Commit graph

180 commits

Author SHA1 Message Date
Slavi Pantaleev 1338963b6c Add support for obtaining additional SSL certificates via Traefik 2023-02-08 18:47:19 +02:00
Slavi Pantaleev c07630ed51 Add com.devture.ansible.role.traefik_certs_dumper role
With this, other roles (like Coturn, Postmoogle) will be able
to use SSL certificates extracted from Traefik
via https://github.com/ldez/traefik-certs-dumper
2023-02-08 16:05:38 +02:00
Slavi Pantaleev 8155f780e5 Add support for reverse-proxying Matric (Client & Federation) via Traefik 2023-02-06 13:08:11 +02:00
Slavi Pantaleev f983604695 Initial work on Traefik support
This gets us started on adding a Traefik role and hooking Traefik:

- directly to services which support Traefik - we only have a few of
  these right now, but the list will grow

- to matrix-nginx-proxy for most services that integrate with
  matrix-nginx-proxy right now

Traefik usage should be disabled by default for now and nothing should
change for people just yet.

Enabling these experiments requires additional configuration like this:

```yaml
devture_traefik_ssl_email_address: '.....'

matrix_playbook_traefik_role_enabled: true
matrix_playbook_traefik_labels_enabled: true

matrix_ssl_retrieval_method: none

matrix_nginx_proxy_https_enabled: false

matrix_nginx_proxy_container_http_host_bind_port: ''
matrix_nginx_proxy_container_federation_host_bind_port: ''

matrix_nginx_proxy_trust_forwarded_proto: true

matrix_nginx_proxy_x_forwarded_for: '$proxy_add_x_forwarded_for'

matrix_coturn_enabled: false
```

What currently works is:
reverse-proxying for all nginx-proxy based services **except** for the Matrix homeserver
(both Client-Server an Federation traffic for the homeserver don't work yet)
2023-02-06 10:34:51 +02:00
Slavi Pantaleev 946bbe9734 Upgrade prometheus_node_exporter (v1.5.0-1 -> v1.5.0-2) 2023-02-06 09:54:34 +02:00
Slavi Pantaleev 5de5b5c62c Upgrade prometheus_postgres_exporter (v0.11.1-1 -> v0.11.1-2) 2023-02-06 09:49:15 +02:00
Slavi Pantaleev 045ed94d43 Upgrade prometheus_postgres_exporter (v0.11.1-0 -> v0.11.1-1) 2023-02-05 10:54:51 +02:00
Slavi Pantaleev be78b74fbd Switch from matrix-prometheus-postgres-exporter to an external prometheus_postgres_exporter role 2023-02-05 10:32:09 +02:00
Slavi Pantaleev e43ba65dd3 Upgrade prometheus_node_exporter (v1.5.0-0 -> v1.5.0-1) 2023-01-27 08:46:16 +02:00
Slavi Pantaleev 9ed2e04d80 Switch from matrix-prometheus-node-exporter to an external prometheus_node_exporter role 2023-01-21 11:07:04 +02:00
Slavi Pantaleev c27021b29b Upgrade com.devture.ansible.role.timesync 2023-01-17 14:51:00 +02:00
Slavi Pantaleev f64745c6ac Upgrade com.devture.ansible.role.timesync
Related to https://github.com/devture/com.devture.ansible.role.timesync
2023-01-17 14:47:57 +02:00
Slavi Pantaleev 4c5d945ad3 Upgrade com.devture.ansible.role.postgres 2023-01-13 18:12:22 +02:00
Slavi Pantaleev c874830de3 Upgrade com.devture.ansible.role.postgres
The new version uses the corresponding container image when running
vacuum, not the latest Postgres version.
2023-01-13 09:42:04 +02:00
Slavi Pantaleev d018677293 Upgrade geerlingguy.docker (6.0.3 -> 6.0.4) 2022-12-30 18:12:38 +02:00
Slavi Pantaleev 4589f94053 Upgrade Postgres (minor versions upgrade) 2022-12-02 19:17:35 +02:00
Slavi Pantaleev 4eed49f931 Replace custom/matrix-postgres-backup role with galaxy/com.devture.ansible.role.postgres_backup
This role is usable on its own and it's not tied to Matrix, so
extracting it out into an independent role that we install via
ansible-galaxy makes sense.

This also fixes the confusion from the other day, where
`matrix_postgres_*` had to be renamed to `devture_postgres_*`
(unless it was about `matrix_postgres_backup_*`).
We now can safely say that ALL `matrix_postgres_*` variables need to be
renamed.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2305
2022-11-30 11:01:19 +02:00
Slavi Pantaleev de979bc6a2 Upgrade com.devture.ansible.role.postgres 2022-11-30 09:42:06 +02:00
Slavi Pantaleev b25385dffd Upgrade com.devture.ansible.role.postgres 2022-11-29 20:16:29 +02:00
Slavi Pantaleev 81054bb19c Upgrade com.devture.ansible.role.postgres 2022-11-28 09:05:22 +02:00
Slavi Pantaleev 4bb3a38de6 Upgrade com.devture.ansible.role.postgres 2022-11-27 11:24:53 +02:00
Slavi Pantaleev 04b9483f0d Switch from matrix-postgres to com.devture.ansible.role.postgres 2022-11-27 08:04:31 +02:00
Slavi Pantaleev 7c2a7a8eb6 Replace most import_tasks calls with include_tasks for improved performance 2022-11-24 11:33:45 +02:00
Slavi Pantaleev 54cacc927e Upgrade com.devture.ansible.role.docker_sdk_for_python 2022-11-23 14:33:07 +02:00
Slavi Pantaleev ccfaefa4d2 Add service groups 2022-11-23 11:45:47 +02:00
Slavi Pantaleev 93d4f8d425 Replace matrix-common-after systemd service management with com.devture.ansible.role.systemd_service_manager 2022-11-23 11:45:46 +02:00
Slavi Pantaleev d8f2141eb0 Install Docker via geerlingguy.docker Galaxy role 2022-11-22 09:01:26 +02:00
Slavi Pantaleev 5ff59eb31a Upgrade com.devture.ansible.role.playbook_state_preserver 2022-11-05 06:56:10 +02:00
Slavi Pantaleev 04c6c11561 Install ntpd/systemd-timesync via com.devture.ansible.role.timesync 2022-11-04 16:34:23 +02:00
Slavi Pantaleev c3a7237de7 Initial work on using externally defined roles 2022-11-04 14:58:28 +02:00