jowj/matrix-docker-ansible-deploy
1
0
Fork 0
forked from mirrors/matrix-docker-ansible-deploy
Code Issues Pull Requests Releases Wiki Activity
6,629 Commits 1 Branch 0 Tags 15 MiB
8c76d26788
Commit Graph

4013 Commits

Author SHA1 Message Date
Array in a Matrix
d0aa5a1f6a
Update main.yml 2023-03-13 16:11:16 -04:00
array-in-a-matrix
734848a27b added full text search for dendrite 2023-03-13 15:54:07 -04:00
array-in-a-matrix
40f067148d added dynamic thumbnails var 2023-03-13 15:28:58 -04:00
Slavi Pantaleev
cf7f9701b7 urlencode matrix_synapse_auto_compressor_database_username/matrix_synapse_auto_compressor_database_password 2023-03-13 11:59:14 +02:00
Slavi Pantaleev
bb89d7b3fb Fix self-building for matrix-synapse-auto-compressor 2023-03-12 10:39:19 +02:00
Slavi Pantaleev
328d0d8a5f Move synapse-auto-compressor Postgres argument to an environment variable 
This provides an additional security benefit. The password won't leak in
the process list anymore.
 2023-03-12 10:18:33 +02:00
Slavi Pantaleev
26d5719df4 Make matrix-synapse-auto-compressor live in its own container network 
It will, additionally, be connected to the devture-postgres network, if
devture-postgres is enabled.
 2023-03-12 10:18:33 +02:00
Slavi Pantaleev
0f2e568b30 Add validation tasks to matrix-synapse-auto-compressor 2023-03-12 10:18:33 +02:00
Slavi Pantaleev
b28d779c6c Add matrix-synapse-auto-compressor section in group_vars/matrix_servers 2023-03-12 09:48:46 +02:00
Aine
bf3677a9b5
add synapse_auto_compressor 2023-03-10 23:48:43 +02:00
Joe Kappus
f2ebb5a91d
Bump ChatGPT version and add new config settings 
OpenAI changed the model a month ago and broke the bot.
This bump fixes it and adds the default model.
 2023-03-09 00:02:54 -05:00
Aine
cdb1452d17
Update jitsi stable-8252 -> stable-8319 2023-03-07 20:38:36 +00:00
Slavi Pantaleev
dddfee16bc Fix all 300+ ansible-lint-reported errors 2023-03-07 17:28:15 +02:00
Slavi Pantaleev
023fe3ea08 Add sliding-sync support 
This allows people to try out the new Element X clients, which need to
run against the sliding-sync proxy (https://github.com/matrix-org/sliding-sync).

Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2515

The code is based on the existing PR (#2515), but heavily reworked. Major changes:

- lots of internal refactoring and variable renaming

- fixed self-building to support non-amd64 architectures

- changed to talk to the homeserver locally, over the container network (not
  publicly)

- no more matrix-nginx-proxy support due to complexity (see below)

- no more `matrix_server_fqn_sliding_sync_proxy` in favor of
  `matrix_sliding_sync_hostname` and `matrix_sliding_sync_path_prefix`

- runs on `matrix.DOMAIN/sliding-sync` by default, so it can tried
  easily without having to create new DNS records
 2023-03-07 11:57:56 +02:00
Slavi Pantaleev
6e3aab6594 Make devture-traefik to matrix-traefik migration code a little safer 2023-03-06 11:00:42 +02:00
Slavi Pantaleev
30f1034767 Remove matrix_playbook_traefik_role_enabled variable and devture-traefik references 
The variable was necessary when multiple playbooks could have
potentially tried to manage a shared `devture-traefik.serivce` systemd service
and shared `/devture-traefik` directory.

Since adcc6d9723, we use our own `/matrix/traefik`
(`matrix-traefik.service`) installation and no conflicts can arise.
It's safe to always enable the role, just like we do with all the other roles.
 2023-03-06 09:51:14 +02:00
Slavi Pantaleev
adcc6d9723 Relocate Traefik (to matrix-traefik.service && /matrix/traefik base path) 
The migration is automatic. Existing users should experience a bit of
downtime until the playbook runs to completion, but don't need to do
anything manually.

This change is provoked by https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2535

While my statements there ("Traefik is a shared component among
sibling/related playbooks and should retain its global
non-matrix-prefixed name and path") do make sense, there's another point
of view as well.

With the addition of docker-socket-proxy support in bf2b540807,
we potentially introduced another non-`matrix-`-prefixed systemd service
and global path (`/devture-container-socket-proxy`). It would have
started to become messy.

Traefik always being called `devture-traefik.service` and using the `/devture-traefik` path
has the following downsides:

- different playbooks may write to the same place, unintentionally,
  before you disable the Traefik role in some of them.
  If each playbook manages its own installation, no such conflicts
  arise and you'll learn about the conflict when one of them starts its
  Traefik service and fails because the ports are already in use

- the data is scattered - backing up `/matrix` is no longer enough when
  some stuff lives in `/devture-traefik` or `/devture-container-socket-proxy` as well;
  similarly, deleting `/matrix` is no longer enough to clean up

For this reason, the Traefik instance managed by this playbook
will now be called `matrix-traefik` and live under `/matrix/traefik`.

This also makes it obvious to users running multiple playbooks, which
Traefik instance (powered by which playbook) is the active one.
Previously, you'd look at `devture-traefik.service` and wonder which
role was managing it.
 2023-03-06 09:34:31 +02:00
Slavi Pantaleev
449b51588e Remove usage of undefined matrix_bot_go_neb_identifier variable 
This is a mistake made in 10b5350370.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2540
 2023-03-06 08:52:32 +02:00
Aine
493de7316c
update honoroit 0.9.16 -> 0.9.17 
* healthchecks.io integration
* mutex on forwarding messages into thread
* fix in prefixes handling
* send error messages as thread reply when possible
 2023-03-05 14:52:53 +00:00
Slavi Pantaleev
10b5350370 Add Traefik support to Go-NEB bot 
Completely untested.
 2023-03-03 10:40:45 +02:00
Slavi Pantaleev
6085e3a816 Add validation tasks for Etherpad migration (matrix_etherpad -> etherpad) 2023-03-03 10:38:11 +02:00
Slavi Pantaleev
124fbeda04 Switch to using an external Etherpad role 
This new role also adds native Traefik support and support for other
(non-`amd64`) architectures via self-building.
 2023-03-02 22:50:13 +02:00
Slavi Pantaleev
2e2691e96b
Merge pull request #2534 from FSG-Cat/draupnir 
Resolve Draupnir regression caused in #2508
 2023-03-02 10:35:29 +02:00
Catalan Lover
4ccd3f79de
Fix Draupnir config 
Config was accidently changed when importing upstream changes.
 2023-03-02 03:58:03 +01:00
Slavi Pantaleev
227d9d8209 Fix variable name typo 2023-03-01 23:14:40 +02:00
Slavi Pantaleev
8db2c0498a Upgrade Synapse (v1.77.0 -> v1.78.0) 2023-03-01 11:07:25 +02:00
Slavi Pantaleev
d6371a0781 Upgrade ddclient (v3.10.0-ls110 -> v3.10.0-ls111) 2023-03-01 10:32:49 +02:00
Slavi Pantaleev
f7149103e4 Remove matrix_playbook_traefik_certs_dumper_role_enabled in favor of just devture_traefik_certs_dumper_enabled 
We don't need these 2 roughly-the-same settings related to the
traefik-certs-dumper role.

For Traefik, it makes sense, because it's a component used by the
various related playbooks and they could step onto each other's toes
if the role is enabled, but Traefik is disabled (in that case, uninstall
tasks will run).

As for Traefik certs dumper, the other related playbooks don't have it,
so there's no conflict. Even if they used it, each one would use its own
instance (different `devture_traefik_certs_dumper_identifier`), so there
wouldn't be a conflict and uninstall tasks can run without any danger.
 2023-03-01 09:31:48 +02:00
array-in-a-matrix
c3900aaf1b remove devture services 2023-02-28 18:06:46 -05:00
Aine
0fe1d1f9ec
Update element 1.11.23 -> 1.11.24 2023-02-28 13:18:59 +00:00
Slavi Pantaleev
6fe739a2cb Remove unnecessary variable 2023-02-27 18:32:22 +02:00
Slavi Pantaleev
7716c306f1 Split Traefik rules for Matrix Client and Matrix Federation APIs 
This helps people who run federation on another domain (etc.).
They should now easily be able to add a custom rule for federation traffic.
 2023-02-27 17:28:33 +02:00
Thom Wiggers
d544f746e8
Update irc appservice 2023-02-27 13:40:23 +01:00
Slavi Pantaleev
058a54fd05 Add native Traefik support to Dimension 2023-02-26 23:06:36 +02:00
Slavi Pantaleev
cdd23aafc6 Add matrix_conduit_container_network/matrix_conduit_container_additional_networks 2023-02-26 22:08:08 +02:00
Slavi Pantaleev
9e4ecf4ac9 Add matrix_dendrite_container_network/matrix_dendrite_container_additional_networks 2023-02-26 22:05:36 +02:00
Aine
7852d5eb26
update mautrix-telegram 0.12.2 -> 0.13.0 2023-02-26 15:58:10 +00:00
Slavi Pantaleev
71ae825f6a Switch default reverse-proxy to Traefik, force reverse-proxy choice on existing users 2023-02-26 16:14:05 +02:00
Slavi Pantaleev
d20ff688db Add native Traefik support to Sygnal 2023-02-26 11:03:42 +02:00
Slavi Pantaleev
8df7ad47cd Fix rageshake project description in defaults/main.yml 2023-02-25 19:04:28 +02:00
Slavi Pantaleev
725b2beed7 Add native Traefik support to Buscarron 2023-02-25 15:50:48 +02:00
Slavi Pantaleev
bc5dda2b3a Reorder some Buscarron default variables and fix some typos 
Fixes a regression introduced in 0220c851e8
 2023-02-25 15:11:23 +02:00
Slavi Pantaleev
0220c851e8 Add multiple container networks support to Buscarron 2023-02-25 15:03:03 +02:00
Slavi Pantaleev
6c2d397853 Fix inaccurate Buscarron project description comment 2023-02-25 14:58:41 +02:00
Slavi Pantaleev
c5dbeeae91
Merge pull request #2510 from gnunicorn/ben-adding-rageshake 
Add rageshake server
 2023-02-25 14:05:42 +02:00
Slavi Pantaleev
233e253264 Add native Traefik support to rageshake 2023-02-25 13:46:42 +02:00
Slavi Pantaleev
4c64e092d0 Fix rageshake self-building 
BuildX is required for building this container image.
 2023-02-25 13:09:53 +02:00
Slavi Pantaleev
39be2ef71a Fix matrix_rageshake_container_src_files_path value 2023-02-25 13:01:38 +02:00
Slavi Pantaleev
9a8ebf3d8c matrix_rageshake_docker_ -> matrix_rageshake_container_ 2023-02-25 13:01:11 +02:00
Slavi Pantaleev
5934de84be Reorder matrix-rageshake default variables a bit 2023-02-25 12:59:56 +02:00
Slavi Pantaleev
8339ebdf58 Redo the way matryx-rageshake configuration is done 
This makes it consistent with the rest of the playbook:
- there's a default config which has various variables controlling
  settings
- there's also an `_extension_yaml` variable, which lets you override it
 2023-02-25 12:29:22 +02:00
Slavi Pantaleev
a51c9521a8 Rename some task files 2023-02-25 12:23:45 +02:00
Slavi Pantaleev
db0104978f Extract api_prefix rageshake configuration into matrix_rageshake_config_api_prefix 2023-02-25 12:23:07 +02:00
Slavi Pantaleev
19e0b8374b Enable matrix_rageshake_enabled in the role by default 
We disable it via `group_vars/matrix_servers`, as we do for all other
roles.
 2023-02-25 12:20:25 +02:00
Slavi Pantaleev
d513c0f446 Document why the rageshake version is master 2023-02-25 12:20:09 +02:00
Benjamin Kampmann
40f037b36d Add rageshake server 2023-02-24 16:55:49 +01:00
Slavi Pantaleev
c8022c1a18 Remove useless explicit daemon reload in matrix-user-creator 
The next task asks for a daemon reload, so there's no need to do it
twice.
 2023-02-23 08:35:45 +02:00
Slavi Pantaleev
0af6e6d9d9 Make wait time for matrix-user-creator configurable and increase default (7 -> 10 sec.) 2023-02-23 08:26:35 +02:00
Slavi Pantaleev
643acfcb5b Make synapse-s3-storage-provider periodic migration schedule customizable 
Larger deployments may wish to run migration more often.
 2023-02-22 16:08:53 +02:00
Slavi Pantaleev
4caeab9117
Fix spacing around Jinja2 filters 2023-02-22 15:54:14 +02:00
Igor Goldenberg
620247673e Allow configure default country code in element welcome page. 2023-02-22 18:04:13 +05:00
Slavi Pantaleev
1c10a7727c Upgrade ddclient (v3.10.0-ls106 -> v3.10.0-ls110) 2023-02-21 07:40:55 +02:00
Catalan Lover
65e7aa2406
Update Draupnir from v1.80.0 to v1.80.1 2023-02-20 22:22:10 +01:00
Catalan Lover
601b67c02d
Update Draupnir Config 2023-02-20 22:21:02 +01:00
Slavi Pantaleev
6cdbde01d7 Fix various Traefik headers syntax 
`always` is an nginx suffix, which shouldn't have been added to these.
 2023-02-20 16:50:39 +02:00
Slavi Pantaleev
0da308e24d Upgrade com.devture.ansible.role.traefik 2023-02-19 10:20:13 +02:00
Slavi Pantaleev
5df89a44b3 Add support for customizing Synapse templates 2023-02-17 19:37:34 +02:00
Slavi Pantaleev
9775218850 Add matrix_synapse_email_app_name variable 2023-02-17 18:31:01 +02:00
Slavi Pantaleev
632026513e Add matrix_synapse_uid, matrix_synapse_gid and matrix_synapse_username 2023-02-17 17:16:50 +02:00
Slavi Pantaleev
990a6369e1 Switch to using an external Redis role 2023-02-17 16:23:59 +02:00
Slavi Pantaleev
519b32543c Add matrix_synapse_container_network and matrix_synapse_container_additional_networks 2023-02-17 16:13:38 +02:00
Slavi Pantaleev
0ce2121d01 Fix variable typo in validation task 2023-02-17 14:59:22 +02:00
Slavi Pantaleev
b291459bf3 Fix syntax error 2023-02-17 10:13:34 +02:00
Slavi Pantaleev
964aa0e84d Switch to using an external Ntfy role 
The newly extracted role also has native Traefik support,
so we no longer need to rely on `matrix-nginx-proxy` for
reverse-proxying to Ntfy.

The new role uses port `80` inside the container (not `8080`, like
before), because that's the default assumption of the officially
published container image. Using a custom port (like `8080`), means the
default healthcheck command (which hardcodes port `80`) doesn't work.
Instead of fiddling to override the healthcheck command, we've decided
to stick to the default port instead. This only affects the
inside-the-container port, not any external ports.

