ungleich-intern/matrix-docker-compose
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

reconfigure synapse/element

Browse source
This commit is contained in:
Nico Schottelius 2023-10-02 10:45:47 +02:00
parent af6293c990
commit 94c0326a38
4 changed files with 7 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ansible/roles/docker-compose/files/elementweb/docker-compose.yaml
View file

@ -10,9 +10,9 @@ services:
#volumes: #volumes:
# - ./element/config.json.sh:/app/config.json.sh # - ./element/config.json.sh:/app/config.json.sh
#command: sh -c "/app/config.json.sh && nginx -g 'daemon off;'" #command: sh -c "/app/config.json.sh && nginx -g 'daemon off;'"
entrypoint: /app/config.json.sh #entrypoint: /app/config.json.sh
ports: ports:
- "80:80/tcp" - "8008:80/tcp"
nginx: nginx:
image: nginx:${NGINX_VERSION} image: nginx:${NGINX_VERSION}
@ -22,3 +22,4 @@ services:
volumes: volumes:
- ./nginx:/etc/nginx/conf.d - ./nginx:/etc/nginx/conf.d
- /ssl:/ssl - /ssl:/ssl
- /www:/www

14
ansible/roles/docker-compose/files/elementweb/nginx/elementweb.conf
View file

@ -6,24 +6,12 @@ server {
ssl_certificate /ssl/chain.crt; ssl_certificate /ssl/chain.crt;
ssl_certificate_key /ssl/certificate.keyplain; ssl_certificate_key /ssl/certificate.keyplain;
client_max_body_size 100m;
error_page 403 404 /403_404.html; error_page 403 404 /403_404.html;
location = /403_404.html { location = /403_404.html {
default_type application/json; default_type application/json;
return 200 'You are not authorized to access this page.'; return 200 'You are not authorized to access this page.';
} }
location /.well-known/matrix/server {
default_type application/json;
return 200 '{"m.server": "ungleich.matrix.ungleich.cloud:443" }';
}
location /.well-known/matrix/client {
default_type application/json;
return 200 '{ "m.homeserver": { "base_url": "https://ungleich.matrix.ungleich.cloud" } }';
}
location / { location / {
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
@ -34,6 +22,6 @@ server {
proxy_read_timeout 600s; proxy_read_timeout 600s;
send_timeout 600s; send_timeout 600s;
proxy_pass http://elementweb:8008; proxy_pass http://elementweb;
} }
} }

2
ansible/roles/docker-compose/files/synapse/config/homeserver.yaml
View file

@ -2275,7 +2275,7 @@ sso:
oidc_providers: oidc_providers:
- idp_id: keycloak - idp_id: keycloak
idp_name: "Corp Login" idp_name: "Corp Login"
issuer: "https://idp.corp-serv.net/realms/MAT" issuer: "https://idp.corp-serv.net/realms/MAT"
client_id: "synapse" client_id: "synapse"
client_secret: "vulBbPIatTqthf3wVgWbXjrLa00Ejk913gQEqgFhZm6FTJj4rc5CWgGGIBjH6CBDaAmeyZ4Tgs0iK7w9tannkaY8u3ziW4vhU0Ji" client_secret: "vulBbPIatTqthf3wVgWbXjrLa00Ejk913gQEqgFhZm6FTJj4rc5CWgGGIBjH6CBDaAmeyZ4Tgs0iK7w9tannkaY8u3ziW4vhU0Ji"

10
ansible/roles/docker-compose/files/synapse/nginx/synapse.conf
View file

@ -14,15 +14,9 @@ server {
return 200 'You are not authorized to access this page.'; return 200 'You are not authorized to access this page.';
} }
location /.well-known/matrix/server { location / {
default_type application/json; root /www;
return 200 '{"m.server": "ungleich.matrix.ungleich.cloud:443" }';
} }
location /.well-known/matrix/client {
default_type application/json;
return 200 '{ "m.homeserver": { "base_url": "https://ungleich.matrix.ungleich.cloud" } }';
}
location ~ /_matrix|/_synapse { location ~ /_matrix|/_synapse {
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;