pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
3671 commits 2 branches 0 tags 16 MiB
Commit graph

2298 commits

Author SHA1 Message Date
Michael Collins f19856e125 change template name 2021-08-24 18:35:49 +08:00
Michael Collins c6f8bc5d83 missing one template from deletion section 2021-08-24 18:35:00 +08:00
Michael Collins a49da05cf9 delegate locally 2021-08-24 18:20:26 +08:00
Michael Collins ef4b5a187d alter delete_job_template template 2021-08-24 14:33:50 +08:00
Michael Collins b120b8aeba delay these till the next playbook 2021-08-24 14:27:50 +08:00
sakkiii 01a5f521cd Merge branch 'patch-2' of https://github.com/sakkiii/matrix-docker-ansible-deploy into patch-2 2021-08-24 10:26:20 +05:30
sakkiii 00d1804dd9 prometheus & its exporter updates 2021-08-24 10:24:54 +05:30
Slavi Pantaleev 57414ec2be Upgrade matrix-corporal (2.1.1 -> 2.1.2) 2021-08-23 15:39:54 +03:00
Slavi Pantaleev 4b643db31b Upgrade devture/exim-relay (4.94.2-r0-2 -> 4.94.2-r0-3) 
Related to https://github.com/devture/exim-relay/pull/11
 2021-08-23 15:31:37 +03:00
Slavi Pantaleev ca7e0b9df2
Merge pull request #1243 from sakkiii/patch-3 
Postgres Minor Updates
 2021-08-23 15:29:14 +03:00
Slavi Pantaleev 2ec06b7477
Merge pull request #1242 from apmechev/add_beeper_linkedin_bridge 
Add beeper LinkedIn bridge
 2021-08-23 15:15:35 +03:00
Slavi Pantaleev 603ad7c52b Remove (non-working) SQLite support from beeper-linkedin bridge 
This bridge doesn't support SQLite anyway, so it's not necessary
to carry around configuration fields and code for migration from SQLite
to Postgres. There's nothing to migrate.
 2021-08-23 15:12:19 +03:00
Slavi Pantaleev 78c22138a5
Do not reference variables from other roles 
This configuration is supposed to be kept clean and not reference variables defined in other roles.

`group_vars/matrix_servers` redefines these to hook our various roles together.
 2021-08-23 15:06:00 +03:00
Thom Wiggers 78b62664cd
Update to version v0.30.0 
https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.30.0
 2021-08-23 10:29:05 +02:00
sakkiii 48548eb561
Postgres Minor Updates 2021-08-22 18:45:25 +05:30
Alexandar Mechev b13cf1871f add code for LinkedIn Bridge 2021-08-21 17:32:45 +02:00
Slavi Pantaleev 24793adb2f
Merge pull request #1241 from sakkiii/patch-3 
Certbot update v1.18.0
 2021-08-20 22:05:29 +03:00
Slavi Pantaleev 9860fb4675 Upgrade Sygnal (v0.9.0 -> v0.10.1) 2021-08-20 17:48:24 +03:00
sakkiii f5a7e6d78b
Certbot update v1.18.0 2021-08-20 19:47:11 +05:30
Michael Collins 3125ee56e2 add abort_deletion.yml task list 2021-08-20 13:27:10 +08:00
Michael Collins e75ecd858d launch cleanup job after deleting subscription 2021-08-20 11:14:15 +08:00
Michael Collins a37e5b6d60 job templates cant delete themselves 2021-08-20 09:58:55 +08:00
Michael Collins 14effd5e2b delegate delete tasks locally 2021-08-20 09:35:12 +08:00
Michael Collins 312bcc444b no log 2021-08-20 09:28:54 +08:00
nono d9d9554a74 Update the docker image version for mautrix-telegram 2021-08-19 14:08:53 +02:00
Michael Collins 92b26ec846 check if matrix_vars.yml file exists 2021-08-19 18:05:47 +08:00
Michael Collins 7203d4ec21 replace module only if file exists 2021-08-19 18:01:26 +08:00
Michael Collins 9ac5ad148a merge upstream 2021-08-19 17:38:38 +08:00
Michael Collins b2f96df1a9 end play after deleting subscription in AWX 2021-08-19 17:13:34 +08:00
Michael Collins fa43d04ad7 syntax error 2021-08-19 17:02:28 +08:00
Michael Collins 7b9929e17b add << SUBSCRIPTION DELETION IN PROGRESS >> job template 2021-08-19 16:55:58 +08:00
AtomHare 4240df6401
update link 2021-08-18 17:25:45 +02:00
AtomHare 7d0ce01792
update links 2021-08-18 17:24:54 +02:00
AtomHare 7eec01e359
update mautrix new repo name 2021-08-18 17:21:20 +02:00
AtomHare 43c9eab6b9
update mautrix new repo name 2021-08-18 17:20:18 +02:00
AtomHare 1ae4032cb7
update new repo name mautrix 2021-08-18 17:17:44 +02:00
AtomHare b9124c0080
update new repo name mautrix-hangouts 2021-08-18 17:16:58 +02:00
AtomHare 69f333ea25
Update main.yml 2021-08-18 17:14:18 +02:00
Michael Collins 517ecbf0d1 move delete-subscription to deploy 2021-08-18 21:07:44 +08:00
Slavi Pantaleev dc8000760b Bump Coturn version tag (4.5.2-r2 -> 4.5.2-r3) 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1236
 2021-08-18 09:50:10 +03:00
Slavi Pantaleev 511a267b00
Merge pull request #1229 from wol-win/feature/signal_config 
Feature/signal config
 2021-08-18 09:42:46 +03:00
Slavi Pantaleev 2c80e0bc89
Merge pull request #1235 from wol-win/element_web 
Upgrade Element (1.8.0 -> 1.8.1)
 2021-08-17 20:21:44 +03:00
WobbelTheBear 12dbb29675
Upgrade Element (1.8.0 -> 1.8.1) 
Element web/desktop has just been updated to fix some regressions in regard to VoIP.
 2021-08-17 12:47:52 +02:00
pushytoxin 854ea91195 Mautrix-Facebook repo location update, pin v0.3.1 
The Github link is just a redirect to Tulir's own GitLab, so I replaced the self-build link
The docker container repository was rearranged hierarchically (dock.mau.dev/tulir/mautrix-facebook -> dock.mau.dev/mautrix/facebook)
Tagged versions have been made available, thus :latest -> :v0.3.1
 2021-08-17 10:35:49 +02:00
Michael Collins bdf10462d2 Merge remote-tracking branch 'upstream/master' 2021-08-17 16:24:34 +08:00
Slavi Pantaleev 62bba12551
Merge pull request #1233 from hifi/feature/heisenbridge-1.0.0 
Pin Heisenbridge to 1.0.0
 2021-08-17 09:12:45 +03:00
Slavi Pantaleev 71c7d0ba7f
Merge pull request #1232 from thedanbob/debian-bullseye 
docker-ce is now available for Debian Bullseye
 2021-08-17 09:12:17 +03:00
Michael Collins 41c335b967 merge upstream 2021-08-17 13:20:39 +08:00
Toni Spets 4fe27a7645 Pin Heisenbridge to 1.0.0 2021-08-17 07:50:53 +03:00
Wolfgang Winter 4b7506ca1a Preset the permissions inline with other bridges 2021-08-16 18:24:12 +02:00
Wolfgang Winter b1c94efcd8 Make template generic for the pemission settings 2021-08-16 18:23:40 +02:00
Slavi Pantaleev 70d412e523 Upgrade Element (1.7.34 -> 1.8.0) 2021-08-16 18:10:22 +03:00
Dan Arnfield df82ec13b2 docker-ce is now available for Debian Bullseye 2021-08-16 08:44:02 -05:00
Wolfgang Winter d0b557eb6f Replace tabs to spaces to prevent problems in YAML 2021-08-15 08:42:21 +02:00
Slavi Pantaleev f5a2d732ea
Merge pull request #1224 from GoMatrixHosting/master 
GoMatrixHosting v0.5.7
 2021-08-15 08:45:56 +03:00
Wolfgang Winter 7486db0d1a Missing ticks 2021-08-14 17:58:08 +02:00
WobbelTheBear f988fd3339
Change sequence of permissions 
As per earlier comment (see from tulir) the sequence has been changed.
 2021-08-14 17:47:31 +02:00
WobbelTheBear d249fe874e
Update roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 
Updated settings in template file:
* relay for any user
* user permissions only for HS domain users

Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com>
 2021-08-14 17:36:43 +02:00
WobbelTheBear ae9639585c
Update roles/matrix-bridge-mautrix-signal/defaults/main.yml 
Improved setup through template file

Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com>
 2021-08-14 17:35:49 +02:00
Wolfgang Winter a34241e4cc Remove intial permissions seting 
Permissions, when set in the template, will be augmented rahter than replaced when using matrix_mautrix_signal_configuration_extension_yaml. Therefore, permissions shall only be set in the defaults/vars.yml or in the HS specific vars.yml file
 2021-08-13 21:11:41 +02:00
Wolfgang Winter 5ca28ba872 Default relay bot functionality setting 
Per default relay bot functionality is disabled; the bridge user permissions depends on the relay bot, if enabled the base domain users are on level relay, else remain on user;
 2021-08-13 17:48:05 +02:00
Wolfgang Winter e6b77284f2 Relay bot configurable + permissions 
Enable / disable relay bot functionality as configuratoin paramter; set bridge permissions for base domain users to user level
 2021-08-13 17:46:37 +02:00
Michael Collins 98e6cd685d sync with previous repo 2021-08-13 16:05:57 +08:00
Jaffex e90b33c4e3 Update matrix-mautrix-signal config to 0.2.0 to enable relay mode 2021-08-12 12:52:55 +02:00
Michael Collins 4c12c1892c use saner folder permissions 2021-08-11 17:32:38 +08:00
Michael Collins 4d57a41b3f remove matrix_awx_enabled from these 2021-08-11 17:18:57 +08:00
Michael Collins 2e30802b87 use group variables instead 2021-08-11 15:21:09 +08:00
Michael Collins 8238d65e5f simplify template conditional 2021-08-11 14:19:19 +08:00
Toni Spets bce94c5860 Allow configuring synapse database transaction limit 2021-08-10 21:09:28 +03:00
Slavi Pantaleev 05ad620386 Update homeserver.yaml to keep up with Synapse v1.40.0 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1225
 2021-08-10 17:36:44 +03:00
WobbelTheBear 2469ada520
Update Synapse (1.39.0 -> 1.40.0) 2021-08-10 15:32:07 +02:00
Michael Collins bfb61e776e GMH v0.5.7... maybe! 2021-08-10 12:58:10 +08:00
Sebastian Gumprich 24589b91f4 irc appservice image tag has a 'v' now 2021-08-09 19:01:51 +02:00
Slavi Pantaleev 6de8b5925a
Merge pull request #1222 from wol-win/feature/signal 
New version of Mautrix Signal bridge (version 0.2.0)
 2021-08-09 13:59:17 +03:00
Wolfgang Winter 6ecfbe98b1 New version of Mautrix Signal bridge version 0.2.0 provided through new GitLab repository location 2021-08-09 11:19:12 +02:00
Thom Wiggers d11d6f52ae
Update IRC appservice 
https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.29.0
 2021-08-09 10:57:45 +02:00
Sebastian Gumprich d2a1b8b134
whatsapp bridge has new docker image location 
See https://github.com/mautrix/whatsapp/releases/tag/v0.1.8
 2021-08-07 15:47:24 +02:00
Slavi Pantaleev 2e23166ed3
Merge pull request #1216 from aaronraimist/hydrogen 
Upgrade Hydrogen (0.2.3 -> 0.2.5)
 2021-08-07 11:34:04 +03:00
Aaron Raimist f3aae70f70
Upgrade Hydrogen (0.2.3 -> 0.2.5) 2021-08-07 02:47:51 -05:00
Slavi Pantaleev 23006fd64e Fix email2matrix path initialization 
Regression since 421f85defa
 2021-08-04 17:59:49 +03:00
Slavi Pantaleev 421f85defa Add self-building support to matrix-email2matrix 2021-08-04 15:03:45 +03:00
Slavi Pantaleev 2697590d28 Remove some useless if conditions 2021-08-04 14:51:15 +03:00
Slavi Pantaleev a68ac9cb4f Split install/uninstall tasks in matrix-email2matrix 2021-08-04 14:45:07 +03:00
Slavi Pantaleev 5fc61ed964 Upgrade Element (1.7.33 -> 1.7.34) 2021-08-04 09:09:35 +03:00
Slavi Pantaleev 179775b92d Upgrade Synapse (1.38.1 -> 1.39.0) 2021-07-29 18:51:22 +03:00
Slavi Pantaleev dfa7b6e4fd
Merge pull request #1171 from BackInBash/patch-1 
Updating to ma1sd v2.5.0
 2021-07-28 11:09:39 +03:00
Slavi Pantaleev 676101e999 Minor fixups for ma1sd 2.5.0 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1171
 2021-07-28 11:08:50 +03:00
Michael Collins 67db5a0024 GoMatrixHosting v0.5.5 2021-07-27 15:12:03 +08:00
Slavi Pantaleev 49abe66f1d
Remove unnecessary if condition 
All of `setup_install.yml` only runs if `matrix_bot_matrix_reminder_bot_enabled`,
so it's not necessary to add that condition once again.
 2021-07-26 08:54:35 +03:00
Nate 012440c309 Allow for self-building of reminder-bot 2021-07-25 14:16:37 -07:00
Hardy Erlinger 03e8c75a30 Restore authentication for Jitsi Meet. 2021-07-25 16:23:51 +02:00
sakkiii 4a2b169fc9
systemd-timesyncd for ubuntu 2021-07-22 23:42:53 +05:30
sakkiii f4a9c4dff2
Update prometheus node exporter (1.1.2 -> 1.2.0) 2021-07-22 23:29:43 +05:30
Slavi Pantaleev 112d8d8243 Upgrade Synapse (1.38.0 -> 1.38.1) 2021-07-22 19:48:29 +03:00
sakkiii 7f0b8fef0a
Merge branch 'spantaleev:master' into patch-1 2021-07-21 23:50:19 +05:30
Slavi Pantaleev 31244e7fcc
Merge pull request #1180 from Toorero/master 
Fixed self-build functionality for mautrix-signal
 2021-07-21 15:17:57 +03:00
Slavi Pantaleev 7d9ee3e2fb
Remove unnecessary if-condition 2021-07-21 15:17:17 +03:00
Slavi Pantaleev a21696f687
Fix some if-checks 
We'd rather not suppress pull errors or run self-build tasks if pulling fails.
 2021-07-21 15:16:14 +03:00
Toorero ead4b00c09 Reverted back to manual self-build detection 2021-07-21 14:05:21 +02:00
Slavi Pantaleev 30339cd313
Merge pull request #1139 from sakkiii/jitsi-fix 
Jitsi Update -> stable-5963
 2021-07-20 09:57:11 +03:00
sakkiii d08a78ff1f
remove prosody JICOFO_COMPONENT_SECRET 2021-07-20 12:09:11 +05:30
Slavi Pantaleev 4105ba854b
Merge pull request #1147 from datenkollektiv-net/allow-custom-federation-fqn 
Make federation domain customizable
 2021-07-20 09:12:16 +03:00
Slavi Pantaleev 25e6eb27ab
Merge pull request #1183 from Toorero/mautrix-telegram-selfbuild-fix 
Fixed mautrix-telegram selfbuild not working on non amd64 platforms
 2021-07-20 09:06:04 +03:00
Slavi Pantaleev fb221c8179
Do not needlessly ignore errors 2021-07-20 09:05:13 +03:00
Slavi Pantaleev 51b94d9987
Merge pull request #1194 from meyerrj/master 
Update main.yml for matrix-reminder-bot
 2021-07-20 08:57:59 +03:00
Slavi Pantaleev 931b16fa66
Merge pull request #1193 from sakkiii/patch-2 
Upgrade hydrogen (v0.2.0 -> v0.2.3)
 2021-07-20 08:57:23 +03:00
JokerGermany 9345d840be
root path for the base domain is wrong (#1189) 
* root path for the base domain

