Commit graph

795 commits

Author SHA1 Message Date
Slavi Pantaleev 9a33e5c7ad Make it possible to control Coturn ports and listen interfaces
Related to #330 (Github Issue).
2019-12-20 12:21:43 +02:00
Slavi Pantaleev 89dbe5cfc5 Add the ability to control the certbot HTTP bind port
Fixes #330 (Github Issue).
2019-12-19 09:07:24 +02:00
Slavi Pantaleev b09f5a783b Upgrade Synapse (1.7.0 -> 1.7.1) 2019-12-18 12:15:52 +02:00
Slavi Pantaleev a78002f12b Upgrade certbot (0.40.1 -> 1.0.0) 2019-12-13 14:52:29 +02:00
Slavi Pantaleev d69ddcfdac Upgrade Synapse (1.6.1 -> 1.7.0) 2019-12-13 14:52:29 +02:00
Daniel Løvbrøtte Olsen 3f7af3ef3f
Expose self service bridging in matrix_appservice_discord
This allows for users to bridge already existing matrix rooms to discord
2019-12-11 14:47:44 +01:00
Slavi Pantaleev 8cd51ad1ab
Merge pull request #322 from aaronraimist/integrations-manager-well-known
Implement MSC1957: Integration manager discovery
2019-12-10 11:00:29 +02:00
Aaron Raimist 2ea507e2ea
Don't make it Dimension specific 2019-12-09 22:23:56 -06:00
Slavi Pantaleev 783ed766f0 Upgrade riot-web (1.5.5 -> 1.5.6) 2019-12-09 14:05:04 +02:00
Yuri Moens 0866f98957 Render vhost directives in https server block 2019-12-08 00:58:32 +01:00
Slavi Pantaleev ca3b158d94 Add support to matrix-nginx-proxy to work in HTTP-only mode 2019-12-06 11:53:15 +02:00
Aaron Raimist fe932273aa
Implement MSC1957: Integration manager discovery
https://github.com/matrix-org/matrix-doc/pull/1957

