need host_vars + trying ts container on network

matrix/additional-containers/docker-compose.yml

@@ -4,6 +4,8 @@ services:
     image: tailscale/tailscale:latest
     container_name: ts-matrix
     hostname: matrix
+    networks:
+      - traefik
     environment:
       - TS_AUTHKEY=${TAILSCALE_OAUTH_KEY}
       - TS_EXTRA_ARGS=--advertise-tags=${TAILSCALE_TAGS}
@@ -50,5 +52,3 @@ networks:
 volumes:
   ts-matrix-state:
     driver: local
-  postgres-data:
-    driver: local

matrix/ansible-playbook-config/inventory/host_vars/matrix.yourdomain/vars.yml

@@ -0,0 +1,74 @@
+---
+# The bare domain name which represents your Matrix identity.
+# Matrix user ids for your server will be of the form (`@user:<matrix-domain>`).
+#
+# Note: this playbook does not touch the server referenced here.
+# Installation happens on another server ("matrix.<matrix-domain>").
+#
+# If you've deployed using the wrong domain, you'll have to run the Uninstalling step,
+# because you can't change the Domain after deployment.
+#
+# Example value: example.com
+matrix_domain: "{{ vault_matrix_domain }}"
+
+# The Matrix homeserver software to install.
+# See:
+#  - `roles/custom/matrix-base/defaults/main.yml` for valid options
+# - the `docs/configuring-playbook-IMPLEMENTATION_NAME.md` documentation page, if one is available for your implementation choice
+matrix_homeserver_implementation: synapse
+
+# A secret used as a base, for generating various other secrets.
+# You can put any string here, but generating a strong one is preferred (e.g. `pwgen -s 64 1`).
+matrix_homeserver_generic_secret_key: "{{ vault_matrix_homeserver_generic_secret_key }}"
+
+# By default, the playbook manages its own Traefik (https://doc.traefik.io/traefik/) reverse-proxy server.
+# It will retrieve SSL certificates for you on-demand and forward requests to all other components.
+# For alternatives, see `docs/configuring-playbook-own-webserver.md`.
+matrix_playbook_reverse_proxy_type: other-traefik-container
+
+# Uncomment and adjust if your Traefik container is on another network
+matrix_playbook_reverse_proxy_container_network: traefik
+
+# Adjust to point to your Traefik container
+matrix_playbook_reverse_proxy_hostname: traefik
+
+devture_traefik_certs_dumper_ssl_dir_path: "/path/to/your/traefiks/acme.json/directory"
+
+# Uncomment and tweak the variable below if the name of your federation entrypoint is different
+# than the default value (matrix-federation).
+# matrix_federation_traefik_entrypoint_name: matrix-federation
+
+# This is something which is provided to Let's Encrypt when retrieving SSL certificates for domains.
+#
+# In case SSL renewal fails at some point, you'll also get an email notification there.
+#
+# If you decide to use another method for managing SSL certificates (different than the default Let's Encrypt),
+# you won't be required to define this variable (see `docs/configuring-playbook-ssl-certificates.md`).
+#
+# Example value: someone@example.com
+devture_traefik_config_certificatesResolvers_acme_email: ''
+
+# A Postgres password to use for the superuser Postgres user (called `matrix` by default).
+#
+# The playbook creates additional Postgres users and databases (one for each enabled service)
+# using this superuser account.
+devture_postgres_connection_password: "{{ vault_devture_postgres_connection_password }}"
+
+# By default, we configure Coturn's external IP address using the value specified for `ansible_host` in your `inventory/hosts` file.
+# If this value is an external IP address, you can skip this section.
+#
+# If `ansible_host` is not the server's external IP address, you have 2 choices:
+# 1. Uncomment the line below, to allow IP address auto-detection to happen (more on this below)
+# 2. Uncomment and adjust the line below to specify an IP address manually
+#
+# By default, auto-detection will be attempted using the `https://ifconfig.co/json` API.
+# Default values for this are specified in `matrix_coturn_turn_external_ip_address_auto_detection_*` variables in the Coturn role
+# (see `roles/custom/matrix-coturn/defaults/main.yml`).
+#
+# If your server has multiple IP addresses, you may define them in another variable which allows a list of addresses.
+# Example: `matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']`
+#
+# matrix_coturn_turn_external_ip_address: ''
+
+# No coturn needed for my own personal server
+matrix_coturn_enabled: false

matrix/ansible-playbook-config/inventory/host_vars/matrix.yourdomain/vault.yml.example

@@ -0,0 +1,3 @@
+vault_matrix_domain:
+vault_matrix_homeserver_generic_secret_key: 
+vault_devture_postgres_connection_password: