Merge remote-tracking branch 'upstream/master'

docs/maintenance-migrating.md

@@ -1,6 +1,6 @@
 # Migrating to new server
 
-1. Prepare by lowering DNS TTL for your domains (`matrix.DOMAIN`, etc.), so that DNS record changes (step 4 below) would happen faster, leading ot less downtime
+1. Prepare by lowering DNS TTL for your domains (`matrix.DOMAIN`, etc.), so that DNS record changes (step 4 below) would happen faster, leading to less downtime
 2. Stop all services on the old server and make sure they won't be starting again. Execute this on the old server: `systemctl disable --now matrix*`
 3. Copy directory `/matrix` from the old server to the new server. Make sure to preserve ownership and permissions (use `cp -p` or `rsync -ar`)!
 4. Make sure your DNS records are adjusted to point to the new server's IP address

roles/matrix-awx/surveys/configure_synapse_admin.json.j2

@@ -4,7 +4,7 @@
   "spec": [
     {
       "question_name": "Enable Synapse Admin",
-      "question_description": "Set if Synapse Admin is enabled or not. If enabled you can access it at https://matrix.{{ matrix_domain }}/synapse-admin.",
+      "question_description": "Set if Synapse Admin is enabled or not. If enabled you can access it at https://{{ matrix_server_fqn_matrix }}/synapse-admin.",
       "required": false,
       "min": null,
       "max": null,

roles/matrix-bridge-appservice-slack/defaults/main.yml

@@ -32,7 +32,7 @@ matrix_appservice_slack_slack_port: 9003
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9999"), or empty string to not expose.
 matrix_appservice_slack_container_http_host_bind_port: ''
 
-matrix_appservice_slack_homeserver_media_url: "matrix.{{ matrix_domain }}"
+matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
 matrix_appservice_slack_homeserver_url: "http://matrix-synapse:8008"
 matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}"
 matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack'

roles/matrix-bridge-appservice-webhooks/defaults/main.yml

@@ -28,7 +28,7 @@ matrix_appservice_webhooks_matrix_port: 6789
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9999"), or empty string to not expose.
 matrix_appservice_webhooks_container_http_host_bind_port: ''
 
-matrix_appservice_webhooks_homeserver_media_url: "matrix.{{ matrix_domain }}"
+matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
 matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:8008"
 matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}"
 matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks'

roles/matrix-dimension/tasks/setup_install.yml

@@ -40,6 +40,7 @@
             - {'table': 'dimension_sticker_packs', 'column': 'isPublic', 'default': ''}
             - {'table': 'dimension_slack_bridges', 'column': 'isEnabled', 'default': ''}
             - {'table': 'dimension_neb_integrations', 'column': 'isPublic', 'default': ''}
+            - {'table': 'dimension_neb_integrations', 'column': 'isEnabled', 'default': ''}
             - {'table': 'dimension_irc_bridges', 'column': 'isEnabled', 'default': ''}
             - {'table': 'dimension_irc_bridge_networks', 'column': 'isEnabled', 'default': ''}
             - {'table': 'dimension_gitter_bridges', 'column': 'isEnabled', 'default': ''}

roles/matrix-etherpad/defaults/main.yml

@@ -2,7 +2,7 @@ matrix_etherpad_enabled: false
 
 matrix_etherpad_base_path: "{{ matrix_base_data_path }}/etherpad"
 
-matrix_etherpad_version: 1.8.7
+matrix_etherpad_version: 1.8.12
 matrix_etherpad_docker_image: "docker.io/etherpad/etherpad:{{ matrix_etherpad_version }}"
 matrix_etherpad_docker_image_force_pull: "{{ matrix_etherpad_docker_image.endswith(':latest') }}"
 

roles/matrix-etherpad/templates/settings.json.j2

@@ -42,6 +42,9 @@
     "percentageToScrollWhenUserPressesArrowUp": 0
   },
   "socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
+  "socketIo": {
+    "maxHttpBufferSize": 10000
+  },
   "loadTest": false,
   "importExportRateLimiting": {
     "windowMs": 90000,

roles/matrix-etherpad/templates/systemd/matrix-etherpad.service.j2

@@ -29,7 +29,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-etherpad \
 			{{ arg }} \
 			{% endfor %}
 			{{ matrix_etherpad_docker_image }} \
-			node --experimental-worker /opt/etherpad-lite/node_modules/ep_etherpad-lite/node/server.js \
+			node --experimental-worker src/node/server.js \
 				--settings /data/settings.json --credentials /data/credentials.json \
 				--sessionkey /data/sessionkey.json --apikey /data/apijey.json
 				

roles/matrix-nginx-proxy/tasks/validate_config.yml

@@ -40,8 +40,8 @@
 
     - name: Fail if required variables are undefined
       fail:
-        msg: "Detected an undefined required variable"
+        msg: "The `{{ item }}` variable must be defined and have a non-null value"
       with_items:
         - "matrix_ssl_lets_encrypt_support_email"
-      when: "vars[item] is none"
+      when: "vars[item] == '' or vars[item] is none"
   when: "matrix_ssl_retrieval_method == 'lets-encrypt'"

roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2

@@ -241,6 +241,7 @@ server {
 
 		proxy_set_header Host $host;
 		proxy_set_header X-Forwarded-For $remote_addr;
+		proxy_set_header X-Forwarded-Proto $scheme;
 
 		client_body_buffer_size 25M;
 		client_max_body_size {{ matrix_nginx_proxy_proxy_matrix_federation_api_client_max_body_size_mb }}M;

roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2

@@ -17,8 +17,9 @@ ExecStartPre={{ matrix_host_command_sleep }} 5
 ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_worker_container_name }} \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+			-e UID={{ matrix_user_uid }} \
+			-e GID={{ matrix_user_gid }} \
 			--cap-drop=ALL \
-			--entrypoint=python \
 			--read-only \
 			--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
 			--network={{ matrix_docker_network }} \
@@ -44,7 +45,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor
 			{{ arg }} \
 			{% endfor %}
 			{{ matrix_synapse_docker_image }} \
-			-m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }}
+			run -m synapse.app.{{ matrix_synapse_worker_details.type }} -c /data/homeserver.yaml -c /data/{{ matrix_synapse_worker_config_file_name }}
 
 
 ExecStop=-{{ matrix_host_command_docker }} kill {{ matrix_synapse_worker_container_name }}

roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2

@@ -33,8 +33,9 @@ ExecStartPre={{ matrix_host_command_sleep }} 3
 ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+			--env=UID={{ matrix_user_uid }} \
+			--env=GID={{ matrix_user_gid }} \
 			--cap-drop=ALL \
-			--entrypoint=python \
 			--read-only \
 			--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_synapse_tmp_directory_size_mb }}m \
 			--network={{ matrix_docker_network }} \
@@ -62,7 +63,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \
 			{{ arg }} \
 			{% endfor %}
 			{{ matrix_synapse_docker_image }} \
-			-m synapse.app.homeserver -c /data/homeserver.yaml
+			run -m synapse.app.homeserver -c /data/homeserver.yaml
 
 ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-synapse 2>/dev/null'
 ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-synapse 2>/dev/null'