Commit graph

698 commits

Author SHA1 Message Date
Eneko Nieto 2c33aa3ec5 Fixed entrypoint name. 2020-11-09 00:03:15 +01:00
Eneko Nieto c448aa54a1 Added docker-compose example for launching Traefik. 2020-11-08 22:39:08 +01:00
Scott Crossen e894befd87 Updates to reviewer comments 2020-11-07 17:53:13 -08:00
Slavi Pantaleev ef68d3d296 Add support for reverse-proxying /_synapse/oidc
This broke in 63a49bb2dc.

Proxying the OpenID Connect endpoints is now possible,
but needs to be enabled explicitly now.

Supersedes #702 (Github Pull Request).

This patch builds up on the idea from that Pull Request,
but does things in a cleaner way.
2020-11-02 11:10:03 +02:00
Aaron Raimist c33d007306
Switch to the new vectorim/element-web Docker image 2020-10-29 11:46:58 -05:00
Sabine cea2faa1b3 added docs for bridge permissions 2020-10-28 21:59:36 +01:00
Slavi Pantaleev 67d0f26463 Improve wording a bit 2020-10-27 20:41:52 +02:00
Slavi Pantaleev 5a7d265997 Fix Synapse Admin not working due to unexposed Synapse Admin APIs
Regression since 63a49bb2dc.

Related to #685 (Github Issue).

We now automatically expose the APIs when Synapse Admin is enabled.
2020-10-27 20:33:37 +02:00
Sabine Laszakovits dd50ee19ab fixed bridge permissions 2020-10-25 21:42:40 +01:00
Sabine Laszakovits d6940d9f10 added docs 2020-10-25 18:44:19 +01:00
Ivar Troost 1227349d0c
Fix docker mount instruction in documentation
The SSL certificates should be accessible to the nginx proxy container, not the synapse container.
2020-10-24 17:03:24 +02:00
Scott Crossen 8e6d7d9022 changed domain naming 2020-10-16 21:28:43 -07:00
Slavi Pantaleev 3fd198e89a Add notes about running Ansible on Ubuntu 20.04
Discussed in #669 (Github Issue).
2020-10-15 11:35:29 +03:00
Scott Crossen 1f988969a5 Added role for dynamic dns 2020-10-13 16:26:57 -07:00
Fanch 4d5068e283 add some doc about the run-docker-prune tag 2020-10-10 14:27:07 +02:00
Slavi Pantaleev 898f319e11 Add additional notice to SQLite importing docs 2020-10-07 09:06:59 +03:00
Hardy Erlinger ee8dd44837 Use up-to-date PostgreSQL container version for backups. 2020-10-02 22:53:06 +02:00
Slavi Pantaleev 23daec748c Require Ansible v2.7 or newer (because of items2dict and dict2items)
Interestingly, no one has reported this failure before #662 (Github
Issue).

It doesn't make sense to keep saying that we support such old Ansible
versions, when we're not even testing on anything close to those.

Time is also passing and such versions are getting more and more
ancient. It's time we bumped our requirements to something that is more
likely to work.
2020-10-02 11:53:19 +03:00
jens quade 8029ca59c9
Update configuring-playbook-dimension.md
Improved formatting for a header that was attached to the previous paragraph (...by inserting a newline).
2020-09-16 13:14:29 +02:00
Slavi Pantaleev 6300c87396
Merge pull request #647 from banym/jitsi-ldap-docs-example
Update configuring-playbook-jitsi.md
2020-09-13 09:48:47 +03:00
Dominik Zajac b0511603fd
Update configuring-playbook-jitsi.md
modified example for jitsi ldap authentication to show all available variables.
2020-09-12 22:10:41 +02:00
Aaron Raimist 77635c4529
Fix links to using your own webserver doc 2020-09-12 14:11:16 -05:00
Aki Salminen 5733f4d157
Update configuring-playbook-telemetry.md
Change anonymized to more proper term as server vice this is not anonymized. Server name is the first parameter that is collected. And if server happens to be for individual use these statistics would be at personal level without any anonymising.
2020-09-07 17:14:34 +03:00
Slavi Pantaleev 4ef873ceb0 Clarify Discord bridging docs 2020-09-03 16:31:27 +03:00
Slavi Pantaleev 1fd81835b6 Mention CAPTCHA for public-registration servers 2020-09-01 14:00:17 +03:00
Slavi Pantaleev 7901293438 Relocate docs page for consistency 2020-09-01 13:47:58 +03:00
Slavi Pantaleev da38a7869f Add matrix-registration support 2020-09-01 13:46:05 +03:00
Slavi Pantaleev e3dca2f66f Try to avoid Docker logs growing too much for one-off containers
We recently had a report of the Postgres backup container's log file
growing the size of /var/lib/docker until it ran out of disk space.

Trying to prevent similar problems in the future.
2020-09-01 09:03:48 +03:00
Slavi Pantaleev daf13107a0 Add support for rust-synapse-compress-state 2020-08-21 13:53:39 +03:00
Slavi Pantaleev 073c96a3fd Be more clear that Corporal requires Shared Secret Auth 2020-08-19 09:29:39 +03:00
merklaw 48b93091f9 Revert notes about the docker package being needed 2020-08-05 16:38:39 +02:00
merklaw a460420b34 Better wording 2020-08-05 15:59:52 +02:00
merklaw 0cd243095d The docker package is a requirement and was not previously mentioned 2020-08-05 12:49:40 +02:00
merklaw 205c15a80b Add note about certificate exceptions when using self-signed 2020-08-05 12:47:32 +02:00
merklaw e167b80f94 Added notes about disabling ma1sd 2020-08-05 12:46:30 +02:00
merklaw f57b2f6e92 Better wording 2020-08-05 12:45:44 +02:00
Slavi Pantaleev fffe9da5a9 Mention self-building support for synapse-admin
Related to #620 (Github Pull Request).
2020-08-04 17:24:31 +03:00
vaivars e73b863329
Change the url to reflect the most common usecase 2020-07-30 10:52:49 +03:00
vaivars fad1f72df8
Add a secondary option on how to get access token
Potentially the CURLing could be a better approach, since then you don't leave spare sessions hanging.
2020-07-29 19:53:39 +03:00
Slavi Pantaleev 196eb2da70
Merge pull request #607 from matthiasjo/docs_traefik_synapse_admin
Added config sample for synapse admin with traefik 2
2020-07-27 07:17:10 +03:00
Matthias 95954fda43
Update configuring-playbook-synapse-admin.md 2020-07-26 21:27:54 +02:00
Matthias f005049dbe
Update configuring-playbook-synapse-admin.md 2020-07-26 19:14:36 +02:00
Matthias 038b398d0e added config sample for synapse admin with traefik 2 2020-07-26 17:31:43 +02:00
Slavi Pantaleev f404a771cf
Try to improve wording a bit 2020-07-26 18:24:53 +03:00
rebru 8a0d8651d0
Update configuring-playbook-ma1sd.md
Add an example to open all domains for registration in relation to black- and whitelists.
2020-07-25 23:50:36 +02:00
Slavi Pantaleev 16251355d9 Add information about deleting SSL renewal config 2020-07-23 08:15:18 +03:00
Slavi Pantaleev b2ae669566 Add synapse-admin support
Fixes #562 (Github Issue)
2020-07-22 08:10:26 +03:00
Slavi Pantaleev 0fe1899d96
Be explicit about the type of DNS record to use
Fixes #595 (Github Issue)
2020-07-21 11:20:00 +00:00
Slavi Pantaleev 6fe477c2fd Improve wording a bit 2020-07-20 14:24:49 +03:00
Slavi Pantaleev 78b1ef9a5f Add support for matrix-reminder-bot 2020-07-20 14:13:08 +03:00
Rónán Duddy 46f1137c42
Update configuring-dns.md
Adding a comment with regard to DNS propagation
2020-07-19 15:05:27 +01:00
Slavi Pantaleev c3284d6f03 Improve Riot -> Element migration docs a bit 2020-07-17 18:56:40 +03:00
Slavi Pantaleev 484fccecdb Fix incorrect directory name 2020-07-17 12:10:06 +03:00
Slavi Pantaleev c6ab1c6a90 Riot is now Element
Fixes #586 (Github Issue)
2020-07-17 11:31:20 +03:00
Slavi Pantaleev 4eb87c1dcb Add more notes on migrating data from another installation
Related to #583 (Github Issue).
2020-07-14 16:25:39 +03:00
bertiebaggio 866d6fc1c9 Fix sed formatting 2020-07-13 15:12:17 +01:00
bertiebaggio 000b482d18 Add 'Troubleshooting' w/workaround for ownership
If a Postgres dump contains ALTER TABLE ... OWNER_TO <username>
statements which set the owner to a username different from
'synapse' the post Postgres import task will fail complaining
about lack of role.

