Make nginx proxy config (when disabled) obey matrix_federation_public_port

People who were disabling matrix-nginx-proxy (in favor of their own nginx webserver) and also overriding `matrix_federation_public_port`, found that the generated nginx configuration still hardcoded `8448`, which forced their nginx server to use that, regardless of the fact that `matrix_federation_public_port` was pointing elsewhere. We now allow for the in-container federation port to be configurable, and also automatically wire things properly.
hace 5 años · 1ef683d366
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -1074,6 +1074,9 @@ matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:1
 matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}"
 matrix_nginx_proxy_proxy_synapse_federation_api_enabled: "{{ matrix_nginx_proxy_proxy_matrix_federation_api_enabled }}"

 # When matrix-nginx-proxy is disabled, the actual port number that the vhost uses may begin to matter.
 matrix_nginx_proxy_proxy_matrix_federation_port: "{{ matrix_federation_public_port }}"

 matrix_nginx_proxy_container_federation_host_bind_port: "{{ matrix_federation_public_port }}"

 # This used to be hooked to `matrix_synapse_metrics_enabled`, but we don't do it anymore.
@@ -1224,7 +1227,7 @@ matrix_postgres_additional_databases: |
      'username': matrix_mautrix_instagram_database_username,
      'password': matrix_mautrix_instagram_database_password,
    }] if (matrix_mautrix_instagram_enabled and matrix_mautrix_instagram_database_engine == 'postgres' and matrix_mautrix_instagram_database_hostname == 'matrix-postgres') else [])
    +    
    +
    ([{
      'name': matrix_mautrix_signal_database_name,
      'username': matrix_mautrix_signal_database_username,
--- a/roles/matrix-nginx-proxy/defaults/main.yml
+++ b/roles/matrix-nginx-proxy/defaults/main.yml
@@ -111,6 +111,10 @@ matrix_nginx_proxy_proxy_element_hostname: "{{ matrix_server_fqn_element }}"
 # Controls whether proxying the matrix domain should be done.
 matrix_nginx_proxy_proxy_matrix_enabled: false
 matrix_nginx_proxy_proxy_matrix_hostname: "{{ matrix_server_fqn_matrix }}"
 # The port name used for federation in the nginx configuration.
 # This is not necessarily the port that it's actually on,
 # as port-mapping happens (`-p ..`) for the `matrix-nginx-proxy` container.
 matrix_nginx_proxy_proxy_matrix_federation_port: 8448

 # Controls whether proxying the dimension domain should be done.
 matrix_nginx_proxy_proxy_dimension_enabled: false
--- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2
+++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2
@@ -199,10 +199,10 @@ server {
 #}
 server {
 	{% if matrix_nginx_proxy_https_enabled %}
 		listen 8448 ssl http2;
 		listen [::]:8448 ssl http2;
 		listen {{ matrix_nginx_proxy_proxy_matrix_federation_port }} ssl http2;
 		listen [::]:{{ matrix_nginx_proxy_proxy_matrix_federation_port }} ssl http2;
 	{% else %}
 		listen 8448;
 		listen {{ matrix_nginx_proxy_proxy_matrix_federation_port }};
 	{% endif %}

 	server_name {{ matrix_nginx_proxy_proxy_matrix_hostname }};
--- a/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2
+++ b/roles/matrix-nginx-proxy/templates/systemd/matrix-nginx-proxy.service.j2
@@ -30,7 +30,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-nginx-proxy \
 			-p {{ matrix_nginx_proxy_container_https_host_bind_port }}:8443 \
 			{% endif %}
 			{% if matrix_nginx_proxy_proxy_matrix_federation_api_enabled and matrix_nginx_proxy_container_federation_host_bind_port %}
 			-p {{ matrix_nginx_proxy_container_federation_host_bind_port }}:8448 \
 			-p {{ matrix_nginx_proxy_container_federation_host_bind_port }}:{{ matrix_nginx_proxy_proxy_matrix_federation_port }} \
 			{% endif %}
 			--mount type=bind,src={{ matrix_nginx_proxy_base_path }}/nginx.conf,dst=/etc/nginx/nginx.conf,ro \
 			--mount type=bind,src={{ matrix_nginx_proxy_data_path }},dst=/nginx-data,ro \