327 Commits (29bc22a085b5117442dcafc267fcc270e6ed6edd)

Author SHA1 Message Date
Slavi Pantaleev 6294e58304 Fix Content-Security-Policy for Element
3 years ago
oxmie 5df4d68829 Make federation domain customizable
3 years ago
sakkiii 0217644b48
Content-Security-Policy For Element Web
3 years ago
Slavi Pantaleev 963f38ee7b Upgrade certbot (v1.14.0 -> v1.16.0)
4 years ago
pushytoxin bee14550ab Fix local/bin scripts autocompletion by adding rx perms to everyone
4 years ago
Slavi Pantaleev 4880dcceb0 Fix OCSP-stapling-related errors due to missing resolver
4 years ago
rakshazi 4ddd8bbb84
Updated nginx-proxy (1.20.0 -> 1.21.0)
4 years ago
Slavi Pantaleev 1ed0857019 Fix syntax error
4 years ago
sakkiii 4a4a7f136e changes added to hydrogen client
4 years ago
sakkiii 25e67b51d1 Merge branch 'spantaleev:master' into master
4 years ago
sakkiii 3436f9c10a rename to matrix_nginx_proxy_hsts_preload_enabled
4 years ago
sakkiii 7cc5328ede Comments & Ref
4 years ago
sakkiii df2d91970d matrix_nginx_proxy_xss_protection
4 years ago
Slavi Pantaleev 6f80292745
Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
4 years ago
Slavi Pantaleev d0de21ab34
Delete Hydrogen nginx configuration file when disabled
4 years ago
Aaron Raimist 04548f8df2
Merge branch 'master' into hydrogen
4 years ago
Aaron Raimist 9437f78c9e
Build using custom config.json, add CSP, update to 0.1.53
4 years ago
sakkiii e9b878b9e9 Optimize SSL session
4 years ago
Slavi Pantaleev e6afa05f7b Enable OCSP stapling for the federation port
4 years ago
Slavi Pantaleev 57a6a98a50 Fix incorrect SSL certificate path
4 years ago
Slavi Pantaleev b9c4e8ce16
Merge pull request #1057 from sakkiii/ssl_staple
4 years ago
sakkiii d31b55b2a7 SSL-enabled block only
4 years ago
Slavi Pantaleev e4dd933cf0 Make missing /_synapse/admin correctly return 404 responses
4 years ago
sakkiii 2c3da6599b Added warning
4 years ago
sakkiii 0dd4459799 matrix_nginx_proxy_ocsp_stapling_enabled variable added
4 years ago
sakkiii c05021640d Enable OCSP Stapling
4 years ago
Aaron Raimist ca361af616
Add Hydrogen
4 years ago
sakkiii 29cf6a0087 Merge branch 'spantaleev:master' into master
4 years ago
sakkiii bb0810302d Merge branch 'spantaleev:master' into master
4 years ago
Béla Becker b10655ebb1 Jitsi XMPP Websocket support
4 years ago
Dan Arnfield cfaa3e598a Update nginx (1.19.10 -> 1.20.0)
4 years ago
sakkiii 40fe6bd5c1 variable matrix_nginx_proxy_hsts_preload_enable added
4 years ago
Slavi Pantaleev 389dc26615 Fix Synapse generic worker balancing
4 years ago
sakkiii 5b4fdf9b87 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
4 years ago
sakkiii 0ccf0fbf1c HSTS preload + X-XSS enables
4 years ago
sakkiii 3564635f0f
Merge branch 'master' into master
4 years ago
sakkiii 29bba5161b Element More security headers
4 years ago
Slavi Pantaleev d691cc0920 Move variable definition a bit
4 years ago
Slavi Pantaleev e00ef04b57 Add opt-out-of-FLoC headers by default
4 years ago
Slavi Pantaleev 4a1739f604
Merge pull request #1007 from teutat3s/fix/nginx-dont-send-version
4 years ago
teutat3s 2bf7c26cfa
Don't expose nginx version with each response
4 years ago
sakkiii 1958d0792d Update matrix-client-element.conf.j2
4 years ago
sakkiii b6d45c5fd8 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
4 years ago
sakkiii 05042f5ff1 Improve security grafana
4 years ago
sakkiii 5dc642ace1
Nginx element web: XSS protection & nosniff header
4 years ago
Slavi Pantaleev c7c137df74 Upgrade nginx and certbot
4 years ago
Ahmad Haghighi e335f3fc77 rename matrix_global_registry to matrix_container_global_registry_prefix related to #990
4 years ago
Ahmad Haghighi f52a8b6484 use custom docker registry
4 years ago
Christoph Johannes Kleine fcd66b2889
rename variables
4 years ago
Christoph Johannes Kleine 8ba1105010
rename variable
4 years ago
Christoph Johannes Kleine 3a772f2f65
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
4 years ago
Dan Arnfield 97d8527e00 Update nginx (1.19.6 -> 1.19.8)
4 years ago
Slavi Pantaleev 06c74728eb Move matrix_nginx_proxy_proxy_synapse_federation_api_enabled definition to the role
