus exporter
2021-07-05 10:30:02 +03:00
Slavi Pantaleev b6d71b9da1 Fix self-building for Coturn
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1158
2021-07-03 10:06:09 +03:00
Neutron 1ad9bba88f Skip importing validate_config task when Synapse is disabled 2021-07-02 20:58:57 +03:00
Stuart Mumford 2aa457efcc Use a prom variable and not a synapse role variable 2021-07-02 15:41:36 +00:00
Michael-GMH 7acaef89df GoMatrixHosting v0.5.1 2021-07-02 14:11:09 +08:00
Slavi Pantaleev ccde2362fc
Merge branch 'master' into mjolnir-0.1.18 2021-07-02 08:52:58 +03:00
Slavi Pantaleev 55452c3068 Update Mjolnir (v0.1.17 -> v0.1.18) 2021-07-02 08:28:44 +03:00
Aaron Raimist fc16fbda5b
Remove a bunch of redundant Ansible <2.8 self building checks 2021-07-02 00:14:37 -05:00
Aaron Raimist 19ed8d1d17
Upgrade mjolnir (0.1.17 -> 0.1.18) and implement self building 2021-07-02 00:10:59 -05:00
sak 7b2211da8e remove jibri 2021-07-01 15:37:20 +05:30
Slavi Pantaleev 6294e58304 Fix Content-Security-Policy for Element
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1154

According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy,
having both a header and the `<meta>`-tag provided by Element itself is
not a problem. The 2 CSP policies get combined.
2021-07-01 12:41:05 +03:00
Stuart Mumford 09ee5ce52e we index from 0 apparently 2021-06-30 21:32:19 +00:00
Stuart Mumford 3d063f6ace make them show as jobs in grafana 2021-06-30 21:30:18 +00:00
oxmie 5df4d68829 Make federation domain customizable 2021-06-30 23:02:27 +02:00
Stuart Mumford 7b52e6ad5e Add worker metrics to prometheus exporter 2021-06-30 20:52:49 +00:00
Davy Landman c9d73c6606
Updating to latest synapse release (performance regression)
https://github.com/matrix-org/synapse/releases/tag/v1.37.1
2021-06-30 16:15:00 +02:00
sakkiii d338090f00
postgres minor updates 2021-06-30 10:00:52 +05:30
Slavi Pantaleev 3da4b684a5 Upgrade Synapse (1.36.0 -> 1.37.0) 2021-06-29 13:55:09 +03:00
Thom Wiggers eb5619fd4b
Update IRC bridge 2021-06-29 12:45:21 +02:00
Michael Sasser 7578a355c4
heisenbridge fix service name 2021-06-29 12:15:03 +02:00
sakkiii 8a369f61f3
Merge branch 'spantaleev:master' into jitsi-fix 2021-06-26 21:54:42 +05:30
hanthor ddbb4b2acc
Update main.yml
update to v0.2.0
2021-06-24 12:10:45 -04:00
Slavi Pantaleev 2d740dbebd Mount /data in matrix-redis container
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1140
2021-06-24 10:10:52 +03:00
sakkiii 2b881e245b
Update prometheus v2.27.1 -> v2.28.0 2021-06-24 10:07:14 +05:30
sakkiii 0cc17ab2ca matrix_jitsi_jicofo_component_secret validation 2021-06-23 23:55:55 +05:30
sakkiii f2f1b20e44 jicofo client proxy connection 2021-06-23 23:17:24 +05:30
sakkiii b132941e71
Merge branch 'spantaleev:master' into jitsi-fix 2021-06-23 21:31:25 +05:30
Slavi Pantaleev 18533b5000
Merge pull request #1135 from sakkiii/patch-1
Coturn update 4.5.2 -> 4.5.2-r2
2021-06-23 11:15:41 +03:00
Slavi Pantaleev d019e9078a Remove unused variables from mx-puppet-* bridges
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1131
2021-06-23 09:56:31 +03:00
sakkiii 6ede9c8cd6 network-alias added to fix domains 2021-06-22 23:59:49 +05:30
sakkiii d9e943aaaa minor fix 2021-06-22 23:32:32 +05:30
sakkiii 0c8a3c401f jibri service 2021-06-22 23:20:09 +05:30
sakkiii 04805f35a7
Coturn update 4.5.2 -> 4.5.2-r2 2021-06-22 22:39:35 +05:30
Slavi Pantaleev b19fa3acb2 Upgrade Element (1.7.30 -> 1.7.31) 2021-06-22 10:18:58 +03:00
sakkiii 1250208907
whitespaces 2021-06-22 12:24:35 +05:30
sakkiii c0cd2a3c93
JICOFO_RESERVATION_ENABLED contains whitespaces. 2021-06-22 12:14:14 +05:30
sakkiii f8be36327c
jibri service 2021-06-22 11:11:01 +05:30
sakkiii 3e011bafd5 jibri env 2021-06-22 00:18:29 +05:30
sakkiii 8af2d818b1 domain_fix 2021-06-21 23:55:26 +05:30
sakkiii 2ca92b76b6 stable-5963 2021-06-21 23:37:08 +05:30
Slavi Pantaleev 5a1dabe14f Bump exim-relay Docker image tag
The new one is based on Alpine 3.14, instead of Alpine 3.13.
2021-06-21 15:32:34 +03:00
Slavi Pantaleev 282844209a
Merge pull request #1105 from blaztinn/centos-stream-8
Add support for CentOS (Stream) 8
2021-06-21 15:32:11 +03:00
Marcel Ackermann a790096adf
matrix_mx_puppet_slack_client_id deprecated 2021-06-21 12:13:20 +02:00
Marcel Ackermann ed078998b5
deprecated 2021-06-21 12:12:07 +02:00
Slavi Pantaleev efa7486b88
Merge pull request #1127 from sakkiii/patch-3
Content-Security-Policy For Element Web
2021-06-20 10:01:43 +03:00
sakkiii b826171139
Update grafana 8.0.2 -> 8.0.3 2021-06-18 23:32:30 +05:30
sakkiii 0217644b48
Content-Security-Policy For Element Web
https://github.com/vector-im/element-web#configuration-best-practices
2021-06-18 23:27:23 +05:30
Slavi Pantaleev 3dd32d2512 Update worker endpoints
Should have been part of 9daeb39710
2021-06-15 19:28:21 +03:00
Slavi Pantaleev 9daeb39710 Upgrade Synapse (1.35.1 -> 1.36.0) 2021-06-15 19:25:41 +03:00
Michael-GMH 4fb1134ad1 GoMatrixHosting v0.5.0 2021-06-14 22:36:49 +08:00
Slavi Pantaleev a7fcb7c04d
Merge pull request #1122 from sakkiii/patch-2
update hydrogen v0.1.56 -> v0.1.57
2021-06-14 17:26:30 +03:00
sakkiii 4cd5835e11
update hydrogen v0.1.56 -> v0.1.57
https://github.com/vector-im/hydrogen-web/releases/tag/v0.1.57
2021-06-14 19:46:08 +05:30
sakkiii 08d1a5c2e7
Update grafana 8.0.0 -> 8.0.2 2021-06-14 19:41:23 +05:30
Blaž Tomažič 72bc9b5cfc Add support for CentOS (Stream) 8 2021-06-12 10:49:38 +02:00
Slavi Pantaleev 1cf4d5ea7f Upgrade Redis (6.0.10 -> 6.2.4) 2021-06-10 12:25:55 +03:00
Slavi Pantaleev 963f38ee7b Upgrade certbot (v1.14.0 -> v1.16.0) 2021-06-10 12:18:42 +03:00
SkepticalWaves 2e8a2bdf7d
Add empty default for jitsi-prosody modules 2021-06-08 22:56:09 -04:00
SkepticalWaves 2886dc3939
Add module configuration to jitsi-prosody env file 2021-06-08 22:55:19 -04:00
Slavi Pantaleev 6c9c78ddae
Merge pull request #1112 from sakkiii/patch-2
coturn update
2021-06-08 22:46:11 +03:00
sakkiii be1d1d0b7c matrix_grafana_content_security_policy_customized default false 2021-06-09 00:52:52 +05:30
sakkiii 2d9ba82337 Update element 7.5.7 -> 8.0.0 2021-06-09 00:48:55 +05:30
sakkiii 1cc1202df2
update coturn 2021-06-08 23:59:31 +05:30
rakshazi 77fd1bff22
Update element 1.7.29 -> 1.7.30 2021-06-08 14:57:49 +00:00
Slavi Pantaleev fa76c1ee5b Do not run self-build Ansible version-check, if component not enabled
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1108
2021-06-08 08:59:02 +03:00
Slavi Pantaleev bec9eaeb50
Merge pull request #1108 from tommes0815/fix-hydrogen-for-ansible2.7
fix error when running with Ansible 2.7 in the hydrogen setup
2021-06-07 22:09:39 +03:00
Thom Wiggers 3c05cc04bc
Update IRC appservice 2021-06-07 10:41:18 +02:00
Thomas Kühne 7f4e71b22a fix error when running with Ansible 2.7 in the hydrogen setup
Without this the hydrogen task would fail for Ansible 2.7 even when hydrogen is not enabled.
2021-06-06 14:37:17 +02:00
Michael-GMH 122a92fa1c GoMatrixHosting v0.4.9 update 2021-06-04 13:10:45 +08:00
Slavi Pantaleev b1f1c28ef0 Upgrade Synapse (1.34.0 -> 1.35.0) 2021-06-01 19:14:59 +03:00
Michael-GMH ad7bbd6442 merge upstream 2021-06-01 16:00:13 +08:00
Michael-GMH 6f40d78353 fix random edits to upstream 2021-05-25 21:25:40 +08:00
Michael-GMH ea6e344d05 merge upstream 2021-05-25 21:10:34 +08:00
Michael-GMH 85777e8f96 merge with upstream 2021-05-25 21:08:00 +08:00
Slavi Pantaleev 1ed0857019 Fix syntax error
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
2021-05-25 11:45:17 +03:00
sakkiii 4a4a7f136e changes added to hydrogen client 2021-05-25 11:42:51 +05:30
sakkiii 25e67b51d1 Merge branch 'spantaleev:master' into master 2021-05-25 11:40:56 +05:30
sakkiii 3436f9c10a rename to matrix_nginx_proxy_hsts_preload_enabled 2021-05-25 00:56:59 +05:30
Slavi Pantaleev 0648b1b618 Upgrade Element (1.7.28 -> 1.7.29) 2021-05-24 20:38:48 +03:00
sakkiii 7cc5328ede Comments & Ref 2021-05-24 17:20:54 +05:30
sakkiii df2d91970d matrix_nginx_proxy_xss_protection 2021-05-24 17:02:47 +05:30
Slavi Pantaleev d4c7a90b5c
Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility
Allow Jitsi XMPP websocket support for users using own webserver.
2021-05-24 11:07:05 +03:00
ewang 409cd2b9a3 Source port binding from group vars in line other components 2021-05-23 14:06:18 +02:00
Eagle-251 ef6a7e051c
Fix missing port binding. 2021-05-22 15:55:50 +02:00
ewang 1bb6ed97ae Make port bindings default for those disabling nginx proxy
I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```.
Hopefully that should make it the default behaviour now.
2021-05-22 15:53:42 +02:00
Aaron Raimist 3c0452ff5a
Remove unnecessary bind for config.json, use proper nginx.conf 2021-05-21 17:22:40 -05:00
ewang 4a772e50f4 Allow Jitsi XMPP webscoket support for users using own webserver.
Added:
 - Conditional localhost Port bindings for Jitsi Prosody systemd template
- Added variable to main.yml to allow overriding from vars.yml
2021-05-21 15:26:06 +02:00
Slavi Pantaleev 6f80292745
Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-21 13:40:37 +03:00
Slavi Pantaleev d0de21ab34
Delete Hydrogen nginx configuration file when disabled 2021-05-21 12:58:32 +03:00
Aaron Raimist ac4ede20af
Add docs 2021-05-21 04:43:04 -05:00
Aaron Raimist 1633f61018
Only install config.json when self building 2021-05-21 04:23:06 -05:00
Aaron Raimist 04548f8df2
Merge branch 'master' into hydrogen 2021-05-21 04:09:18 -05:00
Aaron Raimist 9437f78c9e
Build using custom config.json, add CSP, update to 0.1.53 2021-05-21 03:45:21 -05:00
Slavi Pantaleev 47b4608b96 Fail in a friendlier way when trying to self-build on Ansible <= 2.8
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070

Related discussion here: 1ab507349c (commitcomment-51108407)
2021-05-21 11:15:05 +03:00
Slavi Pantaleev 1ab507349c Fix self-building for various components on Ansible < 2.8
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
2021-05-20 08:43:20 +03:00
Slavi Pantaleev 66615c43a3
Merge pull request #1065 from sakkiii/patch-1
Update grafana (7.5.6->7.5.7)
2021-05-19 22:07:59 +03:00
Tobias K 3dcbed6353
roles/matrix-grafana: Set root_url in granafa.ini 2021-05-19 19:52:58 +02:00
sakkiii 8529ca4c17
Update grafana (7.5.6->7.5.7) 2021-05-19 22:30:03 +05:30
Slavi Pantaleev 073d920a62
Merge pull request #1061 from sakkiii/ssl_enhancement
Optimize SSL session
2021-05-19 17:14:52 +03:00
Toni Spets 544915ff76 Add Heisenbridge 2021-05-19 10:42:21 +03:00
Slavi Pantaleev 21eb39f986 Mention matrix_common_after_systemd_service_start_wait_for_timeout_seconds in failure message
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:46:13 +03:00
Slavi Pantaleev ee46fabdca Make waiting time for --tags=start configurable
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:39:55 +03:00
sakkiii e9b878b9e9 Optimize SSL session 2021-05-18 19:39:43 +05:30
Slavi Pantaleev e6afa05f7b Enable OCSP stapling for the federation port
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057

Not sure if this is beneficial though.
2021-05-18 08:15:42 +03:00
Slavi Pantaleev 57a6a98a50 Fix incorrect SSL certificate path
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-18 07:58:47 +03:00
Slavi Pantaleev b9c4e8ce16
Merge pull request #1057 from sakkiii/ssl_staple
Enable OCSP Stapling
2021-05-18 07:50:35 +03:00
sakkiii d31b55b2a7 SSL-enabled block only 2021-05-18 03:24:06 +05:30
rakshazi 400371f6dd
Updated Element version (1.7.27 -> 1.7.28) 2021-05-17 13:15:12 +00:00
Slavi Pantaleev d156c8caa2 Upgrade Synapse (1.33.2 -> 1.34.0) 2021-05-17 14:58:07 +03:00
Slavi Pantaleev e4dd933cf0 Make missing /_synapse/admin correctly return 404 responses
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058

We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.

