Commit Graph

913 Commits

Author SHA1 Message Date
Slavi Pantaleev
dd527d5968 Ensure correct dimension.db file ownership
This is mostly here to guard against problems happening
due to server migration and doing `chown -R matrix:matrix /matrix`.

Normally, the file is owned by `1000:1000`, as expected.

If ownership changes, Dimension could still start, but it will fail the
first time it tries to write to the database. Explicitly chowning
before startup guards against this.

Related to #485 and #486 (Github Pull Requests).
Also related to ccc7aaf0ce.
2020-05-06 11:28:09 +03:00
Slavi Pantaleev
ae1b1be3f4 Do not use matrix:matrix for Dimension configuration
Dimension runs as the `node` user in the container (`1000:1000`).
It doesn't seem like we have a way around it. Thus, its configuration
must also be readable by that user (or group, in this case).
2020-05-06 11:20:14 +03:00
Slavi Pantaleev
c1c8b8e62c Warn about matrix_user_uid/matrix_user_gid
We don't really need to fail in such a spectactular way,
but it's probably good to do. It will only happen for people
who are defining their own user/group id, which is rare.

It seems like a good idea to tell them that this doesn't work
as they expect anymore and to ask them to remove these variables,
which otherwise give them a fake sense of hope.

Related to #486 (Github Pull Request).
2020-05-06 10:17:19 +03:00
Slavi Pantaleev
36c61b5b4e Introduce a separate group variable (matrix_user_groupname)
Related to #485 (Github Pull Request).
2020-05-06 10:02:47 +03:00
Slavi Pantaleev
ccc7aaf0ce Fix "Migrating to a new server" flow due to dynamic user/group creation 2020-05-06 09:55:40 +03:00
Slavi Pantaleev
6032affc20
Merge pull request #486 from FanchTheSystem/avoid_fixed_uid_and_gid
Remove default UID/GID
2020-05-06 09:46:49 +03:00
Slavi Pantaleev
8fea6f5130 Make sure matrix_user_uid and matrix_user_gid are always set
If one runs the playbook with `--tags=setup-all`, it would have been
fine.

But running with a specific tag (e.g. `--tags=setup-riot-web`) would
have made that initialization be skipped, and the `matrix-riot-web` role
would fail, due to missing variables.
2020-05-06 09:43:30 +03:00
Slavi Pantaleev
4359571d38 Upgrade riot-web to v1.6.0 2020-05-05 14:02:14 +03:00
Fanch
a1c5a197a9 remove default UID/GID 2020-05-04 21:43:54 +02:00
Dan Arnfield
e750c6c6ff Update coturn (4.5.1.1 -> 4.5.1.2) 2020-05-04 09:46:45 -05:00
Horvath Gergely
d6266a8c47 fix skype bridge being rebuilt when upstream changed 2020-05-01 21:34:42 +02:00
Chris van Dijk
7585bcc4ac Allow the matrix user username and groupname to be configured separately
No migration steps should be required.
2020-05-01 19:59:32 +02:00
Chris van Dijk
cf0e56e92b Consistent usage of matrix username and groupname, not uid and gid
This should be a no-op, no migration necessary.
2020-05-01 19:39:17 +02:00
Chris van Dijk
741064a178 Fix group ownership of Dimension base path and config
Ansible will migrate the ownership of the base path and config path, but
manual intervention will be required in order to migrate the ownership
of files in those directories (i.e. dimension.db).

Stop the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=stop

Fix the permissions on the server:

  (server)# chown -Rv "{{ matrix_user_username }}:{{ matrix_user_username }}" "{{ matrix_dimension_base_path }}"

which would typically look like:

  (server)# chown -Rv matrix:matrix /matrix/dimension/

Reconfigure Dimension and start the services:

  (local)$ ansible-playbook -i inventory/hosts setup.yml --tags=setup-dimension,start
2020-05-01 19:28:30 +02:00
Slavi Pantaleev
0e26810162
Merge pull request #478 from cnvandijk/feature-jitsi-ldap-auth
Add support for Jitsi LDAP authentication
2020-04-30 10:09:48 +03:00
Chris van Dijk
9d6614e80f Add support for Jitsi LDAP authentication 2020-04-29 17:57:38 +02:00
Slavi Pantaleev
669780976f
Update mappings configuration example 2020-04-29 09:29:03 +03:00
John Goerzen
a2df0016eb Update matrix-appservice-irc to 0.16.0
Note the potential breaking change

Resolves #474
2020-04-28 11:43:52 -05:00
GuillauG
29f606bac7
Add 'permalinkPrefix' and 'default_theme' for configuring riot web (#472)
* add permalinkPrefix to riot-web config

* add feature to change default theme of riot-web via its config file

* remove matrix_riot_web_change_default_theme and provide sane default
2020-04-28 13:10:33 +03:00
teutat3s
37d427c05c
Update Jitsi docker images to stable 4416 2020-04-28 03:52:43 +02:00
Slavi Pantaleev
438652c732 Switch Slack image to a working tag
We've had reports of the `:latest` tag not working anymore,
leading to an error as described here:
https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/341
2020-04-27 10:49:06 +03:00
Slavi Pantaleev
9cc0c5955d Use |quote in some command calls 2020-04-24 09:59:30 +03:00
Aaron Raimist
23bfaa72ec
Upgrade Synapse (1.12.3 -> 1.12.4) 2020-04-23 13:30:50 -05:00
Rodrigo Belem
033dfcb26f Remove duplicated whitelist entry in skype main.yml 2020-04-23 09:06:08 -04:00
Rodrigo Belem
4149e03b69 Initial mx-puppet-slack bridge role 2020-04-23 09:06:08 -04:00
Slavi Pantaleev
272888d917
Merge pull request #462 from cnvandijk/feature-dimension-unfederated
Add support for running dimension in an unfederated environment
2020-04-22 22:47:14 +03:00
Slavi Pantaleev
0af5a8c4cc Simplify mx-puppet-skype blacklists a bit
Related to #466 (Github Pull Request).
2020-04-22 22:42:24 +03:00
Rodrigo Belem
b08a49d94d Allow skype more configurations for relay and provisioning 2020-04-22 15:26:31 -04:00
Chris van Dijk
3f4bc9b881 Move config supprt for unfederated dimension into group_vars 2020-04-22 19:23:56 +02:00
Slavi Pantaleev
9991d545dd Add note about synapse-janitor and require explicit confirmation for usage
Fixes #465 (Github Issue).

Related to https://github.com/xwiki-labs/synapse_scripts/pull/12.
2020-04-21 21:48:06 +03:00
Slavi Pantaleev
554da8338a
Merge pull request #463 from hooger/architecture
Architecture
2020-04-20 16:45:59 +03:00
Dan Arnfield
e2de6a1569 Update nginx (1.17.9 -> 1.17.10) 2020-04-19 08:38:53 -05:00
Horvath Gergely
bd61598faf add experimental(?) architecture support for arm32 and arm64
the changes are necessary because certbot images are tagged, so docker does not recognize the necessary architecture
2020-04-18 22:55:19 +02:00
Chris van Dijk
da2e90dcc1 Remove check for "Fail if Matrix Federation is disabled"
This playbook now suports running dimension in both a federated and an
unfederated environment.
2020-04-18 19:01:45 +02:00
Chris van Dijk
3ddb8cd148 Add support for running dimension in an unfederated environment
This config change follows:

  https://github.com/turt2live/matrix-dimension/blob/master/docs/unfederated.md
2020-04-18 19:00:20 +02:00
Horvath Gergely
203a319881 force build docker image if git master changes 2020-04-18 12:56:36 +02:00
Slavi Pantaleev
c13c29f48e Fix |to_nice_yaml breaking formatting
Well, actually 8cd9cde won't work, unless we put the
`|to_nice_yaml` thing on a new line.

We can, but that takes more lines and makes things look uglier.
Using `|to_json` seems good enough.

The whole file is parsed as YAML later on and merged with the
`_extension` variable before being dumped as YAML again in the end.
2020-04-18 11:06:53 +03:00
Slavi Pantaleev
8cd9cdead0 Improve consistency 2020-04-18 11:05:47 +03:00
Slavi Pantaleev
27cae3d90c
Merge pull request #461 from lampholder/toml/allowed_local_3pids
Expose allowed local 3pids as a configurable option
2020-04-18 11:05:01 +03:00
Tom
e54428b160 Expose allowed local 3pids as a configurable option 2020-04-18 00:11:30 +01:00
Slavi Pantaleev
43201c9e22 Upgrade matrix-corporal (1.8.0 -> 1.9.0) 2020-04-17 22:26:55 +03:00
Slavi Pantaleev
9a43cc02e0 Only install docker-python if matrix_docker_installation_enabled
Should help with #300 (Github Issue).
2020-04-17 09:45:35 +03:00
Slavi Pantaleev
4d260c0dd5 Add encryption configuration defaults to Mautrix bridges
Related to #451 (Github Issue).
2020-04-17 09:44:48 +03:00
Chris van Dijk
88c1fbf6aa Fix hardcoded values in postgres script matrix-change-user-admin-status 2020-04-17 00:54:38 +02:00
Chris van Dijk
d83236ea0e Fix inconsistent whitespace 2020-04-17 00:53:26 +02:00
Rodrigo Belem
cc8fc55ac6 Upstream set mx-puppet-skype default port to 8438 2020-04-15 15:13:56 -04:00
Slavi Pantaleev
69338d045a
Simplify if conditions 2020-04-12 01:09:22 +03:00
John Goerzen
ddc44996e3
Fix to avoid putting an incorrect empty jitsi.preferredDomain when no local jitsi 2020-04-11 17:07:30 -05:00
Slavi Pantaleev
7035af87d8 Add support for Jitsi discovery for Riot via /.well-known/matrix/client
This will not work yet, as no version of Riot currently supports it.
It's expected to land in riot-web v1.5.16 via matrix-org/matrix-react-sdk#4348.
2020-04-09 09:58:35 +03:00
Slavi Pantaleev
c1a66d3422 Put mx-puppet-skype configs in ./config directory, not ./data 2020-04-09 09:44:10 +03:00