iartamonov/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-06-29 11:30:46 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2d7058fa59f597d4b2d08701febc034cf7930da5
matrix-docker-ansible-deploy/roles/custom/matrix-bridge-mautrix-gmessages/templates/labels.j2
T
Slavi Pantaleev a4ddba3989 mautrix-gmessages: expose bridge HTTP API (for mautrix-manager and similar) 
Add a generic mechanism for exposing bridges' HTTP API (the provisioning
API, etc.) publicly on the Matrix domain, so tools like mautrix-manager
(https://github.com/mautrix/manager) can drive bridge login.

- Introduce global matrix_bridges_exposure_* vars (on by default),
  exposing each supported bridge under `<matrix-fqn>/bridges/<bridge>`.
- mautrix-gmessages: make the provisioning shared secret configurable
  (auto-generated in group_vars) so the provisioning API is enabled,
  route the whole bridge HTTP port via Traefik, and populate
  appservice.public_address.

Requests are authenticated by the bridge itself (per-user Matrix access
token for the provisioning API, homeserver token for the appservice
endpoints), not by the reverse proxy.

This is the first bridge converted; the other mautrix bridges will follow.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-28 19:52:24 +03:00

86 lines
4.5 KiB
Django/Jinja
Raw Blame History

{#
SPDX-FileCopyrightText: 2024 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if matrix_mautrix_gmessages_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_mautrix_gmessages_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_mautrix_gmessages_container_labels_traefik_docker_network }}
{% endif %}
traefik.http.services.matrix-mautrix-gmessages-metrics.loadbalancer.server.port=8001
{% if matrix_mautrix_gmessages_container_labels_metrics_enabled %}
############################################################
# #
# Metrics #
# #
############################################################
{% if matrix_mautrix_gmessages_container_labels_metrics_middleware_basic_auth_enabled %}
traefik.http.middlewares.matrix-mautrix-gmessages-metrics-basic-auth.basicauth.users={{ matrix_mautrix_gmessages_container_labels_metrics_middleware_basic_auth_users }}
traefik.http.routers.matrix-mautrix-gmessages-metrics.middlewares=matrix-mautrix-gmessages-metrics-basic-auth
{% endif %}
traefik.http.routers.matrix-mautrix-gmessages-metrics.rule={{ matrix_mautrix_gmessages_container_labels_metrics_traefik_rule }}
{% if matrix_mautrix_gmessages_container_labels_metrics_traefik_priority | int > 0 %}
traefik.http.routers.matrix-mautrix-gmessages-metrics.priority={{ matrix_mautrix_gmessages_container_labels_metrics_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-mautrix-gmessages-metrics.service=matrix-mautrix-gmessages-metrics
traefik.http.routers.matrix-mautrix-gmessages-metrics.entrypoints={{ matrix_mautrix_gmessages_container_labels_metrics_traefik_entrypoints }}
traefik.http.routers.matrix-mautrix-gmessages-metrics.tls={{ matrix_mautrix_gmessages_container_labels_metrics_traefik_tls | to_json }}
{% if matrix_mautrix_gmessages_container_labels_metrics_traefik_tls %}
traefik.http.routers.matrix-mautrix-gmessages-metrics.tls.certResolver={{ matrix_mautrix_gmessages_container_labels_metrics_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Metrics #
# #
############################################################
{% endif %}
{% if matrix_mautrix_gmessages_container_labels_exposure_enabled %}
############################################################
# #
# Bridge API exposure #
# #
############################################################
traefik.http.services.matrix-mautrix-gmessages-exposure.loadbalancer.server.port=8080
traefik.http.middlewares.matrix-mautrix-gmessages-exposure-strip-prefix.stripprefix.prefixes={{ matrix_mautrix_gmessages_exposure_path_prefix }}
traefik.http.routers.matrix-mautrix-gmessages-exposure.middlewares=matrix-mautrix-gmessages-exposure-strip-prefix
traefik.http.routers.matrix-mautrix-gmessages-exposure.rule={{ matrix_mautrix_gmessages_container_labels_exposure_traefik_rule }}
{% if matrix_mautrix_gmessages_container_labels_exposure_traefik_priority | int > 0 %}
traefik.http.routers.matrix-mautrix-gmessages-exposure.priority={{ matrix_mautrix_gmessages_container_labels_exposure_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-mautrix-gmessages-exposure.service=matrix-mautrix-gmessages-exposure
traefik.http.routers.matrix-mautrix-gmessages-exposure.entrypoints={{ matrix_mautrix_gmessages_container_labels_exposure_traefik_entrypoints }}
traefik.http.routers.matrix-mautrix-gmessages-exposure.tls={{ matrix_mautrix_gmessages_container_labels_exposure_traefik_tls | to_json }}
{% if matrix_mautrix_gmessages_container_labels_exposure_traefik_tls %}
traefik.http.routers.matrix-mautrix-gmessages-exposure.tls.certResolver={{ matrix_mautrix_gmessages_container_labels_exposure_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Bridge API exposure #
# #
############################################################
{% endif %}
{% endif %}
{{ matrix_mautrix_gmessages_container_labels_additional_labels }}
Reference in New Issue View Git Blame Copy Permalink