For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints)
2021-05-17 11:45:35 +03:00
sakkiii 2c3da6599b Added warning 2021-05-15 16:07:52 +05:30
sakkiii 0dd4459799 matrix_nginx_proxy_ocsp_stapling_enabled variable added 2021-05-15 16:01:49 +05:30
sakkiii c05021640d Enable OCSP Stapling 2021-05-15 15:57:05 +05:30
Aaron Raimist ca361af616
Add Hydrogen 2021-05-15 04:23:36 -05:00
sakkiii b191e461a5 Merge branch 'spantaleev:master' into master 2021-05-15 12:20:02 +05:30
sakkiii 4bd7d8b5e4
Update grafana (7.5.5->7.5.6) 2021-05-14 18:59:21 +05:30
sakkiii d5cd3d443d
Update prometheus (2.26.0->2.27.0) 2021-05-14 18:56:33 +05:30
sakkiii 322b750aad Merge branch 'spantaleev:master' into master 2021-05-14 18:54:47 +05:30
Slavi Pantaleev f481b1a84b Upgrade matrix-mailer (4.94.2-r0 -> 4.94.2-r0-1)
Related to https://github.com/devture/exim-relay/pull/9
2021-05-12 18:09:08 +03:00
Slavi Pantaleev 8e6f1876f5 Switch to :latest version of synapse-admin
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132

We should switch back when >0.8.0 gets released.
2021-05-11 19:25:12 +03:00
sakkiii 8fc55b30c5
Upgrade Synapse (1.33.1 -> 1.33.2)
This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation. Server admins are encouraged to upgrade.

Ref: https://github.com/matrix-org/synapse/releases/tag/v1.33.2
2021-05-11 19:06:30 +05:30
Slavi Pantaleev 2d4b039c55
Merge pull request #1046 from GoMatrixHosting/master
GoMatrixHosting v0.4.6
2021-05-11 09:07:48 +03:00
Michael-GMH 2b4bada72a fix conditional 2021-05-11 14:05:45 +08:00
Michael-GMH 0adcef65e6 fix conditional 2021-05-11 13:58:42 +08:00
Michael-GMH f70102e40c no dashes in usernames 2021-05-11 13:55:13 +08:00
Slavi Pantaleev f4657b2cdb Upgrade Element (1.7.26 -> 1.7.27) 2021-05-11 08:22:43 +03:00
Michael-GMH 4e6f6e179b GMH 0.4.6 update 2021-05-10 18:50:10 +08:00
sakkiii 29cf6a0087 Merge branch 'spantaleev:master' into master 2021-05-10 15:10:18 +05:30
Slavi Pantaleev 3dcc006932 Fix self-building for Coturn
689dcea773 wasn't enough. The `upstream/..` tags are
just upstream sources, without the alpine-based Dockerfile.
We need to use the `docker/..` tags for that (or `master`)

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1032

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
2021-05-10 11:35:53 +03:00
Slavi Pantaleev 33f0074862 Upgrade matrix-mailer (4.94-r0 -> 4.94.2-r0)
Related to https://github.com/devture/exim-relay/issues/6
2021-05-10 11:23:44 +03:00
Slavi Pantaleev c19508087a
Merge pull request #1036 from sakkiii/grafana-csp
Grafana csp template backward compatible with older browsers
2021-05-10 10:09:13 +03:00
Slavi Pantaleev a198b87455 Upgrade synapse-admin (0.7.2 -> 0.8.0)
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132
2021-05-10 10:06:12 +03:00
Slavi Pantaleev 867ebb52ab
Merge pull request #1037 from pushytoxin/jitsi-5765-1
Update Jitsi (5142 -> 5765-1)
2021-05-08 12:35:29 +03:00
sakkiii bb0810302d Merge branch 'spantaleev:master' into master 2021-05-07 23:03:55 +05:30
Slavi Pantaleev 61220ea487 Upgrade Synapse (1.33.0 -> 1.33.1) 2021-05-06 20:47:09 +03:00
sakkiii 9174448e5e get rid of this {% else %} 2021-05-06 12:46:17 +05:30
sakkiii 0d5fe2d9f7
Update roles/matrix-grafana/templates/grafana.ini.j2
Co-authored-by: Aaron Raimist <aaron@raim.ist>
2021-05-06 12:38:40 +05:30
Béla Becker b10655ebb1 Jitsi XMPP Websocket support
Jitsi-meet enabled websockets by default, claiming better reliability.
Matrix-nginx-proxy configuration has been set up according to the
Prosody documentation: https://prosody.im/doc/websocket
2021-05-05 19:10:58 +02:00
Béla Becker 116bcaa13b Update jitsi to stable-5765-1
Changelog:
https://github.com/jitsi/docker-jitsi-meet/blob/stable-5765-1/CHANGELOG.md
2021-05-05 19:10:58 +02:00
sakkiii 37de7fc96a Updated Reference 2021-05-05 22:25:38 +05:30
sakkiii 303de935d5 grafana CSP backward compatible with older browsers 2021-05-05 22:12:56 +05:30
Slavi Pantaleev d4d1e2e922 Upgrade Synapse (1.32.2 -> 1.33.0) 2021-05-05 19:18:53 +03:00
Slavi Pantaleev b09a805939
Merge pull request #1031 from thedanbob/nginx-1.20.0
Update nginx (1.19.10 -> 1.20.0)
2021-05-04 10:41:02 +03:00
Slavi Pantaleev 6fdc71c40b
Merge pull request #1030 from thedanbob/grafana-7.5.5
Update grafana (7.5.4 -> 7.5.5)
2021-05-04 10:40:21 +03:00
Dan Arnfield cfaa3e598a Update nginx (1.19.10 -> 1.20.0) 2021-05-03 16:00:11 -05:00
Dan Arnfield bec5933db4 Update grafana (7.5.4 -> 7.5.5) 2021-05-03 15:57:06 -05:00
Michael-GMH 067b61e779 GoMatrixHosting v0.4.5 update 2021-04-29 08:06:45 +08:00
Slavi Pantaleev 2409c33ea2 Upgrade Element (1.7.25 -> 1.7.26) 2021-04-27 17:21:31 +03:00
benkuly 49cb2635a2
updated matrix-sms-bridge 2021-04-27 14:39:58 +02:00
Michael-GMH a14bf6c2ed GoMatrixHosting v0.4.4 update 2021-04-26 20:00:32 +08:00
Slavi Pantaleev 689dcea773 Fix self-building for Coturn
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
2021-04-24 20:31:25 +03:00
sakkiii 40fe6bd5c1 variable matrix_nginx_proxy_hsts_preload_enable added 2021-04-24 20:04:20 +05:30
Slavi Pantaleev 389dc26615 Fix Synapse generic worker balancing
Potentially fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1022
2021-04-24 11:52:45 +03:00
sakkiii 5b4fdf9b87 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy 2021-04-24 12:15:34 +05:30
sakkiii 0ccf0fbf1c HSTS preload + X-XSS enables
**HSTS Preloading:**
In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts) includes all subdomains, and indicates a willingness to be “preloaded” into browsers:
`Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`

**X-Xss-Protection:**
`1; mode=block` which tells the browser to block the response if it detects an attack rather than sanitising the script.
2021-04-24 12:12:34 +05:30
sakkiii 3564635f0f
Merge branch 'master' into master 2021-04-24 11:46:52 +05:30
sakkiii 29bba5161b Element More security headers
More Production ready nginx headers for Matrix client element.
2021-04-24 11:10:40 +05:30
Slavi Pantaleev f6b371164c Remove useless variable 2021-04-23 07:07:18 +03:00
Slavi Pantaleev 62c0587b6a Use Alpine-based Coturn 2021-04-22 15:05:37 +03:00
Slavi Pantaleev 72a7cb4145
Merge pull request #1018 from GoMatrixHosting/master
GoMatrixHosting v0.4.3
2021-04-22 14:23:30 +03:00
Slavi Pantaleev e3fa3e12bc Upgrade Synapse (1.31 -> 1.32.2) 2021-04-22 14:22:07 +03:00
Michael-GMH 50d7209c5b GMH v04.3 2021-04-22 11:45:59 +08:00
Slavi Pantaleev 378fabf177 Revert "Upgrade Synapse (1.31 -> 1.32.1)"
This reverts commit 1fb54a37cb.

Seems like it's been pulled or something. It used to exist, but not
anymore. Not sure what's going on.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1017

Related to
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
2021-04-21 23:36:58 +03:00
Slavi Pantaleev 1fb54a37cb Upgrade Synapse (1.31 -> 1.32.1)
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
2021-04-21 18:47:15 +03:00
Slavi Pantaleev d691cc0920 Move variable definition a bit 2021-04-21 13:59:20 +03:00
Slavi Pantaleev e00ef04b57 Add opt-out-of-FLoC headers by default 2021-04-21 13:58:24 +03:00
Slavi Pantaleev 42783972fd
Merge pull request #1011 from aaronraimist/synapse-admin
Upgrade synapse-admin (0.7.0 -> 0.7.2)
2021-04-21 09:24:30 +03:00
Slavi Pantaleev ca786cc343 Revert "Upgrade Synapse (1.31 -> 1.32)"
This reverts commit f825c7c263.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
2021-04-20 23:40:55 +03:00
Aaron Raimist bb64b80697
Upgrade synapse-admin (0.7.0 -> 0.7.2) 2021-04-20 15:14:08 -05:00
Slavi Pantaleev f825c7c263 Upgrade Synapse (1.31 -> 1.32) 2021-04-20 17:47:34 +03:00
Slavi Pantaleev 7eda6a3c12
Merge pull request #1009 from thedanbob/coturn-official
Switch to official coturn image
2021-04-19 18:41:17 +03:00
Slavi Pantaleev adcecaffaf Fix connectivity between prometheus and prometheus-node-exporter
Expected to have regressed after https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1008

This patch comes with its own downsides (as described in the comments
for matrix_prometheus_node_exporter_container_http_host_bind_port),
but at least there's:
- no security issue
- metrics remain readable from matrix-prometheus (even if the network metrics are inaccurate)

A better patch is certainly welcome.
2021-04-19 18:29:03 +03:00
Dan Arnfield b2ca1f2829 Add capability required by new image 2021-04-19 10:16:26 -05:00
Slavi Pantaleev 398b9f5d66
Merge pull request #1008 from sakkiii/master
security** node-exporter data & port publicly exposed
2021-04-19 17:31:00 +03:00
Dan Arnfield 29177d4922 Switch to official coturn docker image 2021-04-19 09:04:08 -05:00
sak 88a30fb5ed security** node-exporter data & port publicly exposed 2021-04-19 15:35:23 +05:30
sak 0f9a455719 Revert "security** node-exporter data & port publicly exposed"
This reverts commit d0cd709c08.
2021-04-19 15:24:36 +05:30
sak d0cd709c08 security** node-exporter data & port publicly exposed 2021-04-19 15:15:59 +05:30
Slavi Pantaleev 4a1739f604
Merge pull request #1007 from teutat3s/fix/nginx-dont-send-version
Don't expose nginx version with each response
2021-04-18 21:33:11 +03:00
teutat3s 2bf7c26cfa
Don't expose nginx version with each response 2021-04-18 16:24:13 +02:00
Slavi Pantaleev c565e72f0d
Merge pull request #1003 from sakkiii/patch-2
updated matrix_grafana_docker_image to v7.5.4
2021-04-18 09:56:12 +03:00
Slavi Pantaleev 51b46697c5
Merge pull request #1005 from sakkiii/master
Improve security for grafana
2021-04-18 09:50:59 +03:00
Dan Arnfield f04614a993 Fix prometheus network for ansible < 2.8 2021-04-17 20:15:26 -05:00
Slavi Pantaleev badd81e0ec Revert "Attempt to fix docker_network result discrepancy between Ansible versions"
This reverts commit 68ca81c8c2.
2021-04-17 19:31:20 +03:00
sakkiii 1958d0792d Update matrix-client-element.conf.j2 2021-04-17 21:33:07 +05:30
sakkiii b6d45c5fd8 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy 2021-04-17 21:03:26 +05:30
sakkiii 05042f5ff1 Improve security grafana
- duplicate X-Content-Type-Options
- X-Frame-Options header
- Referrer-Policy [Might consider adding variable]
- Secure flag with cookies
- matrix_grafana_content_security_policy variable for [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy)
2021-04-17 21:03:05 +05:30
sakkiii 27377e099d
updated matrix_grafana_docker_image to v7.5.4
Latest stable grafana version is [7.5.4 (2021-04-14)](https://github.com/grafana/grafana/releases/tag/v7.5.4)
2021-04-17 17:31:14 +05:30
Slavi Pantaleev 68ca81c8c2 Attempt to fix docker_network result discrepancy between Ansible versions
Supposedly fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/907
2021-04-17 11:42:06 +03:00
Slavi Pantaleev 9c1f41eadf
Merge pull request #1002 from thedanbob/node-exporter-1.1.2
Update prometheus node exporter (1.1.0->1.1.2)
2021-04-17 11:15:13 +03:00
Dan Arnfield 8a550ce67c Update prometheus (2.24.1->2.26.0) 2021-04-16 09:25:45 -05:00
Dan Arnfield 83cc5c9e6a Update prometheus node exporter (1.1.0 -> 1.1.2) 2021-04-16 09:17:04 -05:00
sakkiii 5dc642ace1
Nginx element web: XSS protection & nosniff header
X-XSS-Protection: 1; mode=block; header, for basic XSS protection in legacy browsers.
X-Content-Type-Options: nosniff header, to disable MIME sniffing
2021-04-16 14:45:04 +05:30
Slavi Pantaleev fcb9e9618a Make Coturn TLSv1/v1.1 configurable
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/999
2021-04-16 09:29:32 +03:00
sakkiii 540416e32d
Disable support for TLS 1.0 and TLS 1.1
These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.
2021-04-15 19:25:23 +05:30
Michael-GMH 89cb5a3d7a GMH v0.4.2 update 2021-04-15 17:07:03 +08:00
Michael f41bfb69d2 update survey template formatting 2021-04-04 12:01:53 +08:00
Michael 814bdf5a88 update spelling 2021-04-04 11:52:26 +08:00
Michael fbe22289bd merge with upstream and testing branch 2021-04-04 11:41:06 +08:00
Slavi Pantaleev 995c483856
Merge pull request #962 from aaronraimist/mjolnir
Add mjolnir
2021-04-03 10:45:29 +03:00
Slavi Pantaleev f183add44d
Merge pull request #977 from aaronraimist/simple-antispam
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3)
2021-04-03 08:45:14 +03:00
Aaron Raimist 81dddd2e25
Upgrade Element (1.7.24 -> 1.7.24.1) 2021-04-02 18:43:30 -05:00
Aaron Raimist c43bd412dd
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3) 2021-04-02 18:08:08 -05:00
Aaron Raimist 1ecee625d5
Depend on more services, add a delay 2021-04-02 17:07:24 -05:00
Slavi Pantaleev a88391edf5
Merge pull request #972 from JohannesKleine/nginx-config
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
2021-03-31 10:30:57 +03:00
teutat3s 0b5e903693
Updates to mautrix-signal config
See these last commits:

tulir/mautrix-signal@4fc34330c1

tulir/mautrix-signal@64bc5c36a5

tulir/mautrix-signal@ddda1666d4
2021-03-31 02:51:23 +02:00
Christoph Johannes Kleine fcd66b2889
rename variables 2021-03-30 16:41:32 +02:00
Christoph Johannes Kleine 8ba1105010
rename variable 2021-03-30 15:59:10 +02:00
Christoph Johannes Kleine 3a772f2f65
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2 2021-03-30 14:11:20 +02:00
Slavi Pantaleev 93960b70be Do not fail if _matrix-identity DNS SRV record missing
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/963

This also simplifies Prerequisites, which is great.

It'd be nice if we were doing these checks in some optional manner
and reporting them as helpful messages (using
`matrix_playbook_runtime_results`), but that's more complicated.
I'd rather drop these checks completely.
2021-03-30 11:24:04 +03:00
Slavi Pantaleev 5e1cf7f8b9 Upgrade Element (1.7.23 -> 1.7.24) 2021-03-29 17:58:02 +03:00
Slavi Pantaleev 9409588513 Fix variable name typo (take 2)
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
2021-03-29 10:59:57 +03:00
Slavi Pantaleev 179b416ed5 Fix variable name typo
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
2021-03-29 09:24:35 +03:00
Slavi Pantaleev 77d598b315 Fix Go-NEB variable definitions using the wrong type
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/969
2021-03-28 12:10:22 +03:00
Slavi Pantaleev 49868db3de Upgrade Synapse for ARM64 (1.30.0 -> 1.30.1) 2021-03-26 16:48:15 +02:00
Slavi Pantaleev 94487dc6a7 Upgrade Synapse for amd64 (1.30.0 -> 1.30.1) 2021-03-26 15:37:11 +02:00
transcaffeine dbae18fd6a
feat: push ephemeral events to appservices
This adds https://github.com/matrix-org/matrix-doc/pull/2409 to the
appservice registrations, enabling synapse to push EDUs to appservices.
2021-03-25 18:49:54 +01:00
Dan Arnfield 97d8527e00 Update nginx (1.19.6 -> 1.19.8) 2021-03-24 09:42:08 -05:00
Slavi Pantaleev 5a4ea5f866 Make AWX enabling/disabling consistent with other playbook roles
That is:
- enabled in the role by default
- disabled in the compilation (playbook), if considered an optional
component
2021-03-24 14:02:53 +02:00
Aaron Raimist bab8b950ca
Add mjolnir 2021-03-23 22:46:08 -05:00
Slavi Pantaleev 06c74728eb Move matrix_nginx_proxy_proxy_synapse_federation_api_enabled definition to the role
This variable was previously undefined in the role and was only getting
defined via `group_vars/matrix_servers`.

We now properly initialize it (and its good default value) in the role
itself.
2021-03-23 10:28:32 +02:00
Slavi Pantaleev d09609daa8 Fix Jinja2 syntax error
Fixes a regression introduced in ffe649a240
2021-03-22 17:13:10 +02:00
Slavi Pantaleev 6a3433fbad Update Synapse for ARM64 (1.29.0 -> 1.30.0)
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
2021-03-22 16:43:23 +02:00
Slavi Pantaleev ffe649a240 Update homeserver.yaml to keep up with Synapse v1.30.0
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
2021-03-22 16:43:10 +02:00
rakshazi 74106f2a80
Updated synapse 1.29.0 -> 1.30.0 2021-03-22 14:03:42 +00:00
Thom Wiggers 54fe59f05c
Update IRC appservice 2021-03-22 12:37:35 +01:00
Slavi Pantaleev 2737ebc290 Complain if people try to use matrix-sygnal on non-amd64 2021-03-20 13:38:27 +02:00
Slavi Pantaleev b824522b33 Remove unnecessary with_items statement 2021-03-20 13:34:22 +02:00
Slavi Pantaleev 9a0222fa47 Add Sygnal support
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/683
2021-03-20 13:32:22 +02:00
Michael af240aef37 remove sections from task list that arent needed 2021-03-20 17:35:30 +08:00
Michael 85127bacba Merge remote-tracking branch 'upstream/master' 2021-03-20 17:21:27 +08:00
Michael 1e54b1d1a5 merge upstream 2021-03-20 17:21:02 +08:00
Slavi Pantaleev f99dcd611f Pass proper UID/GID to Synapse
Fixes a regression caused by a5ee39266c.

If the user id and group id were different than 991:991
(which used to be a hardcoded default for us long ago),
there was a mismatch between what Synapse was trying to use (991:991)
and what it was actually started with (in `--user=..`). It was then
trying to change ownership, which was failing.

This was mostly affecting newer installations which were not using the
991:991 defaults we had long ago (since a1c5a197a9).
2021-03-19 16:44:10 +02:00
Slavi Pantaleev a5ee39266c Go through start.py when launching Synapse
This allows us to benefit from helpful things it does for us,
like enabling jemalloc: https://github.com/matrix-org/synapse/pull/8553

We weren't going through `start.py` before, because it was causing some
conflict with our `docker run --user=...` stuff, but it doesn't seem
to be a problem anymore.

Having done this, we won't need to do things like
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/941
anymore.
2021-03-19 08:16:59 +02:00
Aaron Raimist 32b3650c12
Set X-Forwarded-Proto on federation requests 2021-03-17 18:51:10 -05:00
Béla Becker 2d7e7680e5 matrix.{{ matrix_domain }} -> {{ matrix_server_fqn_matrix }} 2021-03-17 12:36:45 +01:00
Aaron Raimist 466827139a
Also check if matrix_ssl_lets_encrypt_support_email is blank 2021-03-17 00:54:05 -05:00
Slavi Pantaleev 97c0bf1a73
Merge pull request #942 from pushytoxin/etherpad1_8_12
Upgrade Etherpad (1.8.7 -> 1.8.12)
2021-03-16 20:07:34 +02:00
Béla Becker 60aa40845f Upgrade Etherpad (1.8.7 -> 1.8.12) 2021-03-16 18:55:58 +01:00
Yannick Goossens 27416607d9 Another field with 'invalid input syntax for type smallint' 2021-03-16 16:38:59 +01:00
Michael 5a6bdb0c3d merge upstream 2021-03-16 21:52:26 +08:00
Michael 571b70a1f4 fix for running outside of AWX 2021-03-16 21:37:19 +08:00
Michael 5a1f3b7d67 GMH v0.3.0 2021-03-14 14:35:38 +08:00
Michael 33ec5710d9 0.2.1 revision 2021-02-28 22:21:40 +08:00
Michael 4c882c513b initial PR 2021-02-20 17:19:17 +08:00
Marcus Proest 2ca8211184 Merge remote-tracking branch 'upstream/master' 2021-02-19 19:02:48 +01:00
Marcus Proest b99372a3c5 initial commit of mautrix-instagram role 2021-02-19 17:20:26 +01:00
Slavi Pantaleev 108aed53be Fix invalid matrix-postgres.service when matrix_postgres_process_extra_arguments is empty
This only seems to be affecting some people badly enough to cause
matrix-postgres not to start. Certain systemd versions probably handle
it better or something.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/889
(hopefully)
2021-02-19 16:33:23 +02:00
Slavi Pantaleev 1dbdfeec07 Fix matrix-postgres stopping for consistency with other services
This probably got lost somehow in all the work that happened in
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
2021-02-19 15:53:30 +02:00
Slavi Pantaleev 9f91eaa54b Fix incorrect service name
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/887
2021-02-19 12:12:21 +02:00
Slavi Pantaleev 91c987ca7d
Merge pull request #872 from xangelix/add-mx-puppet-groupme-gh
Add mx-puppet-groupme support
2021-02-19 11:42:41 +02:00
Slavi Pantaleev d94d0e2ca5
Merge pull request #456 from eMPee584/synapse-workers
Synapse workers
2021-02-19 11:40:36 +02:00
Slavi Pantaleev 9dc87bb948 Add Synapse worker presets for easier configuration
Adding more presets in the future would be nice.
2021-02-19 11:38:47 +02:00
Slavi Pantaleev eaea215282 Allow Synapse workers to be used with an external nginx webserver
We're talking about a webserver running on the same machine, which
imports the configuration files generated by the `matrix-nginx-proxy`
in the `/matrix/nginx-proxy/conf.d` directory.

Users who run an nginx webserver on some other machine will need to do
something different.
2021-02-19 11:36:48 +02:00
Slavi Pantaleev 2f732e4234 Update Synapse worker endpoints 2021-02-19 11:36:14 +02:00
Slavi Pantaleev 217b4a8808 Release Synapse v1.27.0 to ARM32 via self-building
Related to: https://matrix.org/blog/2021/02/18/synapse-1-27-0-released#dropping-armv7-docker-images
2021-02-19 09:10:16 +02:00
Béla Becker 65eab14a64 Make sure Etherpad has a database to write to 2021-02-18 17:43:14 +01:00
Béla Becker 005f4d57f9 Remove mention of sqlite3 support for Etherpad
The official Etherpad Docker image has no support for sqlite3 databases.
2021-02-18 17:39:36 +01:00
Slavi Pantaleev 1789620901 Merge branch 'master' into synapse-workers 2021-02-18 18:24:43 +02:00
Slavi Pantaleev d6c4d41c2b Define instanceId property on workers
This give us the possibility to run multiple instances of
workers that that don't expose a port.

Right now, we don't support that, but in the future we could
run multiple `federation_sender` or `pusher` workers, without
them fighting over naming (previously, they'd all be named
something like `matrix-synapse-worker-pusher-0`, because
they'd all define `port` as `0`).
2021-02-18 18:19:51 +02:00
rakshazi 996f732f98
Update synapse-admin (0.6.1 -> 0.7.0) 2021-02-18 12:05:21 +00:00
Cody Neiman c4e1209452
Merge branch 'master' into add-mx-puppet-groupme-gh 2021-02-17 13:52:37 -05:00
Slavi Pantaleev d33483b8ce Document that Synapse pusher worker instances are shardable
Related to:
- https://github.com/matrix-org/synapse/pull/9407
- https://github.com/matrix-org/synapse/pull/7855
2021-02-16 17:45:41 +02:00
Slavi Pantaleev daae74b074 Merge branch 'master' into synapse-workers 2021-02-16 17:31:40 +02:00
Slavi Pantaleev 521160c12f Upgrade Synapse (v1.26.0 -> v1.27.0) 2021-02-16 17:30:48 +02:00
Slavi Pantaleev 865d71e35a
Upgrade Element (1.7.20 -> 1.7.21) 2021-02-16 13:44:28 +02:00
Marc Leuser fd3d48bb6d trust the reverse proxy by default 2021-02-15 10:50:45 +01:00
Marc Leuser 1434c371bd safer port binding of etherpad docker container
don't bind to any host port if nginx_proxy is used
only bind to localhost if it's not used
2021-02-15 10:46:23 +01:00
Slavi Pantaleev 61e427d690 Do not let people enable more than 1 federation_sender worker 2021-02-15 11:37:03 +02:00
Slavi Pantaleev 85a05f38e8 Allow Synapse worker list to be generated dynamically
This leads to much easier management and potential safety
features (validation). In the future, we could try to avoid port
conflicts as well, but it didn't seem worth the effort to do it now.
Our port ranges seem large enough.

