Commit graph

1216 commits

Author SHA1 Message Date
Slavi Pantaleev 1427286cec Integrate matrix-dynamic-dns with matrix-nginx-proxy without causing a dependency
We'd like the roles to be self-contained (as much as possible).

Thus, the `matrix-nginx-proxy` shouldn't reference any variables from
other roles. Instead, we rely on injection via
`group_vars/matrix_servers`.

Related to #681 (Github Pull Request)
2020-11-10 23:49:36 +02:00
Slavi Pantaleev 8782919d85 Ensure matrix_dynamic_dns_domain_configurations contains configurations
If `matrix_dynamic_dns_enabled`, we'd like to ensure there's at least
one configuration defined.

Related to #681 (Github Pull Request)
2020-11-10 23:49:36 +02:00
Slavi Pantaleev 97a7c8b0f0 Fix matrix_dynamic_dns_domain_configurations validation check
- `item` was undefined
- `'key' in configurations == ''` was doing the wrong thing

Related to #681 (Github Pull Request)
2020-11-10 23:49:36 +02:00
Slavi Pantaleev fef44b93d3 Define the matrix_dynamic_dns_domain_configurations variable in the role
Having it unset in the role itself (while referencign it) is a little strange.

Now people can look at the `roles/matrix-dynamic-dns/defaults/main.yml`
file and figure out everything that's necessary to run the role.

Related to #681 (Github Pull Request)
2020-11-10 23:49:36 +02:00
Aaron Raimist 31619e0968
Upgrade Element (1.7.12 -> 1.7.13) 2020-11-10 11:27:15 -06:00
Slavi Pantaleev 235299939d Upgrade nginx (1.19.3 -> 1.19.4) 2020-11-10 09:30:00 +02:00
Scott Crossen 59bb6b2971 responded to reviewer comments 2020-11-09 13:32:58 -08:00
Scott Crossen e894befd87 Updates to reviewer comments 2020-11-07 17:53:13 -08:00
Slavi Pantaleev 350c39d745 Update comment 2020-11-02 11:13:25 +02:00
Slavi Pantaleev ef68d3d296 Add support for reverse-proxying /_synapse/oidc
This broke in 63a49bb2dc.

Proxying the OpenID Connect endpoints is now possible,
but needs to be enabled explicitly now.

Supersedes #702 (Github Pull Request).

This patch builds up on the idea from that Pull Request,
but does things in a cleaner way.
2020-11-02 11:10:03 +02:00
Slavi Pantaleev 5c91e56898 Upgrade Synapse (v1.22.0 -> v1.22.1) 2020-10-30 19:35:55 +02:00
Aaron Raimist c33d007306
Switch to the new vectorim/element-web Docker image 2020-10-29 11:46:58 -05:00
Slavi Pantaleev c1c6eaefff Upgrade Element (1.7.10 -> 1.7.12) 2020-10-28 17:34:39 +02:00
Slavi Pantaleev 9a46647010 Make https://matrix.DOMAIN/ redirect to https://element.DOMAIN/
Fixes #696 (Github Issue)
2020-10-28 10:39:12 +02:00
Slavi Pantaleev 4700e80389 Raise standalone default Matrix Client API client_max_body_size
We do this to match Synapse's new default "max_upload_size" (50MB).

This `matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb`
default value only affects standalone usage of the `matrix-nginx-proxy`
role. When the role is used in the context of the playbook,
the value is dynamically assigned from `group_vars/matrix_servers`.

Somewhat related to #692 (Github Issue).
2020-10-28 10:02:47 +02:00
Slavi Pantaleev ef07aa8e5d Prevent certain nginx location blocks from being ignored
The regex introduced in 63a49bb2dc seems to take precedence
over the bare location blocks, causing a regression.

> It is important to understand that, by default, Nginx will serve regular expression matches in preference to prefix matches.
> However, it evaluates prefix locations first, allowing for the administer to override this tendency by specifying locations using the = and ^~ modifiers.

Source: https://www.digitalocean.com/community/tutorials/understanding-nginx-server-and-location-block-selection-algorithms
2020-10-28 09:38:04 +02:00
Slavi Pantaleev 70f0b97a0a Upgrade Synapse (v1.21.2 -> v1.22.0) 2020-10-27 14:24:02 +02:00
Slavi Pantaleev 63a49bb2dc Do not expose /_synapse/admin publicly by default
Fixes #685 (Github Issue).
2020-10-26 10:36:38 +02:00
Slavi Pantaleev 24c6d7e81f Upgrade Element (1.7.9 -> 1.7.10) 2020-10-20 19:06:16 +03:00
Scott Crossen 94dcceb7b9 removed intentional delay 2020-10-19 11:26:37 -07:00
Scott Crossen efeb651789 Removed typo 2020-10-19 11:25:01 -07:00
Scott Crossen e7d79a95dc removed platform-specific stuff 2020-10-19 10:46:02 -07:00
Scott Crossen 19721be8b1 removed dhcp option 2020-10-18 21:05:32 -07:00
Scott Crossen de1511b4bb Fixed valdiation 2020-10-16 21:31:07 -07:00
Scott Crossen 806f98447c Removed directory creation 2020-10-16 21:26:58 -07:00
Scott Crossen 51cca4c312 Added containerization 2020-10-16 21:21:58 -07:00
Tobias Küchel 1cf5b1d80f e2ee_backup: rename variables to be consistent with naming scheme 2020-10-16 09:24:50 +02:00
Tobias Küchel 5158fa4df9 e2ee_backup_methods: rather leave the default empty, so that the system default may apply 2020-10-16 08:50:16 +02:00
Tobias Küchel 8f7e21892d fix indentation, updated to proposed changes from Slavi: no more ifdef 2020-10-16 08:47:37 +02:00
Tobias Küchel 4cfa112755 update default backup_methods as proposed by the system anyway 2020-10-16 08:44:04 +02:00
Tobias Küchel 6599204334 fix commata not being set when secure_backup_required false 2020-10-16 08:20:22 +02:00
Tobias Küchel 48f929dc91 add variables for secure_backup_required and secure_backup_setup_methods 2020-10-16 00:32:00 +02:00
Slavi Pantaleev f7ecc7a2a5 Upgrade Synapse (v1.21.1 -> v1.21.2) 2020-10-15 17:42:52 +03:00
jgbresson 640166e4c3
Upgrade Element (1.7.8 -> 1.7.9) 2020-10-15 00:09:54 -04:00
Dan Arnfield b65bfc38ce Update nginx (1.19.2 -> 1.19.3) 2020-10-14 06:23:33 -05:00
Scott Crossen 53bc7a77e1 fixed EOF issues 2020-10-13 16:47:09 -07:00
Scott Crossen fa5d85426b Renamed systemd descriptions for all bridges 2020-10-13 16:40:30 -07:00
Scott Crossen 1f988969a5 Added role for dynamic dns 2020-10-13 16:26:57 -07:00
Slavi Pantaleev 5abd511368 Upgrade Synapse (v1.21.0 -> v1.21.1) 2020-10-13 13:08:25 +03:00
Slavi Pantaleev d250727e8b Upgrade certbot (1.7.0 -> 1.9.0) 2020-10-13 09:44:32 +03:00
Aaron Raimist 78529cbd47
Upgrade Synapse (v1.20.1 -> v1.21.0) 2020-10-12 23:59:34 -05:00
Fanch 1a9cafa3a3 add run-docker-prune command 2020-10-10 04:11:26 +02:00
Slavi Pantaleev 6a72e3fa54 Try to make importing SQLite from older Synapse version work
If the SQLite database was from an older version of Synapse, it appears
that Synapse would try to run migrations on it first, before importing.
This was failing, because the file wasn't writable.

Hopefully, this fixes the problem.
2020-10-07 08:54:46 +03:00
Slavi Pantaleev 23daec748c Require Ansible v2.7 or newer (because of items2dict and dict2items)
Interestingly, no one has reported this failure before #662 (Github
Issue).

It doesn't make sense to keep saying that we support such old Ansible
versions, when we're not even testing on anything close to those.

Time is also passing and such versions are getting more and more
ancient. It's time we bumped our requirements to something that is more
likely to work.
2020-10-02 11:53:19 +03:00
Slavi Pantaleev 07fa8404bf Upgrade matrix-corporal (1.10.1 -> 1.11.0) 2020-10-01 18:30:30 +03:00
Slavi Pantaleev 9e8c14bf65
Merge pull request #660 from clemsos/master
Element web : update welcome page template
2020-10-01 09:44:48 +03:00
Dan Arnfield 3a3383fada Add support for postgres 13 2020-09-30 16:50:59 -05:00
Slavi Pantaleev 43c5f3ec6e Do not create /home/matrix when creating the matrix user 2020-09-29 18:14:37 +03:00
Clement Renaud ac3ba1d919 element web : update welcome page template 2020-09-29 12:33:47 +02:00
Slavi Pantaleev 7eb8192a51 Comlain about version requirement on Ansible v1
I don't believe Ansible v1 would even go as far as executing this
sanity check, but.. Adding an extra defensive check for completeness.
2020-09-29 12:37:39 +03:00
Slavi Pantaleev 3d702fe03b Avoid set_fact with error message to prevent confusion 2020-09-29 12:23:39 +03:00
Slavi Pantaleev 3818d82852 Upgrade Element (1.7.7 -> 1.7.8) 2020-09-28 22:20:36 +03:00
Slavi Pantaleev 263727095d
Merge pull request #657 from cnvandijk/feature-client-well-known
Client well known compatibility
2020-09-28 09:19:25 +03:00
Slavi Pantaleev 3e2f0a4240 Upgrade matrix-synapse-admin (0.4.1 -> 0.5.0)
Related to #658 (Github Issue).
2020-09-28 09:11:05 +03:00
Chris van Dijk b9c8d059d0 Support both the im.vector.riot and io.element variants in client .well-known
According to the docs, "e2ee" is already under "io.element":
  https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md#disabling-encryption-by-default
however "jitsi" is still under "im.vector.riot":
  https://github.com/vector-im/element-web/blob/develop/docs/jitsi.md#configuring-element-to-use-your-self-hosted-jitsi-server

