Commit graph

3595 commits

Author SHA1 Message Date
Toni Spets 3581e1b37b Heisenbridge identd on unprivileged port
Fixes running the container as an unprivileged user.
2021-05-31 08:43:57 +03:00
sakkiii 897c982517
prometheus security update 2.27.1 2021-05-30 14:32:51 +05:30
Slavi Pantaleev 56464dff72
Merge pull request #1097 from pushytoxin/autocomplete
Fix local/bin scripts autocompletion by adding rx perms to everyone
2021-05-28 11:42:32 +03:00
pushytoxin bee14550ab Fix local/bin scripts autocompletion by adding rx perms to everyone
It's mildly annoying when trying to execute these scripts while logged
in as a regular user, as the missing execute permissions will hinder
autocompletion even when trying to use with sudo.

These shell scripts don't contain secrets, but may fail when ran by a
regular user. The failure is due to the lack of access to the /matrix
directory, and does not result in any damage.
2021-05-28 10:39:27 +02:00
Slavi Pantaleev 4880dcceb0 Fix OCSP-stapling-related errors due to missing resolver
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057
2021-05-28 11:14:33 +03:00
Slavi Pantaleev 595c8c1af4
Merge pull request #1096 from wol-win/master
Minor correction
2021-05-28 10:43:21 +03:00
WobbelTheBear 28b8bb0bf1
Minor correction 2021-05-28 09:31:55 +02:00
Slavi Pantaleev 9924847f57
Merge pull request #1094 from coetzeer/master
Add support for a prometheus postgres exporter
2021-05-28 08:42:46 +03:00
Slavi Pantaleev 518ec83272
Merge pull request #1095 from aaronraimist/patch-1
Update IRC channel
2021-05-28 08:40:22 +03:00
Aaron Raimist cf1a9078b0
Update IRC channel 2021-05-27 15:21:47 -05:00
Raymond Coetzee 4e2780ff88 Add support for a prometheus postgres exporter
This commit introduces a new role that downloads and installs the
prometheus community postgres exporter  https://github.com/prometheus-community/postgres_exporter.
A new credential is added to matrix_postgres_additional_databases that
allows the exporter access to the database to gather statistics.
A new dashboard was added to the grafana role, with some refactoring
to enable the dashboard only if the new role is enabled.
I've included some basic instructions for how to enable the role in
the Docs section.

In terms of testing, I've tested enabling the role, and disabling
it to make sure it cleans up the container and systemd role.
2021-05-27 20:13:29 +01:00
Slavi Pantaleev 1cb6a0c96f
Merge pull request #1093 from jezcope/fix/irc-db-migrate-after-disable
Check IRC appservice service is present before stopping it
2021-05-27 09:19:18 +03:00
Jez Cope a8dbd93f61 Check irc service is present before stopping it 2021-05-26 20:41:52 +01:00
Slavi Pantaleev 36e583cc21
Merge pull request #1092 from wol-win/server_migration_doc_update
Server migration doc update
2021-05-26 18:04:00 +03:00
Slavi Pantaleev c791d1900c
Improve wording 2021-05-26 18:03:47 +03:00
WobbelTheBear 54e1c67e53
Update maintenance-migrating.md 2021-05-26 16:31:01 +02:00
WobbelTheBear 8472848286
Annotate server migration
Annotate server migration with a note in regard to migration between different architectures and the need to dump/restore the database.
2021-05-26 16:30:08 +02:00
Slavi Pantaleev b120259d1c
Merge pull request #1091 from wol-win/postgres_documentation
Update PostgreSQL Maintenance page
2021-05-26 15:01:14 +03:00
Wobbel The Bear 1b41e9c7dd
Update PostgreSQL Maintenance page
Added a mid-sized VPS configuration with configuration changes to the PostgreSQL database config.

