From e718cb373f3d415f7369a1dbf5c68db7c37545d0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 29 Jan 2026 11:43:32 +0200 Subject: [PATCH] matrix-appservice-irc: add scheme variable for mediaProxy publicUrl Instead of hardcoding 'https' in the publicUrl, introduce a scheme variable that can be configured. This follows the pattern used by other roles (e.g., matrix_mautrix_discord_scheme, matrix_hookshot_public_scheme). New variables: - matrix_appservice_irc_ircService_mediaProxy_publicUrl_scheme (defaults to https) - matrix_appservice_irc_ircService_mediaProxy_publicUrl (combines scheme, hostname, pathPrefix) The scheme is wired in group_vars/matrix_servers based on matrix_playbook_ssl_enabled, consistent with how other roles handle this. --- group_vars/matrix_servers | 2 ++ roles/custom/matrix-bridge-appservice-irc/defaults/main.yml | 2 ++ .../matrix-bridge-appservice-irc/templates/config.yaml.j2 | 2 +- 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 3eacacc98..b19eb9d7f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -862,6 +862,8 @@ matrix_appservice_irc_database_hostname: "{{ postgres_connection_hostname if pos matrix_appservice_irc_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.irc.db', rounds=655555) | to_uuid }}" matrix_appservice_irc_database_container_network: "{{ postgres_container_network if postgres_enabled else '' }}" +matrix_appservice_irc_ircService_mediaProxy_publicUrl_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}" # noqa var-naming + matrix_appservice_irc_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}" matrix_appservice_irc_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}" matrix_appservice_irc_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}" diff --git a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml index f5b269893..5aad5204d 100644 --- a/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/custom/matrix-bridge-appservice-irc/defaults/main.yml @@ -50,8 +50,10 @@ matrix_appservice_irc_homeserver_domain: '{{ matrix_domain }}' # ircService.mediaProxy configuration for serving publicly accessible URLs to authenticated Matrix media matrix_appservice_irc_ircService_mediaProxy_bindPort: 11111 # noqa var-naming +matrix_appservice_irc_ircService_mediaProxy_publicUrl_scheme: https # noqa var-naming matrix_appservice_irc_ircService_mediaProxy_publicUrl_hostname: '{{ matrix_server_fqn_matrix }}' # noqa var-naming matrix_appservice_irc_ircService_mediaProxy_publicUrl_pathPrefix: '/irc/' # noqa var-naming +matrix_appservice_irc_ircService_mediaProxy_publicUrl: "{{ matrix_appservice_irc_ircService_mediaProxy_publicUrl_scheme }}://{{ matrix_appservice_irc_ircService_mediaProxy_publicUrl_hostname }}{{ matrix_appservice_irc_ircService_mediaProxy_publicUrl_pathPrefix }}" # noqa var-naming matrix_appservice_irc_homeserver_enablePresence: true # noqa var-naming matrix_appservice_irc_appservice_address: 'http://matrix-appservice-irc:9999' diff --git a/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 index dbe86042b..363ac9a1b 100644 --- a/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-appservice-irc/templates/config.yaml.j2 @@ -143,7 +143,7 @@ ircService: # The port for the media proxy to listen on bindPort: {{ matrix_appservice_irc_ircService_mediaProxy_bindPort | to_json }} # The publicly accessible URL to the media proxy - publicUrl: "https://{{ matrix_appservice_irc_ircService_mediaProxy_publicUrl_hostname }}{{ matrix_appservice_irc_ircService_mediaProxy_publicUrl_pathPrefix }}" + publicUrl: {{ matrix_appservice_irc_ircService_mediaProxy_publicUrl | to_json }} # Options here are generally only applicable to large-scale bridges and may have # consequences greater than other options in this configuration file.