Dan Arnfield
f04614a993
Fix prometheus network for ansible < 2.8
2021-04-17 20:15:26 -05:00
Slavi Pantaleev
badd81e0ec
Revert "Attempt to fix docker_network result discrepancy between Ansible versions"
...
This reverts commit 68ca81c8c2
.
2021-04-17 19:31:20 +03:00
sakkiii
1958d0792d
Update matrix-client-element.conf.j2
2021-04-17 21:33:07 +05:30
sakkiii
b6d45c5fd8
Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
2021-04-17 21:03:26 +05:30
sakkiii
05042f5ff1
Improve security grafana
...
- duplicate X-Content-Type-Options
- X-Frame-Options header
- Referrer-Policy [Might consider adding variable]
- Secure flag with cookies
- matrix_grafana_content_security_policy variable for [Content Security Policy](https://grafana.com/docs/grafana/latest/administration/configuration/#content_security_policy )
2021-04-17 21:03:05 +05:30
sakkiii
27377e099d
updated matrix_grafana_docker_image to v7.5.4
...
Latest stable grafana version is [7.5.4 (2021-04-14)](https://github.com/grafana/grafana/releases/tag/v7.5.4 )
2021-04-17 17:31:14 +05:30
Slavi Pantaleev
68ca81c8c2
Attempt to fix docker_network result discrepancy between Ansible versions
...
Supposedly fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/907
2021-04-17 11:42:06 +03:00
Slavi Pantaleev
9c1f41eadf
Merge pull request #1002 from thedanbob/node-exporter-1.1.2
...
Update prometheus node exporter (1.1.0->1.1.2)
2021-04-17 11:15:13 +03:00
Dan Arnfield
8a550ce67c
Update prometheus (2.24.1->2.26.0)
2021-04-16 09:25:45 -05:00
Dan Arnfield
83cc5c9e6a
Update prometheus node exporter (1.1.0 -> 1.1.2)
2021-04-16 09:17:04 -05:00
teutat3s
009623a26d
Merge branch 'master' into pub.solar
2021-04-16 13:07:43 +02:00
sakkiii
5dc642ace1
Nginx element web: XSS protection & nosniff header
...
X-XSS-Protection: 1; mode=block; header, for basic XSS protection in legacy browsers.
X-Content-Type-Options: nosniff header, to disable MIME sniffing
2021-04-16 14:45:04 +05:30
Slavi Pantaleev
fcb9e9618a
Make Coturn TLSv1/v1.1 configurable
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/999
2021-04-16 09:29:32 +03:00
teutat3s
44d8dd8c1a
Merge branch 'master' into pub.solar
2021-04-16 00:33:50 +02:00
sakkiii
540416e32d
Disable support for TLS 1.0 and TLS 1.1
...
These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.
2021-04-15 19:25:23 +05:30
Michael-GMH
89cb5a3d7a
GMH v0.4.2 update
2021-04-15 17:07:03 +08:00
teutat3s
57d9f96cee
Merge branch 'master' into pub.solar
2021-04-14 16:04:15 +02:00
Slavi Pantaleev
c7c137df74
Upgrade nginx and certbot
2021-04-14 13:24:41 +03:00
Slavi Pantaleev
931452bb06
Upgrade exim (4.93 -> 4.94)
2021-04-14 08:57:01 +03:00
rakshazi
4f8e1bd43a
Updated Element Web 1.7.24.1 -> 1.7.25
2021-04-12 18:04:56 +00:00
Ahmad Haghighi
e335f3fc77
rename matrix_global_registry to matrix_container_global_registry_prefix related to #990
...
Signed-off-by: Ahmad Haghighi <haghighi@fedoraproject.org>
2021-04-12 17:23:55 +04:30
Ahmad Haghighi
f52a8b6484
use custom docker registry
2021-04-12 17:23:55 +04:30
Aaron Raimist
3d2142f88b
Add sanity check for server architecture
2021-04-10 16:14:32 -05:00
teutat3s
7ac348e705
Add mastodon .well-known redirect for pub.solar
2021-04-07 23:41:37 +02:00
teutat3s
9f45a11f84
Merge branch 'master' into pub.solar
2021-04-07 23:10:22 +02:00
Marcus
3e119e483e
Update init.yml
...
