Commit Graph

108 Commits

Author SHA1 Message Date
Slavi Pantaleev
8445843562 Switch postgres/postgres-backup Ansible role sources and adjust variable names (devture_postgres_ -> postgres_) 2024-09-27 09:37:24 +03:00
comeUpWithItLater
11e241e30a
Added an example of fronting the playbook's integrated Traefik reverse-proxy with the existing Caddy container (#3514)
* Added an example of fronting the playbook's integrated Traefik reverse-proxy with the existing Caddy container (not the `apt-get` or `yum` installed Caddy).  Helpful for folks who have an existing server with a Caddy container already serving multiple applications.

* Update examples/reverse-proxies/caddy2-in-container/README.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update examples/reverse-proxies/caddy2-in-container/README.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update examples/reverse-proxies/caddy2-in-container/README.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Code formatted, linted with yamllint

* README.md updated

* docs/configuring-playbook-own-webserver-caddy.md removed

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-09-14 09:06:40 +03:00
Jost Alemann
2a35ad5a0a
Update nginx fronting example: http2 config and enable quic+http3 (#3460)
* update http2 config due to deprecation

the previous way to let `http2` follow a `listen` was depracated, it
moved to `http2 on;`

* enable quic and http3

I hope the comments are somewhat understandable. if someone can describe
the `reuseport` part more concise, please do.
2024-08-01 18:12:27 +03:00
Slavi Pantaleev
b5ec8f83b1 Revert "become -> ansible_become"
This reverts commit 9c01d875f3.

This is very confusing and messy.. but it's documented.
`ansible_become_*` variables actually take priority and override all `become_*`
variables set at the task level.

As such, using `ansible_become=true ansible_become_user=root` in
`inventory/hosts` causes issues because tasks that specify
`become: OTHER_USER` will be forced to run as `root` due to
`ansible_become_user`.
2024-03-26 11:59:13 +02:00
Slavi Pantaleev
9c01d875f3 become -> ansible_become
For some of these, the `ansible_` prefix does not seem to be needed,
but it's the canonical way to do things and it may become required in
newer Ansible versions.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3237
2024-03-25 07:11:04 +02:00
Gouthaman Raveendran
0f2f72f50f
Update README.md (#3175) 2024-02-18 10:11:09 +02:00
Slavi Pantaleev
60a01622cf
Minor improvements to the nginx-proxy-manager docs 2024-01-20 16:09:14 +02:00
SirHazza
448484a625 Created dedicated guide on Nginx Proxy Manager 2024-01-20 13:59:58 +00:00
SirHazza
6c1069fd16
Updated nginx proxy fronting with NPM guide
Updated the 'nginx reverse-proxy fronting' documentation with a guide for Nginx Proxy Manager, as you can't use the pre-existing nginx matrix.conf
2024-01-19 22:46:58 +00:00
mcnesium
66bf8589ae
fix ProxyPass directive by adding mandatory trailing slash 2024-01-18 11:16:01 +01:00
Rubén Cabrera
48cb43ec19 Update broken links in reverse proxies docs 2024-01-16 22:03:06 +00:00
Slavi Pantaleev
3e3afb79b8 Relocate reverse-proxy example configurations and update docs/configuring-playbook-own-webserver.md with more details 2024-01-15 13:53:14 +02:00
Slavi Pantaleev
0e831db3e5 Update reverse-proxy examples 2024-01-14 17:24:00 +02:00
Slavi Pantaleev
2f457b2a23 Remove inventory/ directory tree to allow people to manage it as a git repository (etc.)
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3086
2024-01-09 19:08:43 +02:00
mcnesium
4948f82141
Map /.well-known/matrix/support for support discovery 2023-10-21 15:58:11 +02:00
Slavi Pantaleev
dc9ff4e01b Add support for external-IP-address-autodetection to Coturn 2023-10-10 11:10:21 +03:00
Slavi Pantaleev
321a3a93ab
Update hosts 2023-07-01 09:39:19 +03:00
David Holdeman
d9bbe08771
add note 2023-06-30 22:06:36 -05:00
tammes
981805002d add example Caddyfile for fronting Traefik, mark the old one as deprecated and update READMEs 2023-05-25 22:45:09 +02:00
Jost Alemann
c46f79358f
fix: add missing word 2023-04-17 10:09:24 +02:00
Slavi Pantaleev
91660f7433 Improve wordng in examples/nginx/README.md 2023-02-27 17:45:28 +02:00
Jost Alemann
89b9fca85c
remove duplicate of playbook config instructions 2023-02-27 15:51:04 +01:00
Jost Alemann
8dacdb038b
add: nginx example conf + readme for fronting playbooks traefik with own nginx 2023-02-27 15:34:37 +01:00
Slavi Pantaleev
71ae825f6a Switch default reverse-proxy to Traefik, force reverse-proxy choice on existing users 2023-02-26 16:14:05 +02:00
Slavi Pantaleev
04b9483f0d Switch from matrix-postgres to com.devture.ansible.role.postgres 2022-11-27 08:04:31 +02:00
Slavi Pantaleev
e9e84341a9 Reverse-proxy to Synapse via matrix-synapse-reverse-proxy-companion
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2090
2022-11-20 16:43:33 +02:00
Slavi Pantaleev
410a915a8a Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.
2022-11-03 09:11:29 +02:00
Slavi Pantaleev
ce8e9be6a8 Document Conduit installation
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2076
2022-10-27 09:56:16 +03:00
François Darveau
a061ea54b3 Caddyfile example : enable Content-Security-Policy by default instead of having the line commented 2022-10-11 07:32:02 -04:00
François Darveau
5271840971 caddy2 Caddyfile : add CORS handling, update click-jacking protection to handle different subdomains and add example for cases with other well-knowns 2022-10-10 16:43:42 -04:00
mcnesium
72309ed0a1
run the playbook on multiple hosts with different credentials (#1980)
* run the playbook on multiple hosts with different credentials with this script

* fix: add yaml missing document start "---"

* fix: *now really* allow this script to be run from any directory

* add about-note to examples/host.yml

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* improve ansible-all-hosts.sh related docs/configuring-playbook.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* fix typos :)

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2022-07-26 16:34:55 +03:00
Arkonos
ef3b352eec Merge branch 'master' of https://github.com/Arkonos/matrix-docker-ansible-deploy 2022-05-08 21:37:56 +02:00
Arkonos
6abdb6e6f0 clarifying reverse proxying of well-known files 2022-05-08 21:33:46 +02:00
Marko Weltzer
7e5b88c3b7 fix: all praise the allmighty yamllinter 2022-02-05 21:32:54 +01:00
Slavi Pantaleev
bbbfc0708f Derive matrix_coturn_turn_static_auth_secret from matrix_homeserver_generic_secret_key
Doing this further simplifies examples/vars.yml.
2022-01-07 16:00:51 +02:00
Slavi Pantaleev
965890bf75 Derive secrets from matrix_homeserver_generic_secret_key, not matrix_synapse_macaroon_secret_key
We're trying to move away from implementation-specific variables,
hoping for a clean (implementation-neutral) examples/vars.yml file.
2022-01-07 16:00:42 +02:00
Slavi Pantaleev
1dfe21944f Make matrix_homeserver_implementation influence matrix_IMPLEMENTATION_enabled, not the other way around
Doing this seems more reasonable and simpler.
2022-01-07 15:59:35 +02:00
Wm Salt Hale
06f3b813d6 added .well-known path to Caddy2 example, closes #1442 2021-12-20 10:50:05 -08:00
jariz
0a10077c63
caddy example fixes
- caddy v1 requires a path in the header directive
- msisd has been replaced in favour of ma1sd
2021-10-28 11:16:43 +02:00
Kim Brose
b3cfa2a1ba
Fix typo 2021-09-14 16:52:57 +02:00
Slavi Pantaleev
814fb33f45
Merge pull request #1184 from Toorero/apache-example-enhancements
Added proxy config for synapse-admin
2021-07-17 09:30:10 +03:00
Toorero
b5ab31240f Added missing X-Forwarded-Proto header 2021-07-16 18:52:26 +02:00
Toorero
ab0d2055ba Added proxy config for synapse-admin 2021-07-15 02:15:07 +02:00
Slavi Pantaleev
dd7a23ede6
Merge pull request #1068 from rafaelsgirao/master
Fix typo in examples/caddy2
2021-05-19 22:27:27 +03:00
Slavi Pantaleev
15f4972dbf Remove syntax-breaking pagination line
Seems to have been added by mistake.
2021-05-19 22:25:27 +03:00
Rafael Girão
729f348864
Fix typo in examples/caddy2 2021-05-19 20:11:50 +01:00
Slavi Pantaleev
a25b8135b8 Fix point overlap between matrix-domain and Jitsi
Mostly affects people who disable the integrated `matrix-nginx-proxy`.

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/456
and more specifically 4d62a75f6f.
2021-03-01 20:27:45 +02:00
Aaron Raimist
a8b61adb8d
Clarify hosts file wording 2021-02-01 03:22:04 -06:00
Slavi Pantaleev
1a3034b0c8 Fix typo 2021-01-22 14:13:56 +02:00
Slavi Pantaleev
95346f3117 Reorganize Postgres access (breaking change)
In short, this makes Synapse a 2nd class citizen,
preparing for a future where it's just one-of-many homeserver software
options.

We also no longer have a default Postgres superuser password,
which improves security.

The changelog explains more as to why this was done
and how to proceed from here.
2021-01-22 13:26:12 +02:00