Commit graph

320 commits

Author SHA1 Message Date
Slavi Pantaleev 948c411106 Remove sudo requirement for generating SSL certificates
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1492
2021-12-30 10:47:06 +02:00
Slavi Pantaleev afd7f03bb5 Minor comment changes 2021-12-17 17:30:40 +02:00
Slavi Pantaleev fa704f104b Add support for using custom ACME CA servers (other than Let's Encrypt')
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1468
2021-12-17 17:30:21 +02:00
Slavi Pantaleev 3a9fe48deb Make matrix-nginx-proxy's X-Forwarded-For header customizable
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1393
2021-11-24 11:32:06 +02:00
Slavi Pantaleev 3b27ce2ff6
Merge pull request #1404 from aaronraimist/v3
Allow workers to serve new v3 APIs
2021-11-19 10:54:47 +02:00
Aaron Raimist f8fe68b385
Allow workers to serve new v3 APIs
1f196f59cb
2021-11-17 14:54:49 +00:00
Slavi Pantaleev b4fb819481
Merge pull request #1403 from borisrunakov/rename-matrix-ma1sd-default-port
remove default from variable name
2021-11-17 10:35:54 +02:00
boris runakov 394ecb0acc remove default from variable name 2021-11-16 21:14:28 +02:00
boris runakov d3a9ec98de refactoring 2021-11-16 21:03:21 +02:00
boris runakov 1ec67f49b0 replaced 8008 where possible 2021-11-15 22:43:05 +02:00
Slavi Pantaleev 994c0e504c Ensure some matrix-nginx-proxy variables are defined
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1397
2021-11-15 14:46:44 +02:00
b 07496069c8 rellocating variables for consistency 2021-11-15 12:07:54 +02:00
b 7756cc4c8e replace port 8048 with matrix_synapse_container_default_federation_port 2021-11-14 20:30:13 +02:00
JokerGermany c0656448f7 Port 80 for IPv6 2021-11-13 01:18:22 +01:00
sakkiii cd26af2f6f
Certbot Update (v1.20.0 -> v1.21.0) 2021-11-10 22:58:45 +05:30
sakkiii 7a4f49c457
Nginx Minio Update (1.21.3 -> 1.21.4) 2021-11-10 22:52:23 +05:30
Slavi Pantaleev 735c966ab6 Disable systemd services when stopping to uninstall them
Until now, we were leaving services "enabled"
(symlinks in /etc/systemd/system/multi-user.target.wants/).

We clean these up now. Broken symlinks may still exist in older
installations that enabled/disabled services. We're not taking care
to fix these up. It's just a cosmetic defect anyway.
2021-11-10 17:39:21 +02:00
b 6eaa8ac65a add server_name to matrix-synapsel.conf only if matrix_nginx_proxy_enabled 2021-11-05 15:31:10 +02:00
b dcda17595a change port 8090 to matrix_ma1sd_default_port 2021-10-31 21:06:22 +02:00
Slavi Pantaleev 06bcdcf9d2
Merge pull request #1311 from HarHarLinks/master
add auto proxy synapse worker metrics
2021-10-25 09:21:11 +03:00
Kim Brose 5f6bbafa17
fix space before tab in indent 2021-10-24 16:00:42 +02:00
HarHarLinks 7b33fc8e19 fixup! auto-generate prometheus.yml for workers metrics 2021-10-20 13:30:38 +02:00
HarHarLinks ce41674e61 auto-generate prometheus.yml for workers metrics 2021-10-20 12:51:00 +02:00
HarHarLinks 4209c4208c add own variable for worker metrics
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1311#issuecomment-945718866
2021-10-20 12:51:00 +02:00
Slavi Pantaleev 2bf052369d Upgrade certbot (v1.19.0 -> v1.20.0) 2021-10-06 15:14:38 +03:00
Kim Brose 1ba7760ea4
add how to generate htpasswd
for matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_key
resolves #1308
2021-10-04 22:18:05 +02:00
HarHarLinks d9fa2f7ed4 add auto proxy synapse worker metrics
when matrix_nginx_proxy_proxy_synapse_metrics is enabled
2021-10-04 21:44:50 +02:00
Slavi Pantaleev 31396f0615
Merge pull request #1295 from nogweii/feat-support-upstream-https-forwarded
Support trusting the upstream server when it says the protocol is HTTPS
2021-09-26 09:54:15 +03:00
Aaron Raimist a676b5358c
Fix hydrogen OCSP typo
From 6f80292745
2021-09-24 20:09:06 -05:00
Colin Shea 2578ca4cee rename matrix_nginx_proxy_x_forwarded_header_value -> matrix_nginx_proxy_x_forwarded_proto_value 2021-09-24 05:22:30 -07:00
Colin Shea d0cd67044e replace $scheme with X-Forwarded-Proto when enabled 2021-09-24 05:14:38 -07:00
sakkiii 3055b3996e
Updates Certbot -> v1.19.0, nginx ->1.21.3-alpine 2021-09-14 16:51:01 +05:30
sakkiii ae6caf158a
Added variable matrix_nginx_proxy_request_timeout (#1265)
* add timeout param for nginx proxy

default value matrix_nginx_proxy_request_timeout is 60s

* default matrix_nginx_proxy_request_timeout - 60s

* few more variables for request timeout

* Update nginx.conf.j2

* Update nginx.conf.j2
2021-09-03 10:00:45 +03:00
Slavi Pantaleev a911207854 Revert "nginx update v1.21.2"
This reverts commit 732051b8fc.

There's no such container image published yet.
2021-09-03 09:07:58 +03:00
sakkiii 732051b8fc
nginx update v1.21.2
http://nginx.org/en/CHANGES
2021-09-03 10:46:21 +05:30
sakkiii f5a7e6d78b
Certbot update v1.18.0 2021-08-20 19:47:11 +05:30
Michael Collins 4d57a41b3f remove matrix_awx_enabled from these 2021-08-11 17:18:57 +08:00
Michael Collins 2e30802b87 use group variables instead 2021-08-11 15:21:09 +08:00
Michael Collins 8238d65e5f simplify template conditional 2021-08-11 14:19:19 +08:00
Michael Collins bfb61e776e GMH v0.5.7... maybe! 2021-08-10 12:58:10 +08:00
Slavi Pantaleev 4105ba854b
Merge pull request #1147 from datenkollektiv-net/allow-custom-federation-fqn
Make federation domain customizable
2021-07-20 09:12:16 +03:00
JokerGermany 9345d840be
root path for the base domain is wrong (#1189)
* root path for the base domain

* Fix path when running in a container

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2021-07-20 08:48:11 +03:00
sakkiii 7a51268dfc
Upgrade certbot & nginx
Upgrade certbot (v1.16.0 -> v1.17.0) nginx (1.21.0 -> 1.21.1)
2021-07-09 17:51:27 +05:30
Slavi Pantaleev 6294e58304 Fix Content-Security-Policy for Element
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1154

According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy,
having both a header and the `<meta>`-tag provided by Element itself is
not a problem. The 2 CSP policies get combined.
2021-07-01 12:41:05 +03:00
oxmie 5df4d68829 Make federation domain customizable 2021-06-30 23:02:27 +02:00
sakkiii 0217644b48
Content-Security-Policy For Element Web
https://github.com/vector-im/element-web#configuration-best-practices
2021-06-18 23:27:23 +05:30
Slavi Pantaleev 963f38ee7b Upgrade certbot (v1.14.0 -> v1.16.0) 2021-06-10 12:18:42 +03:00
pushytoxin bee14550ab Fix local/bin scripts autocompletion by adding rx perms to everyone
It's mildly annoying when trying to execute these scripts while logged
in as a regular user, as the missing execute permissions will hinder
autocompletion even when trying to use with sudo.

These shell scripts don't contain secrets, but may fail when ran by a
regular user. The failure is due to the lack of access to the /matrix
directory, and does not result in any damage.
2021-05-28 10:39:27 +02:00
Slavi Pantaleev 4880dcceb0 Fix OCSP-stapling-related errors due to missing resolver
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-28 11:14:33 +03:00
rakshazi 4ddd8bbb84
Updated nginx-proxy (1.20.0 -> 1.21.0) 2021-05-25 17:06:39 +00:00