mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-25 12:06:18 +00:00
Do not run matrix-nginx-proxy config injection tasks unless necessary
These `init.yml` (now `inject_into_nginx_proxy.yml`) tasks do not need to `always` run. They only need to run for `setup-all` and `setup-nginx-proxy`. Unless we're dealing with these 2 tags, we can spare ourselves a lot of work. This patch also moves the `when` statement from `init.yml` into `main.yml` in an effort to further optimize things by potentially avoiding the extra file include.
This commit is contained in:
parent
d829884642
commit
735bacca89
@ -54,7 +54,7 @@ Unless indicated otherwise, the following endpoints are reachable on your `matri
|
||||
| widgets | `/hookshot/widgetapi/` | `matrix_hookshot_widgets_endpoint` | Widgets |
|
||||
| metrics | `/metrics/hookshot` | `matrix_hookshot_metrics_enabled` and `matrix_hookshot_metrics_proxying_enabled`. Requires `/metrics/*` endpoints to also be enabled via `matrix_nginx_proxy_proxy_matrix_metrics_enabled` (see the `matrix-nginx-proxy` role). Read more in the [Metrics section](#metrics) below. | Prometheus |
|
||||
|
||||
See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/custom/matrix-bridge-hookshot/tasks/init.yml).
|
||||
See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/custom/matrix-bridge-hookshot/tasks/inject_into_nginx_proxy.yml).
|
||||
|
||||
The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/custom/matrix-bridge-hookshot/defaults/main.yml) in detail for more info.
|
||||
|
||||
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_bot_maubot_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup|bool and matrix_bot_maubot_enabled|bool"
|
||||
|
@ -1,48 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_appservice_slack_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_appservice_slack_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_appservice_slack_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Slack bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_appservice_slack_public_endpoint }}`
|
||||
URL endpoint to the matrix-appservice-slack container.
|
||||
You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable.
|
||||
when: "matrix_appservice_slack_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_appservice_slack_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_appservice_slack_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_slack_slack_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_appservice_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Slack bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_appservice_slack_public_endpoint }}`
|
||||
URL endpoint to the matrix-appservice-slack container.
|
||||
You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable.
|
||||
when: "matrix_appservice_slack_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_appservice_slack_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_appservice_slack_enabled | bool"
|
||||
|
@ -1,50 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_appservice_webhooks_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
|
||||
proxy_pass http://$backend/$1;
|
||||
}
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
location {{ matrix_appservice_webhooks_public_endpoint }}/ {
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix webhooks bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_appservice_webhooks_public_endpoint }}`
|
||||
URL endpoint to the matrix-appservice-webhooks container.
|
||||
You can expose the container's port using the `matrix_appservice_webhooks_container_http_host_bind_port` variable.
|
||||
when: "matrix_appservice_webhooks_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,46 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append webhooks Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-webhooks role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix Appservice webhooks proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_appservice_webhooks_matrix_nginx_proxy_configuration: |
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
location ~ ^{{ matrix_appservice_webhooks_public_endpoint }}/(.*)$ {
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-appservice-webhooks:{{ matrix_appservice_webhooks_matrix_port }}";
|
||||
proxy_pass http://$backend/$1;
|
||||
}
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
location {{ matrix_appservice_webhooks_public_endpoint }}/ {
|
||||
proxy_pass http://127.0.0.1:{{ matrix_appservice_webhooks_matrix_port }}/;
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
- name: Register webhooks Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_appservice_webhooks_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix webhooks bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_appservice_webhooks_public_endpoint }}`
|
||||
URL endpoint to the matrix-appservice-webhooks container.
|
||||
You can expose the container's port using the `matrix_appservice_webhooks_container_http_host_bind_port` variable.