Yay Riot iOS now supports integration manager discovery!
2019-12-05 17:32:51 -06:00
Aaron Raimist 79d1576648
Allow Synapse manhole to be enabled
Can you double check that the way I have this set only exposes it locally? It is important that the manhole is not available to the outside world since it is quite powerful and the password is hard coded.
2019-12-05 00:07:15 -06:00
Slavi Pantaleev 1ec7cd898d Upgrade matrix-corporal (1.7.0 -> 1.7.1) 2019-12-04 14:52:11 +02:00
Slavi Pantaleev 163a1b4294
Merge pull request #318 from benkuly/master
Add telegram relay bot feature to playbook
2019-12-03 12:02:46 +02:00
Slavi Pantaleev ce1ce03b3d Upgrade matrix-corporal (1.6.0 -> 1.7.0) 2019-12-03 11:51:01 +02:00
benkuly e23be75f6d
added vars for bot token in telegram bridge 2019-11-30 08:33:32 +01:00
Slavi Pantaleev 25dc53c34a Switch riot-web image (bubuntux/riot-web -> vectorim/riot-web)
Switching to the official image (vectorim/riot-web) should ensure:
- there's less breakage, as it's maintained by the same team as riot-web
- there's fewer actors we need to trust
- we can upgrade riot-web faster, as newer versions should be released
on Docker hub at the same time riot-web releases are made
2019-11-29 10:11:48 +02:00
Slavi Pantaleev b55198836a Upgrade riot-web (1.5.4 -> 1.5.5) 2019-11-28 14:18:49 +02:00
Slavi Pantaleev b8baf1356e Upgrade Synapse (1.6.0 -> 1.6.1) 2019-11-28 13:59:42 +02:00
Dan Arnfield fda16c17f5 Update riot-web (1.5.3 -> 1.5.4) 2019-11-26 08:44:00 -06:00
Slavi Pantaleev 0c51440426 Update Synapse to v1.6.0 2019-11-26 16:28:17 +02:00
Dan Arnfield 24646dc506 Update nginx (1.17.5 -> 1.17.6) 2019-11-21 09:38:59 -06:00
Dan Arnfield 4a60f385d1 Update postgres versions (12.0 -> 12.1, etc) 2019-11-21 09:38:37 -06:00
Slavi Pantaleev 4cc6cdf6f3
Merge pull request #314 from aaronraimist/well-known-client-no-identity
Remove identity server section from .well-known/matrix/client if there is no identity server
2019-11-21 11:59:46 +02:00
Aaron Raimist 9ab68a3cb4
Remove identity server section from .well-known/matrix/client if there is no identity server
Riot used to be fine with it being blank but now it complains. This creates an ugly looking comma when there is an identity server configured but I guess that's fine.
2019-11-20 16:05:16 -06:00
Slavi Pantaleev f348370f15
Remove unnecessary update_cache directive / Debian
We've just updated it in the task above, so it's unnecessary
2019-11-19 09:22:41 +02:00
Slavi Pantaleev c88c0e7e87
Remove unnecessary update_cache directive / CentOS
We've just updated it in the task above, so it's unnecessary
2019-11-19 09:22:14 +02:00
Dan Arnfield 960088752c Add matrix_docker_package_name 2019-11-18 11:29:14 -06:00
Dan Arnfield 80cfb2a93e Add matrix_docker_installation_enabled 2019-11-18 11:20:01 -06:00
Dan Arnfield 3cec6947ed Refactor base server setup tasks 2019-11-18 11:11:56 -06:00
Hardy Erlinger eb7391d373 Fix: Restrict a Debian-specific task to Debian OS.
Since commit b9753635 the task 'Ensure docker-ce is installed (Debian)' fails with an error on CentOS although it should not even run on this OS.
2019-11-16 14:53:42 +01:00
Dan Arnfield b975363530 Don't install docker-ce if docker.io is installed 2019-11-15 14:56:42 -06:00
Dan Arnfield 140002ed49 Update certbot (0.38.0 -> 0.40.1) 2019-11-13 15:19:38 -06:00
Slavi Pantaleev 2da40c729a Do not expose server room directory by default
Prompted by: https://matrix.org/blog/2019/11/09/avoiding-unwelcome-visitors-on-private-matrix-servers

This is a bit controversial, because.. the Synapse default remains open,
while the general advice (as per the blog post) is to make it more private.

I'm not sure exactly what kind of server people set up and whether they
want to make the room directory public. Our general goal is to favor
privacy and security when running personal (family & friends) and corporate
homeservers, both of which likely benefit from having a more secure default.
2019-11-10 08:55:46 +02:00
Slavi Pantaleev 50614f1bad Simplify Prerequisites a bit
Don't mention systemd-journald adjustment anymore, because
we've changed log levels to WARNING and Synapse is not chatty by default
anymore.

