Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						f12206676f 
					 
					
						
						
							
							Upgrade Synapse (v1.66.0 -> 1.67.0) and remove frontend_proxy workers  
						
						... 
						
						
						
						`frontend_proxy` workers have been superseded by `generic_worker` workers.
Related to https://github.com/matrix-org/synapse/pull/13645  
						
						
					 
					
						2022-09-13 15:45:50 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						04f224e634 
					 
					
						
						
							
							Merge branch 'master' into conduit  
						
						
						
						
					 
					
						2022-08-09 10:46:03 +03:00 
						 
				 
			
				
					
						
							
							
								Charles Wright 
							
						 
					 
					
						
						
							
						
						20767b5149 
					 
					
						
						
							
							Fixes to enable Conduit in setup-all  
						
						
						
						
					 
					
						2022-08-04 14:35:41 -05:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						d073c7ecb3 
					 
					
						
						
							
							More ansible-lint fixes  
						
						
						
						
					 
					
						2022-07-18 13:01:19 +03:00 
						 
				 
			
				
					
						
							
							
								Julian Foad 
							
						 
					 
					
						
						
							
						
						25b343c8c8 
					 
					
						
						
							
							matrix-ntfy: without nginx, bind to 127.0.0.1:2586  
						
						
						
						
					 
					
						2022-07-08 12:02:06 +01:00 
						 
				 
			
				
					
						
							
							
								Julian Foad 
							
						 
					 
					
						
						
							
						
						2a516a16fb 
					 
					
						
						
							
							matrix-ntfy: enable WebSocket proxying  
						
						
						
						
					 
					
						2022-07-04 15:31:37 +01:00 
						 
				 
			
				
					
						
							
							
								Julian Foad 
							
						 
					 
					
						
						
							
						
						ec9f8e2931 
					 
					
						
						
							
							Add a role to install 'ntfy' push-notification server.  
						
						... 
						
						
						
						This commit adds a 'matrix-ntfy' role that runs Ntfy server in Docker with
simple configuration, and plumbing to add the role to the playbook.
TODO: documentation, self-check, database persistence. 
						
						
					 
					
						2022-07-04 15:31:29 +01:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						ba51997f7b 
					 
					
						
						
							
							(BC Break) Redo how metrics are exposed to external Prometheus servers  
						
						
						
						
					 
					
						2022-06-23 17:55:07 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						49da9c76ac 
					 
					
						
						
							
							Merge pull request  #1782  from etkecc/matrix-bot-buscarron  
						
						... 
						
						
						
						add matrix-bot-buscarron 
						
						
					 
					
						2022-04-25 09:44:35 +03:00 
						 
				 
			
				
					
						
							
							
								Aine 
							
						 
					 
					
						
						
							
						
						290754371a 
					 
					
						
						
							
							add matrix-bot-buscarron  
						
						
						
						
					 
					
						2022-04-23 16:19:24 +03:00 
						 
				 
			
				
					
						
							
							
								Andrea Tartaglia 
							
						 
					 
					
						
						
							
						
						68424e68e5 
					 
					
						
						
							
							feat: make synapse htpasswd file path configurable  
						
						... 
						
						
						
						When setting `matrix_nginx_proxy_enabled: false` and enabling authentication on the metrics endpoint, the htpasswd file is hardcoded to the nginx-proxy container dir, this changes the hardcoded value to a variable so the path can be updated 
						
						
					 
					
						2022-04-23 11:13:36 +01:00 
						 
				 
			
				
					
						
							
							
								borisrunakov 
							
						 
					 
					
						
						
							
						
						acaebfbf67 
					 
					
						
						
							
							optional media cache with range requests support ( #1759 )  
						
						
						
						
					 
					
						2022-04-21 10:31:26 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						3b9d5b13e9 
					 
					
						
						
							
							Add support for not serving Dendrite federation APIs on the client port  
						
						... 
						
						
						
						Seems like Dendrite encourages serving both the Client and Federation
API at the same port.
Coming from Synapse and how things are done there, we have separate
ports. Using separate ports probably makes matrix-corporal (etc.)
integration easier, so separating the APIs by default probably makes
sense. 
						
						
					 
					
						2022-01-07 15:59:35 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						ecc237bbad 
					 
					
						
						
							
							Initial work on getting nginx reverse proxying working with Dendrite  
						
						
						
						
					 
					
						2022-01-07 15:59:35 +02:00 
						 
				 
			
				
					
						
							
							
								rakshazi 
							
						 
					 
					
						
						
							
						
						5788a16a2e 
					 
					
						
						
							
							added matrix-client-cinny  
						
						
						
						
					 
					
						2022-01-05 18:33:21 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						3a9fe48deb 
					 
					
						
						
							
							Make matrix-nginx-proxy's X-Forwarded-For header customizable  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1393  
						
						
					 
					
						2021-11-24 11:32:06 +02:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						f8fe68b385 
					 
					
						
						
							
							Allow workers to serve new v3 APIs  
						
						... 
						
						
						
						1f196f59cb 
					
						2021-11-17 14:54:49 +00:00 
						 
				 
			
				
					
						
							
							
								JokerGermany 
							
						 
					 
					
						
						
							
						
						c0656448f7 
					 
					
						
						
							
							Port 80 for IPv6  
						
						
						
						
					 
					
						2021-11-13 01:18:22 +01:00 
						 
				 
			
				
					
						
							
							
								b 
							
						 
					 
					
						
						
							
						
						6eaa8ac65a 
					 
					
						
						
							
							add server_name to matrix-synapsel.conf only if matrix_nginx_proxy_enabled  
						
						
						
						
					 
					
						2021-11-05 15:31:10 +02:00 
						 
				 
			
				
					
						
							
							
								Kim Brose 
							
						 
					 
					
						
						
							
						
						5f6bbafa17 
					 
					
						
						
							
							fix space before tab in indent  
						
						
						
						
					 
					
						2021-10-24 16:00:42 +02:00 
						 
				 
			
				
					
						
							
							
								HarHarLinks 
							
						 
					 
					
						
						
							
						
						4209c4208c 
					 
					
						
						
							
							add own variable for worker metrics  
						
						... 
						
						
						
						https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1311#issuecomment-945718866  
					
						2021-10-20 12:51:00 +02:00 
						 
				 
			
				
					
						
							
							
								HarHarLinks 
							
						 
					 
					
						
						
							
						
						d9fa2f7ed4 
					 
					
						
						
							
							add auto proxy synapse worker metrics  
						
						... 
						
						
						
						when matrix_nginx_proxy_proxy_synapse_metrics is enabled 
						
						
					 
					
						2021-10-04 21:44:50 +02:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						31396f0615 
					 
					
						
						
							
							Merge pull request  #1295  from nogweii/feat-support-upstream-https-forwarded  
						
						... 
						
						
						
						Support trusting the upstream server when it says the protocol is HTTPS 
						
						
					 
					
						2021-09-26 09:54:15 +03:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						a676b5358c 
					 
					
						
						
							
							Fix hydrogen OCSP typo  
						
						... 
						
						
						
						From 6f80292745 
						
						
					 
					
						2021-09-24 20:09:06 -05:00 
						 
				 
			
				
					
						
							
							
								Colin Shea 
							
						 
					 
					
						
						
							
						
						2578ca4cee 
					 
					
						
						
							
							rename matrix_nginx_proxy_x_forwarded_header_value -> matrix_nginx_proxy_x_forwarded_proto_value  
						
						
						
						
					 
					
						2021-09-24 05:22:30 -07:00 
						 
				 
			
				
					
						
							
							
								Colin Shea 
							
						 
					 
					
						
						
							
						
						d0cd67044e 
					 
					
						
						
							
							replace $scheme with X-Forwarded-Proto when enabled  
						
						
						
						
					 
					
						2021-09-24 05:14:38 -07:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						ae6caf158a 
					 
					
						
						
							
							Added variable matrix_nginx_proxy_request_timeout ( #1265 )  
						
						... 
						
						
						
						* add timeout param for nginx proxy
default value matrix_nginx_proxy_request_timeout is 60s
* default matrix_nginx_proxy_request_timeout - 60s
* few more variables for request timeout
* Update nginx.conf.j2
* Update nginx.conf.j2 
						
						
					 
					
						2021-09-03 10:00:45 +03:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						2e30802b87 
					 
					
						
						
							
							use group variables instead  
						
						
						
						
					 
					
						2021-08-11 15:21:09 +08:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						8238d65e5f 
					 
					
						
						
							
							simplify template conditional  
						
						
						
						
					 
					
						2021-08-11 14:19:19 +08:00 
						 
				 
			
				
					
						
							
							
								Michael Collins 
							
						 
					 
					
						
						
							
						
						bfb61e776e 
					 
					
						
						
							
							GMH v0.5.7... maybe!  
						
						
						
						
					 
					
						2021-08-10 12:58:10 +08:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4105ba854b 
					 
					
						
						
							
							Merge pull request  #1147  from datenkollektiv-net/allow-custom-federation-fqn  
						
						... 
						
						
						
						Make federation domain customizable 
						
						
					 
					
						2021-07-20 09:12:16 +03:00 
						 
				 
			
				
					
						
							
							
								JokerGermany 
							
						 
					 
					
						
						
							
						
						9345d840be 
					 
					
						
						
							
							root path for the base domain is wrong ( #1189 )  
						
						... 
						
