You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
---
# The bare domain name which represents your Matrix identity.# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).## Note: this playbook does not touch the server referenced here.# Installation happens on another server ("matrix.<matrix-domain>").## If you've deployed using the wrong domain, you'll have to run the Uninstalling step,# because you can't change the Domain after deployment.## Example value: example.commatrix_domain: ps.knb# The Matrix homeserver software to install.# See:# - `roles/custom/matrix-base/defaults/main.yml` for valid options# - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choicematrix_homeserver_implementation: synapse# A secret used as a base, for generating various other secrets.# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).matrix_homeserver_generic_secret_key: '*******************'# By default, the playbook manages its own Traefik (https://doc.traefik.io/traefik/) reverse-proxy server.# It will retrieve SSL certificates for you on-demand and forward requests to all other components.# For alternatives, see `docs/configuring-playbook-own-webserver.md`.matrix_playbook_reverse_proxy_type: playbook-managed-traefikmatrix_coturn_container_network: hostmatrix_synapse_workers_enabled: truematrix_synapse_workers_preset: little-federation-helper# This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains.## In case SSL renewal fails at some point, you'll also get an email notification there.## If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt),# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).## Example value: someone@example.com#devture_traefik_config_certificatesResolvers_acme_email: 'isabekov@dspi.knb'# A Postgres password to use for the superuser Postgres user (called `matrix` by default).## The playbook creates additional Postgres users and databases (one for each enabled service)# using this superuser account.devture_postgres_connection_password: '*******************'devture_postgres_backup_enabled: truematrix_synapse_federation_enabled: truematrix_synapse_allow_public_rooms_over_federation: truematrix_nginx_proxy_base_domain_serving_enabled: true#matrix_static_files_file_matrix_support_enabled: truematrix_static_files_container_labels_base_domain_enabled: truematrix_static_files_file_index_html_enabled: truejitsi_enabled: truejitsi_jvb_container_extra_arguments:
- '--env "JVB_ADVERTISE_IPS=10.16.48.34"'
- '--env "JVB_DISABLE_STUN=true"'matrix_synapse_admin_enabled: true# Disable ACME / Let's Encrypt support.devture_traefik_config_certificatesResolvers_acme_enabled: false# Disabling ACME support (above) automatically disables the creation of the SSL directory.# Force-enable it here, because we'll add our certificate files there.devture_traefik_ssl_dir_enabled: true# Tell Traefik to load our custom configuration file (certificates.yml).# The file is created below, in `matrix_aux_file_definitions`.# The `/config/..` path is an in-container path, not a path on the host (like `/matrix/traefik/config`). Do not change it!devture_traefik_configuration_extension_yaml:
providers:
file:
filename: /config/certificates.ymlwatch: true# Use the matrix-aux role to create our custom files on the server.# If you'd like to do this manually, you remove this `matrix_aux_file_definitions` variable.aux_file_definitions:
# Create the privkey.pem file on the server by# uploading a file from the computer where Ansible is running.
- dest: "{{ devture_traefik_ssl_dir_path }}/privkey.pem"src: /home/user/privkey.pem# Alternatively, comment out `src` above and uncomment the lines below to provide the certificate content inline.# Note the indentation level.# content: |# FILE CONTENT# HERE# Create the cert.pem file on the server# uploading a file from the computer where Ansible is running.
- dest: "{{ devture_traefik_ssl_dir_path }}/cert.pem"src: /home/user/cert.pem# Alternatively, comment out `src` above and uncomment the lines below to provide the certificate content inline.# Note the indentation level.# content: |# FILE CONTENT# HERE# Create the custom Traefik configuration.# The `/ssl/..` paths below are in-container paths, not paths on the host (/`matrix/traefik/ssl/..`). Do not change them!
- dest: "{{ devture_traefik_config_dir_path }}/certificates.yml"content:
tls:
certificates:
- certFile: /ssl/cert.pemkeyFile: /ssl/privkey.pemstores:
default:
defaultCertificate:
certFile: /ssl/cert.pemkeyFile: /ssl/privkey.pem
Problem description:
Cannot connect two or more servers in a federation in my work LAN. We are using self-signed certificates, DNS seems to be configured correctly. Question: My work LAN doesn't have access to the Internet, do I need to adjust my config files for this scenario?
Also, I can use telnet to connect from one Matrix server to a Matrix port on another server, but the Matrix servers don't see each other. Any ideas why?
The text was updated successfully, but these errors were encountered:
Playbook Configuration:
My
vars.yml
file looks like this:Problem description:
Cannot connect two or more servers in a federation in my work LAN. We are using self-signed certificates, DNS seems to be configured correctly. Question: My work LAN doesn't have access to the Internet, do I need to adjust my config files for this scenario?
Also, I can use telnet to connect from one Matrix server to a Matrix port on another server, but the Matrix servers don't see each other. Any ideas why?
The text was updated successfully, but these errors were encountered: