Commit Graph
100 Commits
Author SHA1 Message Date
Slavi PantaleevandGitHub 9b541c8979 Merge pull request #254 from Sudneo/add-haproxy-doc
Add haproxy doc
2019-08-26 11:46:56 +03:00
Slavi Pantaleev f2f3d41649 Make matrix-corporal configuration extensible
Fixes #70 (Github Issue).
2019-08-25 10:58:30 +03:00
Slavi Pantaleev 2d4e19326d Add missing when statement 2019-08-25 10:44:01 +03:00
Slavi Pantaleev 0edd7e8089 Make Riot-web configuration extensible
Fixes #71 (Github Issue).
2019-08-25 10:37:05 +03:00
Slavi Pantaleev c4eebc5355 Add information about community-grouping for the Facebook bridge 2019-08-24 12:14:17 +03:00
Slavi Pantaleev 10a9deba4a Make Synapse configuration extensible 2019-08-22 09:49:22 +03:00
Slavi Pantaleev b440d5b73c Remove some fact definitions during runtime 2019-08-22 08:00:02 +03:00
Slavi Pantaleev dd0f35562b Update changelog 2019-08-21 07:48:42 +03:00
Slavi PantaleevandGitHub 811a46ad07 Merge pull request #205 from kingoftheconnors/master
Add Slack bridging support
2019-08-21 07:43:07 +03:00
Slavi PantaleevandGitHub 65da600426 Merge branch 'master' into master 2019-08-21 07:34:20 +03:00
Slavi Pantaleev 63d1ed1d56 Update changelog and documentation 2019-08-21 07:24:58 +03:00
Slavi PantaleevandGitHub c8a4d59a81 Merge pull request #251 from Munfred/master
Add mautrix-hangouts bridge role and documentation
2019-08-21 07:15:14 +03:00
Slavi PantaleevandGitHub 2ef8898421 Add comment 2019-08-21 07:14:31 +03:00
Slavi PantaleevandGitHub 97fb71d98c Change privilege level 2019-08-21 07:12:46 +03:00
Slavi Pantaleev 1bcbc4a9ba Update matrix-corporal (1.4.0 -> 1.5.0) 2019-08-20 11:20:26 +03:00
Slavi PantaleevandGitHub e4b67fdb6b Fix typo 2019-08-20 09:07:54 +03:00
Slavi PantaleevandGitHub 4c9105eeec Fix typo 2019-08-20 09:06:54 +03:00
Slavi PantaleevandGitHub 2efcf11ee8 Remove some whitespace 2019-08-20 09:06:14 +03:00
Slavi PantaleevandGitHub 885338c4fb Merge pull request #249 from Munfred/master
Describe setting up SMTP server with Sendgrid
2019-08-19 18:58:57 +03:00
Slavi PantaleevandGitHub c464ab303c Merge pull request #250 from thedanbob/updates
Update synapse (1.3.0 -> 1.3.1) and riot-web (1.3.2 -> 1.3.3)
2019-08-19 18:58:05 +03:00
Slavi Pantaleev db57618abd Update nginx and certbot 2019-08-17 10:21:23 +03:00
Slavi Pantaleev fcd96b5dee Add missing options to ProxyPass 2019-08-17 10:14:40 +03:00
Slavi Pantaleev 3cb34e6998 Improve Synapse reverse-proxying Apache examples
Thanks to @ralfi!
2019-08-17 10:13:45 +03:00
Slavi Pantaleev e22672911d Add Server-Server API proxying to Apache example configuration
Contributed by @ralfi.
2019-08-16 10:08:09 +03:00
Slavi PantaleevandGitHub fe3f523853 Merge pull request #245 from dreamflasher/patch-1
missing Map /.well-known/matrix/server for server discovery
2019-08-16 10:00:43 +03:00
Slavi PantaleevandGitHub d675cb3d4b Serve /.well-known/matrix/server with proper Content-Type 2019-08-16 10:00:26 +03:00
Slavi Pantaleev 1b2191a0f1 Add new Synapse configuration options (since 1.3.0)
Continuation of #246 (Github Pull Request)
2019-08-16 09:57:51 +03:00
Slavi PantaleevandGitHub c5c1216f31 Merge pull request #246 from thedanbob/synapse-1.3.0
Update synapse (1.2.1 -> 1.3.0)
2019-08-15 15:45:11 +03:00
Slavi Pantaleev a1afafeb35 Upgrade mxisd (1.4.5 -> 1.4.6) 2019-08-15 09:36:04 +03:00
Slavi Pantaleev 59d807fca7 Ensure auth.clientID is passed as string in Discord configuration
Discord client IDs are numeric (e.g. 12345).
Passing them as integers however, causes the Discord bridge's YAML parser
to parse them as integers and its config schema validation will fail.

Fixes #240 (Github Issue)
2019-08-11 16:16:05 +03:00
Slavi PantaleevandGitHub 0646d4b3ec Merge pull request #239 from thedanbob/postgres-11.5-10.10-9.6.15
Bump postgres versions (11.5, 10.10, 9.6.15)
2019-08-09 15:08:20 +03:00
Slavi Pantaleev c2c0481d90 Mention Email2Matrix usage alongside Postfix 2019-08-09 12:15:44 +03:00
Slavi Pantaleev 910ffb481c Update email2matrix (1.0 -> 1.0.1) 2019-08-09 12:10:53 +03:00
Slavi Pantaleev 99f5baa7bb Fix undefined variable error (matrix_synapse_id_servers_public)
This only gets triggered if:
- the Synapse role is used standalone and the default values are used
- the whole playbook is used, with `matrix_mxisd_enabled: false`
2019-08-08 18:30:54 +03:00
Slavi PantaleevandGitHub 5b736c416b Merge pull request #236 from oleg-fiksel/guest-access
Added possibility to enable guest access on synapse
2019-08-08 13:18:55 +03:00
Slavi Pantaleev 3e57a1463a Serve nginx status page over HTTPS as well
Continuation of #234 (Github Pull Request).

I had unintentionally updated the documentation for the feature,
saying the page is available at `https://matrix.DOMAIN/nginx_status`.

Looks like it wasn't the case, going against my expectations.

I'm correcting this with this patch.
The status page is being made available on both HTTP and HTTPS.
Serving over HTTP is likely necessary for services like
Longview
(https://www.linode.com/docs/platform/longview/longview-app-for-nginx/)
2019-08-07 12:53:53 +03:00
Slavi PantaleevandGitHub 4abca27df7 Merge pull request #234 from ugs9fsy71cb/master
Serve nginx_status to matrix.DOMAIN
2019-08-07 12:36:03 +03:00
Slavi PantaleevandGitHub f97175a1c6 Update configuring-playbook-ngnix.md 2019-08-07 12:35:48 +03:00
Slavi PantaleevandGitHub 949009f254 Merge pull request #233 from thedanbob/riot-web-1.3.2
Update riot-web (1.3.0 -> 1.3.2)
2019-08-06 15:07:19 +03:00
Slavi Pantaleev bce165f247 Do not suggest DEBUG logging when submitting issues
It's been pointed out that DEBUG logs could contain sensitive
information (access tokens, etc.), which makes them unsuitable
for sharing with others. INFO should be enough.
2019-08-06 07:14:52 +03:00
Slavi Pantaleev d222640140 Add firewall notice about email2matrix 2019-08-05 14:10:24 +03:00
Slavi Pantaleev 847f887e1b Update README 2019-08-05 13:12:42 +03:00
Slavi Pantaleev 4be35822dd Add Email2Matrix support 2019-08-05 13:09:49 +03:00
Slavi PantaleevandGitHub 5d1c76f0e3 Merge pull request #232 from jooize/patch-2
Clarify sentence about dedicated user for access token
2019-08-04 08:04:46 +03:00
Slavi Pantaleev 6fe4bafc2a Decrease default Synapse logging level
Also discussed previously in #213 (Github Pull Request).

shared-secret-auth and rest-auth logging is still at `INFO`
intentionally, as user login events seem more important to keep.
Those modules typically don't spam as much.
2019-08-03 07:48:04 +03:00
Slavi Pantaleev 6fc779dc83 Ensure matrix_ssl_retrieval_method value is valid
We recently had someone in the support room who set it to `false`
and the playbook ran without any issues.

