pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
5733 commits 2 branches 0 tags 16 MiB
Commit graph

370 commits

Author SHA1 Message Date
Catalan Lover 563cf1a4ba
Initial commit for draupnir. 
main.yml is not included due to that its changed separately.
 2023-02-08 16:44:12 +01:00
Slavi Pantaleev 49a1985750 Fix Postmoogle systemd service description 2023-02-08 16:45:58 +02:00
Slavi Pantaleev d44d4b637f Allow Coturn to work with SSL certificates extracted from Traefik 2023-02-08 16:06:46 +02:00
Aine 2eb2ad0ad7
Update heisenbridge 1.14.1 -> 1.14.2 2023-02-07 09:06:00 +00:00
Slavi Pantaleev 2b9061a5d3 Add support for reverse-proxying the base domain via Traefik 2023-02-07 11:02:02 +02:00
Slavi Pantaleev 6c17671abd Upgrade synapse-admin (0.8.6 -> 0.8.7) and drop reverse-proxy workaround 
Related to 6a31fba346, 6a31fba346.

Related to https://github.com/Awesome-Technologies/synapse-admin/issues/322
 2023-02-07 10:45:19 +02:00
Slavi Pantaleev 66baef5bf6 Fix matrix-synapse-reverse-proxy-companion.service stopping during uninstallation 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2444
 2023-02-07 08:48:50 +02:00
jakicoll 6a205a83f6 Change renamed variables matrix_systemd_path -> devture_systemd_docker_base_systemd_path 2023-02-06 17:20:13 +01:00
jakicoll 6cffec14ea fixup! Remove the self-build stub, because self-build was not implemented 2023-02-06 16:36:49 +01:00
jakicoll be634168ac Make the linter happy. 2023-02-06 16:29:25 +01:00
jakicoll f3ca4a0632 Remove unnecessary comment. 2023-02-06 16:28:57 +01:00
jakicoll 7848d865a5 Also define the vars to be overwritten in group vars within the role vars. 2023-02-06 16:28:56 +01:00
Paul N 70bea81df7 Introduced flags to (1) enable/disable Auth (2) enable/disable openid_server_name pinning. Updated validate_config.yml and added new checks to verify. 2023-02-06 15:59:32 +01:00
Paul N 96dd86d33b Set default values where sensible and remove unnecessary conditionals in .env.j2. 
Check for empty string instead of Null to verify if an openid_server_name is pinned.
 2023-02-06 15:26:08 +01:00
jakicoll 6b206b3763 Move checks into validate_config.yml. 2023-02-06 15:21:10 +01:00
jakicoll 6499b6536a Decoupling: Do not use variables user-verification-service role inside the jitsi role. 2023-02-06 15:18:25 +01:00
Paul N 50c1e9d695 Set matrix_user_verification_service_uvs_homeserver_url in the role defaults and updated docs accordingly. 2023-02-06 13:14:34 +01:00
jakicoll 0e0ae2f3e6 Assign default log level in role instead of matrix_servers file. 2023-02-06 13:04:06 +01:00
jakicoll bf5e633656 Remove the self-build stub, because self-build was not implemented 2023-02-06 12:57:20 +01:00
Paul N b89f5b7ff5
Clarify task name and add user and group to templated env file 
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2023-02-06 12:47:50 +01:00
Jakob S 6913d368c8
Consolidate conditionals into a block, keep image 
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2023-02-06 12:38:01 +01:00
Slavi Pantaleev 8155f780e5 Add support for reverse-proxying Matric (Client & Federation) via Traefik 2023-02-06 13:08:11 +02:00
Slavi Pantaleev f983604695 Initial work on Traefik support 
This gets us started on adding a Traefik role and hooking Traefik:

- directly to services which support Traefik - we only have a few of
  these right now, but the list will grow

- to matrix-nginx-proxy for most services that integrate with
  matrix-nginx-proxy right now

Traefik usage should be disabled by default for now and nothing should
change for people just yet.