* Fix path when running in a container

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2021-07-20 08:48:11 +03:00
Richard Meyer a8373d6bd4
Update main.yml 
Fixes an issue related to https://github.com/anoadragon453/matrix-reminder-bot/issues/86
 2021-07-19 19:02:29 -05:00
sakkiii 8b304445e5
Upgrade hydrogen (v0.2.0 -> v0.2.3) 2021-07-19 23:31:39 +05:30
sakkiii 5209a17da1
migrate from ntp to chrony 2021-07-19 23:11:30 +05:30
Slavi Pantaleev 70cb27138c Upgrade Element (1.7.32 -> 1.7.33) 2021-07-19 18:57:19 +03:00
Toorero b3793f3595 Masked TARGETARCH via docker.build.arg directive 2021-07-17 14:40:21 +02:00
Toorero 3a28100131 Renamed matrix_lottieconverter to matrix_telegram_lottieconverter 2021-07-17 14:05:13 +02:00
Toorero 7f15787d54 Fixed mautrix-telegram selfbuild not working on non amd64 platforms 2021-07-16 18:58:55 +02:00
Toorero f933ba14ae Fixed self-build functionality for mautrix-signal and added self-build functionality for signald 2021-07-16 13:27:36 +02:00
sakkiii e90979e91f
Upgrade grafana (8.0.5 -> 8.0.6) 2021-07-15 23:10:45 +05:30
Slavi Pantaleev a435c64c13
Merge pull request #1176 from GoMatrixHosting/master 
GoMatrixHosting v0.5.4
 2021-07-15 09:28:59 +03:00
Michael-GMH 86e4649578 GoMatrixHosting v0.5.5 2021-07-15 12:47:00 +08:00
Michael-GMH 03006eb5ab GoMatrixHosting v0.5.5 2021-07-15 12:46:38 +08:00
Michael-GMH 245986c793 Merge remote-tracking branch 'upstream/master' 2021-07-15 12:44:54 +08:00
Toorero f732a75ca5 Added selfbuild functionality to mautrix-signal bridge 2021-07-14 03:11:13 +02:00
Janar Juusu c198320f65
feat: update synapse to 1.38.0 2021-07-13 20:56:47 +03:00
Slavi Pantaleev 2e0eddde9d Upgrade matrix-corporal (2.1.0 -> 2.1.1) 2021-07-10 19:40:53 +03:00
Markus 83b9908c9d
Update to ma1sd v2.5.0 2021-07-10 14:09:08 +02:00
sakkiii cd54147144
Upgrade grafana (8.0.3 -> 8.0.5) 2021-07-09 17:55:15 +05:30
sakkiii 7a51268dfc
Upgrade certbot & nginx 
Upgrade certbot (v1.16.0 -> v1.17.0) nginx (1.21.0 -> 1.21.1)
 2021-07-09 17:51:27 +05:30
Slavi Pantaleev 3fa895fe96 Upgrade Element (1.7.31 -> 1.7.32) 2021-07-09 11:26:13 +03:00
Michael-GMH f6e0cbe5f3 did i even update this 2021-07-08 09:46:29 +08:00
sakkiii 49455a9ce0
prometheus version 2.28.0 -> 2.28.1 2021-07-07 21:53:05 +05:30
Michael-GMH 1c938c72fd GoMatrixHosting 0.5.2 2021-07-06 14:51:36 +08:00
Slavi Pantaleev b4d7ab0b53
Merge pull request #1153 from Cadair/worker_prom 
Add worker metrics to prometheus exporter
 2021-07-05 10:30:02 +03:00
Slavi Pantaleev b6d71b9da1 Fix self-building for Coturn 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1158
 2021-07-03 10:06:09 +03:00
Neutron 1ad9bba88f Skip importing validate_config task when Synapse is disabled 2021-07-02 20:58:57 +03:00
Stuart Mumford 2aa457efcc Use a prom variable and not a synapse role variable 2021-07-02 15:41:36 +00:00
Michael-GMH 7acaef89df GoMatrixHosting v0.5.1 2021-07-02 14:11:09 +08:00
Slavi Pantaleev ccde2362fc
Merge branch 'master' into mjolnir-0.1.18 2021-07-02 08:52:58 +03:00
Slavi Pantaleev 55452c3068 Update Mjolnir (v0.1.17 -> v0.1.18) 2021-07-02 08:28:44 +03:00
Aaron Raimist fc16fbda5b
Remove a bunch of redundant Ansible <2.8 self building checks 2021-07-02 00:14:37 -05:00
Aaron Raimist 19ed8d1d17
Upgrade mjolnir (0.1.17 -> 0.1.18) and implement self building 2021-07-02 00:10:59 -05:00
sak 7b2211da8e remove jibri 2021-07-01 15:37:20 +05:30
Slavi Pantaleev 6294e58304 Fix Content-Security-Policy for Element 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1154