The new role also supports adding the network ranges of the container's
multiple additional networks as "exempt hosts". Previously, only one
network's address range was added to "exempt hosts".
 2023-02-17 09:54:33 +02:00
Slavi Pantaleev
38c4e464c1 Fix self-check for Hydrogen and Cinny when running under a subpath 2023-02-17 09:20:22 +02:00
Aine
954920dd4f
Update ntfy 1.31.0 -> 2.0.0 2023-02-16 20:00:00 +00:00
Slavi Pantaleev
8fd8f12a0d
Merge pull request #2493 from etkecc/patch-174 
Update mautrix-whatsapp 0.8.1 -> 0.8.2
 2023-02-16 20:08:50 +02:00
Aine
64ec1db077
Update mautrix-whatsapp 0.8.1 -> 0.8.2 2023-02-16 18:03:18 +00:00
Aine
649f6512ca
Update mautrix-discord 0.1.0 -> 0.1.1 2023-02-16 18:02:25 +00:00
Slavi Pantaleev
bb7895678c Fix typo 2023-02-15 11:48:27 +02:00
Aine
4fe6015464
Update ntfy 1.30.1 -> 1.31.0 2023-02-15 09:02:36 +00:00
Slavi Pantaleev
7c5826f1c3 Break dependency between matrix-prometheus-nginxlog-exporter and the Grafana role 
Wiring happens via `group_vars/matrix_servers` now.
 2023-02-15 10:52:25 +02:00
Slavi Pantaleev
1006b8d899 Replace matrix-grafana with an external role 2023-02-15 10:32:24 +02:00
Slavi Pantaleev
94124263a7 Add matrix_prometheus_container_network/matrix_prometheus_container_additional_networks 2023-02-15 08:56:11 +02:00
Slavi Pantaleev
0b9dc56edf Add type support to matrix_coturn_container_additional_volumes 
.. and try to auto-switch between `bind` and `volume` depending on
whether there's a slash in the `src` path.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2482
 2023-02-15 06:03:55 +02:00
Slavi Pantaleev
1f0da1103a
Merge pull request #2485 from etkecc/patch-171 
update postmoogle 0.9.13 -> 0.9.14
 2023-02-14 22:48:51 +02:00
Slavi Pantaleev
c85d48c45c Remove Traefik labels for Hydrogen & Cinny from matrix-nginx-proxy 
Related to 6a52be7987 and 28e7ef9c71f02
 2023-02-14 22:46:34 +02:00
Aine
4045d72e7b
update postmoogle 0.9.13 -> 0.9.14 
* make banlist consistent
* proper multi-error message
* ignore "." MX hosts
* try recipient domain directly, even when MX records found, but failed
 2023-02-14 20:04:27 +00:00
Slavi Pantaleev
4d24e9bb7f
Merge pull request #2484 from etkecc/patch-170 
Update synapse 1.76.0 -> 1.77.0
 2023-02-14 20:03:33 +02:00
Aine
3570808633
Update synapse 1.76.0 -> 1.77.0 2023-02-14 17:50:55 +00:00
Aine
c98f40c836
Update hydrogen 0.3.7 -> 0.3.8 2023-02-14 17:49:16 +00:00
Slavi Pantaleev
51cfd7b777
Merge pull request #2481 from moan0s/update 
Bump element version
 2023-02-14 15:29:34 +02:00
Julian-Samuel Gebühr
6727aa55ec Bump element version 
Signed-off-by: Julian-Samuel Gebühr <julian-samuel@gebuehr.net>
 2023-02-14 13:36:04 +01:00
Slavi Pantaleev
f28e7ef9c7 Add (native) Traefik support to matrix-client-cinny 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now
 2023-02-14 11:29:53 +02:00
Slavi Pantaleev
3bace0c7b9 Add matrix_synapse_admin_hostname and rename matrix_synapse_admin_public_endpoint (to matrix_synapse_admin_path_prefix) 2023-02-14 11:05:39 +02:00
Slavi Pantaleev
2e74187050 Add matrix_client_element_hostname and matrix_client_element_path_prefix variables 2023-02-14 11:02:18 +02:00
Slavi Pantaleev
eb7292f274 Add matrix_client_hydrogen_hostname and fix Hydrogen serving at non-root-path 2023-02-14 10:57:13 +02:00
Slavi Pantaleev
6a52be7987 Add (native) Traefik support to matrix-client-hydrogen 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now

Serving at a path other than `/` doesn't work well yet.
 2023-02-14 09:58:35 +02:00
Slavi Pantaleev
64e2b26ed5 Fix Hydrogen failing to start 
We were mounting our own configuration to
`/usr/share/nginx/html/config.json`, which is a symlink to
`/tmp/config.json`. So we effectively mount our file to
`/tmp/config.json`.

When starting:

- if Hydrogen sees a `CONFIG_OVERRIDE` environment variable,
  it will try to save it into our read-only config file and fail.

- if Hydrogen doesn't see a `CONFIG_OVERRIDE` environment variable (the
  path we go through, because we don't pass such a variable),
  it will try to copy its bundled configuration (`/config.json.bundled`)
  to `/tmp/config.json`. Because our configuration is mounted as read-only, it will
  fail.

In both cases, it will fail with:

> cp: can't create '/tmp/config.json': File exists

Source: 3720de36bb/docker/dynamic-config.sh

We work around this by mounting our configuration on top of the bundled
one (`/config.json.bundled`). We then let Hydrogen's startup script copy
it to `/tmp/config.json` (a tmpfs we've mounted into the container) and use it from there.
 2023-02-14 09:49:22 +02:00
Slavi Pantaleev
799cbb44fb Add the ability to control (Traefik) routing priority for Element and synapse-admin 
This may proof useful to someone in the future.
 2023-02-14 09:04:50 +02:00
Slavi Pantaleev
5c7cd70684 Make use of the existing matrix_synapse_admin_public_endpoint variable 2023-02-14 08:51:20 +02:00
Slavi Pantaleev
c33ed94352 Add security headers to synapse-admin (on Traefik) 
We've had it on `matrix-nginx-proxy` before, but
our initial support for Traefik did not include any of these security
headers.
 2023-02-14 08:49:04 +02:00
Slavi Pantaleev
71597132e0 Move around some matrix-client-element variables 2023-02-14 08:45:32 +02:00
Slavi Pantaleev
5ab5f28d14 Add support for running synapse-admin (on Traefik) at the root path 
Previously, we had to run it at a subpath, like `/synapse-admin`.

We can now dedicate a whole domain and the `/` path to it, should we
wish to do so.
 2023-02-14 08:42:50 +02:00
Slavi Pantaleev
ff1338e003 Add support for hosting Element (on Traefik) at a subpath 2023-02-14 08:31:26 +02:00
Slavi Pantaleev
e34174b1b4 Add various security headers to matrix-client-element when behind Traefik 2023-02-13 19:03:20 +02:00
Slavi Pantaleev
e51e4eec09 Add (native) Traefik support to matrix-client-element 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now
 2023-02-13 19:03:20 +02:00
Slavi Pantaleev
f2ed5e4b04 Delete /matrix/nginx-proxy/conf.d/matrix-client-element.conf if matrix_nginx_proxy_proxy_element_enabled not enabled 2023-02-13 19:03:20 +02:00
Aine
9f820a506a
Update postmoogle 0.9.12 -> 0.9.13 
* live SSL certificates reload on file changes (e.g., on automatic certs renewal)
* print all errors when trying connection to an SMTP server
 2023-02-13 14:08:09 +00:00
Slavi Pantaleev
31aa87fdb6
Merge pull request #2475 from etkecc/patch-167 
Update coturn 4.6.1-r1 -> 4.6.1-r2
 2023-02-13 15:12:37 +02:00
Slavi Pantaleev
3d9aa8387e Add (native) Traefik support to synapse-admin 
Previously, it had to go through matrix-nginx-proxy.
It's exposed to Traefik directly via container labels now.
 2023-02-13 15:08:42 +02:00
Aine
f6f7bbd2a1
Update coturn 4.6.1-r1 -> 4.6.1-r2 2023-02-13 12:54:55 +00:00
Slavi Pantaleev
38904c08b0 Wire backup_borg_username 
It's probably unnecessary, as this user is only used in the borg container
internally, but.. It doesn't hurt to set it to `matrix`.
 2023-02-13 11:01:54 +02:00
Slavi Pantaleev
78c35136b2 Replace matrix-backup-borg with an external role 2023-02-13 10:53:11 +02:00
td
af10d350bc fix: missing endif in client well-known 2023-02-13 12:32:43 +05:30
Jayesh Nirve
6939a3d6d3
fix: only add element related entries to client well-known if element is enabled (#2453) 
* fix: only add element related entries to client well-known if element is enabled

* Fix matrix-base/defaults/main.yml syntax

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2023-02-13 08:36:20 +02:00
Array in a Matrix
79413e7717
updated dendrite 2023-02-12 13:09:53 -05:00
Slavi Pantaleev
f1a1ce8a91
Merge pull request #2464 from spantaleev/traefik 
Reverse-proxy configuration changes and initial Traefik support
 2023-02-12 16:05:56 +02:00
Catalan Lover
cba63bd4b9
Upgrade Drapunir from 1.8.0 Beta to 1.8.0 release. 2023-02-11 23:51:13 +01:00
Slavi Pantaleev
6b0650641b Update matrix_playbook_reverse_proxy_type documentation 2023-02-11 08:58:53 +02:00
Slavi Pantaleev
8309a21303 Rename reverse proxy types and fix Hookshot http/https urlPrefix issue 2023-02-11 08:44:11 +02:00
Slavi Pantaleev
3f2cb840b9 Merge branch 'master' into traefik 2023-02-11 07:46:35 +02:00
Slavi Pantaleev
ad22bdb884 Do not run matrix-user-verification-service validation tasks unless the service is enabled 2023-02-10 19:40:03 +02:00
Slavi Pantaleev
7142ff422d Ensure matrix_user_verification_service_uvs_access_token is always defined 
The playbook tries to avoid such variables which are sometimes defined
and sometimes not. We'd rather not check for `is defined`.
 2023-02-10 19:40:03 +02:00
Slavi Pantaleev
97f65e8dff Minor fixes to allow for Traefik without SSL 2023-02-10 19:36:06 +02:00
Aine
a1ef28681a
Update Hydrogen 0.3.6 -> 0.3.7 2023-02-10 14:40:50 +00:00
Slavi Pantaleev
28d2eb593c Add matrix_playbook_reverse_proxy_type variable which influences all other services 2023-02-10 16:04:34 +02:00
Slavi Pantaleev
06ccd71edc Merge branch 'master' into traefik 2023-02-10 14:37:59 +02:00
Slavi Pantaleev
f6ab162fff Remove systemd-reloading handler in matrix-user-verification-service 
None of the other roles use handlers.