This can also pave the way for a "presets" feature
(similar to `matrix_nginx_proxy_ssl_presets`) which makes it even easier
for people to configure worker counts.
2021-02-15 11:25:35 +02:00
Slavi Pantaleev 43059bb040 Fix metrics listeners for Synapse workers
`::` leads to errors like:

> socket.gaierror: [Errno -9] Address family for hostname not supported
2021-02-15 11:19:07 +02:00
Slavi Pantaleev 453a4ec2d8 Relocate tasks related to Synapse workers 2021-02-15 11:18:47 +02:00
Cody Neiman e510481e84
Merge branch 'master' into add-mx-puppet-groupme-gh 2021-02-14 13:41:16 -05:00
Slavi Pantaleev 5cfeae806b Merge branch 'master' into synapse-workers 2021-02-14 13:00:57 +02:00
Slavi Pantaleev 894679750e
Merge pull request #862 from s-thom/nginx-additional
Add additional domains for Let's Encrypt certificates to be obtained
2021-02-14 11:05:25 +02:00
Slavi Pantaleev a8e9f35708 Touch up documentation a bit 2021-02-14 11:05:05 +02:00
Slavi Pantaleev 7d39e5153a Upgrade Postgres minor versions 2021-02-14 09:12:29 +02:00
Cody Neiman dc5e7eed3f
Fix mx-puppet-groupme port typo 2021-02-13 11:20:35 -05:00
Cody Neiman 2b3c143487
Update mx-puppet-groupme docker image 2021-02-13 11:10:53 -05:00
Cody Neiman 5a70a56ff0
Initial implementation 2021-02-12 23:13:30 -05:00
Slavi Pantaleev 8434af10de Do not fail on unrelated validation tasks when Grafana not enabled 2021-02-12 15:45:19 +02:00
Slavi Pantaleev 66d5b0e5b9 Do not fail on unrelated validation tasks when Prometheus not enabled
These validation tasks should only run when Prometheus is enabled.
2021-02-12 15:41:15 +02:00
Slavi Pantaleev 2ac2b02cb4
Merge pull request #838 from Peetz0r/stats
Prometheus and Grafana on stats.<domain>
2021-02-12 14:03:17 +02:00
Slavi Pantaleev c8ab200cb1 Break dependency between matrix-prometheus and (matrix-prometheus-node-exporter, matrix-synapse) 2021-02-12 11:59:24 +02:00
Slavi Pantaleev 6842102e00 Split install/uninstall tasks in matrix-prometheus 2021-02-12 11:59:24 +02:00
Slavi Pantaleev 18e31526a8 Rename some variables 2021-02-12 11:59:24 +02:00
Slavi Pantaleev 85a260daaf Make --tags=setup-prometheus not break, relying on matrix-base facts 2021-02-12 11:59:24 +02:00
Slavi Pantaleev df3dd1c824 Use --read-only FS for metrics-related containers
It seems like it doesn't cause any issues for any of these services.
2021-02-12 11:59:24 +02:00
Slavi Pantaleev 3ce9712388 Fix Grafana dashboard/datasource label 2021-02-12 11:59:24 +02:00
Slavi Pantaleev f0cd294628 Fix matrix-prometheus-node-exporter failure to start
The quotes around "host" for both `--pid` and `--net` were
causing trouble for me:

> docker: --pid: invalid PID mode.

and:

> docker: Error response from daemon: network "host" not found.

I've also changed the `-v` call to `--mount` for consistency with the
rest of the playbook.
2021-02-12 11:59:24 +02:00
efraimbart b7e68cb779
Fix wrong docker image being pulled
Changed `matrix_mautrix_signal_docker_image_force_pull` to `matrix_mautrix_signal_daemon_docker_image_force_pull` when force pulling the daemon
2021-02-11 22:56:37 -05:00
Peetz0r fde222a041 Update Prometheus Node Exporter 1.0.1 => 1.1.0 2021-02-10 23:11:17 +01:00
Peetz0r 3a77261dc6 Update Grafana 7.3.7 => 7.4.0 2021-02-10 23:11:02 +01:00
Peetz0r 144a5e6198 Register docker network info and use it for prometheus-node-exporter
Using the hardcoded IP did break while I was
messing with IPv6 stuff on the other branch
2021-02-10 22:54:42 +01:00
Peetz0r 76d7e84be5 Make prometheus-node-exporter a bit more capable
By running it in a more privileged container with access to the host network stack and such
2021-02-10 22:54:14 +01:00
Peetz0r 989100b1c1 Grafana nginx proxy config 2021-02-10 22:54:14 +01:00
Peetz0r eb5aa93e8a Grafana
Also includes the dashboards for Synapse and for Node Exporter.

Again has only been tested on debian amd64 so far, but the grafana docker image is available for arm64 and arm32. Nice.
2021-02-10 22:54:14 +01:00
Peetz0r e525970b39 Prometheus Node Exporter
Basic system stats, to show stuff the synapse metrics
can't show such as resource usage by bridges, etc

Seems to work fine as well.

This too has only been tested on debian amd64 so far
2021-02-10 22:54:14 +01:00
Peetz0r 13ef9e85cf Prometheus
Initial attempt. Seems to work fine.

Only tested on debian amd64 so far
2021-02-10 22:54:14 +01:00
Slavi Pantaleev 7e8e95a09a Make S3-mounting path configurable
This will make data migration easier.
2021-02-09 22:05:07 +02:00
Yan 385b6c623e Fixes: a66a604e ("Selfbuild appservice-slack bridge") 2021-02-09 00:02:48 +01:00
Stuart Thomson 064b2e533c Add variable for extra domains to get LE certs for
I felt that adding another variable was probably going to be the easiest way to do this. I may end up adding another variable to enable this feature, for consistency with some of the other things.
2021-02-06 20:02:39 +13:00
Paul Tötterman 9ad67d7cdf
Upgrade Element (1.7.19 -> 1.7.20)
https://github.com/vector-im/element-web/releases/tag/v1.7.20
https://hub.docker.com/layers/vectorim/element-web/v1.7.20/images/sha256-44cae3a532d86c16940deb70866b522ba6acc8c5d7adf3c661cfc8b06f1de681?context=explore
2021-02-04 16:26:56 +02:00
Aaron Raimist 5cb976c321
Upgrade Element (1.7.18 -> 1.7.19) 2021-02-03 10:07:43 -06:00
Julian Foad d1f28d17bb Allow psql args to be given to matrix-postgres-cli
This passes any arguments given to 'matrix-postgres-cli' to the 'psql' command.

Examples:
  $ # start an interactive shell connected to a given db
  $ sudo matrix-postgres-cli -d synapse
  $ # run a query, non-interactively
  $ sudo matrix-postgres-cli -d synapse -c 'SELECT group_id FROM groups;'
2021-02-03 12:59:21 +00:00
Slavi Pantaleev c4a05b760a Make mautrix bridges not overwrite their config
If they do, our next playbook runs would simply revert it
and report "changed" for that task.

There's no benefit to letting the bridge spew a new config file.

This does not apply to the mautrix whatsapp bridge, because that one
is written in Go (not Python) and takes different flags. There's no
equivalent flag there.
2021-02-03 13:23:18 +02:00
Slavi Pantaleev 889b299bc2
Merge pull request #804 from pushytoxin/matrix-etherpad
Self-hosted Etherpad
2021-01-31 09:55:46 +02:00
Slavi Pantaleev 7804060eee Use Etherpad 1.8.7, not :latest 2021-01-31 09:47:47 +02:00
Slavi Pantaleev 98f9619279
Merge pull request #843 from thomwiggers/update-irc
Update IRC bridge to 0.23.0
2021-01-31 09:26:56 +02:00
o8F0LY 0a0c9a4efc Add double quotes to avoid synatx errors 2021-01-30 22:54:51 +01:00
Thom Wiggers 8de739132a
Update IRC bridge to 0.23.0 2021-01-30 12:47:56 +01:00
Peetz0r e0e459ac0c Fixed missing quotes 2021-01-30 11:58:24 +01:00
Slavi Pantaleev efbffa26bf
Fix typo 2021-01-30 11:37:08 +02:00
Peetz0r 473936065d Use Debian Buster Docker repo on Debian Bullseye
Future maintainer: check on https://docs.docker.com/engine/install/debian/ if Docker for
Debian 11 is released, then undo this commit
2021-01-30 09:02:41 +01:00
Béla Becker 2edc9cb83c Name the Synapse database on state compression import
Fixes:
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/833
2021-01-28 17:54:02 +01:00
Béla Becker b7261dc098 Etherpad role: Etherpad needs Dimension
The default scalar.vector.im integrations manager doesn't support custom
URL's for etherpad, therefore Dimension needs to be enabled.
2021-01-28 15:11:22 +01:00
Slavi Pantaleev 3ea90ca436 Upgrade Element (1.7.17 -> 1.7.18) 2021-01-28 09:23:23 +02:00
Slavi Pantaleev e7f3f7c431 Enable /devices endpoint for generic workers 2021-01-27 22:18:47 +02:00
Slavi Pantaleev 26b287bd17 Upgrade certbot (1.10.1 -> 1.11.0) 2021-01-27 21:51:46 +02:00
Slavi Pantaleev 1cd2a218de Merge branch 'master' into synapse-workers 2021-01-27 21:41:54 +02:00
Slavi Pantaleev c6feb0b99e Upgrade Synapse (v1.25.0 -> v1.26.0) 2021-01-27 21:41:47 +02:00
Slavi Pantaleev 39c2d72d17 Merge branch 'master' into synapse-workers 2021-01-27 17:12:16 +02:00
Slavi Pantaleev 008049f2a9 Fix mautrix-telegram registration file mistake
Regression since f6097fbba1
2021-01-27 17:11:46 +02:00
Slavi Pantaleev a49dab76f8 Merge branch 'master' into synapse-workers 2021-01-27 15:49:16 +02:00
Slavi Pantaleev e3290d8bcb Remove |to_json causing trouble
Fixes a regression introduced in f6097fbba1, which was cauing Synapse
to die with this error message:

> ValueError: sender_localpart needs characters which are not URL encoded.
2021-01-27 15:48:35 +02:00
Slavi Pantaleev a31c9603fa Merge branch 'master' into synapse-workers 2021-01-27 15:43:56 +02:00
Slavi Pantaleev f6097fbba1 E2BE not working for mautrix bridges
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/806
2021-01-27 15:43:33 +02:00
Slavi Pantaleev 07f1ea24ee Make it possible to override the welcome.html.j2 template used for Element 2021-01-27 12:36:57 +02:00
Slavi Pantaleev d98a1ceadd Merge branch 'master' into synapse-workers 2021-01-27 10:27:17 +02:00
Slavi Pantaleev 512f42aa76 Do not report docker kill/rm attempts as errors
These are just defensive cleanup tasks that we run.
In the good case, there's nothing to kill or remove, so they trigger an
error like this:

> Error response from daemon: Cannot kill container: something: No such container: something

and:

> Error: No such container: something

People often ask us if this is a problem, so instead of always having to
answer with "no, this is to be expected", we'd rather eliminate it now
and make logs cleaner.

In the event that:
- a container is really stuck and needs cleanup using kill/rm
- and cleanup fails, and we fail to report it because of error
suppression (`2>/dev/null`)

.. we'd still get an error when launching ("container name already in use .."),
so it shouldn't be too hard to investigate.
2021-01-27 10:22:46 +02:00
Slavi Pantaleev 869727a402 Add comment to mautrix-facebook bridge regarding alembic migrations 2021-01-27 10:17:48 +02:00
Slavi Pantaleev a9af36841d Merge branch 'master' into synapse-workers 2021-01-27 09:34:29 +02:00
Slavi Pantaleev 346f8b3475
Fix typo 2021-01-26 10:13:08 +02:00
Slavi Pantaleev 26542308b3 Use |to_json in more places in matrix-appservice-discord config
I don't think this was causing an issue, but it might
if the bot token has a more special value in the future.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/828
2021-01-26 10:00:07 +02:00
Béla Becker 42f338016b Etherpad matrix-nginx-proxy configuration 2021-01-26 05:04:47 +01:00
Béla Becker 7bc9be95cb Add map directive to the base of nginx.conf
This needs to be added for WebSocket upgrades to work properly (see doc:
http://nginx.org/en/docs/http/websocket.html)
2021-01-26 05:04:47 +01:00
Béla Becker 38bf1eda70 Etherpad Jitsi integration 2021-01-26 05:04:47 +01:00
Béla Becker 4b451ff782 Etherpad role 2021-01-26 05:04:47 +01:00
Slavi Pantaleev a535226210 Stop/disable unnecessary worker services before deleting them 2021-01-25 15:20:37 +02:00
Slavi Pantaleev dd24942c03
Use |to_json for mautrix-telegram config
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/824
2021-01-25 15:15:27 +02:00
Slavi Pantaleev 778b66876c Merge branch 'master' into synapse-workers 2021-01-25 14:56:55 +02:00
Slavi Pantaleev 70dcdd41a7 Simplify matrix-remove-all
We don't have instantiated services anymore, nor
/etc/systemd/system/matrix-synapse.service.wants/ stuff.
2021-01-25 14:02:30 +02:00
Slavi Pantaleev d3ecc6f017 Fix bridges failing to upload media when Synapse workers are enabled 2021-01-25 13:55:08 +02:00
Slavi Pantaleev 66cdc7bf5a Clean up worker.yaml generation a bit and make it more flexible 2021-01-25 13:02:01 +02:00
Slavi Pantaleev 1462409b34 Fix worker listening addresses
Not specifying bind addresses for the worker resulted in this warning:

> synapse.app - 47 - WARNING - None - Failed to listen on 0.0.0.0, continuing because listening on [::]

Additionally, metrics listening only on 127.0.0.1 seems like a no-op.
Only having it accessible from within the container is likely not what
we intend. Changed that to all interfaces as well.

Whether it actually gets exposed or not depends on the systemd service
and `matrix_synapse_workers_container_host_bind_address`.
2021-01-25 12:29:47 +02:00
Slavi Pantaleev 01747c8cc4 Prevent Synapse warning about enabling metric listeners with enable_metrics: false
> synapse.app.generic_worker - 606 - WARNING - None - Metrics listener configured, but enable_metrics is not True!
2021-01-25 12:24:12 +02:00
Slavi Pantaleev 70796703d3 Run Synapse workers in their own containers
This switches the `docker exec` method of spawning
Synapse workers inside the `matrix-synapse` container with
dedicated containers for each worker.

We also have dedicated systemd services for each worker,
so this are now:
- more consistent with everything else (we don't use systemd
instantiated services anywhere)
- we don't need the "parse systemd instance name into worker name +
port" part
- we don't need to keep track of PIDs manually
- we don't need jq (less depenendencies)
- workers dying would be restarted by systemd correctly, like any other
service
- `docker ps` shows each worker separately and we can observe resource
usage
2021-01-25 12:14:46 +02:00
Slavi Pantaleev 6fc214480c
Fix Signal role using incorrect database string variable
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/823
2021-01-25 10:42:23 +02:00
Slavi Pantaleev da50fb27a0 Whitelist /_matrix/key requests for going to generic workers on the federation port 2021-01-25 09:46:50 +02:00
Slavi Pantaleev 4d62a75f6f Get matrix-corporal to play nicely with a Synapse worker setup
We do this by creating one more layer of indirection.

First we reach some generic vhost handling matrix.DOMAIN.
A bunch of override rules are added there (capturing traffic to send to
ma1sd, etc). nginx-status and similar generic things also live there.

We then proxy to the homeserver on some other vhost (only Synapse being
available right now, but repointing this to Dendrite or other will be
possible in the future).
Then that homeserver-specific vhost does its thing to proxy to the
homeserver. It may or may not use workers, etc.

Without matrix-corporal, the flow is now:
1. matrix.DOMAIN (matrix-nginx-proxy/matrix-domain.conf)
2. matrix-nginx-proxy/matrix-synapse.conf
3. matrix-synapse

With matrix-corporal enabled, it becomes:
1. matrix.DOMAIN (matrix-nginx-proxy/matrix-domain.conf)
2. matrix-corporal
3. matrix-nginx-proxy/matrix-synapse.conf
4. matrix-synapse

(matrix-corporal gets injected at step 2).
2021-01-25 09:46:41 +02:00
Slavi Pantaleev c05d3d09bd Disable systemd services while stopping them
This removes some `multi-target.wants` symlinks as well, etc.

But despite systemd saying:

> Removed symlink /etc/systemd/system/matrix-synapse.service.wants/matrix-synapse-worker@appservice:0.service

.. I still see such symlinks tehre for me for some reason, so keeping the
code (below) to find & delete them still seems like a good idea.
2021-01-25 08:58:23 +02:00
Slavi Pantaleev 63301b0ef1 Improvements around Synapse worker/metrics ports exposure
There was a `matrix_nginx_proxy_enabled|default(False)` check, but:
- it didn't seem to work reliably for some reason (hmm)
- referring to a `matrix_nginx_proxy_*` variable from within the
  `matrix-synapse` role is not ideal
- exposing always happened on `127.0.0.1`, which may not be good enough
  for some rarer setups (where the own webserver is external to the host)
2021-01-25 08:25:43 +02:00
Slavi Pantaleev f66a6b066b Be more specific with the Redis version being used 2021-01-25 01:34:58 +02:00
Slavi Pantaleev 5ca68210cd Do not handle /_matrix/federation on client-server port, nor /_matrix/client stuff on federation port
I guess it didn't hurt to do it until now, but it's not great serving
federation APIs on the client-server API port, etc.

matrix-corporal doesn't work yet (still something to be solved in the
future), but its firewalling operations will also be sabotaged
by Client-Server APIs being served on the federation port (it's a way to get around its firewalling).
2021-01-24 22:22:57 +02:00
Slavi Pantaleev cc5cf0d725 Load roles/matrix-synapse/vars/workers.yml earlier to not break --tags=setup-nginx-proxy
If we load it at runtime, during matrix-synapse role execution,
it's good enough for matrix-synapse and all roles after that,
but.. it breaks when someone uses `--tags=setup-nginx-proxy` alone.

The downside of including this vars file like this in `setup.yml`
is that the variables contained in it cannot be overriden by the user
(in their inventory's `vars.yml`).
... but it's not like overriding these variables was possible anyway
when including them at runtime.
2021-01-24 20:19:55 +02:00
Slavi Pantaleev 92ee3d78a0 Fix matrix-remove-all for when Synapse workers are enabled 2021-01-24 19:42:32 +02:00
Slavi Pantaleev 8fa913dca7 Fix Ansible warning 2021-01-24 19:11:35 +02:00
Marcel Partap edc21f15e5 Restrict publishing worker (metrics) ports to localhost 2021-01-24 08:53:09 +01:00
Marcel Partap 183adec3d8 Merge remote-tracking branch 'origin/master' into synapse-workers 2021-01-23 15:04:11 +01:00
Marcel Partap c8f051a42d Track workers endpoint list in repo instead of regenerating on user side 2021-01-23 14:44:36 +01:00
Marcel Partap f2c7d79238 Drop probably incorrect comment from synapse homeserver.yaml.j2 2021-01-23 14:44:36 +01:00
Slavi Pantaleev a56cb34850 Notify people if /matrix/postgres/data-auto-upgrade-backup exists 2021-01-23 14:14:45 +02:00
Slavi Pantaleev a2422c458a Notify of remaining matrix-postgres local data in a better way 2021-01-23 14:04:51 +02:00
Slavi Pantaleev 1cd251ed78 Don't delete Docker images which may have been pulled by another
Some people run Coturn or Jitsi, etc., by themselves and disable it
in the playbook.

Because the playbook is trying to be nice and clean up after itself,
it was deleting these Docker images.

However, people wish to pull and use them separately and would rather
they don't get deleted.

We could make this configurable for the sake of this special case, but
it's simpler to just avoid deleting these images.
It's not like this "cleaning things up" thing works anyway.
As time goes on, the playbook gets updated with newer image tags
and we leave so many images behind. If one doesn't run
`docker system prune -a` manually once in a while, they'd get swamped
with images anyway. Whether we leave a few images behind due to the lack
of this cleanup now is pretty much irrelevant.
2021-01-23 14:01:31 +02:00
Slavi Pantaleev f085362149 Fix some Postgres CLI scripts to target the correct database
Fixes a regression introduced in 95346f3117.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/814

Using `matrix_synapse_` variables in the `matrix-postgres` role is not
ideal, but.. this script belongs neither here, nor there.
We'll have it be like that for now.
2021-01-23 11:38:34 +02:00
Slavi Pantaleev 3051655d21
Ensure matrix_appservice_irc_docker_src_files_path created when self-building
The git module will create it anyway, but that would likely use `root:root`.
2021-01-22 22:42:40 +02:00
Panagiotis Georgiadis f10e3fef0d
Merge branch 'master' into irc 2021-01-22 20:30:24 +00:00
Panagiotis Georgiadis e502ee33da
Selfbuild appservice-irc bridge 2021-01-22 21:28:53 +01:00
Slavi Pantaleev f9968b6981 Fix matrix_postgres_connection_password length check 2021-01-22 21:22:58 +02:00
Slavi Pantaleev 2997a7fc3e Make mx-puppet-* bridges not log to files
We log everything in systemd/journald for every service already,
so there's no need for double-logging, bridges rotating log files
manually and other such nonsense.
2021-01-22 19:22:26 +02:00
Slavi Pantaleev f3dd346724 Try to tighten Signal bridge security 2021-01-22 18:56:08 +02:00
Slavi Pantaleev 8ec975e3c8 Use matrix:matrix for Signal bridge (not root) 2021-01-22 18:52:20 +02:00
Slavi Pantaleev 37909aa7a9 Create signald/{avatars,attachments,data} and rename config dir 2021-01-22 18:40:51 +02:00
Slavi Pantaleev 88addd71fc Fix Postgres imports going to the matrix DB by default
Well, they still do go to that DB by default,
but our docs give a better command to users, which would do the right
thing.
2021-01-22 17:39:08 +02:00
Slavi Pantaleev bef0702fea Wait some more when starting Postgres during setup on ARM 2021-01-22 16:21:30 +02:00
Slavi Pantaleev f9c1d62435 Fix Postgres database (-alpine) failing to start on ARM32 2021-01-22 13:52:55 +02:00
Slavi Pantaleev 95346f3117 Reorganize Postgres access (breaking change)
In short, this makes Synapse a 2nd class citizen,
preparing for a future where it's just one-of-many homeserver software
options.

We also no longer have a default Postgres superuser password,
which improves security.

The changelog explains more as to why this was done
and how to proceed from here.
2021-01-22 13:26:12 +02:00
throwawayay a30ef0cc29
Update element-web (1.7.16 -> 1.7.17) 2021-01-20 08:35:07 -05:00
Slavi Pantaleev 024a23ed17 Upgrade mautrix-facebook to the new Postgres-only version
I had intentionally held it back in 39ea3496a4
until:
- it received more testing (there were a few bugs during the
migration, but now it seems OK)
- this migration guide was written
2021-01-20 10:12:51 +02:00
pushytoxin d51ea25219 When validating LE certs, do not wait for a random time
While administering we will occasionally invoke this script interactively with the "non-interactive" switch still there, yet still sit at the desk waiting for 300 seconds for this timer to run out.

The systemd-timer already uses a 3h randomized delay for automatic renewals, which serves this purpose well.
2021-01-19 18:41:45 +01:00
Slavi Pantaleev 39ea3496a4 Downgrade/lock mautrix-facebook to pre-mobile times
The `mobile` branch got merged to `master`, which ends up becoming
`:latest`. It's a "rewrite" of the bridge's backend and only
supports a Postgres database.

We'd like to go back (well, forward) to `:latest`, but that will take
a little longer, because:
- we need to handle and document things for people still on SQLite
(especially those with external Postgres, who are likely on SQLite for
bridges)
- I'd rather test the new builds (and migration) a bit before
releasing it to others and possibly breaking their bridge

Brave ones who are already using the bridge with Postgres
can jump on `:latest` and report their experience.
2021-01-19 18:44:15 +02:00
Slavi Pantaleev c9d96d8135 Fix mautrix-telegram paths creation bug 2021-01-19 09:15:34 +02:00
Slavi Pantaleev 56c54d5cc7 Upgrade matrix-corporal (2.0.1 -> 2.1.0) 2021-01-18 18:23:17 +02:00
Slavi Pantaleev c1008fde44 Upgrade matrix-coturn (4.5.1.3 -> 4.5.2) 2021-01-18 00:41:47 +02:00
Slavi Pantaleev cf06f84608 Upgrade matrix-corporal (2.0.0 -> 2.0.1) 2021-01-17 22:05:26 +02:00
Slavi Pantaleev d95cbe38d7 Rename configuration setting 2021-01-17 18:29:26 +02:00
Slavi Pantaleev 28d86e3aaa Initial work on support for matrix-corporal v2 2021-01-16 23:47:14 +02:00
Slavi Pantaleev 8549926395 Attempt to fix mautrix-whatsapp DB migration user table conflict
Discussed in https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/791
2021-01-15 17:13:47 +02:00
Slavi Pantaleev 1692a28fe4 Work around annoying Docker warning about undefined $HOME
> WARNING: Error loading config file: .dockercfg: $HOME is not defined

.. which appeared in Docker 20.10.
2021-01-15 00:23:01 +02:00
Slavi Pantaleev 26f0bbfdef Fix self-building for matrix-ma1sd on non-version tag/branch
Building `master` or something like this was failing.
2021-01-14 23:57:38 +02:00
Slavi Pantaleev 9e936e45ad Use BuildKit for ma1sd Docker building
Newer versions (`master`) use things like `--platform=...`,
which are not supported unless we enable the new BuildKit building
backend.
2021-01-14 23:48:30 +02:00
Slavi Pantaleev e1690722f7 Replace cronjobs with systemd timers
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/756

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/737

I feel like timers are somewhat more complicated and dirty (compared to
cronjobs), but they come with these benefits:

- log output goes to journald
- on newer systemd distros, you can see when the timer fired, when it
will fire, etc.
- we don't need to rely on cron (reducing our dependencies to just
systemd + Docker)

Cronjobs work well, but it's one more dependency that needs to be
installed. We were even asking people to install it manually
(in `docs/prerequisites.md`), which could have gone unnoticed.

Once in a while someone says "my SSL certificates didn't renew"
and it's likely because they forgot to install a cron daemon.

Switching to systemd timers means that installation is simpler
and more unified.
2021-01-14 23:35:50 +02:00
Slavi Pantaleev 05ca9357a8 Add .service suffix to systemd units list
We'll be adding `.timer` units later on, so it's good to be
more explicit.
2021-01-14 23:02:10 +02:00
Slavi Pantaleev 653d1d7924 Revert "Don't self-build ma1sd every time unless git sources changed"
This reverts commit 2a25b63bb6.

Looking at other roles, we trigger building regardless of this.
It's better to always trigger it, because it's less fragile.
If the build fails and we only trigger it on "git changes"
then we won't trigger it for a while. That's not good.

