diff --git a/playbooks/elementweb.yml b/playbooks/elementweb.yml
new file mode 100644
index 0000000..7d2daec
--- /dev/null
+++ b/playbooks/elementweb.yml
@@ -0,0 +1,17 @@
+- name: Install Element Web.
+
+ hosts: elementweb
+
+ roles:
+ - role: podman
+ become: true
+ tags:
+ - always
+ - podman
+ - role: caddy
+ become: true
+ tags:
+ - always
+ - caddy
+ - role: elementweb
+ become: true
diff --git a/playbooks/matrix_elementweb.yml b/playbooks/matrix_elementweb.yml
deleted file mode 100644
index 216cd8a..0000000
--- a/playbooks/matrix_elementweb.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-
-- name: Install & configure Element Web
- hosts: matrix_elementweb
- roles:
- - docker
- - docker_cleanup
- - traefik
- - matrix_elementweb
diff --git a/roles/elementweb/defaults/main.yml b/roles/elementweb/defaults/main.yml
new file mode 100644
index 0000000..1d418ab
--- /dev/null
+++ b/roles/elementweb/defaults/main.yml
@@ -0,0 +1,38 @@
+elementweb_install_dir: "/opt/elementweb"
+
+elementweb_domain: element.example.com
+
+elementweb_containerimage: docker.io/vectorim/element-web
+# renovate: depName=docker.io/vectorim/element-web
+elementweb_image_tag: "v1.11.90"
+
+elementweb_selinux_level: "{{ omit }}"
+
+elementweb_memory_low: 32m
+elementweb_memory_high: 0
+elementweb_swap_max: -1
+
+# The homeserver URL and display name
+elementweb_base_url: "https://matrix.example.com"
+elementweb_servername: "example.com"
+
+# Controls whether Element shows the presence feature for all (empty list) or specific servers (key = value list with the key being the server url)
+elementweb_enable_presence_by_hs_url: []
+
+# Should users only be allowed to use this instance with the given matrix server?
+elementweb_disable_custom_urls: true
+
+# Should Element-Web disable guests? (without sign-in)
+elementweb_disable_guests: true
+
+# Should Element-Web disable 3PID login? (Login with Email etc)
+elementweb_disable_3pid_login: false
+
+# Integration Server URLs to use (see https://github.com/vector-im/element-web/blob/develop/docs/config.md)
+elementweb_integrations_ui_url: "https://scalar.vector.im/"
+elementweb_integrations_rest_url: "https://scalar.vector.im/api"
+elementweb_integrations_widgets_urls: ["https://scalar.vector.im/api"]
+elementweb_integrations_jitsi_widget_url: "https://scalar.vector.im/api/widgets/jitsi.html"
+
+# Element Web public room directory server(s)
+elementweb_roomdir_servers: ["matrix.org"]
diff --git a/roles/elementweb/handlers/main.yml b/roles/elementweb/handlers/main.yml
new file mode 100644
index 0000000..2dcada5
--- /dev/null
+++ b/roles/elementweb/handlers/main.yml
@@ -0,0 +1,14 @@
+- name: Apply new SELinux file context to filesystem.
+ ansible.builtin.command: "restorecon -irF {{ elementweb_install_dir }}"
+ become: true
+ listen: "elementweb selinux context changed"
+
+- name: Restart elementweb service.
+ ansible.builtin.systemd:
+ state: restarted
+ name: elementweb.service
+ daemon_reload: true
+ become: true
+ listen:
+ - "elementweb service changed"
+ - "elementweb selinux context changed"
diff --git a/roles/elementweb/meta/main.yml b/roles/elementweb/meta/main.yml
new file mode 100644
index 0000000..392a8fc
--- /dev/null
+++ b/roles/elementweb/meta/main.yml
@@ -0,0 +1,20 @@
+galaxy_info:
+ author: saibotk
+ description: Deploy element web with podman and systemd.