We rely on com.devture.ansible.role.systemd_service_manager to reload services when it's necessary to do so.
 2023-02-10 14:22:37 +02:00
Slavi Pantaleev
e1bfa2a7d6 Fix ansible-lint-reported errors 2023-02-10 14:21:31 +02:00
Slavi Pantaleev
43a6a035a0 Skip removing /.well-known/element directory to suppress ansible-lint error 
Leaving an orphan directory is okay and can be improved later on.
 2023-02-10 14:16:00 +02:00
Slavi Pantaleev
01ccec2dbe Merge branch 'master' into pr-jitsi-matrix-authentication 2023-02-10 14:12:47 +02:00
Slavi Pantaleev
7cdf59d79b
Merge pull request #2451 from FSG-Cat/draupnir 
Add Draupnir support to the project.
 2023-02-10 11:43:30 +02:00
Slavi Pantaleev
d6c8ea3742
Merge pull request #2452 from borisrunakov/update-matrix-chatgpt-bot 
update matrix-chatgpt-bot
 2023-02-10 08:29:00 +02:00
ntallasv
f71cd3a760 fix linting in validate_config.yml 2023-02-10 00:34:07 +02:00
ntallasv
b738486684 update validate_config.yml 2023-02-10 00:13:31 +02:00
Aine
d32f80bf29
Update postmoogle 0.9.11 -> 0.9.12 
* fix uploads from incoming emails into matrix threads
* fix emails dequeue (account data cleanup)
* rewrite recipients handling (Cc, To, etc.)
 2023-02-09 17:43:35 +00:00
ntallasv
9615855cfa update matrix-chatgpt-bot 2023-02-09 14:53:56 +02:00
Catalan Lover
ddcb1735e2
Add draupnir as valid prefix to resolve a bug 
Current draupnir does not listen to its name. This config change fixes this bug. This bodge is able to be removed once this is fixed upstream.
 2023-02-08 20:05:47 +01:00
Catalan Lover
a717590aa5
Rename systemd service file from mjolnir to draupnir 2023-02-08 19:53:35 +01:00
Slavi Pantaleev
88a26758e1 Merge branch 'master' into traefik 2023-02-08 18:48:10 +02:00
Catalan Lover
9092d4bb6b
Push draupnir version from develop to v1.80.0-beta.0 2023-02-08 17:02:59 +01:00
Catalan Lover
78b1ebd5af
commit main.yml for draupnir and set target ver to develop 2023-02-08 16:44:30 +01:00
Catalan Lover
563cf1a4ba
Initial commit for draupnir. 
main.yml is not included due to that its changed separately.
 2023-02-08 16:44:12 +01:00
Slavi Pantaleev
49a1985750 Fix Postmoogle systemd service description 2023-02-08 16:45:58 +02:00
Slavi Pantaleev
d44d4b637f Allow Coturn to work with SSL certificates extracted from Traefik 2023-02-08 16:06:46 +02:00
Aine
2eb2ad0ad7
Update heisenbridge 1.14.1 -> 1.14.2 2023-02-07 09:06:00 +00:00
Slavi Pantaleev
2b9061a5d3 Add support for reverse-proxying the base domain via Traefik 2023-02-07 11:02:02 +02:00
Slavi Pantaleev
6c17671abd Upgrade synapse-admin (0.8.6 -> 0.8.7) and drop reverse-proxy workaround 
Related to 6a31fba346, 6a31fba346.

Related to https://github.com/Awesome-Technologies/synapse-admin/issues/322
 2023-02-07 10:45:19 +02:00
Slavi Pantaleev
66baef5bf6 Fix matrix-synapse-reverse-proxy-companion.service stopping during uninstallation 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2444
 2023-02-07 08:48:50 +02:00
jakicoll
6a205a83f6 Change renamed variables matrix_systemd_path -> devture_systemd_docker_base_systemd_path 2023-02-06 17:20:13 +01:00
jakicoll
6cffec14ea fixup! Remove the self-build stub, because self-build was not implemented 2023-02-06 16:36:49 +01:00
jakicoll
be634168ac Make the linter happy. 2023-02-06 16:29:25 +01:00
jakicoll
f3ca4a0632 Remove unnecessary comment. 2023-02-06 16:28:57 +01:00
jakicoll
7848d865a5 Also define the vars to be overwritten in group vars within the role vars. 2023-02-06 16:28:56 +01:00
Paul N
70bea81df7 Introduced flags to (1) enable/disable Auth (2) enable/disable openid_server_name pinning. Updated validate_config.yml and added new checks to verify. 2023-02-06 15:59:32 +01:00
Paul N
96dd86d33b Set default values where sensible and remove unnecessary conditionals in .env.j2. 
Check for empty string instead of Null to verify if an openid_server_name is pinned.
 2023-02-06 15:26:08 +01:00
jakicoll
6b206b3763 Move checks into validate_config.yml. 2023-02-06 15:21:10 +01:00
jakicoll
6499b6536a Decoupling: Do not use variables user-verification-service role inside the jitsi role. 2023-02-06 15:18:25 +01:00
Paul N
50c1e9d695 Set matrix_user_verification_service_uvs_homeserver_url in the role defaults and updated docs accordingly. 2023-02-06 13:14:34 +01:00
jakicoll
0e0ae2f3e6 Assign default log level in role instead of matrix_servers file. 2023-02-06 13:04:06 +01:00
jakicoll
bf5e633656 Remove the self-build stub, because self-build was not implemented 2023-02-06 12:57:20 +01:00
Paul N
b89f5b7ff5
Clarify task name and add user and group to templated env file 
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2023-02-06 12:47:50 +01:00
Jakob S
6913d368c8
Consolidate conditionals into a block, keep image 
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2023-02-06 12:38:01 +01:00
Slavi Pantaleev
8155f780e5 Add support for reverse-proxying Matric (Client & Federation) via Traefik 2023-02-06 13:08:11 +02:00
Slavi Pantaleev
f983604695 Initial work on Traefik support 
This gets us started on adding a Traefik role and hooking Traefik:

- directly to services which support Traefik - we only have a few of
  these right now, but the list will grow

- to matrix-nginx-proxy for most services that integrate with
  matrix-nginx-proxy right now

Traefik usage should be disabled by default for now and nothing should
change for people just yet.

Enabling these experiments requires additional configuration like this:

```yaml
devture_traefik_ssl_email_address: '.....'

matrix_playbook_traefik_role_enabled: true
matrix_playbook_traefik_labels_enabled: true

matrix_ssl_retrieval_method: none

matrix_nginx_proxy_https_enabled: false

matrix_nginx_proxy_container_http_host_bind_port: ''
matrix_nginx_proxy_container_federation_host_bind_port: ''

matrix_nginx_proxy_trust_forwarded_proto: true

matrix_nginx_proxy_x_forwarded_for: '$proxy_add_x_forwarded_for'

matrix_coturn_enabled: false
```

What currently works is:
reverse-proxying for all nginx-proxy based services **except** for the Matrix homeserver
(both Client-Server an Federation traffic for the homeserver don't work yet)
 2023-02-06 10:34:51 +02:00
Slavi Pantaleev
4d6a8d049d Add matrix_nginx_proxy_container_network variable 2023-02-06 08:48:11 +02:00
Slavi Pantaleev
e018663ba4 Attach ma1sd/nginx-proxy/synapse-reverse-proxy-companion to additional networks in a better way 
Switching from doing "post-start" loop hacks to running the container
in 3 steps: `create` + potentially connect to additional networks + `start`.
This way, the container would be connected to all its networks even at
the very beginning of its life.
 2023-02-06 08:38:43 +02:00
Slavi Pantaleev
be78b74fbd Switch from matrix-prometheus-postgres-exporter to an external prometheus_postgres_exporter role 2023-02-05 10:32:09 +02:00
Slavi Pantaleev
2d7d5d4bab Use new security-opt syntax (: -> =) 
Related to https://docs.docker.com/engine/deprecated/#separator--of---security-opt-flag-on-docker-run
 2023-02-03 20:36:24 +02:00
Catalan Lover
4d49f1f56e
Update Prometheus to v2.42.0 from v2.41.0 
Docker images are released now so this change can now be pushed.
 2023-02-02 16:00:07 +01:00
Aine
c11f772e78
Fix python packages path in synapse container 2023-01-31 21:34:25 +00:00
Slavi Pantaleev
7cb140b987
Downgrade Prometheus (v2.42.0 -> v2.41.0) until a container image gets published 
Container image not published yet.

