Catalan Lover
11 месяцев назад
Не найден GPG ключ соответствующий данной подписи
Идентификатор GPG ключа: 649BCCF930C07F70
5 измененных файлов: 28 добавлений и 21 удалений
-
+1 -0group_vars/matrix_servers
-
+9 -0roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml
-
+7 -21roles/custom/matrix-synapse-reverse-proxy-companion/templates/labels.j2
-
+10 -0roles/custom/matrix-synapse/defaults/main.yml
-
+1 -0roles/custom/matrix-synapse/defaults/main.yml.license
+ 1
- 0
group_vars/matrix_servers
Просмотреть файл
| @@ -4844,6 +4844,7 @@ matrix_synapse_container_labels_public_client_root_redirection_url: "{{ (('https | |||||
| matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: "{{ matrix_synapse_admin_enabled }}" | matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: "{{ matrix_synapse_admin_enabled }}" | ||||
| matrix_synapse_container_labels_internal_client_synapse_admin_api_enabled: "{{ matrix_bot_draupnir_admin_api_enabled }}" | matrix_synapse_container_labels_internal_client_synapse_admin_api_enabled: "{{ matrix_bot_draupnir_admin_api_enabled }}" | ||||
| matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_entrypoints: "{{ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_name }}" | |||||
| matrix_synapse_container_labels_public_federation_api_traefik_hostname: "{{ matrix_server_fqn_matrix_federation }}" | matrix_synapse_container_labels_public_federation_api_traefik_hostname: "{{ matrix_server_fqn_matrix_federation }}" | ||||
| matrix_synapse_container_labels_public_federation_api_traefik_entrypoints: "{{ matrix_federation_traefik_entrypoint_name }}" | matrix_synapse_container_labels_public_federation_api_traefik_entrypoints: "{{ matrix_federation_traefik_entrypoint_name }}" | ||||
+ 9
- 0
roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml
Просмотреть файл
| @@ -5,6 +5,7 @@ | |||||
| # SPDX-FileCopyrightText: 2024 Charles Wright | # SPDX-FileCopyrightText: 2024 Charles Wright | ||||
| # SPDX-FileCopyrightText: 2024 David Mehren | # SPDX-FileCopyrightText: 2024 David Mehren | ||||
| # SPDX-FileCopyrightText: 2024 Michael Hollister | # SPDX-FileCopyrightText: 2024 Michael Hollister | ||||
| # SPDX-FileCopyrightText: 2024 - 2025 Catalan Lover <catalanlover@protonmail.com> | |||||
| # | # | ||||
| # SPDX-License-Identifier: AGPL-3.0-or-later | # SPDX-License-Identifier: AGPL-3.0-or-later | ||||
| @@ -119,6 +120,14 @@ matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_ad | |||||
| matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_tls: "{{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_entrypoints != 'web' }}" | matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_tls: "{{ matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_entrypoints != 'web' }}" | ||||
| matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_tls_certResolver: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_tls_certResolver }}" # noqa var-naming | matrix_synapse_reverse_proxy_companion_container_labels_public_client_synapse_admin_api_traefik_tls_certResolver: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_tls_certResolver }}" # noqa var-naming | ||||
| # Controls whether labels will be added that expose the /_synapse/admin paths on the internal Traefik entrypoint. | |||||
| # This is similar to `matrix_synapse_container_labels_public_client_api_enabled`, but the entrypoint and intent is different. | |||||
| matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_enabled: false | |||||
| matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_path_prefix: "{{ matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_path_prefix }}" | |||||
| matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_rule: "PathPrefix(`{{ matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_path_prefix }}`)" | |||||
| matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_priority: 0 | |||||
| matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_entrypoints: "" | |||||
| # Controls whether labels will be added that expose the Server-Server API (Federation API). | # Controls whether labels will be added that expose the Server-Server API (Federation API). | ||||
| matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_enabled: "{{ matrix_synapse_reverse_proxy_companion_federation_api_enabled }}" | matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_enabled: "{{ matrix_synapse_reverse_proxy_companion_federation_api_enabled }}" | ||||
| matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_traefik_hostname: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname }}" | matrix_synapse_reverse_proxy_companion_container_labels_public_federation_api_traefik_hostname: "{{ matrix_synapse_reverse_proxy_companion_container_labels_traefik_hostname }}" | ||||
+ 7
- 21
roles/custom/matrix-synapse-reverse-proxy-companion/templates/labels.j2
Просмотреть файл
| @@ -1,5 +1,6 @@ | |||||
| {# | {# | ||||
| SPDX-FileCopyrightText: 2024 Slavi Pantaleev | SPDX-FileCopyrightText: 2024 Slavi Pantaleev | ||||
| SPDX-FileCopyrightText: 2024 - 2025 Catalan Lover <catalanlover@protonmail.com> | |||||
| SPDX-License-Identifier: AGPL-3.0-or-later | SPDX-License-Identifier: AGPL-3.0-or-later | ||||
| #} | #} | ||||
| @@ -156,36 +157,21 @@ traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synaps | |||||
| {% endif %} | {% endif %} | ||||
| {% if matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_enabled %} | {% if matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_enabled %} | ||||