Changing the matrix_postgres_connection_username group var has no
effect. However, the ALTER TABLE statements (and accompanying comments)
can be rewritten to change the username to 'synapse', which permits the
import task to succeed.

From a sample of 1, having the owner set in this was causes no
discernable side effects on the homeserver.
2020-07-13 15:03:24 +01:00
Julian Strobl c23a0620f2 Fix default SSL path for federation api in docs
One could also remove the two variables from the docs completely,
because they are set by the playbook automatically.

Error: javax.net.ssl.SSLPeerUnverifiedException: Certificate for
<matrix.<your-domain>> doesn't match any of the subject alternative
names: [<your-domain>]

Fixes #577 (Github Issue).
2020-07-13 14:13:56 +03:00
Slavi Pantaleev 0074ca646e Improve Goofys documentation example for GCS
Fixes #573 (Github Issue).
2020-07-12 09:50:39 +03:00
Panagiotis Vasilopoulos 8b19ceb6fc
Fixed Steam link 2020-07-05 10:26:34 +03:00
Slavi Pantaleev b6b5435746 Fix some broken links 2020-07-04 14:20:02 +03:00
Slavi Pantaleev f7e4281751
Simplify enabling recaptcha instructions a bit 2020-07-04 09:35:20 +03:00
Justin Croonenberghs b2a0830638 Better URL for reCAPTCHA doc 2020-07-03 19:10:00 -05:00
Justin Croonenberghs 1f21f0c09a Add variables for reCAPTCHA validation 2020-07-03 18:33:25 -05:00
Slavi Pantaleev a8f7ccf3f3 Announce mx-puppet-steam bridging support
Related to #557 (Github Pull Request).
2020-07-03 12:10:57 +03:00
Hugues Morisset 57f498217a Add mx-puppet-steam 2020-07-01 21:01:00 +02:00
Slavi Pantaleev 76352bcbd8 Announce mx-puppet-discord bridging support
Related to #540 (Github Pull Request).
2020-07-01 19:01:14 +03:00
Hugues Morisset 42e7f5e9bc Add mx-puppet-discord 2020-07-01 13:31:31 +02:00
Slavi Pantaleev b5bed60e6b Announce mx-puppet-instagram and mx-puppet-twitter support
Related to #551 and #555 (Github Pull Requests).
2020-06-30 17:52:06 +03:00
Slavi Pantaleev 744667b270 Merge branch 'master' into mx-puppet-twitter 2020-06-30 17:37:19 +03:00
Slavi Pantaleev 31f9e7bbea
Merge pull request #551 from jdreichmann/feat-mx-puppet-instagram
Add mx-puppet-instagram
2020-06-30 17:33:37 +03:00
Tulir Asokan 13186a1ddc Add mx-puppet-twitter
Signed-off-by: Tulir Asokan <tulir@maunium.net>
2020-06-29 15:28:43 +03:00
Slavi Pantaleev de545f9c5f Update docs on self-building and remove useless variable
`matrix_container_images_self_build` was not really doing anything
anymore. It previously was influencing `matrix_*_self_build` variables,
but it's no longer the case since some time ago.

Individual `matrix_*_self_build` variables are still available.
People that would like to toggle self-building for a specific component
ought to use those.

These variables are also controlled automatically (via
`group_vars/matrix_servers`) depending on `matrix_architecture`.