Reverts #2438
 2023-01-31 23:24:20 +02:00
Slavi Pantaleev
d42ef7d243
Merge pull request #2439 from etkecc/patch-160 
Update synapse 1.75.0 -> 1.76.0; default room version 9 -> 10
 2023-01-31 22:44:04 +02:00
Slavi Pantaleev
c8ce83c725
Merge pull request #2438 from etkecc/patch-159 
Update prometheus 2.41.0 -> 2.42.0
 2023-01-31 22:43:34 +02:00
Aine
0f208ed053
Update synapse 1.75.0 -> 1.76.0; default room version 9 -> 10 2023-01-31 19:19:43 +00:00
Aine
82d870fddf
Update prometheus 2.41.0 -> 2.42.0 2023-01-31 19:16:52 +00:00
Aine
5300740f70
Update element 1.11.21 -> 1.11.22 2023-01-31 19:11:07 +00:00
Slavi Pantaleev
c7767e9bc8 Upgrade Coturn (4.6.1-r0 -> 4.6.1-r1) 2023-01-31 20:25:59 +02:00
Slavi Pantaleev
66bb2943b4
Merge pull request #2436 from etkecc/patch-157 
Update jitsi stable-8218 -> stable-8252
 2023-01-31 18:03:08 +02:00
Aine
68ca23d709
Update jitsi stable-8218 -> stable-8252 2023-01-31 14:02:50 +00:00
Aine
d70076c805
Update element 1.11.20 -> 1.11.21 2023-01-31 14:01:11 +00:00
Aine
8c2b77bf0c
Update cinny 2.2.3 -> 2.2.4 2023-01-30 07:07:09 +00:00
Slavi Pantaleev
611a74bde2 Use |to_json in mautrix metrics configuration 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2427
 2023-01-30 08:59:35 +02:00
Slavi Pantaleev
d82d0ad84b Add _metrics_proxying_enabled variables to mautrix bridges 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2427

`metrics_enabled` should only expose the metrics locally, on the
container network, so that a local Prometheus can consume them.

Exposing them publicly should be done via a separate toggle (`metrics_proxying_enabled`).
This is how all other roles work, so this makes these mautrix roles consistent with the rest.
 2023-01-30 08:50:57 +02:00
Slavi Pantaleev
cad83ddca6
Merge pull request #2427 from alemairebe/mautrix-metrics 
Mautrix metrics
 2023-01-30 08:36:40 +02:00
Slavi Pantaleev
f9a496c29c
Merge pull request #2432 from shalzz/patch/slack 
mautrix-slack: add team name in channel name template
 2023-01-30 08:27:48 +02:00
Shaleen Jain
df9931f719 mautrix-slack: add team name in channel name template 2023-01-30 10:17:19 +05:30
Slavi Pantaleev
389d6c978f
Merge pull request #2431 from etkecc/patch-154 
Update borgmatic 1.7.5 -> 1.7.6
 2023-01-29 21:51:42 +02:00
Slavi Pantaleev
5482a9d5d0
Merge pull request #2429 from etkecc/patch-152 
Update mautrix-discord latest -> 0.1.0
 2023-01-29 21:02:39 +02:00
Aine
4f69b22a6e
Update borgmatic 1.7.5 -> 1.7.6 2023-01-29 18:14:41 +00:00
Aine
a9a17d803e
Update maubot 0.3.1 -> 0.4.0 2023-01-29 18:12:26 +00:00
Aine
111303208a
Update mautrix-discord latest -> 0.1.0 2023-01-29 18:11:33 +00:00
Adrien le Maire
9eaf6944e3 add nginx proxy connfig for mautrix metrics 2023-01-29 15:17:31 +01:00
Adrien le Maire
691ef13cab template metric toggle for mautrix bridges supporting it 2023-01-29 09:45:52 +01:00
Slavi Pantaleev
e588c42088 Improve synapse-admin reverse-proxying fix 
Fixup for 6a31fba346
 2023-01-28 17:09:27 +02:00
Slavi Pantaleev
6a31fba346 Fix synapse-admin reverse-proxying regression caused by 0.8.6 
Related to f165aa5d48

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2424
 2023-01-28 17:04:55 +02:00
Aine
f165aa5d48
Update synapse-admin 0.8.5 -> 0.8.6 2023-01-28 07:54:52 +00:00
bertybuttface
7b5ced3037
Fix linting issue. 2023-01-27 19:02:14 +00:00
bertybuttface
d66a2949f6
Update env.j2 
Use matrix_bot_chatgpt_context for CHATGPT_CONTEXT
 2023-01-27 18:57:24 +00:00
bertybuttface
7e1408ea65
Bump ChatGPT version and add new config settings 
matrix_bot_chatgpt_context=thread
 2023-01-27 18:55:13 +00:00
Slavi Pantaleev
430a55902c
Merge pull request #2420 from bertybuttface/patch-1 
Upgrade matrix-chatgpt-bot to latest
 2023-01-27 08:57:16 +02:00
Slavi Pantaleev
784043cc5d
Ensure OPENAI_PRO is true/false (not True/False) 2023-01-27 08:55:38 +02:00
Slavi Pantaleev
867737fe0b Upgrade Grafana (9.3.4 -> 9.3.6) 2023-01-26 17:42:03 +02:00
Slavi Pantaleev
aafa8f019c Allow matrix_coturn_docker_network to be set to 'host' to use host-networking 
This helps large deployments which need to open up thousands of ports
(matrix_coturn_turn_udp_min_port, matrix_coturn_turn_udp_min_port)

On a test VM, opening 1k ports takes 17 seconds for Docker to "publish"
all of these ports (setting up forwarding rules with the firewall, etc),
so service startup and shutdown take a long amount of time.

If host-networking is used, there's no need to open any ports at all
and startup/shutdown can be quick.
 2023-01-26 17:35:30 +02:00
Slavi Pantaleev
bb0faa6bc3 Block various private network ranges via denied_peer_ips for Coturn by default 
Inspired by: https://www.rtcsec.com/article/cve-2020-26262-bypass-of-coturns-access-control-protection/
 2023-01-26 17:35:30 +02:00
Slavi Pantaleev
773cb7d37e Make no-tcp-relay Coturn configuration property configurable 2023-01-26 17:35:30 +02:00
Slavi Pantaleev
bf23d63f82 Add matrix_coturn_additional_configuration 2023-01-26 17:35:30 +02:00
Slavi Pantaleev
4c9f96722f Add no-multicast-peers to Coturn config by default 
Part of a security hardening provoked by:
https://www.rtcsec.com/article/cve-2020-26262-bypass-of-coturns-access-control-protection/
 2023-01-26 17:35:30 +02:00
bertybuttface
18c3903def
Update env.j2 
Set OPEN_AI to matrix_bot_chatgpt_openai_pro
 2023-01-26 15:12:36 +00:00
bertybuttface
ad58858a96
Upgrade matrix-chatgpt (1.2.3 -> 1.3.2) 
Add support for OPENAI_PRO for ChatGPT pro subscriptions.
 2023-01-26 15:09:24 +00:00
rhys
d01de9f33d Fix lint errors 2023-01-25 12:07:00 +00:00
rhys
547b01d618 Added option to allow user to set jigasi user and password for AUTH 2023-01-25 12:02:40 +00:00
Aine
6afd3c59eb
Update grafana 9.3.2 -> 9.3.4 2023-01-25 08:39:47 +00:00
Array in a Matrix
47165e8902
updated dendrite version 2023-01-24 15:50:06 -05:00
Slavi Pantaleev
54e5e4b6b9
Merge pull request #2416 from moan0s/fix_cactus_comments 
Fix client js and css download (load compiled version)
 2023-01-22 09:10:16 +02:00
Slavi Pantaleev
c4d1347466
Fix typos 2023-01-22 09:08:47 +02:00
Julian-Samuel Gebühr
18d8d41e14 Fix client js and css download (load compiled version) 2023-01-21 20:54:12 +01:00
Slavi Pantaleev
9ed2e04d80 Switch from matrix-prometheus-node-exporter to an external prometheus_node_exporter role 2023-01-21 11:07:04 +02:00
Slavi Pantaleev
5f7ed722f6
Merge pull request #2415 from etkecc/patch-148 
Update hookshot 2.6.1 -> 2.7.0
 2023-01-20 22:40:54 +02:00
Aine
32292b1f02
Update hookshot 2.6.1 -> 2.7.0 2023-01-20 18:39:05 +00:00
Aine
b71e267221
Update element 1.11.19 -> 1.11.20 2023-01-20 18:38:14 +00:00
Aine
8804a15821
Update element 1.11.18 -> 1.11.19 2023-01-19 05:10:49 +00:00
Vladimir Panteleev
6c332da7d3
Fix ChatGPT container 
This container needs a writable $HOME, and will fail at startup if
there isn't one.

