From f794aa200599b132d9ccf6e0bc15feea24d1f1af Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 11 Jul 2024 07:10:33 +0300 Subject: [PATCH] Add support for enabling/disabling all the other matrix-media-repo Traefik labels This is provoked by de91fe933d94afcdbfdb0c6cf75a1dfa43dfdf43, where I've added a few new labels and made it possible for people to disable them. In this patch, I'm making it possible to disable any of the old Traefik labels in a similar way. --- .../custom/matrix-media-repo/defaults/main.yml | 8 ++++++++ .../templates/media-repo/labels.j2 | 18 ++++++++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/roles/custom/matrix-media-repo/defaults/main.yml b/roles/custom/matrix-media-repo/defaults/main.yml index 3b37ea2fe..1ac4d6b56 100755 --- a/roles/custom/matrix-media-repo/defaults/main.yml +++ b/roles/custom/matrix-media-repo/defaults/main.yml @@ -67,6 +67,7 @@ matrix_media_repo_container_labels_traefik_entrypoints: web-secure # Traefik labels handling the old `/_matrix/media` endpoints on the Client-API (web-secure) entrypoint. # These are being superseded by `/_matrix/client/VERSION/media` endpoints - see `matrix_media_repo_container_labels_traefik_client_matrix_client_media_*`. +matrix_media_repo_container_labels_traefik_media_enabled: true matrix_media_repo_container_labels_traefik_media_path_prefix: "/_matrix/media" matrix_media_repo_container_labels_traefik_media_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathPrefix(`{{ matrix_media_repo_container_labels_traefik_media_path_prefix | quote }}`)" matrix_media_repo_container_labels_traefik_media_priority: 0 @@ -104,6 +105,7 @@ matrix_media_repo_container_labels_traefik_internal_matrix_client_media_entrypoi # Traefik labels handling some additional routes on the Client-API (web-secure) entrypoint: # - /_matrix/client/r0/logout # - /_matrix/client/r0/logout/all +matrix_media_repo_container_labels_traefik_logout_enabled: true matrix_media_repo_container_labels_traefik_logout_path_regexp: "^/_matrix/client/(?Pr0|v1|v3|unstable)/(?Plogout|logout/all)" matrix_media_repo_container_labels_traefik_logout_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathRegexp(`{{ matrix_media_repo_container_labels_traefik_logout_path_regexp }}`)" matrix_media_repo_container_labels_traefik_logout_priority: 0 @@ -114,6 +116,7 @@ matrix_media_repo_container_labels_traefik_logout_tls_certResolver: default # n # Traefik labels handling some additional routes on the Client-API (web-secure) entrypoint: # - /_matrix/client/r0/admin/purge_media_cache # - /_matrix/client/r0/admin/quarantine_media/{roomId:[^/]+} +matrix_media_repo_container_labels_traefik_admin_enabled: true matrix_media_repo_container_labels_traefik_admin_path_regexp: "^/_matrix/client/(?P(r0|v1|v3|unstable))/admin/(?P(purge_media_cache|quarantine_media/.*))" matrix_media_repo_container_labels_traefik_admin_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathRegexp(`{{ matrix_media_repo_container_labels_traefik_admin_path_regexp }}`)" matrix_media_repo_container_labels_traefik_admin_priority: 0 @@ -123,6 +126,7 @@ matrix_media_repo_container_labels_traefik_admin_tls_certResolver: default # no # Traefik labels handling some additional routes on the Client-API (web-secure) entrypoint: # - /_matrix/client/unstable/io.t2bot.media +matrix_media_repo_container_labels_traefik_t2bot_enabled: true matrix_media_repo_container_labels_traefik_t2bot_path_prefix: "/_matrix/client/unstable/io.t2bot.media" matrix_media_repo_container_labels_traefik_t2bot_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathPrefix(`{{ matrix_media_repo_container_labels_traefik_t2bot_path_prefix | quote }}`)" matrix_media_repo_container_labels_traefik_t2bot_priority: 0 @@ -132,6 +136,7 @@ matrix_media_repo_container_labels_traefik_t2bot_tls_certResolver: default # no # Traefik labels handling the old `/_matrix/media` endpoints on the federation entrypint. # These are being superseded by `/_matrix/federation/VERSION/media` endpoints - see `matrix_media_repo_container_labels_traefik_federation_matrix_federation_media_*`. +matrix_media_repo_container_labels_traefik_media_federation_enabled: true matrix_media_repo_container_labels_traefik_media_federation_path_prefix: "/_matrix/media" matrix_media_repo_container_labels_traefik_media_federation_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathPrefix(`{{ matrix_media_repo_container_labels_traefik_media_path_prefix | quote }}`)" matrix_media_repo_container_labels_traefik_media_federation_priority: 0 @@ -152,6 +157,7 @@ matrix_media_repo_container_labels_traefik_federation_matrix_federation_media_tl # Traefik labels handling some additional routes on the federation entrypoint: # - /_matrix/client/r0/logout # - /_matrix/client/r0/logout/all +matrix_media_repo_container_labels_traefik_logout_federation_enabled: true matrix_media_repo_container_labels_traefik_logout_federation_path_regexp: "{{ matrix_media_repo_container_labels_traefik_logout_path_regexp }}" matrix_media_repo_container_labels_traefik_logout_federation_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathRegexp(`{{ matrix_media_repo_container_labels_traefik_logout_federation_path_regexp }}`)" matrix_media_repo_container_labels_traefik_logout_federation_priority: 0 @@ -162,6 +168,7 @@ matrix_media_repo_container_labels_traefik_logout_federation_tls_certResolver: d # Traefik labels handling some additional routes on the federation entrypoint: # - /_matrix/client/r0/admin/purge_media_cache # - /_matrix/client/r0/admin/quarantine_media/{roomId:[^/]+} +matrix_media_repo_container_labels_traefik_admin_federation_enabled: true matrix_media_repo_container_labels_traefik_admin_federation_path_regexp: "{{ matrix_media_repo_container_labels_traefik_admin_path_regexp }}" matrix_media_repo_container_labels_traefik_admin_federation_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathRegexp(`{{ matrix_media_repo_container_labels_traefik_admin_federation_path_regexp }}`)" matrix_media_repo_container_labels_traefik_admin_federation_priority: 0 @@ -171,6 +178,7 @@ matrix_media_repo_container_labels_traefik_admin_federation_tls_certResolver: de # Traefik labels handling some additional routes on the federation entrypoint: # - /_matrix/client/unstable/io.t2bot.media +matrix_media_repo_container_labels_traefik_t2bot_federation_enabled: true matrix_media_repo_container_labels_traefik_t2bot_federation_path_prefix: "/_matrix/client/unstable/io.t2bot.media" matrix_media_repo_container_labels_traefik_t2bot_federation_rule: "Host(`{{ matrix_server_fqn_matrix }}`) && PathPrefix(`{{ matrix_media_repo_container_labels_traefik_t2bot_path_prefix | quote }}`)" matrix_media_repo_container_labels_traefik_t2bot_federation_priority: 0 diff --git a/roles/custom/matrix-media-repo/templates/media-repo/labels.j2 b/roles/custom/matrix-media-repo/templates/media-repo/labels.j2 index 9f45c5125..e6b675880 100755 --- a/roles/custom/matrix-media-repo/templates/media-repo/labels.j2 +++ b/roles/custom/matrix-media-repo/templates/media-repo/labels.j2 @@ -18,6 +18,7 @@ traefik.http.middlewares.matrix-media-repo-add-headers.headers.customrequesthead # Matrix Client +{% if matrix_media_repo_container_labels_traefik_media_enabled %} ############################################################ # # # Public Media (/_matrix/media) # @@ -47,6 +48,7 @@ traefik.http.routers.matrix-media-repo-public-media.tls.certResolver={{ matrix_m # /Public Media (/_matrix/media) # # # ############################################################ +{% endif %} {% if matrix_media_repo_container_labels_traefik_client_matrix_client_media_enabled %} @@ -138,7 +140,7 @@ traefik.http.routers.matrix-media-repo-internal-matrix-client-media.entrypoints= {% endif %} -{% if matrix_media_repo_access_tokens_max_cache_time_seconds > 0 %} +{% if matrix_media_repo_container_labels_traefik_logout_enabled and matrix_media_repo_access_tokens_max_cache_time_seconds > 0 %} ############################################################ # # # Public Client Logout # @@ -173,6 +175,7 @@ traefik.http.routers.matrix-media-repo-public-logout.tls.certResolver={{ matrix_ {% endif %} +{% if matrix_media_repo_container_labels_traefik_admin_enabled %} ############################################################ # # # Public Client Admin (/_matrix/client/r0/admin/*) # @@ -202,8 +205,10 @@ traefik.http.routers.matrix-media-repo-public-admin-federation.tls.certResolver= # /Public Client Admin (/_matrix/client/r0/admin/*) # # # ############################################################ +{% endif %} +{% if matrix_media_repo_container_labels_traefik_t2bot_enabled %} ############################################################ # # # Public Client t2bot APIs # @@ -235,11 +240,14 @@ traefik.http.routers.matrix-media-repo-public-t2bot.tls.certResolver={{ matrix_m # (/_matrix/client/unstable/io.t2bot.media) # # # ############################################################ +{% endif %} + {% if matrix_media_repo_homeserver_federation_enabled %} # Matrix Federation +{% if matrix_media_repo_container_labels_traefik_media_federation_enabled %} ############################################################ # # # Public Federation Media (/_matrix/media) # @@ -269,6 +277,7 @@ traefik.http.routers.matrix-media-repo-public-media-federation.tls.certResolver= # /Public Federation Media (/_matrix/media) # # # ############################################################ +{% endif %} {% if matrix_media_repo_container_labels_traefik_federation_matrix_federation_media_enabled %} @@ -304,7 +313,7 @@ traefik.http.routers.matrix-media-repo-public-federation-matrix-federation-media {% endif %} -{% if matrix_media_repo_access_tokens_max_cache_time_seconds > 0 %} +{% if matrix_media_repo_container_labels_traefik_logout_federation_enabled and matrix_media_repo_access_tokens_max_cache_time_seconds > 0 %} ############################################################ # # # Public Federation Logout # @@ -339,6 +348,7 @@ traefik.http.routers.matrix-media-repo-public-logout-federation.tls.certResolver {% endif %} +{% if matrix_media_repo_container_labels_traefik_admin_federation_enabled %} ############################################################ # # # Public Federation Admin (/_matrix/client/r0/admin/*) # @@ -368,8 +378,10 @@ traefik.http.routers.matrix-media-repo-public-admin.tls.certResolver={{ matrix_m # /Public Federation Admin (/_matrix/client/r0/admin/*) # # # ############################################################ +{% endif %} +{% if matrix_media_repo_container_labels_traefik_t2bot_federation_enabled %} ############################################################ # # # Public Federation t2bot APIs # @@ -401,6 +413,8 @@ traefik.http.routers.matrix-media-repo-public-t2bot-federation.tls.certResolver= # (/_matrix/client/unstable/io.t2bot.media) # # # ############################################################ +{% endif %} + {% endif %} {# end of matrix_media_repo_homeserver_federation_enabled if-check #}