pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
514 commits 2 branches 0 tags 16 MiB
Commit graph

355 commits

Author SHA1 Message Date
Slavi Pantaleev 24cf27c60c Isolate Coturn from services in the default Docker network 
Most (all?) of our Matrix services are running in the `matrix` network,
so they were safe -- not accessible from Coturn to begin with.

Isolating Coturn into its own network is a security improvement
for people who were starting other services in the default
Docker network. Those services were potentially reachable over the
private Docker network from Coturn.

Discussed in #120 (Github Pull Request)
 2019-03-18 17:41:14 +02:00
Slavi Pantaleev c6858d2a08 Define matrix_coturn_turn_external_ip_address in the playbook group vars 
This is more explicit than hiding it in the role defaults.

People who reuse the roles in their own playbook (and not only) may
incorrectly define `ansible_host` to be a hostname or some local address.

Making it more explicit is more likely to prevent such mistakes.
 2019-03-18 17:04:40 +02:00
Stuart Mumford e367a2d0de
Add nulls for quotas as well 2019-03-18 11:58:52 +00:00
Stuart Mumford 9d236c5466
Add defaults for ips 2019-03-18 11:44:40 +00:00
Stuart Mumford c0dc56324a
Add config options to turnserver.conf 2019-03-18 11:18:30 +00:00
Slavi Pantaleev 221703f257
Merge pull request #118 from verb/systemctl 
Use common path for systemctl in lets encrypt cron
 2019-03-17 20:55:40 +02:00
Slavi Pantaleev e65514223e
Merge branch 'master' into update-homeserver-yaml 2019-03-17 20:53:52 +02:00
Slavi Pantaleev 2f1662626e Use |to_json for matrix_synapse_push_include_content 
Doing this for consistency.

Related to #117 (Github Pull Request).
 2019-03-17 20:51:12 +02:00
Aaron Raimist ae912c4529
Update homeserver.yaml with some new options we could enable 2019-03-16 15:51:41 -05:00
Lee Verberne d90bc20690 Use common path for systemctl in lets encrypt cron 
Currently the nginx reload cron fails on Debian 9 because the path to
systemctl is /bin/systemctl rather than /usr/bin/systemctl.

CentOS 7 places systemctl in both /bin and /usr/bin, so we can just use
/bin/systemctl as the full path.
 2019-03-16 20:48:58 +01:00
Lee Verberne 71c7c74b7b Allow configuring push content for matrix-synapse 
This allows overriding the default value for `include_content`. Setting
this to false allows homeserver admins to ensure that message content
isn't sent in the clear through third party servers.
 2019-03-16 07:16:20 +01:00
Lorrin Nelson ceba99eed3 Make federation self-check conditional on matrix_synapse_federation_enabled 2019-03-13 22:33:52 -07:00
Slavi Pantaleev 2d56ff0afa Skip some uninstall tasks if not necessary to run 2019-03-13 07:40:51 +02:00
Slavi Pantaleev b066f8a0d8 Do not try to start matrix-coturn.service if not enabled 2019-03-13 07:36:28 +02:00
Slavi Pantaleev c545d3eb85 Add support for serving base domain via matrix-nginx-proxy 2019-03-12 23:01:16 +02:00
Slavi Pantaleev e645b0e372 Rename matrix_nginx_proxy_data_path to matrix_nginx_proxy_base_path 
`matrix_nginx_proxy_data_path` has always served as a base path,
so we're renaming it to reflect that.

Along with this, we're also introducing a new "data path" variable
(`matrix_nginx_proxy_data_path`), which is really a data path this time.
It's used for storing additional, non-configuration, files related to
matrix-nginx-proxy.
 2019-03-12 23:01:16 +02:00
Plailect f6de3fd668
Start appservice-irc as non-root 2019-03-12 13:17:51 -04:00
Edgars Voroboks 610eef82b5 Add option to enable Dimension widgets serve sites with self signed certs 2019-03-12 12:17:12 +02:00
Edgars Voroboks 1d8fd9792f Fix Matrix homeserver name in Dimension configuration 2019-03-11 20:05:52 +02:00
Slavi Pantaleev 4067e09409 Fix rare YAML parsing problems in Dimension config 
It's been reported that YAML parsing errors
would occur on certain Ansible/Python combinations for some reason.