+
+ issue_tracker_url: https://git.sipsofcode.de/saibotk-de/infrastructure/issues
+
+ license: GPL-3.0-only
+
+ min_ansible_version: "2.10"
+
+ platforms:
+ - name: Fedora
+ versions:
+ - "41"
+
+ standalone: true
+
+ galaxy_tags: []
+
+dependencies: []
diff --git a/roles/elementweb/tasks/main.yml b/roles/elementweb/tasks/main.yml
new file mode 100644
index 0000000..21dd58d
--- /dev/null
+++ b/roles/elementweb/tasks/main.yml
@@ -0,0 +1,80 @@
+- name: Update default SELinux contexts
+ community.general.sefcontext:
+ target: "{{ item.target }}"
+ setype: "container_file_t"
+ selevel: "{{ item.selevel }}"
+ state: present
+ loop:
+ - target: "{{ elementweb_install_dir }}/config.json"
+ selevel: "{{ elementweb_selinux_level }}"
+ become: true
+ notify: "elementweb selinux context changed"
+
+- name: Create elementweb directories.
+ ansible.builtin.file:
+ path: "{{ elementweb_install_dir }}"
+ owner: "root"
+ group: "root"
+ mode: "0700"
+ state: directory
+ become: true
+
+- name: Stat elementweb config file.
+ ansible.builtin.stat:
+ path: "{{ elementweb_install_dir }}/config.json"
+ become: true
+ register: elementweb_stat_config
+
+- name: Add caddy config file.
+ block:
+ - name: Check caddy config dir.
+ ansible.builtin.stat:
+ path: "{{ caddy_install_dir }}/config"
+ become: true
+ register: caddy_stat_config_dir
+
+ - name: Template caddy config for elementweb.
+ ansible.builtin.template:
+ src: elementweb.caddy.j2
+ dest: "{{ caddy_install_dir }}/config/elementweb.caddy"
+ mode: "0600"
+ setype: "container_file_t"
+ selevel: "{{ caddy_selinux_level }}"
+ owner: "{{ caddy_stat_config_dir.stat.uid }}"
+ group: "{{ caddy_stat_config_dir.stat.gid }}"
+ notify: "caddy config changed"
+ become: true
+
+- name: Create elementweb container file.
+ ansible.builtin.template:
+ src: elementweb.container.j2
+ dest: /etc/containers/systemd/elementweb.container
+ owner: "root"
+ group: "root"
+ mode: "0644"
+ become: true
+ notify: "elementweb service changed"
+
+- name: Create elementweb config file.
+ ansible.builtin.template:
+ src: config.json.j2
+ dest: "{{ elementweb_install_dir }}/config.json"
+ setype: "container_file_t"
+ selevel: "{{ elementweb_selinux_level }}"
+ owner: "{{ elementweb_stat_config.stat.uid | default('root') }}"
+ group: "{{ elementweb_stat_config.stat.gid | default('root') }}"
+ mode: "0644"
+ become: true
+
+- name: Flush handlers
+ ansible.builtin.meta: flush_handlers
+
+- name: Ensure elementweb services are started and enabled.
