3
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-10-24 17:13:23 +00:00
Commit Graph

38 Commits

Author SHA1 Message Date
Slavi Pantaleev
c95ca4badc Do not ask everyone to whitelist Jitsi ports
It's an optional service, so we shouldn't bother most people with it.
2021-04-21 14:48:54 +03:00
Slavi Pantaleev
93960b70be Do not fail if _matrix-identity DNS SRV record missing
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/963

This also simplifies Prerequisites, which is great.

It'd be nice if we were doing these checks in some optional manner
and reporting them as helpful messages (using
`matrix_playbook_runtime_results`), but that's more complicated.
I'd rather drop these checks completely.
2021-03-30 11:24:04 +03:00
Slavi Pantaleev
1a0f64f23b Mention specs on the Prerequisites page
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/682
2021-01-28 19:21:33 +02:00
Slavi Pantaleev
0f64f4dc4b Stop using + to mean "or newer" 2021-01-22 22:05:52 +02:00
Slavi Pantaleev
fb28f59f8c Initial work on a FAQ document 2021-01-21 12:55:17 +02:00
Slavi Pantaleev
e1690722f7 Replace cronjobs with systemd timers
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/756

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/737

I feel like timers are somewhat more complicated and dirty (compared to
cronjobs), but they come with these benefits:

- log output goes to journald
- on newer systemd distros, you can see when the timer fired, when it
will fire, etc.
- we don't need to rely on cron (reducing our dependencies to just
systemd + Docker)

Cronjobs work well, but it's one more dependency that needs to be
installed. We were even asking people to install it manually
(in `docs/prerequisites.md`), which could have gone unnoticed.

Once in a while someone says "my SSL certificates didn't renew"
and it's likely because they forgot to install a cron daemon.

Switching to systemd timers means that installation is simpler
and more unified.
2021-01-14 23:35:50 +02:00
Slavi Pantaleev
88acc98c23 Mention LXC 2021-01-13 19:39:08 +02:00
Slavi Pantaleev
e2e6cfaa8b Document Ansible's Python interpreter discovery some more
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/570

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/641
2020-12-16 18:14:52 +02:00
Slavi Pantaleev
c07c927d9f Automatically enable openid listeners when ma1sd enabled
ma1sd requires the openid endpoints for certain functionality.
Example: 90b2b5301c/src/main/java/io/kamax/mxisd/auth/AccountManager.java (L67-L99)

If federation is disabled, we still need to expose these openid APIs on the
federation port.

Previously, we were doing similar magic for Dimension.
As per its documentation, when running unfederated, one is to enable
the openid listener as well. As per their recommendation, people
are advised to do enable it on the Client-Server API port
and use the `federationUrl` variable to override where the federation
port is (making federation requests go to the Client-Server API).

Because ma1sd always uses the federation port (unless you do some
DNS overwriting magic using its configuration -- which we'd rather not
do), it's better if we just default to putting the `openid` listener
where it belongs - on the federation port.

With this commit, we retain the "automatically enable openid APIs" thing
we've been doing for Dimension, but move it to the federation port instead.
We also now do the same thing when ma1sd is enabled.
2020-12-08 16:59:20 +02:00
Slavi Pantaleev
3fd198e89a Add notes about running Ansible on Ubuntu 20.04
Discussed in #669 (Github Issue).
2020-10-15 11:35:29 +03:00
Chris van Dijk
cb94167ccb Add missing parenthesis in docs 2020-05-27 17:00:44 +02:00
Chris van Dijk
84e2e31d07 Linking to a file is more robust than linking to a line number 2020-05-27 16:40:05 +02:00
Chris van Dijk
1b47197c91 Minor docs formatting cleanup 2020-05-27 15:55:11 +02:00
Chris van Dijk
256de59a75 Add note on port forwarding to docs when running Jitsi behind NAT 2020-05-27 14:33:17 +02:00
Horvath Gergely
441278412b add explicit information for the Rapsberry pi 2020-04-19 13:51:26 +02:00
skoal
ab58b3fc9e Update prerequisites.md
Added Jitsi firewall ports
2020-04-09 14:31:42 +02:00
Christian Wolf
1b87dbf54b Added documentation to README file 2020-03-28 17:33:51 +01:00
Slavi Pantaleev
22ce50875a Mention that root access is a requirement
Fixes #396 (Github Issue).
2020-03-15 13:04:55 +02:00
Horvath Gergely
447dd94ff9 update documentation 2020-03-14 20:41:01 +01:00
Horvath Gergely
470b9875e7 Document raspberry pi support 2020-02-23 19:32:00 +01:00
Slavi Pantaleev
50614f1bad Simplify Prerequisites a bit
Don't mention systemd-journald adjustment anymore, because
we've changed log levels to WARNING and Synapse is not chatty by default
anymore.