In other words, self-building is being done automatically for
all components when they don't have a prebuilt image for the specified
architecture. Some components only support `amd64`, while others also
have images for other architectures.
2020-06-29 14:58:03 +03:00
jdreichmann ad05c7f758
mx-puppet-instagram: add documentation on how to setup & use the bridge 2020-06-28 10:46:39 +02:00
Pablo f7ea5705f1 Agrego documentación de las variables de ajuste fino (Fine tune) de Jitsi. 2020-06-27 16:54:30 -03:00
Julian Foad 671cd51797 Improve the example Traefik config.
Use playbook variables instead of textual place-holders for the domain names.
2020-06-26 15:13:58 +01:00
Slavi Pantaleev 224c21878e Fix code block a bit
Related to #549 (Github Pull Request)
2020-06-25 08:26:09 +03:00
Slavi Pantaleev 25290f780c
Link to Twilio 2020-06-25 08:22:12 +03:00
Justin Croonenberghs 3527200ac4
Added config hint for SMS verification 2020-06-24 16:34:28 -05:00
Slavi Pantaleev d44541ff6e Mention matrix_synapse_allow_public_rooms_over_federation in the docs
Fixes #502 (Github Issue)
2020-06-24 10:22:22 +03:00
Slavi Pantaleev 3452347648 Suggest base domain serving in configuring-well-known.md
Fixes #545 (Github Issue).
2020-06-24 09:42:41 +03:00
benkuly 99639d7d7a Merge remote-tracking branch 'github/master' 2020-06-11 15:36:02 +02:00
Slavi Pantaleev e48cfa4bcc Improve documentation on joining Discord rooms 2020-06-09 08:02:13 +03:00
Slavi Pantaleev 831c3f4e64 Fix certbot/cerbot image pulling for ARM32 and ARM64
Related to #529 (Github Issue).
2020-06-09 07:54:42 +03:00
Slavi Pantaleev ab32f6adf6 Add self-building support to matrix-mailer (exim-relay) 2020-06-08 09:52:34 +03:00
kristbaum 201292cdc5
typo 2020-06-07 19:56:12 +02:00
benkuly 1937398342 Merge branch 'master' of github.com:benkuly/matrix-docker-ansible-deploy 2020-06-06 08:28:42 +02:00
benkuly 77fd23149b added gammu hard reset for sms modem 2020-06-06 08:28:08 +02:00
Slavi Pantaleev 88a4a3ab55 Update components 2020-06-06 08:25:27 +03:00
Slavi Pantaleev c838bd2f46
Merge pull request #514 from benkuly/master
added matrix-sms-bridge
2020-06-05 14:52:41 +03:00
Slavi Pantaleev d6c4487998
Fix some typos 2020-06-05 14:52:24 +03:00
benkuly f68e47d3c4 renamed role matrix-sms-bridge to matrix-bridge-sms 2020-06-05 12:25:41 +02:00
benkuly 26846a5f6c try privileged way 2020-06-02 22:04:52 +02:00
benkuly 2fd8216fbc try to fix device reconnect issues 2020-06-02 18:27:33 +02:00
benkuly cd17928805 revert remove of frequency 2020-06-02 14:56:22 +02:00
benkuly f383b152da removed gammu reset frequency
because the tty port will change
2020-06-02 14:49:55 +02:00
benkuly 0b7d6744bf added more docs and timeout value 2020-06-02 08:39:30 +02:00
Slavi Pantaleev 4d8ca303d6
Fix typos 2020-06-02 00:22:15 +03:00
Slavi Pantaleev de1164d0a2
Fix typos and improve wording 2020-06-01 22:32:19 +03:00
Slavi Pantaleev 2952b2e7f3 Mention pwgen for generating a strong shared secret 2020-05-29 10:38:12 +03:00
Chris van Dijk cb94167ccb Add missing parenthesis in docs 2020-05-27 17:00:44 +02:00
Chris van Dijk 84e2e31d07 Linking to a file is more robust than linking to a line number 2020-05-27 16:40:05 +02:00
Chris van Dijk 1b47197c91 Minor docs formatting cleanup 2020-05-27 15:55:11 +02:00
Chris van Dijk 256de59a75 Add note on port forwarding to docs when running Jitsi behind NAT 2020-05-27 14:33:17 +02:00
Slavi Pantaleev 1234cc48c5 Point to newer Ansible container image
Using the older one likely leads to issues like #517.
2020-05-24 10:55:33 +03:00
benkuly 1ffa4a326c matrix-sms-bridge:
added docs, added seperate service for database, pr comments
2020-05-23 13:14:24 +02:00
chagai95 d430e42c99
Typo STMP -> SMTP 2020-05-16 14:49:12 +02:00
Slavi Pantaleev 4ff7e753b2
Make it clearer where to spawn adminer 2020-05-11 11:09:22 +03:00
Marcel Partap 058e3bbd7f Document how to administer synapse database via tunneled web-frontend 2020-05-10 18:44:52 +02:00
Kevin Lanni 89deb1b195
Add note about ask-become-pass
This flag is necessary for Ansible to ask for the sudo password when using the non-root option as documented in the `hosts` file. Otherwise, Ansible errors out with `missing sudo password`.
2020-05-09 11:04:49 -07:00
Slavi Pantaleev 884df93be1 Make it clearer that Dimension requires a dedicated user 2020-05-06 10:30:36 +03:00
Slavi Pantaleev ccc7aaf0ce Fix "Migrating to a new server" flow due to dynamic user/group creation 2020-05-06 09:55:40 +03:00
Slavi Pantaleev 7b8d0cd1ab
Merge pull request #487 from christianlupus/turn-doc
Added a documentation enhancement regarding external TURN server
2020-05-06 09:35:11 +03:00
Christian Wolf 658e3361f6 Added a documentation enhancement regarding external TURN server 2020-05-05 08:42:14 +02:00
Chris van Dijk f7fcf3590a Clarify domain of Dimension admin users in docs by using matrix_domain variable 2020-05-04 17:34:23 +02:00
André Sterba 966b74e74f Add caddy 1 well-known example
Adjust params
2020-05-01 14:43:31 +02:00
Slavi Pantaleev 0029b37b96 Improve Usage section of Jitsi docs page 2020-04-30 10:24:26 +03:00
Slavi Pantaleev e59cf25d7d
Merge pull request #479 from cnvandijk/docs-dimension-jitsi
Document how to point dimension jitsi widgets at your own jitsi instance
2020-04-30 10:14:53 +03:00
Slavi Pantaleev 77c760ac7d
Add some links 2020-04-30 10:14:46 +03:00
Slavi Pantaleev 0e26810162
Merge pull request #478 from cnvandijk/feature-jitsi-ldap-auth
Add support for Jitsi LDAP authentication
2020-04-30 10:09:48 +03:00
Chris van Dijk a0ce5eec64 Document how to point dimension jitsi widgets at your own jitsi instance
This can be removed once turt2live/matrix-dimension#345 is resolved.
2020-04-29 19:12:07 +02:00
Chris van Dijk 32ce9866e9 Update documentation for Jitsi LDAP authentication support 2020-04-29 17:58:56 +02:00
Slavi Pantaleev 37b80d0c75 Fix example policy provider configuration for matrix-corporal
Fixes the example, to add the missing required configuration key
for the HTTP policy provider.

Related to #477 (Github Issue).
2020-04-29 17:24:21 +03:00
Mickaël Cornière e4f1f2c754 Add information to make jitsi work with a client in LAN 2020-04-27 23:40:46 +02:00
Slavi Pantaleev 4afc46fffe Announce mx-puppet-slack support
Related to #454 (Github Pull Request).
2020-04-23 18:03:36 +03:00
Rodrigo Belem 4149e03b69 Initial mx-puppet-slack bridge role 2020-04-23 09:06:08 -04:00
Slavi Pantaleev 272888d917
Merge pull request #462 from cnvandijk/feature-dimension-unfederated
Add support for running dimension in an unfederated environment
2020-04-22 22:47:14 +03:00
Slavi Pantaleev 9991d545dd Add note about synapse-janitor and require explicit confirmation for usage
Fixes #465 (Github Issue).

