diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 5e7c58a2..7e86de6f 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -11,7 +11,9 @@ matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.en matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" +matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" matrix_bot_maubot_container_data_dir: "/data" +matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 36871079..7c651ea2 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -9,18 +9,56 @@ group: "{{ matrix_user_groupname }}" with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - - - {path: "{{ matrix_bot_maubot_data_path }}", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: true} when: "item.when|bool" - name: Ensure maubot configuration file created template: src: "{{ role_path }}/templates/config/config.yaml.j2" - dest: "{{ matrix_bot_maubot_base_path }}/config.yaml" + dest: "{{ matrix_bot_maubot_data_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" mode: "u=rwx" +- name: Generate Maubot proxying configuration for matrix-nginx-proxy + set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-maubot:{{ matrix_bot_maubot_port }}/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + +- name: Register Maubot's proxying configuration with matrix-nginx-proxy + set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + +- name: Warn about reverse-proxying if matrix-nginx-proxy not used + debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_nginx_proxy_enabled is not defined" + + - name: Ensure maubot image is pulled docker_image: name: "{{ matrix_bot_maubot_docker_image }}" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index 3a3c3a0c..8a7a09ed 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -25,7 +25,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - -p 29316:29316 \ + -p {{ matrix_bot_maubot_port }}:29316 \ {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 878a297d..2895ba14 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -45,17 +45,6 @@ {{ render_nginx_status_location_block(matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses) }} {% endif %} - {% if matrix_nginx_proxy_node_exporter_reverse_enabled %} - location /node-exporter/ { - resolver 127.0.0.11 valid=5s; - proxy_pass http://matrix-prometheus-node-exporter:9100/; - } - {% endif %} - {% if matrix_nginx_proxy_postgres_exporter_reverse_enabled %} - location /postgres-exporter/ { - resolver 127.0.0.11 valid=5s; - proxy_pass http://matrix-prometheus-postgres-exporter:9187/; - } {% if matrix_nginx_proxy_proxy_matrix_metrics_enabled %} location /metrics { {% if matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled %} diff --git a/setup.yml b/setup.yml index 79c37741..38c32574 100755 --- a/setup.yml +++ b/setup.yml @@ -39,6 +39,7 @@ - matrix-bridge-hookshot - matrix-bot-matrix-reminder-bot - matrix-bot-matrix-registration-bot + - matrix-bot-maubot - matrix-bot-buscarron - matrix-bot-honoroit - matrix-bot-go-neb @@ -66,4 +67,3 @@ - matrix-postgres-backup - matrix-backup-borg - matrix-common-after - - matrix-bot-maubot