Enabling these experiments requires additional configuration like this:

```yaml
devture_traefik_ssl_email_address: '.....'

matrix_playbook_traefik_role_enabled: true
matrix_playbook_traefik_labels_enabled: true

matrix_ssl_retrieval_method: none

matrix_nginx_proxy_https_enabled: false

matrix_nginx_proxy_container_http_host_bind_port: ''
matrix_nginx_proxy_container_federation_host_bind_port: ''

matrix_nginx_proxy_trust_forwarded_proto: true

matrix_nginx_proxy_x_forwarded_for: '$proxy_add_x_forwarded_for'

matrix_coturn_enabled: false
```

What currently works is:
reverse-proxying for all nginx-proxy based services **except** for the Matrix homeserver
(both Client-Server an Federation traffic for the homeserver don't work yet)
 2023-02-06 10:34:51 +02:00
Slavi Pantaleev 4d6a8d049d Add matrix_nginx_proxy_container_network variable 2023-02-06 08:48:11 +02:00
Slavi Pantaleev e018663ba4 Attach ma1sd/nginx-proxy/synapse-reverse-proxy-companion to additional networks in a better way 
Switching from doing "post-start" loop hacks to running the container
in 3 steps: `create` + potentially connect to additional networks + `start`.
This way, the container would be connected to all its networks even at
the very beginning of its life.
 2023-02-06 08:38:43 +02:00
Slavi Pantaleev be78b74fbd Switch from matrix-prometheus-postgres-exporter to an external prometheus_postgres_exporter role 2023-02-05 10:32:09 +02:00
Slavi Pantaleev 2d7d5d4bab Use new security-opt syntax (: -> =) 
Related to https://docs.docker.com/engine/deprecated/#separator--of---security-opt-flag-on-docker-run
 2023-02-03 20:36:24 +02:00
Catalan Lover 4d49f1f56e
Update Prometheus to v2.42.0 from v2.41.0 
Docker images are released now so this change can now be pushed.
 2023-02-02 16:00:07 +01:00
Aine c11f772e78
Fix python packages path in synapse container 2023-01-31 21:34:25 +00:00
Slavi Pantaleev 7cb140b987
Downgrade Prometheus (v2.42.0 -> v2.41.0) until a container image gets published 
Container image not published yet.

Reverts #2438
 2023-01-31 23:24:20 +02:00
Slavi Pantaleev d42ef7d243
Merge pull request #2439 from etkecc/patch-160 
Update synapse 1.75.0 -> 1.76.0; default room version 9 -> 10
 2023-01-31 22:44:04 +02:00
Slavi Pantaleev c8ce83c725
Merge pull request #2438 from etkecc/patch-159 
Update prometheus 2.41.0 -> 2.42.0
 2023-01-31 22:43:34 +02:00
Aine 0f208ed053
Update synapse 1.75.0 -> 1.76.0; default room version 9 -> 10 2023-01-31 19:19:43 +00:00
Aine 82d870fddf
Update prometheus 2.41.0 -> 2.42.0 2023-01-31 19:16:52 +00:00
Aine 5300740f70
Update element 1.11.21 -> 1.11.22 2023-01-31 19:11:07 +00:00
Slavi Pantaleev c7767e9bc8 Upgrade Coturn (4.6.1-r0 -> 4.6.1-r1) 2023-01-31 20:25:59 +02:00
Slavi Pantaleev 66bb2943b4
Merge pull request #2436 from etkecc/patch-157 
Update jitsi stable-8218 -> stable-8252
 2023-01-31 18:03:08 +02:00
Aine 68ca23d709
Update jitsi stable-8218 -> stable-8252 2023-01-31 14:02:50 +00:00
Aine d70076c805
Update element 1.11.20 -> 1.11.21 2023-01-31 14:01:11 +00:00
Aine 8c2b77bf0c
Update cinny 2.2.3 -> 2.2.4 2023-01-30 07:07:09 +00:00
Slavi Pantaleev 611a74bde2 Use |to_json in mautrix metrics configuration 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2427
 2023-01-30 08:59:35 +02:00
Slavi Pantaleev d82d0ad84b Add _metrics_proxying_enabled variables to mautrix bridges 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2427

`metrics_enabled` should only expose the metrics locally, on the
container network, so that a local Prometheus can consume them.

Exposing them publicly should be done via a separate toggle (`metrics_proxying_enabled`).
This is how all other roles work, so this makes these mautrix roles consistent with the rest.
 2023-01-30 08:50:57 +02:00
Slavi Pantaleev cad83ddca6
Merge pull request #2427 from alemairebe/mautrix-metrics 
Mautrix metrics
 2023-01-30 08:36:40 +02:00
Slavi Pantaleev f9a496c29c
Merge pull request #2432 from shalzz/patch/slack 
mautrix-slack: add team name in channel name template
 2023-01-30 08:27:48 +02:00
Shaleen Jain df9931f719 mautrix-slack: add team name in channel name template 2023-01-30 10:17:19 +05:30
Slavi Pantaleev 389d6c978f
Merge pull request #2431 from etkecc/patch-154 
Update borgmatic 1.7.5 -> 1.7.6
 2023-01-29 21:51:42 +02:00
Slavi Pantaleev 5482a9d5d0
Merge pull request #2429 from etkecc/patch-152 
Update mautrix-discord latest -> 0.1.0
 2023-01-29 21:02:39 +02:00
Aine 4f69b22a6e
Update borgmatic 1.7.5 -> 1.7.6 2023-01-29 18:14:41 +00:00
Aine a9a17d803e
Update maubot 0.3.1 -> 0.4.0 2023-01-29 18:12:26 +00:00
Aine 111303208a
Update mautrix-discord latest -> 0.1.0 2023-01-29 18:11:33 +00:00
Adrien le Maire 9eaf6944e3 add nginx proxy connfig for mautrix metrics 2023-01-29 15:17:31 +01:00
Adrien le Maire 691ef13cab template metric toggle for mautrix bridges supporting it 2023-01-29 09:45:52 +01:00
Slavi Pantaleev e588c42088 Improve synapse-admin reverse-proxying fix 
Fixup for 6a31fba346
 2023-01-28 17:09:27 +02:00
Slavi Pantaleev 6a31fba346 Fix synapse-admin reverse-proxying regression caused by 0.8.6 
Related to f165aa5d48

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2424
 2023-01-28 17:04:55 +02:00
Aine f165aa5d48
Update synapse-admin 0.8.5 -> 0.8.6 2023-01-28 07:54:52 +00:00
bertybuttface 7b5ced3037
Fix linting issue. 2023-01-27 19:02:14 +00:00
bertybuttface d66a2949f6
Update env.j2 
Use matrix_bot_chatgpt_context for CHATGPT_CONTEXT
 2023-01-27 18:57:24 +00:00
bertybuttface 7e1408ea65
Bump ChatGPT version and add new config settings 
matrix_bot_chatgpt_context=thread
 2023-01-27 18:55:13 +00:00
Slavi Pantaleev 430a55902c
Merge pull request #2420 from bertybuttface/patch-1 
Upgrade matrix-chatgpt-bot to latest
 2023-01-27 08:57:16 +02:00
Slavi Pantaleev 784043cc5d
Ensure OPENAI_PRO is true/false (not True/False) 2023-01-27 08:55:38 +02:00
Slavi Pantaleev 867737fe0b Upgrade Grafana (9.3.4 -> 9.3.6) 2023-01-26 17:42:03 +02:00
Slavi Pantaleev aafa8f019c Allow matrix_coturn_docker_network to be set to 'host' to use host-networking 
This helps large deployments which need to open up thousands of ports
(matrix_coturn_turn_udp_min_port, matrix_coturn_turn_udp_min_port)

On a test VM, opening 1k ports takes 17 seconds for Docker to "publish"
all of these ports (setting up forwarding rules with the firewall, etc),
so service startup and shutdown take a long amount of time.

If host-networking is used, there's no need to open any ports at all
and startup/shutdown can be quick.
 2023-01-26 17:35:30 +02:00
Slavi Pantaleev bb0faa6bc3 Block various private network ranges via denied_peer_ips for Coturn by default 
Inspired by: https://www.rtcsec.com/article/cve-2020-26262-bypass-of-coturns-access-control-protection/
 2023-01-26 17:35:30 +02:00
Slavi Pantaleev 773cb7d37e Make no-tcp-relay Coturn configuration property configurable 2023-01-26 17:35:30 +02:00
Slavi Pantaleev bf23d63f82 Add matrix_coturn_additional_configuration 2023-01-26 17:35:30 +02:00
Slavi Pantaleev 4c9f96722f Add no-multicast-peers to Coturn config by default 
Part of a security hardening provoked by:
https://www.rtcsec.com/article/cve-2020-26262-bypass-of-coturns-access-control-protection/
 2023-01-26 17:35:30 +02:00
bertybuttface 18c3903def
Update env.j2 
Set OPEN_AI to matrix_bot_chatgpt_openai_pro
 2023-01-26 15:12:36 +00:00
bertybuttface ad58858a96
Upgrade matrix-chatgpt (1.2.3 -> 1.3.2) 
Add support for OPENAI_PRO for ChatGPT pro subscriptions.
 2023-01-26 15:09:24 +00:00
rhys d01de9f33d Fix lint errors 2023-01-25 12:07:00 +00:00
rhys 547b01d618 Added option to allow user to set jigasi user and password for AUTH 2023-01-25 12:02:40 +00:00
Aine 6afd3c59eb
Update grafana 9.3.2 -> 9.3.4 2023-01-25 08:39:47 +00:00
Array in a Matrix 47165e8902
updated dendrite version 2023-01-24 15:50:06 -05:00
Slavi Pantaleev 54e5e4b6b9
Merge pull request #2416 from moan0s/fix_cactus_comments 
Fix client js and css download (load compiled version)
 2023-01-22 09:10:16 +02:00
Slavi Pantaleev c4d1347466
Fix typos 2023-01-22 09:08:47 +02:00
Julian-Samuel Gebühr 18d8d41e14 Fix client js and css download (load compiled version) 2023-01-21 20:54:12 +01:00
Slavi Pantaleev 9ed2e04d80 Switch from matrix-prometheus-node-exporter to an external prometheus_node_exporter role 2023-01-21 11:07:04 +02:00
Slavi Pantaleev 5f7ed722f6
Merge pull request #2415 from etkecc/patch-148 
Update hookshot 2.6.1 -> 2.7.0
 2023-01-20 22:40:54 +02:00
Aine 32292b1f02
Update hookshot 2.6.1 -> 2.7.0 2023-01-20 18:39:05 +00:00
Aine b71e267221
Update element 1.11.19 -> 1.11.20 2023-01-20 18:38:14 +00:00
Aine 8804a15821
Update element 1.11.18 -> 1.11.19 2023-01-19 05:10:49 +00:00
Vladimir Panteleev 6c332da7d3
Fix ChatGPT container 
This container needs a writable $HOME, and will fail at startup if
there isn't one.

