setup proxy for federation

roles/rp_synapse/templates/reverse_proxy

@@ -4,19 +4,21 @@ server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
 
-    # For the federation port
-    listen 8448 ssl http2 default_server;
-    listen [::]:8448 ssl http2 default_server;
-
     server_name {{ matrix_server_name }};
 
-	ssl_certificate /etc/nginx/certs/{{ matrix_server_name }}.crt;
+    ssl_certificate /etc/nginx/certs/{{ matrix_server_name }}.crt;
-	ssl_certificate_key /etc/nginx/certs/{{ matrix_server_name }}.key;
+    ssl_certificate_key /etc/nginx/certs/{{ matrix_server_name }}.key;
 
     # Logs
     access_log /var/log/nginx/synapse_rp_{{ matrix_server_name }}.log;
     error_log /var/log/nginx/synapse_rp_{{ matrix_server_name }}_error.log;
 
+    location /.well-known/matrix/server {
+        return 200 '{"m.server": "deso-palaiseau.fr:443"}';
+        default_type application/json;
+        add_header Access-Control-Allow-Origin *;
+    }
+
     location ~* ^(\/_matrix|\/_synapse\/client) {
         proxy_pass https://{{ matrix_local_server_name }};
         proxy_set_header X-Forwarded-For $remote_addr;

roles/synapse/templates/homeserver.yaml

@@ -371,6 +371,8 @@ retention:
 
 ## TLS ##
 
+no_tls: True
+
 # PEM-encoded X509 certificate for TLS.
 # This certificate, as of Synapse 1.0, will need to be a valid and verifiable
 # certificate, signed by a recognised Certificate Authority.