From f66ea73c930a9417f996074158bd85743b5e66fd Mon Sep 17 00:00:00 2001 From: Igor Goldenberg Date: Tue, 16 Jul 2024 14:28:09 +0500 Subject: [PATCH 01/25] Sync grafana datasource and prometheus scrape intervals. --- group_vars/matrix_servers | 3 +++ 1 file changed, 3 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index b5add2445..75b5f96f3 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -4851,6 +4851,9 @@ grafana_provisioning_datasources: | 'type': 'prometheus', 'access': 'proxy', 'url': ('http://' + prometheus_identifier + ':9090'), + 'jsonData': { + 'timeInterval': prometheus_config_global_scrape_interval, + } }] if prometheus_enabled else []) }} From 44064cfc7d5eb4a79fb31bcfc4f354e8a378b267 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 16 Jul 2024 13:13:20 +0300 Subject: [PATCH 02/25] Upgrade Traefik (v3.0.4-1 -> v3.1.0-0) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 03bccac33..60b8091c1 100644 --- a/requirements.yml +++ b/requirements.yml @@ -70,7 +70,7 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/devture/com.devture.ansible.role.traefik.git - version: v3.0.4-1 + version: v3.1.0-0 name: traefik - src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git version: v2.8.3-2 From 04db5e77c0d60b317640e284e88fa0e7d24ec6c0 Mon Sep 17 00:00:00 2001 From: Fabio Bonelli Date: Tue, 16 Jul 2024 11:59:56 +0200 Subject: [PATCH 03/25] doc: mention HTTP/3 in port configuration --- docs/prerequisites.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 9fcadd275..e60464949 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -35,12 +35,12 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you - Some TCP/UDP ports open. This playbook (actually [Docker itself](https://docs.docker.com/network/iptables/)) configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: - `80/tcp`: HTTP webserver - - `443/tcp`: HTTPS webserver + - `443/tcp` and `443/udp`: HTTPS webserver - `3478/tcp`: TURN over TCP (used by Coturn) - `3478/udp`: TURN over UDP (used by Coturn) - `5349/tcp`: TURN over TCP (used by Coturn) - `5349/udp`: TURN over UDP (used by Coturn) - - `8448/tcp`: Matrix Federation API HTTPS webserver. In some cases, this **may necessary even with federation disabled**. Integration Servers (like Dimension) and Identity Servers (like ma1sd) may need to access `openid` APIs on the federation port. + - `8448/tcp` and `8448/udp`: Matrix Federation API HTTPS webserver. In some cases, this **may necessary even with federation disabled**. Integration Servers (like Dimension) and Identity Servers (like ma1sd) may need to access `openid` APIs on the federation port. - the range `49152-49172/udp`: TURN over UDP - potentially some other ports, depending on the additional (non-default) services that you enable in the **configuring the playbook** step (later on). Consult each service's documentation page in `docs/` for that. From c08ed10f3c3ef7af9e479b6bb7b099353aec572d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Jul 2024 13:13:29 +0000 Subject: [PATCH 04/25] chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.4.3 --- roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml index 8bed67c8f..fc72e8a10 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages -matrix_mautrix_gmessages_version: v0.4.2 +matrix_mautrix_gmessages_version: v0.4.3 # See: https://mau.dev/mautrix/gmessages/container_registry matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_name_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}" From 2ffadc1b4c8e45484f120865383b3468f2edb363 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Jul 2024 13:13:33 +0000 Subject: [PATCH 05/25] chore(deps): update dock.mau.dev/mautrix/googlechat docker tag to v0.5.2 --- roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml index 8d793405c..1ecf09dab 100644 --- a/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_googlechat_container_image_self_build_repo: "https://github.com/m matrix_mautrix_googlechat_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_googlechat_version == 'latest' else