From ad230555e9a612b3e3a775f4aaf1f98c742e0779 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 8 Nov 2023 11:31:18 +0200 Subject: [PATCH] Try to fix /_matrix/client/v3 for ma1sd via URL rewriting to (/_matrix/client/r0) Hopefully fixes: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2954 Untested. Patch inspired by: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2954#issuecomment-1795029963 --- roles/custom/matrix-nginx-proxy/defaults/main.yml | 12 ++++++++++++ .../templates/nginx/conf.d/matrix-domain.conf.j2 | 8 ++++++++ 2 files changed, 20 insertions(+) diff --git a/roles/custom/matrix-nginx-proxy/defaults/main.yml b/roles/custom/matrix-nginx-proxy/defaults/main.yml index 429fc9fc6..360644809 100644 --- a/roles/custom/matrix-nginx-proxy/defaults/main.yml +++ b/roles/custom/matrix-nginx-proxy/defaults/main.yml @@ -331,6 +331,12 @@ matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: false matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "matrix-ma1sd:{{ matrix_ma1sd_container_port }}" matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "127.0.0.1:{{ matrix_ma1sd_container_port }}" +# Controls whether the user directory search API will be URL-rewritten (/_matrix/client/v3/user_directory/search -> /_matrix/client/r0/user_directory/search). +# This is to assist identity servers which only handle the r0 endpoints. +# The v3 endpoints are the same (spec-wise), so they can usually be redirected without downsides. +# If this is disabled, API requests will be forwarded as-is, without any URL rewriting. +matrix_nginx_proxy_proxy_matrix_user_directory_search_v3_to_r0_redirect_enabled: true + # Controls whether proxying for 3PID-based registration (`/_matrix/client/r0/register/(email|msisdn)/requestToken`) should be done (on the matrix domain). # This allows another service to control registrations involving 3PIDs. # To learn more, see: https://github.com/ma1uta/ma1sd/blob/master/docs/features/registration.md @@ -338,6 +344,12 @@ matrix_nginx_proxy_proxy_matrix_3pid_registration_enabled: false matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_with_container: "matrix-ma1sd:{{ matrix_ma1sd_container_port }}" matrix_nginx_proxy_proxy_matrix_3pid_registration_addr_sans_container: "127.0.0.1:{{ matrix_ma1sd_container_port }}" +# Controls whether the user directory search API will be URL-rewritten (/_matrix/client/v3/register/(email|msisdn)/requestToken -> /_matrix/client/r0/register/(email|msisdn)/requestToken). +# This is to assist identity servers which only handle the r0 endpoints. +# The v3 endpoints are the same (spec-wise), so they can usually be redirected without downsides. +# If this is disabled, API requests will be forwarded as-is, without any URL rewriting. +matrix_nginx_proxy_proxy_matrix_3pid_registration_v3_to_r0_redirect_enabled: true + # Controls whether proxying for the Identity API (`/_matrix/identity`) should be done (on the matrix domain) matrix_nginx_proxy_proxy_matrix_identity_api_enabled: false matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container: "matrix-ma1sd:{{ matrix_ma1sd_container_port }}" diff --git a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index dd46299e9..ad5501038 100644 --- a/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/custom/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -186,6 +186,10 @@ {% if matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled %} location ^~ /_matrix/client/(r0|v3)/user_directory/search { + {% if matrix_nginx_proxy_proxy_matrix_user_directory_search_v3_to_r0_redirect_enabled %} + rewrite ^(.*?)/v3/(.*?)$ $1/r0/$2 break; + {% endif %} + {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s; @@ -203,6 +207,10 @@ {% if matrix_nginx_proxy_proxy_matrix_3pid_registration_enabled %} location ~ ^/_matrix/client/(r0|v3)/register/(email|msisdn)/requestToken$ { + {% if matrix_nginx_proxy_proxy_matrix_3pid_registration_v3_to_r0_redirect_enabled %} + rewrite ^(.*?)/v3/(.*?)$ $1/r0/$2 break; + {% endif %} + {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver {{ matrix_nginx_proxy_http_level_resolver }} valid=5s;