Commit graph

1689 commits

Author SHA1 Message Date
Dan Arnfield c8754f422a Update certbot (1.6.0 -> 1.7.0) 2020-08-16 15:01:13 -05:00
Dan Arnfield 8d373409b8 Update nginx (1.19.1 -> 1.19.2) 2020-08-16 14:59:48 -05:00
Dan Arnfield 20eea648a5 Update postgres versions (12.3 -> 12.4, etc) 2020-08-16 14:41:40 -05:00
Justin Croonenberghs 31e2a1f06b
Undo ill-advised change
In #628 I proposed a CORS change that turns out not to be the root of the issue. Caffeine-addled diagnosis leads to sloppy thinking, and this change should be reverted. In fact, if left it will cause problems for new installations.
2020-08-09 14:20:37 -05:00
Justin Croonenberghs c5d18733d2
Update CORS for ma1sd
Even with the v2 updates listed in #503 and partially addressed in #614, this is still needed to enable identity services to function with Element Desktop/Web. Testing on multiple clients with a clean config has confirmed this, at least for my installation.
2020-08-08 23:19:07 -05:00
Slavi Pantaleev e6dd0fbaee Upgrade Element (1.7.2 -> 1.7.3) 2020-08-06 19:25:52 +03:00
merklaw fa6d85636f Add note about installing 'docker' Python package if Docker installation is disabled 2020-08-05 17:35:25 +02:00
merklaw 87df15441c Add note about installilng 'docker' Python package if Docker installation is disabled 2020-08-05 17:31:16 +02:00
Slavi Pantaleev 4b0a462aef
Merge pull request #620 from NachvollCiba/synapse-admin_selfbuild
Allow self-build images for Synapse-Admin
2020-08-04 17:23:30 +03:00
Dennis Ciba b22b593d83 Changed setup of synapse-admin to allow for self-build images 2020-08-04 15:42:00 +02:00
Slavi Pantaleev 54195b22c7 Allow framing Jitsi
Hopefully fixes a regression caused by b106a9592e.

Related to #597 (Github Pull Request).
2020-08-04 16:08:11 +03:00
benkuly 7755e5efd4
Update sms-bridge (0.3.1 -> 0.3.2) 2020-07-30 16:25:07 +03:00
Slavi Pantaleev f78a5d4ee8 Upgrade Synapse (v1.17.0 -> v1.18.0) 2020-07-30 14:21:44 +03:00
Slavi Pantaleev a7382924fc
Merge pull request #614 from vractal/enable-ma1sd-hashing
Enable ma1sd hashing by default
2020-07-30 09:30:06 +03:00
Slavi Pantaleev 68b2f2c33c
Merge pull request #613 from vractal/fix-gpg-dep
Replace gpg dependency for gnupg for debian compatibility
2020-07-30 09:29:25 +03:00
vractal 627c225101 Enable ma1sd hashing by default 2020-07-29 12:38:07 -04:00
Benjamin Fichtner 6539f2a156 Make ansible check mode runs silent, for all tasks which can't be idempotent 2020-07-29 13:23:15 +02:00
vractal 9b61fef271 Replace gpg dependency for gnupg for better debian compatibility 2020-07-28 15:26:16 -04:00
Slavi Pantaleev 3dcef4faa9
Merge pull request #609 from jdreichmann/newTelegramBridgeVersion
Bump version of mautrix-telegram to 0.8.2
2020-07-28 20:59:51 +03:00
Slavi Pantaleev be5ca5258b Upgrade Element (1.7.1 -> 1.7.2) 2020-07-28 19:04:11 +03:00
Johanna Dorothea Reichmann 2004143f14
Bump version of mautrix-telegram to 0.8.2
fixes matrix users unable to delete messages
2020-07-27 15:53:33 +02:00
Slavi Pantaleev ae002d8ae4 Fix synapse-admin uninstallation 2020-07-26 18:09:29 +03:00
Slavi Pantaleev 3f8e5b4363 Allow framing Dimension
Fix regression since 2a50b8b6bb (#597).

Dimension is intended to be embedded in various clients,
be it the Element service that we host (at element.DOMAIN),
some other Element (element-desktop running locally), etc.
2020-07-25 07:08:32 +03:00
Tommy Kelly d76d91a33e Update jitsi-web version
Changelog here https://github.com/jitsi/jitsi-meet/releases/tag/stable%2Fjitsi-meet_4857
2020-07-24 13:23:29 +03:00
Slavi Pantaleev 2a50b8b6bb
Merge pull request #597 from TwoTwenty/nginx-proxy-headers
Nginx proxy headers
2020-07-24 12:53:50 +03:00
Dan Arnfield 7a3491a32a Fix capability names for synapse-admin 2020-07-22 21:18:15 -05:00
TwoTwenty b106a9592e
Update matrix-jitsi.conf.j2 2020-07-22 10:39:24 -07:00
TwoTwenty c97e7c5a3e
Update matrix-dimension.conf.j2 2020-07-22 10:39:07 -07:00
TwoTwenty 18ba885ca2
Update matrix-client-element.conf.j2 2020-07-22 10:38:50 -07:00
Slavi Pantaleev 31b79553e0 Make matrix-reminder-bot default to in-container networking 2020-07-22 16:37:14 +03:00
Slavi Pantaleev 46135fb30c Add trailing-slash redirect for /synapse-admin 2020-07-22 13:15:05 +03:00
Slavi Pantaleev b2ae669566 Add synapse-admin support
Fixes #562 (Github Issue)
2020-07-22 08:10:26 +03:00
Slavi Pantaleev 78b1ef9a5f Add support for matrix-reminder-bot 2020-07-20 14:13:08 +03:00
hungrymonkey d093b9b148 Added gpg as base dependency for Debian 10
AWS Debian marketplace image does not have gpg preinstalled

https://aws.amazon.com/marketplace/pp/B0859NK4HC?ref=cns_srchrow

TASK [matrix-base : Ensure Docker's APT key is trusted] *******************************************************************************************************************************************************
fatal: [matrix.domain.com]: FAILED! => {"changed": false, "msg": "Failed to find required executable gpg in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}

Closes #590
2020-07-18 07:56:30 -07:00
Slavi Pantaleev b872053a50
Merge pull request #588 from mattcen/fix-ma1sd-image-build
Fix issues building ma1sd Docker image
2020-07-17 11:48:50 +03:00
Slavi Pantaleev 28855d1bb4
Document matrix_ma1sd_docker_src_files_path naming 2020-07-17 11:47:15 +03:00
Slavi Pantaleev ab188018f3
Move when statement to block
The when statement is supposed to be on the block, not on the individual task.

It affects all tasks within the block (they're all to be executed when ma1sd is enabled and self-building is requested0.
2020-07-17 11:44:26 +03:00
Slavi Pantaleev c6ab1c6a90 Riot is now Element
Fixes #586 (Github Issue)
2020-07-17 11:31:20 +03:00
Matt Cengia fede58fe96 Correctly tag self-built ma1sd Docker image 2020-07-17 17:12:16 +10:00
Slavi Pantaleev de0efe96e7 Fix incorrect when statement 2020-07-17 08:59:00 +03:00
Slavi Pantaleev 298d277c6c Upgrade riot-web (1.7.0 -> 1.7.1) 2020-07-17 08:56:08 +03:00
Matt Cengia b0e984136f Fix issues building ma1sd Docker image
The tag format used in the `ma1sd` repo have change. Versions no longer
start with 'v', and when building for non-amd64, we also need to strip
off the '-$arch' bit from the Docker image name.

Further, when building the .jar file, `ma1sd` currently names the .jar
based on the project's directory, which we call 'docker-src'. This means
other parts of the `ma1sd` build can't find the .jar file. Remedy this
by ensuring that the dir is called `docker-src/ma1sd`.
2020-07-17 13:57:47 +10:00
Dan Arnfield c47a55d170 Update nginx (1.19.0 -> 1.19.1) and certbot (1.5.0 -> 1.6.0) 2020-07-16 06:34:14 -05:00
Slavi Pantaleev 820dc6d7fa Fix translation issue (Riot.im -> Element) 2020-07-15 14:46:39 +03:00
Slavi Pantaleev 7c55e94cff Upgrade riot-web (1.6.7 -> 1.7.0) 2020-07-15 14:28:23 +03:00
benkuly a1e248e0e1
updated matrix-sms-bridge (#581)
* updated matrix sms bridge container

* remove force pull

* updated matrix-sms-bridge container

* updated matrix-sms-bridge container

* updated version of matrix-sms-bridge

* updates matrix-sms-bridge
2020-07-14 14:02:34 +03:00
Slavi Pantaleev b50cfe8d18 Upgrade mautrix-telegram (0.7.2 -> 0.8.1) 2020-07-14 10:37:07 +03:00
Slavi Pantaleev 200f912c04 Upgrade Synapse (v1.16.1 -> v1.17.0)
Fixes #579 (Github Issue).
2020-07-13 14:08:50 +03:00
shadow ddfc945fcf Remove unused validate_config.yml, since it causes ansible warnings 2020-07-11 00:40:12 +03:00
Slavi Pantaleev eff55e4d00 Upgrade Synapse (v1.16.0 -> v1.16.1) 2020-07-10 14:33:18 +03:00
benkuly 3553d3d513 updated version of matrix-sms-bridge 2020-07-08 18:15:18 +03:00
benkuly 8e1a418a45 updated matrix-sms-bridge container 2020-07-08 18:15:18 +03:00
benkuly bd3223cdd4 updated matrix-sms-bridge container 2020-07-08 18:15:18 +03:00
benkuly 226d5a9c64 remove force pull 2020-07-08 18:15:18 +03:00
benkuly c5f9e02103 updated matrix sms bridge container 2020-07-08 18:15:18 +03:00
Slavi Pantaleev 928982cffe Upgrade Synapse (v1.15.2 -> v1.16.0) 2020-07-08 14:08:46 +03:00
Slavi Pantaleev 18ab677a96 Remove useless file 2020-07-08 00:22:47 +03:00
Slavi Pantaleev 227f1a28e3 Allow matrix_user_uid/matrix_user_gid to be specified manually 2020-07-06 11:05:34 +03:00
Panagiotis Vasilopoulos baed917a13
Fixed repository link for mx-puppet-steam
- https://github.com/icewind1991/mx-puppet-steam is the link that's referenced by the documentation.
- The previous link, https://github.com/matrix-steam/mx-puppet-steam, is invalid/inaccessible to the public.
2020-07-05 23:28:03 +03:00
shadow 6293f1bdb0 Run all API self checks in check_mode 2020-07-04 15:24:33 +02:00
Slavi Pantaleev f758ee90cb
Add |to_json to some values 2020-07-04 09:31:52 +03:00
Justin Croonenberghs 35c2655fa4 Removed troublesome #s 2020-07-03 19:01:03 -05:00
Justin Croonenberghs 1f21f0c09a Add variables for reCAPTCHA validation 2020-07-03 18:33:25 -05:00
Slavi Pantaleev b08ee2f2fa Move Jitsi container image tag to a variable
Related to #554 (Github Pull Request).
2020-07-03 13:10:59 +03:00
Slavi Pantaleev 3710e04e10
Merge pull request #557 from izissise/mx-puppet-steam
Add mx-puppet-steam
2020-07-03 12:05:41 +03:00
Slavi Pantaleev d5eb7eb949
Merge pull request #560 from aaronraimist/synapse-1.15.2
Upgrade Synapse (1.15.1 -> 1.15.2)
2020-07-02 18:41:51 +03:00
Aaron Raimist 78382b0ce4
Upgrade Synapse (1.15.1 -> 1.15.2) 2020-07-02 10:38:25 -05:00
Hugues Morisset 57f498217a Add mx-puppet-steam 2020-07-01 21:01:00 +02:00
Hugues Morisset eb0df37247 Mx-puppet-discord Use official docker image
https://github.com/matrix-discord/mx-puppet-discord/issues/80

Thanks Sorunome for setting up the automated build
2020-07-01 13:33:01 +02:00
Hugues Morisset 42e7f5e9bc Add mx-puppet-discord 2020-07-01 13:31:31 +02:00
Slavi Pantaleev 744667b270 Merge branch 'master' into mx-puppet-twitter 2020-06-30 17:37:19 +03:00
Slavi Pantaleev 31f9e7bbea
Merge pull request #551 from jdreichmann/feat-mx-puppet-instagram
Add mx-puppet-instagram
2020-06-30 17:33:37 +03:00
Slavi Pantaleev 8b59402f79 Upgrade Coturn (4.5.1.2 -> 4.5.1.3)
4.5.1.3 fixes a security vulnerability:
https://github.com/coturn/coturn/security/advisories/GHSA-c8r8-8vp5-6gcm
2020-06-30 14:28:41 +03:00
Slavi Pantaleev f41c5e89e5 Upgrade riot-web (1.6.6 -> 1.6.7) 2020-06-29 18:41:06 +03:00
Tulir Asokan 5b960bcfb5 Make sender_localpart configurable for mx-puppet-twitter 2020-06-29 18:04:40 +03:00
Tulir Asokan 13186a1ddc Add mx-puppet-twitter
Signed-off-by: Tulir Asokan <tulir@maunium.net>
2020-06-29 15:28:43 +03:00
Slavi Pantaleev de545f9c5f Update docs on self-building and remove useless variable
`matrix_container_images_self_build` was not really doing anything
anymore. It previously was influencing `matrix_*_self_build` variables,
but it's no longer the case since some time ago.

Individual `matrix_*_self_build` variables are still available.
People that would like to toggle self-building for a specific component
ought to use those.

These variables are also controlled automatically (via
`group_vars/matrix_servers`) depending on `matrix_architecture`.