According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy,
having both a header and the `<meta>`-tag provided by Element itself is
not a problem. The 2 CSP policies get combined.
 2021-07-01 12:41:05 +03:00
Stuart Mumford 09ee5ce52e we index from 0 apparently 2021-06-30 21:32:19 +00:00
Stuart Mumford 3d063f6ace make them show as jobs in grafana 2021-06-30 21:30:18 +00:00
oxmie 5df4d68829 Make federation domain customizable 2021-06-30 23:02:27 +02:00
Stuart Mumford 7b52e6ad5e Add worker metrics to prometheus exporter 2021-06-30 20:52:49 +00:00
Davy Landman c9d73c6606
Updating to latest synapse release (performance regression) 
https://github.com/matrix-org/synapse/releases/tag/v1.37.1
 2021-06-30 16:15:00 +02:00
sakkiii d338090f00
postgres minor updates 2021-06-30 10:00:52 +05:30
Slavi Pantaleev 3da4b684a5 Upgrade Synapse (1.36.0 -> 1.37.0) 2021-06-29 13:55:09 +03:00
Thom Wiggers eb5619fd4b
Update IRC bridge 2021-06-29 12:45:21 +02:00
Michael Sasser 7578a355c4
heisenbridge fix service name 2021-06-29 12:15:03 +02:00
sakkiii 8a369f61f3
Merge branch 'spantaleev:master' into jitsi-fix 2021-06-26 21:54:42 +05:30
hanthor ddbb4b2acc
Update main.yml 
update to v0.2.0
 2021-06-24 12:10:45 -04:00
Slavi Pantaleev 2d740dbebd Mount /data in matrix-redis container 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1140
 2021-06-24 10:10:52 +03:00
sakkiii 2b881e245b
Update prometheus v2.27.1 -> v2.28.0 2021-06-24 10:07:14 +05:30
sakkiii 0cc17ab2ca matrix_jitsi_jicofo_component_secret validation 2021-06-23 23:55:55 +05:30
sakkiii f2f1b20e44 jicofo client proxy connection 2021-06-23 23:17:24 +05:30
sakkiii b132941e71
Merge branch 'spantaleev:master' into jitsi-fix 2021-06-23 21:31:25 +05:30
Slavi Pantaleev 18533b5000
Merge pull request #1135 from sakkiii/patch-1 
Coturn update 4.5.2 -> 4.5.2-r2
 2021-06-23 11:15:41 +03:00
Slavi Pantaleev d019e9078a Remove unused variables from mx-puppet-* bridges 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1131
 2021-06-23 09:56:31 +03:00
sakkiii 6ede9c8cd6 network-alias added to fix domains 2021-06-22 23:59:49 +05:30
sakkiii d9e943aaaa minor fix 2021-06-22 23:32:32 +05:30
sakkiii 0c8a3c401f jibri service 2021-06-22 23:20:09 +05:30
sakkiii 04805f35a7
Coturn update 4.5.2 -> 4.5.2-r2 2021-06-22 22:39:35 +05:30
Slavi Pantaleev b19fa3acb2 Upgrade Element (1.7.30 -> 1.7.31) 2021-06-22 10:18:58 +03:00
sakkiii 1250208907
whitespaces 2021-06-22 12:24:35 +05:30
sakkiii c0cd2a3c93
JICOFO_RESERVATION_ENABLED contains whitespaces. 2021-06-22 12:14:14 +05:30
sakkiii f8be36327c
jibri service 2021-06-22 11:11:01 +05:30
sakkiii 3e011bafd5 jibri env 2021-06-22 00:18:29 +05:30
sakkiii 8af2d818b1 domain_fix 2021-06-21 23:55:26 +05:30
sakkiii 2ca92b76b6 stable-5963 2021-06-21 23:37:08 +05:30
Slavi Pantaleev 5a1dabe14f Bump exim-relay Docker image tag 
The new one is based on Alpine 3.14, instead of Alpine 3.13.
 2021-06-21 15:32:34 +03:00
Slavi Pantaleev 282844209a
Merge pull request #1105 from blaztinn/centos-stream-8 
Add support for CentOS (Stream) 8
 2021-06-21 15:32:11 +03:00
Marcel Ackermann a790096adf
matrix_mx_puppet_slack_client_id deprecated 2021-06-21 12:13:20 +02:00
Marcel Ackermann ed078998b5
deprecated 2021-06-21 12:12:07 +02:00
Slavi Pantaleev efa7486b88
Merge pull request #1127 from sakkiii/patch-3 
Content-Security-Policy For Element Web
 2021-06-20 10:01:43 +03:00
sakkiii b826171139
Update grafana 8.0.2 -> 8.0.3 2021-06-18 23:32:30 +05:30
sakkiii 0217644b48
Content-Security-Policy For Element Web 
https://github.com/vector-im/element-web#configuration-best-practices
 2021-06-18 23:27:23 +05:30
Slavi Pantaleev 3dd32d2512 Update worker endpoints 
Should have been part of 9daeb39710
 2021-06-15 19:28:21 +03:00
Slavi Pantaleev 9daeb39710 Upgrade Synapse (1.35.1 -> 1.36.0) 2021-06-15 19:25:41 +03:00
Michael-GMH 4fb1134ad1 GoMatrixHosting v0.5.0 2021-06-14 22:36:49 +08:00
Slavi Pantaleev a7fcb7c04d
Merge pull request #1122 from sakkiii/patch-2 
update hydrogen v0.1.56 -> v0.1.57
 2021-06-14 17:26:30 +03:00
sakkiii 4cd5835e11
update hydrogen v0.1.56 -> v0.1.57 
https://github.com/vector-im/hydrogen-web/releases/tag/v0.1.57
 2021-06-14 19:46:08 +05:30
sakkiii 08d1a5c2e7
Update grafana 8.0.0 -> 8.0.2 2021-06-14 19:41:23 +05:30
Blaž Tomažič 72bc9b5cfc Add support for CentOS (Stream) 8 2021-06-12 10:49:38 +02:00
Slavi Pantaleev 1cf4d5ea7f Upgrade Redis (6.0.10 -> 6.2.4) 2021-06-10 12:25:55 +03:00
Slavi Pantaleev 963f38ee7b Upgrade certbot (v1.14.0 -> v1.16.0) 2021-06-10 12:18:42 +03:00
SkepticalWaves 2e8a2bdf7d
Add empty default for jitsi-prosody modules 2021-06-08 22:56:09 -04:00
SkepticalWaves 2886dc3939
Add module configuration to jitsi-prosody env file 2021-06-08 22:55:19 -04:00
Slavi Pantaleev 6c9c78ddae
Merge pull request #1112 from sakkiii/patch-2 
coturn update
 2021-06-08 22:46:11 +03:00
sakkiii be1d1d0b7c matrix_grafana_content_security_policy_customized default false 2021-06-09 00:52:52 +05:30
sakkiii 2d9ba82337 Update element 7.5.7 -> 8.0.0 2021-06-09 00:48:55 +05:30
sakkiii 1cc1202df2
update coturn 2021-06-08 23:59:31 +05:30
rakshazi 77fd1bff22
Update element 1.7.29 -> 1.7.30 2021-06-08 14:57:49 +00:00
Slavi Pantaleev fa76c1ee5b Do not run self-build Ansible version-check, if component not enabled 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1108
 2021-06-08 08:59:02 +03:00
Slavi Pantaleev bec9eaeb50
Merge pull request #1108 from tommes0815/fix-hydrogen-for-ansible2.7 
fix error when running with Ansible 2.7 in the hydrogen setup
 2021-06-07 22:09:39 +03:00
Thom Wiggers 3c05cc04bc
Update IRC appservice 2021-06-07 10:41:18 +02:00
Thomas Kühne 7f4e71b22a fix error when running with Ansible 2.7 in the hydrogen setup 
Without this the hydrogen task would fail for Ansible 2.7 even when hydrogen is not enabled.
 2021-06-06 14:37:17 +02:00
Michael-GMH 122a92fa1c GoMatrixHosting v0.4.9 update 2021-06-04 13:10:45 +08:00
Slavi Pantaleev b1f1c28ef0 Upgrade Synapse (1.34.0 -> 1.35.0) 2021-06-01 19:14:59 +03:00
Michael-GMH ad7bbd6442 merge upstream 2021-06-01 16:00:13 +08:00
Michael-GMH 6f40d78353 fix random edits to upstream 2021-05-25 21:25:40 +08:00
Michael-GMH ea6e344d05 merge upstream 2021-05-25 21:10:34 +08:00
Michael-GMH 85777e8f96 merge with upstream 2021-05-25 21:08:00 +08:00
Slavi Pantaleev 1ed0857019 Fix syntax error 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
 2021-05-25 11:45:17 +03:00
sakkiii 4a4a7f136e changes added to hydrogen client 2021-05-25 11:42:51 +05:30
sakkiii 25e67b51d1 Merge branch 'spantaleev:master' into master 2021-05-25 11:40:56 +05:30
sakkiii 3436f9c10a rename to matrix_nginx_proxy_hsts_preload_enabled 2021-05-25 00:56:59 +05:30
Slavi Pantaleev 0648b1b618 Upgrade Element (1.7.28 -> 1.7.29) 2021-05-24 20:38:48 +03:00
sakkiii 7cc5328ede Comments & Ref 2021-05-24 17:20:54 +05:30
sakkiii df2d91970d matrix_nginx_proxy_xss_protection 2021-05-24 17:02:47 +05:30
Slavi Pantaleev d4c7a90b5c
Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility 
Allow Jitsi XMPP websocket support for users using own webserver.
 2021-05-24 11:07:05 +03:00
ewang 409cd2b9a3 Source port binding from group vars in line other components 2021-05-23 14:06:18 +02:00
Eagle-251 ef6a7e051c
Fix missing port binding. 2021-05-22 15:55:50 +02:00
ewang 1bb6ed97ae Make port bindings default for those disabling nginx proxy 
I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```.
Hopefully that should make it the default behaviour now.
 2021-05-22 15:53:42 +02:00
Aaron Raimist 3c0452ff5a
Remove unnecessary bind for config.json, use proper nginx.conf 2021-05-21 17:22:40 -05:00
ewang 4a772e50f4 Allow Jitsi XMPP webscoket support for users using own webserver. 
Added:
 - Conditional localhost Port bindings for Jitsi Prosody systemd template
- Added variable to main.yml to allow overriding from vars.yml
 2021-05-21 15:26:06 +02:00
Slavi Pantaleev 6f80292745
Add OCSP stapling support and other SSL optimizations to Hydrogen vhost 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
 2021-05-21 13:40:37 +03:00
Slavi Pantaleev d0de21ab34
Delete Hydrogen nginx configuration file when disabled 2021-05-21 12:58:32 +03:00
Aaron Raimist ac4ede20af
Add docs 2021-05-21 04:43:04 -05:00
Aaron Raimist 1633f61018
Only install config.json when self building 2021-05-21 04:23:06 -05:00
Aaron Raimist 04548f8df2
Merge branch 'master' into hydrogen 2021-05-21 04:09:18 -05:00
Aaron Raimist 9437f78c9e
Build using custom config.json, add CSP, update to 0.1.53 2021-05-21 03:45:21 -05:00
Slavi Pantaleev 47b4608b96 Fail in a friendlier way when trying to self-build on Ansible <= 2.8 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070

Related discussion here: 1ab507349c (commitcomment-51108407)
 2021-05-21 11:15:05 +03:00
Slavi Pantaleev 1ab507349c Fix self-building for various components on Ansible < 2.8 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
 2021-05-20 08:43:20 +03:00
Slavi Pantaleev 66615c43a3
Merge pull request #1065 from sakkiii/patch-1 
Update grafana (7.5.6->7.5.7)
 2021-05-19 22:07:59 +03:00
Tobias K 3dcbed6353
roles/matrix-grafana: Set root_url in granafa.ini 2021-05-19 19:52:58 +02:00
sakkiii 8529ca4c17
Update grafana (7.5.6->7.5.7) 2021-05-19 22:30:03 +05:30
Slavi Pantaleev 073d920a62
Merge pull request #1061 from sakkiii/ssl_enhancement 
Optimize SSL session
 2021-05-19 17:14:52 +03:00
Toni Spets 544915ff76 Add Heisenbridge 2021-05-19 10:42:21 +03:00
Slavi Pantaleev 21eb39f986 Mention matrix_common_after_systemd_service_start_wait_for_timeout_seconds in failure message 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
 2021-05-19 08:46:13 +03:00
Slavi Pantaleev ee46fabdca Make waiting time for --tags=start configurable 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
 2021-05-19 08:39:55 +03:00
sakkiii e9b878b9e9 Optimize SSL session 2021-05-18 19:39:43 +05:30
Slavi Pantaleev e6afa05f7b Enable OCSP stapling for the federation port 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057

Not sure if this is beneficial though.
 2021-05-18 08:15:42 +03:00
Slavi Pantaleev 57a6a98a50 Fix incorrect SSL certificate path 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
 2021-05-18 07:58:47 +03:00
Slavi Pantaleev b9c4e8ce16
Merge pull request #1057 from sakkiii/ssl_staple 
Enable OCSP Stapling
 2021-05-18 07:50:35 +03:00
sakkiii d31b55b2a7 SSL-enabled block only 2021-05-18 03:24:06 +05:30
rakshazi 400371f6dd
Updated Element version (1.7.27 -> 1.7.28) 2021-05-17 13:15:12 +00:00
Slavi Pantaleev d156c8caa2 Upgrade Synapse (1.33.2 -> 1.34.0) 2021-05-17 14:58:07 +03:00
Slavi Pantaleev e4dd933cf0 Make missing /_synapse/admin correctly return 404 responses 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058

We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.

For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints)
 2021-05-17 11:45:35 +03:00
sakkiii 2c3da6599b Added warning 2021-05-15 16:07:52 +05:30
sakkiii 0dd4459799 matrix_nginx_proxy_ocsp_stapling_enabled variable added 2021-05-15 16:01:49 +05:30
sakkiii c05021640d Enable OCSP Stapling 2021-05-15 15:57:05 +05:30
Aaron Raimist ca361af616
Add Hydrogen 2021-05-15 04:23:36 -05:00
sakkiii b191e461a5 Merge branch 'spantaleev:master' into master 2021-05-15 12:20:02 +05:30
sakkiii 4bd7d8b5e4
Update grafana (7.5.5->7.5.6) 2021-05-14 18:59:21 +05:30
sakkiii d5cd3d443d
Update prometheus (2.26.0->2.27.0) 2021-05-14 18:56:33 +05:30
sakkiii 322b750aad Merge branch 'spantaleev:master' into master 2021-05-14 18:54:47 +05:30
Slavi Pantaleev f481b1a84b Upgrade matrix-mailer (4.94.2-r0 -> 4.94.2-r0-1) 
Related to https://github.com/devture/exim-relay/pull/9
 2021-05-12 18:09:08 +03:00
Slavi Pantaleev 8e6f1876f5 Switch to :latest version of synapse-admin 
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132

We should switch back when >0.8.0 gets released.
 2021-05-11 19:25:12 +03:00
sakkiii 8fc55b30c5
Upgrade Synapse (1.33.1 -> 1.33.2) 
This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation. Server admins are encouraged to upgrade.

Ref: https://github.com/matrix-org/synapse/releases/tag/v1.33.2
 2021-05-11 19:06:30 +05:30
Slavi Pantaleev 2d4b039c55
Merge pull request #1046 from GoMatrixHosting/master 
GoMatrixHosting v0.4.6
 2021-05-11 09:07:48 +03:00
Michael-GMH 2b4bada72a fix conditional 2021-05-11 14:05:45 +08:00
Michael-GMH 0adcef65e6 fix conditional 2021-05-11 13:58:42 +08:00
Michael-GMH f70102e40c no dashes in usernames 2021-05-11 13:55:13 +08:00
Slavi Pantaleev f4657b2cdb Upgrade Element (1.7.26 -> 1.7.27) 2021-05-11 08:22:43 +03:00
Michael-GMH 4e6f6e179b GMH 0.4.6 update 2021-05-10 18:50:10 +08:00
sakkiii 29cf6a0087 Merge branch 'spantaleev:master' into master 2021-05-10 15:10:18 +05:30
Slavi Pantaleev 3dcc006932 Fix self-building for Coturn 
689dcea773 wasn't enough. The `upstream/..` tags are
just upstream sources, without the alpine-based Dockerfile.
We need to use the `docker/..` tags for that (or `master`)

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1032

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
 2021-05-10 11:35:53 +03:00
Slavi Pantaleev 33f0074862 Upgrade matrix-mailer (4.94-r0 -> 4.94.2-r0) 
Related to https://github.com/devture/exim-relay/issues/6
 2021-05-10 11:23:44 +03:00
Slavi Pantaleev c19508087a
Merge pull request #1036 from sakkiii/grafana-csp 
Grafana csp template backward compatible with older browsers
 2021-05-10 10:09:13 +03:00
Slavi Pantaleev a198b87455 Upgrade synapse-admin (0.7.2 -> 0.8.0) 
Related to https://github.com/Awesome-Technologies/synapse-admin/issues/132
 2021-05-10 10:06:12 +03:00
Slavi Pantaleev 867ebb52ab
Merge pull request #1037 from pushytoxin/jitsi-5765-1 
Update Jitsi (5142 -> 5765-1)
 2021-05-08 12:35:29 +03:00
sakkiii bb0810302d Merge branch 'spantaleev:master' into master 2021-05-07 23:03:55 +05:30
Slavi Pantaleev 61220ea487 Upgrade Synapse (1.33.0 -> 1.33.1) 2021-05-06 20:47:09 +03:00
sakkiii 9174448e5e get rid of this {% else %} 2021-05-06 12:46:17 +05:30
sakkiii 0d5fe2d9f7
Update roles/matrix-grafana/templates/grafana.ini.j2 
Co-authored-by: Aaron Raimist <aaron@raim.ist>
 2021-05-06 12:38:40 +05:30
Béla Becker b10655ebb1 Jitsi XMPP Websocket support 
Jitsi-meet enabled websockets by default, claiming better reliability.
Matrix-nginx-proxy configuration has been set up according to the
Prosody documentation: https://prosody.im/doc/websocket
 2021-05-05 19:10:58 +02:00
Béla Becker 116bcaa13b Update jitsi to stable-5765-1 
Changelog:
https://github.com/jitsi/docker-jitsi-meet/blob/stable-5765-1/CHANGELOG.md
 2021-05-05 19:10:58 +02:00
sakkiii 37de7fc96a Updated Reference 2021-05-05 22:25:38 +05:30
sakkiii 303de935d5 grafana CSP backward compatible with older browsers 2021-05-05 22:12:56 +05:30
Slavi Pantaleev d4d1e2e922 Upgrade Synapse (1.32.2 -> 1.33.0) 2021-05-05 19:18:53 +03:00
Slavi Pantaleev b09a805939
Merge pull request #1031 from thedanbob/nginx-1.20.0 
Update nginx (1.19.10 -> 1.20.0)
 2021-05-04 10:41:02 +03:00
Slavi Pantaleev 6fdc71c40b
Merge pull request #1030 from thedanbob/grafana-7.5.5 
Update grafana (7.5.4 -> 7.5.5)
 2021-05-04 10:40:21 +03:00
Dan Arnfield cfaa3e598a Update nginx (1.19.10 -> 1.20.0) 2021-05-03 16:00:11 -05:00
Dan Arnfield bec5933db4 Update grafana (7.5.4 -> 7.5.5) 2021-05-03 15:57:06 -05:00
Michael-GMH 067b61e779 GoMatrixHosting v0.4.5 update 2021-04-29 08:06:45 +08:00
Slavi Pantaleev 2409c33ea2 Upgrade Element (1.7.25 -> 1.7.26) 2021-04-27 17:21:31 +03:00
benkuly 49cb2635a2
updated matrix-sms-bridge 2021-04-27 14:39:58 +02:00
Michael-GMH a14bf6c2ed GoMatrixHosting v0.4.4 update 2021-04-26 20:00:32 +08:00
Slavi Pantaleev 689dcea773 Fix self-building for Coturn 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1023

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1009
 2021-04-24 20:31:25 +03:00
sakkiii 40fe6bd5c1 variable matrix_nginx_proxy_hsts_preload_enable added 2021-04-24 20:04:20 +05:30
Slavi Pantaleev 389dc26615 Fix Synapse generic worker balancing 
Potentially fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1022
 2021-04-24 11:52:45 +03:00
sakkiii 5b4fdf9b87 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy 2021-04-24 12:15:34 +05:30
sakkiii 0ccf0fbf1c HSTS preload + X-XSS enables 
**HSTS Preloading:**
In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts) includes all subdomains, and indicates a willingness to be “preloaded” into browsers:
`Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`

**X-Xss-Protection:**
`1; mode=block` which tells the browser to block the response if it detects an attack rather than sanitising the script.
 2021-04-24 12:12:34 +05:30
sakkiii 3564635f0f
Merge branch 'master' into master 2021-04-24 11:46:52 +05:30
sakkiii 29bba5161b Element More security headers 
More Production ready nginx headers for Matrix client element.
 2021-04-24 11:10:40 +05:30
Slavi Pantaleev f6b371164c Remove useless variable 2021-04-23 07:07:18 +03:00
Slavi Pantaleev 62c0587b6a Use Alpine-based Coturn 2021-04-22 15:05:37 +03:00
Slavi Pantaleev 72a7cb4145
Merge pull request #1018 from GoMatrixHosting/master 
GoMatrixHosting v0.4.3
 2021-04-22 14:23:30 +03:00
Slavi Pantaleev e3fa3e12bc Upgrade Synapse (1.31 -> 1.32.2) 2021-04-22 14:22:07 +03:00
Michael-GMH 50d7209c5b GMH v04.3 2021-04-22 11:45:59 +08:00
Slavi Pantaleev 378fabf177 Revert "Upgrade Synapse (1.31 -> 1.32.1)" 
This reverts commit 1fb54a37cb.

Seems like it's been pulled or something. It used to exist, but not
anymore. Not sure what's going on.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1017

Related to
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
 2021-04-21 23:36:58 +03:00
Slavi Pantaleev 1fb54a37cb Upgrade Synapse (1.31 -> 1.32.1) 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
 2021-04-21 18:47:15 +03:00
Slavi Pantaleev d691cc0920 Move variable definition a bit 2021-04-21 13:59:20 +03:00
Slavi Pantaleev e00ef04b57 Add opt-out-of-FLoC headers by default 2021-04-21 13:58:24 +03:00
Slavi Pantaleev 42783972fd
Merge pull request #1011 from aaronraimist/synapse-admin 
Upgrade synapse-admin (0.7.0 -> 0.7.2)
 2021-04-21 09:24:30 +03:00
Slavi Pantaleev ca786cc343 Revert "Upgrade Synapse (1.31 -> 1.32)" 
This reverts commit f825c7c263.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1010
 2021-04-20 23:40:55 +03:00
Aaron Raimist bb64b80697
Upgrade synapse-admin (0.7.0 -> 0.7.2) 2021-04-20 15:14:08 -05:00
Slavi Pantaleev f825c7c263 Upgrade Synapse (1.31 -> 1.32) 2021-04-20 17:47:34 +03:00
Slavi Pantaleev 7eda6a3c12
Merge pull request #1009 from thedanbob/coturn-official 
Switch to official coturn image
 2021-04-19 18:41:17 +03:00
Slavi Pantaleev adcecaffaf Fix connectivity between prometheus and prometheus-node-exporter 
Expected to have regressed after https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1008

This patch comes with its own downsides (as described in the comments
for matrix_prometheus_node_exporter_container_http_host_bind_port),
but at least there's:
- no security issue
- metrics remain readable from matrix-prometheus (even if the network metrics are inaccurate)

