matrix: Allow admin API access for wireguard connections Can be used together with synapse-admin [1] to manage synapse. [1]: https://github.com/Awesome-Technologies/synapse-admin
2 files changed, 14 insertions(+), 2 deletions(-) M roles/matrix/tasks/main.yml R roles/matrix/{files/matrix.conf => templates/matrix.conf.j2}
M roles/matrix/tasks/main.yml => roles/matrix/tasks/main.yml +2 -2
@@ 51,8 51,8 @@ state: started - name: Copy nginx conf ansible.builtin.copy: src: matrix.conf ansible.builtin.template: src: matrix.conf.j2 dest: /etc/nginx/nginx.d/matrix.conf owner: root group: root
R roles/matrix/files/matrix.conf => roles/matrix/templates/matrix.conf.j2 +12 -0
@@ 15,4 15,16 @@ server { client_max_body_size 50M; } location ~ ^(/_synapse/admin) { allow {{ wireguard_vpn_subnet }}; deny all; proxy_pass http://127.0.0.1:8008; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; client_max_body_size 50M; } }