It appears that a bare `{{ matrix_dimension_admins }}` would sometimes
yield things like `[u'@user:domain.com', ..]` (note the `u` string prefix).

To prevent such problems, we now explicitly serialize with `|to_json`.
 2019-03-10 22:23:06 +02:00
Slavi Pantaleev 6c5cc173b0 Fix permission mode for some files 2019-03-09 21:15:16 +02:00
Slavi Pantaleev ecabe8f814
Merge pull request #107 from NullIsNot0/master 
Implement self-hosted Dimension server
 2019-03-09 20:59:52 +02:00
Edgars Voroboks 5f13a1e50b Generate Dimension config from variable 2019-03-09 19:08:00 +02:00
Edgars Voroboks bcbfc1e838 Make Matrix Federation required and fix internal federationUrl 2019-03-09 10:30:31 +02:00
Edgars Voroboks 27772a6420 Point federationUrl to matrix-synapse container 2019-03-08 22:01:11 +02:00
Edgars Voroboks b2263f811a Disable logging to file. Set console logging to verbose. 2019-03-08 22:00:05 +02:00
Edgars Voroboks 30738d064e Fix errors 2019-03-08 19:14:15 +02:00
Edgars Voroboks 1eb78ca93e Add additional changes for Dimension to work 2019-03-08 15:00:53 +02:00
Slavi Pantaleev 390ec8a599 Skip some tasks when not necessary to run them 2019-03-08 12:14:58 +02:00
Sylvia van Os 93992f7756
Fix indenting of generators value 2019-03-08 10:50:51 +01:00
Slavi Pantaleev 62e2acada5
Merge pull request #104 from dangersalad/master 
allow exposing mautrix_telegram port
 2019-03-08 08:50:05 +02:00
paulbdavis 17e86ba817 implement requested changes 2019-03-07 12:45:58 -07:00
Sylvia van Os 8cc420da15
Upgrade riot-web to v1.0.3 2019-03-07 13:53:33 +01:00
Sylvia van Os f297ff506b Explain how to set the template variables 2019-03-07 13:34:07 +01:00
Sylvia van Os 0cd8b99b00 Add support for custom MXISD templates 2019-03-07 13:28:00 +01:00
Edgars Voroboks 9735a2f600 Implement self-hosted Dimension server 2019-03-07 07:22:08 +02:00
Slavi Pantaleev aae8757027 Update coturn (4.5.1.0 -> 4.5.1.1) 2019-03-06 19:59:40 +02:00
Slavi Pantaleev 85c5adfd69 Minor consistency improvements 2019-03-05 09:20:36 +02:00
Slavi Pantaleev a310a01818 Use non-root and no-capability containers during Discord setup 
Related to #105 (Github Pull Request).
 2019-03-05 09:10:51 +02:00
Slavi Pantaleev f037f63a07
Merge pull request #105 from Lionstiger/matrix-discord-bridge 
Add Support for matrix-appservice-discord
 2019-03-05 06:39:46 +00:00
Lionstiger c2834d2226 running as matrix user from the start 2019-03-04 16:26:19 +01:00
Lionstiger 278484656b ensure systemd reloaded after bridge installation 2019-03-04 15:12:37 +01:00
Lionstiger 2d78c5f89d made matrix_appservice_discord_client_id lowercase 2019-03-04 15:11:06 +01:00
Lionstiger 7aadd8bbe9 undo changed synapse version 2019-03-03 19:55:56 +01:00
Lionstiger 4aeeb5cf31 Autogenerate Discord invite link 
Generates the link required to add the Bridge to a Discord server.
 2019-03-03 19:33:16 +01:00
Lionstiger 835c349275 Add matrix-appservice-discord bridge 
Bridge is setup to work on the matrix side with this, but the discord invite link is not automatically generated.
 2019-03-03 18:22:52 +01:00
Slavi Pantaleev 6f6dff3e2b Update some Docker images 2019-03-03 12:27:43 +02:00
Slavi Pantaleev 45618679f5 Reload systemd services when they get updated 
Fixes #69 (Github Issue)
 2019-03-03 11:55:15 +02:00
Slavi Pantaleev 041a1947b3 Update Synapse (0.99.1.1 -> 0.99.2) 2019-03-02 10:03:09 +02:00
paulbdavis f2a2cad107 allow exposing mautrix_telegram port 2019-03-01 16:05:01 -07:00