Triggering it each and every time may seem like a waste,
but it supposedly runs quickly due to Docker caching.
2021-01-14 22:20:51 +02:00
Slavi Pantaleev 6f5aaad48d Split install/uninstall tasks in matrix-coturn 2021-01-14 22:11:38 +02:00
Slavi Pantaleev 57ea43d8b0 Remove unused variable
This variable has been useless since 2019-01-08.
We probably don't need to check for its usage anymore,
given how much time has passed since then, but ..
2021-01-14 17:47:13 +02:00
Slavi Pantaleev 7a90eb6d4f Relocate some validation tasks 2021-01-14 17:00:46 +02:00
Slavi Pantaleev 67dc5237c5
Merge pull request #794 from drpaneas/appservice_slack_rebuild
Selfbuild appservice-slack bridge
2021-01-14 10:47:31 +02:00
Slavi Pantaleev 862a6276a0
Do not pull appservice-slack when self-building 2021-01-14 10:47:23 +02:00
Slavi Pantaleev b15da29ebb Bump Synapse to v1.25.0 for ARM 2021-01-14 10:41:47 +02:00
Panagiotis Georgiadis a66a604e53
Selfbuild appservice-slack bridge 2021-01-14 01:29:11 +01:00
Slavi Pantaleev 2a25b63bb6 Don't self-build ma1sd every time unless git sources changed 2021-01-13 20:14:47 +02:00
Slavi Pantaleev a5a44a9d3f
Merge pull request #786 from drpaneas/rebuild_telegram
Local rebuild for Telegram
2021-01-13 18:01:15 +02:00
Slavi Pantaleev 52fa7e576b
Fix path typo 2021-01-13 18:00:32 +02:00
Slavi Pantaleev 5fa30cdfcb
Ensure matrix_mautrix_facebook_docker_src_files_path created
Before we potentially clone to that path, we'd better make sure it exists.

We also simplify `when` statements a bit.
Given that we're in `setup_install.yml`, we know that the bridge is enabled,
so there's no need to check for that.
2021-01-13 17:59:46 +02:00
Slavi Pantaleev 568cb3d86f Upgrade matrix-mailer (4.93-r0 -> 4.93-r1)
This is a bit misleading, because the old Docker image
was tagged as `4.93.1`. There hasn't been a `4.93.1` version yet though.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/792
2021-01-13 17:37:31 +02:00
Slavi Pantaleev 24100342e1 Tell people that federation_ip_range_blacklist is gone
Related to d5945c6e78
2021-01-13 13:47:51 +02:00
Slavi Pantaleev d5945c6e78 Upgrade Synapse (v1.24.0 -> v1.25.0) for amd64 2021-01-13 13:02:49 +02:00
Panagiotis Georgiadis 999fd2596f
Local rebuild for Telegram 2021-01-12 19:29:50 +01:00
Slavi Pantaleev 0b260a133f Add matrix-aux role to help with managing auxiliary files/directories 2021-01-11 22:32:52 +02:00
Will 5b0761bf40
Create list_tokens.yml 2021-01-09 08:52:02 -08:00
Will 1468010194
Update main.yml 2021-01-09 08:50:34 -08:00
Marcel Partap cd8100544b Merge remote-tracking branch 'origin/master' into synapse-workers
Sync with upstream
2021-01-08 20:58:50 +01:00
Slavi Pantaleev f7ae050eaf Remove useless quotes around ssl_ciphers value
Not sure if it breaks with them or not, but no other directive
uses quotes and the nginx docs show examples without quotes,
so we're being consistent with all of that.
2021-01-08 21:22:44 +02:00
Slavi Pantaleev 5822ba0c01 Use a more natural if statement 2021-01-08 21:21:33 +02:00
Slavi Pantaleev de6ecd8818
Update inaccurate comments 2021-01-08 21:15:14 +02:00
Agustin Ferrario 5156c63a76 Clean up code
Code was clean up and simplified to make it simpler and easier to
maintain. No features were modified.
2021-01-08 18:35:27 +01:00
Agustin Ferrario 25d423e6b6 Fix errors per spantaleev suggestions
The different configurations are now all lower case, for consistent
naming.

`matrix_nginx_proxy_ssl_config` is now called
`matrix_nginx_proxy_ssl_preset`. The different options for "modern",
"intermediate" and "old" are stored in the main.yml file, instead of
being hardcoded in the configuration files. This will improve the
maintainability of the code.

The "custom" preset was removed. Now if one of the variables is set, it
will use it instead of the preset. This will allow to mix and match more
easily, for example using all the intermediate options but only
supporting TLSv1.2. This will also provide better backward
compatibility.
2021-01-08 11:32:10 +01:00
Agustin Ferrario 3cb71e7e84 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2021-01-03 13:18:21 +01:00
Slavi Pantaleev 6cce5383bc Fix Ansible 2.9.6 check
Fixup for https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/769
2021-01-03 08:55:30 +02:00
Slavi Pantaleev 2c09111a3a Actually enforce that we run on Ansible >= 2.7.1
Related to 6e652e10ad
2021-01-03 08:54:17 +02:00
Slavi Pantaleev 8710883064
Merge pull request #743 from pushytoxin/docker_network
Drop the old workaround for an Ansible bug that has been fixed three years ago
2021-01-03 08:49:09 +02:00
Slavi Pantaleev cd2d2f594a
Merge pull request #686 from laszabine/signal
Added a role for the bridge mautrix-signal
2021-01-03 08:25:01 +02:00
Slavi Pantaleev 3b524ee815 Make mautrix-signal bridge not log to files
We try to only use console logging (going to journald) for everything,
instead of logging things twice (or more).
2021-01-03 08:20:43 +02:00
Slavi Pantaleev 274f23f668 Make matrix-mautrix-signal-daemon.service depend on docker.service 2021-01-03 08:16:49 +02:00
Slavi Pantaleev da2a6682b3 Get rid of matrix_mautrix_signal_configuration_permissions
While it's kind of nice having it, it's also somewhat raw
and unnecessary.

Having a good default and not even mentioning it seems better
for most users.

People who need a more exposed bridge (rare) can use
override the default configuration using
`matrix_mautrix_signal_configuration_extension_yaml`.
2021-01-03 08:06:32 +02:00
Slavi Pantaleev df8d9cfd34 Remove some TODOs
The answer to these is: it's good to have them in both places.
The role defines the obvious things it depends on (not knowing
what setup it will find itself into), and then
`group_vars/matrix_servers` "extends" it based on everything else it
knows (the homeserver being Synapse, whether or not the internal
Postgres server is being used, etc.)
2021-01-03 07:46:55 +02:00
Slavi Pantaleev 4805637181 Add support for custom ma1sd view sesion templates 2021-01-03 07:36:09 +02:00
Slavi Pantaleev f84c69c164 Relocate custom ma1sd threepid email templates to config/
We used to store them in data/, but that seems inappropriate,
since it's just static configuration that the playbook can recreate.
2021-01-03 07:35:13 +02:00
Slavi Pantaleev b5812b539b Rename ma1sd custom email template variable
Keeps up with a1f64f5159 (diff-0ccf69eb4d59a7645eb4d0a0b077e693948edb33ad06df043bba3fb30122879b)
2021-01-03 00:58:31 +02:00
Slavi Pantaleev fb83eccf99 Relocate SQL template file 2021-01-03 00:58:31 +02:00
Sabine Laszakovits 84cac25c11 added config data_dir (else in ~, which isn't set) 2021-01-02 19:01:21 +01:00
Sabine Laszakovits 56af2b1a8c small fixes 2021-01-02 00:56:45 +01:00
Sabine Laszakovits 89f7f3c3b8 added log level configuration 2021-01-02 00:55:55 +01:00
Sabine Laszakovits ffb837d4bc made the bridge use the default postgres db 2021-01-02 00:39:11 +01:00
Sabine Laszakovits a06c58c753 Merge branch 'master' into signal 2021-01-01 21:05:00 +01:00
Slavi Pantaleev 1ed991e25c
Merge pull request #769 from aaronraimist/check-for-buggy-ansible
Check for buggy version of Ansible that Ubuntu 20.04 provides
2020-12-29 11:19:37 +02:00
Slavi Pantaleev 86da489b9b Never fail when stopping systemd service during (SQLite -> Postgres) migration
We need to suppress systemd service-stopping requests in certain rare
cases like https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/771

That issue seems to describe a case, where a migration from mxisd to
ma1sd was happening (DB files had just been moved), and then we were
attemping to stop `matrix-ma1sd.service` so we could import that database into
Postgres. However, there's neither `matrix-mxisd.service`, nor
`matrix-ma1sd.service` after `migrate_mxisd.yml` had just run, so
stopping `matrix-ma1sd.service` was failing.
2020-12-29 10:31:20 +02:00
Aaron Raimist 8827a49e21
Check equality properly 2020-12-26 20:20:00 -06:00
Aaron Raimist 3dd0517f04
Check for buggy version of Ansible that Ubuntu 20.04 provides 2020-12-26 20:13:49 -06:00
Slavi Pantaleev a2a4218e95 Make mautrix-python-based bridges E2EE happier
Fixes a problem like this:
> File "/usr/lib/python3.8/site-packages/mautrix/bridge/e2ee.py", line 79, in __init__
> raise RuntimeError("Unsupported database scheme")

mautrix-python's e2ee.py module expects to find `postgres://` instead of
`postgresql://`.
2020-12-23 15:39:12 +02:00
Slavi Pantaleev 80c72615c7 Fixup all Dimension boolean fields after pgloader import
This is 8b6174786b done right. There were many more fields
that we had to account for.
2020-12-23 14:12:11 +02:00
Slavi Pantaleev 21662af3be Archive database only after additional_psql_statements_list had executed 2020-12-23 14:12:11 +02:00
Stuart Mumford 019a4d7dcd Use role relative paths for things 2020-12-23 11:34:48 +00:00
Slavi Pantaleev be0c599565 Feed more slashes to mautrix bridges when using SQLite
This makes the `sqlite://` URI match what we were using before
and what the config expects.
2020-12-23 13:33:25 +02:00
Slavi Pantaleev 8b6174786b Fixup Dimension database schema a bit after pgloader import 2020-12-23 12:57:43 +02:00
Slavi Pantaleev c5f8b1f61b Fix mautrix-whatsapp Postgres connection string to not use SSL by default 2020-12-23 11:40:22 +02:00
Slavi Pantaleev f19b29846d
Merge pull request #740 from jdreichmann/postgres-per-default
postgres: create databases for all services
2020-12-23 11:00:41 +02:00
Slavi Pantaleev ad1425eee4 Add pgloader self-building support (for ARM) 2020-12-23 09:08:54 +02:00
Slavi Pantaleev 8675dedbdb Add support for automatic (nedb -> Postgres) migration to matrix-appservice-slack 2020-12-22 19:56:52 +02:00
Slavi Pantaleev 9b95e1937c Auto-restart matrix-appservice-irc after (nedb -> Postgres) migration 2020-12-22 19:34:08 +02:00
Slavi Pantaleev 715bdf2c64 Add support for automatic (nedb -> Postgres) migration to mx-appservice-irc 2020-12-22 19:32:43 +02:00
Slavi Pantaleev 15f4cc924d Rename variables (_database_db_name -> _database_name) 2020-12-22 17:10:02 +02:00
Slavi Pantaleev ab6563ce4e Add support for automatic (Postgres -> SQLite) migration to mx-puppet-twitter 2020-12-22 17:09:08 +02:00
Slavi Pantaleev 69cc2145d2 Add support for automatic (Postgres -> SQLite) migration to mx-puppet-steam 2020-12-22 16:51:59 +02:00
Slavi Pantaleev 262a25f997 Add support for automatic (Postgres -> SQLite) migration to mx-puppet-slack 2020-12-22 16:39:21 +02:00
Slavi Pantaleev e49eb078a2 Add support for automatic (Postgres -> SQLite) migration to mx-puppet-skype 2020-12-22 16:29:47 +02:00
Dan Arnfield c3b63c6c97 Update element-web (1.7.15 -> 1.7.16) 2020-12-22 08:29:37 -06:00
Dan Arnfield 10e0fa17ad Update nginx (1.19.5 -> 1.19.6) 2020-12-22 08:23:37 -06:00
Slavi Pantaleev d135cd9cd3 Ensure mx-puppet-discord directories are created before attempting migration
Our old (base-path -> data-path) SQLite migration can't work otherwise.

It's probably not necessary to keep it anymore, but since we still do,
at least we should take care to ensure it works.
2020-12-22 13:44:36 +02:00
Slavi Pantaleev 44c9f4daca Add support for automatic (Postgres -> SQLite) migration to mx-puppet-instagram 2020-12-22 13:30:52 +02:00
Slavi Pantaleev e64758c119 Add missing restart task
Should have been part of 149872e00c
2020-12-22 13:24:53 +02:00
Slavi Pantaleev 149872e00c Add support for automatic (Postgres -> SQLite) migration to mx-puppet-discord 2020-12-22 11:10:10 +02:00
Slavi Pantaleev 9b4bf73587 Fix undefined variable reference 2020-12-22 11:08:07 +02:00
Slavi Pantaleev 6488e11d69 Relocate some tasks 2020-12-22 10:52:36 +02:00
Slavi Pantaleev ca066217d1
Merge pull request #757 from 0x46616c6b/disable-nginx-logging-option
add option to disable nginx access log
2020-12-21 22:30:25 +02:00
louis dcd4716636 add option to disable nginx access log 2020-12-21 21:26:49 +01:00
Slavi Pantaleev d0ee86e0a5 Fix matrix_corporal_docker_image_name_prefix referencing matrix_synapse_ stuff 2020-12-21 15:44:14 +02:00
Agustin Ferrario a06feba281 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2020-12-18 10:22:43 +01:00
Slavi Pantaleev 8748f3d443 Move python{,3}-docker installation to another task
This also adds support for installing python3-docker (not python-docker)
in systems that run Python 3.
2020-12-17 11:49:56 +02:00
Slavi Pantaleev 349fbb6434 Do not hardcode armhf for Raspbian
Raspbian doesn't seem to support arm64, so this is somewhat pointless
right now.

