sakkiii
be1d1d0b7c
matrix_grafana_content_security_policy_customized default false
2021-06-09 00:52:52 +05:30
sakkiii
2d9ba82337
Update element 7.5.7 -> 8.0.0
2021-06-09 00:48:55 +05:30
sakkiii
1cc1202df2
update coturn
2021-06-08 23:59:31 +05:30
rakshazi
77fd1bff22
Update element 1.7.29 -> 1.7.30
2021-06-08 14:57:49 +00:00
Slavi Pantaleev
fa76c1ee5b
Do not run self-build Ansible version-check, if component not enabled
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1108
2021-06-08 08:59:02 +03:00
Slavi Pantaleev
bec9eaeb50
Merge pull request #1108 from tommes0815/fix-hydrogen-for-ansible2.7
...
fix error when running with Ansible 2.7 in the hydrogen setup
2021-06-07 22:09:39 +03:00
Thom Wiggers
3c05cc04bc
Update IRC appservice
2021-06-07 10:41:18 +02:00
Thomas Kühne
7f4e71b22a
fix error when running with Ansible 2.7 in the hydrogen setup
...
Without this the hydrogen task would fail for Ansible 2.7 even when hydrogen is not enabled.
2021-06-06 14:37:17 +02:00
Michael-GMH
122a92fa1c
GoMatrixHosting v0.4.9 update
2021-06-04 13:10:45 +08:00
Slavi Pantaleev
b1f1c28ef0
Upgrade Synapse (1.34.0 -> 1.35.0)
2021-06-01 19:14:59 +03:00
Michael-GMH
ad7bbd6442
merge upstream
2021-06-01 16:00:13 +08:00
Michael-GMH
6f40d78353
fix random edits to upstream
2021-05-25 21:25:40 +08:00
Michael-GMH
ea6e344d05
merge upstream
2021-05-25 21:10:34 +08:00
Michael-GMH
85777e8f96
merge with upstream
2021-05-25 21:08:00 +08:00
Slavi Pantaleev
1ed0857019
Fix syntax error
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
2021-05-25 11:45:17 +03:00
sakkiii
4a4a7f136e
changes added to hydrogen client
2021-05-25 11:42:51 +05:30
sakkiii
25e67b51d1
Merge branch 'spantaleev:master' into master
2021-05-25 11:40:56 +05:30
sakkiii
3436f9c10a
rename to matrix_nginx_proxy_hsts_preload_enabled
2021-05-25 00:56:59 +05:30
Slavi Pantaleev
0648b1b618
Upgrade Element (1.7.28 -> 1.7.29)
2021-05-24 20:38:48 +03:00
sakkiii
7cc5328ede
Comments & Ref
2021-05-24 17:20:54 +05:30
sakkiii
df2d91970d
matrix_nginx_proxy_xss_protection
2021-05-24 17:02:47 +05:30
Slavi Pantaleev
d4c7a90b5c
Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility
...
Allow Jitsi XMPP websocket support for users using own webserver.
2021-05-24 11:07:05 +03:00
ewang
409cd2b9a3
Source port binding from group vars in line other components
2021-05-23 14:06:18 +02:00
Eagle-251
ef6a7e051c
Fix missing port binding.
2021-05-22 15:55:50 +02:00
ewang
1bb6ed97ae
Make port bindings default for those disabling nginx proxy
...
I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```.
Hopefully that should make it the default behaviour now.
2021-05-22 15:53:42 +02:00
Aaron Raimist
3c0452ff5a
Remove unnecessary bind for config.json, use proper nginx.conf
2021-05-21 17:22:40 -05:00
ewang
4a772e50f4
Allow Jitsi XMPP webscoket support for users using own webserver.
...
Added:
- Conditional localhost Port bindings for Jitsi Prosody systemd template
- Added variable to main.yml to allow overriding from vars.yml
2021-05-21 15:26:06 +02:00
Slavi Pantaleev
6f80292745
Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-21 13:40:37 +03:00
Slavi Pantaleev
d0de21ab34
Delete Hydrogen nginx configuration file when disabled
2021-05-21 12:58:32 +03:00
Aaron Raimist
ac4ede20af
Add docs
2021-05-21 04:43:04 -05:00
Aaron Raimist
1633f61018
Only install config.json when self building
2021-05-21 04:23:06 -05:00
Aaron Raimist
04548f8df2
Merge branch 'master' into hydrogen
2021-05-21 04:09:18 -05:00
Aaron Raimist
9437f78c9e
Build using custom config.json, add CSP, update to 0.1.53
2021-05-21 03:45:21 -05:00
Slavi Pantaleev
47b4608b96
Fail in a friendlier way when trying to self-build on Ansible <= 2.8
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
Related discussion here: 1ab507349c (commitcomment-51108407)
2021-05-21 11:15:05 +03:00
Slavi Pantaleev
1ab507349c
Fix self-building for various components on Ansible < 2.8
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
2021-05-20 08:43:20 +03:00
Slavi Pantaleev
66615c43a3
Merge pull request #1065 from sakkiii/patch-1
...