Provide one by pointing HOME to a path under the mounted /data
directory.
 2023-01-19 01:21:44 +00:00
Aine
63a3764f51
Update element 1.11.17 -> 1.11.18 2023-01-18 15:45:04 +00:00
Slavi Pantaleev
70a35f17fe
Merge pull request #2402 from etkecc/patch-144 
Update buscarron v1.3.0 -> v1.3.1
 2023-01-18 16:33:00 +02:00
Aine
2fc02abfdc
Update buscarron v1.3.0 -> v1.3.1 2023-01-18 13:52:44 +00:00
Aine
903db54959
Update postmoogle 0.9.10 -> 0.9.11 2023-01-18 13:37:03 +00:00
Slavi Pantaleev
424f79df3a Replace synapse.app.pusher and synapse.app.federation_sender with synapse.app.generic_worker 
Related to https://github.com/matrix-org/synapse/commit/3479599387164aca2613e88d169719
 2023-01-17 15:55:57 +02:00
Slavi Pantaleev
34745b5206 Upgrade Synapse (v1.74.0 -> v1.75.0) 2023-01-17 15:53:26 +02:00
Slavi Pantaleev
3ff6e755a9 Upgrade Hookshot (2.6.0 -> 2.6.1) 2023-01-16 18:52:22 +02:00
Aine
e053b2b0fc
update mautrix-whatsapp 0.8.0 -> 0.8.1 2023-01-16 13:17:02 +00:00
Aine
5c8bad6091
update borg image tag 2023-01-16 12:11:01 +02:00
Slavi Pantaleev
34c448c3bb Upgrade Cinny (2.2.2 -> 2.2.3) 2023-01-15 11:07:19 +02:00
Aine
d1b4a6ebe1
unify docker images urls 2023-01-14 15:26:58 +02:00
Slavi Pantaleev
5d10001712
Merge pull request #2394 from etkecc/patch-141 
Update hookshot 2.5.0 -> 2.6.0
 2023-01-13 18:40:42 +02:00
Aine
627d8557ae
Update hookshot 2.5.0 -> 2.6.0 2023-01-13 16:31:19 +00:00
Aine
e8c6267e9a
Update jitsi stable-8138-1 -> stable-8218 2023-01-13 16:30:18 +00:00
Slavi Pantaleev
ae1ad3baf6 Improve block tasks indentation to make yamllint happy 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2392
 2023-01-13 18:17:52 +02:00
Slavi Pantaleev
673ee508dc Upgrade matrix-chatgpt (1.2.2 -> 1.2.3) 2023-01-12 11:25:00 +02:00
Slavi Pantaleev
ab8cb21a45 Upgrade matrix-chatgpt (1.2.1 -> 1.2.2) 2023-01-11 19:25:07 +02:00
Slavi Pantaleev
17438bd0dd Upgrade mjolnir (v1.6.3 -> v1.6.4) 2023-01-11 19:24:35 +02:00
Slavi Pantaleev
0c472c172e Upgrade mjolnir (v1.6.1 -> v1.6.3) 2023-01-11 13:51:35 +02:00
Slavi Pantaleev
4e40ac5ad8
Merge pull request #2227 from xangelix/add-matrix-mautrix-slack-role 
Add matrix-bridge-mautrix-slack role
 2023-01-11 10:35:45 +02:00
Slavi Pantaleev
226d81318a Merge branch 'bertybuttface-master' 2023-01-10 17:27:42 +02:00
Slavi Pantaleev
a96a22c925 chatgpt docs updates 2023-01-10 17:26:59 +02:00
bertybuttface
0b88293393 Bump ChatGPT version. 2023-01-10 14:09:08 +00:00
bertybuttface
0ec1868b95 Add matrix-bot-chatgpt. 
Co-Authored-By: Slavi Pantaleev <slavi@devture.com>
 2023-01-10 13:57:38 +00:00
Slavi Pantaleev
d2416365d2
Merge pull request #2220 from xangelix/synapse-s3-sse-c 
Add S3 SSE-C config support for synapse-s3-storage-provider
 2023-01-10 09:25:11 +02:00
Slavi Pantaleev
f0d1e23c9d
Move around whitelines 2023-01-10 09:22:55 +02:00
Cody Wyatt Neiman
fc9eaa6ec5
Remove git version for s3 storage provider 2023-01-09 15:52:38 -05:00
Aine
6bd909bbb7
add mode var for synapse ext ldap auth 2023-01-09 22:18:37 +02:00
Slavi Pantaleev
1d1fd7053c ewoutp/goofys:latest -> docker.io/ewoutp/goofys:latest 2023-01-09 18:55:22 +02:00
Aine
b487bb6749
unify image prefixes 2023-01-08 22:05:43 +02:00
Aine
38151c9fd3
Update heisenbridge 1.14.0 -> 1.14.1 2023-01-06 11:03:18 +00:00
James Collier
36d8ea281c
Allow the mautrix whatsapp relaybot to be enabled with a variable (#2381) 
* Allow the mautrix whatsapp relaybot to be enable with a variable

This allows a user to enable the relaybot by setting a variable in
`vars.yml` in the same way that the mautrix signal relaybot is
configured.

* Correct default values for mautrix whatsapp relaybot variables

* Add documentation for using the relaybot with mautrix whatsapp

* Adjust variable names to better reflect what they do

* Set default variables properly and use to_json in template
 2023-01-06 11:09:07 +02:00
jakicoll
42e4e50f5b Matrix Authentication Support for Jitsi 
This extends the collection with support for seamless authentication at the Jitsi server using Matrix OpenID.

1. New role for installing the [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service)
2. Changes to Jitsi role: Installing Jitsi Prosody Mods and configuring Jitsi Auth
3. Changes to Jitsi and nginx-proxy roles: Serving .well-known/element/jitsi from jitsi.DOMAIN
4. We updated the Jitsi documentation on authentication and added documentation for the user verification service.
 2023-01-04 14:27:16 +01:00
Cody Wyatt Neiman
7e5e1712f5
Encode s3 sse-c key for utf-8 2023-01-03 17:53:33 -05:00
Cody Wyatt Neiman
f5390562ed
Fix synapse s3 storage provider container indentation 2023-01-03 16:13:09 -05:00
Cody Wyatt Neiman
6d96bcee1d
Allow 'git' as a version for s3 storage provider 2023-01-03 15:18:49 -05:00
Cody Wyatt Neiman
4d44f7b49e
Use base64 encoded string for sse-c key 2023-01-03 15:18:09 -05:00
Cody Wyatt Neiman
4c60b1dabf
Merge branch 'master' into synapse-s3-sse-c 2023-01-03 14:31:02 -05:00
Cody Wyatt Neiman
12b8cb3aab
Fix localpart slack id regex for mautrix-slack 2023-01-02 21:58:52 -05:00
Cody Wyatt Neiman
e977242022
Pull more mautrix-slack defaults from upstream 2023-01-02 21:31:04 -05:00
Cody Wyatt Neiman
f4874d2e4a
Pull upstream mautrix-slack config defaults 2023-01-02 21:09:40 -05:00
Cody Wyatt Neiman
2e0dfb2dc1
Update slack bridge implementation 2023-01-02 20:07:04 -05:00
Cody Wyatt Neiman
d07480a883
Remove hardcoded matrix-postgres references 2023-01-02 19:23:14 -05:00
Cody Wyatt Neiman
97c45676de
Update paths and vars for mautrix-slack to roles/custom 2023-01-02 19:13:58 -05:00
Cody Wyatt Neiman
d6022d851e
Move mautrix-sack role files to new roles/custom path 2023-01-02 19:13:49 -05:00
Cody Wyatt Neiman
6fb0f26b30
Add mautrix/appservice slack bridge bot username checks 2023-01-02 19:13:49 -05:00
Cody Wyatt Neiman
784e5492d5
Add matrix-bridge-mautrix-slack role 2023-01-02 19:13:17 -05:00
Slavi Pantaleev
1abba4c918 Upgrade matrix-corporal (2.5.0 -> 2.5.1) 2023-01-02 14:39:54 +02:00
Slavi Pantaleev
73e689e48e Fix --tags=register-user not working on Dendrite due to broken Jinja syntax 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2369
 2022-12-31 17:33:46 +02:00
Slavi Pantaleev
ba09705f7f Make Jitsi auth setup not show credentials in the shell 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2363
 2022-12-26 07:58:32 +02:00
Aine
6795fe3578
Update ntfy 1.29.1 -> 1.30.1 2022-12-23 15:46:33 +00:00
Aine
8b2a86e35e
update beeper-linkedin 0.5.3 -> 0.5.4 2022-12-23 13:00:35 +02:00
Kuchenmampfer
d1442dec15
Upgrade Signald 
Fixes the following issue when trying to use the !pm <phone number> command: https://gitlab.com/signald/signald/-/issues/345
 2022-12-22 22:31:38 +00:00
adam-kress
bef4fe5d9e
Update element v1.11.16 -> v1.11.17 2022-12-21 13:16:09 -05:00
Samuel Meenzen
0179b0f165
Remove conduit workaround 
Conduit update 0.5.0 fixed the issue, so this is no longer needed.
 2022-12-21 18:28:34 +01:00
Samuel Meenzen
33fb5a4665
Upgrade Conduit (0.4.0 -> 0.5.0) 2022-12-21 18:21:49 +01:00
Slavi Pantaleev
40aa42e982 Add reference to push.enabled to homeserver.yaml 
Related to:

- https://github.com/matrix-org/synapse/pull/14551/files
- https://github.com/matrix-org/synapse/pull/14619/files
 2022-12-21 06:43:43 +02:00
Slavi Pantaleev
42c4f0450d Upgrade Prometheus (2.40.7 -> 2.41.0) 2022-12-20 21:37:19 +02:00
Slavi Pantaleev
d0b2a50768 Upgrade Hydrogen (v0.3.5 -> v0.3.6) 2022-12-20 21:36:39 +02:00
Joe Kappus
deabd79452
Upgrade Synapse (1.73.0 -> 1.74.0) 
Signed-off-by: Joe Kappus <joe@wt.gd>
 2022-12-20 14:07:14 -05:00
Catalan Lover
5e30f6d4c4
Update Mjolnir from 1.5.0 to 1.6.1 
Please note that This Mjolnir version bump technnically is missing some extra stuff that mjolnir claims we should do but it didnt work when i tried it and well my mjolnir deployment has been running this since release day almost and its fine. No errors in log that are unexpected. (Mjolnir throws errors in the log for anyone who wonders for various things that are fine. Like if a protection is off that is an error. Its due to how matrix-bot-lib works.)
 2022-12-19 15:33:58 +01:00
Slavi Pantaleev
f2e68469cb Upgrade nginx (1.23.2 -> 1.23.3) 2022-12-19 12:32:43 +02:00
Slavi Pantaleev
576eb0006c Upgrade Grafana (9.3.1 -> 9.3.2) 2022-12-17 22:49:34 +02:00
Slavi Pantaleev
a7d39b109a Upgrade Redis (7.0.6 -> 7.0.7) 2022-12-17 22:48:48 +02:00
Slavi Pantaleev
fa73513064 Upgrade mautrix-whatsapp (0.7.2 -> 0.8.0) 2022-12-17 22:47:38 +02:00
Aine
455b8aff15
Update prometheus 2.40.6 -> 2.40.7 2022-12-14 10:32:14 +00:00
Slavi Pantaleev
60127cdffd
Merge pull request #2339 from etkecc/patch-135 
update redis 7.0.5 -> 7.0.6
 2022-12-14 07:31:36 +02:00
Slavi Pantaleev
190f241bf5
Merge pull request #2340 from etkecc/patch-136 
Update jitsi stable-8138 -> stable-8138-1
 2022-12-14 07:31:31 +02:00
Aine
bd0f21588f
Update jitsi stable-8138 -> stable-8138-1 2022-12-13 22:49:10 +00:00
Aine
07ca0267f1
update redis 7.0.5 -> 7.0.6 2022-12-13 22:47:30 +00:00
Aine
f642f6fae7
update mautrix-instagram 0.2.2 -> 0.2.3 2022-12-13 22:45:52 +00:00
Slavi Pantaleev
1f593f708f Upgrade Jitsi (stable-8044 -> stable-8138) 
Untested
 2022-12-12 19:00:55 +02:00
Slavi Pantaleev
3f4ab0bd7e Upgrade Redis (7.0.4 -> 7.0.5) 2022-12-12 19:00:55 +02:00
Slavi Pantaleev
e8ed318908
Merge pull request #2335 from gardar/fix-tag-typo 
fix: unclosed tags typo
 2022-12-12 08:18:03 +02:00
gardar
b9afcead42 fix: unclosed tags typo 2022-12-11 23:25:59 +00:00
ikkemaniac
108ada75e8 update dashboard, fix typo, fix using original user ip 
improve nginxlog matches to group URI's
 2022-12-11 22:41:12 +01:00
Slavi Pantaleev
f69d90c1e6 Upgrade Prometheus (2.40.5 -> 2.40.6) 2022-12-11 18:29:13 +02:00
Slavi Pantaleev
86d177266a Upgrade matrix-corporal (2.4.0 -> 2.5.0) 2022-12-11 18:29:13 +02:00
Slavi Pantaleev
b0030bd62f
Merge pull request #2333 from mattcen/hydrogen-prebuilt-docker 
Use upstream Docker image for amd64 rather than self-build
 2022-12-11 17:01:48 +02:00
Matthew Cengia
3453fff901
Use upstream Docker image for amd64 rather than self-build 2022-12-11 21:25:43 +11:00
Slavi Pantaleev
2b89d5d92f Upgrade exim-relay (4.95-r0-4 -> 4.96-r1-0) 2022-12-11 11:45:47 +02:00
Luke Moch
dd51ad2ba2 fail if matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url 'not' startswith('http') 2022-12-10 08:13:55 -05:00
Slavi Pantaleev
d81e7d6328 Make matrix_synapse_ext_synapse_s3_storage_provider_config_endpoint_url required 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2330
 2022-12-10 10:37:01 +02:00
Slavi Pantaleev
3824139908 Rename inject_into_nginx_proxy.yml to init.yml when it does more than injection 2022-12-09 10:18:40 +02:00
Slavi Pantaleev
f186d6236d Add some missing tags to Synapse role 
Without these:

- `--tags=install-synapse` and `--tags=install-all` would be incomplete
and will not contain Synapse worker configuration

- `--tags=install-synapse-reverse-proxy-companion` and
  `--tags=setup-synapse-reverse-proxy-companion` would not contain
  Synapse worker configuration
 2022-12-09 10:15:40 +02:00
Dan Arnfield
5823f1f298 Only delete playbook scripts from /usr/local/bin 2022-12-07 13:26:02 -06:00
Rhys
fd79140201
Changes to allow a user to set the max participants on a jitsi conference (#2323) 
* Changes to allow a user to set the max participants on a jitsi
conference

* changed var name from jitsi_max_participants to matrix_prosody_jitsi_max_participants
 2022-12-07 17:54:58 +02:00
ikkemaniac
8ebf18a885
add prometheus-nginxlog-exporter role (#2315) 
* add prometheus-nginxlog-exporter role

* Rename matrix_prometheus_nginxlog_exporter_container_url to matrix_prometheus_nginxlog_exporter_container_hostname

* avoid referencing variables from other roles, handover info using group_vars/matrix_servers

* fix: stop service when uninstalling

fix: typo

move available arch's into a var

fix: text

* fix: prometheus enabled condition

Co-authored-by: ikkemaniac <ikkemaniac@localhost>
 2022-12-07 16:58:36 +02:00
Aine
fda65a0a56
postmoogle - add missing join()s 2022-12-07 11:38:47 +00:00
Aine
ba13231c58
update postmoogle 0.9.9 -> 0.9.10 2022-12-06 22:51:17 +02:00
Aine
ba4580a1fd
Update element v1.11.15 -> v1.11.16 2022-12-06 14:50:56 +00:00
Slavi Pantaleev
9edc7da67d Do not specify now-unnecessary worker_main_http_uri Synapse worker setting 
Related to

- c15e9a0edb
- 01a0527892
 2022-12-06 15:54:06 +02:00
Slavi Pantaleev
13e7399104 Handle /timestamp_to_event via Synapse workers 
Related to 8f10c8b054
 2022-12-06 15:52:16 +02:00
Slavi Pantaleev
663fe29ddb Do not specify start_pushers in Synapse config 
It's unnecessary when `pusher_instances` is populated.