| ############################################################ | |||||
| # # | |||||
| # Internal Synapse Admin API (/_synapse/client) # | |||||
| # # | |||||
| ############################################################ | |||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-client-api.rule=PathPrefix(`/_synapse/client`) | |||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-client-api.service=matrix-synapse-reverse-proxy-companion-client-api | |||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-client-api.entrypoints=matrix-internal-matrix-client-api | |||||
| ############################################################ | |||||
| # # | |||||
| # /Internal Synapse Admin API (/_synapse/client) # | |||||
| # # | |||||
| ############################################################ | |||||
| ############################################################ | ############################################################ | ||||
| # # | # # | ||||
| # Internal Synapse Admin API (/_synapse/admin) # | # Internal Synapse Admin API (/_synapse/admin) # | ||||
| # # | # # | ||||
| ############################################################ | ############################################################ | ||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-admin-api.rule=PathPrefix(`/_synapse/admin`) | |||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-admin-api.rule={{ matrix_synapse_reverse_proxy_companion_container_labels_internal_admin_api_traefik_rule }} | |||||
| {% if matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_priority | int > 0 %} | |||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-public-client-synapse-admin-api.priority={{ matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_priority }} | |||||
| {% endif %} | |||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-admin-api.service=matrix-synapse-reverse-proxy-companion-client-api | traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-admin-api.service=matrix-synapse-reverse-proxy-companion-client-api | ||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-admin-api.entrypoints=matrix-internal-matrix-client-api | |||||
| traefik.http.routers.matrix-synapse-reverse-proxy-companion-internal-client-synapse-admin-api.entrypoints={{ matrix_synapse_reverse_proxy_companion_container_labels_internal_client_synapse_admin_api_traefik_entrypoints }} | |||||
| ############################################################ | ############################################################ | ||||
| # # | # # | ||||
+ 10
- 0
roles/custom/matrix-synapse/defaults/main.yml
Просмотреть файл
| @@ -268,6 +268,16 @@ matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_entrypoi | |||||
| matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_tls: "{{ matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_entrypoints != 'web' }}" | matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_tls: "{{ matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_entrypoints != 'web' }}" | ||||
| matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming | matrix_synapse_container_labels_public_client_synapse_admin_api_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming | ||||
| # Controls whether labels will be added that expose the /_synapse/admin paths on the internal Traefik entrypoint. | |||||
| # Following these recommendations (https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md), by default, we don't. | |||||
| # Regardless of whether this is enabled, it may or may not take effect due to the value of other variables. | |||||
| matrix_synapse_container_labels_internal_client_synapse_admin_api_enabled: false | |||||
| matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_path_prefix: /_synapse/admin | |||||
| matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_rule: "PathPrefix(`{{ matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_path_prefix }}`)" | |||||
| matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_priority: 0 | |||||
| matrix_synapse_container_labels_internal_client_synapse_admin_api_traefik_entrypoints: "" | |||||
| # Controls whether labels will be added that expose the Server-Server API (Federation API). | # Controls whether labels will be added that expose the Server-Server API (Federation API). | ||||
| # Regardless of whether this is enabled, it may or may not take effect due to the value of other variables. | # Regardless of whether this is enabled, it may or may not take effect due to the value of other variables. | ||||
| # See `matrix_synapse_container_labels_traefik_enabled` or `matrix_synapse_container_labels_matrix_related_labels_enabled` | # See `matrix_synapse_container_labels_traefik_enabled` or `matrix_synapse_container_labels_matrix_related_labels_enabled` | ||||
+ 1
- 0
roles/custom/matrix-synapse/defaults/main.yml.license
Просмотреть файл
| @@ -35,5 +35,6 @@ SPDX-FileCopyrightText: 2023 Luke D Iremadze | |||||
| SPDX-FileCopyrightText: 2023 Samuel Meenzen | SPDX-FileCopyrightText: 2023 Samuel Meenzen | ||||
| SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara | SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara | ||||
| SPDX-FileCopyrightText: 2024 Charles Wright | SPDX-FileCopyrightText: 2024 Charles Wright | ||||
| SPDX-FileCopyrightText: 2025 Catalan Lover <catalanlover@protonmail.com> | |||||
| SPDX-License-Identifier: AGPL-3.0-or-later | SPDX-License-Identifier: AGPL-3.0-or-later | ||||