Commit graph

2484 commits

Author SHA1 Message Date
Slavi Pantaleev c7e9f04756
Merge pull request #936 from irregulator/nginx_check_cors
matrix-nginx-proxy: specify Origin header, comply with CORS
2021-03-15 14:49:23 +02:00
Alexandros Afentoulis 28c255539c matrix-nginx-proxy: specify Origin header, comply with CORS
Self-checks against the .well-known URIs look for the HTTP header
"Access-Control-Allow-Origin" indicating that the remode endpoint
supports CORS. But the remote server is not required to include
said header in the response if the HTTP request does not include
the "Origin" header. This is in accordance with the specification
[1] stating: 'A CORS request is an HTTP request that includes an
"Origin" header.'

This is in fact true for Gitlab pages hosting and that's why the
issue was identified.

Let's specify "Origin" header in the respective uri tasks performing
the HTTP request and ensure a CORS request.

[1] https://fetch.spec.whatwg.org/#http-requests
2021-03-15 14:24:55 +02:00
Slavi Pantaleev 7215fd4319
Merge pull request #933 from pmontepagano/fork/require-auth-synapse-configs
Adding vars to synapse for private servers
2021-03-15 08:03:43 +02:00
Pablo Montepagano 52fe8a05b0 Adding vars to synapse for private servers. 2021-03-14 00:39:44 -03:00
Slavi Pantaleev 9b72384df7 Upgrade Synapse (1.28.0 -> 1.29.0) 2021-03-08 17:24:09 +02:00
Slavi Pantaleev f0698ee641 Do not overwrite X-Forwarded-For when reverse-proxying to Synapse
We have a flow like this:
1. matrix.DOMAIN vhost (matrix-domain.conf)
2. matrix-synapse vhost (matrix-synapse.conf); or matrix-corporal container, if enabled
3. (optional) matrix-synapse vhost (matrix-synapse.conf), if matrix-corporal enabled
4. matrix-synapse container

We are setting `X-Forwarded-For` correctly in step #1, but were
overwriting it in step #2 with something inaccurate.

Not doing anything in step #2 is better than doing the wrong thing.
It's probably best if we append another reverse-proxy address there
though, although what we're doing now (with this patch) seems to yield
the correct result (when matrix-corporal is not enabled).

When matrix-corporal is enabled, we still seem to do the wrong thing for
some reason. It's something to be fixed later on.
2021-03-08 17:24:09 +02:00
Slavi Pantaleev 5516bc8896
Merge pull request #923 from aaronraimist/patch-1
Make steps in configuring-playbook.md numbered
2021-03-07 09:53:49 +02:00
Aaron Raimist df5cbcc2e1
Make steps in configuring-playbook.md numbered
instead of bullet points which make it more difficult to tell whether or not you completed all of the steps
2021-03-06 12:35:12 -06:00
Slavi Pantaleev 11f8b5f3a7
Merge pull request #916 from jokey2k/patch-2
Adjust wait timeout
2021-03-05 10:43:36 +02:00
Markus Ullmann be23249f4b
Adjust wait timeout
During first setup postgres takes its time to get up and running, resulting in "postgres in startup" exceptions from synapse if you run without additional services that come in between. Hence suggesting increasing the time a bit to avoid having an error which heals itself and thus is hard to spot for newcomers.
2021-03-02 20:07:59 +01:00
Slavi Pantaleev 7d1522d884 Add Ko-fi donation link 2021-03-02 13:29:04 +02:00
Slavi Pantaleev 0f647594ac
Merge pull request #915 from SierraKiloBravo/add-nginx-worker-config
Added nginx proxy worker configuration to template and defaults
2021-03-02 13:04:28 +02:00
SierraKiloBravo 0de0716527 Added nginx proxy worker configuration to template and defaults 2021-03-02 11:30:09 +01:00
Slavi Pantaleev 31d2e013f7 Fix typo 2021-03-02 08:02:31 +02:00
Slavi Pantaleev 009efdad49 Fix matrix.DOMAIN/_synapse/metrics exposing
This is something that got lost during
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
and more specifically 4d62a75f6f.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/914
2021-03-02 07:59:59 +02:00
Slavi Pantaleev a25b8135b8 Fix point overlap between matrix-domain and Jitsi
Mostly affects people who disable the integrated `matrix-nginx-proxy`.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
and more specifically 4d62a75f6f.
2021-03-01 20:27:45 +02:00
Slavi Pantaleev c527f2930e Upgrade Element (1.7.21 -> 1.7.22) 2021-03-01 15:53:54 +02:00
Slavi Pantaleev fef6d57626 Remove alembic migrations for mautrix-facebook
They're gone now: b8ce80e476
2021-02-28 18:42:31 +02:00
Slavi Pantaleev c8d4a42367
Merge pull request #910 from hardye/le-timers-update
Run Let's Encrypt renewal checks daily instead of weekly.
2021-02-28 11:55:00 +02:00
Hardy Erlinger f4930d789e Run Let's Encrypt renewal checks daily instead of weekly.
This ensures more timely updates of certifcates.
2021-02-27 21:11:22 +01:00
Slavi Pantaleev 6baa91dd9f Do not delete matrix-ssl-lets-encrypt-certificates-renew only to recreate it later
This seems to have been added to the list of "deprecated files to
remove" by mistake.
2021-02-26 13:37:51 +02:00
Slavi Pantaleev ccf5915874 Upgrade Synapse for ARM64 (v1.26.0 -> v1.28.0) 2021-02-25 19:09:46 +02:00
Slavi Pantaleev ae091d7b2d Upgrade Synapse (v1.27.0 -> v1.28.0) 2021-02-25 13:40:35 +02:00
Slavi Pantaleev 1ef683d366 Make nginx proxy config (when disabled) obey matrix_federation_public_port
People who were disabling matrix-nginx-proxy (in favor of their own
nginx webserver) and also overriding `matrix_federation_public_port`,
found that the generated nginx configuration still hardcoded `8448`,
which forced their nginx server to use that, regardless of the fact
that `matrix_federation_public_port` was pointing elsewhere.