matrix_mautrix_googlechat_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/googlechat -matrix_mautrix_googlechat_version: v0.5.1 +matrix_mautrix_googlechat_version: v0.5.2 # See: https://mau.dev/mautrix/googlechat/container_registry matrix_mautrix_googlechat_docker_image: "{{ matrix_mautrix_googlechat_docker_image_name_prefix }}mautrix/googlechat:{{ matrix_mautrix_googlechat_version }}" matrix_mautrix_googlechat_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_googlechat_container_image_self_build else 'dock.mau.dev/' }}" From 90e70530cce2038ecf9e8177ba03a116381bd136 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Jul 2024 18:03:57 +0300 Subject: [PATCH 06/25] mautrix-whatsapp v0.10.9 --- roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml index d3ebe5c76..e3d3476a3 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp -matrix_mautrix_whatsapp_version: v0.10.8 +matrix_mautrix_whatsapp_version: v0.10.9 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" From b003a711c99fc4ca2744cad319003dda309ff1bd Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Jul 2024 18:04:37 +0300 Subject: [PATCH 07/25] mautrix-signal v0.6.3 --- roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml index 8f944c909..53a74423b 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/ matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal -matrix_mautrix_signal_version: v0.6.2 +matrix_mautrix_signal_version: v0.6.3 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}" From 7af6c747342797af68757d5a43f8fdd8387df96b Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Jul 2024 18:05:21 +0300 Subject: [PATCH 08/25] mautrix-twitter v0.1.8 --- roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml index dba30e2ce..e3d82624d 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/maut matrix_mautrix_twitter_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_twitter_version == 'latest' else matrix_mautrix_twitter_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/twitter -matrix_mautrix_twitter_version: v0.1.7 +matrix_mautrix_twitter_version: v0.1.8 # See: https://mau.dev/tulir/mautrix-twitter/container_registry matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}" matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}" From 2ca7df9e75291bbe48175ec8db3eec40dd22c882 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Jul 2024 18:06:14 +0300 Subject: [PATCH 09/25] mautrix-meta-instagram v0.3.2 --- .../matrix-bridge-mautrix-meta-instagram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index fe2509909..5969e80a0 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_instagram_enabled: true matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_instagram_version: v0.3.1 +matrix_mautrix_meta_instagram_version: v0.3.2 matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram" matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config" From 234fa3bd0cab3331d8f4824d9712a16c7c2c4476 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Jul 2024 18:06:59 +0300 Subject: [PATCH 10/25] mautrix-meta-messenger v0.3.2 --- .../matrix-bridge-mautrix-meta-messenger/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index ce31d21aa..433dac9f8 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_messenger_enabled: true matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_messenger_version: v0.3.1 +matrix_mautrix_meta_messenger_version: v0.3.2 matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger" matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config" From bf8e9a64d02320af0721fe6f5c5fbfa9e214dcaf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Jul 2024 15:07:33 +0000 Subject: [PATCH 11/25] chore(deps): update dock.mau.dev/mautrix/meta docker tag to v0.3.2 --- .../matrix-bridge-mautrix-meta-instagram/defaults/main.yml | 2 +- .../matrix-bridge-mautrix-meta-messenger/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index fe2509909..5969e80a0 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_instagram_enabled: true matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_instagram_version: v0.3.1 +matrix_mautrix_meta_instagram_version: v0.3.2 matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram" matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config" diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index ce31d21aa..433dac9f8 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_meta_messenger_enabled: true matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta -matrix_mautrix_meta_messenger_version: v0.3.1 +matrix_mautrix_meta_messenger_version: v0.3.2 matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger" matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config" From a89d19e88ad88d7a6a571d1b22328cebf9bf9999 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 16 Jul 2024 18:07:39 +0300 Subject: [PATCH 12/25] element v1.11.71 --- roles/custom/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-client-element/defaults/main.yml b/roles/custom/matrix-client-element/defaults/main.yml index b650d0cac..b297a1c6e 100644 --- a/roles/custom/matrix-client-element/defaults/main.yml +++ b/roles/custom/matrix-client-element/defaults/main.yml @@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" # renovate: datasource=docker depName=vectorim/element-web -matrix_client_element_version: v1.11.70 +matrix_client_element_version: v1.11.71 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" From c6d8a68e7774f2b9c9b61a0efc2f7521554d6ab5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 16 Jul 2024 17:54:28 +0300 Subject: [PATCH 13/25] Add additional media repository prefix paths to matrix_synapse_workers_media_repository_endpoints Related to https://github.com/element-hq/synapse/pull/17421 --- roles/custom/matrix-synapse/vars/main.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/custom/matrix-synapse/vars/main.yml b/roles/custom/matrix-synapse/vars/main.yml index 3bc77d019..c25f30fe7 100644 --- a/roles/custom/matrix-synapse/vars/main.yml +++ b/roles/custom/matrix-synapse/vars/main.yml @@ -243,6 +243,8 @@ matrix_synapse_workers_media_repository_endpoints: # Handles the media repository. It can handle all endpoints starting with: - ^/_matrix/media/ + - ^/_matrix/client/v1/media/ + - ^/_matrix/federation/v1/media/ # ... and the following regular expressions matching media-specific administration APIs: From 615952cbaffda7ef0eb414e69b679c0e7f7e8cf7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 16 Jul 2024 17:55:16 +0300 Subject: [PATCH 14/25] Upgrade Synapse (v1.110.0 -> v1.111.0) --- roles/custom/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 61a3aca94..03c6bd2ca 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -16,7 +16,7 @@ matrix_synapse_enabled: true matrix_synapse_github_org_and_repo: element-hq/synapse # renovate: datasource=docker depName=ghcr.io/element-hq/synapse -matrix_synapse_version: v1.110.0 +matrix_synapse_version: v1.111.0 matrix_synapse_username: '' matrix_synapse_uid: '' From 5cb12ca2fbb9a68f1ea251c8487288dd43a61985 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Jul 2024 15:13:07 +0000 Subject: [PATCH 15/25] chore(deps): update dock.mau.dev/mautrix/telegram docker tag to v0.15.2 --- roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml index 742ccc847..8e9ebb82e 100644 --- a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -28,7 +28,7 @@ matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_tele matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" # renovate: datasource=docker depName=dock.mau.dev/mautrix/telegram -matrix_mautrix_telegram_version: v0.15.1 +matrix_mautrix_telegram_version: v0.15.2 # See: https://mau.dev/mautrix/telegram/container_registry matrix_mautrix_telegram_docker_image: "{{ matrix_mautrix_telegram_docker_image_name_prefix }}mautrix/telegram:{{ matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_telegram_container_image_self_build else 'dock.mau.dev/' }}" From e8181b92ade2b4f42076a067fb50728b0e0c8747 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Jul 2024 15:13:15 +0000 Subject: [PATCH 16/25] chore(deps): update dock.mau.dev/mautrix/discord docker tag to v0.7.0 --- roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml index 28a1d84bd..12527ce3c 100644 --- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_discord_container_image_self_build_repo: "https://mau.dev/mautrix matrix_mautrix_discord_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_discord_version == 'latest' else matrix_mautrix_discord_version }}" # renovate: datasource=docker depName=dock.mau.dev/mautrix/discord -matrix_mautrix_discord_version: v0.6.5 +matrix_mautrix_discord_version: v0.7.0 # See: https://mau.dev/mautrix/discord/container_registry matrix_mautrix_discord_docker_image: "{{ matrix_mautrix_discord_docker_image_name_prefix }}mautrix/discord:{{ matrix_mautrix_discord_version }}" From 7bd358df5c1d2598e26bc56736ecb1a5ae929585 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 17 Jul 2024 16:16:24 +0300 Subject: [PATCH 17/25] Upgrade traefik_certs_dumper (v2.8.3-2 -> v2.8.3-3) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 60b8091c1..9f7f5cab7 100644 --- a/requirements.yml +++ b/requirements.yml @@ -73,5 +73,5 @@ version: v3.1.0-0 name: traefik - src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git - version: v2.8.3-2 + version: v2.8.3-3 name: traefik_certs_dumper From e608daaf8f3a03caea86b4dddaec337cece68b1d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 17 Jul 2024 16:19:20 +0300 Subject: [PATCH 18/25] Upgrade traefik_certs_dumper (v2.8.3-3 -> v2.8.3-4) --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 9f7f5cab7..5930cf21f 100644 --- a/requirements.yml +++ b/requirements.yml @@ -73,5 +73,5 @@ version: v3.1.0-0 name: traefik - src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git - version: v2.8.3-3 + version: v2.8.3-4 name: traefik_certs_dumper From a213164cb152ea89a6f4b895337dbe6c124ffe04 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 17 Jul 2024 17:52:21 +0300 Subject: [PATCH 19/25] Enable client & federation listeners for media repository workers Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/c6d8a68e7774f2b9c9b61a0efc2f7521554d6ab5 Related to https://github.com/element-hq/synapse/pull/17421 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3427 --- .../custom/matrix-synapse/templates/synapse/worker.yaml.j2 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 index 738f0fa33..4c1306c0c 100644 --- a/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -28,7 +28,11 @@ worker_log_config: /data/{{ matrix_server_fqn_matrix }}.log.config {% set http_resources = http_resources + ['client'] %} {% endif %} {% if matrix_synapse_worker_details.type == 'media_repository' %} - {% set http_resources = http_resources + ['media'] %} + {# + Handling authenticated media endpoints (`/_matrix/client/VERSION/media/` and `/_matrix/federation/v1/media/`) + requires serving the client and federation resources. + #} + {% set http_resources = http_resources + ['media', 'client', 'federation'] %} {% endif %} {% set replication_http_resources = [] %} From 34b91957f092b9a98b92ec071b73db2c196c52a0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 17 Jul 2024 17:54:10 +0300 Subject: [PATCH 20/25] Update comment --- roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 index 4c1306c0c..7995ce3dd 100644 --- a/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/worker.yaml.j2 @@ -29,7 +29,7 @@ worker_log_config: /data/{{ matrix_server_fqn_matrix }}.log.config {% endif %} {% if matrix_synapse_worker_details.type == 'media_repository' %} {# - Handling authenticated media endpoints (`/_matrix/client/VERSION/media/` and `/_matrix/federation/v1/media/`) + Handling authenticated media endpoints (`/_matrix/client/VERSION/media/` and `/_matrix/federation/VERSION/media/`) requires serving the client and federation resources. #} {% set http_resources = http_resources + ['media', 'client', 'federation'] %} From b09555f7645b6c252820b5d2df3ccb3369280599 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 18 Jul 2024 18:16:49 +0300 Subject: [PATCH 21/25] Use Go-style regexp and PathRegexp (not Path) for some ma1sd routes Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3430 --- roles/custom/matrix-ma1sd/defaults/main.yml | 8 ++++---- roles/custom/matrix-ma1sd/tasks/validate_config.yml | 5 ++++- .../matrix_playbook_migration/tasks/validate_config.yml | 4 ++-- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/roles/custom/matrix-ma1sd/defaults/main.yml b/roles/custom/matrix-ma1sd/defaults/main.yml index 6b593b67a..52aff183f 100644 --- a/roles/custom/matrix-ma1sd/defaults/main.yml +++ b/roles/custom/matrix-ma1sd/defaults/main.yml @@ -78,8 +78,8 @@ matrix_ma1sd_container_labels_matrix_identity_traefik_tls_certResolver: "{{ matr # Controls whether labels will be added that expose ma1sd's /_matrix/client/VERSION/user_directory/search endpoint matrix_ma1sd_container_labels_matrix_client_user_directory_search_enabled: "{{ matrix_ma1sd_container_labels_traefik_enabled }}" matrix_ma1sd_container_labels_matrix_client_user_directory_search_hostname: "{{ matrix_ma1sd_hostname }}" -matrix_ma1sd_container_labels_matrix_client_user_directory_search_path: "/_matrix/client/{version:(r0|v3)}/user_directory/search" -matrix_ma1sd_container_labels_matrix_client_user_directory_search_traefik_rule: "Host(`{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_hostname }}`) && Path(`{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_path }}`)" +matrix_ma1sd_container_labels_matrix_client_user_directory_search_path_regexp: "/_matrix/client/(?P(r0|v3))/user_directory/search" +matrix_ma1sd_container_labels_matrix_client_user_directory_search_traefik_rule: "Host(`{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_hostname }}`) && PathRegexp(`{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_path_regexp }}`)" matrix_ma1sd_container_labels_matrix_client_user_directory_search_traefik_priority: 0 matrix_ma1sd_container_labels_matrix_client_user_directory_search_traefik_entrypoints: "{{ matrix_ma1sd_container_labels_traefik_entrypoints }}" matrix_ma1sd_container_labels_matrix_client_user_directory_search_traefik_tls: "{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_traefik_entrypoints != 'web' }}" @@ -90,8 +90,8 @@ matrix_ma1sd_container_labels_matrix_client_user_directory_search_traefik_tls_ce # To learn more, see: https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md matrix_ma1sd_container_labels_matrix_client_3pid_registration_enabled: false matrix_ma1sd_container_labels_matrix_client_3pid_registration_hostname: "{{ matrix_ma1sd_hostname }}" -matrix_ma1sd_container_labels_matrix_client_3pid_registration_path: "/_matrix/client/{version:(r0|v3)}/register/{type:(email|msisdn)}/requestToken" -matrix_ma1sd_container_labels_matrix_client_3pid_registration_traefik_rule: "Host(`{{ matrix_ma1sd_container_labels_matrix_client_3pid_registration_hostname }}`) && Path(`{{ matrix_ma1sd_container_labels_matrix_client_3pid_registration_path }}`)" +matrix_ma1sd_container_labels_matrix_client_3pid_registration_path_regexp: "/_matrix/client/(?P(r0|v3))/register/(?P(email|msisdn))/requestToken" +matrix_ma1sd_container_labels_matrix_client_3pid_registration_traefik_rule: "Host(`{{ matrix_ma1sd_container_labels_matrix_client_3pid_registration_hostname }}`) && PathRegexp(`{{ matrix_ma1sd_container_labels_matrix_client_3pid_registration_path_regexp }}`)" matrix_ma1sd_container_labels_matrix_client_3pid_registration_traefik_priority: 0 matrix_ma1sd_container_labels_matrix_client_3pid_registration_traefik_entrypoints: "{{ matrix_ma1sd_container_labels_traefik_entrypoints }}" matrix_ma1sd_container_labels_matrix_client_3pid_registration_traefik_tls: "{{ matrix_ma1sd_container_labels_matrix_client_3pid_registration_traefik_entrypoints != 'web' }}" diff --git a/roles/custom/matrix-ma1sd/tasks/validate_config.yml b/roles/custom/matrix-ma1sd/tasks/validate_config.yml index e65fd4e56..2dd66e1a3 100644 --- a/roles/custom/matrix-ma1sd/tasks/validate_config.yml +++ b/roles/custom/matrix-ma1sd/tasks/validate_config.yml @@ -53,7 +53,8 @@ - {'name': 'matrix_ma1sd_container_labels_matrix_identity_hostname', when: "{{ matrix_ma1sd_container_labels_matrix_identity_enabled }}"} - {'name': 'matrix_ma1sd_container_labels_matrix_identity_path_prefix', when: "{{ matrix_ma1sd_container_labels_matrix_identity_enabled }}"} - {'name': 'matrix_ma1sd_container_labels_matrix_client_user_directory_search_hostname', when: "{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_enabled }}"} - - {'name': 'matrix_ma1sd_container_labels_matrix_client_user_directory_search_path', when: "{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_enabled }}"} + - {'name': 'matrix_ma1sd_container_labels_matrix_client_user_directory_search_path_regexp', when: "{{ matrix_ma1sd_container_labels_matrix_client_user_directory_search_enabled }}"} + - {'name': 'matrix_ma1sd_container_labels_matrix_client_3pid_registration_path_regexp', when: "{{ matrix_ma1sd_container_labels_matrix_client_3pid_registration_enabled }}"} - name: (Deprecation) Catch and report renamed ma1sd variables ansible.builtin.fail: @@ -65,6 +66,8 @@ - {'old': 'matrix_ma1sd_container_expose_port', 'new': ''} - {'old': 'matrix_ma1sd_threepid_medium_email_custom_unbind_fraudulent_template', 'new': 'matrix_ma1sd_threepid_medium_email_custom_session_unbind_notification_template'} - {'old': 'matrix_ma1sd_default_port', 'new': 'matrix_ma1sd_container_port'} + - {'old': 'matrix_ma1sd_container_labels_matrix_client_user_directory_search_path', 'new': 'matrix_ma1sd_container_labels_matrix_client_user_directory_search_path_regexp'} + - {'old': 'matrix_ma1sd_container_labels_matrix_client_3pid_registration_path', 'new': 'matrix_ma1sd_container_labels_matrix_client_3pid_registration_path_regexp'} - name: (Deprecation) Catch and report mxisd variables ansible.builtin.fail: diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index d8958fdd1..85d12d1dd 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -271,11 +271,11 @@ - {'old': 'matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container', 'new': ''} - - {'old': 'matrix_nginx_proxy_proxy_matrix_user_directory_search_v3_to_r0_redirect_enabled', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_matrix_user_directory_search_v3_to_r0_redirect_enabled', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_3pid_registration_enabled', 'new': 'matrix_ma1sd_container_labels_matrix_client_3pid_registration_enabled'} - {'old': 'matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container', 'new': ''} - - {'old': 'matrix_nginx_proxy_proxy_matrix_3pid_registration_v3_to_r0_redirect_enabled', 'new': ''} + - {'old': 'matrix_nginx_proxy_proxy_matrix_3pid_registration_v3_to_r0_redirect_enabled', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_conduit_enabled', 'new': 'matrix_conduit_container_labels_traefik_enabled'} - {'old': 'matrix_nginx_proxy_proxy_conduit_block_federation_api_on_client_port', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_conduit_federation_api_enabled', 'new': 'matrix_conduit_container_labels_public_federation_api_enabled'} From 469a0ebbf73d856bb8dba44fc9da8f8bf2099178 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 18 Jul 2024 21:29:56 +0000 Subject: [PATCH 22/25] chore(deps): update awesometechnologies/synapse-admin docker tag to v0.10.3 --- roles/custom/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-synapse-admin/defaults/main.yml b/roles/custom/matrix-synapse-admin/defaults/main.yml index bcdfad264..2c978601b 100644 --- a/roles/custom/matrix-synapse-admin/defaults/main.yml +++ b/roles/custom/matrix-synapse-admin/defaults/main.yml @@ -13,7 +13,7 @@ matrix_synapse_admin_container_image_self_build: false matrix_synapse_admin_container_image_self_build_repo: "https://github.com/Awesome-Technologies/synapse-admin.git" # renovate: datasource=docker depName=awesometechnologies/synapse-admin -matrix_synapse_admin_version: 0.10.2 +matrix_synapse_admin_version: 0.10.3 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}awesometechnologies/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From dce0f64f6d31cb44711ebeffb34f872d5bb63693 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 19 Jul 2024 07:31:33 +0300 Subject: [PATCH 23/25] Use simple matching for ma1sd deprecated vars validation Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3432 --- roles/custom/matrix-ma1sd/tasks/validate_config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/custom/matrix-ma1sd/tasks/validate_config.yml b/roles/custom/matrix-ma1sd/tasks/validate_config.yml index 2dd66e1a3..8e4787507 100644 --- a/roles/custom/matrix-ma1sd/tasks/validate_config.yml +++ b/roles/custom/matrix-ma1sd/tasks/validate_config.yml @@ -61,7 +61,7 @@ msg: >- Your configuration contains a variable, which now has a different name. Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`). - when: "vars | dict2items | selectattr('key', 'match', item.old) | list | items2dict" + when: "item.old in vars" with_items: - {'old': 'matrix_ma1sd_container_expose_port', 'new': ''} - {'old': 'matrix_ma1sd_threepid_medium_email_custom_unbind_fraudulent_template', 'new': 'matrix_ma1sd_threepid_medium_email_custom_session_unbind_notification_template'} From bf6e9a2bfa7a42ef7c10c073e4804e03f119fe1a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 21 Jul 2024 00:06:35 +0000 Subject: [PATCH 24/25] chore(deps): update joseluisq/static-web-server docker tag to v2.32.1 --- roles/custom/matrix-cactus-comments-client/defaults/main.yml | 2 +- roles/custom/matrix-static-files/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-cactus-comments-client/defaults/main.yml b/roles/custom/matrix-cactus-comments-client/defaults/main.yml index b366f4386..1bcb3bbbb 100644 --- a/roles/custom/matrix-cactus-comments-client/defaults/main.yml +++ b/roles/custom/matrix-cactus-comments-client/defaults/main.yml @@ -13,7 +13,7 @@ matrix_cactus_comments_client_public_path: "{{ matrix_cactus_comments_client_bas matrix_cactus_comments_client_public_path_file_permissions: "0644" # renovate: datasource=docker depName=joseluisq/static-web-server -matrix_cactus_comments_client_version: 2.32.0 +matrix_cactus_comments_client_version: 2.32.1 matrix_cactus_comments_client_container_image: "{{ matrix_container_global_registry_prefix }}joseluisq/static-web-server:{{ matrix_cactus_comments_client_container_image_tag }}" matrix_cactus_comments_client_container_image_tag: "{{ 'latest' if matrix_cactus_comments_client_version == 'latest' else (matrix_cactus_comments_client_version + '-alpine') }}" diff --git a/roles/custom/matrix-static-files/defaults/main.yml b/roles/custom/matrix-static-files/defaults/main.yml index 9e867df16..d2b338d40 100644 --- a/roles/custom/matrix-static-files/defaults/main.yml +++ b/roles/custom/matrix-static-files/defaults/main.yml @@ -8,7 +8,7 @@ matrix_static_files_enabled: true matrix_static_files_identifier: matrix-static-files # renovate: datasource=docker depName=joseluisq/static-web-server -matrix_static_files_version: 2.32.0 +matrix_static_files_version: 2.32.1 matrix_static_files_base_path: "{{ matrix_base_data_path }}/{{ 'static-files' if matrix_static_files_identifier == 'matrix-static-files' else matrix_static_files_identifier }}" matrix_static_files_config_path: "{{ matrix_static_files_base_path }}/config" From cb7726f4a8b3082e1fdab8949c60f07f5b6bdee7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 21 Jul 2024 08:23:42 +0300 Subject: [PATCH 25/25] Make sure Draupnir is connected to Pantalaimon's network when Pantalaimon enabled Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3434 --- group_vars/matrix_servers | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 75b5f96f3..1ccaacf1d 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2802,7 +2802,11 @@ matrix_bot_draupnir_container_network: "{{ matrix_addons_container_network }}" matrix_bot_draupnir_container_additional_networks_auto: |- {{ - ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) + ( + ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network]) + + + ([matrix_pantalaimon_container_network] if (matrix_bot_draupnir_pantalaimon_use and matrix_pantalaimon_container_network != matrix_bot_draupnir_container_network) else []) + ) | unique }} matrix_bot_draupnir_homeserver_url: "{{ 'http://matrix-pantalaimon:8009' if matrix_bot_draupnir_pantalaimon_use else matrix_addons_homeserver_client_api_url }}"