356 Commits (ec9f8e29319e6150eb6daa6417fa1afab7078b70)

Author SHA1 Message Date
sakkiii cd26af2f6f
Certbot Update (v1.20.0 -> v1.21.0)
3 years ago
sakkiii 7a4f49c457
Nginx Minio Update (1.21.3 -> 1.21.4)
3 years ago
Slavi Pantaleev 735c966ab6 Disable systemd services when stopping to uninstall them
3 years ago
b 6eaa8ac65a add server_name to matrix-synapsel.conf only if matrix_nginx_proxy_enabled
3 years ago
b dcda17595a change port 8090 to matrix_ma1sd_default_port
3 years ago
Slavi Pantaleev 06bcdcf9d2
Merge pull request #1311 from HarHarLinks/master
3 years ago
Kim Brose 5f6bbafa17
fix space before tab in indent
3 years ago
HarHarLinks 7b33fc8e19 fixup! auto-generate prometheus.yml for workers metrics
3 years ago
HarHarLinks ce41674e61 auto-generate prometheus.yml for workers metrics
3 years ago
HarHarLinks 4209c4208c add own variable for worker metrics
3 years ago
Slavi Pantaleev 2bf052369d Upgrade certbot (v1.19.0 -> v1.20.0)
3 years ago
Kim Brose 1ba7760ea4
add how to generate htpasswd
3 years ago
HarHarLinks d9fa2f7ed4 add auto proxy synapse worker metrics
3 years ago
Slavi Pantaleev 31396f0615
Merge pull request #1295 from nogweii/feat-support-upstream-https-forwarded
3 years ago
Aaron Raimist a676b5358c
Fix hydrogen OCSP typo
3 years ago
Colin Shea 2578ca4cee rename matrix_nginx_proxy_x_forwarded_header_value -> matrix_nginx_proxy_x_forwarded_proto_value
3 years ago
Colin Shea d0cd67044e replace $scheme with X-Forwarded-Proto when enabled
3 years ago
sakkiii 3055b3996e
Updates Certbot -> v1.19.0, nginx ->1.21.3-alpine
3 years ago
sakkiii ae6caf158a
Added variable matrix_nginx_proxy_request_timeout (#1265)
3 years ago
Slavi Pantaleev a911207854 Revert "nginx update v1.21.2"
3 years ago
sakkiii 732051b8fc
nginx update v1.21.2
3 years ago
sakkiii f5a7e6d78b
Certbot update v1.18.0
3 years ago
Michael Collins 4d57a41b3f remove matrix_awx_enabled from these
3 years ago
Michael Collins 2e30802b87 use group variables instead
3 years ago
Michael Collins 8238d65e5f simplify template conditional
3 years ago
Michael Collins bfb61e776e GMH v0.5.7... maybe!
3 years ago
Slavi Pantaleev 4105ba854b
Merge pull request #1147 from datenkollektiv-net/allow-custom-federation-fqn
3 years ago
JokerGermany 9345d840be
root path for the base domain is wrong (#1189)
3 years ago
sakkiii 7a51268dfc
Upgrade certbot & nginx
3 years ago
Slavi Pantaleev 6294e58304 Fix Content-Security-Policy for Element
3 years ago
oxmie 5df4d68829 Make federation domain customizable
3 years ago
sakkiii 0217644b48
Content-Security-Policy For Element Web
4 years ago
Slavi Pantaleev 963f38ee7b Upgrade certbot (v1.14.0 -> v1.16.0)
4 years ago
pushytoxin bee14550ab Fix local/bin scripts autocompletion by adding rx perms to everyone
4 years ago
Slavi Pantaleev 4880dcceb0 Fix OCSP-stapling-related errors due to missing resolver
4 years ago
rakshazi 4ddd8bbb84
Updated nginx-proxy (1.20.0 -> 1.21.0)
4 years ago
Slavi Pantaleev 1ed0857019 Fix syntax error
4 years ago
sakkiii 4a4a7f136e changes added to hydrogen client
4 years ago
sakkiii 25e67b51d1 Merge branch 'spantaleev:master' into master
4 years ago
sakkiii 3436f9c10a rename to matrix_nginx_proxy_hsts_preload_enabled
4 years ago
sakkiii 7cc5328ede Comments & Ref
4 years ago
sakkiii df2d91970d matrix_nginx_proxy_xss_protection
4 years ago
Slavi Pantaleev 6f80292745
Add OCSP stapling support and other SSL optimizations to Hydrogen vhost
4 years ago
Slavi Pantaleev d0de21ab34
Delete Hydrogen nginx configuration file when disabled
4 years ago
Aaron Raimist 04548f8df2
Merge branch 'master' into hydrogen
4 years ago
Aaron Raimist 9437f78c9e
Build using custom config.json, add CSP, update to 0.1.53
4 years ago
sakkiii e9b878b9e9 Optimize SSL session
4 years ago
Slavi Pantaleev e6afa05f7b Enable OCSP stapling for the federation port
4 years ago
Slavi Pantaleev 57a6a98a50 Fix incorrect SSL certificate path
4 years ago
Slavi Pantaleev b9c4e8ce16
Merge pull request #1057 from sakkiii/ssl_staple
4 years ago
sakkiii d31b55b2a7 SSL-enabled block only
4 years ago