Related to https://github.com/xwiki-labs/synapse_scripts/pull/12.
2020-04-21 21:48:06 +03:00
Horvath Gergely 588e97a97c link to self-building from implementation subsection 2020-04-19 14:02:32 +02:00
Horvath Gergely 441278412b add explicit information for the Rapsberry pi 2020-04-19 13:51:26 +02:00
Horvath Gergely 7dba695713 clarification for the list of implementation details 2020-04-19 13:32:27 +02:00
Horvath Gergely bd61598faf add experimental(?) architecture support for arm32 and arm64
the changes are necessary because certbot images are tagged, so docker does not recognize the necessary architecture
2020-04-18 22:55:19 +02:00
Chris van Dijk 18beb30466 Update docs to reflect support for unfederated dimension 2020-04-18 19:12:20 +02:00
Udo Rader b6aa246f7c better described how to get channel id, added a section how to unlink a channel and a troubleshooting section 2020-04-13 17:17:19 +02:00
Udo Rader cf36dbe4f6 correctly quoted <channel id> and added another way to retrieve it 2020-04-13 11:22:13 +02:00
Slavi Pantaleev 181434d9c6 Add matrix-mx-puppet-skype to the list of roles that can self-build 2020-04-09 18:50:32 +03:00
skoal ab58b3fc9e
Update prerequisites.md
Added Jitsi firewall ports
2020-04-09 14:31:42 +02:00
Slavi Pantaleev 5b8f8bc942 Announce Skype bridging 2020-04-09 09:33:30 +03:00
Slavi Pantaleev 4e9976d559 Rename documentation file 2020-04-09 09:26:03 +03:00
Rodrigo Belem 53f893b77e Add documentations for the mx-puppet-skype bridge 2020-04-08 19:25:21 -04:00
Slavi Pantaleev e290b1be95 Merge branch 'jitsi_security_update' 2020-04-08 16:57:14 +03:00
Slavi Pantaleev 25d51d3de3 Fix typo 2020-04-08 16:46:41 +03:00
Slavi Pantaleev dcce276b86 Rename script file 2020-04-08 10:05:43 +03:00
Slavi Pantaleev 1b27e0f812 Make generate-jitsi-passwords.sh less magical 2020-04-08 10:05:10 +03:00
Slavi Pantaleev 976ccf3880 Fix typo 2020-04-08 09:39:38 +03:00
Slavi Pantaleev f798605836 Undefine Jitsi secrets and require their (re-)definition 2020-04-08 09:37:54 +03:00
teutat3s f9d39f1c0c
update Jitsi, add generate-jitsi-passwords script 2020-04-08 02:07:52 +02:00
Sean O'Neil eb8e162ac2
Update Caddy example in configuring-well-known to Caddy version 2 2020-04-05 11:36:08 -07:00
Slavi Pantaleev 0ee2060c31
Reorganize paragraphs a bit 2020-04-05 10:03:51 +03:00
Slavi Pantaleev a04c67dbc4
Add information about rebuilding Jitsi Prosody configuration 2020-04-05 10:01:55 +03:00
teutat3s d781c8fdf9
add optional Jitsi internal auth+guests docs
improve readability
2020-04-05 05:00:43 +02:00
Marcel Partap c2d384d2ef some more mxisd to ma1sd string/URL replacements 2020-04-02 11:31:38 +02:00
Marcel Partap 5fedd6cbf0 Replace mxisd with ma1sd in docs, fixing URLs 2020-04-02 11:26:30 +02:00
Marcel Partap 187dedf920 Duplicate matrix-mxisd role for matrix-ma1sd fork
(adapting strings and URLs)
2020-04-02 11:26:30 +02:00
Slavi Pantaleev b450afc12e Make Discord bridge docs better 2020-04-01 11:34:53 +03:00
Slavi Pantaleev bb2b2b4f1c Clarify Discord bridging docs 2020-03-31 11:13:45 +03:00
Slavi Pantaleev 584418ae0f Fix broken link 2020-03-31 10:30:07 +03:00
Slavi Pantaleev 067588b262 Upgrade riot-web 2020-03-30 16:54:18 +03:00
Slavi Pantaleev ac5b5681ae
Merge pull request #425 from christianlupus/dev/archlinux
Added support for arch linux
2020-03-29 10:09:16 +03:00
Christian Wolf 1b87dbf54b Added documentation to README file 2020-03-28 17:33:51 +01:00
Aaron Raimist 695d2c3ea5
Flip around Jitsi port format to match other ports
This matches the way the ports are written in prerequisites.md and is the format that UFW likes.
2020-03-27 23:33:38 -05:00
PlanetSmasher 9b6289b08c
clarify the config path (#420)
* clarify the config path

added path to the correct vars.yaml in matrix-synapse

* Fix configuration path

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2020-03-27 08:37:37 +02:00
Slavi Pantaleev e5849801c6 Add Jitsi reference to Configuring Playbook docs page 2020-03-24 18:26:52 +02:00
Slavi Pantaleev 8ff55bcd14 Update documentation and changelog 2020-03-24 15:30:14 +02:00
Slavi Pantaleev be00452782
Merge pull request #415 from spantaleev/jitsi
Add Jitsi support
2020-03-24 15:23:05 +02:00
Slavi Pantaleev d605b219a2 Manage Jitsi configuration by ourselves for most components
We do this for 2 reasons:

- so we can control things which are not controllable using environment
variables (for example `stunServers` in jitsi/web, since we don't wish
to use the hardcoded Google STUN servers if our own Coturn is enabled)

- so playbook variable changes will properly rebuild the configuration.
When using Jitsi environment variables, the configuration is only built
once (the first time) and never rebuilt again. This is not the
consistent with the rest of the playbook and with how Ansible operates.
We're not perfect at it (yet), because we still let the Jitsi containers
generate some files on their own, but we are closer and it should be
good enough for most things.

Related to #415 (Github Pull Request).
2020-03-24 09:35:21 +02:00
Slavi Pantaleev ecd35a8ddb Clarify webserver group membership requirement
Discussed in #412 (Github Issue).
2020-03-23 21:03:06 +02:00
Slavi Pantaleev cdd9ee1962 Add Jitsi support 2020-03-23 17:19:15 +02:00
Slavi Pantaleev 2c2b55a669 Mark dimension DNS record as optional 2020-03-23 17:13:58 +02:00
Slavi Pantaleev 61f82ac9e6
Minor fixup 2020-03-21 00:13:31 +02:00
Slavi Pantaleev a5e549f171
Move things around a bit 2020-03-21 00:12:26 +02:00
ayounggun 364742aa35
how to activate dimensions
I am new to synapse. Thanks so much for these playbooks!

I wasn't sure how you actual activate dimensions after setting these variables. Should you re run 

ansible-playbook -i inventory/hosts setup.yml --tags=setup-all
ansible-playbook -i inventory/hosts setup.yml --tags=start

? If so perhaps you could tell the readers to do this somewhere in the help file

Thanks =]
2020-03-20 20:45:53 +00:00
Slavi Pantaleev 22ce50875a Mention that root access is a requirement
Fixes #396 (Github Issue).
2020-03-15 13:04:55 +02:00
Slavi Pantaleev 8dd187ac55 Update changelog and documentation 2020-03-15 12:54:41 +02:00
Slavi Pantaleev 3cee815baf Fix some typos 2020-03-15 11:34:35 +02:00
Horvath Gergely 447dd94ff9 update documentation 2020-03-14 20:41:01 +01:00
Horvath Gergely d53d63ab07 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into raspberry-pi 2020-03-07 13:57:44 +01:00
Slavi Pantaleev 37f3a2d5a8 Add support for themes to riot-web 2020-02-26 08:40:35 +02:00
iLyas Bakouch dc5eaddc3d
quick typo 2020-02-25 19:01:32 -05:00
Horvath Gergely 470b9875e7 Document raspberry pi support 2020-02-23 19:32:00 +01:00
Slavi Pantaleev dd99b844a0
Link to Dimension setup page 2020-02-20 09:39:27 +02:00
Sathis 4356a7d405
Configuring webhooks
Added steps to configure appservice webhooks in the dimension manager.
2020-02-20 10:41:19 +05:30
Lee Verberne 8fe8cf9113 Fix matrix-appservice-irc database specification
This fixes an incorrect indentation in the database specification for
appservice-irc which caused matrix-appservice-irc to refuse to start
with the remarkably unhelpful error message:

```
ERROR:CLI Failed to run bridge.
```

