matrix-docker-ansible-deploy/i18n/locales/jp/LC_MESSAGES/docs/configuring-playbook-own-webserver.po

292 lines
10 KiB
Plaintext
Raw Normal View History

# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2018-2024, Slavi Pantaleev, Aine Etke, MDAD community
# members
# This file is distributed under the same license as the
# matrix-docker-ansible-deploy package.
# FIRST AUTHOR <EMAIL@ADDRESS>, 2024.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-12-16 12:05+0900\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language: jp\n"
"Language-Team: jp <LL@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Generated-By: Babel 2.16.0\n"
#: ../../../docs/configuring-playbook-own-webserver.md:1
msgid ""
"Using your own webserver, instead of this playbook's Traefik reverse-"
"proxy (optional, advanced)"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:3
msgid ""
"By default, this playbook installs its own [Traefik](https://traefik.io/)"
" reverse-proxy server (in a Docker container) which listens on ports 80 "
"and 443. If that's okay, you can skip this document."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:5
msgid "Traefik"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:7
msgid ""
"[Traefik](https://traefik.io/) is the default reverse-proxy for the "
"playbook since [2023-02-26](../CHANGELOG.md/#2023-02-26) and serves **2 "
"purposes**:"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:9
msgid ""
"serving public traffic and providing SSL-termination with certificates "
"obtained from [Let's Encrypt](https://letsencrypt.org/). See [Adjusting "
"SSL certificate retrieval](./configuring-playbook-ssl-certificates.md)."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:11
msgid ""
"assists internal communication between addon services (briges, bots, "
"etc.) and the homeserver via an internal entrypoint (`matrix-internal-"
"matrix-client-api`)."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:13
msgid "There are 2 ways to use Traefik with this playbook, as described below."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:15
msgid "Traefik managed by the playbook"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:17
msgid ""
"To have the playbook install and use Traefik, add the following "
"configuration to your `inventory/host_vars/matrix.example.com/vars.yml` "
"file:"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:25
msgid "Traefik will manage SSL certificates for all services seamlessly."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:27
msgid "Traefik managed by you"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:53
msgid ""
"In this mode all roles will still have Traefik labels attached. You will,"
" however, need to configure your Traefik instance and its entrypoints."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:55
msgid ""
"By default, the playbook configured a `default` certificate resolver and "
"multiple entrypoints."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:57
msgid "You need to configure 4 entrypoints for your Traefik server:"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:59
msgid "`web` (TCP port `80`) - used for redirecting to HTTPS (`web-secure`)"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:60
msgid ""
"`web-secure` (TCP port `443`) - used for exposing the Matrix Client-"
"Server API and all other services"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:61
msgid ""
"`matrix-federation` (TCP port `8448`) - used for exposing the Matrix "
"Federation API"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:62
msgid ""
"`matrix-internal-matrix-client-api` (TCP port `8008`) - used internally "
"for addon services (bridges, bots) to communicate with the homserver"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:64
msgid ""
"Below is some configuration for running Traefik yourself, although we "
"recommend using [Traefik managed by the playbook](#traefik-managed-by-"
"the-playbook)."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:66
msgid ""
"Note that this configuration on its own does **not** redirect traffic on "
"port 80 (plain HTTP) to port 443 for HTTPS. If you are not already doing "
"this in Traefik, it can be added to Traefik in a [file "
"provider](https://docs.traefik.io/v2.0/providers/file/) as follows:"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:86
msgid ""
"You can use the following `docker-compose.yml` as example to launch "
"Traefik."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:122
msgid "Another webserver"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:124
msgid "If you don't wish to use Traefik, you can also use your own webserver."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:126
msgid "Doing this is possible, but requires manual work."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:128
msgid "There are 2 ways to go about it:"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:130
msgid ""
"(recommended) [Fronting the integrated reverse-proxy webserver with "
"another reverse-proxy](#fronting-the-integrated-reverse-proxy-webserver-"
