Ansible playbook that deploys prosody to a server. https://git.fennell.dev/xmpp-prosody-ansible-deploy/atom?h=master 2026-01-03T14:31:58Z 2026-01-03T14:31:58Z Matthew Fennell matthew@fennell.dev 2026-01-03T14:31:58Z urn:sha1:fa86d5476e8714e74a526046d86f0a2d6096293b This allows users who are registering using the invite webpage to register an account directly online, in case their desired client is not listed. I doubt this will ever be used, but without this module, the register manually link is broken in the invite page, and on the off chance it is used, I want to provide a good experience. 2026-01-03T14:27:07Z Matthew Fennell matthew@fennell.dev 2026-01-03T14:27:07Z urn:sha1:5aebdf5c72549adc87189021fd996269558e0543 While ensuring that all hosts are deployed to the chat subdomain, I applied the same logic to the invite pages too. However, this broke invites as prosody's HTTP module has a check which ensures that the page being served is on the same domain as the virtual host, meaning that invite pages hosted under the chat subdomain would receive a 404. So, serve invite pages from the domain itself (which is the default config in prosody). To do this, we must direct such requests from nginx too. 2026-01-02T14:31:17Z Matthew Fennell matthew@fennell.dev 2026-01-02T14:31:17Z urn:sha1:770db24aeec0d85cae8c0357c5a13468e8478cac A year is a little excessive. 2026-01-02T13:24:33Z Matthew Fennell matthew@fennell.dev 2026-01-02T13:24:33Z urn:sha1:32bada629f7b2371c91177af834769c9435f3229 I have two different kinds of servers - transport servers (which connect to legacy networks and have s2s disabled) and non-transport servers (which are XMPP-only and have s2s enabled). I previously had an is_transport_server boolean defined for each host in the inventory - however, this is duplicated information that can be derived from the length of the transports value (which lists the legacy networks to transport to). Transport servers have a non-empty transports list, while non-transport servers do not define the variable at all. So, handle this case in the playbook by deriving an empty list if the value is not present. 2026-01-02T01:17:03Z Matthew Fennell matthew@fennell.dev 2026-01-02T01:17:03Z urn:sha1:4daadd054bcaddff2ac9260b6cebcd31edc95da4 I use the playbook to deploy to three different domains. Before this commit, some instances were deployed to the root domain (e.g. example.org) and others were deployed to a subdomain (e.g. chat.example.org), so that other services/hosts could easily live at the root. I would now like to enforce that all instances live under the chat. subdomain. There is no real benefit to having this difference in deployments, having more consistency will make reasoning about the different instances easier and allow me to delete some extra variables, and it will also allow me to deploy separate services to the root domains in the future if needed. 2026-01-02T00:20:13Z Matthew Fennell matthew@fennell.dev 2026-01-02T00:20:13Z urn:sha1:66df8049eae4b3ec83467a81723b8b2d13f0b7ed When I first made this playbook, I was a little sceptical of -or-later licenses. However, I've come around to the idea over time. 2025-12-31T15:45:12Z Matthew Fennell matthew@fennell.dev 2025-12-31T15:45:12Z urn:sha1:67f5e1375ab6203a6191d4f18ed5ecedd174b757 I used to have separate admin@ and abuse@ accounts for each virtual host. I don't really need that separation, though, as I am the only admin, and no-one has ever contacted them anyway. So, set all admin accounts to the account I actually use and check every day anyway. 2025-10-28T05:02:09Z Matthew Fennell matthew@fennell.dev 2025-10-28T05:02:09Z urn:sha1:c00f152d8b4f83a100cd5bafb2c46694768fbe2e This is needed as the transports are by default treated as guests by prosody, and therefore unable to upload files without explicit permission. 2025-09-27T22:24:43Z Matthew Fennell matthew@fennell.dev 2025-09-27T22:24:43Z urn:sha1:f09d9f004f270fa39b56d39daa03419a54828838 The template worked fine for singleton lists, but it fails when adding another entry since there is no separator between the elements! Thankfully Lua has some nice syntax allowing you to use a semicolon as a separator, which doesn't by itself imply more than one element. 2025-09-21T21:13:14Z Matthew Fennell matthew@fennell.dev 2025-09-21T21:13:14Z urn:sha1:8342cee86a8195a898cfdff443156e53ad7ccbbe This commit allows transport servers to define the relevant components on the XMPP server. Transports are configured by adding the following config to the inventory's variables: transports: - subdomain: a-example-legacy-network secret: a-long-randomly-generated-secret - subdomain: another-example-legacy-network secret: another-long-randomly-generated-secret These are iterated over and a privileged component is created for each.