4 years ago
Slavi Pantaleev 9a0222fa47 Add Sygnal support
4 years ago
Aaron Raimist 32b3650c12
Set X-Forwarded-Proto on federation requests
4 years ago
Aaron Raimist 466827139a
Also check if matrix_ssl_lets_encrypt_support_email is blank
4 years ago
Slavi Pantaleev 011e95c1d2
Merge pull request #893 from GoMatrixHosting/master
4 years ago
Slavi Pantaleev 6181861ffe
Merge pull request #929 from Zir0h/master
4 years ago
Alexandros Afentoulis 28c255539c matrix-nginx-proxy: specify Origin header, comply with CORS
4 years ago
Yannick Goossens 51e2547484 Added support for the Go-NEB bot
4 years ago
Slavi Pantaleev 9b72384df7 Upgrade Synapse (1.28.0 -> 1.29.0)
4 years ago
Slavi Pantaleev f0698ee641 Do not overwrite X-Forwarded-For when reverse-proxying to Synapse
4 years ago
SierraKiloBravo 0de0716527 Added nginx proxy worker configuration to template and defaults
4 years ago
Slavi Pantaleev 009efdad49 Fix matrix.DOMAIN/_synapse/metrics exposing
4 years ago
Slavi Pantaleev a25b8135b8 Fix point overlap between matrix-domain and Jitsi
4 years ago
Michael 33ec5710d9 0.2.1 revision
4 years ago
Hardy Erlinger f4930d789e Run Let's Encrypt renewal checks daily instead of weekly.
4 years ago
Slavi Pantaleev 6baa91dd9f Do not delete matrix-ssl-lets-encrypt-certificates-renew only to recreate it later
4 years ago
Slavi Pantaleev 1ef683d366 Make nginx proxy config (when disabled) obey matrix_federation_public_port
4 years ago
rakshazi 2f887f292c
added "matrix_%SERVICE%_version" variable to all roles, use it in "matrix_%SERVICE%_docker_image" var (preserving backward-compatibility)
4 years ago
Michael 4c882c513b initial PR
4 years ago
Slavi Pantaleev eaea215282 Allow Synapse workers to be used with an external nginx webserver
4 years ago
Slavi Pantaleev d6c4d41c2b Define instanceId property on workers
4 years ago
Slavi Pantaleev 5cfeae806b Merge branch 'master' into synapse-workers
4 years ago
Slavi Pantaleev 894679750e
Merge pull request #862 from s-thom/nginx-additional
4 years ago
Slavi Pantaleev a8e9f35708 Touch up documentation a bit
4 years ago
Peetz0r 989100b1c1 Grafana nginx proxy config
4 years ago
Stuart Thomson 064b2e533c Add variable for extra domains to get LE certs for
4 years ago
Slavi Pantaleev 889b299bc2
Merge pull request #804 from pushytoxin/matrix-etherpad
4 years ago
Slavi Pantaleev 26b287bd17 Upgrade certbot (1.10.1 -> 1.11.0)
4 years ago
Slavi Pantaleev d98a1ceadd Merge branch 'master' into synapse-workers
4 years ago
Slavi Pantaleev 512f42aa76 Do not report docker kill/rm attempts as errors
4 years ago
Béla Becker 7bc9be95cb Add map directive to the base of nginx.conf
4 years ago
Slavi Pantaleev 778b66876c Merge branch 'master' into synapse-workers
4 years ago
Slavi Pantaleev 70796703d3 Run Synapse workers in their own containers
4 years ago
Slavi Pantaleev 4d62a75f6f Get matrix-corporal to play nicely with a Synapse worker setup
4 years ago
Slavi Pantaleev 5ca68210cd Do not handle /_matrix/federation on client-server port, nor /_matrix/client stuff on federation port
4 years ago
Slavi Pantaleev 8fa913dca7 Fix Ansible warning
4 years ago
Marcel Partap 183adec3d8 Merge remote-tracking branch 'origin/master' into synapse-workers
4 years ago
pushytoxin d51ea25219 When validating LE certs, do not wait for a random time
4 years ago
Slavi Pantaleev 1692a28fe4 Work around annoying Docker warning about undefined $HOME
4 years ago
Slavi Pantaleev e1690722f7 Replace cronjobs with systemd timers
4 years ago
Slavi Pantaleev 05ca9357a8 Add .service suffix to systemd units list
4 years ago
Slavi Pantaleev 57ea43d8b0 Remove unused variable
4 years ago
Slavi Pantaleev 7a90eb6d4f Relocate some validation tasks
4 years ago
Marcel Partap cd8100544b Merge remote-tracking branch 'origin/master' into synapse-workers
4 years ago
Slavi Pantaleev f7ae050eaf Remove useless quotes around ssl_ciphers value
4 years ago
Slavi Pantaleev 5822ba0c01 Use a more natural if statement
4 years ago
Slavi Pantaleev de6ecd8818
Update inaccurate comments
4 years ago
Agustin Ferrario 5156c63a76 Clean up code
4 years ago