+ ansible.builtin.systemd:
+ state: started
+ enabled: true
+ name: "{{ item }}"
+ daemon_reload: true
+ loop:
+ - elementweb.service
+ become: true
diff --git a/roles/elementweb/templates/config.json.j2 b/roles/elementweb/templates/config.json.j2
new file mode 100644
index 0000000..0fb4f8a
--- /dev/null
+++ b/roles/elementweb/templates/config.json.j2
@@ -0,0 +1,23 @@
+{
+ "default_server_config": {
+ "m.homeserver": {
+ "base_url": {{ elementweb_base_url | string | to_json }},
+ "server_name": {{ elementweb_servername | string | to_json }}
+ }
+ },
+ "disable_custom_urls": {{ elementweb_disable_custom_urls | to_json }},
+ "disable_3pid_login": {{ elementweb_disable_3pid_login | to_json }},
+ "disable_guests": {{ elementweb_disable_guests | to_json }},
+ "integrations_ui_url": {{ elementweb_integrations_ui_url | string | to_json }},
+ "integrations_rest_url": {{ elementweb_integrations_rest_url | string | to_json }},
+ "integrations_widgets_urls": {{ elementweb_integrations_widgets_urls | to_json }},
+ "integrations_jitsi_widget_url": {{ elementweb_integrations_jitsi_widget_url | string | to_json }},
+ "bug_report_endpoint_url": "https://element.io/bugreports/submit",
+ "showLabsSettings": true,
+{% if elementweb_enable_presence_by_hs_url %}
+ "enable_presence_by_hs_url": {{ elementweb_enable_presence_by_hs_url | to_json }},
+{% endif %}
+ "roomDirectory": {
+ "servers": {{ elementweb_roomdir_servers | to_json }}
+ }
+}
diff --git a/roles/elementweb/templates/elementweb.caddy.j2 b/roles/elementweb/templates/elementweb.caddy.j2
new file mode 100644
index 0000000..7e90db8
--- /dev/null
+++ b/roles/elementweb/templates/elementweb.caddy.j2
@@ -0,0 +1,24 @@
+{{ ansible_managed | comment }}
+
+{{ elementweb_domain }} {
+ encode gzip
+
+ header {
+ # enable HSTS
+ Strict-Transport-Security "max-age=31536000; preload;"
+
+ # disable clients from sniffing the media type
+ X-Content-Type-Options nosniff
+
+ # clickjacking protection
+ X-Frame-Options DENY
+
+ # keep referrer data off of HTTP connections
+ Referrer-Policy no-referrer-when-downgrade
+
+ # Server name removing
+ -Server
+ }
+
+ reverse_proxy elementweb:8000
+}
diff --git a/roles/elementweb/templates/elementweb.container.j2 b/roles/elementweb/templates/elementweb.container.j2
new file mode 100644
index 0000000..55685f9
--- /dev/null
+++ b/roles/elementweb/templates/elementweb.container.j2
@@ -0,0 +1,41 @@
+{{ ansible_managed | comment }}
+
+[Unit]
+Description = Element Web
+
+[Service]
+Restart = always
+RestartSec = 5s
+
+[Container]
+Image = {{ elementweb_containerimage }}:{{ elementweb_image_tag }}
+ContainerName = elementweb
+
+# AutoUpdate = registry
+LogDriver = journald
+
+ReadOnly = true
+NoNewPrivileges = true
+DropCapability = all
+AddCapability = DAC_OVERRIDE
+UserNS = auto:size=65535
+{% if elementweb_selinux_level != omit %}
+SecurityLabelLevel = {{ elementweb_selinux_level }}
+{% endif %}
+
+Network = caddy.network
+
+Environment = ELEMENT_WEB_PORT=8000
+
+Volume = {{ elementweb_install_dir }}/config.json:/app/config.json:ro,U
+
+Tmpfs = /var/cache/nginx:rw,noexec,nosuid,nodev,size=1m
+Tmpfs = /var/run:rw,noexec,nosuid,nodev,size=1m
+Tmpfs = /etc/nginx/conf.d:rw,noexec,nosuid,nodev,size=8m,mode=1770,U
+
+PodmanArgs = --memory={{ elementweb_memory_high }}
+PodmanArgs = --memory-swap={{ elementweb_swap_max }}
+PodmanArgs = --memory-reservation={{ elementweb_memory_low }}
+
+[Install]
+WantedBy = default.target
diff --git a/roles/matrix_elementweb/README.md b/roles/matrix_elementweb/README.md
deleted file mode 100644
index a0d05b4..0000000
--- a/roles/matrix_elementweb/README.md
+++ /dev/null
@@ -1,37 +0,0 @@
-Matrix-Elementweb
-=========
-
-This will setup a [Element Web](https://github.com/vector-im/element-web) instance using the official docker container and traefik as a reverse proxy.