This also updates doc links to the new matrixdotorg repo because the
tedomum repo contains out-of-date documentation.
2020-02-08 11:02:03 +01:00
Slavi Pantaleev f18037ae42 Disable TLSv1.1 by default 2020-01-30 12:56:20 +02:00
Aaron Raimist d77df2990a
Link to official instructions on how to install Ansible 2020-01-26 14:17:59 -06:00
Slavi Pantaleev 704d2ff861
Merge pull request #351 from prasket/matrix-change-user-admin-status
Matrix change user admin status
2020-01-23 10:35:28 +02:00
Aaron Raimist 65963f694a
Use Postgres 12.1 when creating a backup 2020-01-20 16:33:47 -06:00
prasket 80dd5f0b46 reversing another accident, forgot vim mode wasnt enabled at the time 2020-01-20 13:05:46 -08:00
prasket a23455b697 accidentaly removed a : 2020-01-20 13:02:02 -08:00
prasket 92c6031c9f changes to the docs for the new admin modifcation scripts 2020-01-20 12:59:36 -08:00
Aaron Raimist 121994f562
Reword updating-users-passwords.md option 3 2020-01-20 12:09:01 -06:00
prasket e99497bb60 created new file with change admin options and removed make admin file. Updated name references as well throughout the project. 2020-01-19 18:39:56 -08:00
Slavi Pantaleev b8eb5e4e0d Add a note for users not using SSH keys 2020-01-18 19:55:26 +02:00
Slavi Pantaleev 4840214193 Announce Appservice Webhooks support
Related to #339 (Github Pull Request).
2020-01-14 16:02:37 +02:00
Slavi Pantaleev 0ffe821cfb Fix some minor Markdown rendering issues 2020-01-14 15:55:56 +02:00
Björn Marten cb57cd503e Fix documentation mistakes caused due to carelessness 2020-01-13 17:28:54 +01:00
Björn Marten c2696e8fa7 Add appservice-webhooks configuration documentation 2020-01-13 17:20:50 +01:00
Slavi Pantaleev bd38861179 Add support for automatic Double Puppeting for all Mautrix bridges 2020-01-12 20:28:36 +02:00
Slavi Pantaleev 71ccf19f25
Fix typo 2020-01-03 17:00:11 +02:00
Hanno J. Gödecke a6f85df295
Notes when not using a ssh key for authentication
Fixed small typo, added an extra note on how to use the ansible docker image when not using a ssh key for authentication
2020-01-03 15:58:08 +01:00
DreamsVoid ad8b4d9c30
Update configuring-playbook-bridge-mautrix-telegram.md
typographical error
2020-01-02 22:26:17 +00:00
Slavi Pantaleev df83dfb2e1
Fix port typo 2019-12-11 10:16:28 +02:00
Logan Pulley 68e1a636c3 Added Traefik configuration example to own webserver docs 2019-12-10 12:17:19 -06:00
Slavi Pantaleev ca3b158d94 Add support to matrix-nginx-proxy to work in HTTP-only mode 2019-12-06 11:53:15 +02:00
benkuly 10c2dfe58f
fixed typo 2019-12-02 08:50:26 +01:00
benkuly feb35486a0
added documentation for telegram relay bot feature 2019-11-30 08:36:53 +01:00
Slavi Pantaleev 50614f1bad Simplify Prerequisites a bit
Don't mention systemd-journald adjustment anymore, because
we've changed log levels to WARNING and Synapse is not chatty by default
anymore.

The "excessive log messages may get dropped on CentOS" issue no longer
applies to most users and we shouldn't bother them with it.
2019-11-10 08:35:17 +02:00
Slavi Pantaleev 9b84e06201 Add a note about CentOS 8 support 2019-11-10 08:31:08 +02:00
Aaron Raimist cb2cb70b31
Mention that ARM is not supported
Feel free to reword but we have had a couple of issues created now asking about Raspberry Pi support.
2019-11-08 08:55:36 -06:00
Julian Foad 53bc7afa66
Fix --mount syntax in examples
s/type-bind/type=bind/g
2019-11-04 17:07:23 +00:00
fnoah fe103489c6 Add file ending 2019-10-23 16:21:14 +02:00
fnoah 692355e3e2 Fix link 2019-10-23 16:19:46 +02:00
fnoah 7b65a16375 Fix 2019-10-23 16:16:32 +02:00
fnoah 64ce74137c Add documentation part 2 2019-10-23 16:14:29 +02:00
fnoah 17c52687a6 Add documentation 2019-10-22 17:24:27 +02:00
fnoah 64370cb58b Fix formatting issues 2019-10-22 09:54:13 +02:00
Noah Fleischmann 852fceb33f Add documentation 2019-10-21 20:11:00 +02:00
Slavi Pantaleev e32aaacaa7 Make gzipped SQL dumps by default during --upgrade-postgres 2019-10-05 11:42:08 +03:00
Slavi Pantaleev 29526e7bb1 Add support for backing up / importing all Postgres databases/users 2019-10-05 11:42:08 +03:00
Paul Tötterman aabb16d78b Fix spelling ngnix -> nginx 2019-10-04 11:07:37 +03:00
Slavi Pantaleev 9c438a3870 Add support for Postgres v12 2019-10-04 08:51:36 +03:00
Slavi Pantaleev 810d0fb0e4 Make it possible to serve static websites from the base domain 2019-10-03 11:24:04 +03:00
Arehandoro d7343389ec
Update configuring-well-known.md 2019-09-23 16:44:13 +01:00
Slavi Pantaleev 68ed2ebefa Add support for Synapse Simple Antispam
Fixes #255 (Github Issue).
2019-09-09 08:13:10 +03:00
sudneo b2e0e4efe3 Adds doc for HAproxy 2019-08-25 22:53:34 +03:00
Slavi Pantaleev 0edd7e8089 Make Riot-web configuration extensible
Fixes #71 (Github Issue).
2019-08-25 10:37:05 +03:00
Slavi Pantaleev c4eebc5355 Add information about community-grouping for the Facebook bridge 2019-08-24 12:14:17 +03:00
Slavi Pantaleev 10a9deba4a Make Synapse configuration extensible 2019-08-22 09:49:22 +03:00
Slavi Pantaleev 65da600426
Merge branch 'master' into master 2019-08-21 07:34:20 +03:00
Slavi Pantaleev 63d1ed1d56 Update changelog and documentation 2019-08-21 07:24:58 +03:00
Slavi Pantaleev c8a4d59a81
Merge pull request #251 from Munfred/master
Add mautrix-hangouts bridge role and documentation
2019-08-21 07:15:14 +03:00
Eduardo Beltrame 53ae84f627
Add documentation on mautrix-hangouts bridge 2019-08-19 23:00:05 -07:00
Eduardo Beltrame ecff0f4a67
Describe setting up SMTP server with Sendgrid 2019-08-18 19:55:54 -07:00
kingoftheconnors 63cf891842 Improved documentation 2019-08-13 10:54:58 -04:00
Slavi Pantaleev c2c0481d90 Mention Email2Matrix usage alongside Postfix 2019-08-09 12:15:44 +03:00
Slavi Pantaleev 3e57a1463a Serve nginx status page over HTTPS as well
Continuation of #234 (Github Pull Request).

I had unintentionally updated the documentation for the feature,
saying the page is available at `https://matrix.DOMAIN/nginx_status`.

Looks like it wasn't the case, going against my expectations.

I'm correcting this with this patch.
The status page is being made available on both HTTP and HTTPS.
Serving over HTTP is likely necessary for services like
Longview
(https://www.linode.com/docs/platform/longview/longview-app-for-nginx/)
2019-08-07 12:53:53 +03:00
Slavi Pantaleev f97175a1c6
Update configuring-playbook-ngnix.md 2019-08-07 12:35:48 +03:00
p5t2vspoqqw 4b8190dc3f serve status page for matrix.DOMAIN only 2019-08-07 10:54:14 +02:00
p5t2vspoqqw 281f2ee519 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-08-07 09:30:24 +02:00
Slavi Pantaleev bce165f247 Do not suggest DEBUG logging when submitting issues
It's been pointed out that DEBUG logs could contain sensitive
information (access tokens, etc.), which makes them unsuitable
for sharing with others. INFO should be enough.
2019-08-06 07:14:52 +03:00
Slavi Pantaleev d222640140 Add firewall notice about email2matrix 2019-08-05 14:10:24 +03:00
Slavi Pantaleev 4be35822dd Add Email2Matrix support 2019-08-05 13:09:49 +03:00
p5t2vspoqqw 51d5741bb3 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-08-05 09:34:30 +02:00
Esko f084bb4ae5
Clarify sentence about dedicated user for access token 2019-08-04 05:18:16 +02:00
Slavi Pantaleev 6fe4bafc2a Decrease default Synapse logging level
Also discussed previously in #213 (Github Pull Request).

shared-secret-auth and rest-auth logging is still at `INFO`
intentionally, as user login events seem more important to keep.
Those modules typically don't spam as much.
2019-08-03 07:48:04 +03:00
kingoftheconnors 49766c5dac Added Slack role 2019-07-26 21:37:21 -04:00
p5t2vspoqqw 5054fff88b Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-07-12 15:45:19 +02:00
Slavi Pantaleev 99283ef684 Add note about SMTPS not being supported
Fixes #216 (Github Issue).
2019-07-10 08:43:27 +03:00
Slavi Pantaleev 0e4030f05c Add missing word 2019-07-09 09:14:57 +03:00
Slavi Pantaleev 76862f4f2a Suggest running start tag after janitor and Postgres vacuum
We do restart Synapse explicitly, but some other services
(bridges, matrix-corporal, ..) may not restart sometimes.

