diff --git a/docs/configuring-playbook-etherpad.md b/docs/configuring-playbook-etherpad.md index 76ad2f59c..8932f7692 100644 --- a/docs/configuring-playbook-etherpad.md +++ b/docs/configuring-playbook-etherpad.md @@ -20,16 +20,6 @@ etherpad_hostname: "{{ matrix_server_fqn_matrix }}" etherpad_path_prefix: /etherpad ``` -**NOTE**: When using the old `matrix-nginx-proxy` reverse-proxy instead of Traefik, you have only 2 choices: - -- serving Etherpad at its own dedicated domain: - - you need to set the domain using the `matrix_server_fqn_etherpad` variable (not `etherpad_hostname`) - - you must use `etherpad_path_prefix: /` -- serving Etherpad at the [Dimension](configuring-playbook-dimension.md) integration manager's domain (`matrix_server_fqn_dimension`) - - you need to have Dimension enabled - - you need to add `etherpad_path_prefix: /etherpad` or another prefix (different than `/`) - - you need to add `etherpad_nginx_proxy_dimension_integration_enabled: true` to enable this integration - ## Adjusting DNS records diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index f09477f23..4152e8ad9 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -3323,7 +3323,6 @@ matrix_nginx_proxy_proxy_schildichat_enabled: "{{ matrix_client_schildichat_enab matrix_nginx_proxy_proxy_buscarron_enabled: "{{ matrix_bot_buscarron_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}" matrix_nginx_proxy_proxy_dimension_enabled: "{{ matrix_dimension_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}" matrix_nginx_proxy_proxy_rageshake_enabled: "{{ matrix_rageshake_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}" -matrix_nginx_proxy_proxy_etherpad_enabled: "{{ etherpad_enabled and not etherpad_nginx_proxy_dimension_integration_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}" matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}" matrix_nginx_proxy_proxy_mautrix_wsproxy_enabled: "{{ matrix_mautrix_wsproxy_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-nginx', 'other-nginx-non-container'] }}" @@ -3423,8 +3422,6 @@ matrix_ssl_domains_to_obtain_certificates_for: | + ([matrix_server_fqn_dimension] if matrix_dimension_enabled else []) + - ([matrix_server_fqn_etherpad] if (etherpad_enabled and not etherpad_nginx_proxy_dimension_integration_enabled) else []) - + ([matrix_server_fqn_bot_go_neb] if matrix_bot_go_neb_enabled else []) + ([matrix_server_fqn_jitsi] if jitsi_enabled else []) diff --git a/roles/custom/etherpad-proxy-connect/defaults/main.yml b/roles/custom/etherpad-proxy-connect/defaults/main.yml deleted file mode 100644 index 83df826f8..000000000 --- a/roles/custom/etherpad-proxy-connect/defaults/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- - -# etherpad-proxy-connect is a compatibility role connecting the new Etherpad role with matrix-nginx-proxy. -# It adds back support for serving Etherpad under the Dimension domain (`matrix_server_fqn_dimension`). - -# Controls whether Etherpad will be hosted under the Dimension domain when matrix-nginx-proxy is used (depending on matrix_playbook_reverse_proxy_type). -# If you're not using matrix-nginx-proxy, then this value has no effect. -etherpad_nginx_proxy_dimension_integration_enabled: false - -# Controls the path at which Etherpad will be exposed on the Dimension domain. -etherpad_nginx_proxy_dimension_integration_path_prefix: "{{ etherpad_path_prefix }}" diff --git a/roles/custom/etherpad-proxy-connect/tasks/inject_into_nginx_proxy.yml b/roles/custom/etherpad-proxy-connect/tasks/inject_into_nginx_proxy.yml deleted file mode 100644 index 6252dba1c..000000000 --- a/roles/custom/etherpad-proxy-connect/tasks/inject_into_nginx_proxy.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- - -- name: Fail if matrix-nginx-proxy role already executed - ansible.builtin.fail: - msg: >- - Trying to append Etherpad's reverse-proxying configuration to matrix-nginx-proxy, - but it's pointless since the matrix-nginx-proxy role had already executed. - To fix this, please change the order of roles in your playbook, - so that the matrix-nginx-proxy role would run after the matrix-etherpad role. - when: matrix_nginx_proxy_role_executed | default(False) | bool - -- name: Generate Etherpad proxying configuration for matrix-nginx-proxy - ansible.builtin.set_fact: - etherpad_matrix_nginx_proxy_configuration: | - rewrite ^{{ etherpad_nginx_proxy_dimension_integration_path_prefix }}$ {{ matrix_nginx_proxy_x_forwarded_proto_value }}://$server_name{{ etherpad_nginx_proxy_dimension_integration_path_prefix }}/ permanent; - - location {{ etherpad_nginx_proxy_dimension_integration_path_prefix }}/ { - {% if matrix_nginx_proxy_enabled | default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - proxy_pass http://{{ etherpad_identifier }}:9001/; - {# These are proxy directives needed specifically by Etherpad #} - proxy_buffering off; - proxy_http_version 1.1; # recommended with keepalive connections - proxy_pass_header Server; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Proto {{ matrix_nginx_proxy_x_forwarded_proto_value }}; # for EP to set secure cookie flag when https is used - # WebSocket proxying - from http://nginx.org/en/docs/http/websocket.html - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - {% else %} - {# Generic configuration for use outside of our container setup #} - # A good guide for setting up your Etherpad behind nginx: - # https://docs.gandi.net/en/cloud/tutorials/etherpad_lite.html - proxy_pass http://127.0.0.1:9001/; - {% endif %} - } - -- name: Register Etherpad proxying configuration with matrix-nginx-proxy - ansible.builtin.set_fact: - matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_dimension_additional_server_configuration_blocks | default([]) - + - [etherpad_matrix_nginx_proxy_configuration] - }} diff --git a/roles/custom/etherpad-proxy-connect/tasks/main.yml b/roles/custom/etherpad-proxy-connect/tasks/main.yml deleted file mode 100644 index 630ab87f1..000000000 --- a/roles/custom/etherpad-proxy-connect/tasks/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -- when: etherpad_enabled | bool and etherpad_nginx_proxy_dimension_integration_enabled | bool - tags: - - install-all - - setup-all - - install-nginx-proxy - - setup-nginx-proxy - block: - - ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml" - - - ansible.builtin.include_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml" diff --git a/roles/custom/etherpad-proxy-connect/tasks/validate_config.yml b/roles/custom/etherpad-proxy-connect/tasks/validate_config.yml deleted file mode 100644 index 51a672ee5..000000000 --- a/roles/custom/etherpad-proxy-connect/tasks/validate_config.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- - -- name: Fail if reverse-proxy is not nginx - when: matrix_playbook_reverse_proxy_type not in ['playbook-managed-nginx', 'other-nginx-non-container'] - ansible.builtin.fail: - msg: > - Etherpad's integration into matrix-nginx-proxy's Dimension server only makes sense if you're using matrix-nginx-proxy. - `matrix_playbook_reverse_proxy_type` ({{ matrix_playbook_reverse_proxy_type }}) indicates that you're using another reverse-proxy. - If you're using Traefik, you should configure `etherpad_hostname` and `etherpad_path_prefix` instead. - -- name: Fail if Dimension not enabled - when: not matrix_dimension_enabled - ansible.builtin.fail: - msg: > - Etherpad's integration into matrix-nginx-proxy's Dimension server only makes sense if you're using Dimension. - Looks like Dimension is not enabled in your configuration (judging by `matrix_dimension_enabled`). - Consider configuring `etherpad_hostname` and `etherpad_path_prefix` instead. - -- name: Fail if Etherpad hostname does not match Dimension hostname - when: etherpad_hostname != matrix_server_fqn_dimension - ansible.builtin.fail: - msg: > - Etherpad's integration into matrix-nginx-proxy's Dimension server requires that you set `etherpad_hostname` to `matrix_server_fqn_dimension`. - Consider adding this to your configuration: `{% raw %}etherpad_hostname: "{{ matrix_server_fqn_dimension }}"{% endraw %}` - -- name: Fail if / path prefix used for Etherpad - when: etherpad_nginx_proxy_dimension_integration_path_prefix == '/' - ansible.builtin.fail: - msg: > - Etherpad's integration into matrix-nginx-proxy's Dimension server only makes sense if you're using a non-`/` path for Etherpad. - You've chosen a path prefix of `/` in `etherpad_nginx_proxy_dimension_integration_path_prefix`. - The `/` path must go to Dimension itself, so you need to pick a different prefix (e.g. `/etherpad`). diff --git a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml index fd481134b..4b4c3633f 100644 --- a/roles/custom/matrix_playbook_migration/tasks/validate_config.yml +++ b/roles/custom/matrix_playbook_migration/tasks/validate_config.yml @@ -128,6 +128,8 @@ - {'old': 'matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container', 'new': ''} - {'old': 'matrix_nginx_proxy_proxy_synapse_additional_server_configuration_blocks', 'new': ''} + - {'old': 'etherpad_nginx_proxy_dimension_integration_enabled', 'new': ''} + - {'old': 'etherpad_nginx_proxy_dimension_integration_path_prefix', 'new': ''} - name: (Deprecation) Catch and report matrix_postgres variables ansible.builtin.fail: diff --git a/setup.yml b/setup.yml index 31c15f9b4..166e209e2 100644 --- a/setup.yml +++ b/setup.yml @@ -111,7 +111,6 @@ - custom/matrix-ma1sd - custom/matrix-dimension - galaxy/etherpad - - custom/etherpad-proxy-connect - custom/matrix-sliding-sync - custom/matrix-email2matrix - custom/matrix-sygnal