However, they might in the future. Doing this should also unify us
some more with `setup_debian.yml` with the ultimate goal of
eliminating `setup_raspbian.yml`.
2020-12-17 11:47:34 +02:00
Slavi Pantaleev a09ed58892 Ensure gnupg installed on Raspbian
It's likely installed by default, but it doesn't hurt to specify it.
It also makes us more the same with `setup_debian.yml`.
2020-12-17 11:45:32 +02:00
Slavi Pantaleev f545de53f7 Do not hardcode "ubuntu" for the Docker APT key URL
Well, `ubuntu` or `debian`, the same key is served right now,
so it doesn't really matter.

This seems cleaner and less prone to breakage though.
2020-12-17 11:39:18 +02:00
Slavi Pantaleev 55f252a6ed Do not hardcode amd64 in setup_debian.yml
Until now, we've only supported non-amd64 on Raspbian.

Seems like there are now people running Debian/Ubuntu on ARM,
so we were forcing them into amd64 Docker packages.

I've gotten a report that this change fixes support
for Ubuntu Server 20.04 on RPi 4B.
2020-12-17 11:37:30 +02:00
Slavi Pantaleev ed159cc742 Move matrix_architecture to matrix-base
We were only defining this in `group_vars/matrix_servers`, which is
inconsistent with how we normally do things.
2020-12-17 11:33:18 +02:00
Agustin Ferrario 2082242499 Add matrix_nginx_proxy_ssl_config
A new variable called `matrix_nginx_proxy_ssl_config` is created for
configuring how the nginx proxy configures SSL. Also a new configuration
validation option and other auxiliary variables are created.

A new variable configuration called `matrix_nginx_proxy_ssl_config` is
created. This allow to set the SSL configuration easily using the
default options proposed by Mozilla. The default configuration is set to
"Intermediate", removing the weak ciphers used in the old
configurations.

The new variable can also be set to "Custom" for a more granular control.
This allows to set another three variables called:

- `matrix_nginx_proxy_ssl_protocols`,
- `matrix_nginx_proxy_ssl_prefer_server_ciphers`
- `matrix_nginx_proxy_ssl_ciphers`

Also a new task is added to validate the SSL configuration variable.
2020-12-16 10:35:37 +01:00
Slavi Pantaleev 0f4649a45c Merge branch 'master' into postgres-per-default 2020-12-16 03:35:39 +02:00
Slavi Pantaleev a4b8baee49 Fix inability to send (Matrix -> Discord) messages via appservice-discord
Revert "Correct inabillity for appservice-discord to connect"
This reverts commit 673e19f830.

While certain things do work even with such a local URL, sending
messages leads to an error like this:

> [DiscordBot] verbose: DiscordAPIError: Invalid Form Body
> avatar_url: Not a well formed URL.

Fixes https://github.com/Half-Shot/matrix-appservice-discord/issues/649

The sample configuration file for appservice-discord
c29cfc72f5/config/config.sample.yaml (L8)
explicitly says that we need a public URL.
2020-12-16 03:35:13 +02:00
Slavi Pantaleev a197968b7f Make matrix-registration use Postgres by default
Now that 0.7.2 is out, the Docker image supports Postgres
and we can do the (SQLite -> Postgres) migration.

I've also found out that we needed to fix up the `tokens.ex_date` column
data type a bit to prevent matrix-registration from raising exceptions
when comparing `datetime.now()` with `ex_date` coming from the database.

Example:

> File "/usr/local/lib/python3.8/site-packages/matrix_registration/tokens.py", line 58, in valid
> expired = self.ex_date < datetime.now()
> TypeError: can't compare offset-naive and offset-aware datetimes
2020-12-15 23:19:56 +02:00
Slavi Pantaleev 1bd5c240e5 Add support for executing additional DB migration statements
In cases where pgloader is not enough and we need to do some additional
migration work after it, we can now use
`additional_psql_statements_list` and
`additional_psql_statements_db_name`.

This is to be used when migrating `matrix-registration`'s data at the
very least.
2020-12-15 23:18:29 +02:00
Slavi Pantaleev 3289298ac7 Merge branch 'master' into postgres-per-default 2020-12-15 22:02:52 +02:00
Slavi Pantaleev 69f71f48a6 Upgrade matrix-registration (v0.7.1 -> 0.7.2) and use official image
This switches us to a container image maintained by the
matrix-registration developer.

0.7.2 also supports a `base_url` configuration option we can use to
make it easier to reverse-proxy at a different base URL.

We still keep some workarounds, because of this issue:
https://github.com/ZerataX/matrix-registration/issues/47
2020-12-15 22:02:06 +02:00
Slavi Pantaleev e2ba46bf01 Fix Jinja2 syntax error (else if -> elif) 2020-12-14 22:40:37 +02:00
Slavi Pantaleev dd797ba6a7 Fix Postgres database importing/upgrading conflicts
We were running into conflicts, because having initialized
the roles (users) and databases, trying to import leads to
errors (role XXX already exists, etc.).

We were previously ignoring the Synapse database (`homeserver`)
when upgrading/importing, because that one gets created by default
whenever the container starts.

For our additional databases, it's a similar situation now.
It's not created by default as soon as Postgres starts with an empty
database, but rather we create it as part of running the playbook.

So we either need to skip those role/database creation statements
while upgrading/importing, or to avoid creating the additional database
and rely on the import for that. I've gone for the former, because
it's already similar to what we were doing and it's simpler
(it lets `setup_postgres.yml` be the same in all scenarios).
2020-12-14 22:28:20 +02:00
Slavi Pantaleev 2a502db239 Add (SQLite + Postgres) support and automatic migration to matrix-dimension 2020-12-14 21:01:47 +02:00
Slavi Pantaleev 0790a7b2a8 Add support for matrix_dimension_systemd_{required,wanted}_services_list
We were referencing them from `group_vars/matrix_servers` since
recently, but there were no such variables and they weren't being put to
use.
2020-12-14 20:31:07 +02:00
Slavi Pantaleev 374f43735a Separate matrix-dimension install/uninstall tasks 2020-12-14 20:05:31 +02:00
Slavi Pantaleev 8d74593878 Prepare matrix-registation for (SQLite + Postgres) support
Auto-migration and everything seems to work. It's just that
matrix-registration cannot load the Python modules required
for talking to a Postgres database.

Tracked here: https://github.com/ZerataX/matrix-registration/issues/44

Until this gets fixed, we'll continue default to 'sqlite'.
2020-12-14 18:58:37 +02:00
Slavi Pantaleev 516ccb2b2b Separate matrix-registration install/uninstall tasks 2020-12-14 18:12:14 +02:00
transcaffeine 13d8a9b39c
hint supported automatic migration nedb->postgres 2020-12-14 16:33:40 +01:00
Slavi Pantaleev af3ea67bba Add (SQLite + Postgres) support and automatic migration to matrix-ma1sd 2020-12-14 17:16:25 +02:00
Slavi Pantaleev 0ca48f3532 Separate matrix-ma1sd install/uninstall tasks 2020-12-14 16:57:51 +02:00
Slavi Pantaleev 7248eb3c11 Fix syntax error in roles/matrix-bridge-appservice-irc/defaults/main.yml 2020-12-14 16:25:44 +02:00
Slavi Pantaleev cba973d6b5 Enable automatic (SQLite -> Postgres) migration for matrix-appservice-discord 2020-12-14 16:25:22 +02:00
Slavi Pantaleev 13f84e2ad5 Enable automatic (SQLite -> Postgres) migration for matrix-mautrix-whatsapp 2020-12-14 16:21:01 +02:00
Slavi Pantaleev 86a8091768 Enable automatic (SQLite -> Postgres) migration for matrix-mautrix-telegram 2020-12-14 16:19:54 +02:00
Slavi Pantaleev 3ba8520266 Enable automatic (SQLite -> Postgres) migration for matrix-mautrix-hangouts 2020-12-14 16:18:38 +02:00
Slavi Pantaleev bbc08722c5 Enable automatic (SQLite -> Postgres) migration for matrix-mautrix-facebook 2020-12-14 16:14:23 +02:00
Slavi Pantaleev c1431b28f0 Make use of matrix_postgres_db_migration_request.caller 2020-12-14 16:13:57 +02:00
Slavi Pantaleev ac37091d01 Enable automatic (SQLite -> Postgres) migration for matrix-reminder-bot 2020-12-14 16:03:40 +02:00
Slavi Pantaleev dc7850e83c Fix wording and variable names a bit 2020-12-14 16:03:40 +02:00
Slavi Pantaleev bc376c2fb2 Add database migration utility to matrix-postgres role 2020-12-14 16:03:40 +02:00
transcaffeine 54da61f81b
add postgres support mx-appservice-[slack|irc] with fallback to nedb in role and migration notice 2020-12-14 14:08:35 +01:00
Slavi Pantaleev e3a0c9adda Add (Postgres + SQLite) support to matrix-reminder-bot
This has been tested and appears to work.
2020-12-14 15:02:11 +02:00
Slavi Pantaleev dde1c9f899 Fix indentation causing YAML syntax error 2020-12-14 14:53:35 +02:00
Slavi Pantaleev aa828ff9f6 Separate matrix-reminder-bot install/uninstall tasks 2020-12-14 14:50:04 +02:00
Slavi Pantaleev b9a04a7f95 Rename some remaining matrix_*_postgres_* vars back to matrix_*_database_*
Looks like there are some that I missed in 087dbe4ddc
2020-12-14 14:42:18 +02:00
transcaffeine 5d70bc1376
add postgres support for mx-puppet-* with fallback to sqlite in role and migration notice 2020-12-14 13:22:58 +01:00
Slavi Pantaleev 087dbe4ddc Rename matrix_*_postgres_* back to matrix_*_database_*
I was thinking that it makes sense to be more specific,
and using `_postgres_` also separated these variables
from the `_database_` variables that ended up in bridge configuration.

However, @jdreichmann makes a good point
(https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/740#discussion_r542281102)
that we don't need to be so specific and can allow for other engines (like MySQL) to use these variables.
2020-12-14 13:02:47 +02:00
Slavi Pantaleev ce21ea3640 Add (Postgres + SQLite) support to matrix-mautrix-hangouts bridge
I don't use this bridge, so this is completely untested.
2020-12-14 12:34:59 +02:00
Slavi Pantaleev 43d6ff2af8 Fix sqlite usage for mautrix-facebook/mautrix-telegram
Regression since 2d99ade72f and 9bf8ce878e, respectively.

When SQLite is to be used, these bridges expect an `sqlite://`
connection string, and not a plain file name (path), like Appservice
Discord and mautrix-whatsapp do.
2020-12-14 12:30:10 +02:00
Slavi Pantaleev 6c77eae969 Add (Postgres + SQLite) support to matrix-mautrix-whatsapp bridge
I don't use this bridge, so this is completely untested.
2020-12-14 12:24:37 +02:00
Slavi Pantaleev 9bf8ce878e Add (Postgres + SQLite) support to matrix-mautrix-telegram bridge
I don't use this bridge, so this is completely untested.
2020-12-14 12:06:28 +02:00
Slavi Pantaleev a3406a182b Move some things around 2020-12-14 12:04:47 +02:00
Slavi Pantaleev 2d99ade72f Add (Postgres + SQLite) support to matrix-mautrix-facebook bridge 2020-12-14 11:50:42 +02:00
Slavi Pantaleev 5dba0c038b Make --tags=import-generic-sqlite-db commands not pass a sensitive connection string around
Instead of passing the connection string, we can now pass a name of a
variable, which contains a connection string.

Both are supported for having extra flexibility.
2020-12-14 11:47:00 +02:00
Slavi Pantaleev d91aa5a060 Do not introduce sub-variables exposing implementation details 2020-12-14 10:52:07 +02:00
Slavi Pantaleev f1e85f7112 Don't mention Postgres roles, just say users 2020-12-14 10:04:37 +02:00
Slavi Pantaleev 4617984b9f Add (SQLite -> Postgres) migration instructions 2020-12-14 02:24:32 +02:00
Slavi Pantaleev cb969c6ca2 Add --tags=import-generic-sqlite-db (pgloader import)
This can be used by various bridges, etc., to import an SQLite
(or some other supported) database into Postgres.
2020-12-14 02:23:29 +02:00
Slavi Pantaleev c66c084027 Merge branch 'master' into postgres-per-default 2020-12-14 01:51:15 +02:00
Slavi Pantaleev 6e1dfb62f0 Rename some doc files and commands related to importing
Since we'll likely have generic SQLite database importing
via [pgloader](https://pgloader.io/) for migrating bridge
databases from SQLite to Postgres, we'd rather avoid
calling the "import Synapse SQLite database" command
as just `--tags=import-sqlite-db`.

Similarly, for the media store, we'd like to mention that it's
related to Synapse as well.

We'd like to be more explicit, so as to be less confusing,
especially in light of other homeserver implementations
coming in the future.
2020-12-14 01:51:00 +02:00
Slavi Pantaleev b87b754372 Fail if appservice-discord wants Postgres, but has leftover SQLite data 2020-12-14 01:36:15 +02:00
Slavi Pantaleev 183d2a10db Ensure matrix-postgres.service is started before creating additional users/databases 2020-12-14 00:59:59 +02:00
Slavi Pantaleev a374d309c8 Make appservice-discord support both SQLite and Postgres
People can toggle between them now. The playbook also defaults
to using SQLite if an external Postgres server is used.

Ideally, we'd be able to create databases/users in external Postgres
servers as well, but our initialization logic (and `docker run` command,
etc.) hardcode too many things right now.
2020-12-14 00:52:25 +02:00
Slavi Pantaleev 46a4034d3e Use "password" for additional Postgres databases, not "pass"
Being more explicit sounds better.
2020-12-14 00:43:03 +02:00
Slavi Pantaleev 3a037a5993 Ensure additional databases contain all the keys that we expect 2020-12-14 00:39:38 +02:00
Slavi Pantaleev da4cb2f639 Do not use the postgresql_user/postgresql_db modules
While these modules are really nice and helpful, we can't use them
for at least 2 reasons:

- for us, Postgres runs in a container on a private Docker network
(`--network=matrix`) without usually being exposed to the host.
These modules execute on the host so they won't be able to reach it.