The "excessive log messages may get dropped on CentOS" issue no longer
applies to most users and we shouldn't bother them with it.
2019-11-10 08:35:17 +02:00
Mike 4edb1eb131
Update init.yml
Removed a set_facts that I have used for tracing down the issue
2019-11-09 23:53:04 +01:00
Michael Haak 5b213e6ad0 Replace constructs appending elements with variables to matrix_synapse_container_extra_arguments. Fixes issue https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/304 2019-11-09 23:16:12 +01:00
Aaron Raimist c600ff758d
Upgrade riot-web (1.5.2 -> 1.5.3) 2019-11-08 09:48:08 -06:00
Slavi Pantaleev f0e80218b0 Upgrade Synapse (1.5.0 -> 1.5.1) 2019-11-06 12:28:48 +02:00
Dan Arnfield 80265bfec5 Update riot-web (1.5.0 -> 1.5.2) 2019-11-05 13:00:19 -06:00
recklesscoder 5d3b765241
Actually use matrix_synapse_storage_path
matrix_synapse_storage_path is already defined in matrix-synapse/defaults/main.yml (with a default of "{{ matrix_synapse_base_path }}/storage"), but was not being used for its presumed purpose in matrix-synapse.service.j2. As a result, if matrix_synapse_storage_path was overridden (in a vars.yml), the synapse service failed to start.
2019-11-02 13:46:02 +01:00
Slavi Pantaleev 721ca9b83f Add missing publicUrl configuration for Dimension
Discussed in #282 (Github Issue).
2019-10-31 15:38:32 +02:00
Dan Arnfield 9b187eca8f Update nginx (1.17.4 -> 1.17.5) 2019-10-29 11:08:56 -05:00
Dan Arnfield f0ce0db7dc Update synapse (1.4.1 -> 1.5.0) 2019-10-29 10:41:46 -05:00
Slavi Pantaleev e81837a586
Undo some formatting changes 2019-10-22 10:57:16 +03:00
Noah Fleischmann 1df3d53243 Verbose logging should be off per default 2019-10-21 20:47:23 +02:00
Noah Fleischmann 9728bdffee Undo auto formatting 2019-10-21 20:41:45 +02:00
Noah Fleischmann 852fceb33f Add documentation 2019-10-21 20:11:00 +02:00
Noah Fleischmann c3fb7ebf4c Add variable for mxisd verbose logging 2019-10-21 20:06:57 +02:00
Slavi Pantaleev 3bf7a7a85e Upgrade riot-web (1.4.2 -> 1.5.0) 2019-10-19 11:08:35 +03:00
Slavi Pantaleev e0ea708acc Upgrade Synapse (1.4.0 -> 1.4.1) 2019-10-18 13:31:40 +03:00
Julian Foad 7ce80bc58e
Quote docker args in case inputs contain spaces 2019-10-14 08:59:56 +01:00
Slavi Pantaleev e32aaacaa7 Make gzipped SQL dumps by default during --upgrade-postgres 2019-10-05 11:42:08 +03:00
Slavi Pantaleev 29526e7bb1 Add support for backing up / importing all Postgres databases/users 2019-10-05 11:42:08 +03:00
Aaron Raimist 5a2c1a44e4
Upgrade riot-web (1.4.1 -> 1.4.2) 2019-10-04 19:21:39 -05:00
Paul Tötterman aabb16d78b Fix spelling ngnix -> nginx 2019-10-04 11:07:37 +03:00
Slavi Pantaleev 9c438a3870 Add support for Postgres v12 2019-10-04 08:51:36 +03:00
Dan Arnfield b59642950e Update riot-web (1.4.0 -> 1.4.1) 2019-10-03 13:07:48 -05:00
Slavi Pantaleev f25696489b
Merge pull request #273 from Sporiff/patch-1
Bump riot web version 1.3.6 -> 1.4.0
2019-10-03 19:36:10 +03:00
Slavi Pantaleev 19fb96fa57
Merge pull request #275 from aaronraimist/synapse-1.4.0
Upgrade Synapse (1.3.1 -> 1.4.0)
2019-10-03 19:35:54 +03:00
Slavi Pantaleev a37b96d829 Upgrade Synapse to 1.4.0 2019-10-03 19:26:38 +03:00
Slavi Pantaleev 392f8202bd Make SAML2 configuration match sample config generated using generate command 2019-10-03 19:26:38 +03:00
Slavi Pantaleev 810d0fb0e4 Make it possible to serve static websites from the base domain 2019-10-03 11:24:04 +03:00
Aaron Raimist 413d9ec143
WIP: Upgrade Synapse (1.3.1 -> 1.4.0rc2) 2019-10-02 21:35:44 -05:00
Ciarán Ainsworth 271d32b866
Bump riot web version 1.3.6 -> 1.4.0 2019-09-28 17:13:07 +01:00
Slavi Pantaleev 1dd1f9602f
Merge pull request #271 from thedanbob/certbot-0.38
Update certbot (0.37.1 -> 0.38.0)
2019-09-25 16:31:36 +03:00
Dan Arnfield c12ca8fff0 Update certbot (0.37.1 -> 0.38.0) 2019-09-25 06:17:12 -05:00
Dan Arnfield 2dd9dc4882 Update nginx (1.17.3 -> 1.17.4) 2019-09-25 06:00:44 -05:00
Slavi Pantaleev 3264024055 Update matrix-corporal (1.5.0 -> 1.6.0) 2019-09-24 11:07:09 +03:00
Slavi Pantaleev 73c90e9513 Try to make Synapse config/key generation respect uid/gid
Attempt at fixing #268 (Github Issue)
2019-09-23 18:08:36 +03:00
Dan Arnfield f076bd2474 Update riot-web (1.3.5 -> 1.3.6) 2019-09-20 08:03:02 -05:00
Slavi Pantaleev 39ae7959bd Upgrade Telegram bridge (0.6.0 -> 0.6.1) 2019-09-20 15:23:34 +03:00
gusttt 25262fa0e1 Disable docker network tasks in check mode to allow running the playbook in check mode (--check --diff) 2019-09-17 22:24:38 +02:00
Aaron Raimist b930c29bf0
Upgrade riot-web (1.3.3 -> 1.3.5) 2019-09-16 21:36:49 -05:00
Slavi Pantaleev 68ed2ebefa Add support for Synapse Simple Antispam
Fixes #255 (Github Issue).
2019-09-09 08:13:10 +03:00
Slavi Pantaleev 4b1e9a4827 Add support for configuring Synapse spam_checker setting 2019-09-09 08:11:32 +03:00
Slavi Pantaleev 6b8ca70a0b Upgrade Exim (4.92.1 -> 4.92.2) 2019-09-09 07:22:45 +03:00
Slavi Pantaleev 14e242aec1 Make matrix-mailer exit more gracefully 2019-09-04 10:04:57 +03:00
Slavi Pantaleev 1784bde226 Ensure Postgres data ownership is correct
Fixes #257 (Github Issue)
2019-09-02 10:01:31 +03:00
Slavi Pantaleev a6d51ebe9b Force-pull Slack Docker image if :latest 2019-08-28 14:00:34 +03:00
Julian Foad a5eb845a2d
Fix force-pulling of mautrix-whatsapp 2019-08-28 11:52:42 +01:00
Slavi Pantaleev f2f3d41649 Make matrix-corporal configuration extensible
Fixes #70 (Github Issue).
2019-08-25 10:58:30 +03:00
Slavi Pantaleev 2d4e19326d Add missing when statement 2019-08-25 10:44:01 +03:00
Slavi Pantaleev 0edd7e8089 Make Riot-web configuration extensible
Fixes #71 (Github Issue).
2019-08-25 10:37:05 +03:00
Slavi Pantaleev c4eebc5355 Add information about community-grouping for the Facebook bridge 2019-08-24 12:14:17 +03:00
Slavi Pantaleev 10a9deba4a Make Synapse configuration extensible 2019-08-22 09:49:22 +03:00
Slavi Pantaleev b440d5b73c Remove some fact definitions during runtime 2019-08-22 08:00:02 +03:00
Slavi Pantaleev 65da600426
Merge branch 'master' into master 2019-08-21 07:34:20 +03:00
Slavi Pantaleev c8a4d59a81
Merge pull request #251 from Munfred/master
Add mautrix-hangouts bridge role and documentation
2019-08-21 07:15:14 +03:00
Slavi Pantaleev 2ef8898421
Add comment 2019-08-21 07:14:31 +03:00
Slavi Pantaleev 97fb71d98c
Change privilege level 2019-08-21 07:12:46 +03:00
Slavi Pantaleev 1bcbc4a9ba Update matrix-corporal (1.4.0 -> 1.5.0) 2019-08-20 11:20:26 +03:00
Slavi Pantaleev 2efcf11ee8
Remove some whitespace 2019-08-20 09:06:14 +03:00
Dan Arnfield 1ce3526bf2 Update riot-web (1.3.2 -> 1.3.3) 2019-08-19 06:46:11 -05:00
Dan Arnfield 42ea3cb0e1 Update synapse (1.3.0 -> 1.3.1) 2019-08-19 06:45:51 -05:00
Slavi Pantaleev db57618abd Update nginx and certbot 2019-08-17 10:21:23 +03:00
Slavi Pantaleev 1b2191a0f1 Add new Synapse configuration options (since 1.3.0)
Continuation of #246 (Github Pull Request)
2019-08-16 09:57:51 +03:00
Dan Arnfield 7b5e633776 Update synapse (1.2.1 -> 1.3.0) 2019-08-15 06:59:37 -05:00
Slavi Pantaleev a1afafeb35 Upgrade mxisd (1.4.5 -> 1.4.6) 2019-08-15 09:36:04 +03:00
Slavi Pantaleev 59d807fca7 Ensure auth.clientID is passed as string in Discord configuration
Discord client IDs are numeric (e.g. 12345).
Passing them as integers however, causes the Discord bridge's YAML parser
to parse them as integers and its config schema validation will fail.