-
-Requirements
-------------
-
-You will need to have docker, docker-compose and traefik installed or declared as dependencies with their respective roles.
-
-**This role assumes that you have setup traefik with an endpoint called `websecure`.**
-
-**You will also need to manually copy the appservice's registration file to your homeserver's directory and enable it in the config for this appservice to work!**
-
-Role Variables
---------------
-
-**Please look at the [defaults/main.yml](defaults/main.yml) for all available variables and their description.**
-
-**Note: Lines that are commented out via `#` are usually still valid/used variables, but they are not defined by default, so they might enable a feature, when uncommenting/defining them!**
-
-### Global variables, that are used:
-
-- `proxy_network`: Defined by the local traefik installation, this is the shared proxy network used by traefik to reach the containers. (optional)
-- `proxy_hiddenservice`: Defined by the local traefik installation, this is used to generate the alt-svc header for the alternative Tor domain. (optional)
-
-Dependencies
-------------
-
-- docker
-- docker-compose
-- traefik
-
-License
--------
-
-GPL-3.0-only
diff --git a/roles/matrix_elementweb/defaults/main.yml b/roles/matrix_elementweb/defaults/main.yml
deleted file mode 100644
index c83d15d..0000000
--- a/roles/matrix_elementweb/defaults/main.yml
+++ /dev/null
@@ -1,65 +0,0 @@
----
-# Default variables for the matrix_elementweb role
-
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-# The install location
-matrix_elementweb_install_location: /srv/matrix-elementweb
-
-# The location to store elementweb related data in
-matrix_elementweb_data_location: "{{ matrix_elementweb_install_location }}/data"
-
-# Under which domain should the service be reachable via traefik
-matrix_elementweb_domain: "element.example.com"
-
-# The certresolver that is used by traefik for this domain
-matrix_elementweb_traefik_certresolver: letsencrypt_http
-
-# renovate: depName=docker.io/vectorim/element-web
-matrix_elementweb_version: "v1.11.84"
-
-# Container versions
-matrix_elementweb_image_version: "{{ matrix_elementweb_version }}"
-
-# Enable or disable selinux handling
-matrix_elementweb_selinux_enabled: true
-
-# The homeserver URL and display name
-matrix_elementweb_base_url: "https://matrix.example.com"
-matrix_elementweb_servername: "example.com"
-
-# Controls whether Element shows the presence feature for all (empty list) or specific servers (key = value list with the key being the server url)
-matrix_elementweb_enable_presence_by_hs_url: []
-
-# Should users only be allowed to use this instance with the given matrix server?
-matrix_elementweb_disable_custom_urls: true
-
-# Should Element-Web disable guests? (without sign-in)
-matrix_elementweb_disable_guests: true
-
-# Should Element-Web disable 3PID login? (Login with Email etc)
-matrix_elementweb_disable_3pid_login: false
-
-# Integration Server URLs to use (see https://github.com/vector-im/element-web/blob/develop/docs/config.md)
-matrix_elementweb_integrations_ui_url: "https://scalar.vector.im/"
-matrix_elementweb_integrations_rest_url: "https://scalar.vector.im/api"
-matrix_elementweb_integrations_widgets_urls: ["https://scalar.vector.im/api"]
-matrix_elementweb_integrations_jitsi_widget_url: "https://scalar.vector.im/api/widgets/jitsi.html"
-
-# Element Web public room directory server(s)
-matrix_elementweb_roomdir_servers: ['matrix.org']
diff --git a/roles/matrix_elementweb/handlers/main.yml b/roles/matrix_elementweb/handlers/main.yml
deleted file mode 100644
index aeb9442..0000000
--- a/roles/matrix_elementweb/handlers/main.yml
+++ /dev/null
@@ -1,31 +0,0 @@
----
-# Handlers file for the matrix-elementweb role
-
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-- name: Restart matrix elementweb
- community.docker.docker_compose_v2:
- services:
- - elementweb
- state: restarted
- project_src: "{{ matrix_elementweb_install_location }}"
- tags:
- - docker
- - matrix
- - elementweb
- become: true
diff --git a/roles/matrix_elementweb/meta/main.yml b/roles/matrix_elementweb/meta/main.yml
deleted file mode 100644
index 3ac25f4..0000000
--- a/roles/matrix_elementweb/meta/main.yml
+++ /dev/null
@@ -1,44 +0,0 @@
-galaxy_info:
- author: saibotk
- description: "Deploys a elementweb server via docker using traefik."
