ansol/matrix-docker-ansible-deploy
7
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-02-01 15:21:58 +00:00
Code Issues Projects Releases Wiki Activity

Upgrade Traefik (v3.3.2-0 -> v3.3.2-1) and remove traefik_config_certificatesResolvers_acme_email references

Browse Source 
Ref:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4014
- 21b36ce336

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4014
This commit is contained in:
Slavi Pantaleev 2025-01-31 14:33:34 +02:00
parent bd07b23ce1
commit 0515787de2
6 changed files with 1 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -1246,8 +1246,6 @@ Unless we have some regression, **existing `matrix-nginx-proxy` users should be
```yaml ```yaml
matrix_playbook_reverse_proxy_type: playbook-managed-traefik matrix_playbook_reverse_proxy_type: playbook-managed-traefik
traefik_config_certificatesResolvers_acme_email: YOUR_EMAIL_ADDRESS
``` ```
You may still need to keep certain old `matrix_nginx_proxy_*` variables (like `matrix_nginx_proxy_base_domain_serving_enabled`), even when using Traefik. For now, we recommend keeping all `matrix_nginx_proxy_*` variables just in case. In the future, reliance on `matrix-nginx-proxy` will be removed. You may still need to keep certain old `matrix_nginx_proxy_*` variables (like `matrix_nginx_proxy_base_domain_serving_enabled`), even when using Traefik. For now, we recommend keeping all `matrix_nginx_proxy_*` variables just in case. In the future, reliance on `matrix-nginx-proxy` will be removed.

2
docs/configuring-playbook-own-webserver.md
View File

@ -18,8 +18,6 @@ To have the playbook install and use Traefik, add the following configuration to
```yaml ```yaml
matrix_playbook_reverse_proxy_type: playbook-managed-traefik matrix_playbook_reverse_proxy_type: playbook-managed-traefik
traefik_config_certificatesResolvers_acme_email: YOUR_EMAIL_ADDRESS
``` ```
Traefik will manage SSL certificates for all services seamlessly. Traefik will manage SSL certificates for all services seamlessly.

3
docs/howto-srv-server-delegation.md
View File

@ -64,7 +64,6 @@ traefik_configuration_extension_yaml: |
acme: acme:
# To use a staging endpoint for testing purposes, uncomment the line below. # To use a staging endpoint for testing purposes, uncomment the line below.
# caServer: https://acme-staging-v02.api.letsencrypt.org/directory # caServer: https://acme-staging-v02.api.letsencrypt.org/directory
email: {{ traefik_config_certificatesResolvers_acme_email | to_json }}
dnsChallenge: dnsChallenge:
provider: cloudflare provider: cloudflare
resolvers: resolvers:
@ -124,7 +123,6 @@ matrix_coturn_container_additional_volumes: |
```yaml ```yaml
# Choosing the reverse proxy implementation # Choosing the reverse proxy implementation
matrix_playbook_reverse_proxy_type: playbook-managed-traefik matrix_playbook_reverse_proxy_type: playbook-managed-traefik
traefik_config_certificatesResolvers_acme_email: redacted@example.com
# To serve the federation from any domain, as long as the path matches # To serve the federation from any domain, as long as the path matches
matrix_synapse_container_labels_public_federation_api_traefik_rule: PathPrefix(`/_matrix/federation`) matrix_synapse_container_labels_public_federation_api_traefik_rule: PathPrefix(`/_matrix/federation`)
@ -141,7 +139,6 @@ traefik_configuration_extension_yaml: |
acme: acme:
# To use a staging endpoint for testing purposes, uncomment the line below. # To use a staging endpoint for testing purposes, uncomment the line below.
# caServer: https://acme-staging-v02.api.letsencrypt.org/directory # caServer: https://acme-staging-v02.api.letsencrypt.org/directory
email: {{ traefik_config_certificatesResolvers_acme_email | to_json }}
dnsChallenge: dnsChallenge:
provider: cloudflare provider: cloudflare
resolvers: resolvers:

10
examples/vars.yml
View File

@ -28,16 +28,6 @@ matrix_homeserver_generic_secret_key: ''
# For alternatives, see `docs/configuring-playbook-own-webserver.md`. # For alternatives, see `docs/configuring-playbook-own-webserver.md`.
matrix_playbook_reverse_proxy_type: playbook-managed-traefik matrix_playbook_reverse_proxy_type: playbook-managed-traefik
# This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains.
#
# In case SSL renewal fails at some point, you'll also get an email notification there.
#
# If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt),
# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
#
# Example value: someone@example.com
traefik_config_certificatesResolvers_acme_email: ''
# A Postgres password to use for the superuser Postgres user (called `matrix` by default). # A Postgres password to use for the superuser Postgres user (called `matrix` by default).
# #
# The playbook creates additional Postgres users and databases (one for each enabled service) # The playbook creates additional Postgres users and databases (one for each enabled service)

2
requirements.yml
View File

@ -64,7 +64,7 @@
version: v1.0.0-0 version: v1.0.0-0
name: timesync name: timesync
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
version: v3.3.2-0 version: v3.3.2-1
name: traefik name: traefik
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
version: v2.8.3-5 version: v2.8.3-5

1
roles/custom/matrix-base/defaults/main.yml
View File

@ -217,7 +217,6 @@ matrix_metrics_exposure_http_basic_auth_users: ''
# - `playbook-managed-traefik` # - `playbook-managed-traefik`
# - the playbook will run a managed Traefik instance (matrix-traefik) # - the playbook will run a managed Traefik instance (matrix-traefik)
# - Traefik will do SSL termination, unless you disable it (e.g. `traefik_config_entrypoint_web_secure_enabled: false`) # - Traefik will do SSL termination, unless you disable it (e.g. `traefik_config_entrypoint_web_secure_enabled: false`)
# - if SSL termination is enabled (as it is by default), you need to populate: `traefik_config_certificatesResolvers_acme_email`
# #
# - `other-traefik-container` # - `other-traefik-container`
# - this playbook will not install Traefik # - this playbook will not install Traefik