* Documentation update
* New files for role
* Update existing files to add support for matrix-steam-bridge
* Typos and misc fixes
* Change docker tag to latest until version # is stable
* Align bridge permissions
* Correct user localpart
* Remove trailing +
* Fix syslog identifier
* Actually enable the service correctly
* One more typo fix
* Third time's the charm
* Fix config file paths
* Fix config after bridge repo changes
* Add default appservice public address - set public_media to false by default for testing
* Fix default config for steamkit-service path
* Fix bluesky reference
* Fix default container path
* Fix appservice connection to http for internal, change port to standard 8080
* Fix appservice port
* Enable public_media by default, add labels
* Enable public_media by default, add labels
* Allow bridge to update its own config and generate public_media signing key
* Add deterministic public_media_signing_key, expose portal cleanup
* Change default public_media path to omit `matrix.` from the path as it has been found that URLs generated by the bridge will only match {{ matrix_domain }}
* Remove domain re-write
* Revert "Change default public_media path to omit `matrix.` from the path as it has been found that URLs generated by the bridge will only match {{ matrix_domain }}"
This reverts commit 5f399effb9.
* Fix TLS label if playbook TLS is disabled
* Match default bridge TLS config
* Related to 3daf14d69 and 60ab08014 which enable async media by default for mautrix-go bridges
* Adjust matrix-bridge-steam files to add new line at the end of files
* Pin matrix-bridge-steam (latest -> 1.0.3)
---------
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
With this change, the following roles are now only dependent
on the minimal `matrix-base` role:
- `matrix-corporal`
- `matrix-coturn`
- `matrix-mailer`
- `matrix-mxisd`
- `matrix-postgres`
- `matrix-riot-web`
- `matrix-synapse`
The `matrix-nginx-proxy` role still does too much and remains
dependent on the others.
Wiring up the various (now-independent) roles happens
via a glue variables file (`group_vars/matrix-servers`).
It's triggered for all hosts in the `matrix-servers` group.
According to Ansible's rules of priority, we have the following
chain of inclusion/overriding now:
- role defaults (mostly empty or good for independent usage)
- playbook glue variables (`group_vars/matrix-servers`)
- inventory host variables (`inventory/host_vars/matrix.<your-domain>`)
All roles default to enabling their main component
(e.g. `matrix_mxisd_enabled: true`, `matrix_riot_web_enabled: true`).
Reasoning: if a role is included in a playbook (especially separately,
in another playbook), it should "work" by default.
Our playbook disables some of those if they are not generally useful
(e.g. `matrix_corporal_enabled: false`).
As suggested in #63 (Github issue), splitting the
playbook's logic into multiple roles will be beneficial for
maintainability.
This patch realizes this split. Still, some components
affect others, so the roles are not really independent of one
another. For example:
- disabling mxisd (`matrix_mxisd_enabled: false`), causes Synapse
and riot-web to reconfigure themselves with other (public)
Identity servers.
- enabling matrix-corporal (`matrix_corporal_enabled: true`) affects
how reverse-proxying (by `matrix-nginx-proxy`) is done, in order to
put matrix-corporal's gateway server in front of Synapse
We may be able to move away from such dependencies in the future,
at the expense of a more complicated manual configuration, but
it's probably not worth sacrificing the convenience we have now.
As part of this work, the way we do "start components" has been
redone now to use a loop, as suggested in #65 (Github issue).
This should make restarting faster and more reliable.
Jason LaGuidice
Suguru Hirahara
Zepmann
Slavi Pantaleev
Marko Weltzer
Michael Collins
Aaron Raimist
Dan Arnfield
Edgars Voroboks