- license: GPL-3.0-only
- min_ansible_version: "2.9"
- standalone: true
-
- platforms:
- - name: EL
- versions:
- - all
- - name: GenericUNIX
- versions:
- - all
- - name: Fedora
- versions:
- - all
- - name: opensuse
- versions:
- - all
- - name: GenericBSD
- versions:
- - all
- - name: FreeBSD
- versions:
- - all
- - name: Ubuntu
- versions:
- - all
- - name: SLES
- versions:
- - all
- - name: GenericLinux
- versions:
- - all
- - name: Debian
- versions:
- - all
-
- galaxy_tags: []
-
-dependencies:
- - role: docker
- - role: traefik
diff --git a/roles/matrix_elementweb/tasks/main.yml b/roles/matrix_elementweb/tasks/main.yml
deleted file mode 100644
index d76eefc..0000000
--- a/roles/matrix_elementweb/tasks/main.yml
+++ /dev/null
@@ -1,94 +0,0 @@
----
-# Tasks file for the matrix-elementweb role
-
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2019-2020 Christoph (Sheogorath) Kern
-# Copyright (C) 2019-2020 Alexander (w4tsn) Wellbrock
-# Copyright (C) 2020-2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-- name: Update default SELinux contexts
- community.general.sefcontext:
- target: "{{ item }}(/.*)?"
- setype: "container_file_t"
- state: present
- with_items:
- - "{{ matrix_elementweb_data_location }}"
- when:
- - matrix_elementweb_selinux_enabled
- become: true
-
-- name: Create install directory
- ansible.builtin.file:
- path: "{{ item }}"
- state: directory
- mode: "0700"
- owner: "root"
- group: "root"
- with_items:
- - "{{ matrix_elementweb_install_location }}"
- become: true
-
-- name: Create data directory
- ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own
- path: "{{ item }}"
- state: directory
- setype: "container_file_t"
- with_items:
- - "{{ matrix_elementweb_data_location }}"
- become: true
-
-- name: Deploy docker-compose.yml
- ansible.builtin.template:
- src: "docker-compose.yml"
- dest: "{{ matrix_elementweb_install_location }}/docker-compose.yml"
- mode: "0600"
- owner: "root"
- group: "root"
- validate: docker compose -f %s config -q
- tags:
- - matrix
- - elementweb
- become: true
-
-- name: Deploy elementweb config files
- ansible.builtin.template:
- src: "{{ item }}"
- dest: "{{ matrix_elementweb_data_location }}/{{ item }}"
- setype: "container_file_t"
- mode: "0644"
- owner: "991"
- group: "991"
- with_items:
- - "config.json"
- tags:
- - docker
- - matrix
- - elementweb
- notify: Restart matrix elementweb
- become: true
-
-- name: Compose matrix-elementweb
- community.docker.docker_compose_v2:
- state: present
- project_src: "{{ matrix_elementweb_install_location }}"
- pull: always
- remove_orphans: true
- tags:
- - docker
- - matrix
- - elementweb
- become: true
diff --git a/roles/matrix_elementweb/templates/config.json b/roles/matrix_elementweb/templates/config.json
deleted file mode 100644
index 6309b4d..0000000
--- a/roles/matrix_elementweb/templates/config.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
- "default_server_config": {
- "m.homeserver": {
- "base_url": {{ matrix_elementweb_base_url | string | to_json }},
- "server_name": {{ matrix_elementweb_servername | string | to_json }}
- }
