From 73ebbdcacd75e701a80c5ee31921121f4c75bbaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:29:03 +0200 Subject: [PATCH] Move maubot nginx config Reasoning: setup_install.yml only runs on --tags=setup-all or on --tags=setup-bot-maubot. If --tags=setup-nginx-proxy or similar commands are run, setup_install.yml will not run and the nginx configuration will be incomplete. --- roles/matrix-bot-maubot/tasks/init.yml | 39 ++++++++++++++++++ .../matrix-bot-maubot/tasks/setup_install.yml | 40 ------------------- 2 files changed, 39 insertions(+), 40 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 6f55c747..032fdbf7 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -3,3 +3,42 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool + +- name: Generate Maubot proxying configuration for matrix-nginx-proxy + set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-bot-maubot:29316/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + when: matrix_bot_maubot_proxy_management_interface|bool + +- name: Register Maubot's proxying configuration with matrix-nginx-proxy + set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + when: matrix_bot_maubot_proxy_management_interface|bool + +- name: Warn about reverse-proxying if matrix-nginx-proxy not used + debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index b4b03165..8b27cd03 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -24,46 +24,6 @@ group: "{{ matrix_user_groupname }}" mode: "u=rwx" -- name: Generate Maubot proxying configuration for matrix-nginx-proxy - set_fact: - matrix_bot_maubot_matrix_nginx_proxy_configuration: | - location ~ ^/(_matrix/maubot/.*) { - {% if matrix_nginx_proxy_enabled|default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:29316/$1"; - proxy_pass http://$backend; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% endif %} - } - when: matrix_bot_maubot_proxy_management_interface|bool - -- name: Register Maubot's proxying configuration with matrix-nginx-proxy - set_fact: - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) - + - [matrix_bot_maubot_matrix_nginx_proxy_configuration] - }} - when: matrix_bot_maubot_proxy_management_interface|bool - -- name: Warn about reverse-proxying if matrix-nginx-proxy not used - debug: - msg: >- - NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `/_matrix/maubot` - URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" - - - name: Ensure maubot image is pulled docker_image: name: "{{ matrix_bot_maubot_docker_image }}"