Implemented federation for matrix

This commit is contained in:
Kevin Veen-Birkenbach 2024-01-18 20:53:14 +01:00
parent f16641aa87
commit ddf87feb42
3 changed files with 51 additions and 3 deletions

View File

@ -34,6 +34,10 @@ Matrix is an open-source project that provides a protocol for secure, decentrali
``` ```
docker-compose logs docker-compose logs
``` ```
## Debug:
- https://federationtester.matrix.org/
## Sources ## Sources
### Guides ### Guides

View File

@ -2,13 +2,28 @@
- name: "include docker-compose-database.yml" - name: "include docker-compose-database.yml"
include_tasks: docker-compose-database.yml include_tasks: docker-compose-database.yml
- name: "include tasks nginx-docker-proxy-domain.yml" - name: "include task certbot-matomo.yml"
include_tasks: nginx-docker-proxy-domain.yml include_tasks: certbot-matomo.yml
vars: vars:
domain: "{{synapse_domain}}" domain: "{{synapse_domain}}"
http_port: "{{synapse_http_port}}" http_port: "{{synapse_http_port}}"
- name: configure {{synapse_domain}}.conf
template:
src: "templates/nginx.conf.j2"
dest: "{{nginx_servers_directory}}{{synapse_domain}}.conf"
vars:
domain: "{{synapse_domain}}"
http_port: "{{synapse_http_port}}"
notify: restart nginx
#- name: "include tasks nginx-docker-proxy-domain.yml"
# include_tasks: nginx-docker-proxy-domain.yml
# vars:
# domain: "{{synapse_domain}}"
# http_port: "{{synapse_http_port}}"
- name: "include tasks nginx-docker-proxy-domain.yml" - name: "include tasks nginx-docker-proxy-domain.yml for element"
include_tasks: nginx-docker-proxy-domain.yml include_tasks: nginx-docker-proxy-domain.yml
vars: vars:
domain: "{{element_domain}}" domain: "{{element_domain}}"

View File

@ -0,0 +1,29 @@
server {
server_name {{domain}};
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
# For the federation port
listen 8448 ssl http2 default_server;
listen [::]:8448 ssl http2 default_server;
{% if nginx_matomo_tracking | bool %}
{% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
{% endif %}
location ~ ^(/_matrix|/_synapse/client) {
# note: do not add a path (even a single /) after the port in `proxy_pass`,
# otherwise nginx will canonicalise the URI and cause signature verification
# errors.
proxy_pass http://127.0.0.1:{{http_port}};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
# Nginx by default only allows file uploads up to 1M in size
# Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
client_max_body_size 50M;
# Synapse responses may be chunked, which is an HTTP/1.1 feature.
proxy_http_version 1.1;
}
}