|
||||
when: "matrix_appservice_webhooks_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_appservice_webhooks_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_appservice_webhooks_enabled | bool"
|
||||
|
@ -1,113 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_hookshot_enabled | bool
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append hookshot's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-hookshot role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix hookshot proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_hookshot_matrix_nginx_proxy_configuration: |
|
||||
location ~ ^{{ matrix_hookshot_appservice_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}";
|
||||
proxy_pass http://$backend/$1;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_appservice_port }}/$1;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
{% if matrix_hookshot_provisioning_enabled %}
|
||||
location ~ ^{{ matrix_hookshot_provisioning_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
|
||||
proxy_pass http://$backend{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_widgets_enabled %}
|
||||
location ~ ^{{ matrix_hookshot_widgets_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_widgets_port }}";
|
||||
proxy_pass http://$backend{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_widgets_port }}{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
{% endif %}
|
||||
location ~ ^{{ matrix_hookshot_webhook_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_webhook_port }}";
|
||||
proxy_pass http://$backend/$1$is_args$args;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_webhook_port }}/$1$is_args$args;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
- name: Register hookshot proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_hookshot_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Generate hookshot metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/hookshot)
|
||||
ansible.builtin.set_fact:
|
||||
matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain: |
|
||||
location /metrics/hookshot {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_metrics_port }}";
|
||||
proxy_pass http://$backend/metrics;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_metrics_port }}/metrics;
|
||||
{% endif %}
|
||||
}
|
||||
when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool
|
||||
|
||||
- name: Register hookshot metrics proxying configuration with matrix-nginx-proxy (matrix.DOMAIN/metrics/hookshot)
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_metrics_additional_system_location_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_metrics_additional_system_location_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain]
|
||||
}}
|
||||
when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the hookshot bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_hookshot_public_endpoint }}`
|
||||
URL endpoint to the matrix-hookshot container.
|
||||
You can expose the container's ports using the `matrix_hookshot_container_http_host_bind_ports` variable.
|
||||
when: "matrix_hookshot_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,111 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append hookshot's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-hookshot role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix hookshot proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_hookshot_matrix_nginx_proxy_configuration: |
|
||||
location ~ ^{{ matrix_hookshot_appservice_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}";
|
||||
proxy_pass http://$backend/$1;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_appservice_port }}/$1;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
{% if matrix_hookshot_provisioning_enabled %}
|
||||
location ~ ^{{ matrix_hookshot_provisioning_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
|
||||
proxy_pass http://$backend{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}{{ matrix_hookshot_provisioning_internal }}/$1$is_args$args;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
{% endif %}
|
||||
{% if matrix_hookshot_widgets_enabled %}
|
||||
location ~ ^{{ matrix_hookshot_widgets_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_widgets_port }}";
|
||||
proxy_pass http://$backend{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_widgets_port }}{{ matrix_hookshot_widgets_internal }}/$1$is_args$args;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
{% endif %}
|
||||
location ~ ^{{ matrix_hookshot_webhook_endpoint }}/(.*)$ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_webhook_port }}";
|
||||
proxy_pass http://$backend/$1$is_args$args;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_webhook_port }}/$1$is_args$args;
|
||||
{% endif %}
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
|
||||
- name: Register hookshot proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_hookshot_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Generate hookshot metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/hookshot)
|
||||
ansible.builtin.set_fact:
|
||||
matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain: |
|
||||
location /metrics/hookshot {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_metrics_port }}";
|
||||
proxy_pass http://$backend/metrics;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_hookshot_metrics_port }}/metrics;
|
||||
{% endif %}
|
||||
}
|
||||
when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool
|
||||
|
||||
- name: Register hookshot metrics proxying configuration with matrix-nginx-proxy (matrix.DOMAIN/metrics/hookshot)
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_metrics_additional_system_location_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_metrics_additional_system_location_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_hookshot_matrix_nginx_proxy_metrics_configuration_matrix_domain]
|
||||
}}
|
||||
when: matrix_hookshot_metrics_enabled | bool and matrix_hookshot_metrics_proxying_enabled | bool
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the hookshot bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_hookshot_public_endpoint }}`
|
||||
URL endpoint to the matrix-hookshot container.
|
||||
You can expose the container's ports using the `matrix_hookshot_container_http_host_bind_ports` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_hookshot_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_hookshot_enabled | bool"
|
||||
|
@ -1,48 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix Facebook's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-facebook role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix Facebook proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_facebook_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_facebook_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-facebook:29319";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9008;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Mautrix Facebook proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_facebook_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix Facebook bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_facebook_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-facebook container.
|
||||
You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix Facebook's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-facebook role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix Facebook proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_facebook_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_facebook_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-facebook:29319";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9008;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Mautrix Facebook proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_facebook_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix Facebook bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_facebook_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-facebook container.
|
||||
You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_mautrix_facebook_enabled | bool and matrix_mautrix_facebook_appservice_public_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_mautrix_facebook_enabled | bool"
|
||||
|
@ -1,47 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_mautrix_googlechat_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix googlechat's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-googlechat role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix googlechat proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_googlechat_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_googlechat_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-googlechat:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9007;
|
||||
{% endif %}
|
||||
}
|
||||
- name: Register Mautrix googlechat proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix googlechat bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_googlechat_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-googlechat container.
|
||||
You can expose the container's port using the `matrix_mautrix_googlechat_container_http_host_bind_port` variable.
|
||||
when: "matrix_mautrix_googlechat_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,43 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix googlechat's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-googlechat role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix googlechat proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_googlechat_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_googlechat_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-googlechat:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9007;
|
||||
{% endif %}
|
||||
}
|
||||
- name: Register Mautrix googlechat proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix googlechat bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_googlechat_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-googlechat container.
|
||||
You can expose the container's port using the `matrix_mautrix_googlechat_container_http_host_bind_port` variable.
|
||||
when: "matrix_mautrix_googlechat_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_mautrix_googlechat_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_mautrix_googlechat_enabled | bool"
|
||||
|
@ -1,47 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_mautrix_hangouts_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix Hangouts's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-hangouts role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix Hangouts proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_hangouts_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_hangouts_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-hangouts:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9007;
|
||||
{% endif %}
|
||||
}
|
||||
- name: Register Mautrix Hangouts proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_hangouts_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix Hangouts bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_hangouts_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-hangouts container.
|
||||
You can expose the container's port using the `matrix_mautrix_hangouts_container_http_host_bind_port` variable.
|
||||
when: "matrix_mautrix_hangouts_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix Hangouts's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-hangouts role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix Hangouts proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_hangouts_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_hangouts_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-hangouts:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9007;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Mautrix Hangouts proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_hangouts_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix Hangouts bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_hangouts_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-hangouts container.
|
||||
You can expose the container's port using the `matrix_mautrix_hangouts_container_http_host_bind_port` variable.
|
||||
when: "matrix_mautrix_hangouts_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_mautrix_hangouts_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_mautrix_hangouts_enabled | bool"
|
||||
|
@ -1,47 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix Telegram's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_telegram_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_telegram_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-telegram:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9006;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Mautrix Telegram proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_telegram_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix Telegram bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_telegram_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-telegram container.
|
||||
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Mautrix Telegram's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Mautrix Telegram proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mautrix_telegram_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mautrix_telegram_public_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-mautrix-telegram:8080";
|
||||
proxy_pass http://$backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:9006;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Mautrix Telegram proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mautrix_telegram_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Mautrix Telegram bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mautrix_telegram_public_endpoint }}`
|
||||
URL endpoint to the matrix-mautrix-telegram container.
|
||||
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,7 +1,10 @@
|
||||
---
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
|
||||
- when: matrix_mautrix_telegram_enabled | bool and matrix_mautrix_telegram_appservice_public_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_mautrix_telegram_enabled | bool"
|
||||
|
@ -1,48 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_mx_puppet_slack_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-slack role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix MX Puppet Slack proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_slack_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mx_puppet_slack_redirect_path }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_mx_puppet_slack_appservice_address }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_slack_appservice_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mx_puppet_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Slack bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mx_puppet_slack_redirect_path }}`
|
||||
URL endpoint to the matrix-mx-puppet-slack container.
