Commit Graph

13 Commits

Author SHA1 Message Date
Slavi Pantaleev
410a915a8a Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:

- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy

In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:

- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help

We just need to migrate to those.
2022-11-03 09:11:29 +02:00
Slavi Pantaleev
958d089b68 Do not install the ma1sd identity server by default
As mentioned in the changelog, this is a breaking change.
2022-03-17 18:00:09 +02:00
Slavi Pantaleev
c07c927d9f Automatically enable openid listeners when ma1sd enabled
ma1sd requires the openid endpoints for certain functionality.
Example: 90b2b5301c/src/main/java/io/kamax/mxisd/auth/AccountManager.java (L67-L99)

If federation is disabled, we still need to expose these openid APIs on the
federation port.

Previously, we were doing similar magic for Dimension.
As per its documentation, when running unfederated, one is to enable
the openid listener as well. As per their recommendation, people
are advised to do enable it on the Client-Server API port
and use the `federationUrl` variable to override where the federation
port is (making federation requests go to the Client-Server API).

Because ma1sd always uses the federation port (unless you do some
DNS overwriting magic using its configuration -- which we'd rather not
do), it's better if we just default to putting the `openid` listener
where it belongs - on the federation port.

With this commit, we retain the "automatically enable openid APIs" thing
we've been doing for Dimension, but move it to the federation port instead.
We also now do the same thing when ma1sd is enabled.
2020-12-08 16:59:20 +02:00
merklaw
a460420b34 Better wording 2020-08-05 15:59:52 +02:00
merklaw
e167b80f94 Added notes about disabling ma1sd 2020-08-05 12:46:30 +02:00
Slavi Pantaleev
f404a771cf
Try to improve wording a bit 2020-07-26 18:24:53 +03:00
rebru
8a0d8651d0
Update configuring-playbook-ma1sd.md
Add an example to open all domains for registration in relation to black- and whitelists.
2020-07-25 23:50:36 +02:00
Justin Croonenberghs
1f21f0c09a Add variables for reCAPTCHA validation 2020-07-03 18:33:25 -05:00
Slavi Pantaleev
224c21878e Fix code block a bit
Related to #549 (Github Pull Request)
2020-06-25 08:26:09 +03:00
Slavi Pantaleev
25290f780c
Link to Twilio 2020-06-25 08:22:12 +03:00
Justin Croonenberghs
3527200ac4
Added config hint for SMS verification 2020-06-24 16:34:28 -05:00
Marcel Partap
5fedd6cbf0 Replace mxisd with ma1sd in docs, fixing URLs 2020-04-02 11:26:30 +02:00
Marcel Partap
187dedf920 Duplicate matrix-mxisd role for matrix-ma1sd fork
(adapting strings and URLs)
2020-04-02 11:26:30 +02:00