From 038b398d0e1d017d6b8d9735d756d44b0d3ea3d3 Mon Sep 17 00:00:00 2001 From: Matthias <18295017+matthiasjo@users.noreply.github.com> Date: Sun, 26 Jul 2020 17:31:43 +0200 Subject: [PATCH] added config sample for synapse admin with traefik 2 --- docs/configuring-playbook-synapse-admin.md | 31 +++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 38162937..7be54663 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -6,7 +6,6 @@ It's a web UI tool you can use to **administrate users and rooms on your Matrix See the project's [documentation](https://github.com/Awesome-Technologies/synapse-admin) to learn what it does and why it might be useful to you. - ## Adjusting the playbook configuration Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: @@ -15,7 +14,6 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars. matrix_synapse_admin_enabled: true ``` - ## Installing After configuring the playbook, run the [installation](installing.md) command again: @@ -24,7 +22,6 @@ After configuring the playbook, run the [installation](installing.md) command ag ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ``` - ## Usage After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/synapse-admin/` @@ -32,3 +29,31 @@ After installation, Synapse Admin will be accessible at: `https://matrix.DOMAIN/ To use Synapse Admin, you need to have [registered at least one administrator account](registering-users.md) on your server. The Homeserver URL to use on Synapse Admin's login page is: `https://matrix.DOMAIN` + +### Sample configuration for running behind Traefik 2.0 + +Below is a sample configuration for using this playbook with a [Traefik](https://traefik.io/) 2.0 reverse proxy. + +This an extension to Traefik config sample in [own-webserver-documentation](./configuring-playbook-own-webserver.md). + +```yaml +# Don't bind any HTTP or federation port to the host +# (Traefik will proxy directly into the containers) +matrix_synapse_admin_container_http_host_bind_port: "" + +matrix_synapse_admin_container_extra_arguments: + # May be unnecessary depending on Traefik config, but can't hurt + - '--label "traefik.enable=true"' + + # The Synapse Admin container will only receive traffic from this subdomain and path + - '--label "traefik.http.routers.matrix-synapse-admin.rule=(Host(`{{ matrix_server_fqn_matrix }}`) && Path(`{matrix_synapse_admin_public_endpoint}`))"' + + # (Define your entrypoint) + - '--label "traefik.http.routers.matrix-synapse-admin.entrypoints=web-secure"' + + # (The 'default' certificate resolver must be defined in Traefik config) + - '--label "traefik.http.routers.matrix-synapse-admin.tls.certResolver=default"' + + # The Synapse Admin container uses port 8766 internally + - '--label "traefik.http.services.matrix-synapse-admin.loadbalancer.server.port=8766"' +```