Provide one by pointing HOME to a path under the mounted /data
directory.
 2023-01-19 01:21:44 +00:00
Aine 63a3764f51
Update element 1.11.17 -> 1.11.18 2023-01-18 15:45:04 +00:00
Slavi Pantaleev 70a35f17fe
Merge pull request #2402 from etkecc/patch-144 
Update buscarron v1.3.0 -> v1.3.1
 2023-01-18 16:33:00 +02:00
Aine 2fc02abfdc
Update buscarron v1.3.0 -> v1.3.1 2023-01-18 13:52:44 +00:00
Aine 903db54959
Update postmoogle 0.9.10 -> 0.9.11 2023-01-18 13:37:03 +00:00
Slavi Pantaleev 424f79df3a Replace synapse.app.pusher and synapse.app.federation_sender with synapse.app.generic_worker 
Related to https://github.com/matrix-org/synapse/commit/3479599387164aca2613e88d169719
 2023-01-17 15:55:57 +02:00
Slavi Pantaleev 34745b5206 Upgrade Synapse (v1.74.0 -> v1.75.0) 2023-01-17 15:53:26 +02:00
Slavi Pantaleev 3ff6e755a9 Upgrade Hookshot (2.6.0 -> 2.6.1) 2023-01-16 18:52:22 +02:00
Aine e053b2b0fc
update mautrix-whatsapp 0.8.0 -> 0.8.1 2023-01-16 13:17:02 +00:00
Aine 5c8bad6091
update borg image tag 2023-01-16 12:11:01 +02:00
Slavi Pantaleev 34c448c3bb Upgrade Cinny (2.2.2 -> 2.2.3) 2023-01-15 11:07:19 +02:00
Aine d1b4a6ebe1
unify docker images urls 2023-01-14 15:26:58 +02:00
Slavi Pantaleev 5d10001712
Merge pull request #2394 from etkecc/patch-141 
Update hookshot 2.5.0 -> 2.6.0
 2023-01-13 18:40:42 +02:00
Aine 627d8557ae
Update hookshot 2.5.0 -> 2.6.0 2023-01-13 16:31:19 +00:00
Aine e8c6267e9a
Update jitsi stable-8138-1 -> stable-8218 2023-01-13 16:30:18 +00:00
Slavi Pantaleev ae1ad3baf6 Improve block tasks indentation to make yamllint happy 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2392
 2023-01-13 18:17:52 +02:00
Slavi Pantaleev 673ee508dc Upgrade matrix-chatgpt (1.2.2 -> 1.2.3) 2023-01-12 11:25:00 +02:00
Slavi Pantaleev ab8cb21a45 Upgrade matrix-chatgpt (1.2.1 -> 1.2.2) 2023-01-11 19:25:07 +02:00
Slavi Pantaleev 17438bd0dd Upgrade mjolnir (v1.6.3 -> v1.6.4) 2023-01-11 19:24:35 +02:00
Slavi Pantaleev 0c472c172e Upgrade mjolnir (v1.6.1 -> v1.6.3) 2023-01-11 13:51:35 +02:00