In other words, self-building is being done automatically for
all components when they don't have a prebuilt image for the specified
architecture. Some components only support `amd64`, while others also
have images for other architectures.
2020-06-29 14:58:03 +03:00
Slavi Pantaleev 635f385971 Use pre-built arm64 image for ma1sd
ma1sd 2.4.0 announced experimental support for arm64.
We're making use of those arm64 images instead of self-building.
2020-06-29 14:53:23 +03:00
Slavi Pantaleev f30d5e0950
Merge pull request #554 from teutat3s/jitsi-update-4627-1
Update Jitsi to stable-4627-1
2020-06-29 09:12:47 +03:00
teutat3s 784cb3e325
Update Jitsi to stable-4627-1 2020-06-28 22:00:08 +02:00
teutat3s 4cf59098ad
Update ma1sd to v2.4.0 2020-06-28 21:47:19 +02:00
Slavi Pantaleev 19b9a1b16c Expose mautrix-hangouts port if matrix-nginx-proxy is disabled 2020-06-28 09:01:48 +03:00
jdreichmann 0fea35cdd2
mx-puppet-instagram: add role 2020-06-27 15:23:21 +02:00
Slavi Pantaleev a081979d39
Merge pull request #548 from pcorace/master
Add variables to fine tune jitsi
2020-06-27 08:01:54 +03:00
Pablo 69570de8a9 Rename variables 2020-06-25 11:20:40 -03:00
Slavi Pantaleev 5c5f1c6ab9 Add support for telling Riot to not default to E2EE
Related to https://github.com/vector-im/riot-web/pull/13914
2020-06-24 11:39:51 +03:00
Pablo c341608480 Add variables to fine tune jitsi 2020-06-23 19:22:52 -03:00
Slavi Pantaleev d2a0ec6aa9 Upgrade riot-web (1.6.5 -> 1.6.6) 2020-06-23 18:03:58 +03:00
Slavi Pantaleev 105b3524bb Upgrade riot-web (1.6.4 -> 1.6.5) 2020-06-16 19:22:45 +03:00
Slavi Pantaleev 10bc85962e Upgrade Synapse (1.15.0 -> 1.15.1) 2020-06-16 13:55:27 +03:00
Slavi Pantaleev 7729511a84 Make vars.yml snapshotting optional and more configurable
Certain people organize their inventory in a different way
and we'd like to accommodate them.

Related to #542 (Github Issue).
2020-06-14 10:01:22 +03:00
Slavi Pantaleev 67ab7e7a1b Preserve vars.yml on the server for easily restoring
Fixes #542 (Github Issues).
2020-06-13 07:52:01 +03:00
benkuly d49ee51035 remove force pull matrix-sms-bridge docker image 2020-06-12 10:23:51 +02:00
benkuly a0661a6012 updated sms bridge docker image 2020-06-12 08:37:08 +02:00
benkuly 11e53c4fbc add default region 2020-06-11 15:37:46 +02:00
benkuly 99639d7d7a Merge remote-tracking branch 'github/master' 2020-06-11 15:36:02 +02:00
Slavi Pantaleev 6538ae34f5 Upgrade Synapse (v1.14 -> v1.15)
Fixes #539 (Github Issue).
2020-06-11 16:02:01 +03:00
Hugues Morisset d4938333e6 Fix missing conf for double puppeting in mx-puppet-slack 2020-06-11 11:10:13 +02:00
Slavi Pantaleev 440569c47b Update mautrix-facebook configuration 2020-06-10 09:20:06 +03:00
Slavi Pantaleev 10b3ceff72 Make Matrix federation port configurable
Fixes #523 (Github Issue).
2020-06-09 08:29:03 +03:00
Slavi Pantaleev 65e5020596 Proxy other /_synapse endpoints to the client API
Besides /_synapse/admin, there are other things like
/_synapse/oidc, etc.

We should just proxy everything.

Fixes #534 (Github Issue).
2020-06-09 08:12:58 +03:00
Slavi Pantaleev ab32f6adf6 Add self-building support to matrix-mailer (exim-relay) 2020-06-08 09:52:34 +03:00
Slavi Pantaleev 1f414a44ff Upgrade matrix-mailer 2020-06-08 09:37:28 +03:00
Slavi Pantaleev 0113852504 Upgrade matrix-synapse-shared-secret-auth (1.0.1 -> 1.0.2)
There's no change in the source code. Just a release bump for packaing
reasons. It doesn't matter much for us here, but let's be on the latest
tag anyway.
2020-06-08 09:29:55 +03:00
dasTholo 331c77a651
Add Docker Network for matrix-mautrix-telegram-db for Telegram Bridge with Postgress
Postgres setup like
matrix_mautrix_telegram_configuration_extension_yaml: |
  appservice:
    database: "postgres://XXX:XXX@matrix-postgres:5432/mxtg"

 will fail without the right Dockernetwork
2020-06-06 12:42:25 +02:00
benkuly 77fd23149b added gammu hard reset for sms modem 2020-06-06 08:28:08 +02:00
Slavi Pantaleev e4edfd5b12 Remove now-unnecessary /dev/null hacks from riot-web
`/etc/nginx/conf.d/default.conf` was previously causing
some issues when used with our `--user`.

It's not the case anymore, so we can remove it.

Fixes #369 (Github Issue).
2020-06-06 08:47:56 +03:00
Slavi Pantaleev 88a4a3ab55 Update components 2020-06-06 08:25:27 +03:00
Slavi Pantaleev b0b744dede Add periodic reconnection configuration to mautrix-facebook bridge 2020-06-05 15:21:41 +03:00
Slavi Pantaleev c838bd2f46
Merge pull request #514 from benkuly/master
added matrix-sms-bridge
2020-06-05 14:52:41 +03:00
benkuly f68e47d3c4 renamed role matrix-sms-bridge to matrix-bridge-sms 2020-06-05 12:25:41 +02:00
Slavi Pantaleev 0fce642179 Upgrade riot-web (1.6.2 -> 1.6.3) 2020-06-04 19:52:55 +03:00
benkuly 85c6befc04 removed unused delivery report 2020-06-03 20:02:37 +02:00
benkuly b60a4ac643 mount as slave 2020-06-03 14:25:23 +02:00
benkuly 3a3b95abfc added dev volume to find serial by id 2020-06-03 13:13:25 +02:00
benkuly 41b1925b2a remove dev mount 2020-06-03 13:07:36 +02:00
benkuly 0967bc3cd9 added missing z flag 2020-06-03 12:03:44 +02:00
Slavi Pantaleev c00a7c2fe9 Update mautrix-facebook configuration (invitation, backfilling support) 2020-06-03 09:35:31 +03:00
Slavi Pantaleev 5da31ba579 Move configuration templates outside of defaults/main.yml files 2020-06-03 09:33:28 +03:00
benkuly 26846a5f6c try privileged way 2020-06-02 22:04:52 +02:00
benkuly 2fd8216fbc try to fix device reconnect issues 2020-06-02 18:27:33 +02:00
benkuly cd17928805 revert remove of frequency 2020-06-02 14:56:22 +02:00
benkuly f383b152da removed gammu reset frequency
because the tty port will change
2020-06-02 14:49:55 +02:00
benkuly 0b7d6744bf added more docs and timeout value 2020-06-02 08:39:30 +02:00
Slavi Pantaleev f56a9a0f5f
Merge pull request #524 from cnvandijk/fix-executable-path
Remove hardcoded paths to commands on the host machine
2020-05-28 15:39:25 +03:00
Slavi Pantaleev 8bae39050e Update settings for Synapse v1.14.0 2020-05-28 15:23:05 +03:00
tctovsli 45ba01510d
Synapse v.1.14.0 2020-05-28 14:04:37 +02:00
Chris van Dijk 74df10633a Remove hardcoded command paths in playbook cron usage 2020-05-27 23:14:58 +02:00
Chris van Dijk 6e3b877dc2 Remove hardcoded command paths in playbook shell usage 2020-05-27 23:14:56 +02:00
Chris van Dijk 6334f6c1ea Remove hardcoded command paths in systemd unit files
Depending on the distro, common commands like sleep and chown may either
be located in /bin or /usr/bin.

Systemd added path lookup to ExecStart in v239, allowing only the
command name to be put in unit files and not the full path as
historically required. At least Ubuntu 18.04 LTS is however still on
v237 so we should maintain portability for a while longer.
2020-05-27 23:14:54 +02:00
Ugurtan 5ace3f4a1c
fix for importing sqllite database
the current version fails the import, because the volume for the media is missing. It still fails if you have the optional shared secret password provider is enabled, so that might need another mount. Commenting out the password provider in the hoimeserver.yaml during the run works as well.
2020-05-27 18:13:36 +02:00
benkuly e4f128a1ba fixed wrong gammu path 2020-05-26 18:19:22 +02:00
benkuly 3d63ee6d13 add group dialout to container 2020-05-26 18:12:26 +02:00
Slavi Pantaleev a353217cf3 Add delivery_receipts option for matrix-bridge-mautrix-facebook 2020-05-26 09:49:12 +03:00
benkuly a7fd27c43c removed jinja command 2020-05-25 19:36:19 +02:00
benkuly ecf3116c4a fixed wrong gammu config dest 2020-05-25 19:34:40 +02:00
benkuly f8663512de fixed wrong paths 2020-05-25 19:31:03 +02:00
benkuly 805708e089 fix wrong used paath for gammu config file 2020-05-25 19:21:07 +02:00
benkuly 73b71a34c8 try to fix gammu-smsdrc is not a file 2020-05-25 19:19:30 +02:00
benkuly 1f570b3251 revert last change 2020-05-25 19:09:08 +02:00
benkuly 469554b836 try to use other mount option
to prevent docker from using dir instead of file
2020-05-25 19:04:56 +02:00
benkuly eb8e3572fd fixed wrong behaviour of gammu 2020-05-25 15:37:46 +02:00
benkuly f0ff8112c7 database admin username must be neo4j 2020-05-23 20:51:07 +02:00
benkuly fe54690ea1 fixed missing registration var 2020-05-23 15:32:16 +02:00
benkuly 63705f94f1 removed templates 2020-05-23 15:30:31 +02:00
benkuly c802009b5c fixed wrong var name 2020-05-23 15:12:56 +02:00
benkuly be101a3114 added missing service to service list 2020-05-23 14:16:44 +02:00
benkuly 9ed80e754b added missing variable 2020-05-23 13:54:07 +02:00
benkuly 1ffa4a326c matrix-sms-bridge:
added docs, added seperate service for database, pr comments
2020-05-23 13:14:24 +02:00
Slavi Pantaleev 4c4f208613 Upgrade mautrix-telegram (0.7.0 -> 0.7.2) 2020-05-22 19:54:30 +03:00
Slavi Pantaleev 5c7e5c57bd Upgrade riot-web (1.6.1 -> 1.6.2) 2020-05-22 18:08:17 +03:00
benkuly 4913ca4bb2 matri-sms-bridge:
better path handling, fixed some mistakes
2020-05-22 13:59:38 +02:00
benkuly 2d75fca257 added matrix-sms-bridge 2020-05-22 13:50:59 +02:00
Slavi Pantaleev 3198ed0dc9 Add missing matrix_mx_puppet_slack_container_http_host_bind_port variable 2020-05-22 11:12:06 +03:00
Slavi Pantaleev 4111e42070
Merge pull request #513 from joao-p-marques/fix/mx-puppet-bridge
Fix/mx puppet bridge
2020-05-22 10:53:37 +03:00
joao-p-marques afd6d7e45a change var name to correct one 2020-05-21 23:40:54 +01:00
joao-p-marques c1bb4f680e enable oauth 2020-05-21 23:40:38 +01:00
Dan Arnfield ee3944bcdb Update postgres (12.2 -> 12.3, etc) 2020-05-21 11:40:40 -05:00
Slavi Pantaleev 8fb3ce6f6d Upgrade Synapse (v1.12.4 -> v1.13.0) 2020-05-19 21:35:32 +03:00
Slavi Pantaleev a3259bbd77
Add |to_json to some variables 2020-05-19 21:15:23 +03:00
louis a03e95b7eb enable by default v2 api prefix for ma1sd 2020-05-19 17:06:11 +02:00
Slavi Pantaleev 7a2dbdc2d7 Update components 2020-05-19 15:06:35 +03:00
Slavi Pantaleev ba23779b05 Fix incorrect Jitsi container image tags
Related to #508 (Github Pull Request).
2020-05-17 21:23:18 +03:00
teutat3s 47001258b5
Ensure prosody plugin path created / permissions 2020-05-17 14:19:58 +02:00
teutat3s fbd8f3ec9b
Jitsi prosody: add volume /prosody-plugins-custom 2020-05-16 15:12:51 +02:00
teutat3s c2df3d7bbf
Update jitsi containers to 4548-1 2020-05-16 15:00:44 +02:00
Marcel Partap 93f4111654 Prevent 404s when Riot tries to retrieve domain-specific config.json
Riot unconditionally asks for a config.${document.domain}.json, c.f.
https://github.com/vector-im/riot-web/blame/develop/src/vector/getconfig.ts#L24
2020-05-13 18:34:14 +02:00
Dan Arnfield 787f12e70d Fix typo in validation 2020-05-08 13:56:31 -05:00
Slavi Pantaleev dd527d5968 Ensure correct dimension.db file ownership
This is mostly here to guard against problems happening
due to server migration and doing `chown -R matrix:matrix /matrix`.

Normally, the file is owned by `1000:1000`, as expected.

If ownership changes, Dimension could still start, but it will fail the
first time it tries to write to the database. Explicitly chowning
before startup guards against this.

Related to #485 and #486 (Github Pull Requests).
Also related to ccc7aaf0ce.
2020-05-06 11:28:09 +03:00
Slavi Pantaleev ae1b1be3f4 Do not use matrix:matrix for Dimension configuration
Dimension runs as the `node` user in the container (`1000:1000`).
It doesn't seem like we have a way around it. Thus, its configuration
must also be readable by that user (or group, in this case).
2020-05-06 11:20:14 +03:00
Slavi Pantaleev c1c8b8e62c Warn about matrix_user_uid/matrix_user_gid
We don't really need to fail in such a spectactular way,
but it's probably good to do. It will only happen for people
who are defining their own user/group id, which is rare.

It seems like a good idea to tell them that this doesn't work
as they expect anymore and to ask them to remove these variables,
which otherwise give them a fake sense of hope.

Related to #486 (Github Pull Request).
2020-05-06 10:17:19 +03:00
Slavi Pantaleev 36c61b5b4e Introduce a separate group variable (matrix_user_groupname)
Related to #485 (Github Pull Request).
2020-05-06 10:02:47 +03:00
Slavi Pantaleev ccc7aaf0ce Fix "Migrating to a new server" flow due to dynamic user/group creation 2020-05-06 09:55:40 +03:00
Slavi Pantaleev 6032affc20
Merge pull request #486 from FanchTheSystem/avoid_fixed_uid_and_gid
Remove default UID/GID
2020-05-06 09:46:49 +03:00
Slavi Pantaleev 8fea6f5130 Make sure matrix_user_uid and matrix_user_gid are always set
If one runs the playbook with `--tags=setup-all`, it would have been
fine.

But running with a specific tag (e.g. `--tags=setup-riot-web`) would
have made that initialization be skipped, and the `matrix-riot-web` role
would fail, due to missing variables.
2020-05-06 09:43:30 +03:00
Slavi Pantaleev 4359571d38 Upgrade riot-web to v1.6.0 2020-05-05 14:02:14 +03:00
Fanch a1c5a197a9 remove default UID/GID 2020-05-04 21:43:54 +02:00
Dan Arnfield e750c6c6ff Update coturn (4.5.1.1 -> 4.5.1.2) 2020-05-04 09:46:45 -05:00
Horvath Gergely d6266a8c47 fix skype bridge being rebuilt when upstream changed 2020-05-01 21:34:42 +02:00
Chris van Dijk 7585bcc4ac Allow the matrix user username and groupname to be configured separately
No migration steps should be required.
2020-05-01 19:59:32 +02:00
Chris van Dijk cf0e56e92b Consistent usage of matrix username and groupname, not uid and gid
This should be a no-op, no migration necessary.
2020-05-01 19:39:17 +02:00
Chris van Dijk 741064a178 Fix group ownership of Dimension base path and config
Ansible will migrate the ownership of the base path and config path, but
manual intervention will be required in order to migrate the ownership
of files in those directories (i.e. dimension.db).

Stop the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=stop

Fix the permissions on the server:

  (server)# chown -Rv "{{ matrix_user_username }}:{{ matrix_user_username }}" "{{ matrix_dimension_base_path }}"

which would typically look like:

  (server)# chown -Rv matrix:matrix /matrix/dimension/

Reconfigure Dimension and start the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=setup-dimension,start
2020-05-01 19:28:30 +02:00
Slavi Pantaleev 0e26810162
Merge pull request #478 from cnvandijk/feature-jitsi-ldap-auth
Add support for Jitsi LDAP authentication
2020-04-30 10:09:48 +03:00
Chris van Dijk 9d6614e80f Add support for Jitsi LDAP authentication 2020-04-29 17:57:38 +02:00
Slavi Pantaleev 669780976f
Update mappings configuration example 2020-04-29 09:29:03 +03:00
John Goerzen a2df0016eb Update matrix-appservice-irc to 0.16.0
Note the potential breaking change

Resolves #474
2020-04-28 11:43:52 -05:00
GuillauG 29f606bac7
Add 'permalinkPrefix' and 'default_theme' for configuring riot web (#472)
* add permalinkPrefix to riot-web config

* add feature to change default theme of riot-web via its config file

* remove matrix_riot_web_change_default_theme and provide sane default
2020-04-28 13:10:33 +03:00
teutat3s 37d427c05c
Update Jitsi docker images to stable 4416 2020-04-28 03:52:43 +02:00
Slavi Pantaleev 438652c732 Switch Slack image to a working tag
We've had reports of the `:latest` tag not working anymore,
leading to an error as described here:
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/341
2020-04-27 10:49:06 +03:00
Slavi Pantaleev 9cc0c5955d Use |quote in some command calls 2020-04-24 09:59:30 +03:00
Aaron Raimist 23bfaa72ec
Upgrade Synapse (1.12.3 -> 1.12.4) 2020-04-23 13:30:50 -05:00
Rodrigo Belem 033dfcb26f Remove duplicated whitelist entry in skype main.yml 2020-04-23 09:06:08 -04:00
Rodrigo Belem 4149e03b69 Initial mx-puppet-slack bridge role 2020-04-23 09:06:08 -04:00
Slavi Pantaleev 272888d917
Merge pull request #462 from cnvandijk/feature-dimension-unfederated
Add support for running dimension in an unfederated environment
2020-04-22 22:47:14 +03:00
Slavi Pantaleev 0af5a8c4cc Simplify mx-puppet-skype blacklists a bit
Related to #466 (Github Pull Request).
2020-04-22 22:42:24 +03:00
Rodrigo Belem b08a49d94d Allow skype more configurations for relay and provisioning 2020-04-22 15:26:31 -04:00
Chris van Dijk 3f4bc9b881 Move config supprt for unfederated dimension into group_vars 2020-04-22 19:23:56 +02:00
Slavi Pantaleev 9991d545dd Add note about synapse-janitor and require explicit confirmation for usage
Fixes #465 (Github Issue).

Related to https://github.com/xwiki-labs/synapse_scripts/pull/12.
2020-04-21 21:48:06 +03:00
Slavi Pantaleev 554da8338a
Merge pull request #463 from hooger/architecture
Architecture
2020-04-20 16:45:59 +03:00
Marcel Partap 46984a4f99 Nginx conf: more testing less b0rk 2020-04-19 21:42:34 +02:00
Christoph Johannes Kleine 765c046beb
add missing ; to matrix-synapse.conf.j2 2020-04-19 19:50:42 +02:00
Marcel Partap 5f63d287b7 Move synapse worker ports up 10k 2020-04-19 19:05:03 +02:00
Marcel Partap e4763c21bc nginx config: route traffic to workers on matrix-synapse
FIXME: horrid duplication in template file
2020-04-19 19:05:03 +02:00
Marcel Partap 66a4073512 Publish synapse worker ports, need to be accessible to nginx 2020-04-19 19:05:03 +02:00
Marcel Partap cf452fdf0a Fix corner-cases found through testing (aka ansible is nuts) 2020-04-19 19:05:03 +02:00
Marcel Partap a14b9c09ad Add to synapse nginx template conditional URL rewrites for workers
· 😅 How to keep this in sync with the matrix-synapse documentation?
· regex location matching is expensive
· nginx syntax limit: one location only per block / statement
· thus, lots of duplicate statements in this file
2020-04-19 19:05:03 +02:00
Marcel Partap 353bc7c362 Add initial support for synapse workers
· needs documentation; no checks yet for port clashes or typos in worker name
· according to https://github.com/matrix-org/synapse/wiki/Workers-setup-with-nginx#results
  about 90% of requests go to the synchrotron endpoint
· thus, the synchrotron worker is especially suited to be load-balanced
· most of the other workers are documented to support only a single instance
· https://github.com/matrix-org/synapse/blob/master/docs/workers.md
2020-04-19 19:05:03 +02:00
Dan Arnfield e2de6a1569 Update nginx (1.17.9 -> 1.17.10) 2020-04-19 08:38:53 -05:00
Horvath Gergely bd61598faf add experimental(?) architecture support for arm32 and arm64
the changes are necessary because certbot images are tagged, so docker does not recognize the necessary architecture
2020-04-18 22:55:19 +02:00
Chris van Dijk da2e90dcc1 Remove check for "Fail if Matrix Federation is disabled"
This playbook now suports running dimension in both a federated and an
unfederated environment.
2020-04-18 19:01:45 +02:00
Chris van Dijk 3ddb8cd148 Add support for running dimension in an unfederated environment
This config change follows:

  https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md
2020-04-18 19:00:20 +02:00
Horvath Gergely 203a319881 force build docker image if git master changes 2020-04-18 12:56:36 +02:00
Slavi Pantaleev c13c29f48e Fix |to_nice_yaml breaking formatting
Well, actually 8cd9cde won't work, unless we put the
`|to_nice_yaml` thing on a new line.

We can, but that takes more lines and makes things look uglier.
Using `|to_json` seems good enough.

The whole file is parsed as YAML later on and merged with the
`_extension` variable before being dumped as YAML again in the end.
2020-04-18 11:06:53 +03:00
Slavi Pantaleev 8cd9cdead0 Improve consistency 2020-04-18 11:05:47 +03:00
Slavi Pantaleev 27cae3d90c
Merge pull request #461 from lampholder/toml/allowed_local_3pids
Expose allowed local 3pids as a configurable option
2020-04-18 11:05:01 +03:00
Tom e54428b160 Expose allowed local 3pids as a configurable option 2020-04-18 00:11:30 +01:00
Slavi Pantaleev 43201c9e22 Upgrade matrix-corporal (1.8.0 -> 1.9.0) 2020-04-17 22:26:55 +03:00
Slavi Pantaleev 9a43cc02e0 Only install docker-python if matrix_docker_installation_enabled
Should help with #300 (Github Issue).
2020-04-17 09:45:35 +03:00
Slavi Pantaleev 4d260c0dd5 Add encryption configuration defaults to Mautrix bridges
Related to #451 (Github Issue).
2020-04-17 09:44:48 +03:00
Chris van Dijk 88c1fbf6aa Fix hardcoded values in postgres script matrix-change-user-admin-status 2020-04-17 00:54:38 +02:00
Chris van Dijk d83236ea0e Fix inconsistent whitespace 2020-04-17 00:53:26 +02:00
Rodrigo Belem cc8fc55ac6 Upstream set mx-puppet-skype default port to 8438 2020-04-15 15:13:56 -04:00
Slavi Pantaleev 69338d045a
Simplify if conditions 2020-04-12 01:09:22 +03:00
John Goerzen ddc44996e3
Fix to avoid putting an incorrect empty jitsi.preferredDomain when no local jitsi 2020-04-11 17:07:30 -05:00
Slavi Pantaleev 7035af87d8 Add support for Jitsi discovery for Riot via /.well-known/matrix/client
This will not work yet, as no version of Riot currently supports it.
It's expected to land in riot-web v1.5.16 via matrix-org/matrix-react-sdk#4348.
2020-04-09 09:58:35 +03:00
Slavi Pantaleev c1a66d3422 Put mx-puppet-skype configs in ./config directory, not ./data 2020-04-09 09:44:10 +03:00
Slavi Pantaleev 59d05ad72c
Merge pull request #441 from Jozian/skype
Initial mx-puppet-skype bridge role
2020-04-09 09:24:11 +03:00
Slavi Pantaleev 67a5ef97ba Fix missing "stun:" prefix for jitsi/web STUN server URLs
Hopefully fixes an error like this (which I haven't been able to
reproduce, but..):

> [modules/xmpp/strophe.util.js] <Object.i.Strophe.log>:  Strophe: Error: Failed to construct 'RTCPeerConnection': 'matrix.DOMAIN' is not one of the supported URL schemes 'stun', 'turn' or 'turns'.
2020-04-09 09:16:10 +03:00
Rodrigo Belem 1107207147 Initial mx-puppet-skype bridge role 2020-04-08 19:25:21 -04:00
Slavi Pantaleev 61fffa169c Use Jitsi STUN servers instead of Google ones
These are some new defaults that we switch to, to follow upstream
changes:

- https://github.com/jitsi/docker-jitsi-meet/commit/264df04
- 3121494d4b
2020-04-08 19:08:15 +03:00
Slavi Pantaleev 14786071af Pass JVB_AUTH_PASSWORD environment variable to make JVB startup happy
We define this password in the `sip-communicator.properties`
configuration file, so this is not needed for actually running JVB.

However, it does a (useless) safety check during container startup,
and we need to make that check happy.
2020-04-08 10:23:51 +03:00
Slavi Pantaleev f798605836 Undefine Jitsi secrets and require their (re-)definition 2020-04-08 09:37:54 +03:00
teutat3s f9d39f1c0c
update Jitsi, add generate-jitsi-passwords script 2020-04-08 02:07:52 +02:00
Slavi Pantaleev fab1e23609 Make a few more Jitsi Meet options configurable 2020-04-06 21:35:49 +03:00
Horvath Gergely 17e7bae2cc make selfbuild be forced on (and only) git master change 2020-04-06 18:42:15 +02:00
Horvath Gergely 3d096a2b13 make selfbuild be forced on (and only) git master change 2020-04-06 18:36:17 +02:00
Alin Trăistaru 604e581a97 add ntpd defaults 2020-04-05 10:00:09 +03:00
Slavi Pantaleev 5cca71e8da
Merge pull request #434 from teutat3s/missing_jitsi_jicofo_auth_url
add missing jitsi auth URL conditional
2020-04-04 09:48:39 +03:00
Alin Trăistaru 697e91aa05 jitsi-web: add more defaults 2020-04-04 08:29:37 +03:00
teutat3s 9adddb19e2
fix whitespace 2020-04-04 03:34:49 +02:00
teutat3s ea072eb38d
add missing jitsi auth URL conditional 2020-04-04 02:23:13 +02:00
teutat3s 4ed0632327
fix jitsi guests mode according to docker-jitsi-meet repo 2020-04-03 18:36:23 +02:00
Slavi Pantaleev f78fa3f328 Upgrade Synapse (1.12.0 -> 1.12.3) 2020-04-03 14:26:30 +03:00
Slavi Pantaleev 5927ed56b0 Fix matrix_ma1sd_service_stat.stat.exists sometimes being undefined 2020-04-03 13:55:23 +03:00
Slavi Pantaleev c3efd2966f Fix mxisd -> ma1sd migration for older versions of Ansible 2020-04-03 13:12:03 +03:00
Slavi Pantaleev 845f5f007b Make Synapse use ma1sd (if enabled) for threepid registration 2020-04-03 10:08:37 +03:00
Slavi Pantaleev a0b82d2234 Fix mxisd -> ma1sd data migration (mxisd.db -> ma1sd.db) 2020-04-03 09:54:05 +03:00
Slavi Pantaleev a4ea2f850b Provide a friendlier migration message from people using matrix_mxisd_ variables 2020-04-03 09:42:14 +03:00
Slavi Pantaleev be19511338 Add missing container self-build variables for ma1sd 2020-04-03 09:28:44 +03:00
Slavi Pantaleev 59ccff9bab Fix mxisd -> ma1sd file copying
When the playbook executes on a remote host (as it usually does),
we need to explicitly say `src` is a remote file and not relative
to the playbook.
2020-04-03 09:27:22 +03:00
Marcel Partap 4172345d34 Fix regex matching against old variable names in ma1sd validation task 2020-04-02 17:20:06 +02:00
Marcel Partap e4ceeccd14 Add mxisd => ma1sd migration task 2020-04-02 17:19:40 +02:00
Marcel Partap 92672f8949 matrix-ma1sd/tasks/validate_config.yml: can ansible process regex in when statements? 2020-04-02 11:31:59 +02:00
Marcel Partap ed34d0ac39 fix "noeol" ("No newline at end of file" == missing 0A byte at file end) 2020-04-02 11:31:59 +02:00
Marcel Partap c2d384d2ef some more mxisd to ma1sd string/URL replacements 2020-04-02 11:31:38 +02:00
Marcel Partap 8c5c2e5eec Bump ma1sd version to 2.3.0 2020-04-02 11:31:38 +02:00
Marcel Partap 874e2e1fc0 Rename variables (s/mxisd/ma1sd/) and adapt roles 2020-04-02 11:31:38 +02:00
Marcel Partap 9d0803cdf9 Specify up-to-date version 2.2.2 of ma1sd docker image 2020-04-02 11:26:30 +02:00
Marcel Partap 187dedf920 Duplicate matrix-mxisd role for matrix-ma1sd fork
(adapting strings and URLs)
2020-04-02 11:26:30 +02:00
Slavi Pantaleev e1774c648a Upgrade riot-web (v1.5.14 -> v1.5.15) 2020-04-01 18:11:12 +03:00
Slavi Pantaleev 8bcc9712d0 Make follow_redirects configurable when checking /.well-known/matrix/client
Discussed in #101 (Github Issue).
2020-03-31 11:45:32 +03:00
Slavi Pantaleev ca04ca9ffe Make it possible to change Jitsi web UI language
Fixes #427 (Github Issue).
2020-03-30 17:05:00 +03:00
Slavi Pantaleev 26b73e3a4b Do not install unnecessary bash-completion 2020-03-30 17:00:20 +03:00
Slavi Pantaleev edb77cf799
Merge pull request #426 from bnounours/master
Fix bad network and bad path to postgres env in docker run
2020-03-30 16:55:02 +03:00
Slavi Pantaleev 067588b262 Upgrade riot-web 2020-03-30 16:54:18 +03:00
Mickaël Cornière 82989b662a Fix bad network and bad path to postgre env 2020-03-29 23:49:09 +02:00
Slavi Pantaleev c655a6467a Fix --tags=start regression
Related to #425 (Github Pull Request)
2020-03-29 15:48:46 +03:00
Slavi Pantaleev ac60115190 Fix git installation bug during synapse-simple-antispam installation
Fixes #424 (Github Issue).
2020-03-29 10:11:08 +03:00
Christian Wolf 3f62ff1120 Overcame bug in current systemd 2020-03-28 17:33:35 +01:00
Christian Wolf 51c271905d Removed bug in enhanced waiting 2020-03-28 13:00:56 +01:00
Christian Wolf 8c9b5ea6dd Removed a few syntax bugs in Archlinux configuration 2020-03-28 13:00:01 +01:00
Christian Wolf 4bc73ff4bb Removed autoinstallation of cron due to documentation 2020-03-28 11:57:32 +01:00
Christian Wolf 26bc66117d Removed redunadant waiting 2020-03-28 11:42:41 +01:00
Christian Wolf 2849f0b1b8 Changed task titles to be consistent 2020-03-28 11:39:35 +01:00
Christian Wolf d84b2868b7 Added basic changes to make it compatible with Archlinux 2020-03-28 11:39:15 +01:00
Slavi Pantaleev 3860709e19 Ensure matrix-mautrix-hangouts-db container is killed/removed 2020-03-25 18:03:45 +02:00
mooomooo eebc6e13f8 Made directory variables for /etc/systemd/system , /etc/cron.d , /usr/local/bin 2020-03-24 11:27:58 -07:00
Slavi Pantaleev 0f39cb9987 Fix incorrect server_name for Jitsi
Fixes #417 (Github Issue)
2020-03-24 17:57:39 +02:00
Slavi Pantaleev 0e69a51036 Upgrade matrix-corporal (1.7.2 -> 1.8.0) 2020-03-24 16:41:24 +02:00
Slavi Pantaleev fcb4f2579d Upgrade matrix-corporal (1.7.1 -> 1.7.2) 2020-03-24 16:15:52 +02:00
Slavi Pantaleev d605b219a2 Manage Jitsi configuration by ourselves for most components
We do this for 2 reasons:

- so we can control things which are not controllable using environment
variables (for example `stunServers` in jitsi/web, since we don't wish
to use the hardcoded Google STUN servers if our own Coturn is enabled)

- so playbook variable changes will properly rebuild the configuration.
When using Jitsi environment variables, the configuration is only built
once (the first time) and never rebuilt again. This is not the
consistent with the rest of the playbook and with how Ansible operates.
We're not perfect at it (yet), because we still let the Jitsi containers
generate some files on their own, but we are closer and it should be
good enough for most things.

Related to #415 (Github Pull Request).
2020-03-24 09:35:21 +02:00
Slavi Pantaleev cdd9ee1962 Add Jitsi support 2020-03-23 17:19:15 +02:00
Slavi Pantaleev 9032151486 Update Synapse configuration for v1.12.0
Some options are no longer required and have sensible default values.
2020-03-23 16:15:03 +02:00
tctovsli 949b5d7a46
Release synapse v.1.12.0 2020-03-23 15:03:40 +01:00
Slavi Pantaleev 027056e027 Fix weird path creation
Fixes #403 (Github Issue).
2020-03-18 18:24:30 +02:00
Slavi Pantaleev b6cf5758cc
Merge pull request #407 from thedanbob/nginx-certbot
Update nginx (1.17.8 -> 1.17.9) and certbot (1.2.0 -> 1.3.0)
2020-03-18 13:56:13 +02:00
Slavi Pantaleev e9d7a6faf7
Merge pull request #406 from thedanbob/postgres-12.2
Update postgres (12.1 -> 12.2, etc)
2020-03-18 13:54:58 +02:00
Dan Arnfield c7440b723a Update certbot (1.2.0 -> 1.3.0) 2020-03-18 06:54:10 -05:00
Dan Arnfield 4065d74a5f Update nginx (1.17.8 -> 1.17.9) 2020-03-18 06:53:59 -05:00
Dan Arnfield e36de7e627 Update postgres (12.1 -> 12.2, etc) 2020-03-18 06:50:51 -05:00
Dan Arnfield bfd87000cc Update riot-web (1.5.12 -> 1.5.13) 2020-03-18 06:40:01 -05:00
Slavi Pantaleev 3cee815baf Fix some typos 2020-03-15 11:34:35 +02:00
Slavi Pantaleev 063e988db2 Make gradle installation fail in a friendlier way on CentOS 2020-03-15 11:26:24 +02:00
Slavi Pantaleev 2b85fde103 Rename some variables for consistency 2020-03-15 10:15:27 +02:00
Slavi Pantaleev 8fe97abe7d Wire matrix_container_images_self_build to self_build variables via group_vars/matrix_servers
This keeps the roles cleaner and more independent of matrix-base,
which may be important for people building their own playbook
out of the individual roles and not using the matrix-base role.
2020-03-15 10:10:41 +02:00
Horvath Gergely 30fd1ab2d6 add forgotten support for variable for matrix-bridge-mautrix-facebook role 2020-03-14 20:40:31 +01:00
Horvath Gergely 976f1a4582 fix riot-web version strip 2020-03-14 19:54:13 +01:00
Horvath Gergely 2d537484d5 introduce variable 2020-03-14 19:16:29 +01:00
Horvath Gergely a164fe485e fix wrong variable name 2020-03-14 19:14:39 +01:00
Horvath Gergely 3c8535c3bc check ansible version for self-building in every role 2020-03-08 19:17:10 +01:00
Horvath Gergely 6232a81caf check if target distro is Raspbian and install docker accordingly 2020-03-08 19:04:41 +01:00
Horvath Gergely a5d94eec0b refactor variable names 2020-03-08 00:28:14 +01:00
Horvath Gergely 310aa685f9 refactor based on Slavi's requests 2020-03-08 00:24:00 +01:00
Horvath Gergely d53d63ab07 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into raspberry-pi 2020-03-07 13:57:44 +01:00
David Gnedt c55682d099 Update synapse-janitor to support current synapse database schema 2020-03-06 17:48:16 +01:00
Slavi Pantaleev e8d0b72a7b
Merge pull request #394 from swarnat/customization_welcome
Customization welcome
2020-03-06 16:50:54 +02:00
Stefan Warnat 46664c4758 Adjust variable names 2020-03-06 14:31:15 +01:00
Slavi Pantaleev 00596452c2 Update riot-web (1.5.11 -> 1.5.12) 2020-03-05 10:53:35 +02:00
Stefan Warnat 054e6fed0c rearrange main.yml of riot-web and use same logo URL for both logos 2020-03-03 22:27:39 +01:00
Stefan Warnat 0322a5443a additional customizations of welcome page 2020-03-03 22:16:52 +01:00
Stefan Warnat 8bc4f56385 Improve customization of welcome page 2020-03-03 19:01:43 +01:00
Slavi Pantaleev a727e7c497 Upgrade Synapse (v1.11.0 -> v1.11.1) 2020-03-03 17:32:22 +02:00
Slavi Pantaleev be6c048abe Remove useless matrix_appservice_webhooks_webhooks_port
In relation to #392 (Github Issue)
2020-03-03 12:38:26 +02:00
Slavi Pantaleev bbe7bff184
Merge pull request #392 from swarnat/fix_webhooks
Switch Webhooks Port, which is exposed for external nginx
2020-03-03 12:37:39 +02:00
tctovsli 209e716580
New version of matrix-riot-web 2020-03-03 09:08:37 +01:00
Stefan Warnat d5e5572f2c switch Port, which is exposed to same, which is internal used 2020-03-02 18:36:58 +01:00
Slavi Pantaleev 37f3a2d5a8 Add support for themes to riot-web 2020-02-26 08:40:35 +02:00
Julian Foad 3228cfd229 Add custom server name string in Riot config.
This adds into the Riot config.json the field
  'default_server_config.m.homeserver.server_name'
with, by default, the value of the playbook's 'matrix_domain' variable.

Riot displays this string in its login page and will now say 'Sign in to
your Matrix account on example.org' (the server name) instead of 'Sign
in ... on matrix.example.org' (the server domain-name).

This string can be configured by setting the playbook variable
  'matrix_riot_web_default_server_name'
to any string, so we can make Riot say for example 'Sign in ... on Our
Server'.
2020-02-24 14:00:43 +00:00
Julian Foad 7a45c651d2 Use new syntax for default HS/IS in Riot config.
This change makes no difference in itself, but is a pre-requisite for
adding the 'server name' config, and the old syntax is deprecated.
2020-02-24 13:55:00 +00:00
Horvath Gergely 6366817930 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into raspberry-pi 2020-02-24 08:59:25 +01:00
Horvath Gergely f56825580d hangouts-bridge no-proxy warning does not trigger when 'matrix_nginx_proxy_enabled = false' is explicitly set 2020-02-24 08:59:10 +01:00
Aaron Raimist 6ba961bd11
Upgrade riot-web (1.5.9 -> 1.5.10) 2020-02-23 12:35:29 -06:00
Horvath Gergely 610c98d6ab add riot-web support for raspberry pi 2020-02-21 18:51:56 +01:00
Horvath Gergely 40d0fea06c add mautrix-hangouts support for raspberry pi 2020-02-21 18:27:26 +01:00
Horvath Gergely ac118d2f25 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into raspberry-pi 2020-02-21 18:09:45 +01:00
Horvath Gergely f28c7b71d2 build mxisd for rapsberry pi 2020-02-21 18:08:24 +01:00
Slavi Pantaleev 5de8f27122 Upgrade Synapse (v1.10.1 -> v1.11.0) 2020-02-21 12:32:35 +02:00
Horvath Gergely 8c1e00a6cd add mautrix-facebook support for raspberry pi 2020-02-21 07:56:28 +01:00
Horvath Gergely 5a4e4f6fb9 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into raspberry-pi 2020-02-21 07:36:49 +01:00
Horvath Gergely 697f86d06f minor fix 2020-02-19 22:26:43 +01:00
Horvath Gergely 7c4a86bc6b add coturn support for raspberry pi 2020-02-19 22:18:17 +01:00
Slavi Pantaleev 6106a80708
Merge pull request #383 from sathiscode/patch-1
Fixed appservice webhooks container port mapping
2020-02-19 10:14:44 +02:00
Slavi Pantaleev 8343ff5268
Add missing to_json filter 2020-02-19 10:13:36 +02:00
Sathis ff59901bc0
Fixed appservice webhooks container port mapping 2020-02-19 13:03:06 +05:30
Horvath Gergely d8b31afd1a Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into raspberry-pi 2020-02-18 21:46:59 +01:00
orange 45e32bdad2 add synapse config enable_group_creation 2020-02-18 18:05:54 +01:00
Horvath Gergely 4b7f0787ca Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2020-02-17 21:52:34 +01:00
Horvath Gergely a096eafb45 add possibility to install synapse on raspberry pi 2020-02-17 21:48:48 +01:00
Dan Arnfield 96557c6280 Update synapse (1.10.0 -> 1.10.1) 2020-02-17 13:27:05 -06:00
Slavi Pantaleev 47696056d3 Upgrade riot-web (1.5.8 -> 1.5.9) 2020-02-17 16:12:29 +02:00
Horvath Gergely bbbcc18c70 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2020-02-15 18:30:03 +01:00
Slavi Pantaleev da98a06553
Merge pull request #377 from thedanbob/certbot-1.2.0
Update certbot (1.0.0 -> 1.2.0)
2020-02-12 13:58:32 +01:00
Slavi Pantaleev 2b6c263900
Merge pull request #376 from thedanbob/nginx-1.17.8
Update nginx (1.17.7 -> 1.17.8)
2020-02-12 13:58:19 +01:00
Dan Arnfield bb08022623 Update certbot (1.0.0 -> 1.2.0) 2020-02-12 06:56:25 -06:00
Dan Arnfield 74235df820 Update nginx (1.17.7 -> 1.17.8) 2020-02-12 06:52:11 -06:00
Dan Arnfield bac7685ce4 Update synapse (1.9.1 -> 1.10.0) 2020-02-12 06:46:52 -06:00
Horvath Gergely 8a0c3146d3 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2020-02-11 20:56:54 +01:00
Daniel Hoffend b280b05c25 matrix-nginx-proxy: adding additional configuration blocks 2020-02-10 23:42:41 +01:00
Lee Verberne 8fe8cf9113 Fix matrix-appservice-irc database specification
This fixes an incorrect indentation in the database specification for
appservice-irc which caused matrix-appservice-irc to refuse to start
with the remarkably unhelpful error message:

```
ERROR:CLI Failed to run bridge.
```

This also updates doc links to the new matrixdotorg repo because the
tedomum repo contains out-of-date documentation.
2020-02-08 11:02:03 +01:00
Slavi Pantaleev f18037ae42 Disable TLSv1.1 by default 2020-01-30 12:56:20 +02:00
Slavi Pantaleev f9a67624e1 Upgrade Synapse (1.9.0 -> 1.9.1) 2020-01-28 16:02:09 +02:00
Slavi Pantaleev b323c975cf Upgrade riot-web (1.5.7 -> 1.5.8) 2020-01-28 13:01:30 +02:00
Slavi Pantaleev c9f2bf89b5 Fix incorrect REST Auth module URL
Regression since #362 (Github Pull Request).
2020-01-27 12:22:40 +02:00
Slavi Pantaleev 38d4c555d0
Merge pull request #362 from spantaleev/ma1uta-rest-auth-password-provider
Switch from kamax-matrix/matrix-synapse-rest-password-provider to ma1uta/matrix-synapse-rest-password-provider
2020-01-26 23:18:39 +02:00
Slavi Pantaleev 0696845f3f
Merge pull request #361 from spantaleev/official-matrix-appservice-irc
Switch to upgraded & official matrix-appservice-irc Docker image
2020-01-26 23:18:04 +02:00
Slavi Pantaleev 874d2390dd Revert "Upgrade Slack bridge to 1.0.2"
This reverts commit 61e93744ec.

Reverting because of:
- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/341
- https://github.com/matrix-org/matrix-appservice-slack/issues/347
2020-01-26 23:07:12 +02:00
Slavi Pantaleev c2135d1afe Switch from kamax-matrix/matrix-synapse-rest-password-provider to ma1uta/matrix-synapse-rest-password-provider
Synapse v1.9.0 changed some things which made the REST Auth Password
Provider break.

The ma1uta/matrix-synapse-rest-password-provider implements some
workarounds for now and will likely deliver a proper fix in the future.

Not much has changed between the 2 projects, so this should be a
painless transition.
2020-01-25 10:23:59 +02:00
Slavi Pantaleev aa05df6a02 Switch to upgraded & official matrix-appservice-irc Docker image 2020-01-25 10:07:08 +02:00
Slavi Pantaleev 77b919aec6 Become compatible with official matrix-appservice-irc Docker image
This change allows us to work with both our existing Docker image
(`tedomum/matrix-appservice-irc:latest`) and with the
official Docker image (`matrixdotorg/matrix-appservice-irc`).

The actual change to the official Docker image requires more testing
and will be done separately.
2020-01-25 10:05:47 +02:00
dhose 320d512541 Fix for when if case evaluates to false 2020-01-24 19:46:58 +01:00
Dan Arnfield bc620895ca Install python3-docker if ansible is running python 3 2020-01-24 06:59:42 -06:00
Slavi Pantaleev 2c04384e8e Synchronize config with the one from Synapse 1.9.0
Related to #355.
2020-01-23 15:47:53 +02:00
Paul Tötterman e9761679eb
Upgrade Synapse to 1.9.0 2020-01-23 15:46:24 +02:00
Slavi Pantaleev 704d2ff861
Merge pull request #351 from prasket/matrix-change-user-admin-status
Matrix change user admin status
2020-01-23 10:35:28 +02:00
Dan Arnfield 86eff45e8b uri.follow_redirects is now a string field 2020-01-22 15:36:54 -06:00
prasket 83e7a8d9e6 corrected hardcoded matrix domain and added code to remove old matrix-make-user-admin script per suggestion. 2020-01-21 18:29:17 -08:00
Slavi Pantaleev 9d3d538a2d Use C collation for Postgres to appease Synapse 2020-01-21 00:13:47 +02:00
prasket e99497bb60 created new file with change admin options and removed make admin file. Updated name references as well throughout the project. 2020-01-19 18:39:56 -08:00
Slavi Pantaleev 72f6e56fb8 Upgrade mautrix-telegram (0.6.1 -> 0.7.0) 2020-01-18 14:17:50 +02:00
David Gnedt 73d0bf7170 Fix regex in matrix_appservice_webhooks_registration_yaml 2020-01-15 19:17:05 +01:00
Horvath Gergely 83e5cd7d6f Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2020-01-13 19:38:55 +01:00
Björn Marten f9d518796b Correct regex in matrix_appservice_webhooks_registration_yaml 2020-01-13 17:30:39 +01:00
Björn Marten 80e4eb9ab7 Remove file logging completely 2020-01-13 17:30:19 +01:00
Björn Marten 268e1d0c80 Remove appearance section in matrix_appservice_webhooks_configuration_yaml due to not being used 2020-01-13 17:30:01 +01:00
Björn Marten 208d5d0fda Adjust log level choices to verbose and info 2020-01-13 17:29:46 +01:00
Björn Marten a8476c1b8e Mention that the bridge itself expects its own domain and not '/appservice-webhooks' 2020-01-13 17:29:19 +01:00
Björn Marten 654d45a2bf Adjust message when webhook bridge is activated but nginx-proxy is not 2020-01-13 17:20:50 +01:00
Björn Marten 6b2bf2c38b Get rid of rewrite terminology 2020-01-13 17:20:50 +01:00
Björn Marten 3a80616185 Change logging behaviour to only stdout with configurable verbosity (default: info) 2020-01-13 17:20:49 +01:00
Björn Marten 9892eac789 Adjust API secret to be a configurable and required variable 2020-01-13 17:20:49 +01:00
Björn Marten 50bf8c8dd7 Add matrix-appservice-webhooks role. 2020-01-13 17:20:49 +01:00
Lyubomir Popov 800dc61335
Upgrade riot-web (1.5.6 -> 1.5.7) 2020-01-13 14:34:15 +00:00
Gergely Horváth 1c314fcf29 first version of raspbian docker setup 2020-01-13 13:38:21 +01:00
Gergely Horváth 05966c8cff make sure Raspbian is not handled the same as Debian 2020-01-13 12:52:28 +01:00
Slavi Pantaleev 675aaa1215 Fix escaping issues affecting the Whatsapp bridge
Regression introduced in 53186ffa1c
2020-01-13 10:56:48 +02:00
Slavi Pantaleev 61e93744ec Upgrade Slack bridge to 1.0.2
NeDB is deprecated, so we should transition away from it in the future.
Still, most of the functionality should work on this new version.
2020-01-12 21:35:03 +02:00
Slavi Pantaleev bd38861179 Add support for automatic Double Puppeting for all Mautrix bridges 2020-01-12 20:28:36 +02:00
Slavi Pantaleev 53186ffa1c Sync configuration with upstream for all Mautrix bridges 2020-01-12 19:10:05 +02:00
Slavi Pantaleev a84a24d9f5 Upgrade nginx (1.17.6 -> 1.17.7) 2020-01-11 17:32:02 +02:00
Slavi Pantaleev fddd3f922f Upgrade Synapse to 1.8.0 2020-01-09 15:33:35 +02:00
Marcel Partap 7ead77fdb7 Remove spurious 'mxisd' string from mautrix bridge templates comment 2020-01-08 22:39:21 +01:00
Dan Arnfield 4f3f263420 Update synapse (1.7.2 -> 1.7.3) 2019-12-31 06:28:58 -06:00
Slavi Pantaleev 8b5b075fda Fix typo 2019-12-31 11:25:09 +02:00
Slavi Pantaleev 0e3e3cdf86 Upgrade Synapse (1.7.1 -> 1.7.2) 2019-12-20 13:20:54 +02:00
Slavi Pantaleev 9a33e5c7ad Make it possible to control Coturn ports and listen interfaces
Related to #330 (Github Issue).
2019-12-20 12:21:43 +02:00
Slavi Pantaleev 89dbe5cfc5 Add the ability to control the certbot HTTP bind port
Fixes #330 (Github Issue).
2019-12-19 09:07:24 +02:00
Slavi Pantaleev b09f5a783b Upgrade Synapse (1.7.0 -> 1.7.1) 2019-12-18 12:15:52 +02:00
Slavi Pantaleev a78002f12b Upgrade certbot (0.40.1 -> 1.0.0) 2019-12-13 14:52:29 +02:00
Slavi Pantaleev d69ddcfdac Upgrade Synapse (1.6.1 -> 1.7.0) 2019-12-13 14:52:29 +02:00
Daniel Løvbrøtte Olsen 3f7af3ef3f
Expose self service bridging in matrix_appservice_discord
This allows for users to bridge already existing matrix rooms to discord
2019-12-11 14:47:44 +01:00
Slavi Pantaleev 8cd51ad1ab
Merge pull request #322 from aaronraimist/integrations-manager-well-known
Implement MSC1957: Integration manager discovery
2019-12-10 11:00:29 +02:00
Aaron Raimist 2ea507e2ea
Don't make it Dimension specific 2019-12-09 22:23:56 -06:00
Slavi Pantaleev 783ed766f0 Upgrade riot-web (1.5.5 -> 1.5.6) 2019-12-09 14:05:04 +02:00
Yuri Moens 0866f98957 Render vhost directives in https server block 2019-12-08 00:58:32 +01:00
Slavi Pantaleev ca3b158d94 Add support to matrix-nginx-proxy to work in HTTP-only mode 2019-12-06 11:53:15 +02:00
Aaron Raimist fe932273aa
Implement MSC1957: Integration manager discovery
https://github.com/matrix-org/matrix-doc/pull/1957

Yay Riot iOS now supports integration manager discovery!
2019-12-05 17:32:51 -06:00
Aaron Raimist 79d1576648
Allow Synapse manhole to be enabled
Can you double check that the way I have this set only exposes it locally? It is important that the manhole is not available to the outside world since it is quite powerful and the password is hard coded.
2019-12-05 00:07:15 -06:00
Slavi Pantaleev 1ec7cd898d Upgrade matrix-corporal (1.7.0 -> 1.7.1) 2019-12-04 14:52:11 +02:00
Slavi Pantaleev 163a1b4294
Merge pull request #318 from benkuly/master
Add telegram relay bot feature to playbook
2019-12-03 12:02:46 +02:00
Slavi Pantaleev ce1ce03b3d Upgrade matrix-corporal (1.6.0 -> 1.7.0) 2019-12-03 11:51:01 +02:00
benkuly e23be75f6d
added vars for bot token in telegram bridge 2019-11-30 08:33:32 +01:00
Slavi Pantaleev 25dc53c34a Switch riot-web image (bubuntux/riot-web -> vectorim/riot-web)
Switching to the official image (vectorim/riot-web) should ensure:
- there's less breakage, as it's maintained by the same team as riot-web
- there's fewer actors we need to trust
- we can upgrade riot-web faster, as newer versions should be released
on Docker hub at the same time riot-web releases are made
2019-11-29 10:11:48 +02:00
Slavi Pantaleev b55198836a Upgrade riot-web (1.5.4 -> 1.5.5) 2019-11-28 14:18:49 +02:00
Slavi Pantaleev b8baf1356e Upgrade Synapse (1.6.0 -> 1.6.1) 2019-11-28 13:59:42 +02:00
Dan Arnfield fda16c17f5 Update riot-web (1.5.3 -> 1.5.4) 2019-11-26 08:44:00 -06:00
Slavi Pantaleev 0c51440426 Update Synapse to v1.6.0 2019-11-26 16:28:17 +02:00
Dan Arnfield 24646dc506 Update nginx (1.17.5 -> 1.17.6) 2019-11-21 09:38:59 -06:00
Dan Arnfield 4a60f385d1 Update postgres versions (12.0 -> 12.1, etc) 2019-11-21 09:38:37 -06:00
Slavi Pantaleev 4cc6cdf6f3
Merge pull request #314 from aaronraimist/well-known-client-no-identity
Remove identity server section from .well-known/matrix/client if there is no identity server
2019-11-21 11:59:46 +02:00
Aaron Raimist 9ab68a3cb4
Remove identity server section from .well-known/matrix/client if there is no identity server
Riot used to be fine with it being blank but now it complains. This creates an ugly looking comma when there is an identity server configured but I guess that's fine.
2019-11-20 16:05:16 -06:00
Slavi Pantaleev f348370f15
Remove unnecessary update_cache directive / Debian
We've just updated it in the task above, so it's unnecessary
2019-11-19 09:22:41 +02:00
Slavi Pantaleev c88c0e7e87
Remove unnecessary update_cache directive / CentOS
We've just updated it in the task above, so it's unnecessary
2019-11-19 09:22:14 +02:00
Dan Arnfield 960088752c Add matrix_docker_package_name 2019-11-18 11:29:14 -06:00
Dan Arnfield 80cfb2a93e Add matrix_docker_installation_enabled 2019-11-18 11:20:01 -06:00
Dan Arnfield 3cec6947ed Refactor base server setup tasks 2019-11-18 11:11:56 -06:00
Hardy Erlinger eb7391d373 Fix: Restrict a Debian-specific task to Debian OS.
Since commit b9753635 the task 'Ensure docker-ce is installed (Debian)' fails with an error on CentOS although it should not even run on this OS.
2019-11-16 14:53:42 +01:00
Dan Arnfield b975363530 Don't install docker-ce if docker.io is installed 2019-11-15 14:56:42 -06:00
Dan Arnfield 140002ed49 Update certbot (0.38.0 -> 0.40.1) 2019-11-13 15:19:38 -06:00
Slavi Pantaleev 2da40c729a Do not expose server room directory by default
Prompted by: https://matrix.org/blog/2019/11/09/avoiding-unwelcome-visitors-on-private-matrix-servers

This is a bit controversial, because.. the Synapse default remains open,
while the general advice (as per the blog post) is to make it more private.

I'm not sure exactly what kind of server people set up and whether they
want to make the room directory public. Our general goal is to favor
privacy and security when running personal (family & friends) and corporate
homeservers, both of which likely benefit from having a more secure default.
2019-11-10 08:55:46 +02:00
Slavi Pantaleev 50614f1bad Simplify Prerequisites a bit
Don't mention systemd-journald adjustment anymore, because
we've changed log levels to WARNING and Synapse is not chatty by default
anymore.

The "excessive log messages may get dropped on CentOS" issue no longer
applies to most users and we shouldn't bother them with it.
2019-11-10 08:35:17 +02:00
Mike 4edb1eb131
Update init.yml
Removed a set_facts that I have used for tracing down the issue
2019-11-09 23:53:04 +01:00
Michael Haak 5b213e6ad0 Replace constructs appending elements with variables to matrix_synapse_container_extra_arguments. Fixes issue https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/304 2019-11-09 23:16:12 +01:00
Aaron Raimist c600ff758d
Upgrade riot-web (1.5.2 -> 1.5.3) 2019-11-08 09:48:08 -06:00
Slavi Pantaleev f0e80218b0 Upgrade Synapse (1.5.0 -> 1.5.1) 2019-11-06 12:28:48 +02:00
Dan Arnfield 80265bfec5 Update riot-web (1.5.0 -> 1.5.2) 2019-11-05 13:00:19 -06:00
recklesscoder 5d3b765241
Actually use matrix_synapse_storage_path
matrix_synapse_storage_path is already defined in matrix-synapse/defaults/main.yml (with a default of "{{ matrix_synapse_base_path }}/storage"), but was not being used for its presumed purpose in matrix-synapse.service.j2. As a result, if matrix_synapse_storage_path was overridden (in a vars.yml), the synapse service failed to start.
2019-11-02 13:46:02 +01:00
Slavi Pantaleev 721ca9b83f Add missing publicUrl configuration for Dimension
Discussed in #282 (Github Issue).
2019-10-31 15:38:32 +02:00
Dan Arnfield 9b187eca8f Update nginx (1.17.4 -> 1.17.5) 2019-10-29 11:08:56 -05:00
Dan Arnfield f0ce0db7dc Update synapse (1.4.1 -> 1.5.0) 2019-10-29 10:41:46 -05:00
Slavi Pantaleev e81837a586
Undo some formatting changes 2019-10-22 10:57:16 +03:00
Noah Fleischmann 1df3d53243 Verbose logging should be off per default 2019-10-21 20:47:23 +02:00
Noah Fleischmann 9728bdffee Undo auto formatting 2019-10-21 20:41:45 +02:00
Noah Fleischmann 852fceb33f Add documentation 2019-10-21 20:11:00 +02:00
Noah Fleischmann c3fb7ebf4c Add variable for mxisd verbose logging 2019-10-21 20:06:57 +02:00
Slavi Pantaleev 3bf7a7a85e Upgrade riot-web (1.4.2 -> 1.5.0) 2019-10-19 11:08:35 +03:00
Slavi Pantaleev e0ea708acc Upgrade Synapse (1.4.0 -> 1.4.1) 2019-10-18 13:31:40 +03:00
Julian Foad 7ce80bc58e
Quote docker args in case inputs contain spaces 2019-10-14 08:59:56 +01:00
Slavi Pantaleev e32aaacaa7 Make gzipped SQL dumps by default during --upgrade-postgres 2019-10-05 11:42:08 +03:00
Slavi Pantaleev 29526e7bb1 Add support for backing up / importing all Postgres databases/users 2019-10-05 11:42:08 +03:00
Aaron Raimist 5a2c1a44e4
Upgrade riot-web (1.4.1 -> 1.4.2) 2019-10-04 19:21:39 -05:00
Paul Tötterman aabb16d78b Fix spelling ngnix -> nginx 2019-10-04 11:07:37 +03:00
Slavi Pantaleev 9c438a3870 Add support for Postgres v12 2019-10-04 08:51:36 +03:00
Dan Arnfield b59642950e Update riot-web (1.4.0 -> 1.4.1) 2019-10-03 13:07:48 -05:00
Slavi Pantaleev f25696489b
Merge pull request #273 from Sporiff/patch-1
Bump riot web version 1.3.6 -> 1.4.0
2019-10-03 19:36:10 +03:00
Slavi Pantaleev 19fb96fa57
Merge pull request #275 from aaronraimist/synapse-1.4.0
Upgrade Synapse (1.3.1 -> 1.4.0)
2019-10-03 19:35:54 +03:00
Slavi Pantaleev a37b96d829 Upgrade Synapse to 1.4.0 2019-10-03 19:26:38 +03:00
Slavi Pantaleev 392f8202bd Make SAML2 configuration match sample config generated using generate command 2019-10-03 19:26:38 +03:00
Slavi Pantaleev 810d0fb0e4 Make it possible to serve static websites from the base domain 2019-10-03 11:24:04 +03:00
Aaron Raimist 413d9ec143
WIP: Upgrade Synapse (1.3.1 -> 1.4.0rc2) 2019-10-02 21:35:44 -05:00
Ciarán Ainsworth 271d32b866
Bump riot web version 1.3.6 -> 1.4.0 2019-09-28 17:13:07 +01:00
Slavi Pantaleev 1dd1f9602f
Merge pull request #271 from thedanbob/certbot-0.38
Update certbot (0.37.1 -> 0.38.0)
2019-09-25 16:31:36 +03:00
Dan Arnfield c12ca8fff0 Update certbot (0.37.1 -> 0.38.0) 2019-09-25 06:17:12 -05:00
Dan Arnfield 2dd9dc4882 Update nginx (1.17.3 -> 1.17.4) 2019-09-25 06:00:44 -05:00
Slavi Pantaleev 3264024055 Update matrix-corporal (1.5.0 -> 1.6.0) 2019-09-24 11:07:09 +03:00
Slavi Pantaleev 73c90e9513 Try to make Synapse config/key generation respect uid/gid
Attempt at fixing #268 (Github Issue)
2019-09-23 18:08:36 +03:00
Dan Arnfield f076bd2474 Update riot-web (1.3.5 -> 1.3.6) 2019-09-20 08:03:02 -05:00
Slavi Pantaleev 39ae7959bd Upgrade Telegram bridge (0.6.0 -> 0.6.1) 2019-09-20 15:23:34 +03:00
gusttt 25262fa0e1 Disable docker network tasks in check mode to allow running the playbook in check mode (--check --diff) 2019-09-17 22:24:38 +02:00
Aaron Raimist b930c29bf0
Upgrade riot-web (1.3.3 -> 1.3.5) 2019-09-16 21:36:49 -05:00
Slavi Pantaleev 68ed2ebefa Add support for Synapse Simple Antispam
Fixes #255 (Github Issue).
2019-09-09 08:13:10 +03:00
Slavi Pantaleev 4b1e9a4827 Add support for configuring Synapse spam_checker setting 2019-09-09 08:11:32 +03:00
Slavi Pantaleev 6b8ca70a0b Upgrade Exim (4.92.1 -> 4.92.2) 2019-09-09 07:22:45 +03:00
Slavi Pantaleev 14e242aec1 Make matrix-mailer exit more gracefully 2019-09-04 10:04:57 +03:00
Slavi Pantaleev 1784bde226 Ensure Postgres data ownership is correct
Fixes #257 (Github Issue)
2019-09-02 10:01:31 +03:00
Slavi Pantaleev a6d51ebe9b Force-pull Slack Docker image if :latest 2019-08-28 14:00:34 +03:00
Julian Foad a5eb845a2d
Fix force-pulling of mautrix-whatsapp 2019-08-28 11:52:42 +01:00
Slavi Pantaleev f2f3d41649 Make matrix-corporal configuration extensible
Fixes #70 (Github Issue).
2019-08-25 10:58:30 +03:00
Slavi Pantaleev 2d4e19326d Add missing when statement 2019-08-25 10:44:01 +03:00
Slavi Pantaleev 0edd7e8089 Make Riot-web configuration extensible
Fixes #71 (Github Issue).
2019-08-25 10:37:05 +03:00
Slavi Pantaleev c4eebc5355 Add information about community-grouping for the Facebook bridge 2019-08-24 12:14:17 +03:00
Slavi Pantaleev 10a9deba4a Make Synapse configuration extensible 2019-08-22 09:49:22 +03:00
Slavi Pantaleev b440d5b73c Remove some fact definitions during runtime 2019-08-22 08:00:02 +03:00
Slavi Pantaleev 65da600426
Merge branch 'master' into master 2019-08-21 07:34:20 +03:00
Slavi Pantaleev c8a4d59a81
Merge pull request #251 from Munfred/master
Add mautrix-hangouts bridge role and documentation
2019-08-21 07:15:14 +03:00
Slavi Pantaleev 2ef8898421
Add comment 2019-08-21 07:14:31 +03:00
Slavi Pantaleev 97fb71d98c
Change privilege level 2019-08-21 07:12:46 +03:00
Slavi Pantaleev 1bcbc4a9ba Update matrix-corporal (1.4.0 -> 1.5.0) 2019-08-20 11:20:26 +03:00
Slavi Pantaleev 2efcf11ee8
Remove some whitespace 2019-08-20 09:06:14 +03:00
Dan Arnfield 1ce3526bf2 Update riot-web (1.3.2 -> 1.3.3) 2019-08-19 06:46:11 -05:00
Dan Arnfield 42ea3cb0e1 Update synapse (1.3.0 -> 1.3.1) 2019-08-19 06:45:51 -05:00
Slavi Pantaleev db57618abd Update nginx and certbot 2019-08-17 10:21:23 +03:00
Slavi Pantaleev 1b2191a0f1 Add new Synapse configuration options (since 1.3.0)
Continuation of #246 (Github Pull Request)
2019-08-16 09:57:51 +03:00
Dan Arnfield 7b5e633776 Update synapse (1.2.1 -> 1.3.0) 2019-08-15 06:59:37 -05:00
Slavi Pantaleev a1afafeb35 Upgrade mxisd (1.4.5 -> 1.4.6) 2019-08-15 09:36:04 +03:00
Slavi Pantaleev 59d807fca7 Ensure auth.clientID is passed as string in Discord configuration
Discord client IDs are numeric (e.g. 12345).
Passing them as integers however, causes the Discord bridge's YAML parser
to parse them as integers and its config schema validation will fail.

Fixes #240 (Github Issue)
2019-08-11 16:16:05 +03:00
Dan Arnfield dc11704c11 Bump postgres versions (11.5, 10.10, 9.6.15) 2019-08-09 06:03:26 -05:00
Slavi Pantaleev 910ffb481c Update email2matrix (1.0 -> 1.0.1) 2019-08-09 12:10:53 +03:00
Slavi Pantaleev 99f5baa7bb Fix undefined variable error (matrix_synapse_id_servers_public)
This only gets triggered if:
- the Synapse role is used standalone and the default values are used
- the whole playbook is used, with `matrix_mxisd_enabled: false`
2019-08-08 18:30:54 +03:00
Slavi Pantaleev 5b736c416b
Merge pull request #236 from oleg-fiksel/guest-access
Added possibility to enable guest access on synapse
2019-08-08 13:18:55 +03:00
Oleg Fiksel 43628ddad6 Added "|to_json" to ensure we really pass a boolean 2019-08-08 12:11:19 +02:00
Oleg Fiksel f713bbe0f8 Added possibility to enable guest access on synapse 2019-08-08 11:57:35 +02:00
Slavi Pantaleev 3e57a1463a Serve nginx status page over HTTPS as well
Continuation of #234 (Github Pull Request).

I had unintentionally updated the documentation for the feature,
saying the page is available at `https://matrix.DOMAIN/nginx_status`.

Looks like it wasn't the case, going against my expectations.