fix nginx boot loop
2021-04-07 21:34:16 +02:00
Slavi Pantaleev
4830b7d830
Upgrade Synapse for ARM64 (1.30.1 -> 1.31.0)
2021-04-06 17:22:25 +03:00
Slavi Pantaleev
3f426de599
Upgrade Synapse (1.30.1 -> 1.31.0)
2021-04-06 16:00:10 +03:00
Slavi Pantaleev
c386e8e9db
Use integers for some variables
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/868
2021-04-05 11:38:23 +03:00
Slavi Pantaleev
832e191ab8
Fix incorrect variable usage in when statement
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/868
2021-04-05 11:32:48 +03:00
Slavi Pantaleev
1b55766927
Do not redefine matrix-postgres role vars in matrix-postgres-backup
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/868
2021-04-05 11:32:19 +03:00
Slavi Pantaleev
298556e02e
Fix undefined matrix_postgres_backup_detected_version_corresponding_docker_image
...
.. and prevent variable name overlap with `matrix-postgres` for the
other variables as well.
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/868
2021-04-05 11:23:12 +03:00
Slavi Pantaleev
0a107dc0ce
Merge pull request #868 from foxcris/postgres-backup
...
- Added a postgres-backup role
2021-04-05 10:53:04 +03:00
foxcris
2178f3612f
- matrix_postgres_backup_databases now uses more simple structure
2021-04-05 09:05:41 +02:00
Slavi Pantaleev
560777cc16
Merge pull request #981 from aaronraimist/grafana
...
Allow special characters in Grafana password and upgrade Grafana
2021-04-04 10:04:07 +03:00
Michael
f41bfb69d2
update survey template formatting
2021-04-04 12:01:53 +08:00
Michael
814bdf5a88
update spelling
2021-04-04 11:52:26 +08:00
Michael
fbe22289bd
merge with upstream and testing branch
2021-04-04 11:41:06 +08:00
Aaron Raimist
458c17b9d0
Upgrade Grafana (7.4.0 -> 7.5.2)
2021-04-03 16:41:30 -05:00
Aaron Raimist
504f1b6445
Allow special characters in Grafana password
2021-04-03 16:41:10 -05:00
Slavi Pantaleev
995c483856
Merge pull request #962 from aaronraimist/mjolnir
...
Add mjolnir
2021-04-03 10:45:29 +03:00
Slavi Pantaleev
f183add44d
Merge pull request #977 from aaronraimist/simple-antispam
...
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3)
2021-04-03 08:45:14 +03:00
Aaron Raimist
81dddd2e25
Upgrade Element (1.7.24 -> 1.7.24.1)
2021-04-02 18:43:30 -05:00
Aaron Raimist
c43bd412dd
Upgrade synapse-simple-antispam (0.0.1 -> 0.0.3)
2021-04-02 18:08:08 -05:00
Aaron Raimist
1ecee625d5
Depend on more services, add a delay
2021-04-02 17:07:24 -05:00
Slavi Pantaleev
a88391edf5
Merge pull request #972 from JohannesKleine/nginx-config
...
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
2021-03-31 10:30:57 +03:00
teutat3s
1e7c5abbf3
Merge branch 'mautrix-signal/update-config' into pub.solar
2021-03-31 03:10:46 +02:00
teutat3s
0b5e903693
Updates to mautrix-signal config
...
See these last commits:
tulir/mautrix-signal@4fc34330c1
tulir/mautrix-signal@64bc5c36a5
tulir/mautrix-signal@ddda1666d4
2021-03-31 02:51:23 +02:00
teutat3s
8c261b296b
Merge branch 'master' into pub.solar
2021-03-30 19:59:14 +02:00
Christoph Johannes Kleine
fcd66b2889
rename variables
2021-03-30 16:41:32 +02:00
Christoph Johannes Kleine
8ba1105010
rename variable
2021-03-30 15:59:10 +02:00
Christoph Johannes Kleine
3a772f2f65
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
2021-03-30 14:11:20 +02:00
Slavi Pantaleev
93960b70be
Do not fail if _matrix-identity
DNS SRV record missing
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/963
This also simplifies Prerequisites, which is great.
It'd be nice if we were doing these checks in some optional manner
and reporting them as helpful messages (using
`matrix_playbook_runtime_results`), but that's more complicated.
I'd rather drop these checks completely.
