Commit graph

2526 commits

Author SHA1 Message Date
Slavi Pantaleev f99dcd611f Pass proper UID/GID to Synapse
Fixes a regression caused by a5ee39266c.

If the user id and group id were different than 991:991
(which used to be a hardcoded default for us long ago),
there was a mismatch between what Synapse was trying to use (991:991)
and what it was actually started with (in `--user=..`). It was then
trying to change ownership, which was failing.

This was mostly affecting newer installations which were not using the
991:991 defaults we had long ago (since a1c5a197a9).
2021-03-19 16:44:10 +02:00
Slavi Pantaleev a5ee39266c Go through start.py when launching Synapse
This allows us to benefit from helpful things it does for us,
like enabling jemalloc: https://github.com/matrix-org/synapse/pull/8553

We weren't going through `start.py` before, because it was causing some
conflict with our `docker run --user=...` stuff, but it doesn't seem
to be a problem anymore.

Having done this, we won't need to do things like
https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/941
anymore.
2021-03-19 08:16:59 +02:00
Slavi Pantaleev 3f0550b5d9
Merge pull request #948 from chagai95/patch-1
fix typo
2021-03-18 08:59:47 +02:00
Slavi Pantaleev ff882ceb66
Merge pull request #950 from aaronraimist/x-forwarded-proto-federation
Set X-Forwarded-Proto on federation requests
2021-03-18 08:59:19 +02:00
Aaron Raimist 32b3650c12
Set X-Forwarded-Proto on federation requests 2021-03-17 18:51:10 -05:00
chagai95 07fb05a4ab
fix typo
ot -> to
2021-03-17 20:29:17 +01:00
Slavi Pantaleev 41c90d2087
Merge pull request #945 from pushytoxin/master
matrix.{{ matrix_domain }} -> {{ matrix_server_fqn_matrix }}
2021-03-17 14:20:42 +02:00
Béla Becker 2d7e7680e5 matrix.{{ matrix_domain }} -> {{ matrix_server_fqn_matrix }} 2021-03-17 12:36:45 +01:00
Slavi Pantaleev f4d0abbaf5
Merge pull request #944 from aaronraimist/blank-or-none
Also check if matrix_ssl_lets_encrypt_support_email is blank
2021-03-17 08:08:02 +02:00
Aaron Raimist 466827139a
Also check if matrix_ssl_lets_encrypt_support_email is blank 2021-03-17 00:54:05 -05:00
Slavi Pantaleev 97c0bf1a73
Merge pull request #942 from pushytoxin/etherpad1_8_12
Upgrade Etherpad (1.8.7 -> 1.8.12)
2021-03-16 20:07:34 +02:00
Béla Becker 60aa40845f Upgrade Etherpad (1.8.7 -> 1.8.12) 2021-03-16 18:55:58 +01:00
Slavi Pantaleev a872db07ee
Merge pull request #940 from Zir0h/master
Another field with 'invalid input syntax for type smallint'
2021-03-16 18:03:13 +02:00
Yannick Goossens 27416607d9 Another field with 'invalid input syntax for type smallint' 2021-03-16 16:38:59 +01:00
Slavi Pantaleev 93f79c63e1
Merge pull request #939 from GoMatrixHosting/master
GoMatrixHosting v0.3.1 hotfix!
2021-03-16 16:03:43 +02:00
Michael 739cd0e31d Merge remote-tracking branch 'upstream/master' 2021-03-16 21:54:59 +08:00
Michael 5a6bdb0c3d merge upstream 2021-03-16 21:52:26 +08:00
Michael 571b70a1f4 fix for running outside of AWX 2021-03-16 21:37:19 +08:00
Slavi Pantaleev c890e351fc Remove some whitespace 2021-03-16 09:56:29 +02:00
Slavi Pantaleev 011e95c1d2
Merge pull request #893 from GoMatrixHosting/master
matrix-awx - the GoMatrixHosting v0.3.0 initial PR
2021-03-16 08:40:15 +02:00
Slavi Pantaleev b46ef46663 Do not mention login before registration 2021-03-16 08:02:20 +02:00
Slavi Pantaleev 6cbfee539c Announce Go-NEB support 2021-03-16 07:54:26 +02:00
Slavi Pantaleev 6181861ffe
Merge pull request #929 from Zir0h/master
Added support for the Go-NEB bot
2021-03-16 07:49:53 +02:00
Slavi Pantaleev 38b3fbd6f9
Mention DNS setup
This may be especially helpful to existing playbook users
who happen to find themselves installing Go-NEB later on.
2021-03-16 07:49:43 +02:00
Slavi Pantaleev 9c5f4ef3e2
Merge pull request #937 from rakshazi/patch-1
Updated Element 1.7.22 -> 1.7.23
2021-03-15 18:02:04 +02:00
rakshazi 15fc7ac007
Updated Element 1.22 -> 1.23 2021-03-15 17:55:27 +02:00
Slavi Pantaleev c7e9f04756
Merge pull request #936 from irregulator/nginx_check_cors
matrix-nginx-proxy: specify Origin header, comply with CORS
2021-03-15 14:49:23 +02:00
Alexandros Afentoulis 28c255539c matrix-nginx-proxy: specify Origin header, comply with CORS
Self-checks against the .well-known URIs look for the HTTP header
"Access-Control-Allow-Origin" indicating that the remode endpoint
supports CORS. But the remote server is not required to include
said header in the response if the HTTP request does not include
the "Origin" header. This is in accordance with the specification
[1] stating: 'A CORS request is an HTTP request that includes an
"Origin" header.'

This is in fact true for Gitlab pages hosting and that's why the
issue was identified.

Let's specify "Origin" header in the respective uri tasks performing
the HTTP request and ensure a CORS request.

[1] https://fetch.spec.whatwg.org/#http-requests
2021-03-15 14:24:55 +02:00
Yannick Goossens 9f95cef494 Change value of client_secret to avoid confusion 2021-03-15 13:08:59 +01:00
Yannick Goossens bfe0ca6cf8 Update docs, remove hard coded matrix_domain 2021-03-15 13:04:31 +01:00
Slavi Pantaleev 7215fd4319
Merge pull request #933 from pmontepagano/fork/require-auth-synapse-configs
Adding vars to synapse for private servers
2021-03-15 08:03:43 +02:00
Michael 5a1f3b7d67 GMH v0.3.0 2021-03-14 14:35:38 +08:00
Pablo Montepagano 52fe8a05b0 Adding vars to synapse for private servers. 2021-03-14 00:39:44 -03:00
Yannick Goossens 7d6bf446a3 Added a link to the doc in the README 2021-03-12 16:57:49 +01:00
Yannick Goossens 86cf5d8c74 api_key doesn't seem to work for the imgur service, using client_id works 2021-03-12 15:57:23 +01:00
Yannick Goossens a640d8f9a6 Remove hard coded references to homeserver and matrix domain 2021-03-12 15:36:13 +01:00
Yannick Goossens 9689948e73 Use the matrix_domain var for the AcceptVerificationFromUsers field 2021-03-12 14:59:42 +01:00
Yannick Goossens 49028f1b05 Added |to_json to the config.yaml template 2021-03-12 14:55:57 +01:00
Yannick Goossens aaf93cb9fd Fix indentation spaces to tabs 2021-03-12 11:11:10 +01:00
Yannick Goossens 20c6bd686e Added the matrix_bot_go_neb_container_http_host_bind_port variable to allow the container to expose its listen port 2021-03-12 11:10:00 +01:00
Yannick Goossens ce14e3e8af Enable the bot in the role and disable it in the group_vars 2021-03-12 11:03:13 +01:00
Yannick Goossens 7d1d3b47bc Fix the description on the service file 2021-03-12 10:31:08 +01:00
Yannick Goossens 51e2547484 Added support for the Go-NEB bot 2021-03-11 19:23:01 +01:00
Slavi Pantaleev 9b72384df7 Upgrade Synapse (1.28.0 -> 1.29.0) 2021-03-08 17:24:09 +02:00
Slavi Pantaleev f0698ee641 Do not overwrite X-Forwarded-For when reverse-proxying to Synapse
We have a flow like this:
1. matrix.DOMAIN vhost (matrix-domain.conf)
2. matrix-synapse vhost (matrix-synapse.conf); or matrix-corporal container, if enabled
3. (optional) matrix-synapse vhost (matrix-synapse.conf), if matrix-corporal enabled
4. matrix-synapse container

We are setting `X-Forwarded-For` correctly in step #1, but were
overwriting it in step #2 with something inaccurate.

Not doing anything in step #2 is better than doing the wrong thing.
It's probably best if we append another reverse-proxy address there
though, although what we're doing now (with this patch) seems to yield
the correct result (when matrix-corporal is not enabled).

When matrix-corporal is enabled, we still seem to do the wrong thing for
some reason. It's something to be fixed later on.
2021-03-08 17:24:09 +02:00
Slavi Pantaleev 5516bc8896
Merge pull request #923 from aaronraimist/patch-1
Make steps in configuring-playbook.md numbered
2021-03-07 09:53:49 +02:00
Aaron Raimist df5cbcc2e1
Make steps in configuring-playbook.md numbered
instead of bullet points which make it more difficult to tell whether or not you completed all of the steps
2021-03-06 12:35:12 -06:00
Slavi Pantaleev 11f8b5f3a7
Merge pull request #916 from jokey2k/patch-2
Adjust wait timeout
2021-03-05 10:43:36 +02:00
Markus Ullmann be23249f4b
Adjust wait timeout
During first setup postgres takes its time to get up and running, resulting in "postgres in startup" exceptions from synapse if you run without additional services that come in between. Hence suggesting increasing the time a bit to avoid having an error which heals itself and thus is hard to spot for newcomers.
2021-03-02 20:07:59 +01:00
Slavi Pantaleev 7d1522d884 Add Ko-fi donation link 2021-03-02 13:29:04 +02:00