overmind
/
matrix-docker-ansible-deploy
огледало от https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Разклонения 0
Код Задачи 0 Версии 0 Уики Activity
Преглед на файлове

Upgrade Synapse (v1.18.0 -> v1.19.0)

pull/640/head
Slavi Pantaleev преди 5 години
родител
fc1655cd4b
ревизия
9952ec6c16
променени са 5 файла, в които са добавени 30 реда и са изтрити 33 реда
Обединен изглед
Diff Options
Показване на статистика Download Patch File Download Diff File
  1. +1
    -4
      group_vars/matrix_servers
  2. +1
    -8
      roles/matrix-synapse/defaults/main.yml
  3. +1
    -0
      roles/matrix-synapse/tasks/validate_config.yml
  4. +27
    -19
      roles/matrix-synapse/templates/synapse/homeserver.yaml.j2
  5. +0
    -2
      roles/matrix-synapse/vars/main.yml

+ 1
- 4
group_vars/matrix_servers Целия файл

@@ -16,7 +16,7 @@
# #
###################################################################### ######################################################################


matrix_identity_server_url: "{{ 'https://' + matrix_synapse_trusted_third_party_id_servers[0] if matrix_synapse_trusted_third_party_id_servers|length > 0 else None }}"
matrix_identity_server_url: "{{ ('https://' + matrix_server_fqn_matrix) if matrix_ma1sd_enabled else None }}"


matrix_riot_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_enabled else '' }}" matrix_riot_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_enabled else '' }}"


@@ -921,9 +921,6 @@ matrix_client_element_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matr


matrix_synapse_container_image_self_build: "{{ matrix_architecture != 'amd64'}}" matrix_synapse_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"


# When ma1sd is enabled, we can use it instead of the default public Identity servers.
matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_ma1sd_enabled else matrix_synapse_id_servers_public }}"

# When ma1sd is enabled, we can use it to validate email addresses and phone numbers. # When ma1sd is enabled, we can use it to validate email addresses and phone numbers.
# Synapse can validate email addresses by itself as well, but it's probably not what we want by default when we have an identity server. # Synapse can validate email addresses by itself as well, but it's probably not what we want by default when we have an identity server.
matrix_synapse_account_threepid_delegates_email: "{{ 'http://matrix-ma1sd:8090' if matrix_ma1sd_enabled else '' }}" matrix_synapse_account_threepid_delegates_email: "{{ 'http://matrix-ma1sd:8090' if matrix_ma1sd_enabled else '' }}"


+ 1
- 8
roles/matrix-synapse/defaults/main.yml Целия файл

@@ -5,7 +5,7 @@ matrix_synapse_enabled: true


matrix_synapse_container_image_self_build: false matrix_synapse_container_image_self_build: false


matrix_synapse_docker_image: "matrixdotorg/synapse:v1.18.0"
matrix_synapse_docker_image: "matrixdotorg/synapse:v1.19.0"
matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}"


matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse"
@@ -73,13 +73,6 @@ matrix_synapse_registration_shared_secret: "{{ matrix_synapse_macaroon_secret_ke
matrix_synapse_allow_guest_access: false matrix_synapse_allow_guest_access: false
matrix_synapse_form_secret: "{{ matrix_synapse_macaroon_secret_key }}" matrix_synapse_form_secret: "{{ matrix_synapse_macaroon_secret_key }}"


matrix_synapse_id_servers_public: ['matrix.org', 'vector.im']

# The list of identity servers to use for Synapse.
# We assume this role runs standalone without a local Identity server, so we point Synapse to public ones.
# This most likely gets overwritten later, so that a local Identity server is used.
matrix_synapse_trusted_third_party_id_servers: "{{ matrix_synapse_id_servers_public }}"

matrix_synapse_max_upload_size_mb: 10 matrix_synapse_max_upload_size_mb: 10


# The tmpfs at /tmp needs to be large enough to handle multiple concurrent file uploads. # The tmpfs at /tmp needs to be large enough to handle multiple concurrent file uploads.


+ 1
- 0
roles/matrix-synapse/tasks/validate_config.yml Целия файл

@@ -32,3 +32,4 @@
- {'old': 'matrix_synapse_container_expose_federation_api_port', 'new': '<superseded by matrix_synapse_container_federation_api_plain_host_bind_port>'} - {'old': 'matrix_synapse_container_expose_federation_api_port', 'new': '<superseded by matrix_synapse_container_federation_api_plain_host_bind_port>'}
- {'old': 'matrix_synapse_container_expose_metrics_port', 'new': '<superseded by matrix_synapse_container_metrics_api_host_bind_port>'} - {'old': 'matrix_synapse_container_expose_metrics_port', 'new': '<superseded by matrix_synapse_container_metrics_api_host_bind_port>'}
- {'old': 'matrix_synapse_cache_factor', 'new': 'matrix_synapse_caches_global_factor'} - {'old': 'matrix_synapse_cache_factor', 'new': 'matrix_synapse_caches_global_factor'}
- {'old': 'matrix_synapse_trusted_third_party_id_servers', 'new': '<deprecated in Synapse v0.99.4 and removed in Synapse v1.19.0>'}

+ 27
- 19
roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 Целия файл

@@ -309,6 +309,10 @@ limit_remote_rooms:
# #
#complexity_error: "This room is too complex." #complexity_error: "This room is too complex."


# allow server admins to join complex rooms. Default is false.
#
#admins_can_join: true

# Whether to require a user to be in the room to add an alias to it. # Whether to require a user to be in the room to add an alias to it.
# Defaults to 'true'. # Defaults to 'true'.
# #
@@ -703,6 +707,10 @@ log_config: "/data/{{ matrix_server_fqn_matrix }}.log.config"
# - one for ratelimiting redactions by room admins. If this is not explicitly # - one for ratelimiting redactions by room admins. If this is not explicitly
# set then it uses the same ratelimiting as per rc_message. This is useful # set then it uses the same ratelimiting as per rc_message. This is useful
# to allow room admins to deal with abuse quickly. # to allow room admins to deal with abuse quickly.
# - two for ratelimiting number of rooms a user can join, "local" for when
# users are joining rooms the server is already in (this is cheap) vs
# "remote" for when users are trying to join rooms not on the server (which
# can be more expensive)
# #
# The defaults are as shown below. # The defaults are as shown below.
# #
@@ -731,6 +739,14 @@ rc_login: {{ matrix_synapse_rc_login|to_json }}
#rc_admin_redaction: #rc_admin_redaction:
# per_second: 1 # per_second: 1
# burst_count: 50 # burst_count: 50
#
#rc_joins:
# local:
# per_second: 0.1
# burst_count: 3
# remote:
# per_second: 0.01
# burst_count: 3




# Ratelimiting settings for incoming federation # Ratelimiting settings for incoming federation
@@ -1117,25 +1133,6 @@ allow_guest_access: {{ matrix_synapse_allow_guest_access|to_json }}
# #
#default_identity_server: https://matrix.org #default_identity_server: https://matrix.org


# The list of identity servers trusted to verify third party
# identifiers by this server.
#
# Also defines the ID server which will be called when an account is
# deactivated (one will be picked arbitrarily).
#
# Note: This option is deprecated. Since v0.99.4, Synapse has tracked which identity
# server a 3PID has been bound to. For 3PIDs bound before then, Synapse runs a
# background migration script, informing itself that the identity server all of its
# 3PIDs have been bound to is likely one of the below.
#
# As of Synapse v1.4.0, all other functionality of this option has been deprecated, and
# it is now solely used for the purposes of the background migration script, and can be
# removed once it has run.
{% if matrix_synapse_trusted_third_party_id_servers|length > 0 %}
trusted_third_party_id_servers:
{{ matrix_synapse_trusted_third_party_id_servers|to_nice_yaml }}
{% endif %}

# Handle threepid (email/phone etc) registration and password resets through a set of # Handle threepid (email/phone etc) registration and password resets through a set of
# *trusted* identity servers. Note that this allows the configured identity server to # *trusted* identity servers. Note that this allows the configured identity server to
# reset passwords for accounts! # reset passwords for accounts!
@@ -1546,6 +1543,17 @@ saml2_config:
# #
#grandfathered_mxid_source_attribute: upn #grandfathered_mxid_source_attribute: upn


# It is possible to configure Synapse to only allow logins if SAML attributes
# match particular values. The requirements can be listed under
# `attribute_requirements` as shown below. All of the listed attributes must
# match for the login to be permitted.
#
#attribute_requirements:
# - attribute: userGroup
# value: "staff"
# - attribute: department
# value: "sales"

# Directory in which Synapse will try to find the template files below. # Directory in which Synapse will try to find the template files below.
# If not set, default templates from within the Synapse package will be used. # If not set, default templates from within the Synapse package will be used.
# #


+ 0
- 2
roles/matrix-synapse/vars/main.yml Целия файл

@@ -1,7 +1,5 @@
--- ---


matrix_synapse_id_servers_public: ['vector.im', 'matrix.org']

matrix_synapse_client_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/versions" matrix_synapse_client_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}/_matrix/client/versions"
matrix_synapse_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}/_matrix/federation/v1/version" matrix_synapse_federation_api_url_endpoint_public: "https://{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}/_matrix/federation/v1/version"




Пиши Преглед
Зареждане…
Отказ
Запис