overmind
/
matrix-docker-ansible-deploy
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Matrix Docker Ansible eploy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8814 Commits
13 Branches
36 MiB
 
 
Tree: d4f8d0918a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd4f8d0918a'
${ noResults }
matrix-docker-ansible-deploy/i18n/locales/bg/LC_MESSAGES/docs/configuring-playbook-own-we...

293 lines
11 KiB
Raw Blame History 

  1. # SOME DESCRIPTIVE TITLE.

  2. # Copyright (C) 2018-2024, Slavi Pantaleev, Aine Etke, MDAD community

  3. # members

  4. # This file is distributed under the same license as the

  5. # matrix-docker-ansible-deploy package.

  6. # FIRST AUTHOR <EMAIL@ADDRESS>, 2024.

  7. #

  8. #, fuzzy

  9. msgid ""

  10. msgstr ""

  11. "Project-Id-Version: matrix-docker-ansible-deploy \n"

  12. "Report-Msgid-Bugs-To: \n"

  13. "POT-Creation-Date: 2024-12-16 12:05+0900\n"

  14. "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"

  15. "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"

  16. "Language: bg\n"

  17. "Language-Team: bg <LL@li.org>\n"

  18. "Plural-Forms: nplurals=2; plural=(n != 1);\n"

  19. "MIME-Version: 1.0\n"

  20. "Content-Type: text/plain; charset=utf-8\n"

  21. "Content-Transfer-Encoding: 8bit\n"

  22. "Generated-By: Babel 2.16.0\n"

  23. 

  24. #: ../../../docs/configuring-playbook-own-webserver.md:1

  25. msgid ""

  26. "Using your own webserver, instead of this playbook's Traefik reverse-"

  27. "proxy (optional, advanced)"

  28. msgstr ""

  29. 

  30. #: ../../../docs/configuring-playbook-own-webserver.md:3

  31. msgid ""

  32. "By default, this playbook installs its own [Traefik](https://traefik.io/)"

  33. " reverse-proxy server (in a Docker container) which listens on ports 80 "

  34. "and 443. If that's okay, you can skip this document."

  35. msgstr ""

  36. 

  37. #: ../../../docs/configuring-playbook-own-webserver.md:5

  38. msgid "Traefik"

  39. msgstr ""

  40. 

  41. #: ../../../docs/configuring-playbook-own-webserver.md:7

  42. msgid ""

  43. "[Traefik](https://traefik.io/) is the default reverse-proxy for the "

  44. "playbook since [2023-02-26](../CHANGELOG.md/#2023-02-26) and serves **2 "

  45. "purposes**:"

  46. msgstr ""

  47. 

  48. #: ../../../docs/configuring-playbook-own-webserver.md:9

  49. msgid ""

  50. "serving public traffic and providing SSL-termination with certificates "

  51. "obtained from [Let's Encrypt](https://letsencrypt.org/). See [Adjusting "

  52. "SSL certificate retrieval](./configuring-playbook-ssl-certificates.md)."

  53. msgstr ""

  54. 

  55. #: ../../../docs/configuring-playbook-own-webserver.md:11

  56. msgid ""

  57. "assists internal communication between addon services (briges, bots, "

  58. "etc.) and the homeserver via an internal entrypoint (`matrix-internal-"

  59. "matrix-client-api`)."

  60. msgstr ""

  61. 

  62. #: ../../../docs/configuring-playbook-own-webserver.md:13

  63. msgid "There are 2 ways to use Traefik with this playbook, as described below."

  64. msgstr ""

  65. 

  66. #: ../../../docs/configuring-playbook-own-webserver.md:15

  67. msgid "Traefik managed by the playbook"

  68. msgstr ""

  69. 

  70. #: ../../../docs/configuring-playbook-own-webserver.md:17

  71. msgid ""

  72. "To have the playbook install and use Traefik, add the following "

  73. "configuration to your `inventory/host_vars/matrix.example.com/vars.yml` "

  74. "file:"

  75. msgstr ""

  76. 

  77. #: ../../../docs/configuring-playbook-own-webserver.md:25

  78. msgid "Traefik will manage SSL certificates for all services seamlessly."

  79. msgstr ""

  80. 

  81. #: ../../../docs/configuring-playbook-own-webserver.md:27

  82. msgid "Traefik managed by you"

  83. msgstr ""

  84. 

  85. #: ../../../docs/configuring-playbook-own-webserver.md:53

  86. msgid ""

  87. "In this mode all roles will still have Traefik labels attached. You will,"

  88. " however, need to configure your Traefik instance and its entrypoints."

  89. msgstr ""

  90. 

  91. #: ../../../docs/configuring-playbook-own-webserver.md:55

  92. msgid ""

  93. "By default, the playbook configured a `default` certificate resolver and "

  94. "multiple entrypoints."

  95. msgstr ""

  96. 

  97. #: ../../../docs/configuring-playbook-own-webserver.md:57

  98. msgid "You need to configure 4 entrypoints for your Traefik server:"

  99. msgstr ""

  100. 

  101. #: ../../../docs/configuring-playbook-own-webserver.md:59

  102. msgid "`web` (TCP port `80`) - used for redirecting to HTTPS (`web-secure`)"

  103. msgstr ""

  104. 

  105. #: ../../../docs/configuring-playbook-own-webserver.md:60

  106. msgid ""

  107. "`web-secure` (TCP port `443`) - used for exposing the Matrix Client-"

  108. "Server API and all other services"

  109. msgstr ""

  110. 

  111. #: ../../../docs/configuring-playbook-own-webserver.md:61

  112. msgid ""

  113. "`matrix-federation` (TCP port `8448`) - used for exposing the Matrix "

  114. "Federation API"

  115. msgstr ""

  116. 

  117. #: ../../../docs/configuring-playbook-own-webserver.md:62

  118. msgid ""

  119. "`matrix-internal-matrix-client-api` (TCP port `8008`) - used internally "

  120. "for addon services (bridges, bots) to communicate with the homserver"

  121. msgstr ""

  122. 

  123. #: ../../../docs/configuring-playbook-own-webserver.md:64

  124. msgid ""

  125. "Below is some configuration for running Traefik yourself, although we "

  126. "recommend using [Traefik managed by the playbook](#traefik-managed-by-"

  127. "the-playbook)."

  128. msgstr ""

  129. 

  130. #: ../../../docs/configuring-playbook-own-webserver.md:66

  131. msgid ""

  132. "Note that this configuration on its own does **not** redirect traffic on "

  133. "port 80 (plain HTTP) to port 443 for HTTPS. If you are not already doing "

  134. "this in Traefik, it can be added to Traefik in a [file "

  135. "provider](https://docs.traefik.io/v2.0/providers/file/) as follows:"

  136. msgstr ""

  137. 

  138. #: ../../../docs/configuring-playbook-own-webserver.md:86

  139. msgid ""

  140. "You can use the following `docker-compose.yml` as example to launch "

  141. "Traefik."

  142. msgstr ""

  143. 

  144. #: ../../../docs/configuring-playbook-own-webserver.md:122

  145. msgid "Another webserver"

  146. msgstr ""

  147. 

  148. #: ../../../docs/configuring-playbook-own-webserver.md:124

  149. msgid "If you don't wish to use Traefik, you can also use your own webserver."

  150. msgstr ""

  151. 

  152. #: ../../../docs/configuring-playbook-own-webserver.md:126

  153. msgid "Doing this is possible, but requires manual work."

  154. msgstr ""

  155. 

  156. #: ../../../docs/configuring-playbook-own-webserver.md:128

  157. msgid "There are 2 ways to go about it:"

  158. msgstr ""

  159. 

  160. #: ../../../docs/configuring-playbook-own-webserver.md:130

  161. msgid ""

  162. "(recommended) [Fronting the integrated reverse-proxy webserver with "

  163. "another reverse-proxy](#fronting-the-integrated-reverse-proxy-webserver-"

  164. "with-another-reverse-proxy) - using the playbook-managed reverse-proxy "

  165. "(Traefik), but disabling SSL termination for it, exposing this reverse-"

  166. "proxy on a few local ports (e.g. `127.0.0.1:81`, etc.) and forwarding "

  167. "traffic from your own webserver to those few ports"

  168. msgstr ""

  169. 

  170. #: ../../../docs/configuring-playbook-own-webserver.md:132

  171. msgid ""

  172. "(difficult) [Using no reverse-proxy on the Matrix side at all](#using-no-"

  173. "reverse-proxy-on-the-matrix-side-at-all) disabling the playbook-managed "

  174. "reverse-proxy (Traefik), exposing services one by one using "

  175. "`_host_bind_port` variables and forwarding traffic from your own "

  176. "webserver to those ports"

  177. msgstr ""

  178. 

  179. #: ../../../docs/configuring-playbook-own-webserver.md:134

  180. msgid "Fronting the integrated reverse-proxy webserver with another reverse-proxy"

  181. msgstr ""

  182. 

  183. #: ../../../docs/configuring-playbook-own-webserver.md:136

  184. msgid ""

  185. "This method is about leaving the integrated reverse-proxy webserver be, "

  186. "but making it not get in the way (using up important ports, trying to "

  187. "retrieve SSL certificates, etc.)."

  188. msgstr ""

  189. 

  190. #: ../../../docs/configuring-playbook-own-webserver.md:138

  191. msgid ""

  192. "If you wish to use another webserver, the integrated reverse-proxy "

  193. "webserver usually gets in the way because it attempts to fetch SSL "

  194. "certificates and binds to ports 80, 443 and 8448 (if Matrix Federation is"

  195. " enabled)."