2021-03-30 11:24:04 +03:00
Slavi Pantaleev
5e1cf7f8b9
Upgrade Element (1.7.23 -> 1.7.24)
2021-03-29 17:58:02 +03:00
Slavi Pantaleev
9409588513
Fix variable name typo (take 2)
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
2021-03-29 10:59:57 +03:00
Slavi Pantaleev
179b416ed5
Fix variable name typo
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/970
2021-03-29 09:24:35 +03:00
Slavi Pantaleev
77d598b315
Fix Go-NEB variable definitions using the wrong type
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/969
2021-03-28 12:10:22 +03:00
Slavi Pantaleev
49868db3de
Upgrade Synapse for ARM64 (1.30.0 -> 1.30.1)
2021-03-26 16:48:15 +02:00
Slavi Pantaleev
94487dc6a7
Upgrade Synapse for amd64 (1.30.0 -> 1.30.1)
2021-03-26 15:37:11 +02:00
transcaffeine
dbae18fd6a
feat: push ephemeral events to appservices
...
This adds https://github.com/matrix-org/matrix-doc/pull/2409 to the
appservice registrations, enabling synapse to push EDUs to appservices.
2021-03-25 18:49:54 +01:00
Dan Arnfield
97d8527e00
Update nginx (1.19.6 -> 1.19.8)
2021-03-24 09:42:08 -05:00
Slavi Pantaleev
5a4ea5f866
Make AWX enabling/disabling consistent with other playbook roles
...
That is:
- enabled in the role by default
- disabled in the compilation (playbook), if considered an optional
component
2021-03-24 14:02:53 +02:00
Aaron Raimist
bab8b950ca
Add mjolnir
2021-03-23 22:46:08 -05:00
Slavi Pantaleev
06c74728eb
Move matrix_nginx_proxy_proxy_synapse_federation_api_enabled definition to the role
...
This variable was previously undefined in the role and was only getting
defined via `group_vars/matrix_servers`.
We now properly initialize it (and its good default value) in the role
itself.
2021-03-23 10:28:32 +02:00
Slavi Pantaleev
d09609daa8
Fix Jinja2 syntax error
...
Fixes a regression introduced in ffe649a240
2021-03-22 17:13:10 +02:00
Slavi Pantaleev
6a3433fbad
Update Synapse for ARM64 (1.29.0 -> 1.30.0)
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
2021-03-22 16:43:23 +02:00
Slavi Pantaleev
ffe649a240
Update homeserver.yaml to keep up with Synapse v1.30.0
...
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/958
2021-03-22 16:43:10 +02:00
rakshazi
74106f2a80
Updated synapse 1.29.0 -> 1.30.0
2021-03-22 14:03:42 +00:00
Thom Wiggers
54fe59f05c
Update IRC appservice
2021-03-22 12:37:35 +01:00
Slavi Pantaleev
2737ebc290
Complain if people try to use matrix-sygnal on non-amd64
2021-03-20 13:38:27 +02:00
Slavi Pantaleev
b824522b33
Remove unnecessary with_items statement
2021-03-20 13:34:22 +02:00
Slavi Pantaleev
9a0222fa47
Add Sygnal support
...
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/683
2021-03-20 13:32:22 +02:00
Michael
af240aef37
remove sections from task list that arent needed
2021-03-20 17:35:30 +08:00
Michael
85127bacba
Merge remote-tracking branch 'upstream/master'
2021-03-20 17:21:27 +08:00
Michael
1e54b1d1a5
merge upstream
2021-03-20 17:21:02 +08:00
Slavi Pantaleev
f99dcd611f
Pass proper UID/GID to Synapse
...
Fixes a regression caused by a5ee39266c
.
If the user id and group id were different than 991:991
(which used to be a hardcoded default for us long ago),
there was a mismatch between what Synapse was trying to use (991:991)
and what it was actually started with (in `--user=..`). It was then
trying to change ownership, which was failing.
This was mostly affecting newer installations which were not using the
991:991 defaults we had long ago (since a1c5a197a9
).
2021-03-19 16:44:10 +02:00
Slavi Pantaleev
a5ee39266c
Go through start.py when launching Synapse
...
This allows us to benefit from helpful things it does for us,
like enabling jemalloc: https://github.com/matrix-org/synapse/pull/8553
We weren't going through `start.py` before, because it was causing some
conflict with our `docker run --user=...` stuff, but it doesn't seem
to be a problem anymore.
Having done this, we won't need to do things like
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/941
anymore.
