25 lines
1.2 KiB
YAML
25 lines
1.2 KiB
YAML
---
|
|
version: "3.8"
|
|
|
|
# Serve /.well-known/matrix/{server,client} on SERVER_NAME via Traefik, routed to
|
|
# the matrix nginx (`web`) — so server/client delegation works without hand-placing
|
|
# files on whatever else hosts SERVER_NAME.
|
|
#
|
|
# Enable when SERVER_NAME != DOMAIN (users are @alice:example.com, Synapse runs at
|
|
# matrix.example.com). The PathPrefix rule is more specific than a bare Host()
|
|
# router, and the explicit high priority guarantees it wins over any apex website
|
|
# that also serves Host(SERVER_NAME) — so the two coexist, the apex site keeps
|
|
# serving everything except /.well-known/matrix.
|
|
#
|
|
# Requires SERVER_NAME to resolve to this Traefik so ACME can issue its cert.
|
|
services:
|
|
web:
|
|
deploy:
|
|
labels:
|
|
- "traefik.http.routers.${STACK_NAME}-wellknown.rule=Host(`${SERVER_NAME}`) && PathPrefix(`/.well-known/matrix`)"
|
|
- "traefik.http.routers.${STACK_NAME}-wellknown.entrypoints=web-secure"
|
|
- "traefik.http.routers.${STACK_NAME}-wellknown.tls=true"
|
|
- "traefik.http.routers.${STACK_NAME}-wellknown.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
|
- "traefik.http.routers.${STACK_NAME}-wellknown.service=${STACK_NAME}"
|
|
- "traefik.http.routers.${STACK_NAME}-wellknown.priority=1000"
|