I'm correcting this with this patch.
The status page is being made available on both HTTP and HTTPS.
Serving over HTTP is likely necessary for services like
Longview
(https://www.linode.com/docs/platform/longview/longview-app-for-nginx/)
2019-08-07 12:53:53 +03:00
p5t2vspoqqw c32a3e3204 correct defaults 2019-08-07 10:56:29 +02:00
p5t2vspoqqw 4b8190dc3f serve status page for matrix.DOMAIN only 2019-08-07 10:54:14 +02:00
p5t2vspoqqw 281f2ee519 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-08-07 09:30:24 +02:00
Dan Arnfield dc71457132 Update riot-web (1.3.0 -> 1.3.2) 2019-08-06 06:36:14 -05:00
microchipster 122c3f1ec0 sync more chats in hangouts, switch to admin mode 2019-08-06 05:27:40 +00:00
microchipster 1e8d593f7a fix hangout displayname bug 2019-08-06 05:27:40 +00:00
microchipster 75785a0734 fix login url 2019-08-06 05:27:40 +00:00
microchipster 74d9eb1ec0 fix incorrect nginx proxy entry for hangouts bridge 2019-08-06 05:27:40 +00:00
microchipster 754c475338 matrix-hangouts/login instead of just /login 2019-08-06 05:27:40 +00:00
microchipster 95750c1bc7 attempt to inject nginx config for hangouts bridge 2019-08-06 05:27:40 +00:00
microchipster 264704a29e absorb Munfred changes 2019-08-06 05:27:40 +00:00
Eduardo Beltrame c1aea7c3fc Update validate_config.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 85c7e9eb09 Update validate_config.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 0a9ce65d3b Update validate_config.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame ad682f2180 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame ef9f6efd12 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 451d84a981 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame da6d2e5621 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame bc1c30168c remove login block -- wrong file 2019-08-06 05:27:40 +00:00
Eduardo Beltrame c71cef3f70 Add hangouts /login in the right place 2019-08-06 05:27:40 +00:00
Eduardo Beltrame b0f203b2ec Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame ab6e808bc6 fix /login for mautrix-hangouts bridge 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 4528e6402b add Publicly accessible base URL for the login endpoints.
# Auth server config
        auth:
            # Publicly accessible base URL for the login endpoints.
            # The prefix below is not implicitly added. This URL and all subpaths should be proxied
            # or otherwise pointed to the appservice's webserver to the path specified below (prefix).
            # This path should usually include a trailing slash.
            public: http://example.com/login/
            # Internal prefix in the appservice web server for the login endpoints.
            prefix: /login
2019-08-06 05:27:40 +00:00
Eduardo Beltrame 2d3fc98d18 Update main.yml 2019-08-06 05:27:40 +00:00
microchipster a16347789d nginx settings for hangouts bridge login 2019-08-06 05:27:40 +00:00
microchipster 0585889d5a add hangouts bridge by copying facebook bridge and find-replacing 2019-08-06 05:27:40 +00:00
Slavi Pantaleev 4be35822dd Add Email2Matrix support 2019-08-05 13:09:49 +03:00
p5t2vspoqqw 51d5741bb3 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-08-05 09:34:30 +02:00
Slavi Pantaleev 6fe4bafc2a Decrease default Synapse logging level
Also discussed previously in #213 (Github Pull Request).

shared-secret-auth and rest-auth logging is still at `INFO`
intentionally, as user login events seem more important to keep.
Those modules typically don't spam as much.
2019-08-03 07:48:04 +03:00
Slavi Pantaleev 6fc779dc83 Ensure matrix_ssl_retrieval_method value is valid
We recently had someone in the support room who set it to `false`
and the playbook ran without any issues.

This currently seems to yield the same result as 'none', but it's
better to avoid such behavior.
2019-08-02 11:59:10 +03:00
Slavi Pantaleev c40d28a0dc Relocate user-store.db/room-store.db when migrating Discord bridge files
Refer to 524436ebef and #230 (Github Issue).
2019-08-01 14:40:12 +03:00
Slavi Pantaleev 524436ebef Add missing required parameters for Discord bridge
Fixes #230 (Github Issue).

Related to https://github.com/Half-Shot/matrix-appservice-discord/issues/510
2019-08-01 14:36:02 +03:00
Slavi Pantaleev 18f6b29372 Bump matrix-mailer / exim release (4.92.1-r0-0 -> 4.92.1-r0-1)
It adds support for a new `DISABLE_SENDER_VERIFICATION` environment
variable that can be used to disable verification of sender addresses.

It doesn't matter for us, but we upgrade to keep up with latest.
2019-07-31 10:47:57 +03:00
Slavi Pantaleev 0e3b73a612 Upgrade matrix-mailer / exim (4.92 -> 4.92.1) 2019-07-30 20:56:05 +03:00
Slavi Pantaleev d543780e42 Use mautrix-telegram Docker image from new official registry 2019-07-28 19:33:02 +03:00
Slavi Pantaleev 53ab66eef8 Use mautrix-whatsapp Docker image from new official registry 2019-07-28 19:31:42 +03:00
Slavi Pantaleev 82bb55ae7a Use new default port config for mautrix-facebook 2019-07-28 18:42:42 +03:00
Slavi Pantaleev b0162d6f75 Use mautrix-facebook Docker image from new official registry 2019-07-28 18:40:55 +03:00
kingoftheconnors 177ec295b4 Fixed matrix-appservice-slack docker command problems 2019-07-27 14:25:13 -04:00
kingoftheconnors 49766c5dac Added Slack role 2019-07-26 21:37:21 -04:00
Dan Arnfield de6c1c99b2 Fix apt message: docker doesn't support arch 'i386' 2019-07-26 14:43:35 -05:00
Slavi Pantaleev bd99dd05b4 Upgrade Synapse (1.2.0 -> 1.2.1) 2019-07-26 14:17:31 +03:00
Slavi Pantaleev 255b67a0ce Update homeserver.yaml with new options from Synapse v1.2.0
Related to #223 (Github Pull Request)
2019-07-25 22:03:12 +03:00
Dan Arnfield 0e54515c9d Update synapse (1.1.0 -> 1.2.0) 2019-07-25 08:42:33 -05:00
Dan Arnfield 9296dfd094 Update nginx (1.17.1 -> 1.17.2) 2019-07-24 06:21:37 -05:00
Lyubomir Popov 5e104e6667
Upgrade riot-web (1.2.4 - 1.3.0) 2019-07-19 10:33:27 +00:00
p5t2vspoqqw fde8615d4e Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-07-18 10:29:40 +02:00
Slavi Pantaleev 479a5137ca
Merge pull request #218 from RedooNetworks/master
introduce configuration to change riot branding / title
2019-07-17 17:07:31 +03:00
Stefan Warnat 2d24779583 remove newline 2019-07-17 15:57:22 +02:00
Stefan Warnat 2706ca9586 add configuration to change Riot.im branding 2019-07-17 15:56:15 +02:00
p5t2vspoqqw 5054fff88b Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-07-12 15:45:19 +02:00
Slavi Pantaleev 3a8ed2dd81 Upgrade riot-web (1.2.3 -> 1.2.4) 2019-07-12 13:09:21 +03:00
Slavi Pantaleev 5a6c546d87 Upgrade Telegram bridge (0.5.2 -> 0.6.0) 2019-07-12 13:08:48 +03:00
Slavi Pantaleev 87e3650327 Ensure Discord client id is passed as a string
Looks like these client ids are actually integers,
but unless we pass them as a string, the bridge would complain with
an error like:

    {"field":"data.auth.clientID","message":"is the wrong type","value":123456789012345678,"type":"string","schemaPath":["properties","auth","properties","clientID"]}

Explicitly-casting to a string should fix the problem.

The Discord bridge should probably be improved to handle both ints and
strings though.
2019-07-12 10:15:43 +03:00
Slavi Pantaleev 277a6eb7da
Merge pull request #215 from danbob/update-riot-web
Update to riot 1.2.3
2019-07-09 15:10:39 +03:00
Dan Arnfield b087d06f1e Update to riot 1.2.3 2019-07-09 05:55:48 -05:00
Slavi Pantaleev 1316d36f8b Fix deprecation warning (using cron module without name) 2019-07-09 09:11:38 +03:00
Slavi Pantaleev 9d07aaefbf Fix passkey.pem permissions breaking IRC bridge
Regression since 174a6fcd1b, #204 (Github Pull Request),
which only affects new servers.

Old servers which had their passkey.pem file relocated were okay.
2019-07-08 10:13:45 +03:00
Slavi Pantaleev 0ca21d80d7 Add Synapse Maintenance docs and synapse-janitor integration 2019-07-08 09:38:36 +03:00
Slavi Pantaleev 631a14bf0c Rename run control variables for consistency 2019-07-08 09:38:36 +03:00
Slavi Pantaleev e805044b80 Delete scripts when uninstalling Postgres 2019-07-08 09:38:36 +03:00
p5t2vspoqqw d88e261150 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-07-05 16:12:29 +02:00
Dan Arnfield f83bbf8525 Bump nginx version 2019-07-04 22:59:21 -05:00
Slavi Pantaleev 17cd52ced6 Make Synapse log messages a bit prettier
ef5e4ad061 intentionally makes us conform to
the logging format suggested by the official Docker image.

Reverting this part, because it's uglier.

This likely should be fixed upstream as well though.
2019-07-04 18:19:52 +03:00
Slavi Pantaleev ef5e4ad061 Make Synapse not log to text files
Somewhat related to #213 (Github Pull Request).

We've been moving in the opposite direction for quite a long time.
All services should just leave logging to systemd's journald.
2019-07-04 17:46:31 +03:00
Slavi Pantaleev b84139088c Fix password providers not working on Synapse v1.1.0
Fixes a regression introduced during the upgrade to
Synapse v1.1.0 (in 2b3865ceea).

Since Synapse v1.1.0 upgraded to Python 3.7
(https://github.com/matrix-org/synapse/pull/5546),
we need to use a different modules directory when mounting
password provider modules.
2019-07-04 17:28:38 +03:00
Slavi Pantaleev 73158e6c2f Fix unintentionally inverted boolean
Fixes a problem introduced by da6edc9cba.

Related to #145 (Github Pull Request).
2019-07-04 17:27:42 +03:00
Slavi Pantaleev da6edc9cba Add support for disabling Synapse's local database for user auth
This is a new feature of Synapse v1.1.0.

Discussed in #145 (Github Pull Request).
2019-07-04 17:11:51 +03:00
Slavi Pantaleev 2b3865ceea Upgrade Synapse (1.0.0 -> 1.1.0) 2019-07-04 16:58:45 +03:00
p5t2vspoqqw 9874c3df90 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-26 10:41:14 +02:00
Slavi Pantaleev 8529efcd1c Make Discord bridge configuration playbook-managed
Well, `config.yaml` has been playbook-managed for a long time.
It's now extended to match the default sample config of the Discord
bridge.

With this patch, we also make `registration.yaml` playbook-managed,
which leads us to consistency with all other bridges.

Along with that, we introduce `./config` and `./data` separation,
like we do for the other bridges.
2019-06-26 10:35:00 +03:00
Slavi Pantaleev 918526c5fe Update riot-web (1.2.1 -> 1.2.2) 2019-06-25 14:42:54 +03:00
Dan Arnfield 1eaa7b6967 Update postgres versions to latest 2019-06-24 13:11:23 -05:00
Dan Arnfield ae3a1bb148 Update nginx to 1.17.0 2019-06-24 13:10:58 -05:00
Slavi Pantaleev 37c8b96d06 Use stricter regex in bridges' registration.yaml
I've been thinking of doing before, but haven't.

Now that the Whatsapp bridge does it (since 4797469383),
it makes sense to do it for all other bridges as well.
(Except for the IRC bridge - that one manages most of registration.yaml by itself)
2019-06-24 07:50:51 +03:00
Slavi Pantaleev c876a7df1d Use |regex_escape in Whatsapp registration.yaml
Doesn't matter much, but it makes it consistent with the other bridges.
2019-06-24 07:49:19 +03:00
Slavi Pantaleev 3ff57ed74d Use container network for communication between homeserver and Whatsapp bridge 2019-06-24 07:48:56 +03:00
Slavi Pantaleev 6e26d286af
Merge pull request #207 from tommes0815/whatsapp-config-playbook-managed
Whatsapp config playbook managed
2019-06-24 07:44:26 +03:00
Slavi Pantaleev 62509e4849
Fix indentation consistency 2019-06-24 07:42:39 +03:00
Thomas Kuehne 4797469383 Make WhatsApp bridge configuration playbook-managed
- following spantaleev transition of the telegram brigde
- adding a validate_config task
2019-06-24 00:16:04 +02:00
Lee Verberne 9195ef4c07 Disable appservice-irc log files
appservice-irc doesn't have permission to create files in its project
directory and the intention is to log to the console, anyway. By
commenting out the file names, appservice-irc won't attempt to open the
files.
2019-06-22 08:39:24 +02:00
p5t2vspoqqw 466b35b1b6 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-19 16:56:29 +02:00
Slavi Pantaleev 174a6fcd1b Make IRC bridge configuration entirely managed by the playbook 2019-06-19 12:29:44 +03:00
Slavi Pantaleev 668f98a2d3 Escape domain in bridge registration regex 2019-06-19 10:40:59 +03:00
Slavi Pantaleev 380714d290 Talk to Telegram bridge over container network 2019-06-19 10:10:17 +03:00
Slavi Pantaleev f994e40bb7 Extend IRC bridge configuration with some additional options 2019-06-19 09:28:41 +03:00
Slavi Pantaleev 6b023d09d4 Use container network address for communication between IRC bridge and homeserver
This means we need to explicitly specify a `media_url` now,
because without it, `url` would be used for building public URLs to
files/images. That doesn't work when `url` is not a public URL.
2019-06-19 09:21:13 +03:00
Slavi Pantaleev 169b09f0ed Fix token mismatch error for the Telegram bridge
Regression since 4e8543ce21
2019-06-15 12:01:52 +03:00
Slavi Pantaleev 4e8543ce21 Make Telegram bridge configuration playbook-managed 2019-06-15 09:43:43 +03:00
Slavi Pantaleev 2902b53267 Minor fixes for consistency 2019-06-15 09:42:40 +03:00
Slavi Pantaleev 00383a73ac Make running --tags=setup-synapse only not fail to register bridges
Until now, if `--tags=setup-synapse` was used, bridge tasks would not
run and bridges would fail to register with the `matrix-synapse` role.
This means that Synapse's configuration would be generated with an empty
list of appservices (`app_service_config_files: []`).