|
||||
You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable.
|
||||
when: "matrix_mx_puppet_slack_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-slack role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix MX Puppet Slack proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_slack_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mx_puppet_slack_redirect_path }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_mx_puppet_slack_appservice_address }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_slack_appservice_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mx_puppet_slack_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Slack bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mx_puppet_slack_redirect_path }}`
|
||||
URL endpoint to the matrix-mx-puppet-slack container.
|
||||
You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_mx_puppet_slack_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_mx_puppet_slack_enabled | bool"
|
||||
|
@ -1,48 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_mx_puppet_twitter_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Twitter Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-twitter role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix MX Puppet Twitter proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mx_puppet_twitter_webhook_path }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_mx_puppet_twitter_appservice_address }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_twitter_appservice_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Twitter Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Twitter bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mx_puppet_twitter_redirect_path }}`
|
||||
URL endpoint to the matrix-mx-puppet-twitter container.
|
||||
You can expose the container's port using the `matrix_mx_puppet_twitter_container_http_host_bind_port` variable.
|
||||
when: "matrix_mx_puppet_twitter_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Twitter Appservice's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-mx-puppet-twitter role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix MX Puppet Twitter proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_mx_puppet_twitter_webhook_path }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_mx_puppet_twitter_appservice_address }}";
|
||||
proxy_pass $backend;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://127.0.0.1:{{ matrix_mx_puppet_twitter_appservice_port }};
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Twitter Appservice proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_mx_puppet_twitter_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix Twitter bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_mx_puppet_twitter_redirect_path }}`
|
||||
URL endpoint to the matrix-mx-puppet-twitter container.
|
||||
You can expose the container's port using the `matrix_mx_puppet_twitter_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_mx_puppet_twitter_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_mx_puppet_twitter_enabled | bool"
|
||||
|
@ -1,9 +1,6 @@
|
||||
---
|
||||
|
||||
- when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_cactus_comments_enabled | bool and matrix_cactus_comments_serve_client_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_cactus_comments_enabled | bool"
|
||||
|
@ -1,50 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_etherpad_enabled | bool and matrix_etherpad_mode == 'dimension'
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Etherpad's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-etherpad role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Etherpad proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_etherpad_matrix_nginx_proxy_configuration: |
|
||||
rewrite ^{{ matrix_etherpad_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_etherpad_public_endpoint }}/ permanent;
|
||||
|
||||
location {{ matrix_etherpad_public_endpoint }}/ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
proxy_pass http://matrix-etherpad:9001/;
|
||||
{# These are proxy directives needed specifically by Etherpad #}
|
||||
proxy_buffering off;
|
||||
proxy_http_version 1.1; # recommended with keepalive connections
|
||||
proxy_pass_header Server;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }}; # for EP to set secure cookie flag when https is used
|
||||
# WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
# A good guide for setting up your Etherpad behind nginx:
|
||||
# https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html
|
||||
proxy_pass http://127.0.0.1:9001/;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Etherpad proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_etherpad_matrix_nginx_proxy_configuration]
|
||||
}}
|
@ -0,0 +1,46 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Etherpad's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-etherpad role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Etherpad proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_etherpad_matrix_nginx_proxy_configuration: |
|
||||
rewrite ^{{ matrix_etherpad_public_endpoint }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ matrix_etherpad_public_endpoint }}/ permanent;
|
||||
|
||||
location {{ matrix_etherpad_public_endpoint }}/ {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
proxy_pass http://matrix-etherpad:9001/;
|
||||
{# These are proxy directives needed specifically by Etherpad #}
|
||||
proxy_buffering off;
|
||||
proxy_http_version 1.1; # recommended with keepalive connections
|
||||
proxy_pass_header Server;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }}; # for EP to set secure cookie flag when https is used
|
||||
# WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
# A good guide for setting up your Etherpad behind nginx:
|
||||
# https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html
|
||||
proxy_pass http://127.0.0.1:9001/;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Etherpad proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_etherpad_matrix_nginx_proxy_configuration]
|
||||
}}
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_etherpad_enabled | bool and matrix_etherpad_mode == 'dimension'
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: run_setup | bool and matrix_etherpad_enabled | bool
|
||||
|
@ -1,47 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_ldap_registration_proxy_enabled | bool
|
||||
tags:
|
||||
- always
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_ldap_registration_proxy_registration_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}";
|
||||
proxy_pass http://$backend/register;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}`
|
||||
URL endpoint to the matrix-ldap-proxy container.