						
						
						* root path for the base domain
* Fix path when running in a container
Co-authored-by: Slavi Pantaleev <slavi@devture.com > 
						
						
					 
					
						2021-07-20 08:48:11 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						6294e58304 
					 
					
						
						
							
							Fix Content-Security-Policy for Element  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1154 
According to
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy ,
having both a header and the `<meta>`-tag provided by Element itself is
not a problem. The 2 CSP policies get combined. 
						
						
					 
					
						2021-07-01 12:41:05 +03:00 
						 
				 
			
				
					
						
							
							
								oxmie 
							
						 
					 
					
						
						
							
						
						5df4d68829 
					 
					
						
						
							
							Make federation domain customizable  
						
						
						
						
					 
					
						2021-06-30 23:02:27 +02:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						0217644b48 
					 
					
						
						
							
							Content-Security-Policy For Element Web  
						
						... 
						
						
						
						https://github.com/vector-im/element-web#configuration-best-practices  
					
						2021-06-18 23:27:23 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						4880dcceb0 
					 
					
						
						
							
							Fix OCSP-stapling-related errors due to missing resolver  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-28 11:14:33 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						1ed0857019 
					 
					
						
						
							
							Fix syntax error  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1024  
						
						
					 
					
						2021-05-25 11:45:17 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						4a4a7f136e 
					 
					
						
						
							
							changes added to hydrogen client  
						
						
						
						
					 
					
						2021-05-25 11:42:51 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						25e67b51d1 
					 
					
						
						
							
							Merge branch 'spantaleev:master' into master  
						
						
						
						
					 
					
						2021-05-25 11:40:56 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						3436f9c10a 
					 
					
						
						
							
							rename to matrix_nginx_proxy_hsts_preload_enabled  
						
						
						
						
					 
					
						2021-05-25 00:56:59 +05:30 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						df2d91970d 
					 
					
						
						
							
							matrix_nginx_proxy_xss_protection  
						
						
						
						
					 
					
						2021-05-24 17:02:47 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						6f80292745 
					 
					
						
						
							
							Add OCSP stapling support and other SSL optimizations to Hydrogen vhost  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1061 
and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-21 13:40:37 +03:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						04548f8df2 
					 
					
						
						
							
							Merge branch 'master' into hydrogen  
						
						
						
						
					 
					
						2021-05-21 04:09:18 -05:00 
						 
				 
			
				
					
						
							
							
								Aaron Raimist 
							
						 
					 
					
						
						
							
						
						9437f78c9e 
					 
					
						
						
							
							Build using custom config.json, add CSP, update to 0.1.53  
						
						
						
						
					 
					
						2021-05-21 03:45:21 -05:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						e9b878b9e9 
					 
					
						
						
							
							Optimize SSL session  
						
						
						
						
					 
					
						2021-05-18 19:39:43 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						e6afa05f7b 
					 
					
						
						
							
							Enable OCSP stapling for the federation port  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057 
Not sure if this is beneficial though. 
						
						
					 
					
						2021-05-18 08:15:42 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						57a6a98a50 
					 
					
						
						
							
							Fix incorrect SSL certificate path  
						
						... 
						
						
						
						Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1057  
						
						
					 
					
						2021-05-18 07:58:47 +03:00 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						b9c4e8ce16 
					 
					
						
						
							
							Merge pull request  #1057  from sakkiii/ssl_staple  
						
						... 
						
						
						
						Enable OCSP Stapling 
						
						
					 
					
						2021-05-18 07:50:35 +03:00 
						 
				 
			
				
					
						
							
							
								sakkiii 
							
						 
					 
					
						
						
							
						
						d31b55b2a7 
					 
					
						
						
							
							SSL-enabled block only  
						
						
						
						
					 
					
						2021-05-18 03:24:06 +05:30 
						 
				 
			
				
					
						
							
							
								Slavi Pantaleev 
							
						 
					 
					
						
						
							
						
						e4dd933cf0 
					 
					
						
						
							
							Make missing /_synapse/admin correctly return 404 responses  
						
						... 
						
						
						
						Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1058 
We may try to capture such calls and return a friendlier response (HTML
or JSON) saying "The Synapse Admin API is not enabled", but that may not
be desirable.
For now, we stick to what "upstream" recommends: "simply
don't proxy these APIs", which should lead to the same kind of 404 that
we have now.
See here: 6660912226/docs/reverse_proxy.md (synapse-administration-endpoints) 
						
						
					 
					
						2021-05-17 11:45:35 +03:00