The "excessive log messages may get dropped on CentOS" issue no longer
applies to most users and we shouldn't bother them with it.
2019-11-10 08:35:17 +02:00
Slavi Pantaleev
9b84e06201 Add a note about CentOS 8 support 2019-11-10 08:31:08 +02:00
Aaron Raimist
cb2cb70b31 Mention that ARM is not supported
Feel free to reword but we have had a couple of issues created now asking about Raspberry Pi support.
2019-11-08 08:55:36 -06:00
Slavi Pantaleev
0e4030f05c Add missing word 2019-07-09 09:14:57 +03:00
Slavi Pantaleev
ef5e4ad061 Make Synapse not log to text files
Somewhat related to #213 (Github Pull Request).

We've been moving in the opposite direction for quite a long time.
All services should just leave logging to systemd's journald.
2019-07-04 17:46:31 +03:00
Slavi Pantaleev
9c401efb2d Add a note about beta/pre-release distros 2019-04-16 13:10:31 +03:00
Borjan Tchakaloff
cbd629e7ea Specify that cron is likely required on the server
When using Let's Encrypt SSL certificates, a cronjob is set up to
automatically renew them. Though it does require a `cron`-compatible
program on the server.

This fixes the error that is caused by the `/etc/cron.d` directory
not existing and the `ansible-cron` module trying to write out a
file there -- without checking if the directory exists first.
2019-03-22 17:44:24 +01:00
Slavi Pantaleev
59e37105e8 Add TLS support to Coturn 2019-03-19 10:24:39 +02:00
Slavi Pantaleev
10d9293121 Indicate that TURN ports are a range 2019-03-13 08:23:10 +02:00
Slavi Pantaleev
c545d3eb85 Add support for serving base domain via matrix-nginx-proxy 2019-03-12 23:01:16 +02:00
Slavi Pantaleev
a1f9869eb2 Improve documentation about getting the playbook 2019-03-10 17:02:20 +02:00
Slavi Pantaleev
747574ab56 Update Prerequisites a bit 2019-02-20 11:39:04 +02:00
Slavi Pantaleev
5148f8edf4 Update docs 2019-02-06 09:36:03 +02:00
Slavi Pantaleev
b540427974 Mention alternative ways to do Server Delegation 2019-02-05 13:02:15 +02:00
Slavi Pantaleev
f6ebd4ce62 Initial work on Synapse 0.99/1.0 preparation 2019-02-05 12:09:46 +02:00
Slavi Pantaleev
5135c0cc0a Add Ansible guide and Ansible version checks
After having multiple people report issues with retrieving
SSL certificates, we've finally discovered the culprit to be
Ansible 2.5.1 (default and latest version on Ubuntu 18.04 LTS).

As silly as it is, certain distributions ("LTS" even) are 13 bugfix
versions of Ansible behind.

From now on, we try to auto-detect buggy Ansible versions and tell the
user. We also provide some tips for how to upgrade Ansible or
run it from inside a Docker container.

My testing shows that Ansible 2.4.0 and 2.4.6 are OK.
All other intermediate 2.4.x versions haven't been tested, but we
trust they're OK too.

From the 2.5.x releases, only 2.5.0 and 2.5.1 seem to be affected.
Ansible 2.5.2 corrects the problem with `include_tasks` + `with_items`.
2019-01-03 16:24:14 +02:00
Slavi Pantaleev
c48e31381d Add minimum version requirement for Ansible 2018-12-29 15:31:05 +02:00
Slavi Pantaleev
30c53cdea2 Split README into a bunch of files in docs/ 2018-08-08 10:07:02 +03:00