For now let's just maintain backward and forward compatibility for both
settings since the client version is out of the control of this
playbook.
2020-09-26 16:57:02 +00:00
Chris van Dijk f6b0f0a477 Rename matrix_riot_jitsi_preferredDomain and matrix_riot_e2ee_default to Element 2020-09-26 16:24:09 +00:00
Slavi Pantaleev 9fba46e694
Merge pull request #655 from aaronraimist/element-showLabs
Allow configuration of Element's bug_report_endpoint_url and showLabsSettings
2020-09-25 12:02:29 +03:00
Aaron Raimist dc2def914e
Allow configuration of Element's bug_report_endpoint_url and showLabsSettings
showLabsSettings is the new enableLabs I guess. enableLabs doesn't seem to do anything anymore. It had been deprecated for a while.

This PR also removes @riot-bot:matrix.org as the default welcome_user_id since it doesn't exist anymore.
2020-09-24 18:37:31 -05:00
Slavi Pantaleev e68450f094 Upgrade Synapse (v1.20.0 -> v1.20.1) 2020-09-24 18:43:54 +03:00
Slavi Pantaleev 329fef048f Upgrade matrix-corporal (1.10.0 -> 1.10.1) 2020-09-22 19:43:23 +03:00
Slavi Pantaleev 32ac4706cb Upgrade matrix-corporal (1.9.0 -> 1.10.0) 2020-09-22 19:28:27 +03:00
Slavi Pantaleev dd217137b6 Upgrade Synapse (v1.19.3 -> v1.20.0) 2020-09-22 19:28:07 +03:00
Slavi Pantaleev 65e22a6888 Upgrade Synapse (v1.19.2 -> v1.19.3) 2020-09-18 17:37:04 +03:00
Slavi Pantaleev 6db3a46f88
Merge pull request #650 from dwiegreffe/master
New docker image appservice-slack
2020-09-18 14:31:39 +03:00
Daniel Wiegreffe b3926e7cca
Update main.yml 2020-09-18 13:26:07 +02:00
Slavi Pantaleev e10e3e354d Upgrade Synapse (v1.19.1 -> v1.19.2) 2020-09-16 16:35:17 +03:00
Dan Arnfield faa96ca0c3 Update element (1.7.5 -> 1.7.7) 2020-09-15 06:15:30 -05:00
Daniel Wiegreffe 8f41041f6d replacement of the docker image for appservice-slack to the officially maintained image 2020-09-15 09:11:56 +02:00
Scott Crossen b24333dd0f
Use the same naming convention as the other mx-puppet suite. 2020-09-14 11:11:30 -07:00
Slavi Pantaleev 6e8a39119b Update matrix-reminder-bot (0.1.0 -> 0.2.0) 2020-09-14 10:19:47 +03:00
0hlov3 c19abe4a76 Changes matrix_dimension_integrations_ui_url from /riot to /element https://dimension.t2bot.io/ 2020-09-13 04:19:19 +02:00
Slavi Pantaleev 5bb2c43502 Add support for enabling Jitsi lobby
Related to #643 (Github Issue)
2020-09-10 09:08:45 +03:00
Slavi Pantaleev 2a1ec38e3a Stop using Ansible's cron module
This is mainly to address SSL renewal not working for us due to:
- https://github.com/ansible/ansible/issues/71213
- https://github.com/ansible/ansible/pull/71207

Using the cron module was hacky anyway. We shouldn't need an extra
level of buggy abstraction to manage a cronjob file.
2020-09-06 10:49:19 +03:00
Slavi Pantaleev bed16fd065 Upgrade Element (1.7.4 -> 1.7.5) 2020-09-01 20:51:51 +03:00
Slavi Pantaleev 6def66940f Fix broken cover photo for matrix-registration 2020-09-01 18:17:04 +03:00
Slavi Pantaleev da38a7869f Add matrix-registration support 2020-09-01 13:46:05 +03:00
Slavi Pantaleev a456e3a9e7 Surface certain messages at the end of playbook execution
Fixes #106 (Github Issue).
2020-09-01 13:12:35 +03:00
Slavi Pantaleev e3dca2f66f Try to avoid Docker logs growing too much for one-off containers
We recently had a report of the Postgres backup container's log file
growing the size of /var/lib/docker until it ran out of disk space.