"with-another-reverse-proxy) - using the playbook-managed reverse-proxy "
"(Traefik), but disabling SSL termination for it, exposing this reverse-"
"proxy on a few local ports (e.g. `127.0.0.1:81`, etc.) and forwarding "
"traffic from your own webserver to those few ports"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:132
msgid ""
"(difficult) [Using no reverse-proxy on the Matrix side at all](#using-no-"
"reverse-proxy-on-the-matrix-side-at-all) disabling the playbook-managed "
"reverse-proxy (Traefik), exposing services one by one using "
"`_host_bind_port` variables and forwarding traffic from your own "
"webserver to those ports"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:134
msgid "Fronting the integrated reverse-proxy webserver with another reverse-proxy"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:136
msgid ""
"This method is about leaving the integrated reverse-proxy webserver be, "
"but making it not get in the way (using up important ports, trying to "
"retrieve SSL certificates, etc.)."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:138
msgid ""
"If you wish to use another webserver, the integrated reverse-proxy "
"webserver usually gets in the way because it attempts to fetch SSL "
"certificates and binds to ports 80, 443 and 8448 (if Matrix Federation is"
" enabled)."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:140
msgid ""
"You can disable such behavior and make the integrated reverse-proxy "
"webserver only serve traffic locally on the host itself (or over a local "
"network)."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:142
msgid ""
"This is the recommended way for using another reverse-proxy, because the "
"integrated one would act as a black box and wire all Matrix services "
"correctly. You would then only need to reverse-proxy a few individual "
"domains and ports over to it."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:144
msgid ""
"To front Traefik with another reverse-proxy, you would need some "
"configuration like this:"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:194
msgid ""
"Such a configuration would expose all services on a local port `81` and "
"Matrix Federation on a local port `8449`. Your reverse-proxy "
"configuration needs to send traffic to these ports. [`examples/reverse-"
"proxies`](../examples/reverse-proxies/) contains examples for various "
"webservers such as Apache2, Caddy, HAproxy, nginx and Nginx Proxy "
"Manager."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:196
msgid ""
"It's important that these webservers proxy-pass requests to the correct "
"`ip:port` and also set the `Host` HTTP header appropriately. If you don't"
" pass the `Host` header correctly, Traefik will return a `404 - not "
"found` error."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:198
msgid "To put it another way:"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:199
msgid "`curl http://127.0.0.1:81` will result in a `404 - not found` error"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:200
msgid "but `curl -H 'Host: matrix.example.com' http://127.0.0.1:81` should work."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:202
msgid "Using no reverse-proxy on the Matrix side at all"
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:204
msgid ""
"Instead of [Fronting the integrated reverse-proxy webserver with another "
"reverse-proxy](#fronting-the-integrated-reverse-proxy-webserver-with-"
"another-reverse-proxy), you can also go another way -- completely "
"disabling the playbook-managed Traefik reverse-proxy. You would then need"
" to reverse-proxy from your own webserver directly to each individual "
"Matrix service."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:206
msgid ""
"This is more difficult, as you would need to handle the configuration for"
" each service manually. Enabling additional services would come with "
"extra manual work you need to do."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:208
msgid ""
"Also, the Traefik reverse-proxy, besides fronting everything is also "
"serving a 2nd purpose of allowing addons services to communicate with the"
" Matrix homeserver thanks to its `matrix-internal-matrix-client-api` "
"entrypoint (read more about it above). Disabling Traefik completely means"
" the playbook would wire services to directly talk to the homeserver. "
"This can work for basic setups, but not for more complex setups involving"
" [matrix-media-repo](./configuring-playbook-matrix-media-repo.md), "
"[matrix-corporal](./configuring-playbook-matrix-corporal.md) or other "
"such services that need to \"steal routes\" from the homeserver."
msgstr ""
#: ../../../docs/configuring-playbook-own-webserver.md:210
msgid ""
"If your webserver is on the same machine, ensure your web server user "
"(something like `http`, `apache`, `www-data`, `nginx`) is part of the "
"`matrix` group. You should run something like this: `usermod -a -G matrix"
" nginx`. This allows your webserver user to access files owned by the "
"`matrix` group, so that it can serve static files from `/matrix/static-"
"files`."
msgstr ""