Update grafana (7.5.6->7.5.7)
2021-05-19 22:07:59 +03:00
Tobias K
3dcbed6353
roles/matrix-grafana: Set root_url in granafa.ini
2021-05-19 19:52:58 +02:00
sakkiii
8529ca4c17
Update grafana (7.5.6->7.5.7)
2021-05-19 22:30:03 +05:30
Slavi Pantaleev
073d920a62
Merge pull request #1061 from sakkiii/ssl_enhancement
...
Optimize SSL session
2021-05-19 17:14:52 +03:00
Toni Spets
544915ff76
Add Heisenbridge
2021-05-19 10:42:21 +03:00
Slavi Pantaleev
21eb39f986
Mention matrix_common_after_systemd_service_start_wait_for_timeout_seconds in failure message
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:46:13 +03:00
Slavi Pantaleev
ee46fabdca
Make waiting time for --tags=start configurable
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:39:55 +03:00
sakkiii
e9b878b9e9
Optimize SSL session
2021-05-18 19:39:43 +05:30
Slavi Pantaleev
e6afa05f7b
Enable OCSP stapling for the federation port
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
Not sure if this is beneficial though.
2021-05-18 08:15:42 +03:00
Slavi Pantaleev
57a6a98a50
Fix incorrect SSL certificate path
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-18 07:58:47 +03:00
Slavi Pantaleev
b9c4e8ce16
Merge pull request #1057 from sakkiii/ssl_staple
...
Enable OCSP Stapling
2021-05-18 07:50:35 +03:00
sakkiii
d31b55b2a7
SSL-enabled block only
2021-05-18 03:24:06 +05:30
rakshazi
400371f6dd
Updated Element version (1.7.27 -> 1.7.28)
2021-05-17 13:15:12 +00:00
Slavi Pantaleev
d156c8caa2
Upgrade Synapse (1.33.2 -> 1.34.0)
2021-05-17 14:58:07 +03:00
Slavi Pantaleev
e4dd933cf0
Make missing /_synapse/admin correctly return 404 responses
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058
We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.
For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints)
2021-05-17 11:45:35 +03:00
sakkiii
2c3da6599b
Added warning
2021-05-15 16:07:52 +05:30
sakkiii
0dd4459799
matrix_nginx_proxy_ocsp_stapling_enabled variable added
2021-05-15 16:01:49 +05:30
sakkiii
c05021640d
Enable OCSP Stapling
2021-05-15 15:57:05 +05:30
Aaron Raimist
ca361af616
Add Hydrogen
2021-05-15 04:23:36 -05:00
sakkiii
b191e461a5
Merge branch 'spantaleev:master' into master
2021-05-15 12:20:02 +05:30
sakkiii
4bd7d8b5e4
Update grafana (7.5.5->7.5.6)
2021-05-14 18:59:21 +05:30
sakkiii
d5cd3d443d
Update prometheus (2.26.0->2.27.0)
2021-05-14 18:56:33 +05:30
sakkiii
322b750aad
Merge branch 'spantaleev:master' into master
2021-05-14 18:54:47 +05:30
Slavi Pantaleev
f481b1a84b
Upgrade matrix-mailer (4.94.2-r0 -> 4.94.2-r0-1)
...
Related to https://github.com/devture/exim-relay/pull/9
2021-05-12 18:09:08 +03:00
Slavi Pantaleev
8e6f1876f5
Switch to :latest version of synapse-admin
...
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132
We should switch back when >0.8.0 gets released.
2021-05-11 19:25:12 +03:00
sakkiii
8fc55b30c5
Upgrade Synapse (1.33.1 -> 1.33.2)
...
This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation. Server admins are encouraged to upgrade.
Ref: https://github.com/matrix-org/synapse/releases/tag/v1.33.2
2021-05-11 19:06:30 +05:30
Slavi Pantaleev
2d4b039c55
Merge pull request #1046 from GoMatrixHosting/master
...
GoMatrixHosting v0.4.6
2021-05-11 09:07:48 +03:00
Michael-GMH
2b4bada72a
fix conditional
2021-05-11 14:05:45 +08:00
Michael-GMH
0adcef65e6
fix conditional
2021-05-11 13:58:42 +08:00
Michael-GMH
f70102e40c
no dashes in usernames
2021-05-11 13:55:13 +08:00
Slavi Pantaleev
f4657b2cdb
Upgrade Element (1.7.26 -> 1.7.27)
2021-05-11 08:22:43 +03:00
Michael-GMH
4e6f6e179b
GMH 0.4.6 update
2021-05-10 18:50:10 +08:00
sakkiii
29cf6a0087
Merge branch 'spantaleev:master' into master
2021-05-10 15:10:18 +05:30
Slavi Pantaleev
3dcc006932
Fix self-building for Coturn
...
689dcea773
wasn't enough. The `upstream/..` tags are
just upstream sources, without the alpine-based Dockerfile.
We need to use the `docker/..` tags for that (or `master`)
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1032
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
2021-05-10 11:35:53 +03:00
Slavi Pantaleev
33f0074862
Upgrade matrix-mailer (4.94-r0 -> 4.94.2-r0)
...