A better patch is certainly welcome.
 2021-04-19 18:29:03 +03:00
Dan Arnfield b2ca1f2829 Add capability required by new image 2021-04-19 10:16:26 -05:00
Slavi Pantaleev 398b9f5d66
Merge pull request #1008 from sakkiii/master 
security** node-exporter data & port publicly exposed
 2021-04-19 17:31:00 +03:00
Dan Arnfield 29177d4922 Switch to official coturn docker image 2021-04-19 09:04:08 -05:00
sak 88a30fb5ed security** node-exporter data & port publicly exposed 2021-04-19 15:35:23 +05:30
sak 0f9a455719 Revert "security** node-exporter data & port publicly exposed" 
This reverts commit d0cd709c08.
 2021-04-19 15:24:36 +05:30
sak d0cd709c08 security** node-exporter data & port publicly exposed 2021-04-19 15:15:59 +05:30
Slavi Pantaleev 4a1739f604
Merge pull request #1007 from teutat3s/fix/nginx-dont-send-version 
Don't expose nginx version with each response
 2021-04-18 21:33:11 +03:00
teutat3s 2bf7c26cfa
Don't expose nginx version with each response 2021-04-18 16:24:13 +02:00
Slavi Pantaleev c565e72f0d
Merge pull request #1003 from sakkiii/patch-2 
updated matrix_grafana_docker_image to v7.5.4
 2021-04-18 09:56:12 +03:00
Slavi Pantaleev 51b46697c5
Merge pull request #1005 from sakkiii/master 
Improve security for grafana
 2021-04-18 09:50:59 +03:00
Dan Arnfield f04614a993 Fix prometheus network for ansible < 2.8 2021-04-17 20:15:26 -05:00
Slavi Pantaleev badd81e0ec Revert "Attempt to fix docker_network result discrepancy between Ansible versions" 
This reverts commit 68ca81c8c2.
 2021-04-17 19:31:20 +03:00
sakkiii 1958d0792d Update matrix-client-element.conf.j2 2021-04-17 21:33:07 +05:30
sakkiii b6d45c5fd8 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy 2021-04-17 21:03:26 +05:30
sakkiii 05042f5ff1 Improve security grafana 
- duplicate X-Content-Type-Options
- X-Frame-Options header
- Referrer-Policy [Might consider adding variable]
- Secure flag with cookies
- matrix_grafana_content_security_policy variable for [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy)
 2021-04-17 21:03:05 +05:30
sakkiii 27377e099d
updated matrix_grafana_docker_image to v7.5.4 
Latest stable grafana version is [7.5.4 (2021-04-14)](https://github.com/grafana/grafana/releases/tag/v7.5.4)
 2021-04-17 17:31:14 +05:30
Slavi Pantaleev 68ca81c8c2 Attempt to fix docker_network result discrepancy between Ansible versions 
Supposedly fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/907
 2021-04-17 11:42:06 +03:00
Slavi Pantaleev 9c1f41eadf
Merge pull request #1002 from thedanbob/node-exporter-1.1.2 
Update prometheus node exporter (1.1.0->1.1.2)
 2021-04-17 11:15:13 +03:00
Dan Arnfield 8a550ce67c Update prometheus (2.24.1->2.26.0) 2021-04-16 09:25:45 -05:00
Dan Arnfield 83cc5c9e6a Update prometheus node exporter (1.1.0 -> 1.1.2) 2021-04-16 09:17:04 -05:00
sakkiii 5dc642ace1
Nginx element web: XSS protection & nosniff header 
X-XSS-Protection: 1; mode=block; header, for basic XSS protection in legacy browsers.
X-Content-Type-Options: nosniff header, to disable MIME sniffing
 2021-04-16 14:45:04 +05:30
Slavi Pantaleev fcb9e9618a Make Coturn TLSv1/v1.1 configurable 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/999
 2021-04-16 09:29:32 +03:00
sakkiii 540416e32d
Disable support for TLS 1.0 and TLS 1.1 
These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.
 2021-04-15 19:25:23 +05:30
Michael-GMH 89cb5a3d7a GMH v0.4.2 update 2021-04-15 17:07:03 +08:00
Michael f41bfb69d2 update survey template formatting 2021-04-04 12:01:53 +08:00
Michael 814bdf5a88 update spelling 2021-04-04 11:52:26 +08:00
Michael fbe22289bd merge with upstream and testing branch 2021-04-04 11:41:06 +08:00
Slavi Pantaleev 995c483856
Merge pull request #962 from aaronraimist/mjolnir 
Add mjolnir
 2021-04-03 10:45:29 +03:00
Slavi Pantaleev f183add44d
Merge pull request #977 from aaronraimist/simple-antispam 
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3)
 2021-04-03 08:45:14 +03:00
Aaron Raimist 81dddd2e25
Upgrade Element (1.7.24 -> 1.7.24.1) 2021-04-02 18:43:30 -05:00
Aaron Raimist c43bd412dd
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3) 2021-04-02 18:08:08 -05:00
Aaron Raimist 1ecee625d5
Depend on more services, add a delay 2021-04-02 17:07:24 -05:00
Slavi Pantaleev a88391edf5
Merge pull request #972 from JohannesKleine/nginx-config 
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
 2021-03-31 10:30:57 +03:00
teutat3s 0b5e903693
Updates to mautrix-signal config 
See these last commits:

tulir/mautrix-signal@4fc34330c1

tulir/mautrix-signal@64bc5c36a5

tulir/mautrix-signal@ddda1666d4
 2021-03-31 02:51:23 +02:00
Christoph Johannes Kleine fcd66b2889
rename variables 2021-03-30 16:41:32 +02:00
Christoph Johannes Kleine 8ba1105010
rename variable 2021-03-30 15:59:10 +02:00
Christoph Johannes Kleine 3a772f2f65
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2 2021-03-30 14:11:20 +02:00
Slavi Pantaleev 93960b70be Do not fail if _matrix-identity DNS SRV record missing 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/963

This also simplifies Prerequisites, which is great.

It'd be nice if we were doing these checks in some optional manner
and reporting them as helpful messages (using
`matrix_playbook_runtime_results`), but that's more complicated.
I'd rather drop these checks completely.
 2021-03-30 11:24:04 +03:00
Slavi Pantaleev 5e1cf7f8b9 Upgrade Element (1.7.23 -> 1.7.24) 2021-03-29 17:58:02 +03:00
Slavi Pantaleev 9409588513 Fix variable name typo (take 2) 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
 2021-03-29 10:59:57 +03:00
Slavi Pantaleev 179b416ed5 Fix variable name typo 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
 2021-03-29 09:24:35 +03:00
Slavi Pantaleev 77d598b315 Fix Go-NEB variable definitions using the wrong type 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/969
 2021-03-28 12:10:22 +03:00
Slavi Pantaleev 49868db3de Upgrade Synapse for ARM64 (1.30.0 -> 1.30.1) 2021-03-26 16:48:15 +02:00
Slavi Pantaleev 94487dc6a7 Upgrade Synapse for amd64 (1.30.0 -> 1.30.1) 2021-03-26 15:37:11 +02:00
transcaffeine dbae18fd6a
feat: push ephemeral events to appservices 
This adds https://github.com/matrix-org/matrix-doc/pull/2409 to the
appservice registrations, enabling synapse to push EDUs to appservices.
 2021-03-25 18:49:54 +01:00
Dan Arnfield 97d8527e00 Update nginx (1.19.6 -> 1.19.8) 2021-03-24 09:42:08 -05:00
Slavi Pantaleev 5a4ea5f866 Make AWX enabling/disabling consistent with other playbook roles 
That is:
- enabled in the role by default
- disabled in the compilation (playbook), if considered an optional
component
 2021-03-24 14:02:53 +02:00
Aaron Raimist bab8b950ca
Add mjolnir 2021-03-23 22:46:08 -05:00
Slavi Pantaleev 06c74728eb Move matrix_nginx_proxy_proxy_synapse_federation_api_enabled definition to the role 
This variable was previously undefined in the role and was only getting
defined via `group_vars/matrix_servers`.

We now properly initialize it (and its good default value) in the role
itself.
 2021-03-23 10:28:32 +02:00
Slavi Pantaleev d09609daa8 Fix Jinja2 syntax error 
Fixes a regression introduced in ffe649a240
 2021-03-22 17:13:10 +02:00
Slavi Pantaleev 6a3433fbad Update Synapse for ARM64 (1.29.0 -> 1.30.0) 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
 2021-03-22 16:43:23 +02:00
Slavi Pantaleev ffe649a240 Update homeserver.yaml to keep up with Synapse v1.30.0 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
 2021-03-22 16:43:10 +02:00
rakshazi 74106f2a80
Updated synapse 1.29.0 -> 1.30.0 2021-03-22 14:03:42 +00:00
Thom Wiggers 54fe59f05c
Update IRC appservice 2021-03-22 12:37:35 +01:00
Slavi Pantaleev 2737ebc290 Complain if people try to use matrix-sygnal on non-amd64 2021-03-20 13:38:27 +02:00
Slavi Pantaleev b824522b33 Remove unnecessary with_items statement 2021-03-20 13:34:22 +02:00
Slavi Pantaleev 9a0222fa47 Add Sygnal support 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/683
 2021-03-20 13:32:22 +02:00
Michael af240aef37 remove sections from task list that arent needed 2021-03-20 17:35:30 +08:00
Michael 85127bacba Merge remote-tracking branch 'upstream/master' 2021-03-20 17:21:27 +08:00
Michael 1e54b1d1a5 merge upstream 2021-03-20 17:21:02 +08:00
Slavi Pantaleev f99dcd611f Pass proper UID/GID to Synapse 
Fixes a regression caused by a5ee39266c.

If the user id and group id were different than 991:991
(which used to be a hardcoded default for us long ago),
there was a mismatch between what Synapse was trying to use (991:991)
and what it was actually started with (in `--user=..`). It was then
trying to change ownership, which was failing.

This was mostly affecting newer installations which were not using the
991:991 defaults we had long ago (since a1c5a197a9).
 2021-03-19 16:44:10 +02:00
Slavi Pantaleev a5ee39266c Go through start.py when launching Synapse 
This allows us to benefit from helpful things it does for us,
like enabling jemalloc: https://github.com/matrix-org/synapse/pull/8553

We weren't going through `start.py` before, because it was causing some
conflict with our `docker run --user=...` stuff, but it doesn't seem
to be a problem anymore.

Having done this, we won't need to do things like
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/941
anymore.
 2021-03-19 08:16:59 +02:00
Aaron Raimist 32b3650c12
Set X-Forwarded-Proto on federation requests 2021-03-17 18:51:10 -05:00
Béla Becker 2d7e7680e5 matrix.{{ matrix_domain }} -> {{ matrix_server_fqn_matrix }} 2021-03-17 12:36:45 +01:00
Aaron Raimist 466827139a
Also check if matrix_ssl_lets_encrypt_support_email is blank 2021-03-17 00:54:05 -05:00
Slavi Pantaleev 97c0bf1a73
Merge pull request #942 from pushytoxin/etherpad1_8_12 
Upgrade Etherpad (1.8.7 -> 1.8.12)
 2021-03-16 20:07:34 +02:00
Béla Becker 60aa40845f Upgrade Etherpad (1.8.7 -> 1.8.12) 2021-03-16 18:55:58 +01:00
Yannick Goossens 27416607d9 Another field with 'invalid input syntax for type smallint' 2021-03-16 16:38:59 +01:00
Michael 5a6bdb0c3d merge upstream 2021-03-16 21:52:26 +08:00
Michael 571b70a1f4 fix for running outside of AWX 2021-03-16 21:37:19 +08:00
Michael 5a1f3b7d67 GMH v0.3.0 2021-03-14 14:35:38 +08:00
Michael 33ec5710d9 0.2.1 revision 2021-02-28 22:21:40 +08:00
Michael 4c882c513b initial PR 2021-02-20 17:19:17 +08:00
Marcus Proest 2ca8211184 Merge remote-tracking branch 'upstream/master' 2021-02-19 19:02:48 +01:00
Marcus Proest b99372a3c5 initial commit of mautrix-instagram role 2021-02-19 17:20:26 +01:00
Slavi Pantaleev 108aed53be Fix invalid matrix-postgres.service when matrix_postgres_process_extra_arguments is empty 
This only seems to be affecting some people badly enough to cause
matrix-postgres not to start. Certain systemd versions probably handle
it better or something.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/889
(hopefully)
 2021-02-19 16:33:23 +02:00
Slavi Pantaleev 1dbdfeec07 Fix matrix-postgres stopping for consistency with other services 
This probably got lost somehow in all the work that happened in
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
 2021-02-19 15:53:30 +02:00
Slavi Pantaleev 9f91eaa54b Fix incorrect service name 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/887
 2021-02-19 12:12:21 +02:00
Slavi Pantaleev 91c987ca7d
Merge pull request #872 from xangelix/add-mx-puppet-groupme-gh 
Add mx-puppet-groupme support
 2021-02-19 11:42:41 +02:00
Slavi Pantaleev d94d0e2ca5
Merge pull request #456 from eMPee584/synapse-workers 
Synapse workers
 2021-02-19 11:40:36 +02:00
Slavi Pantaleev 9dc87bb948 Add Synapse worker presets for easier configuration 
Adding more presets in the future would be nice.
 2021-02-19 11:38:47 +02:00
Slavi Pantaleev eaea215282 Allow Synapse workers to be used with an external nginx webserver 
We're talking about a webserver running on the same machine, which
imports the configuration files generated by the `matrix-nginx-proxy`
in the `/matrix/nginx-proxy/conf.d` directory.

Users who run an nginx webserver on some other machine will need to do
something different.
 2021-02-19 11:36:48 +02:00
Slavi Pantaleev 2f732e4234 Update Synapse worker endpoints 2021-02-19 11:36:14 +02:00
Slavi Pantaleev 217b4a8808 Release Synapse v1.27.0 to ARM32 via self-building 
Related to: https://matrix.org/blog/2021/02/18/synapse-1-27-0-released#dropping-armv7-docker-images
 2021-02-19 09:10:16 +02:00
Béla Becker 65eab14a64 Make sure Etherpad has a database to write to 2021-02-18 17:43:14 +01:00
Béla Becker 005f4d57f9 Remove mention of sqlite3 support for Etherpad 
The official Etherpad Docker image has no support for sqlite3 databases.
 2021-02-18 17:39:36 +01:00
Slavi Pantaleev 1789620901 Merge branch 'master' into synapse-workers 2021-02-18 18:24:43 +02:00
Slavi Pantaleev d6c4d41c2b Define instanceId property on workers 
This give us the possibility to run multiple instances of
workers that that don't expose a port.

Right now, we don't support that, but in the future we could
run multiple `federation_sender` or `pusher` workers, without
them fighting over naming (previously, they'd all be named
something like `matrix-synapse-worker-pusher-0`, because
they'd all define `port` as `0`).
 2021-02-18 18:19:51 +02:00
rakshazi 996f732f98
Update synapse-admin (0.6.1 -> 0.7.0) 2021-02-18 12:05:21 +00:00
Cody Neiman c4e1209452
Merge branch 'master' into add-mx-puppet-groupme-gh 2021-02-17 13:52:37 -05:00
Slavi Pantaleev d33483b8ce Document that Synapse pusher worker instances are shardable 
Related to:
- https://github.com/matrix-org/synapse/pull/9407
- https://github.com/matrix-org/synapse/pull/7855
 2021-02-16 17:45:41 +02:00
Slavi Pantaleev daae74b074 Merge branch 'master' into synapse-workers 2021-02-16 17:31:40 +02:00
Slavi Pantaleev 521160c12f Upgrade Synapse (v1.26.0 -> v1.27.0) 2021-02-16 17:30:48 +02:00
Slavi Pantaleev 865d71e35a
Upgrade Element (1.7.20 -> 1.7.21) 2021-02-16 13:44:28 +02:00
Marc Leuser fd3d48bb6d trust the reverse proxy by default 2021-02-15 10:50:45 +01:00
Marc Leuser 1434c371bd safer port binding of etherpad docker container 
don't bind to any host port if nginx_proxy is used
only bind to localhost if it's not used
 2021-02-15 10:46:23 +01:00
Slavi Pantaleev 61e427d690 Do not let people enable more than 1 federation_sender worker 2021-02-15 11:37:03 +02:00
Slavi Pantaleev 85a05f38e8 Allow Synapse worker list to be generated dynamically 
This leads to much easier management and potential safety
features (validation). In the future, we could try to avoid port
conflicts as well, but it didn't seem worth the effort to do it now.
Our port ranges seem large enough.

This can also pave the way for a "presets" feature
(similar to `matrix_nginx_proxy_ssl_presets`) which makes it even easier
for people to configure worker counts.
 2021-02-15 11:25:35 +02:00
Slavi Pantaleev 43059bb040 Fix metrics listeners for Synapse workers 
`::` leads to errors like:

> socket.gaierror: [Errno -9] Address family for hostname not supported
 2021-02-15 11:19:07 +02:00