We now allow for the in-container federation port to be configurable,
and also automatically wire things properly.
2021-02-24 08:19:20 +02:00
Slavi Pantaleev 2ef1d9c537 Make healthchecks work for Synapse worker containers
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
2021-02-24 07:59:14 +02:00
Slavi Pantaleev f9a0ec6fd1 Fix some bridges failing when Synapse workers enabled
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/904
2021-02-23 13:17:52 +02:00
Slavi Pantaleev 8f7f45d6e4 Revert "trust the reverse proxy by default"
This reverts commit fd3d48bb6d.

Normally this environment variable gets referred to from `settings.json.docker`,
but we have our own full configuration, which hardcodes `"trustProxy": true`,
thus making this useless.

This has been pointed out here:
fd3d48bb6d (commitcomment-47403097)
2021-02-22 13:03:09 +02:00
Slavi Pantaleev 50ec607433
Merge pull request #902 from tctovsli/patch-2
Added paragraph about updating DNS to get stats
2021-02-22 11:54:06 +02:00
tctovsli 2b96fb0cf1
Added paragraph about updating DNS to get stats
This document didn't describe that it is necessary to have a DNS-entry for stats sub-domain.
2021-02-22 10:32:02 +01:00
Slavi Pantaleev fd18769e55
Merge pull request #901 from marcquark/backup_postgres
Recommend a better way of backing up postgres
2021-02-22 08:37:21 +02:00
Slavi Pantaleev ca22355910
Update backup docs a bit 2021-02-22 08:36:42 +02:00
Marc Leuser 53869ac14a recommend a better way of backing up postgres
don't spawn an extra container
run pg_dumpall within matrix-postgres instead, ensures correct version
store under /matrix so a backup of the folder will contain a DB dump
use absolute paths just in case something in the ENV is messed up
2021-02-21 21:38:20 +01:00
Slavi Pantaleev 994afcfeb0
Merge pull request #899 from gsouquet/patch-2
Update lower power config example
2021-02-21 14:05:56 +02:00
Germain 6768bdcf81
Update lower power config example
All other examples show the config to lower the memory usage on the server
2021-02-21 11:57:05 +00:00
Slavi Pantaleev 0585a3ed9f
Merge pull request #896 from rakshazi/add_version_to_each_role
added "matrix_%SERVICE%_version" variable to all roles
2021-02-21 12:26:17 +02:00
Slavi Pantaleev 38044e8c93
Merge pull request #894 from gsouquet/patch-1
Update Telegram bridge setup link
2021-02-21 12:22:12 +02:00
Slavi Pantaleev 77ab0d3e98 Do not delete Prometheus/Grafana Docker images
Same reasoning as in 1cd251ed78
2021-02-21 11:14:40 +02:00
rakshazi 2f887f292c
added "matrix_%SERVICE%_version" variable to all roles, use it in "matrix_%SERVICE%_docker_image" var (preserving backward-compatibility) 2021-02-20 19:08:28 +02:00
Germain 25e136ee0a
Update Telegram bridge setup link
Change markdown to use link instead of tags for Telegram App setup
2021-02-20 15:45:25 +00:00
Slavi Pantaleev 9bc0eb36ab
Merge pull request #892 from MarcProe/master
add support for mautrix-instagram
2021-02-19 20:49:35 +02:00
Marcus Proest 913e0dae42 update informational files. 2021-02-19 19:39:46 +01:00
Marcus Proest 2ca8211184 Merge remote-tracking branch 'upstream/master' 2021-02-19 19:02:48 +01:00
Marcus Proest b99372a3c5 initial commit of mautrix-instagram role 2021-02-19 17:20:26 +01:00
Slavi Pantaleev 108aed53be Fix invalid matrix-postgres.service when matrix_postgres_process_extra_arguments is empty
This only seems to be affecting some people badly enough to cause
matrix-postgres not to start. Certain systemd versions probably handle
it better or something.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/889
(hopefully)
2021-02-19 16:33:23 +02:00
Slavi Pantaleev 1dbdfeec07 Fix matrix-postgres stopping for consistency with other services
This probably got lost somehow in all the work that happened in
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
2021-02-19 15:53:30 +02:00
Slavi Pantaleev 9f91eaa54b Fix incorrect service name
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/887
2021-02-19 12:12:21 +02:00
Slavi Pantaleev e56fcbbc0d Announce mx-puppet-groupme support
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/872
2021-02-19 11:54:50 +02:00
Slavi Pantaleev 91c987ca7d
Merge pull request #872 from xangelix/add-mx-puppet-groupme-gh
Add mx-puppet-groupme support
2021-02-19 11:42:41 +02:00
Slavi Pantaleev d94d0e2ca5
Merge pull request #456 from eMPee584/synapse-workers
Synapse workers
2021-02-19 11:40:36 +02:00
Slavi Pantaleev b754c2778b Announce Synapse workers support 2021-02-19 11:39:58 +02:00