Trying to prevent similar problems in the future.
2020-09-01 09:03:48 +03:00
Slavi Pantaleev 3c285bc6f5 Install lsb-release on Debian distros if unavailable
Certain more-minimal Debian installations may not have
lsb-release installed, which makes the playbook fail.

We need lsb-release on Debian, so that ansible_lsb
could tell us if this is Debian or Raspbian.
2020-08-27 13:58:35 +03:00
Slavi Pantaleev 6e9600ffec Upgrade Synapse (v1.19.0 -> v1.19.1) 2020-08-27 12:59:11 +03:00
Slavi Pantaleev daf13107a0 Add support for rust-synapse-compress-state 2020-08-21 13:53:39 +03:00
Slavi Pantaleev b4a549b772 Upgrade Element (1.7.3 -> 1.7.4) 2020-08-17 17:03:19 +03:00
Slavi Pantaleev 9952ec6c16 Upgrade Synapse (v1.18.0 -> v1.19.0) 2020-08-17 17:02:40 +03:00
Slavi Pantaleev fc1655cd4b
Merge pull request #633 from thedanbob/certbot-1.7.0
Update certbot (1.6.0 -> 1.7.0)
2020-08-17 16:47:12 +03:00
Slavi Pantaleev 5abbeb75c9
Merge pull request #632 from thedanbob/nginx-1.19.2
Update nginx (1.19.1 -> 1.19.2)
2020-08-17 16:44:37 +03:00
Dan Arnfield c8754f422a Update certbot (1.6.0 -> 1.7.0) 2020-08-16 15:01:13 -05:00
Dan Arnfield 8d373409b8 Update nginx (1.19.1 -> 1.19.2) 2020-08-16 14:59:48 -05:00
Dan Arnfield 20eea648a5 Update postgres versions (12.3 -> 12.4, etc) 2020-08-16 14:41:40 -05:00
Justin Croonenberghs 31e2a1f06b
Undo ill-advised change
In #628 I proposed a CORS change that turns out not to be the root of the issue. Caffeine-addled diagnosis leads to sloppy thinking, and this change should be reverted. In fact, if left it will cause problems for new installations.
2020-08-09 14:20:37 -05:00
Justin Croonenberghs c5d18733d2
Update CORS for ma1sd
Even with the v2 updates listed in #503 and partially addressed in #614, this is still needed to enable identity services to function with Element Desktop/Web. Testing on multiple clients with a clean config has confirmed this, at least for my installation.
2020-08-08 23:19:07 -05:00
Slavi Pantaleev e6dd0fbaee Upgrade Element (1.7.2 -> 1.7.3) 2020-08-06 19:25:52 +03:00
merklaw fa6d85636f Add note about installing 'docker' Python package if Docker installation is disabled 2020-08-05 17:35:25 +02:00
merklaw 87df15441c Add note about installilng 'docker' Python package if Docker installation is disabled 2020-08-05 17:31:16 +02:00
Slavi Pantaleev 4b0a462aef
Merge pull request #620 from NachvollCiba/synapse-admin_selfbuild
Allow self-build images for Synapse-Admin
2020-08-04 17:23:30 +03:00
Dennis Ciba b22b593d83 Changed setup of synapse-admin to allow for self-build images 2020-08-04 15:42:00 +02:00
Slavi Pantaleev 54195b22c7 Allow framing Jitsi
Hopefully fixes a regression caused by b106a9592e.

Related to #597 (Github Pull Request).
2020-08-04 16:08:11 +03:00
benkuly 7755e5efd4
Update sms-bridge (0.3.1 -> 0.3.2) 2020-07-30 16:25:07 +03:00
Slavi Pantaleev f78a5d4ee8 Upgrade Synapse (v1.17.0 -> v1.18.0) 2020-07-30 14:21:44 +03:00
Slavi Pantaleev a7382924fc
Merge pull request #614 from vractal/enable-ma1sd-hashing
Enable ma1sd hashing by default
2020-07-30 09:30:06 +03:00
Slavi Pantaleev 68b2f2c33c
Merge pull request #613 from vractal/fix-gpg-dep
Replace gpg dependency for gnupg for debian compatibility
2020-07-30 09:29:25 +03:00