It's best to restart all services explicitly.
2019-07-08 11:09:23 +03:00
Slavi Pantaleev e317de5ac1 Fix broken link 2019-07-08 09:40:52 +03:00
Slavi Pantaleev 0ca21d80d7 Add Synapse Maintenance docs and synapse-janitor integration 2019-07-08 09:38:36 +03:00
p5t2vspoqqw d88e261150 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-07-05 16:12:29 +02:00
Slavi Pantaleev ef5e4ad061 Make Synapse not log to text files
Somewhat related to #213 (Github Pull Request).

We've been moving in the opposite direction for quite a long time.
All services should just leave logging to systemd's journald.
2019-07-04 17:46:31 +03:00
Slavi Pantaleev da6edc9cba Add support for disabling Synapse's local database for user auth
This is a new feature of Synapse v1.1.0.

Discussed in #145 (Github Pull Request).
2019-07-04 17:11:51 +03:00
p5t2vspoqqw 9874c3df90 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-26 10:41:14 +02:00
Slavi Pantaleev 8529efcd1c Make Discord bridge configuration playbook-managed
Well, `config.yaml` has been playbook-managed for a long time.
It's now extended to match the default sample config of the Discord
bridge.

With this patch, we also make `registration.yaml` playbook-managed,
which leads us to consistency with all other bridges.

Along with that, we introduce `./config` and `./data` separation,
like we do for the other bridges.
2019-06-26 10:35:00 +03:00
Slavi Pantaleev 59b56fa504 Update Docker image of Ansible (2.7.0 -> 2.8.1) 2019-06-26 07:40:36 +03:00
p5t2vspoqqw 466b35b1b6 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-19 16:56:29 +02:00
Slavi Pantaleev 174a6fcd1b Make IRC bridge configuration entirely managed by the playbook 2019-06-19 12:29:44 +03:00
Slavi Pantaleev 5002c7edaa Fix broken docs link 2019-06-19 10:30:04 +03:00
Slavi Pantaleev 2e16257e50 Do not ask for _matrix._tcp SRV records anymore
With most people on Synapse v0.99+ and Synapse v1.0 now available,
we should no longer try to be backward compatible with Synapse 0.34,
because this just complicates the instructions for no good reason.
2019-06-12 14:51:10 +03:00
p5t2vspoqqw 8fcdac3738 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-12 10:10:52 +02:00
Slavi Pantaleev 8a7b3d5bd0
Make instructions simpler and safer
Changes to the original are:
- it tells people to stop and disable services, so that:
   - services won't be running while you are copying files
   - services won't accidentally start again later
- it does the file-copying in 1 step
- it does copying before running `--tags=setup-all`, so that existing files (SSL certificates, etc.) can be reused. Otherwise, the playbook starts from a blank slate, retrieves them anew, generates new signing keys anew, etc. Only to have those replaced by your own old backup later.
- it mentions DNS changes
- combines `--tags=setup-all,start` into a single step, thanks to the files being already copied
2019-06-12 09:36:19 +03:00
Michael Haak a8dc0befa9 Added a basic guide on migrating to another server 2019-06-11 22:06:25 +02:00
Slavi Pantaleev 4f0bcc624f Fix typo 2019-06-07 14:29:51 +03:00
Slavi Pantaleev 04bc50a282 Make Facebook bridge docs more detailed 2019-06-07 13:51:43 +03:00
p5t2vspoqqw 4b657b3822 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-06-03 10:13:25 +02:00
Slavi Pantaleev 70487061f4 Prefer --mount instead of -v for mounting volumes
This doesn't replace all usage of `-v`, but it's a start.

People sometimes troubleshoot by deleting files (especially bridge
config files). Restarting Synapse with a missing registration.yaml file
for a given bridge, causes the `-v
/something/registration.yaml:/something/registration.yaml:ro` option
to force-create `/something/registration.yaml` as a directory.

When a path that's provided to the `-v` option is missing, Docker
auto-creates that path as a directory.
This causes more breakage and confusion later on.

We'd rather fail, instead of magically creating directories.
Using `--mount`, instead of `-v` is the solution to this.

From Docker's documentation:

> When you use --mount with type=bind, the host-path must refer to an existing path on the host.
> The path will not be created for you and the service will fail with an error if the path does not exist.
2019-05-29 09:59:50 +03:00
Slavi Pantaleev 5bfd22d13b Fix incorrect inventory host_vars paths 2019-05-24 08:06:42 +09:00
p5t2vspoqqw 0cfa73f153 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-05-23 10:48:22 +02:00
Slavi Pantaleev 1e1c7933e2 Mention Postgres + SSL in the docs
Refers to #89 (Github Issue)
2019-05-22 09:17:33 +09:00
Marcel Partap 66388c1f5b Provide a sample rest_auth_endpoint close to actual setup 2019-05-15 01:51:02 +02:00
Aaron Raimist 2d1fbdb51d
Move around options on updating-users-passwords.md
and provide an example for using the admin API
2019-05-11 21:39:31 -05:00
Aaron Raimist 59e05672d0
Convert registering-users.md to use ``` syntax for code blocks
The bit about the matrix-make-user-admin script was messed up (it wasn't actually a code block so the "<username>" was hidden). For me at least it seems like the ``` syntax is much harder to accidentally mess up.
2019-05-10 15:38:22 -05:00
Aaron Raimist 12b7cccbc6
Mention the Synapse User Admin API on updating-users-passwords.md 2019-05-10 15:33:15 -05:00
p5t2vspoqqw 4315b472af Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-05-09 09:34:09 +02:00
Slavi Pantaleev 2dd8d07ac9 Add docs about using other S3-compatible object stores 2019-05-09 10:28:01 +03:00
Slavi Pantaleev 216cdf8c74
Merge pull request #166 from izissise/mautrix-facebook
Mautrix facebook
2019-05-09 10:05:14 +03:00
Slavi Pantaleev d91cff3f7a Add docs about integrating mxisd's Registration feature
Docs for #161 (Github issue) and #168 (Github Pull Request).
2019-05-09 09:55:03 +03:00
Slavi Pantaleev ccb33369a7
Merge pull request #169 from verb/federation-tester
Update URL for Matrix federation tester
2019-05-09 09:22:10 +03:00
Lee Verberne 8b5c1b0bd5 Update URL for Matrix federation tester
The previous URL returns a 404.
2019-05-09 07:04:46 +02:00
Hugues Morisset d4372d5ba8 Add mautrix-facebook doc 2019-05-08 17:11:07 +02:00
Slavi Pantaleev e6fecd51d5 Explain DNS SRV vs /.well-known/matrix/server better
Hopefully, we no longer lead people to believe that DNS SRV
records are going away forever and for all use-cases.

Fixes #156 (Github Issue)
2019-05-05 11:04:52 +03:00
Lyubomir Popov 134faa3139 Add the ability to update user passwords with ansible (when using the matrix-postgres container). 2019-04-30 16:30:26 +03:00
p5t2vspoqqw c2eabf2b9d Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-04-23 09:45:10 +02:00
p5t2vspoqqw 7ee6927ca9 add suggested change; correct indent 2019-04-23 09:44:02 +02:00
Slavi Pantaleev 892abdc700 Do not refer to Synapse as "Matrix Synapse" 2019-04-23 10:20:56 +03:00
Slavi Pantaleev 9ea5088761 Add TURN server configuration documentation 2019-04-19 09:57:41 +03:00
Slavi Pantaleev a4da1535dd Split additional configuration options in groups
It's too many configuration options to keep them in a single list.
Trying to put some order.
2019-04-19 09:54:18 +03:00
p5t2vspoqqw deeefac84c add ngnix-status to config
add doc
2019-04-17 13:45:42 +02:00
jreichmann aba8327991
Give a hint to look into the examples if using caddy 2019-04-16 19:46:17 +02:00
Slavi Pantaleev 9c401efb2d Add a note about beta/pre-release distros 2019-04-16 13:10:31 +03:00
Slavi Pantaleev 9202b2b8d9 Ensure systemd services are running when doing --tags=start
Fixes #129 (Github Issue).

Unfortunately, we rely on `service_facts`, which is only available
in Ansible >= 2.5.

There's little reason to stick to an old version such as Ansible 2.4:
- some time has passed since we've raised version requirements - it's
time to move into the future (a little bit)
- we've recently (in 82b4640072) improved the way one can run
Ansible in a Docker container

From now on, Ansible >= 2.5 is required.
2019-04-03 11:19:06 +03:00
Slavi Pantaleev 82b4640072 Use a more suitable Docker image for running Ansible
Inspired by #128 (Github Issue), we've created a new Docker image
to replace https://hub.docker.com/r/qmxme/ansible

Adding dnspython or dig to `qmxme/ansible` doesn't seem like a good
idea (that might be accepted by them), given that it's specific to our
use case. That's why we'll be maintaining our own image from now on.
2019-04-03 10:28:23 +03:00
Slavi Pantaleev 631b7cc6a6 Add support for adjusting Synapse rate-limiting configuration 2019-04-01 21:40:14 +03:00
Borjan Tchakaloff cbd629e7ea Specify that cron is likely required on the server
When using Let's Encrypt SSL certificates, a cronjob is set up to
automatically renew them. Though it does require a `cron`-compatible
program on the server.

This fixes the error that is caused by the `/etc/cron.d` directory
not existing and the `ansible-cron` module trying to write out a
file there -- without checking if the directory exists first.
2019-03-22 17:44:24 +01:00
Slavi Pantaleev 1939fc9113 Improve documentation a bit 2019-03-19 18:23:54 +02:00
Slavi Pantaleev 59e37105e8 Add TLS support to Coturn 2019-03-19 10:24:39 +02:00
Slavi Pantaleev 10d9293121 Indicate that TURN ports are a range 2019-03-13 08:23:10 +02:00
Slavi Pantaleev c545d3eb85 Add support for serving base domain via matrix-nginx-proxy 2019-03-12 23:01:16 +02:00
Slavi Pantaleev 1974935bc6 Update docs a bit 2019-03-12 11:38:59 +02:00
Slavi Pantaleev 54e79c10a1
Merge pull request #112 from NullIsNot0/master
Fix Dimension documentation
2019-03-10 21:53:33 +02:00
Slavi Pantaleev 52486356e5 Add some more links to Dimension's homepage 2019-03-10 21:43:03 +02:00
Edgars Voroboks c49ba1c4ab Fix Dimension documentation 2019-03-10 21:41:31 +02:00
Slavi Pantaleev a1f9869eb2 Improve documentation about getting the playbook 2019-03-10 17:02:20 +02:00
Edgars Voroboks 9f5215c95a Make some additions to Dimension documentation 2019-03-10 13:17:56 +02:00
Edgars Voroboks 1bff4893d9 Provide Dimension documentation 2019-03-10 10:12:31 +02:00
Slavi Pantaleev ae7e17e64a Add information about mxisd email template customization
Related to #108 (Github Pull Request).
2019-03-08 12:06:50 +02:00
Slavi Pantaleev 401d7560e9 Make Discord bridging instructions more detailed
It didn't mention `matrix_appservice_discord_client_id` and
`matrix_appservice_discord_bot_token`, which makes it hard for
beginners.

Related to #105 (Github Pull Request).
2019-03-05 09:10:32 +02:00
Lionstiger b5ae0254fd used ` backticks instead of double quotes 2019-03-04 14:41:58 +01:00
Lionstiger faa16617da add documentation 2019-03-03 19:34:30 +01:00
Lionstiger 835c349275 Add matrix-appservice-discord bridge
Bridge is setup to work on the matrix side with this, but the discord invite link is not automatically generated.
2019-03-03 18:22:52 +01:00
Slavi Pantaleev 041a1947b3 Update Synapse (0.99.1.1 -> 0.99.2) 2019-03-02 10:03:09 +02:00
frlae 6b47ebeaa7 fixed a small path typo in playbook telemetry docs 2019-03-01 07:48:45 +01:00
Slavi Pantaleev a43bcd81fe Rename some variables 2019-02-28 11:51:09 +02:00
Slavi Pantaleev 28bd6dc75b Improve Telegram/Whatsapp instructions 2019-02-22 14:50:07 +02:00
Slavi Pantaleev 747574ab56 Update Prerequisites a bit 2019-02-20 11:39:04 +02:00
Slavi Pantaleev b79db89221 Improve wording a bit 2019-02-15 10:03:33 +02:00
Slavi Pantaleev fcdc2a6c4f Fix incomplete sentence 2019-02-15 10:01:10 +02:00
Slavi Pantaleev eb08e20418 Upgrade Synapse (0.99.0 -> 0.99.1) and sync config
`matrix_synapse_no_tls` is now implicit, so we've gotten rid of it.

The `homeserver.yaml.j2` template has been synchronized with the
configuration generated by Synapse v0.99.1 (some new options
are present, etc.)
2019-02-14 18:40:55 +02:00
Slavi Pantaleev 70b2f07fec Add PostgreSQL backup information 2019-02-09 14:36:47 +02:00
Slavi Pantaleev 46accfdb3c Add guide about certificates for other domains
We had something like that on the Server Delegation how-to page,
but it's better if we have it on the SSL certificates page.

Relocated there and improved linking.