- these modules require `psycopg2`, so we need to install it before
using it. This might or might not be its own can of worms.
2020-12-14 00:31:38 +02:00
Slavi Pantaleev bbc09d013b Do not execute additional databases creation code if not necessary
The tasks in `create_additional_databases.yml` will likely
ensure `matrix-postgres.service` is started, etc.

If no additional databases are defined, we'd rather not execute that
file and all these tasks that it may do in the future.
2020-12-13 23:46:05 +02:00
Slavi Pantaleev c765ceb270 Prevent weird loop error
> Invalid data passed to 'loop', it requires a list, got this instead: matrix_postgres_additional_databases. Hint: If you passed a list/dict of just one element, try adding wantlist=True to your lookup invocation or use q/query instead of lookup.

Well, or working around it, as I've done in this commit (which seems
more sane than `wantlist=True` stuff).
2020-12-13 22:56:56 +02:00
Slavi Pantaleev e2952f16f7 Determine matrix-postgres IP address without relying on jq
To avoid needing to have `jq` installed on the machine, we could:
- try to run jq in a Docker container using some small image providing
that
- better yet, avoid `jq` altogether
2020-12-13 22:45:48 +02:00
Slavi Pantaleev f47e8a97e6 Make use of matrix_host_command_docker instead of hardcoding 2020-12-13 22:38:35 +02:00
Slavi Pantaleev 0641106370 Allow username of additional Postgres databases to be different
We'll most likely use one that matches the database name, but
it's better to have it configurable.
2020-12-13 22:37:04 +02:00
Slavi Pantaleev 527d5f57d5 Relocate Postgres additional database creation logic
Moving it above the "uninstalling" set of tasks is better.
Extracting it out to another file at the same time, for readability,
especially given that it will probably have to become more complex in
the future (potentially installing `jq`, etc.)
2020-12-13 22:37:04 +02:00
Slavi Pantaleev dac0d3a682 Add default matrix_postgres_additional_databases 2020-12-13 21:07:16 +02:00
Slavi Pantaleev 77a5c7cf3c Merge branch 'master' into postgres-per-default 2020-12-13 21:04:15 +02:00
Slavi Pantaleev 47613e5a27 Remove synapse-janitor support
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/746
2020-12-11 23:24:42 +02:00
Slavi Pantaleev 86988ae180 Switch matrix-registration to v0.7.1
Now that a new release has been made, we no longer need to use
`latest` / `master`.

Related to 0a9109771d and https://github.com/ZerataX/matrix-registration/issues/43
2020-12-11 22:52:42 +02:00
Slavi Pantaleev 0a9109771d Use latest/master version of matrix-registration
v0.7.0 is broken right now, because it calls
`/_matrix/client/r0/admin/register`, which is now at
`/_synapse/admin/v1/register`.

This has been fixed here: 6b26255fea

.. but it's not part of any release.

Switching to `master` (`docker.io/devture/zeratax-matrix-registration:latest`) until it gets resolved.

Reported upstream here: https://github.com/ZerataX/matrix-registration/issues/43
2020-12-11 22:22:07 +02:00
Aaron Raimist 3c2a644e5c
Upgrade synapse-admin (v0.5.0 -> 0.6.1) 2020-12-10 16:28:48 -06:00
Slavi Pantaleev 7593d969e3 Make matrix-mailer not occupy matrix_server_fqn_matrix
Starting with Docker 20.10, `--hostname` seems to have the side-effect
of making Docker's internal DNS server resolve said hostname to the IP
address of the container.

Because we were giving the mailer service a hostname of `matrix.DOMAIN`,
all requests destined for `matrix.DOMAIN` originating from other
services on the container network were resolving to `matrix-mailer`.
This is obviously wrong.

Initially reported here: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/748

We normally try to not use the public hostname (and IP address) on the
container network and try to make services talk to one another locally,
but it sometimes could happen.

With this, we use a `matrix-mailer` hostname for the matrix-mailer
container. My testing shows that it doesn't cause any trouble with
email deliverability.
2020-12-10 23:51:11 +02:00
transcaffeine d9f4914e0d
WIP: postgres: create databases for all services
If a service is enabled, a database for it is created in postgres with a uniqque password. The service can then use this database for data storage instead of relying on sqlite.
2020-12-10 18:26:22 +01:00
Slavi Pantaleev d08b27784f Fix systemd services autostart problem with Docker 20.10
The Docker 19.04 -> 20.10 upgrade contains the following change
in `/usr/lib/systemd/system/docker.service`:

```
-BindsTo=containerd.service
-After=network-online.target firewalld.service containerd.service
+After=network-online.target firewalld.service containerd.service multi-user.target
-Requires=docker.socket
+Requires=docker.socket containerd.service
Wants=network-online.target
```

The `multi-user.target` requirement in `After` seems to be in conflict
with our `WantedBy=multi-user.target` and `After=docker.service` /
`Requires=docker.service` definitions, causing the following error on
startup for all of our systemd services:

> Job matrix-synapse.service/start deleted to break ordering cycle starting with multi-user.target/start

A workaround which appears to work is to add `DefaultDependencies=no`
to all of our services.
2020-12-10 11:43:20 +02:00
John Goerzen 673e19f830
Correct inabillity for appservice-discord to connect
After recently updating my matrix-docker-ansible-deploy installation, matrix-appservice-discord would refuse to start, logging ECONNREFUSED to https://matrix.[mydomain]:443, which was resolving to 172.18.0.2 due to the `--hostname` in mailer grabbing that hostname.

Curious why the IRC bridge didn't have this issue, I looked into it, and it was connecting to `http://matrix-synapse:8008`.  Correcting this one to that URL resolved the issue.
2020-12-09 21:20:06 -06:00
Slavi Pantaleev 245b749946 Upgrade Synapse for ARM (v1.23.0 -> v1.24.0)
Continuation of aa86e0dac6, now that ARM images are out.
2020-12-09 20:54:18 +02:00
Slavi Pantaleev aa86e0dac6 Upgrade Synapse (v1.23.0 -> v1.24.0)
Because the ARM images are not pushed yet, we hold back to v1.23.0
for now.
2020-12-09 13:31:10 +02:00
benkuly ad92c61fdd updated matrix-sms-bridge 2020-12-09 09:45:44 +01:00
Slavi Pantaleev c07c927d9f Automatically enable openid listeners when ma1sd enabled
ma1sd requires the openid endpoints for certain functionality.
Example: 90b2b5301c/src/main/java/io/kamax/mxisd/auth/AccountManager.java (L67-L99)

If federation is disabled, we still need to expose these openid APIs on the
federation port.

Previously, we were doing similar magic for Dimension.
As per its documentation, when running unfederated, one is to enable
the openid listener as well. As per their recommendation, people
are advised to do enable it on the Client-Server API port
and use the `federationUrl` variable to override where the federation
port is (making federation requests go to the Client-Server API).

Because ma1sd always uses the federation port (unless you do some
DNS overwriting magic using its configuration -- which we'd rather not
do), it's better if we just default to putting the `openid` listener
where it belongs - on the federation port.

With this commit, we retain the "automatically enable openid APIs" thing
we've been doing for Dimension, but move it to the federation port instead.
We also now do the same thing when ma1sd is enabled.
2020-12-08 16:59:20 +02:00
Slavi Pantaleev 8c02f7b79b Upgrade services 2020-12-07 15:18:03 +02:00
Slavi Pantaleev d556aa943f Update docker-ce.repo to not hardcode $releasever=7
This keeps it in line with https://download.docker.com/linux/centos/docker-ce.repo

Whether or not Docker works well on CentOS 8 for our purposes
hasn't been verified yet.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300
2020-12-07 07:20:47 +02:00
Slavi Pantaleev 7372480e95 Properly serialize some ma1sd configuration values
We've had a report of the `connection` value getting cut off,
supposedly because it contains something that breaks off the string.

Using `|to_json` takes care of it.
2020-12-06 23:59:58 +02:00
Hardy Erlinger ec2a9d4852 Remove the recording button from the Jitsi UI if recording is disabled. 2020-12-06 13:50:45 +01:00
Béla Becker 6f9b4bd9ac Drop workaround for old Ansible docker_network bug 2020-12-05 19:02:10 +01:00
Béla Becker 6921ec4b8a Revert "Work around buggy docker_network sometimes failing to work"
The docker_network bug was fixed two years ago
This reverts commit 36658addcd.
2020-12-05 19:02:10 +01:00
Slavi Pantaleev a5ae7e9ef0 Add self-building support to matrix-corporal 2020-12-04 01:48:08 +02:00
Slavi Pantaleev b3d91ed488 Fix passing of matrix_appservice_discord_auth_usePrivilegedIntents 2020-12-04 01:06:42 +02:00
Slavi Pantaleev 05cecb5261 Merge branch 'discord-v1.0'
This may be a bit premature, because the bridge didn't work for me
the last time I tried it (RC3).

Some bugs have been fixed to make our config compatible with v1.0.0
though, so it may work for some people (especially those starting
fresh).

I'm not for shipping potentially broken things, but given that we were
using `docker.io/halfshot/matrix-appservice-discord:latest` and that
points to v1.0.0 already (with no other tag we can use), our setup was
already broken in any case.

Now, at least it has some chance of running.
2020-12-03 15:17:30 +02:00
Slavi Pantaleev edd40811a5 Update matrix-appservice-discord to v1.0.0 final 2020-12-03 15:16:26 +02:00
Marcel Partap b6b95fe742 synapse workers-doc-to-yaml script: compatibility++ with non-gnu awk 2020-12-02 23:22:02 +01:00
Marcel Partap 3156d96619 synapse workers-doc-to-yaml.awk: escape slash for non-gnu awk versions 2020-12-02 00:29:20 +01:00
Marcel Partap e892ac464f synapse workers: untangle config template and specify bind address
.. to mitigate log noise - WARNING:
Failed to listen on 0.0.0.0, continuing because listening on [::]
2020-12-01 23:49:23 +01:00
Marcel Partap f201bca519 synapse workers: define and expose METRICS port for each worker
As seen on TV:
https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md#monitoring-workers
2020-12-01 22:49:15 +01:00
Marcel Partap af08f18779 synapse workers default config: disable user_dir worker for now
(until https://github.com/matrix-org/synapse/issues/8787 is resolved)
2020-12-01 22:22:04 +01:00
Marcel Partap 414b812a29 synapse role workers setup: make configs clean action remote compatible
Many people probably didn't even know this - that ansible can be
quite a bit picky about what it will be willing to work with remotely.

Thanks @maxklenk !
2020-12-01 22:20:27 +01:00
Marcel Partap d5932ca393 synapse role workers setup: execute the endpoint extraction locally
Thanks @maxklenk !
2020-12-01 22:18:42 +01:00
Marcel Partap 851c25c47f matrix-synapse nginx template: fix invalid jinja comment syntax 2020-12-01 21:55:07 +01:00
Marcel Partap b73ac965ac Merge remote-tracking branch 'origin/master' into synapse-workers 2020-12-01 21:24:26 +01:00
Slavi Pantaleev 04da1bddf7 Update matrix-mautrix-facebook config a bit
This also disables presence if it's disabled for Synapse.
2020-12-01 11:55:18 +02:00
Slavi Pantaleev 90078dd296 Add matrix_services_autostart_enabled variable for preventing services autostart
Some people requested that `--tags=start` not set up service autostart.

One can now do `--tags=start --extra-vars="matrix_services_autostart_enabled=false"`
to just start services ones and not set up autostarting.
2020-11-30 20:58:21 +02:00
Slavi Pantaleev e0d7d5f0ca Disable Jitsi recording/transcriptions by default
It's not like it worked anyway, because we don't have the necessary
services installed for transcription (Jigasi), nor recording (Jibri).

Disabling these, should hopefully disable their related elements
in the Jitsi Web UI.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/726
2020-11-28 22:31:00 +02:00
Slavi Pantaleev be5263f397 Move self-building git repository URLs to variables (stop hardcoding) 2020-11-28 21:34:14 +02:00
Slavi Pantaleev b354155d7c Make JVB websockets reverse-proxying work 2020-11-27 17:57:15 +02:00
Slavi Pantaleev fa76128fd8 Update Jitsi to build 5142
This supersedes/fixes-up this Pull Request:
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/719

The Jitsi Web and JVB containers now (in build 5142) always
start by bulding their own default configuration
(`config.js` and `sip-communicator.properties`, respectively).

The fact that we were generating these files ourselves was no longer of use,
because our configuration was thrown away in favor of the one created
by the containers on startup.

With this commit, we're completely redoing things. We no longer
generate these configuration files. We try to pass the proper
environment variables, so that Jitsi services can generate the
configuration files themselves.

Besides that, we try to use the "custom configuration" mechanism
provided by Jitsi Web and Jitsi JVB (`custom-config.js` and
`custom-sip-communicator.properties`, respectively), so that
we and our users can inject additional configuration.

Some configuration options we had are gone now. Others are no longer
controllable via variables and need to be injected using
the `_config_extension` variables that we provide.

The validation logic that is part of the role should take care
to inform people about how to upgrade (if they're using some custom
configuration, which needs special care now). Most users should not
have to do anything special though.
2020-11-27 17:57:15 +02:00
benkuly f93a4f6474 updated matrix-sms-bridge 2020-11-27 16:01:24 +01:00
Slavi Pantaleev d702e74079 Fix matrix-nginx-proxy static files mounting when SSL retrieval is none
Fixup for 12867e9f18.

This shouldn't have been caught in the `if`.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/734
2020-11-26 18:40:15 +02:00