This currently seems to yield the same result as 'none', but it's
better to avoid such behavior.
2019-08-02 11:59:10 +03:00
Slavi Pantaleev c40d28a0dc Relocate user-store.db/room-store.db when migrating Discord bridge files
Refer to 524436ebef and #230 (Github Issue).
2019-08-01 14:40:12 +03:00
Slavi Pantaleev 524436ebef Add missing required parameters for Discord bridge
Fixes #230 (Github Issue).

Related to https://github.com/Half-Shot/matrix-appservice-discord/issues/510
2019-08-01 14:36:02 +03:00
Slavi Pantaleev 18f6b29372 Bump matrix-mailer / exim release (4.92.1-r0-0 -> 4.92.1-r0-1)
It adds support for a new `DISABLE_SENDER_VERIFICATION` environment
variable that can be used to disable verification of sender addresses.

It doesn't matter for us, but we upgrade to keep up with latest.
2019-07-31 10:47:57 +03:00
Slavi Pantaleev 0e3b73a612 Upgrade matrix-mailer / exim (4.92 -> 4.92.1) 2019-07-30 20:56:05 +03:00
Slavi Pantaleev d543780e42 Use mautrix-telegram Docker image from new official registry 2019-07-28 19:33:02 +03:00
Slavi Pantaleev 53ab66eef8 Use mautrix-whatsapp Docker image from new official registry 2019-07-28 19:31:42 +03:00
Slavi Pantaleev 82bb55ae7a Use new default port config for mautrix-facebook 2019-07-28 18:42:42 +03:00
Slavi Pantaleev b0162d6f75 Use mautrix-facebook Docker image from new official registry 2019-07-28 18:40:55 +03:00
Slavi PantaleevandGitHub becb9a7b8b Merge pull request #228 from danbob/fix-apt-warning
Fix apt message: docker doesn't support arch 'i386'
2019-07-27 10:30:09 +03:00
Slavi Pantaleev bd99dd05b4 Upgrade Synapse (1.2.0 -> 1.2.1) 2019-07-26 14:17:31 +03:00
Slavi Pantaleev 255b67a0ce Update homeserver.yaml with new options from Synapse v1.2.0
Related to #223 (Github Pull Request)
2019-07-25 22:03:12 +03:00
Slavi PantaleevandGitHub bb9fd41403 Merge pull request #223 from danbob/synapse-1.2.0
Update synapse (1.1.0 -> 1.2.0)
2019-07-25 17:14:41 +03:00
Slavi PantaleevandGitHub 25327abbc3 Merge pull request #222 from danbob/nginx-1.17.2
Update nginx (1.17.1 -> 1.17.2)
2019-07-24 14:27:22 +03:00
Slavi PantaleevandGitHub 11b1de5522 Merge pull request #220 from lpopov/patch-1
Upgrade riot-web (1.2.4 - 1.3.0)
2019-07-19 15:41:46 +03:00
Slavi PantaleevandGitHub 479a5137ca Merge pull request #218 from RedooNetworks/master
introduce configuration to change riot branding / title
2019-07-17 17:07:31 +03:00
Slavi Pantaleev 3a8ed2dd81 Upgrade riot-web (1.2.3 -> 1.2.4) 2019-07-12 13:09:21 +03:00
Slavi Pantaleev 5a6c546d87 Upgrade Telegram bridge (0.5.2 -> 0.6.0) 2019-07-12 13:08:48 +03:00
Slavi Pantaleev 87e3650327 Ensure Discord client id is passed as a string
Looks like these client ids are actually integers,
but unless we pass them as a string, the bridge would complain with
an error like:

    {"field":"data.auth.clientID","message":"is the wrong type","value":123456789012345678,"type":"string","schemaPath":["properties","auth","properties","clientID"]}

Explicitly-casting to a string should fix the problem.