Source: 6acb6d772a
 2022-12-06 15:49:56 +02:00
Slavi Pantaleev
135bb5af3e Do not specify send_federation in Synapse config 
It's unnecessary when `federation_sender_instances` is populated.

Source: 6acb6d772a
 2022-12-06 15:49:28 +02:00
Slavi Pantaleev
84d529b542 Upgrade Synapse (v1.72.0 -> v1.73.0) 
Synapse Worker configuration updates are coming later.
 2022-12-06 15:47:07 +02:00
Slavi Pantaleev
b1c77f9bf2 Add comment to matrix-backup-borg.service 
Related to 8005557061
 2022-12-05 15:45:33 +02:00
Slavi Pantaleev
8005557061 Give backup-borg container more permissions to perform the backup 
Running with a user (like `matrix:matrix`) fails if Etherpad is enabled,
because `/matrix/etherpad` is owned by `matrix_etherpad_user_uid`/`matrix_etherpad_user_gid` (`5001:5001`).

The `matrix` user can't acccess the Etherpad directory for this reason
and Borgmatic fails when trying to make a backup.

There may be other things under `/matrix` which similarly use
non-`matrix:matrix` permissions.

Another workaround might have been to add `/matrix/etherpad` (and
potentially other things) to `matrix_backup_borg_location_exclude_patterns`, but:

- that means Etherpad won't be backed up - not great
- only excluding Etherpad may not be enough. There may be other files we
  need to exclude as well

---

Running with `root` is still not enough though.

We need at least the `CAP_DAC_OVERRIDE` capability, or we won't be able to read the
`/etc/borgmatic.d/config.yaml` configuration file (owned by
`matrix:matrix` with `0640` permissions).

---

Additionally, it seems like the backup process tries to write to at least a few directories:
- `/root/.borgmatic`
- `/root/.ssh`
- `/root/.config`

> [Errno 30] Read-only file system: '/root/.borgmatic'
> Error while creating a backup.
> /etc/borgmatic.d/config.yaml: Error running configuration file

We either need to stop mounting the container filesystem as readonly
(remove `--read-only`) or to allow writing via a `tmpfs`.

I've gone the `tmpfs` route which seems to work.

In any case, the mounted source directories (`matrix_backup_borg_location_source_directories`)
are read-only regardless, so our actual source files are protected from unintentional changes.
 2022-12-05 15:42:57 +02:00
Slavi Pantaleev
64b03c2dfd Fix backup-borg repository initialization for borgmatic 1.7+ (or borg 2.0) 2022-12-05 15:00:11 +02:00
Slavi Pantaleev
1f1a3dfc38 Ensure database port is passed to Borg as an integer 
Without this, it's a string and borg says:

> At 'hooks.postgresql_databases[INDEX_HERE].port': '5432' is not of type 'integer'
> /etc/borgmatic/config.yaml /etc/borgmatic.d /tmp/.config/borgmatic/config.yaml /tmp/.config/borgmatic.d: No valid configuration files found

.. and fails to do anything.
 2022-12-05 14:42:02 +02:00
Slavi Pantaleev
d8df03dfc9 Mark Postgres v15 as supported for borg backup 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2257

Fixed in d134cd7c4c
(thanks to `alpine:latest` now being `alpine:3.17.0`, which includes
Postgres v15)
 2022-12-05 11:46:49 +02:00
Slavi Pantaleev
b2a40effaf Fix Element self-building by switching to docker-buildx 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2318
 2022-12-05 10:02:54 +02:00
Slavi Pantaleev
6414599079 Upgrade Coturn (4.6.0 -> 4.6.1) 2022-12-05 09:46:11 +02:00
Slavi Pantaleev
7464604ddd Make use of matrix_synapse_ext_s3_storage_provider_data_path in a few more places 2022-12-04 10:17:55 +02:00
Quentin Young
b31731ebf8 fix s3 storage provider not ensuring data dir 
This path is accessed by the s3 storage provider stuff and needs to be
ensured.

Broken by 7c5c3aedc
 2022-12-04 01:16:58 -05:00
Slavi Pantaleev
ceb2c30277 Upgrade mautrix-signal (v0.4.1 -> v0.4.2) 2022-12-03 15:37:17 +02:00
Slavi Pantaleev
d59bbfdfc9 Upgrade Hookshot (2.4.0 -> 2.5.0) 2022-12-02 19:15:04 +02:00
Slavi Pantaleev
a353bda7a1 Upgrade appservice-slack (2.0.1 -> 2.0.2) 2022-12-01 23:30:09 +02:00
Slavi Pantaleev
9e93030159 Upgrade Grafana (9.3.0 -> 9.3.1) 2022-12-01 23:29:33 +02:00
Aine
ea401170e1
Update prometheus 2.40.4 -> 2.40.5 2022-12-01 15:16:33 +00:00
Aine
8ca6cdd016
fix hookshot role 2022-11-30 12:25:51 +00:00
Slavi Pantaleev
e3d21e8096 Rename some default Hookshot variables 
Fixup for 7e2e2626a0

Some references were left unrenamed which caused `validate_config.yml`
to trigger.
 2022-11-30 11:55:23 +02:00
Slavi Pantaleev
dc817f30ce Upgrade Grafana (9.2.7 -> 9.3.0) 2022-11-30 11:50:21 +02:00
Slavi Pantaleev
9d5b5d7a01
Merge pull request #2308 from etkecc/patch-129 
Update grafana 9.2.6 -> 9.2.7
 2022-11-30 11:28:39 +02:00
Slavi Pantaleev
4eed49f931 Replace custom/matrix-postgres-backup role with galaxy/com.devture.ansible.role.postgres_backup 
This role is usable on its own and it's not tied to Matrix, so
extracting it out into an independent role that we install via
ansible-galaxy makes sense.

This also fixes the confusion from the other day, where
`matrix_postgres_*` had to be renamed to `devture_postgres_*`
(unless it was about `matrix_postgres_backup_*`).
We now can safely say that ALL `matrix_postgres_*` variables need to be
renamed.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2305
 2022-11-30 11:01:19 +02:00
Aine
d37adfba4e
Update grafana 9.2.6 -> 9.2.7 2022-11-30 08:48:07 +00:00
Aine
65019a5774
Update prometheus 2.40.2 -> 2.40.4 2022-11-30 08:30:50 +00:00
Slavi Pantaleev
bc64d8ed9a Upgrade prometheus-node-exporter (v1.4.0 -> v1.5.0) 2022-11-30 08:32:29 +02:00
Slavi Pantaleev
4a62df2ea3 Make Hookshot logging-level configurable 2022-11-30 08:18:41 +02:00
Slavi Pantaleev
84f306b236 Add support for enableHttpGet and waitForComplete Hookshot options 
Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2256
 2022-11-30 08:16:58 +02:00
Slavi Pantaleev
7e2e2626a0 Make hookshot variable names consistent with the rest of the playbook 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2256
 2022-11-30 08:13:39 +02:00
Array in a Matrix
d5e8d2a939
update dendrite 2022-11-29 11:58:00 -05:00
Slavi Pantaleev
8c5e34b37f Upgrade ddclient (v3.10.0-ls105 -> v3.10.0-ls106) 2022-11-29 08:20:36 +02:00
Slavi Pantaleev
4b2d30a474 Fix matrix_dendrite_client_api_turn_shared_secret not being defined 
Regression since https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2290
 2022-11-28 18:33:18 +02:00
Slavi Pantaleev
5b26647127 Upgrade Certbot (v1.31.0 -> v2.0.0) and switch to new default key type (ecdsa) 
More details about the new key type can be found here:
https://eff-certbot.readthedocs.io/en/stable/using.html#rsa-and-ecdsa-keys

Existing RSA-based keys will continue to renew as RSA until manual
action is taken. Example from the documentation above:
> certbot renew --key-type ecdsa --cert-name example.com --force-renewal

In the future, we may add a command which does this automatically for
all domains.
 2022-11-28 09:24:25 +02:00
Slavi Pantaleev
4b111d05d5 Pass devture_postgres_db_migration_request to com.devture.ansible.role.postgres in a cleaner way 2022-11-28 07:44:59 +02:00