Fixes #94 (Github Issue)
2019-02-08 11:59:00 +02:00
Slavi Pantaleev f4fa03d4b9 Re-iterate where one can find the well-known files 2019-02-07 19:43:00 +02:00
Slavi Pantaleev ef903fe544 Add some quick links 2019-02-06 13:30:24 +02:00
Slavi Pantaleev e9cfcb8429 Fix another YAML indentation problem on documentation page 2019-02-06 13:04:19 +02:00
Slavi Pantaleev 92aa5bfa2d Fix YAML indentation on documentation page 2019-02-06 13:03:26 +02:00
Slavi Pantaleev 33726cdb08 Fix anchor 2019-02-06 13:02:17 +02:00
Slavi Pantaleev 5148f8edf4 Update docs 2019-02-06 09:36:03 +02:00
Slavi Pantaleev 91a757c581 Add support for reloading Synapse 2019-02-06 09:25:13 +02:00
Slavi Pantaleev 772154f3b9 Update Server Delegation docs a bit 2019-02-05 13:38:20 +02:00
Slavi Pantaleev b540427974 Mention alternative ways to do Server Delegation 2019-02-05 13:02:15 +02:00
Slavi Pantaleev f6ebd4ce62 Initial work on Synapse 0.99/1.0 preparation 2019-02-05 12:09:46 +02:00
Plailect 29b40b428a
Database files must be stored on permanent storage 2019-02-01 11:44:06 -05:00
Slavi Pantaleev 5e8a7fd05b Update own-webserver guide and add sample Apache configuration
This supersedes #59 (Github Pull Request),
which was greatly beneficial in creating our sample Apache configuration.
2019-02-01 16:58:11 +02:00
Slavi Pantaleev 8681a5dc69 Add 'none' SSL certificate retrieval method 2019-02-01 16:50:25 +02:00
Slavi Pantaleev e09b7435d1 Update documentation a bit 2019-02-01 12:26:43 +02:00
Slavi Pantaleev cd332d9b4e Add TLS v1.3 support to matrix-nginx-proxy
This was mentioned in #27 (Github Pull Request),
but it's just now that the nginx Docker image actually supports
TLS v1.3 and we can enable it.
2019-02-01 11:49:22 +02:00
Slavi Pantaleev a9fae8e3b1 Revert "Use native OpenSSL module to generate passkey.pem"
This reverts commit 0dac5ea508.

Relying on pyOpenSSL is the Ansible way of doing things, but is
impractical and annoying for users.

`openssl` is easily available on most servers, even by default.
We'd better use that.
2019-01-31 20:45:14 +02:00
Plailect 0dac5ea508
Use native OpenSSL module to generate passkey.pem 2019-01-31 11:38:54 -05:00
Plailect 0a2a8e118c
Update example configuration and documentation 2019-01-31 11:05:27 -05:00
Plailect 1c057bf06d
Correct variable name in documentation 2019-01-31 10:58:45 -05:00
Plailect 3a4a671dd7
Add support for matrix-appservice-irc 2019-01-31 00:37:23 -05:00
Slavi Pantaleev 299a8c4c7c Make (most) containers start as non-root
This makes all containers (except mautrix-telegram and
mautrix-whatsapp), start as a non-root user.

We do this, because we don't trust some of the images.
In any case, we'd rather not trust ALL images and avoid giving
`root` access at all. We can't be sure they would drop privileges
or what they might do before they do it.

Because Postfix doesn't support running as non-root,
it had to be replaced by an Exim mail server.

The matrix-nginx-proxy nginx container image is patched up
(by replacing its main configuration) so that it can work as non-root.
It seems like there's no other good image that we can use and that is up-to-date
(https://hub.docker.com/r/nginxinc/nginx-unprivileged is outdated).

Likewise for riot-web (https://hub.docker.com/r/bubuntux/riot-web/),
we patch it up ourselves when starting (replacing the main nginx
configuration).
Ideally, it would be fixed upstream so we can simplify.
2019-01-27 20:25:13 +02:00
Slavi Pantaleev c10182e5a6 Make roles more independent of one another
With this change, the following roles are now only dependent
on the minimal `matrix-base` role:
- `matrix-corporal`
- `matrix-coturn`
- `matrix-mailer`
- `matrix-mxisd`
- `matrix-postgres`
- `matrix-riot-web`
- `matrix-synapse`

The `matrix-nginx-proxy` role still does too much and remains
dependent on the others.

Wiring up the various (now-independent) roles happens
via a glue variables file (`group_vars/matrix-servers`).
It's triggered for all hosts in the `matrix-servers` group.

According to Ansible's rules of priority, we have the following
chain of inclusion/overriding now:
- role defaults (mostly empty or good for independent usage)
- playbook glue variables (`group_vars/matrix-servers`)
- inventory host variables (`inventory/host_vars/matrix.<your-domain>`)

All roles default to enabling their main component
(e.g. `matrix_mxisd_enabled: true`, `matrix_riot_web_enabled: true`).
Reasoning: if a role is included in a playbook (especially separately,
in another playbook), it should "work" by default.

Our playbook disables some of those if they are not generally useful
(e.g. `matrix_corporal_enabled: false`).
2019-01-16 18:05:48 +02:00
Slavi Pantaleev 51312b8250 Split playbook into multiple roles
As suggested in #63 (Github issue), splitting the
playbook's logic into multiple roles will be beneficial for
maintainability.

This patch realizes this split. Still, some components
affect others, so the roles are not really independent of one
another. For example:
- disabling mxisd (`matrix_mxisd_enabled: false`), causes Synapse
and riot-web to reconfigure themselves with other (public)
Identity servers.

- enabling matrix-corporal (`matrix_corporal_enabled: true`) affects
how reverse-proxying (by `matrix-nginx-proxy`) is done, in order to
put matrix-corporal's gateway server in front of Synapse

We may be able to move away from such dependencies in the future,
at the expense of a more complicated manual configuration, but
it's probably not worth sacrificing the convenience we have now.

As part of this work, the way we do "start components" has been
redone now to use a loop, as suggested in #65 (Github issue).
This should make restarting faster and more reliable.
2019-01-12 18:01:10 +02:00
Slavi Pantaleev 9a9b7383e9 Completely redo how mxisd configuration gets generated
This change is provoked by a few different things:

- #54 (Github Pull Request), which rightfully says that we need a
way to support ALL mxisd configuration options easily

- the upcoming mxisd 1.3.0 release, which drops support for
property-style configuration (dot-notation), forcing us to
redo the way we generate the configuration file

With this, mxisd is much more easily configurable now
and much more easily maintaneable by us in the future
(no need to introduce additional playbook variables and logic).
2019-01-11 19:33:54 +02:00
Slavi Pantaleev 5135c0cc0a Add Ansible guide and Ansible version checks
After having multiple people report issues with retrieving
SSL certificates, we've finally discovered the culprit to be
Ansible 2.5.1 (default and latest version on Ubuntu 18.04 LTS).

As silly as it is, certain distributions ("LTS" even) are 13 bugfix
versions of Ansible behind.

From now on, we try to auto-detect buggy Ansible versions and tell the
user. We also provide some tips for how to upgrade Ansible or
run it from inside a Docker container.

My testing shows that Ansible 2.4.0 and 2.4.6 are OK.
All other intermediate 2.4.x versions haven't been tested, but we
trust they're OK too.

From the 2.5.x releases, only 2.5.0 and 2.5.1 seem to be affected.
Ansible 2.5.2 corrects the problem with `include_tasks` + `with_items`.
2019-01-03 16:24:14 +02:00
Slavi Pantaleev 76506f34e0 Make media-store restore work with server files, not local
This is a simplification and a way to make it consistent with
how we do Postgres imports (see 6d89319822), using
files coming from the server, not from the local machine.

By encouraging people NOT to use local files,
we potentially avoid problems such as #34 (Github issue),
where people would download `media_store` to their Mac's filesystem
and case-sensitivity issues will actually corrupt it.

By not encouraging local files usage, it's less likely that
people would copy (huge) directories to their local machine like that.
2019-01-01 15:57:50 +02:00
Slavi Pantaleev 543b98d24c Update documentation 2019-01-01 15:35:33 +02:00