sakkiii
897c982517
prometheus security update 2.27.1
2021-05-30 14:32:51 +05:30
pushytoxin
bee14550ab
Fix local/bin scripts autocompletion by adding rx perms to everyone
...
It's mildly annoying when trying to execute these scripts while logged
in as a regular user, as the missing execute permissions will hinder
autocompletion even when trying to use with sudo.
These shell scripts don't contain secrets, but may fail when ran by a
regular user. The failure is due to the lack of access to the /matrix
directory, and does not result in any damage.
2021-05-28 10:39:27 +02:00
Slavi Pantaleev
4880dcceb0
Fix OCSP-stapling-related errors due to missing resolver
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-28 11:14:33 +03:00
Raymond Coetzee
4e2780ff88
Add support for a prometheus postgres exporter
...
This commit introduces a new role that downloads and installs the
prometheus community postgres exporter https://github.com/prometheus-community/postgres_exporter .
A new credential is added to matrix_postgres_additional_databases that
allows the exporter access to the database to gather statistics.
A new dashboard was added to the grafana role, with some refactoring
to enable the dashboard only if the new role is enabled.
I've included some basic instructions for how to enable the role in
the Docs section.
In terms of testing, I've tested enabling the role, and disabling
it to make sure it cleans up the container and systemd role.
2021-05-27 20:13:29 +01:00
Jez Cope
a8dbd93f61
Check irc service is present before stopping it
2021-05-26 20:41:52 +01:00
Thom Wiggers
af4bd50c2a
Update IRC appservice
2021-05-26 11:04:47 +02:00
Slavi Pantaleev
b3351d2a53
Merge pull request #1083 from haghighi-ahmad/active-directory-support-for-ldap_auth_provider
...
Synapse LDAP auth: add support for Active Directory
2021-05-26 10:53:27 +03:00
Slavi Pantaleev
661bf89223
Merge pull request #1086 from hidraulicChicken/mjolnir_antispam
...
Mjolnir antispam
2021-05-26 10:52:27 +03:00
Slavi Pantaleev
d61fe94bae
Fix incorrect path in Mjolnir uninstallation tasks
2021-05-26 10:52:15 +03:00
rakshazi
4ddd8bbb84
Updated nginx-proxy (1.20.0 -> 1.21.0)
2021-05-25 17:06:39 +00:00
BG
763952395b
Adding mjolnir antispam synapse modul.
2021-05-25 16:43:30 +02:00
Slavi Pantaleev
bca37aba1e
Merge pull request #1085 from GoMatrixHosting/master
...
GoMatrixHosting v0.4.7
2021-05-25 16:28:40 +03:00
Michael-GMH
6f40d78353
fix random edits to upstream
2021-05-25 21:25:40 +08:00
Slavi Pantaleev
36910348cf
Switch synapse-admin to tagged release (0.8.1)
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1084
2021-05-25 16:21:11 +03:00
Michael-GMH
ea6e344d05
merge upstream
2021-05-25 21:10:34 +08:00
Michael-GMH
85777e8f96
merge with upstream
2021-05-25 21:08:00 +08:00
Ahmad Haghighi
209d59070e
Avoiding if(s), fix #1083
...
Conversation: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1083#discussion_r638671860
Signed-off-by: Ahmad Haghighi <haghighi@fedoraproject.org>
2021-05-25 15:41:58 +04:30
Ahmad Haghighi
ee088d5d46
Synapse LDAP auth: add support for Active Directory
...
Signed-off-by: Ahmad Haghighi <haghighi@fedoraproject.org>
2021-05-25 15:36:41 +04:30
Slavi Pantaleev
1ed0857019
Fix syntax error
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
2021-05-25 11:45:17 +03:00
sakkiii
4a4a7f136e
changes added to hydrogen client
2021-05-25 11:42:51 +05:30
sakkiii
25e67b51d1
Merge branch 'spantaleev:master' into master
2021-05-25 11:40:56 +05:30
sakkiii
3436f9c10a
rename to matrix_nginx_proxy_hsts_preload_enabled
2021-05-25 00:56:59 +05:30
Slavi Pantaleev
0648b1b618
Upgrade Element (1.7.28 -> 1.7.29)
2021-05-24 20:38:48 +03:00
sakkiii
7cc5328ede
Comments & Ref
2021-05-24 17:20:54 +05:30
sakkiii
df2d91970d
matrix_nginx_proxy_xss_protection
2021-05-24 17:02:47 +05:30
Slavi Pantaleev
d4c7a90b5c
Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility
...