Related to https://github.com/devture/exim-relay/issues/6
2021-05-10 11:23:44 +03:00
Slavi Pantaleev
c19508087a
Merge pull request #1036 from sakkiii/grafana-csp
...
Grafana csp template backward compatible with older browsers
2021-05-10 10:09:13 +03:00
Slavi Pantaleev
a198b87455
Upgrade synapse-admin (0.7.2 -> 0.8.0)
...
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132
2021-05-10 10:06:12 +03:00
Slavi Pantaleev
867ebb52ab
Merge pull request #1037 from pushytoxin/jitsi-5765-1
...
Update Jitsi (5142 -> 5765-1)
2021-05-08 12:35:29 +03:00
sakkiii
bb0810302d
Merge branch 'spantaleev:master' into master
2021-05-07 23:03:55 +05:30
Slavi Pantaleev
61220ea487
Upgrade Synapse (1.33.0 -> 1.33.1)
2021-05-06 20:47:09 +03:00
sakkiii
9174448e5e
get rid of this {% else %}
2021-05-06 12:46:17 +05:30
sakkiii
0d5fe2d9f7
Update roles/matrix-grafana/templates/grafana.ini.j2
...
Co-authored-by: Aaron Raimist <aaron@raim.ist>
2021-05-06 12:38:40 +05:30
Béla Becker
b10655ebb1
Jitsi XMPP Websocket support
...
Jitsi-meet enabled websockets by default, claiming better reliability.
Matrix-nginx-proxy configuration has been set up according to the
Prosody documentation: https://prosody.im/doc/websocket
2021-05-05 19:10:58 +02:00
Béla Becker
116bcaa13b
Update jitsi to stable-5765-1
...
Changelog:
https://github.com/jitsi/docker-jitsi-meet/blob/stable-5765-1/CHANGELOG.md
2021-05-05 19:10:58 +02:00
sakkiii
37de7fc96a
Updated Reference
2021-05-05 22:25:38 +05:30
sakkiii
303de935d5
grafana CSP backward compatible with older browsers
2021-05-05 22:12:56 +05:30
Slavi Pantaleev
d4d1e2e922
Upgrade Synapse (1.32.2 -> 1.33.0)
2021-05-05 19:18:53 +03:00
Slavi Pantaleev
b09a805939
Merge pull request #1031 from thedanbob/nginx-1.20.0
...
Update nginx (1.19.10 -> 1.20.0)
2021-05-04 10:41:02 +03:00
Slavi Pantaleev
6fdc71c40b
Merge pull request #1030 from thedanbob/grafana-7.5.5
...
Update grafana (7.5.4 -> 7.5.5)
2021-05-04 10:40:21 +03:00
Dan Arnfield
cfaa3e598a
Update nginx (1.19.10 -> 1.20.0)
2021-05-03 16:00:11 -05:00
Dan Arnfield
bec5933db4
Update grafana (7.5.4 -> 7.5.5)
2021-05-03 15:57:06 -05:00
Michael-GMH
067b61e779
GoMatrixHosting v0.4.5 update
2021-04-29 08:06:45 +08:00
Slavi Pantaleev
2409c33ea2
Upgrade Element (1.7.25 -> 1.7.26)
2021-04-27 17:21:31 +03:00
benkuly
49cb2635a2
updated matrix-sms-bridge
2021-04-27 14:39:58 +02:00
Michael-GMH
a14bf6c2ed
GoMatrixHosting v0.4.4 update
2021-04-26 20:00:32 +08:00
Slavi Pantaleev
689dcea773
Fix self-building for Coturn
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
2021-04-24 20:31:25 +03:00
sakkiii
40fe6bd5c1
variable matrix_nginx_proxy_hsts_preload_enable added
2021-04-24 20:04:20 +05:30
Slavi Pantaleev
389dc26615
Fix Synapse generic worker balancing
...
Potentially fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1022
2021-04-24 11:52:45 +03:00
sakkiii
5b4fdf9b87
Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
2021-04-24 12:15:34 +05:30
sakkiii
0ccf0fbf1c
HSTS preload + X-XSS enables
...
**HSTS Preloading:**
In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts ) includes all subdomains, and indicates a willingness to be “preloaded” into browsers:
`Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`
**X-Xss-Protection:**
`1; mode=block` which tells the browser to block the response if it detects an attack rather than sanitising the script.
2021-04-24 12:12:34 +05:30
sakkiii
3564635f0f
Merge branch 'master' into master
2021-04-24 11:46:52 +05:30
sakkiii
29bba5161b
Element More security headers
...
More Production ready nginx headers for Matrix client element.
2021-04-24 11:10:40 +05:30
Slavi Pantaleev
f6b371164c
Remove useless variable
2021-04-23 07:07:18 +03:00
Slavi Pantaleev
62c0587b6a
Use Alpine-based Coturn
2021-04-22 15:05:37 +03:00
Slavi Pantaleev
72a7cb4145
Merge pull request #1018 from GoMatrixHosting/master
...
GoMatrixHosting v0.4.3
2021-04-22 14:23:30 +03:00