2021-03-19 08:16:59 +02:00
Aaron Raimist
32b3650c12
Set X-Forwarded-Proto on federation requests
2021-03-17 18:51:10 -05:00
Béla Becker
2d7e7680e5
matrix.{{ matrix_domain }} -> {{ matrix_server_fqn_matrix }}
2021-03-17 12:36:45 +01:00
Aaron Raimist
466827139a
Also check if matrix_ssl_lets_encrypt_support_email is blank
2021-03-17 00:54:05 -05:00
Slavi Pantaleev
97c0bf1a73
Merge pull request #942 from pushytoxin/etherpad1_8_12
...
Upgrade Etherpad (1.8.7 -> 1.8.12)
2021-03-16 20:07:34 +02:00
Béla Becker
60aa40845f
Upgrade Etherpad (1.8.7 -> 1.8.12)
2021-03-16 18:55:58 +01:00
Yannick Goossens
27416607d9
Another field with 'invalid input syntax for type smallint'
2021-03-16 16:38:59 +01:00
Michael
5a6bdb0c3d
merge upstream
2021-03-16 21:52:26 +08:00
Michael
571b70a1f4
fix for running outside of AWX
2021-03-16 21:37:19 +08:00
foxcris
76fbc59b61
- adapted documentation
...
- removed build_database_list.yml
2021-03-16 11:50:01 +01:00
foxcris
11cd1cb0fa
- removed matrix_postgres_backup_db_list variable
...
- add matrix_postgres_backup_databases to be build on top of matrix_postgres_additional_databases
- POSTGRES_DB is now directly set from matrix_postgres_backup_databases while building the templates/env-postgres-backup.j2
2021-03-16 11:40:16 +01:00
foxcris
43f7d9afb6
- removed dynamic building of the postgres db list an reused matrix_postgres_additional_databases in group_vars/matrix_servers as source for the list
...
- adjusted env-postgres-backup.j2 to use the new role specific variables
2021-03-16 10:49:04 +01:00
foxcris
604ffe7d79
- adapted validate_config.yml to use the renamed variables
2021-03-16 10:24:47 +01:00
foxcris
ecc6bdb3ca
- changed variables names to use role specific one and redefine them using group_vars/matrix_servers
2021-03-16 10:18:26 +01:00
foxcris
1e45eeab7b
- fixed typo
2021-03-16 10:05:07 +01:00
Michael
5a1f3b7d67
GMH v0.3.0
2021-03-14 14:35:38 +08:00
teutat3s
4e1ddb23cf
Merge branch 'master' into pub.solar
2021-03-08 19:26:17 +01:00
Slavi Pantaleev
9b72384df7
Upgrade Synapse (1.28.0 -> 1.29.0)
2021-03-08 17:24:09 +02:00
Slavi Pantaleev
f0698ee641
Do not overwrite X-Forwarded-For when reverse-proxying to Synapse
...
We have a flow like this:
1. matrix.DOMAIN vhost (matrix-domain.conf)
2. matrix-synapse vhost (matrix-synapse.conf); or matrix-corporal container, if enabled
3. (optional) matrix-synapse vhost (matrix-synapse.conf), if matrix-corporal enabled
4. matrix-synapse container
We are setting `X-Forwarded-For` correctly in step #1 , but were
overwriting it in step #2 with something inaccurate.
Not doing anything in step #2 is better than doing the wrong thing.
It's probably best if we append another reverse-proxy address there
though, although what we're doing now (with this patch) seems to yield
the correct result (when matrix-corporal is not enabled).
When matrix-corporal is enabled, we still seem to do the wrong thing for
some reason. It's something to be fixed later on.
2021-03-08 17:24:09 +02:00
foxcris
88d59f97c2
-
2021-03-06 11:43:59 +01:00
Markus Ullmann
be23249f4b
Adjust wait timeout
...
During first setup postgres takes its time to get up and running, resulting in "postgres in startup" exceptions from synapse if you run without additional services that come in between. Hence suggesting increasing the time a bit to avoid having an error which heals itself and thus is hard to spot for newcomers.
2021-03-02 20:07:59 +01:00
SierraKiloBravo
0de0716527
Added nginx proxy worker configuration to template and defaults
2021-03-02 11:30:09 +01:00
Slavi Pantaleev
009efdad49
Fix matrix.DOMAIN/_synapse/metrics exposing
...
This is something that got lost during
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
and more specifically 4d62a75f6f
.
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/914
2021-03-02 07:59:59 +02:00
Slavi Pantaleev
a25b8135b8
Fix point overlap between matrix-domain and Jitsi
...
Mostly affects people who disable the integrated `matrix-nginx-proxy`.
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
and more specifically 4d62a75f6f
.
2021-03-01 20:27:45 +02:00