  196. msgstr ""

  197. 

  198. #: ../../../docs/configuring-playbook-own-webserver.md:140

  199. msgid ""

  200. "You can disable such behavior and make the integrated reverse-proxy "

  201. "webserver only serve traffic locally on the host itself (or over a local "

  202. "network)."

  203. msgstr ""

  204. 

  205. #: ../../../docs/configuring-playbook-own-webserver.md:142

  206. msgid ""

  207. "This is the recommended way for using another reverse-proxy, because the "

  208. "integrated one would act as a black box and wire all Matrix services "

  209. "correctly. You would then only need to reverse-proxy a few individual "

  210. "domains and ports over to it."

  211. msgstr ""

  212. 

  213. #: ../../../docs/configuring-playbook-own-webserver.md:144

  214. msgid ""

  215. "To front Traefik with another reverse-proxy, you would need some "

  216. "configuration like this:"

  217. msgstr ""

  218. 

  219. #: ../../../docs/configuring-playbook-own-webserver.md:194

  220. msgid ""

  221. "Such a configuration would expose all services on a local port `81` and "

  222. "Matrix Federation on a local port `8449`. Your reverse-proxy "

  223. "configuration needs to send traffic to these ports. [`examples/reverse-"

  224. "proxies`](../examples/reverse-proxies/) contains examples for various "

  225. "webservers such as Apache2, Caddy, HAproxy, nginx and Nginx Proxy "

  226. "Manager."

  227. msgstr ""

  228. 

  229. #: ../../../docs/configuring-playbook-own-webserver.md:196

  230. msgid ""

  231. "It's important that these webservers proxy-pass requests to the correct "

  232. "`ip:port` and also set the `Host` HTTP header appropriately. If you don't"

  233. " pass the `Host` header correctly, Traefik will return a `404 - not "

  234. "found` error."

  235. msgstr ""

  236. 

  237. #: ../../../docs/configuring-playbook-own-webserver.md:198

  238. msgid "To put it another way:"

  239. msgstr ""

  240. 

  241. #: ../../../docs/configuring-playbook-own-webserver.md:199

  242. msgid "`curl http://127.0.0.1:81` will result in a `404 - not found` error"

  243. msgstr ""

  244. 

  245. #: ../../../docs/configuring-playbook-own-webserver.md:200

  246. msgid "but `curl -H 'Host: matrix.example.com' http://127.0.0.1:81` should work."

  247. msgstr ""

  248. 

  249. #: ../../../docs/configuring-playbook-own-webserver.md:202

  250. msgid "Using no reverse-proxy on the Matrix side at all"

  251. msgstr ""

  252. 

  253. #: ../../../docs/configuring-playbook-own-webserver.md:204

  254. msgid ""

  255. "Instead of [Fronting the integrated reverse-proxy webserver with another "

  256. "reverse-proxy](#fronting-the-integrated-reverse-proxy-webserver-with-"

  257. "another-reverse-proxy), you can also go another way -- completely "

  258. "disabling the playbook-managed Traefik reverse-proxy. You would then need"

  259. " to reverse-proxy from your own webserver directly to each individual "

  260. "Matrix service."

  261. msgstr ""

  262. 

  263. #: ../../../docs/configuring-playbook-own-webserver.md:206

  264. msgid ""

  265. "This is more difficult, as you would need to handle the configuration for"

  266. " each service manually. Enabling additional services would come with "

  267. "extra manual work you need to do."

  268. msgstr ""

  269. 

  270. #: ../../../docs/configuring-playbook-own-webserver.md:208

  271. msgid ""

  272. "Also, the Traefik reverse-proxy, besides fronting everything is also "

  273. "serving a 2nd purpose of allowing addons services to communicate with the"

  274. " Matrix homeserver thanks to its `matrix-internal-matrix-client-api` "

  275. "entrypoint (read more about it above). Disabling Traefik completely means"

  276. " the playbook would wire services to directly talk to the homeserver. "

  277. "This can work for basic setups, but not for more complex setups involving"

  278. " [matrix-media-repo](./configuring-playbook-matrix-media-repo.md), "

  279. "[matrix-corporal](./configuring-playbook-matrix-corporal.md) or other "

  280. "such services that need to \"steal routes\" from the homeserver."

  281. msgstr ""

  282. 

  283. #: ../../../docs/configuring-playbook-own-webserver.md:210

  284. msgid ""

  285. "If your webserver is on the same machine, ensure your web server user "

  286. "(something like `http`, `apache`, `www-data`, `nginx`) is part of the "

  287. "`matrix` group. You should run something like this: `usermod -a -G matrix"

  288. " nginx`. This allows your webserver user to access files owned by the "

  289. "`matrix` group, so that it can serve static files from `/matrix/static-"

  290. "files`."

  291. msgstr ""