fix bugs

3 years ago · 94e8b52948
parent 45906e095d
commit 94e8b52948
4 changed files with 12 additions and 27 deletions
--- a/group_vars/all/matrix.yml
+++ b/group_vars/all/matrix.yml
@ -1,6 +1,6 @@
 ---
 matrix_server_name: pp.intra
-synapse_postgre_user_pwd: "{{ ²vault_synapse_postgre_user_pwd }}"
+synapse_postgre_user_pwd: "{{ vault_synapse_postgre_user_pwd }}"
 matrix_max_upload_size: 50M
 matrix_registration_shared_secret: "{{ vault_matrix_registration_shared_secret }}"
 matrix_macaroon_secret: "{{ vault_matrix_macaroon_secret }}"
--- a/roles/generate_self_signed_certificate/tasks/main.yml
+++ b/roles/generate_self_signed_certificate/tasks/main.yml
@ -1,4 +1,13 @@
 ---
+- name: Install openssl
+  apt:
+    name: python3-openssl
+    state: latest
+    update_cache: true
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
 - name: Ensure the cert directory exists
  file:
    path: /var/certificates
--- a/roles/synapse/templates/homeserver.yaml
+++ b/roles/synapse/templates/homeserver.yaml
@ -1582,6 +1582,7 @@ oidc_providers:
  #  jwks_uri: "https://accounts.example.com/.well-known/jwks.json"
  #  skip_verification: true
  #  user_mapping_provider:
+{% raw %}
  #    config:
  #      subject_claim: "id"
  #      localpart_template: "{{ user.login }}"
@ -1590,6 +1591,7 @@ oidc_providers:
  #  attribute_requirements:
  #    - attribute: userGroup
  #      value: "synapseUsers"
+{% endraw %}


 # Enable Central Authentication Service (CAS) for registration and login.
--- a/roles/synapse/templates/nginx/synapse
+++ b/roles/synapse/templates/nginx/synapse
@ -1,26 +0,0 @@
-{{ ansible_managed | comment }}
-
-server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-
-    # For the federation port
-    listen 8448 ssl http2 default_server;
-    listen [::]:8448 ssl http2 default_server;
-
-    server_name {{ matrix_server_name }};
-
-	ssl_certificate /var/certificates/{{ matrix_server_name }}_cert.pem;
-	ssl_certificate_key /var/certificates/{{ matrix_server_name }}_privkey.pem;
-
-    location ~* ^(\/_matrix|\/_synapse\/client) {
-        proxy_pass http://localhost:8008;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header Host $host;
-
-        # Nginx by default only allows file uploads up to 1M in size
-        # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
-        client_max_body_size {{ matrix_max_upload_size }};
-    }
-}