From 0515787de28cf89bb87d4def7187198f4256b5ca Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 31 Jan 2025 14:33:34 +0200 Subject: [PATCH] Upgrade Traefik (v3.3.2-0 -> v3.3.2-1) and remove `traefik_config_certificatesResolvers_acme_email` references Ref: - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4014 - https://github.com/mother-of-all-self-hosting/ansible-role-traefik/commit/21b36ce336c6ab391f30632df3d7d970b8ad94c0 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4014 --- CHANGELOG.md | 2 -- docs/configuring-playbook-own-webserver.md | 2 -- docs/howto-srv-server-delegation.md | 3 --- examples/vars.yml | 10 ---------- requirements.yml | 2 +- roles/custom/matrix-base/defaults/main.yml | 1 - 6 files changed, 1 insertion(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index aeb956290..2f659a85a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1246,8 +1246,6 @@ Unless we have some regression, **existing `matrix-nginx-proxy` users should be ```yaml matrix_playbook_reverse_proxy_type: playbook-managed-traefik - -traefik_config_certificatesResolvers_acme_email: YOUR_EMAIL_ADDRESS ``` You may still need to keep certain old `matrix_nginx_proxy_*` variables (like `matrix_nginx_proxy_base_domain_serving_enabled`), even when using Traefik. For now, we recommend keeping all `matrix_nginx_proxy_*` variables just in case. In the future, reliance on `matrix-nginx-proxy` will be removed. diff --git a/docs/configuring-playbook-own-webserver.md b/docs/configuring-playbook-own-webserver.md index 214640725..e49c454ae 100644 --- a/docs/configuring-playbook-own-webserver.md +++ b/docs/configuring-playbook-own-webserver.md @@ -18,8 +18,6 @@ To have the playbook install and use Traefik, add the following configuration to ```yaml matrix_playbook_reverse_proxy_type: playbook-managed-traefik - -traefik_config_certificatesResolvers_acme_email: YOUR_EMAIL_ADDRESS ``` Traefik will manage SSL certificates for all services seamlessly. diff --git a/docs/howto-srv-server-delegation.md b/docs/howto-srv-server-delegation.md index 3d83dd86a..4512dfca8 100644 --- a/docs/howto-srv-server-delegation.md +++ b/docs/howto-srv-server-delegation.md @@ -64,7 +64,6 @@ traefik_configuration_extension_yaml: | acme: # To use a staging endpoint for testing purposes, uncomment the line below. # caServer: https://acme-staging-v02.api.letsencrypt.org/directory - email: {{ traefik_config_certificatesResolvers_acme_email | to_json }} dnsChallenge: provider: cloudflare resolvers: @@ -124,7 +123,6 @@ matrix_coturn_container_additional_volumes: | ```yaml # Choosing the reverse proxy implementation matrix_playbook_reverse_proxy_type: playbook-managed-traefik -traefik_config_certificatesResolvers_acme_email: redacted@example.com # To serve the federation from any domain, as long as the path matches matrix_synapse_container_labels_public_federation_api_traefik_rule: PathPrefix(`/_matrix/federation`) @@ -141,7 +139,6 @@ traefik_configuration_extension_yaml: | acme: # To use a staging endpoint for testing purposes, uncomment the line below. # caServer: https://acme-staging-v02.api.letsencrypt.org/directory - email: {{ traefik_config_certificatesResolvers_acme_email | to_json }} dnsChallenge: provider: cloudflare resolvers: diff --git a/examples/vars.yml b/examples/vars.yml index d4d8066f8..cc6aa8333 100644 --- a/examples/vars.yml +++ b/examples/vars.yml @@ -28,16 +28,6 @@ matrix_homeserver_generic_secret_key: '' # For alternatives, see `docs/configuring-playbook-own-webserver.md`. matrix_playbook_reverse_proxy_type: playbook-managed-traefik -# This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains. -# -# In case SSL renewal fails at some point, you'll also get an email notification there. -# -# If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt), -# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`). -# -# Example value: someone@example.com -traefik_config_certificatesResolvers_acme_email: '' - # A Postgres password to use for the superuser Postgres user (called `matrix` by default). # # The playbook creates additional Postgres users and databases (one for each enabled service) diff --git a/requirements.yml b/requirements.yml index 3e1de26f2..8943945b4 100644 --- a/requirements.yml +++ b/requirements.yml @@ -64,7 +64,7 @@ version: v1.0.0-0 name: timesync - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git - version: v3.3.2-0 + version: v3.3.2-1 name: traefik - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git version: v2.8.3-5 diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index e70328a40..8dabc239d 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -217,7 +217,6 @@ matrix_metrics_exposure_http_basic_auth_users: '' # - `playbook-managed-traefik` # - the playbook will run a managed Traefik instance (matrix-traefik) # - Traefik will do SSL termination, unless you disable it (e.g. `traefik_config_entrypoint_web_secure_enabled: false`) -# - if SSL termination is enabled (as it is by default), you need to populate: `traefik_config_certificatesResolvers_acme_email` # # - `other-traefik-container` # - this playbook will not install Traefik