Deleted single quotes in one of the examples to unify the examples
2021-05-26 13:50:35 +02:00
Slavi Pantaleev 3ae8013c10
Merge pull request #1089 from thomwiggers/patch-1
Update IRC appservice
2021-05-26 14:10:36 +03:00
Thom Wiggers af4bd50c2a
Update IRC appservice 2021-05-26 11:04:47 +02:00
Slavi Pantaleev b3351d2a53
Merge pull request #1083 from haghighi-ahmad/active-directory-support-for-ldap_auth_provider
Synapse LDAP auth: add support for Active Directory
2021-05-26 10:53:27 +03:00
Slavi Pantaleev 661bf89223
Merge pull request #1086 from hidraulicChicken/mjolnir_antispam
Mjolnir antispam
2021-05-26 10:52:27 +03:00
Slavi Pantaleev d61fe94bae
Fix incorrect path in Mjolnir uninstallation tasks 2021-05-26 10:52:15 +03:00
BG f8ba97ac14 Removing antispam note. 2021-05-26 09:05:28 +02:00
Slavi Pantaleev 719ecb03a8 Add note about pgtune.leopard.in.ua 2021-05-26 09:55:40 +03:00
Slavi Pantaleev 5e313ca0fc
Merge pull request #1088 from rakshazi/patch-9
Updated nginx-proxy (1.20.0 -> 1.21.0)
2021-05-25 20:14:07 +03:00
rakshazi 4ddd8bbb84
Updated nginx-proxy (1.20.0 -> 1.21.0) 2021-05-25 17:06:39 +00:00
BG 9a7eddd563 Updating docs. 2021-05-25 16:59:49 +02:00
BG 763952395b Adding mjolnir antispam synapse modul. 2021-05-25 16:43:30 +02:00
Slavi Pantaleev bca37aba1e
Merge pull request #1085 from GoMatrixHosting/master
GoMatrixHosting v0.4.7
2021-05-25 16:28:40 +03:00
Michael-GMH 6f40d78353 fix random edits to upstream 2021-05-25 21:25:40 +08:00
Slavi Pantaleev 36910348cf Switch synapse-admin to tagged release (0.8.1)
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1084
2021-05-25 16:21:11 +03:00
Michael-GMH ea6e344d05 merge upstream 2021-05-25 21:10:34 +08:00
Michael-GMH 85777e8f96 merge with upstream 2021-05-25 21:08:00 +08:00
Ahmad Haghighi 209d59070e Avoiding if(s), fix #1083
Conversation: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1083#discussion_r638671860

Signed-off-by: Ahmad Haghighi <haghighi@fedoraproject.org>
2021-05-25 15:41:58 +04:30
Ahmad Haghighi ee088d5d46 Synapse LDAP auth: add support for Active Directory
Signed-off-by: Ahmad Haghighi <haghighi@fedoraproject.org>
2021-05-25 15:36:41 +04:30
Slavi Pantaleev 1ed0857019 Fix syntax error
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024
2021-05-25 11:45:17 +03:00
Slavi Pantaleev c8a2309b78
Merge pull request #1024 from sakkiii/master
HSTS preload + X-XSS enables
2021-05-25 11:42:39 +03:00
sakkiii 4a4a7f136e changes added to hydrogen client 2021-05-25 11:42:51 +05:30
sakkiii 25e67b51d1 Merge branch 'spantaleev:master' into master 2021-05-25 11:40:56 +05:30
sakkiii 3436f9c10a rename to matrix_nginx_proxy_hsts_preload_enabled 2021-05-25 00:56:59 +05:30
Slavi Pantaleev 0648b1b618 Upgrade Element (1.7.28 -> 1.7.29) 2021-05-24 20:38:48 +03:00
Slavi Pantaleev 8d1d85ab4a
Merge pull request #1082 from sakkiii/patch-2
OCSP Stapling SSL manually-managed
2021-05-24 16:00:46 +03:00
sakkiii dcd5e5657d
OCSP Stapling SSL manually-managed
# chain.pem file is required for 'ssl_trusted_certificate`
2021-05-24 17:59:34 +05:30
sakkiii 7cc5328ede Comments & Ref 2021-05-24 17:20:54 +05:30
sakkiii df2d91970d matrix_nginx_proxy_xss_protection 2021-05-24 17:02:47 +05:30
Slavi Pantaleev d4c7a90b5c
Merge pull request #1076 from Eagle-251/Jitsi-Prosody-OwnNginxCompatibility
Allow Jitsi XMPP websocket support for users using own webserver.
2021-05-24 11:07:05 +03:00
Slavi Pantaleev be7fb18ca9
Merge pull request #1081 from aaronraimist/patch-1
Remove synapse-admin incompatibility note
2021-05-24 09:41:10 +03:00
Aaron Raimist 794035790c
Remove synapse-admin incompatibility note 2021-05-23 16:53:14 -05:00