|
||||
You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -0,0 +1,44 @@
|
||||
---
|
||||
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append Matrix LDAP registration proxy's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-telegram role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate Matrix LDAP registration proxy proxying configuration for matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration: |
|
||||
location {{ matrix_ldap_registration_proxy_registration_endpoint }} {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "{{ matrix_ldap_registration_proxy_registration_addr_with_container }}";
|
||||
proxy_pass http://$backend/register;
|
||||
{% else %}
|
||||
{# Generic configuration for use outside of our container setup #}
|
||||
proxy_pass http://{{ matrix_ldap_registration_proxy_registration_addr_sans_container }}/register;
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
- name: Register Matrix LDAP registration proxy proxying configuration with matrix-nginx-proxy
|
||||
ansible.builtin.set_fact:
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
|
||||
{{
|
||||
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
|
||||
+
|
||||
[matrix_ldap_registration_proxy_matrix_nginx_proxy_configuration]
|
||||
}}
|
||||
|
||||
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
|
||||
ansible.builtin.debug:
|
||||
msg: >-
|
||||
NOTE: You've enabled the Matrix LDAP registration proxy bridge but are not using the matrix-nginx-proxy
|
||||
reverse proxy.
|
||||
Please make sure that you're proxying the `{{ matrix_ldap_registration_proxy_public_endpoint }}`
|
||||
URL endpoint to the matrix-ldap-proxy container.
|
||||
You can expose the container's port using the `matrix_ldap_registration_proxy_container_http_host_bind_port` variable.
|
||||
when: "not matrix_nginx_proxy_enabled | default(False) | bool"
|
@ -1,8 +1,10 @@
|
||||
---
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
|
||||
- when: matrix_ldap_registration_proxy_enabled | bool
|
||||
ansible.builtin.import_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
||||
tags:
|
||||
- always
|
||||
- setup-all
|
||||
- setup-nginx-proxy
|
||||
|
||||
- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
||||
when: "run_setup | bool and matrix_ldap_registration_proxy_enabled | bool"
|
||||
|
@ -1,37 +0,0 @@
|
||||
---
|
||||
|
||||
- when: matrix_prometheus_node_exporter_enabled | bool and matrix_prometheus_node_exporter_metrics_proxying_enabled | bool
|
||||
block:
|
||||
- name: Fail if matrix-nginx-proxy role already executed
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Trying to append node-exporter's reverse-proxying configuration to matrix-nginx-proxy,
|
||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||
To fix this, please change the order of roles in your playbook,
|
||||
so that the matrix-nginx-proxy role would run after the matrix-prometheus-node-exporter role.
|
||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
||||
|
||||
- name: Generate node-exporter metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/node-exporter)
|
||||
ansible.builtin.set_fact:
|
||||
matrix_prometheus_node_exporter_nginx_metrics_configuration_block: |
|
||||
location /metrics/node-exporter {
|
||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||
resolver 127.0.0.11 valid=5s;
|
||||
set $backend "matrix-prometheus-node-exporter:9100";
|
||||
proxy_pass http://$backend/metrics;
|
||||
{% elif matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host != '' %}
|
||||
proxy_pass http://{{ matrix_prometheus_node_exporter_matrix_nginx_proxy_not_enabled_proxy_pass_host }}/metrics;
|
||||
{% else %}
|
||||
return 404 "matrix-nginx-proxy is disabled and no host port was bound t |