Slavi Pantaleev e4dd933cf0 Make missing /_synapse/admin correctly return 404 responses
4 years ago
sakkiii 2c3da6599b Added warning
4 years ago
sakkiii 0dd4459799 matrix_nginx_proxy_ocsp_stapling_enabled variable added
4 years ago
sakkiii c05021640d Enable OCSP Stapling
4 years ago
Aaron Raimist ca361af616
Add Hydrogen
4 years ago
sakkiii 29cf6a0087 Merge branch 'spantaleev:master' into master
4 years ago
sakkiii bb0810302d Merge branch 'spantaleev:master' into master
4 years ago
Béla Becker b10655ebb1 Jitsi XMPP Websocket support
4 years ago
Dan Arnfield cfaa3e598a Update nginx (1.19.10 -> 1.20.0)
4 years ago
sakkiii 40fe6bd5c1 variable matrix_nginx_proxy_hsts_preload_enable added
4 years ago
Slavi Pantaleev 389dc26615 Fix Synapse generic worker balancing
4 years ago
sakkiii 5b4fdf9b87 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
4 years ago
sakkiii 0ccf0fbf1c HSTS preload + X-XSS enables
4 years ago
sakkiii 3564635f0f
Merge branch 'master' into master
4 years ago
sakkiii 29bba5161b Element More security headers
4 years ago
Slavi Pantaleev d691cc0920 Move variable definition a bit
4 years ago
Slavi Pantaleev e00ef04b57 Add opt-out-of-FLoC headers by default
4 years ago
Slavi Pantaleev 4a1739f604
Merge pull request #1007 from teutat3s/fix/nginx-dont-send-version
4 years ago
teutat3s 2bf7c26cfa
Don't expose nginx version with each response
4 years ago
sakkiii 1958d0792d Update matrix-client-element.conf.j2
4 years ago
sakkiii b6d45c5fd8 Merge branch 'master' of https://github.com/sakkiii/matrix-docker-ansible-deploy
4 years ago
sakkiii 05042f5ff1 Improve security grafana
4 years ago
sakkiii 5dc642ace1
Nginx element web: XSS protection & nosniff header
4 years ago
Slavi Pantaleev c7c137df74 Upgrade nginx and certbot
4 years ago
Ahmad Haghighi e335f3fc77 rename matrix_global_registry to matrix_container_global_registry_prefix related to #990
4 years ago
Ahmad Haghighi f52a8b6484 use custom docker registry
4 years ago
Christoph Johannes Kleine fcd66b2889
rename variables
4 years ago
Christoph Johannes Kleine 8ba1105010
rename variable
4 years ago
Christoph Johannes Kleine 3a772f2f65
matrix-nginx-proxy: add custom nginx options to nginx.conf.j2
4 years ago
Dan Arnfield 97d8527e00 Update nginx (1.19.6 -> 1.19.8)
4 years ago
Slavi Pantaleev 06c74728eb Move matrix_nginx_proxy_proxy_synapse_federation_api_enabled definition to the role
4 years ago
Slavi Pantaleev 9a0222fa47 Add Sygnal support
4 years ago
Aaron Raimist 32b3650c12
Set X-Forwarded-Proto on federation requests
4 years ago
Aaron Raimist 466827139a
Also check if matrix_ssl_lets_encrypt_support_email is blank
4 years ago
Slavi Pantaleev 011e95c1d2
Merge pull request #893 from GoMatrixHosting/master
4 years ago
Slavi Pantaleev 6181861ffe
Merge pull request #929 from Zir0h/master
4 years ago
Alexandros Afentoulis 28c255539c matrix-nginx-proxy: specify Origin header, comply with CORS
4 years ago
Yannick Goossens 51e2547484 Added support for the Go-NEB bot
4 years ago
Slavi Pantaleev 9b72384df7 Upgrade Synapse (1.28.0 -> 1.29.0)
4 years ago
Slavi Pantaleev f0698ee641 Do not overwrite X-Forwarded-For when reverse-proxying to Synapse
4 years ago
SierraKiloBravo 0de0716527 Added nginx proxy worker configuration to template and defaults
4 years ago
Slavi Pantaleev 009efdad49 Fix matrix.DOMAIN/_synapse/metrics exposing
4 years ago
Slavi Pantaleev a25b8135b8 Fix point overlap between matrix-domain and Jitsi
4 years ago
Michael 33ec5710d9 0.2.1 revision
4 years ago
Hardy Erlinger f4930d789e Run Let's Encrypt renewal checks daily instead of weekly.
4 years ago
Slavi Pantaleev 6baa91dd9f Do not delete matrix-ssl-lets-encrypt-certificates-renew only to recreate it later
4 years ago
Slavi Pantaleev 1ef683d366 Make nginx proxy config (when disabled) obey matrix_federation_public_port
4 years ago
rakshazi 2f887f292c
added "matrix_%SERVICE%_version" variable to all roles, use it in "matrix_%SERVICE%_docker_image" var (preserving backward-compatibility)
4 years ago
Michael 4c882c513b initial PR
4 years ago