Fixes #240 (Github Issue)
2019-08-11 16:16:05 +03:00
Dan Arnfield dc11704c11 Bump postgres versions (11.5, 10.10, 9.6.15) 2019-08-09 06:03:26 -05:00
Slavi Pantaleev 910ffb481c Update email2matrix (1.0 -> 1.0.1) 2019-08-09 12:10:53 +03:00
Slavi Pantaleev 99f5baa7bb Fix undefined variable error (matrix_synapse_id_servers_public)
This only gets triggered if:
- the Synapse role is used standalone and the default values are used
- the whole playbook is used, with `matrix_mxisd_enabled: false`
2019-08-08 18:30:54 +03:00
Slavi Pantaleev 5b736c416b
Merge pull request #236 from oleg-fiksel/guest-access
Added possibility to enable guest access on synapse
2019-08-08 13:18:55 +03:00
Oleg Fiksel 43628ddad6 Added "|to_json" to ensure we really pass a boolean 2019-08-08 12:11:19 +02:00
Oleg Fiksel f713bbe0f8 Added possibility to enable guest access on synapse 2019-08-08 11:57:35 +02:00
Slavi Pantaleev 3e57a1463a Serve nginx status page over HTTPS as well
Continuation of #234 (Github Pull Request).

I had unintentionally updated the documentation for the feature,
saying the page is available at `https://matrix.DOMAIN/nginx_status`.

Looks like it wasn't the case, going against my expectations.

I'm correcting this with this patch.
The status page is being made available on both HTTP and HTTPS.
Serving over HTTP is likely necessary for services like
Longview
(https://www.linode.com/docs/platform/longview/longview-app-for-nginx/)
2019-08-07 12:53:53 +03:00
p5t2vspoqqw c32a3e3204 correct defaults 2019-08-07 10:56:29 +02:00
p5t2vspoqqw 4b8190dc3f serve status page for matrix.DOMAIN only 2019-08-07 10:54:14 +02:00
p5t2vspoqqw 281f2ee519 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-08-07 09:30:24 +02:00
Dan Arnfield dc71457132 Update riot-web (1.3.0 -> 1.3.2) 2019-08-06 06:36:14 -05:00
microchipster 122c3f1ec0 sync more chats in hangouts, switch to admin mode 2019-08-06 05:27:40 +00:00
microchipster 1e8d593f7a fix hangout displayname bug 2019-08-06 05:27:40 +00:00
microchipster 75785a0734 fix login url 2019-08-06 05:27:40 +00:00
microchipster 74d9eb1ec0 fix incorrect nginx proxy entry for hangouts bridge 2019-08-06 05:27:40 +00:00
microchipster 754c475338 matrix-hangouts/login instead of just /login 2019-08-06 05:27:40 +00:00
microchipster 95750c1bc7 attempt to inject nginx config for hangouts bridge 2019-08-06 05:27:40 +00:00
microchipster 264704a29e absorb Munfred changes 2019-08-06 05:27:40 +00:00
Eduardo Beltrame c1aea7c3fc Update validate_config.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 85c7e9eb09 Update validate_config.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 0a9ce65d3b Update validate_config.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame ad682f2180 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame ef9f6efd12 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 451d84a981 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame da6d2e5621 Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame bc1c30168c remove login block -- wrong file 2019-08-06 05:27:40 +00:00
Eduardo Beltrame c71cef3f70 Add hangouts /login in the right place 2019-08-06 05:27:40 +00:00
Eduardo Beltrame b0f203b2ec Update main.yml 2019-08-06 05:27:40 +00:00
Eduardo Beltrame ab6e808bc6 fix /login for mautrix-hangouts bridge 2019-08-06 05:27:40 +00:00
Eduardo Beltrame 4528e6402b add Publicly accessible base URL for the login endpoints.
# Auth server config
        auth:
            # Publicly accessible base URL for the login endpoints.
            # The prefix below is not implicitly added. This URL and all subpaths should be proxied
            # or otherwise pointed to the appservice's webserver to the path specified below (prefix).
            # This path should usually include a trailing slash.
            public: http://example.com/login/
            # Internal prefix in the appservice web server for the login endpoints.
            prefix: /login
2019-08-06 05:27:40 +00:00
Eduardo Beltrame 2d3fc98d18 Update main.yml 2019-08-06 05:27:40 +00:00
microchipster a16347789d nginx settings for hangouts bridge login 2019-08-06 05:27:40 +00:00
microchipster 0585889d5a add hangouts bridge by copying facebook bridge and find-replacing 2019-08-06 05:27:40 +00:00
Slavi Pantaleev 4be35822dd Add Email2Matrix support 2019-08-05 13:09:49 +03:00
p5t2vspoqqw 51d5741bb3 Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy 2019-08-05 09:34:30 +02:00
Slavi Pantaleev 6fe4bafc2a Decrease default Synapse logging level
Also discussed previously in #213 (Github Pull Request).

