fix the rp

matrix
histausse 3 years ago
parent 9036f2da77
commit 4d692796f2
Signed by: histausse
GPG Key ID: 67486F107F62E9E9

@ -4,3 +4,6 @@
roles:
- synapse
- hosts: proxy
roles:
- rp_synapse

@ -19,9 +19,28 @@
path: /etc/nginx/certs
state: directory
- name: Generate Certificate for Domains
shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ vault_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
args:
creates: "/etc/letsencrypt/live/{{ matrix_server_name }}/cert.pem"
- name: Copy certificates
file:
src: "/etc/letsencrypt/live/{{ matrix_server_name }}/fullchain.pem"
dest: "/etc/nginx/certs/{{ matrix_server_name }}.crt"
state: link
force: yes
- name: Copy certificates key
file:
src: "/etc/letsencrypt/live/{{ matrix_server_name }}/privkey.pem"
dest: "/etc/nginx/certs/{{ matrix_server_name }}.key"
state: link
force: yes
- name: Copy reverse proxy sites
template:
src: nginx/config_synapse
src: reverse_proxy
dest: /etc/nginx/sites-available/synapse
notify: Reload nginx
@ -33,14 +52,3 @@
force: yes
notify: Reload nginx
- name: Generate Certificate for Domains
shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ vault_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
args:
creates: "/etc/letsencrypt/live/{{ matrix_server_name }}/cert.pem"
- name: Copy certificates
file:
src: "/etc/letsencrypt/live/{{ matrix_server_name }}/fullchain.pem"
dest: "/etc/nginx/certs/{{ matrix_server_name }}.crt"
state: link
force: yes

@ -10,11 +10,15 @@ server {
server_name {{ matrix_server_name }};
ssl_certificate /var/certificates/{{ matrix_server_name }}_cert.pem;
ssl_certificate_key /var/certificates/{{ matrix_server_name }}_privkey.pem;
ssl_certificate /etc/nginx/certs/{{ matrix_server_name }}.crt;
ssl_certificate_key /etc/nginx/certs/{{ matrix_server_name }}.key;
# Logs
access_log /var/log/nginx/synapse_rp_{{ matrix_server_name }}.log;
error_log /var/log/nginx/synapse_rp_{{ matrix_server_name }}_error.log;
location ~* ^(\/_matrix|\/_synapse\/client) {
proxy_pass http://{{ matrix_local_server_name }}:80;
proxy_pass https://{{ matrix_local_server_name }};
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;

Loading…
Cancel
Save