Minor fixes to allow for Traefik without SSL

This commit is contained in:
Slavi Pantaleev 2023-02-10 19:36:06 +02:00
parent a5afa4eac9
commit 97f65e8dff
2 changed files with 9 additions and 6 deletions

View File

@ -38,7 +38,7 @@ matrix_playbook_traefik_role_enabled: true
# installed in another way.
matrix_playbook_traefik_labels_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-installed-traefik', 'other-traefik-container'] }}"
matrix_playbook_traefik_certs_dumper_role_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-installed-traefik', 'other-traefik-container'] }}"
matrix_playbook_traefik_certs_dumper_role_enabled: "{{ (matrix_playbook_reverse_proxy_type == 'playbook-installed-traefik' and devture_traefik_config_entrypoint_web_secure_enabled) or matrix_playbook_reverse_proxy_type == 'other-traefik-container' }}"
# Controls the additional network that reverse-proxyable services will be connected to.
matrix_playbook_reverse_proxyable_services_additional_network: "{{ devture_traefik_container_network if devture_traefik_enabled else '' }}"

View File

@ -273,16 +273,19 @@ matrix_homeserver_app_service_config_files_auto: []
# Valid options and a description of their behavior:
#
# - `playbook-installed-traefik`
# - the playbook will install devture-traefik for SSL termination
# - the playbook will install devture-traefik
# - Traefik will do SSL termination, unless you disable it (e.g. `devture_traefik_config_entrypoint_web_secure_enabled: false`)
# - it will also install matrix-nginx-proxy in local-only mode, while we migrate the rest of the services to a Traefik-native mode of working
#
# - `playbook-installed-nginx`
# - the playbook will install matrix-nginx-proxy and do SSL termination with Certbot
# - the playbook will install matrix-nginx-proxy
# - matrix-nginx-proxy will do SSL termination with Certbot, unless you change that (see `matrix_ssl_retrieval_method`)
#
# - `other-traefik-container`
# - Traefik will be used, but it's not installed by this playbook.
# - you should make sure it's compatible with what the playbook would have configured (web, web-secure, matrix-federation entrypoints, etc.)
# - you may wish to set `matrix_playbook_reverse_proxyable_services_additional_network` to the name of your Traefik network
# - this playbook will not install Traefik
# - nevertheless, the playbook expects that you would install Traefik yourself via other means
# - you should make sure your Traefik configuration is compatible with what the playbook would have configured (web, web-secure, matrix-federation entrypoints, etc.)
# - you need to set `matrix_playbook_reverse_proxyable_services_additional_network` to the name of your Traefik network
# - you may wish to enable `devture_traefik_certs_dumper_enabled` and point it to your Traefik's SSL certificates (`devture_traefik_certs_dumper_ssl_dir_path`)
#
# - `other-nginx-non-container`