shared-secret-auth and rest-auth logging is still at `INFO`
intentionally, as user login events seem more important to keep.
Those modules typically don't spam as much.
2019-08-03 07:48:04 +03:00
Slavi Pantaleev 6fc779dc83 Ensure matrix_ssl_retrieval_method value is valid
We recently had someone in the support room who set it to `false`
and the playbook ran without any issues.

This currently seems to yield the same result as 'none', but it's
better to avoid such behavior.
2019-08-02 11:59:10 +03:00
Slavi Pantaleev c40d28a0dc Relocate user-store.db/room-store.db when migrating Discord bridge files
Refer to 524436ebef and #230 (Github Issue).
2019-08-01 14:40:12 +03:00
Slavi Pantaleev 524436ebef Add missing required parameters for Discord bridge
Fixes #230 (Github Issue).

Related to https://github.com/Half-Shot/matrix-appservice-discord/issues/510
2019-08-01 14:36:02 +03:00
Slavi Pantaleev 18f6b29372 Bump matrix-mailer / exim release (4.92.1-r0-0 -> 4.92.1-r0-1)
It adds support for a new `DISABLE_SENDER_VERIFICATION` environment
variable that can be used to disable verification of sender addresses.

It doesn't matter for us, but we upgrade to keep up with latest.
2019-07-31 10:47:57 +03:00
Slavi Pantaleev 0e3b73a612 Upgrade matrix-mailer / exim (4.92 -> 4.92.1) 2019-07-30 20:56:05 +03:00
Slavi Pantaleev d543780e42 Use mautrix-telegram Docker image from new official registry 2019-07-28 19:33:02 +03:00
Slavi Pantaleev 53ab66eef8 Use mautrix-whatsapp Docker image from new official registry 2019-07-28 19:31:42 +03:00
Slavi Pantaleev 82bb55ae7a Use new default port config for mautrix-facebook 2019-07-28 18:42:42 +03:00
Slavi Pantaleev b0162d6f75 Use mautrix-facebook Docker image from new official registry 2019-07-28 18:40:55 +03:00
kingoftheconnors 177ec295b4 Fixed matrix-appservice-slack docker command problems 2019-07-27 14:25:13 -04:00
kingoftheconnors 49766c5dac Added Slack role 2019-07-26 21:37:21 -04:00
Dan Arnfield de6c1c99b2 Fix apt message: docker doesn't support arch 'i386' 2019-07-26 14:43:35 -05:00
Slavi Pantaleev bd99dd05b4 Upgrade Synapse (1.2.0 -> 1.2.1) 2019-07-26 14:17:31 +03:00