.. and then bridges would fail, because Synapse would not be aware of
there being any bridges.

From now on, bridges always run their init tasks and always register
with Synapse.

For the Telegram bridge, the same applies to registering with
matrix-nginx-proxy. Previously, running `--tags=setup-nginx-proxy` would
get rid of the Telegram endpoint configuration for the same reason.
Not anymore.
2019-06-14 10:19:52 +03:00
Slavi Pantaleev d8a4007220 Upgrade exim (4.91 -> 4.92)
Note: https://www.us-cert.gov/ncas/current-activity/2019/06/13/Exim-Releases-Security-Patches

That said, I don't believe we've been affected.
Not in a bad way at least, because:
- we run exim as non-root and capabilities dropped
- we run exim in a private Docker network with known trusted relayers
(Synapse and mxisd)
2019-06-14 08:07:54 +03:00
Slavi Pantaleev 3956b300ed Disable riot-web's welcome bot
I've not found this welcome bot to work at all in my previous attempts.
It would simply not reply, even though federation works.

It seems like this is also a potential privacy issue, as per
https://gist.github.com/maxidorius/5736fd09c9194b7a6dc03b6b8d7220d0
2019-06-14 07:49:46 +03:00
Slavi Pantaleev 2e16257e50 Do not ask for _matrix._tcp SRV records anymore
With most people on Synapse v0.99+ and Synapse v1.0 now available,
we should no longer try to be backward compatible with Synapse 0.34,
because this just complicates the instructions for no good reason.
2019-06-12 14:51:10 +03:00
p5t2vspoqqw 8fcdac3738 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-12 10:10:52 +02:00
Slavi Pantaleev d8afb241ca
Merge pull request #201 from aaronraimist/default-room-version
Allow default room version to be configured
2019-06-12 09:17:45 +03:00
Slavi Pantaleev f4574961c7
Prevent double-quotes around default room version
Using `|to_json` on a string is expected to correctly wrap it in quotes (e.g. `"4"`).
Wrapping it explicitly in double-quotes results in undesirable double-quoting (`""4""`).
2019-06-12 09:17:35 +03:00
Aaron Raimist 483bdd8c01
Allow default room version to be configured 2019-06-11 21:18:06 -05:00
Aaron Raimist d262028d82
Upgrade mxisd (1.4.4 -> 1.4.5) 2019-06-11 20:19:15 -05:00
Slavi Pantaleev e4068e55ee Upgrade Synapse (0.99.5.2 -> 1.0.0) 2019-06-11 20:30:18 +03:00
Slavi Pantaleev 7d3adc4512 Automatically force-pull :latest images
We do use some `:latest` images by default for the following services:
- matrix-dimension
- Goofys (in the matrix-synapse role)
- matrix-bridge-appservice-irc
- matrix-bridge-appservice-discord
- matrix-bridge-mautrix-facebook
- matrix-bridge-mautrix-whatsapp

It's terribly unfortunate that those software projects don't release
anything other than `:latest`, but that's how it is for now.

Updating that software requires that users manually do `docker pull`
on the server. The playbook didn't force-repull images that it already
had.

With this patch, it starts doing so. Any image tagged `:latest` will be
force re-pulled by the playbook every time it's executed.

It should be noted that even though we ask the `docker_image` module to
force-pull, it only reports "changed" when it actually pulls something
new. This is nice, because it lets people know exactly when something
gets updated, as opposed to giving the indication that it's always
updating the images (even though it isn't).
2019-06-10 14:30:28 +03:00
Slavi Pantaleev 4f87f7e43e
Explain matrix_postgres_container_postgres_bind_port a little more
Previously, it only mentioned exposing for psql-usage purposes.

Realistically, it can be used for much more. Especially given that
psql can be easily accessed via our matrix-postgres-cli script,
without exposing the container port.
2019-06-10 08:24:37 +03:00
Aaron Raimist 6fce809d10
Add config option to be able to access database outside of container 2019-06-09 20:35:35 -05:00
Aaron Raimist 79f4bcf5be
Enable sentry.io integration 2019-06-07 16:02:41 -05:00
Slavi Pantaleev 44156fe659 Fix Ansible 2.8 deprecation in Dimension role 2019-06-07 17:44:32 +03:00
Slavi Pantaleev 3567d9adba Fix typo 2019-06-07 16:07:01 +03:00
Slavi Pantaleev a9953dd641 Make Facebook/Telegram bridges not log to files
We log to journald anyway. There's no need for double-logging.

It should not that matrix-synapse logs to journald and to files,
but that's likely to change in the future as well.
Because Synapse's logs are insanely verbose right now (and may get
dropped by journald), it's more reliable to have file-logging too.

As Synapse matures and gets more stable, logging should hopefully
get less, we should be able to only use journald and stop writing to
files for it as well.
2019-06-07 15:48:13 +03:00
Slavi Pantaleev 18baeabdf2 Do not create Facebook bridge directories with recurse: true
I'm not sure what I had in mind when I added this earlier,
but I think we'd better go without it.
2019-06-07 15:18:29 +03:00
Slavi Pantaleev bf446b6e15 Fix double mv command 2019-06-07 15:06:21 +03:00
Slavi Pantaleev 172b0fa88c Separate Facebook bridge configuration and data
Using a separate directory allows easier backups
(only need to back up the Ansible playbook configuration and the
bridge's `./data` directory).

The playbook takes care of migrating an existing database file
from the base directory into the `./data` directory.

In the future, we can also mount the configuration read-only,
to ensure the bridge won't touch it.
For now, mautrix-facebook is keen on rebuilding the `config.yaml`
file on startup though, so this will have to wait.
2019-06-07 14:52:38 +03:00
Slavi Pantaleev 330648a3e0 Make Facebook bridge configuration playbook-managed
Related to #193, but for the Facebook bridge.
(other bridges can be changed to do the same later).

This patch makes the bridge configuration entirely managed by the
Ansible playbook. The bridge's `config.yaml` and `registration.yaml`
configuration files are regenerated every time the playbook runs.

This allows us to apply updates to those files and to avoid
people having to manage the configuration files manually on the server.

-------------------------------------------------------------

A deficiency of the current approach to dumping YAML configuration in
`config.yaml` is that we strip all comments from it.
Later on, when the bridge actually starts, it will load and redump
(this time with comments), which will make the `config.yaml` file
change.

Subsequent playbook runs will report "changed" for the
"Ensure mautrix-facebook config.yaml installed" task, which is a little
strange.

We might wish to improve this in the future, if possible.

Still, it's better to have a (usually) somewhat meaningless "changed"
task than to what we had -- never rebuilding the configuration.
2019-06-07 14:05:53 +03:00
Slavi Pantaleev d6d6c152a3 Delay bridge startup to ensure Synapse is up
Bridges start matrix-synapse.service as a dependency, but
Synapse is sometimes slow to start, while bridges are quick to
hit it and die (if unavailable).

They'll auto-restart later, but .. this still breaks `--tags=start`,
which doesn't wait long enough for such a restart to happen.

This attempts to slow down bridge startup enough to ensure Synapse
is up and no failures happen at all.
2019-06-07 12:15:37 +03:00
Slavi Pantaleev 328d981b05 Fix undefined variables in mxisd and Dimension configuration 2019-06-07 11:46:35 +03:00
p5t2vspoqqw 0e9953f1ef Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-05 10:08:18 +02:00
Slavi Pantaleev 99086f90e8 Upgrade riot-web (1.2.0 -> 1.2.1) 2019-06-04 19:31:14 +03:00
p5t2vspoqqw 4b657b3822 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-03 10:13:25 +02:00
kingoftheconnors c06b47af77 Fixed error message to direct users to the right debug command 2019-06-02 18:24:18 -04:00
Slavi Pantaleev 3bc8aa0a82 Upgrade Synapse (0.99.5.1 -> 0.99.5.2) 2019-05-30 20:50:09 +03:00
Slavi Pantaleev 35892286a1 Upgrade mxisd (1.4.3 -> 1.4.4) 2019-05-30 17:22:39 +03:00
Slavi Pantaleev 2982b03809 Explicitly serialize matrix_synapse_app_service_config_files
Attempt to fix #192 (Github Issue), potential regression since
70487061f4.

Serializing as JSON/YAML explicitly is much better than relying on
magic (well, Python serialization being valid YAML..).
It seems like Python may prefix strings with `u` sometimes (Python 3?),
which causes Python serialization to not be compatible with YAML.
2019-05-30 09:42:08 +03:00
Slavi Pantaleev f1c124331f Upgrade riot-web (1.1.2 -> 1.2.0) 2019-05-30 08:44:21 +03:00
Slavi Pantaleev 70487061f4 Prefer --mount instead of -v for mounting volumes
This doesn't replace all usage of `-v`, but it's a start.

People sometimes troubleshoot by deleting files (especially bridge
config files). Restarting Synapse with a missing registration.yaml file
for a given bridge, causes the `-v
/something/registration.yaml:/something/registration.yaml:ro` option
to force-create `/something/registration.yaml` as a directory.

When a path that's provided to the `-v` option is missing, Docker
auto-creates that path as a directory.
This causes more breakage and confusion later on.

We'd rather fail, instead of magically creating directories.
Using `--mount`, instead of `-v` is the solution to this.

From Docker's documentation:

> When you use --mount with type=bind, the host-path must refer to an existing path on the host.
> The path will not be created for you and the service will fail with an error if the path does not exist.
2019-05-29 09:59:50 +03:00
Slavi Pantaleev 7d8dde8a53 Add support for proxying /_synapse/admin APIs
Fixes #191 (Github Issue).
2019-05-29 08:32:24 +03:00
Slavi Pantaleev 5361d3a412 Fix Telegram bridge proxying config when matrix-nginx-proxy disabled
Related to #189 (Github Issue).

People had proxying problems if:
- they used the whole playbook (including the `matrix-nginx-proxy` role)
- and they were disabling the proxy (`matrix_nginx_proxy_enabled: false`)
- and they were proxying with their own nginx server

For them,
`matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks`
would not be modified to inject the necessary proxying configuration.
2019-05-27 10:04:52 +03:00
Slavi Pantaleev 7379968a3c Fix Telegram bridge HTTP proxying when not using matrix-nginx-proxy
From what I see, this was never implemented to begin with.

Fixes #189 (Github Issue).
2019-05-26 20:50:52 +03:00
Slavi Pantaleev 120abaf391 Upgrade Telegram bridge (0.5.1 -> 0.5.2) 2019-05-26 20:41:21 +03:00
Slavi Pantaleev ab59cc50bd Add support for more flexible container port exposing
Fixes #171 (Github Issue).
2019-05-25 07:41:08 +09:00
Slavi Pantaleev be2812bc8f Remove unnecessary variables
Continuation of 54a281a425.
Related to #188 (Github Pull Request).
2019-05-24 08:01:24 +09:00
Jason Locklin 54a281a425 Config validation not required
Validate_config was copied from the telegram bridge code, but doesn't
apply to the facebook bridge.
2019-05-23 15:02:44 -04:00
p5t2vspoqqw 0cfa73f153 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-05-23 10:48:22 +02:00
Slavi Pantaleev a8b633561d Upgrade Synapse (v0.99.4 -> v0.99.5.1) 2019-05-23 09:23:04 +09:00
Dan Arnfield 9c23d877fe Fix docker_image option for ansible < 2.8 2019-05-22 05:43:33 -05:00
Dan Arnfield fa38c84be2 Fix casting int to string warning 2019-05-21 10:37:05 -05:00
Dan Arnfield db15791819 Add source option to docker_image to fix deprecation warning 2019-05-21 10:29:12 -05:00
Dan Arnfield 3982f114af Fix CONDITIONAL_BARE_VARS deprecation warning in ansible 2.8 2019-05-21 10:25:59 -05:00
Slavi Pantaleev affb99003c Improve Synapse variable naming consistency 2019-05-21 12:09:38 +09:00
Slavi Pantaleev 5c821b581a Check fullchain.pem, not cert.pem
While using certbot means we'll have both files retrieved,
it's actually the fullchain.pem file that we use in nginx configuration.

Using that one for the check makes more sense.
2019-05-21 11:58:18 +09:00
Slavi Pantaleev 3250df6765 Make bridge uninstallation stop services
Fixes #155 (Github Issue)
2019-05-21 11:27:09 +09:00
Slavi Pantaleev a1e9818356 Update comment 2019-05-21 11:25:32 +09:00
Slavi Pantaleev 3ece9375c6
Merge pull request #179 from spantaleev/separate-bridge-roles
Move bridges into separate roles
2019-05-21 11:05:30 +09:00
Slavi Pantaleev fc7ba153b1 Make matrix-synapse role respect matrix_synapse_enabled flag 2019-05-21 10:46:49 +09:00
Slavi Pantaleev 8d654aecdd Improve file naming consistency 2019-05-21 09:57:48 +09:00
Stuart Mumford a4bcd7ce8f
Add a variable to control the stop tasks 2019-05-20 17:03:05 +01:00
Slavi Pantaleev e3b4622ac8 Split Synapse extension tasks into install/uninstall files 2019-05-18 06:36:54 +09:00
Slavi Pantaleev 663d1add92 Move matrix-appservice-discord into a separate role 2019-05-18 01:14:12 +09:00
Slavi Pantaleev 13c4e7e5b6 Merge branch 'master' into separate-bridge-roles 2019-05-16 09:45:06 +09:00
Slavi Pantaleev ae7c8d1524 Use SyslogIdentifier to improve logging
Reasoning is the same as for matrix-org/synapse#5023.

For us, the journal used to contain `docker` for all services, which
is not very helpful when looking at them all together (`journalctl -f`).
2019-05-16 09:43:46 +09:00
Slavi Pantaleev cf3117011b Upgrade Synapse (0.99.3.2 -> 0.99.4) 2019-05-16 09:20:43 +09:00