Allow Jitsi XMPP websocket support for users using own webserver.
2021-05-24 11:07:05 +03:00
ewang
409cd2b9a3
Source port binding from group vars in line other components
2021-05-23 14:06:18 +02:00
Eagle-251
ef6a7e051c
Fix missing port binding.
2021-05-22 15:55:50 +02:00
ewang
1bb6ed97ae
Make port bindings default for those disabling nginx proxy
...
I changed the conditional statement in prosody systemd template to bind the localhost port by default if people have set ```matrix_nginx_proxy_enabled == false ```.
Hopefully that should make it the default behaviour now.
2021-05-22 15:53:42 +02:00
Aaron Raimist
3c0452ff5a
Remove unnecessary bind for config.json, use proper nginx.conf
2021-05-21 17:22:40 -05:00
ewang
4a772e50f4
Allow Jitsi XMPP webscoket support for users using own webserver.
...
Added:
- Conditional localhost Port bindings for Jitsi Prosody systemd template
- Added variable to main.yml to allow overriding from vars.yml
2021-05-21 15:26:06 +02:00
Slavi Pantaleev
6f80292745
Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-21 13:40:37 +03:00
Slavi Pantaleev
d0de21ab34
Delete Hydrogen nginx configuration file when disabled
2021-05-21 12:58:32 +03:00
Aaron Raimist
ac4ede20af
Add docs
2021-05-21 04:43:04 -05:00
Aaron Raimist
1633f61018
Only install config.json when self building
2021-05-21 04:23:06 -05:00
Aaron Raimist
04548f8df2
Merge branch 'master' into hydrogen
2021-05-21 04:09:18 -05:00
Aaron Raimist
9437f78c9e
Build using custom config.json, add CSP, update to 0.1.53
2021-05-21 03:45:21 -05:00
Slavi Pantaleev
47b4608b96
Fail in a friendlier way when trying to self-build on Ansible <= 2.8
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
Related discussion here: 1ab507349c (commitcomment-51108407)
2021-05-21 11:15:05 +03:00
Slavi Pantaleev
1ab507349c
Fix self-building for various components on Ansible < 2.8
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
2021-05-20 08:43:20 +03:00
Slavi Pantaleev
66615c43a3
Merge pull request #1065 from sakkiii/patch-1
...
Update grafana (7.5.6->7.5.7)
2021-05-19 22:07:59 +03:00
Tobias K
3dcbed6353
roles/matrix-grafana: Set root_url in granafa.ini
2021-05-19 19:52:58 +02:00
sakkiii
8529ca4c17
Update grafana (7.5.6->7.5.7)
2021-05-19 22:30:03 +05:30
Slavi Pantaleev
073d920a62
Merge pull request #1061 from sakkiii/ssl_enhancement
...
Optimize SSL session
2021-05-19 17:14:52 +03:00
Toni Spets
544915ff76
Add Heisenbridge
2021-05-19 10:42:21 +03:00
Slavi Pantaleev
21eb39f986
Mention matrix_common_after_systemd_service_start_wait_for_timeout_seconds in failure message
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:46:13 +03:00
Slavi Pantaleev
ee46fabdca
Make waiting time for --tags=start configurable
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1062
2021-05-19 08:39:55 +03:00
sakkiii
e9b878b9e9
Optimize SSL session
2021-05-18 19:39:43 +05:30
Slavi Pantaleev
e6afa05f7b
Enable OCSP stapling for the federation port
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
Not sure if this is beneficial though.
2021-05-18 08:15:42 +03:00
Slavi Pantaleev
57a6a98a50
Fix incorrect SSL certificate path
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-18 07:58:47 +03:00
Slavi Pantaleev
b9c4e8ce16
Merge pull request #1057 from sakkiii/ssl_staple
...
Enable OCSP Stapling
2021-05-18 07:50:35 +03:00