- },
- "disable_custom_urls": {{ matrix_elementweb_disable_custom_urls | to_json }},
- "disable_3pid_login": {{ matrix_elementweb_disable_3pid_login | to_json }},
- "disable_guests": {{ matrix_elementweb_disable_guests | to_json }},
- "integrations_ui_url": {{ matrix_elementweb_integrations_ui_url | string | to_json }},
- "integrations_rest_url": {{ matrix_elementweb_integrations_rest_url | string | to_json }},
- "integrations_widgets_urls": {{ matrix_elementweb_integrations_widgets_urls | to_json }},
- "integrations_jitsi_widget_url": {{ matrix_elementweb_integrations_jitsi_widget_url | string | to_json }},
- "bug_report_endpoint_url": "https://element.io/bugreports/submit",
- "showLabsSettings": true,
-{% if matrix_elementweb_enable_presence_by_hs_url %}
- "enable_presence_by_hs_url": {{ matrix_elementweb_enable_presence_by_hs_url | to_json }},
-{% endif %}
- "roomDirectory": {
- "servers": {{ matrix_elementweb_roomdir_servers | to_json }}
- }
-}
diff --git a/roles/matrix_elementweb/templates/docker-compose.yml b/roles/matrix_elementweb/templates/docker-compose.yml
deleted file mode 100644
index e397ec8..0000000
--- a/roles/matrix_elementweb/templates/docker-compose.yml
+++ /dev/null
@@ -1,63 +0,0 @@
----
-# Infrastructure
-# Ansible instructions to deploy the infrastructure
-# Copyright (C) 2019-2020 Christoph (Sheogorath) Kern
-# Copyright (C) 2019-2020 Alexander (w4tsn) Wellbrock
-# Copyright (C) 2021 Saibotk
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see .
-#
-
-version: '2'
-services:
- elementweb:
- image: docker.io/vectorim/element-web:{{ matrix_elementweb_image_version }}
- mem_limit: 512mb
- memswap_limit: 768mb
- read_only: true
- security_opt:
- - no-new-privileges
- tmpfs:
- - "/var/cache/nginx:size=10M"
- - "/run:size=512K"
- - "/tmp:rw,noexec,nosuid,size=10M"
- labels:
- - "traefik.enable=true"
-
- - "traefik.http.routers.matrix-elementweb.rule=Host(`{{ matrix_elementweb_domain }}`) && PathPrefix(`/`)"
- - "traefik.http.routers.matrix-elementweb.entrypoints=websecure"
- - "traefik.http.routers.matrix-elementweb.tls.certresolver={{ matrix_elementweb_traefik_certresolver }}"
- - "traefik.http.routers.matrix-elementweb.middlewares=matrix-elementweb,compress"
- - "traefik.http.middlewares.matrix-elementweb.headers.sslredirect=true"
- - "traefik.http.middlewares.matrix-elementweb.headers.stsSeconds=63072000"
- - "traefik.http.middlewares.matrix-elementweb.headers.referrerPolicy=no-referrer"
-
-{% if proxy_network is defined %}
- - "traefik.docker.network={{ proxy_network }}"
-{% endif %}
-{% if proxy_hiddenservice is defined and proxy_hiddenservice.content is defined %}
- - "traefik.http.middlewares.matrix-elementweb.headers.customresponseheaders.alt-svc:h2={{ proxy_hiddenservice['content'] | b64decode | trim }}:443; ma=2592000"
-{% endif %}
- volumes:
- - "{{ matrix_elementweb_data_location }}/config.json:/app/config.json:ro"
-{% if proxy_network is defined %}
- networks:
- {{ proxy_network }}:
-{% endif %}
- restart: always
-
-{% if proxy_network is defined %}
-networks:
- {{ proxy_network }}:
- external: true
-{% endif %}