Merge branch 'master' into element-call-integration

roles/custom/matrix-client-element/templates/config.json.j2

@@ -40,6 +40,7 @@
 	{% if matrix_client_element_location_sharing_enabled %}
 	"map_style_url": {{ matrix_client_element_map_style_url | to_json }},
 	{% endif %}
+	"logout_redirect_url": {{ matrix_client_element_logout_redirect_url | to_json }},
 	"branding": {
 		"auth_footer_links": {{ matrix_client_element_branding_auth_footer_links | to_json }},
 		"auth_header_logo_url": {{ matrix_client_element_branding_auth_header_logo_url | to_json }},

roles/custom/matrix-client-element/templates/config.json.j2.license

@@ -0,0 +1,6 @@
+SPDX-FileCopyrightText: 2020 - 2024 Slavi Pantaleev
+SPDX-FileCopyrightText: 2020 Aaron Raimist
+SPDX-FileCopyrightText: 2023 - 2024 MDAD project contributors
+SPDX-FileCopyrightText: 2023 Igor Goldenberg
+
+SPDX-License-Identifier: AGPL-3.0-or-later

roles/custom/matrix-client-element/templates/env.j2

@@ -0,0 +1,9 @@
+{#
+SPDX-FileCopyrightText: 2025 Slavi Pantaleev
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
+ELEMENT_WEB_PORT={{ matrix_client_element_environment_variable_element_web_port }}
+
+{{ matrix_client_element_environment_variables_extension }}

roles/custom/matrix-client-element/templates/labels.j2

@@ -1,3 +1,9 @@
+{#
+SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
+
+SPDX-License-Identifier: AGPL-3.0-or-later
+#}
+
 {% if matrix_client_element_container_labels_traefik_enabled %}
 traefik.enable=true
 

roles/custom/matrix-client-element/templates/map_style.json.j2.license

@@ -0,0 +1,3 @@
+SPDX-FileCopyrightText: 2022 MDAD project contributors
+
+SPDX-License-Identifier: AGPL-3.0-or-later

roles/custom/matrix-client-element/templates/nginx.conf.j2

@@ -1,66 +0,0 @@
-#jinja2: lstrip_blocks: "True"
-# This is a custom nginx configuration file that we use in the container (instead of the default one),
-# because it allows us to run nginx with a non-root user.
-#
-# For this to work, the default vhost file (`/etc/nginx/conf.d/default.conf`) also needs to be removed.
-# (mounting `/dev/null` over `/etc/nginx/conf.d/default.conf` works well)
-#
-# The following changes have been done compared to a default nginx configuration file:
-# - default server port is changed (80 -> 8080), so that a non-root user can bind it
-# - various temp paths are changed to `/tmp`, so that a non-root user can write to them
-# - the `user` directive was removed, as we don't want nginx to switch users
-
-worker_processes 1;
-
-error_log /var/log/nginx/error.log warn;
-pid /tmp/nginx.pid;
-
-
-events {
-	worker_connections 1024;
-}
-
-
-http {
-	proxy_temp_path /tmp/proxy_temp;
-	client_body_temp_path /tmp/client_temp;
-	fastcgi_temp_path /tmp/fastcgi_temp;
-	uwsgi_temp_path /tmp/uwsgi_temp;
-	scgi_temp_path /tmp/scgi_temp;
-
-	include /etc/nginx/mime.types;
-	default_type application/octet-stream;
-
-	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
-					'$status $body_bytes_sent "$http_referer" '
-					'"$http_user_agent" "$http_x_forwarded_for"';
-
-	access_log /var/log/nginx/access.log main;
-
-	sendfile on;
-	#tcp_nopush on;
-
-	keepalive_timeout 65;
-
-	#gzip on;
-
-	server {
-		listen 8080;
-		server_name localhost;
-
-		root /usr/share/nginx/html;
-
-		location / {
-			index index.html index.htm;
-		}
-
-		location ~* ^/(config(.+)?\.json$|(.+)\.html$|i18n) {
-			expires -1;
-		}
-
-		error_page 500 502 503 504 /50x.html;
-		location = /50x.html {
-			root /usr/share/nginx/html;
-		}
-	}
-}

roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2

@@ -10,9 +10,13 @@ DefaultDependencies=no
 [Service]
 Type=simple
 Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
-ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-client-element 2>/dev/null || true'
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-client-element 2>/dev/null || true'
 ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true'
 
+{#
+	The custom healthcheck command is a patch until https://github.com/element-hq/element-web/pull/29471
+	lands in a release.
+#}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--rm \
 			--name=matrix-client-element \
@@ -22,11 +26,15 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--read-only \
 			--network={{ matrix_client_element_container_network }} \
 			{% if matrix_client_element_container_http_host_bind_port %}
-			-p {{ matrix_client_element_container_http_host_bind_port }}:8080 \
+			-p {{ matrix_client_element_container_http_host_bind_port }}:{{ matrix_client_element_container_port }} \
 			{% endif %}
 			--label-file={{ matrix_client_element_data_path }}/labels \
+			--env-file={{ matrix_client_element_data_path }}/env \
 			--tmpfs=/tmp:rw,noexec,nosuid,size=10m \
-			--mount type=bind,src={{ matrix_client_element_data_path }}/nginx.conf,dst=/etc/nginx/nginx.conf,ro \
+			--tmpfs=/var/cache/nginx:rw,mode=777 \
+			--tmpfs=/var/run:rw,mode=777 \
+			--tmpfs=/tmp/element-web-config:rw,mode=777 \
+			--tmpfs=/etc/nginx/conf.d:rw,mode=777 \
 			--mount type=bind,src={{ matrix_client_element_data_path }}/config.json,dst=/app/config.json,ro \
 			--mount type=bind,src={{ matrix_client_element_data_path }}/config.json,dst=/app/config.{{ matrix_server_fqn_element }}.json,ro \
 			{% if matrix_client_element_location_sharing_enabled %}
@@ -36,6 +44,9 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--mount type=bind,src={{ matrix_client_element_data_path }}/home.html,dst=/app/home.html,ro \
 			{% endif %}
 			--mount type=bind,src={{ matrix_client_element_data_path }}/welcome.html,dst=/app/welcome.html,ro \
+			{% if matrix_client_element_container_healthcheck_cmd %}
+			--health-cmd="{{ matrix_client_element_container_healthcheck_cmd }}" \
+			{% endif %}
 			{% for arg in matrix_client_element_container_extra_arguments %}
 			{{ arg }} \
 			{% endfor %}
@@ -47,7 +58,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network conne
 
 ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-client-element
 
-ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-client-element 2>/dev/null || true'
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-client-element 2>/dev/null || true'
 ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-client-element 2>/dev/null || true'
 
 Restart=always

roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2.license

@@ -0,0 +1,5 @@
+SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev
+SPDX-FileCopyrightText: 2022 MDAD project contributors
+SPDX-FileCopyrightText: 2024 Suguru Hirahara
+
+SPDX-License-Identifier: AGPL-3.0-or-later

roles/custom/matrix-client-element/templates/welcome.html.j2.license

@@ -0,0 +1,9 @@
+SPDX-FileCopyrightText: 2019 Daniel Hoffend
+SPDX-FileCopyrightText: 2019 Hugues De Keyzer
+SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev
+SPDX-FileCopyrightText: 2020 Clement Renaud
+SPDX-FileCopyrightText: 2020 Stefan Warnat
+SPDX-FileCopyrightText: 2023 Pierre 'McFly' Marty
+SPDX-FileCopyrightText: 2024 MDAD project contributors
+
+SPDX-License-Identifier: AGPL-3.0-or-later