The Discord bridge should probably be improved to handle both ints and
strings though.
2019-07-12 10:15:43 +03:00
Slavi Pantaleev 99283ef684 Add note about SMTPS not being supported
Fixes #216 (Github Issue).
2019-07-10 08:43:27 +03:00
Slavi PantaleevandGitHub 277a6eb7da Merge pull request #215 from danbob/update-riot-web
Update to riot 1.2.3
2019-07-09 15:10:39 +03:00
Slavi Pantaleev 0e4030f05c Add missing word 2019-07-09 09:14:57 +03:00
Slavi Pantaleev 1316d36f8b Fix deprecation warning (using cron module without name) 2019-07-09 09:11:38 +03:00
Slavi Pantaleev 76862f4f2a Suggest running start tag after janitor and Postgres vacuum
We do restart Synapse explicitly, but some other services
(bridges, matrix-corporal, ..) may not restart sometimes.

It's best to restart all services explicitly.
2019-07-08 11:09:23 +03:00
Slavi Pantaleev 9d07aaefbf Fix passkey.pem permissions breaking IRC bridge
Regression since 174a6fcd1b, #204 (Github Pull Request),
which only affects new servers.

Old servers which had their passkey.pem file relocated were okay.
2019-07-08 10:13:45 +03:00
Slavi Pantaleev e317de5ac1 Fix broken link 2019-07-08 09:40:52 +03:00
Slavi Pantaleev 0ca21d80d7 Add Synapse Maintenance docs and synapse-janitor integration 2019-07-08 09:38:36 +03:00
Slavi Pantaleev 631a14bf0c Rename run control variables for consistency 2019-07-08 09:38:36 +03:00
Slavi Pantaleev e805044b80 Delete scripts when uninstalling Postgres 2019-07-08 09:38:36 +03:00
Slavi PantaleevandGitHub 84f5a0fa69 Merge pull request #214 from danbob/update-nginx
Bump nginx version to 1.17.1
2019-07-05 07:16:54 +03:00
Slavi Pantaleev 17cd52ced6 Make Synapse log messages a bit prettier
ef5e4ad061 intentionally makes us conform to
the logging format suggested by the official Docker image.

Reverting this part, because it's uglier.

This likely should be fixed upstream as well though.
2019-07-04 18:19:52 +03:00
Slavi Pantaleev ef5e4ad061 Make Synapse not log to text files
Somewhat related to #213 (Github Pull Request).

We've been moving in the opposite direction for quite a long time.
All services should just leave logging to systemd's journald.
2019-07-04 17:46:31 +03:00
Slavi Pantaleev b84139088c Fix password providers not working on Synapse v1.1.0
Fixes a regression introduced during the upgrade to
Synapse v1.1.0 (in 2b3865ceea).

Since Synapse v1.1.0 upgraded to Python 3.7
(https://github.com/matrix-org/synapse/pull/5546),
we need to use a different modules directory when mounting
password provider modules.
2019-07-04 17:28:38 +03:00
Slavi Pantaleev 73158e6c2f Fix unintentionally inverted boolean
Fixes a problem introduced by da6edc9cba.

Related to #145 (Github Pull Request).
2019-07-04 17:27:42 +03:00
Slavi Pantaleev da6edc9cba Add support for disabling Synapse's local database for user auth
This is a new feature of Synapse v1.1.0.

Discussed in #145 (Github Pull Request).
2019-07-04 17:11:51 +03:00
Slavi Pantaleev 2b3865ceea Upgrade Synapse (1.0.0 -> 1.1.0) 2019-07-04 16:58:45 +03:00
Slavi PantaleevandGitHub 810028c12b Merge pull request #210 from spantaleev/discord-bridge-refactoring
Make Discord bridge configuration playbook-managed
2019-06-27 09:34:23 +03:00
Slavi PantaleevandGitHub 420b46ad2e Update CHANGELOG.md 2019-06-27 09:34:08 +03:00
Slavi Pantaleev bccfd13c7f Fix changelog entry typo 2019-06-26 10:48:19 +03:00
Slavi Pantaleev 8529efcd1c Make Discord bridge configuration playbook-managed
Well, `config.yaml` has been playbook-managed for a long time.
It's now extended to match the default sample config of the Discord
bridge.

With this patch, we also make `registration.yaml` playbook-managed,
which leads us to consistency with all other bridges.

Along with that, we introduce `./config` and `./data` separation,
like we do for the other bridges.
2019-06-26 10:35:00 +03:00
Slavi Pantaleev 782356d421 Use password_hash salts that obey passlib requirements
According to
https://passlib.readthedocs.io/en/stable/lib/passlib.hash.sha512_crypt.html:

> salt (str) – Optional salt string. If not specified, one will be autogenerated (this is recommended).
> If specified, it must be 0-16 characters, drawn from the regexp range [./0-9A-Za-z].

Until now, we were using invalid characters (like `-`). We were also
going over the requested length limit of 16 characters.

This is most likely what was causing `ValueError` exceptions for some people,
as reported in #209 (Github Issue).
Ansible's source code (`lib/ansible/utils/encrypt.py`) shows that Ansible tries
to use passlib if available and falls back to Python's `crypt` module if not.
For Mac, `crypt.crypt` doesn't seem to work, so Ansible always requires passlib.

Looks like crypt is forgiving when length or character requirements are
not obeyed. It would auto-trim a salt string to make it work, which means
that we could end up with the same hash if we call it with salts which aer only
different after their 16th character.

For these reasons (crypt autotriming and passlib downright complaining),
we're now using shorter and more diverse salts.
2019-06-26 09:37:02 +03:00
Slavi Pantaleev 59b56fa504 Update Docker image of Ansible (2.7.0 -> 2.8.1) 2019-06-26 07:40:36 +03:00
Slavi Pantaleev 918526c5fe Update riot-web (1.2.1 -> 1.2.2) 2019-06-25 14:42:54 +03:00
Slavi PantaleevandGitHub 4ec3a5286a Merge pull request #208 from danbob/update-images
Update nginx and postgres images to latest versions
2019-06-25 14:23:20 +03:00
Slavi Pantaleev 37c8b96d06 Use stricter regex in bridges' registration.yaml
I've been thinking of doing before, but haven't.

Now that the Whatsapp bridge does it (since 4797469383),
it makes sense to do it for all other bridges as well.
(Except for the IRC bridge - that one manages most of registration.yaml by itself)
2019-06-24 07:50:51 +03:00
Slavi Pantaleev c876a7df1d Use |regex_escape in Whatsapp registration.yaml
Doesn't matter much, but it makes it consistent with the other bridges.
2019-06-24 07:49:19 +03:00
Slavi Pantaleev 3ff57ed74d Use container network for communication between homeserver and Whatsapp bridge 2019-06-24 07:48:56 +03:00
Slavi PantaleevandGitHub 6e26d286af Merge pull request #207 from tommes0815/whatsapp-config-playbook-managed
Whatsapp config playbook managed
2019-06-24 07:44:26 +03:00
Slavi PantaleevandGitHub 62509e4849 Fix indentation consistency 2019-06-24 07:42:39 +03:00
Slavi PantaleevandGitHub e2d2302475 Merge pull request #206 from verb/appservice-irc-log
Disable appservice-irc log files
2019-06-24 07:40:26 +03:00
Slavi PantaleevandGitHub e585f314b8 Merge pull request #204 from spantaleev/irc-bridge-refactoring
Make IRC bridge configuration entirely managed by the playbook
2019-06-20 17:00:16 +03:00
Slavi PantaleevandGitHub 764feb4d7b Bump changelog entry date 2019-06-20 17:00:05 +03:00
Slavi Pantaleev c98eacdd70 Add BC Break label to old changelog entry 2019-06-20 16:59:16 +03:00
Slavi Pantaleev 174a6fcd1b Make IRC bridge configuration entirely managed by the playbook 2019-06-19 12:29:44 +03:00
Slavi Pantaleev 668f98a2d3 Escape domain in bridge registration regex 2019-06-19 10:40:59 +03:00