Fix matrix federation
Apparently this has been broken since like March... It seems communication over port 8448 is required for server-to-server comms, even if the client doesn't use it.
This commit is contained in:
parent
94e4592db6
commit
33fcf1a9e5
GPG key ID:
57AFB45680EDD477
5 changed files with 5 additions and 24 deletions
|
|
@ -6,11 +6,11 @@ maxretry = 100
|
||||||
filter = haproxy-basic
|
filter = haproxy-basic
|
||||||
backend = systemd
|
backend = systemd
|
||||||
journalmatch = _COMM=haproxy
|
journalmatch = _COMM=haproxy
|
||||||
port = http,https,{{ haproxy.exposed_ports | join(",") }}
|
port = http,https,8448
|
||||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }}
|
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }}
|
||||||
|
|
||||||
[traefik]
|
[traefik]
|
||||||
enabled = true
|
enabled = true
|
||||||
filter = haproxy-basic # Not actually used
|
filter = haproxy-basic # Not actually used
|
||||||
port = http,https,{{ haproxy.exposed_ports | join(",") }}
|
port = http,https,8448
|
||||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }}
|
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }}
|
||||||
|
|
|
||||||
|
|
@ -35,11 +35,7 @@ listen http
|
||||||
timeout server 10m
|
timeout server 10m
|
||||||
server default {{ wireguard.clients.ingress.ip }}:880 check
|
server default {{ wireguard.clients.ingress.ip }}:880 check
|
||||||
|
|
||||||
{% for port in haproxy.exposed_ports %}
|
listen matrix
|
||||||
|
bind *:8448
|
||||||
listen expose_{{ port }}
|
|
||||||
bind *:{{ port }}
|
|
||||||
mode tcp
|
mode tcp
|
||||||
server default {{ wireguard.clients.ingress.ip }}:{{ port }}
|
server default {{ wireguard.clients.ingress.ip }}:8443 send-proxy
|
||||||
|
|
||||||
{% endfor %}
|
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,6 @@ services:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.http.routers.synapse.rule=Host(`matrix.jakehoward.tech`)
|
- traefik.http.routers.synapse.rule=Host(`matrix.jakehoward.tech`)
|
||||||
- traefik.http.routers.synapse.tls.certresolver=le
|
- traefik.http.routers.synapse.tls.certresolver=le
|
||||||
- traefik.http.routers.synapse.entrypoints=web-secure,matrix
|
|
||||||
|
|
||||||
db:
|
db:
|
||||||
image: postgres:12-alpine
|
image: postgres:12-alpine
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,5 @@
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
tls-redirect:
|
|
||||||
redirectScheme:
|
|
||||||
scheme: https
|
|
||||||
compress:
|
compress:
|
||||||
compress: {}
|
compress: {}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -15,23 +15,12 @@ entryPoints:
|
||||||
address: :443
|
address: :443
|
||||||
http:
|
http:
|
||||||
middlewares:
|
middlewares:
|
||||||
- tls-redirect@file
|
|
||||||
- floc-block@file
|
- floc-block@file
|
||||||
proxyProtocol:
|
proxyProtocol:
|
||||||
trustedIPs:
|
trustedIPs:
|
||||||
- "{{ wireguard.cidr }}"
|
- "{{ wireguard.cidr }}"
|
||||||
- "{{ pve_hosts.internal_cidr }}"
|
- "{{ pve_hosts.internal_cidr }}"
|
||||||
- "{{ nebula.cidr }}"
|
- "{{ nebula.cidr }}"
|
||||||
matrix:
|
|
||||||
address: :8448
|
|
||||||
http:
|
|
||||||
middlewares:
|
|
||||||
- tls-redirect@file
|
|
||||||
proxyProtocol:
|
|
||||||
trustedIPs:
|
|
||||||
- "{{ wireguard.cidr }}"
|
|
||||||
- "{{ pve_hosts.internal_cidr }}"
|
|
||||||
- "{{ nebula.cidr }}"
|
|
||||||
traefik:
|
traefik:
|
||||||
address: "{{ private_ip }}:8080"
|
address: "{{ private_ip }}:8080"
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue