diff --git a/example/images/matrix-element/Dockerfile b/example/images/matrix-element/Dockerfile index 570cb93..654f0b7 100644 --- a/example/images/matrix-element/Dockerfile +++ b/example/images/matrix-element/Dockerfile @@ -1,8 +1,7 @@ FROM nginxinc/nginx-unprivileged:alpine MAINTAINER Daniel Berteaud -ARG ELEMENT_VERSION=1.11.64 \ - SYNAPSE_ADMIN_VERSION=0.9.4 +ARG ELEMENT_VERSION=1.11.65 ENV ELEMENT_NGINX_BIND_ADDR=0.0.0.0 \ ELEMENT_NGINX_BIND_PORT=8710 @@ -14,10 +13,7 @@ RUN set -eux &&\ mkdir -p /opt/synapse-admin &&\ curl -sSL https://github.com/element-hq/element-web/releases/download/v${ELEMENT_VERSION}/element-v${ELEMENT_VERSION}.tar.gz |\ tar xvz -C /opt/element/ --strip-components 1 &&\ - curl -sSL https://github.com/Awesome-Technologies/synapse-admin/releases/download/${SYNAPSE_ADMIN_VERSION}/synapse-admin-${SYNAPSE_ADMIN_VERSION}.tar.gz |\ - tar xvz -C /opt/synapse-admin --strip-components 1 &&\ - rm -rf /opt/synapse-admin/data/* &&\ - chown -R root: /opt/element /opt/synapse-admin + chown -R root: /opt/element USER nginx EXPOSE ${ELEMENT_BIND_PORT} diff --git a/example/images/matrix-synapse/Dockerfile b/example/images/matrix-synapse/Dockerfile index e4085e5..6ba7215 100644 --- a/example/images/matrix-synapse/Dockerfile +++ b/example/images/matrix-synapse/Dockerfile @@ -2,7 +2,7 @@ FROM python:3.11-alpine AS builder -ARG SYNAPSE_VERSION=1.105.0 +ARG SYNAPSE_VERSION=1.105.1 RUN set -euxo pipefail &&\ apk --no-cache add \ diff --git a/example/matrix.nomad.hcl b/example/matrix.nomad.hcl index e64103c..3dc481b 100644 --- a/example/matrix.nomad.hcl +++ b/example/matrix.nomad.hcl @@ -60,7 +60,7 @@ job "matrix" { } tags = [ - "traefik.http.routers.matrix-admin.rule=Host(`matrix.consul`) && (PathPrefix(`/_admin/`) || PathPrefix(`/_synapse/admin`))", + "traefik.http.routers.matrix-admin.rule=Host(`matrix.consul`) && PathPrefix(`/_synapse/admin`)", "traefik.enable=true", "traefik.http.routers.matrix-admin.entrypoints=https", @@ -149,7 +149,7 @@ job "matrix" { leader = true config { - image = "danielberteaud/matrix-synapse:1.105.0-1" + image = "danielberteaud/matrix-synapse:1.105.1-1" pids_limit = 200 readonly_rootfs = true } @@ -326,7 +326,7 @@ _EOT driver = "docker" config { - image = "danielberteaud/matrix-element:1.11.64-3" + image = "danielberteaud/matrix-element:1.11.65-2" readonly_rootfs = true pids_limit = 100 volumes = [ diff --git a/images/matrix-element/Dockerfile b/images/matrix-element/Dockerfile index f848303..10d68d5 100644 --- a/images/matrix-element/Dockerfile +++ b/images/matrix-element/Dockerfile @@ -1,8 +1,7 @@ FROM nginxinc/nginx-unprivileged:alpine MAINTAINER [[ .docker.maintainer ]] -ARG ELEMENT_VERSION=[[ .matrix.element.version ]] \ - SYNAPSE_ADMIN_VERSION=[[ .matrix.synapse_admin.version ]] +ARG ELEMENT_VERSION=[[ .matrix.element.version ]] ENV ELEMENT_NGINX_BIND_ADDR=0.0.0.0 \ ELEMENT_NGINX_BIND_PORT=8710 @@ -14,10 +13,7 @@ RUN set -eux &&\ mkdir -p /opt/synapse-admin &&\ curl -sSL https://github.com/element-hq/element-web/releases/download/v${ELEMENT_VERSION}/element-v${ELEMENT_VERSION}.tar.gz |\ tar xvz -C /opt/element/ --strip-components 1 &&\ - curl -sSL https://github.com/Awesome-Technologies/synapse-admin/releases/download/${SYNAPSE_ADMIN_VERSION}/synapse-admin-${SYNAPSE_ADMIN_VERSION}.tar.gz |\ - tar xvz -C /opt/synapse-admin --strip-components 1 &&\ - rm -rf /opt/synapse-admin/data/* &&\ - chown -R root: /opt/element /opt/synapse-admin + chown -R root: /opt/element USER nginx EXPOSE ${ELEMENT_BIND_PORT} diff --git a/matrix.nomad.hcl b/matrix.nomad.hcl index 984985e..6d4e024 100644 --- a/matrix.nomad.hcl +++ b/matrix.nomad.hcl @@ -40,7 +40,7 @@ job "[[ .instance ]]" { tags = [ [[- $w := merge .matrix.nginx .matrix . ]] [[- $a := merge .matrix.nginx.admin $w ]] - "[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-admin[[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) && (PathPrefix(`/_admin/`) || PathPrefix(`/_synapse/admin`))", + "[[ $a.traefik.instance ]].http.routers.[[ .instance ]]-admin[[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) && PathPrefix(`/_synapse/admin`)", [[ template "common/traefik_tags" $a ]] "[[ $w.traefik.instance ]].http.routers.[[ .instance ]][[ .consul.suffix ]].rule=Host(`[[ (urlParse .matrix.public_url).Hostname ]]`) || (Host(`[[ .matrix.server_name ]]`) && PathRegexp(`^/(_(synapse|matrix)|\\.well-known/matrix)/.*`))", [[ template "common/traefik_tags" $w ]] diff --git a/variables.yml b/variables.yml index 29f422a..1afd6e5 100644 --- a/variables.yml +++ b/variables.yml @@ -25,7 +25,7 @@ matrix: synapse: # Version of synapse - version: 1.105.0 + version: 1.105.1 # The docker image to use image: '[[ .docker.repo ]]matrix-synapse:[[ .matrix.synapse.version ]]-1' @@ -110,16 +110,13 @@ matrix: # Note : element will be served by the nginx container, so all the image, resources etc. are set there element: map_style_url: https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx - version: 1.11.64 + version: 1.11.65 - synapse_admin: - version: 0.9.4 - # Nginx will servce static files (well-known, element, synapse-admin), and proxy requests to synapse nginx: # The image to use - image: '[[ .docker.repo ]]matrix-element:[[ .matrix.element.version ]]-3' + image: '[[ .docker.repo ]]matrix-element:[[ .matrix.element.version ]]-2' # Resource allocation resources: @@ -130,6 +127,8 @@ matrix: traefik: enabled: true + auto_rule: false + # Element will need some custom CSP csp: script-src: "'self' https://usercontent.riot.im https://scalar.vector.im" @@ -138,9 +137,7 @@ matrix: img-src: "'self' data: blob: https://img.youtube.com https://*.ytimg.com" frame-src: "'self' blob: https://scalar.vector.im/ https://meet.element.io" - auto_rule: false - - # Admin will apply to requests directed to /_admin/ (synapse-admin) and /_synapse/admin (admin API) + # Admin will apply to requests directed to /_synapse/admin (admin API) # so you can restrict it further admin: traefik: