From 83b9908c9db03a29c0f2be8a8f972d3c3ba8c0be Mon Sep 17 00:00:00 2001 From: Markus <48181660+BackInBash@users.noreply.github.com> Date: Sat, 10 Jul 2021 14:09:08 +0200 Subject: [PATCH 01/82] Update to ma1sd v2.5.0 --- roles/matrix-ma1sd/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-ma1sd/defaults/main.yml b/roles/matrix-ma1sd/defaults/main.yml index 7ab0d15e2..036db4caa 100644 --- a/roles/matrix-ma1sd/defaults/main.yml +++ b/roles/matrix-ma1sd/defaults/main.yml @@ -7,9 +7,9 @@ matrix_ma1sd_container_image_self_build: false matrix_ma1sd_container_image_self_build_repo: "https://github.com/ma1uta/ma1sd.git" matrix_ma1sd_container_image_self_build_branch: "{{ matrix_ma1sd_version }}" -matrix_ma1sd_architecture: "amd64" +matrix_ma1sd_architecture: "" -matrix_ma1sd_version: "2.4.0" +matrix_ma1sd_version: "2.5.0" matrix_ma1sd_docker_image: "{{ matrix_ma1sd_docker_image_name_prefix }}ma1uta/ma1sd:{{ matrix_ma1sd_version }}-{{ matrix_ma1sd_architecture }}" matrix_ma1sd_docker_image_name_prefix: "{{ 'localhost/' if matrix_ma1sd_container_image_self_build else matrix_container_global_registry_prefix }}" From 5ddd7d9ea19f1d4d85767832249fc07c52b8cfc8 Mon Sep 17 00:00:00 2001 From: maximilianschmelzer <24356384+maximilianschmelzer@users.noreply.github.com> Date: Sat, 24 Jul 2021 13:12:32 +0200 Subject: [PATCH 02/82] Update configuring-well-known.md --- docs/configuring-well-known.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 2bedaeed8..27a4001cf 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -69,7 +69,7 @@ It is, however, **a little fragile**, as future updates performed by this playbo If you don't need the base domain (e.g. `example.com`) for anything else (hosting a website, etc.), you can point it to the Matrix server's IP address and tell the playbook to configure it. -This is the easiest way to set up well-known serving -- letting the playbook handle the whole base domain for you (including SSL certificates, etc.). However, if you need to use the base domain for other things (such as hosting some website, etc.), going with Option 1 or Option 2 might be more suitable. +This is the easiest way to set up well-known serving -- letting the playbook handle the whole base domain for you (including SSL certificates, etc.). However, if you need to use the base domain for other things (such as hosting some website, etc.), going with Option 1 or Option 3 might be more suitable. See [Serving the base domain](configuring-playbook-base-domain-serving.md) to learn how the playbook can help you set it up. From 03e8c75a3000faeee0b398a6830cc07a6b6edfa8 Mon Sep 17 00:00:00 2001 From: Hardy Erlinger Date: Sun, 25 Jul 2021 16:23:51 +0200 Subject: [PATCH 03/82] Restore authentication for Jitsi Meet. --- docs/configuring-playbook-jitsi.md | 2 +- roles/matrix-jitsi/templates/jicofo/env.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index 81ceb9fb2..ec3ab416c 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -129,7 +129,7 @@ Until this gets integrated into the playbook, we need to register new users / me Please SSH into your matrix host machine and execute the following command targeting the `matrix-jitsi-prosody` container: ```bash -docker exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register matrix-jitsi-web +docker exec matrix-jitsi-prosody prosodyctl --config /config/prosody.cfg.lua register meet.jitsi ``` Run this command for each user you would like to create, replacing `` and `` accordingly. After you've finished, please exit the host. diff --git a/roles/matrix-jitsi/templates/jicofo/env.j2 b/roles/matrix-jitsi/templates/jicofo/env.j2 index 3764d0564..687df714d 100644 --- a/roles/matrix-jitsi/templates/jicofo/env.j2 +++ b/roles/matrix-jitsi/templates/jicofo/env.j2 @@ -1,7 +1,7 @@ AUTH_TYPE={{ matrix_jitsi_auth_type }} BRIDGE_AVG_PARTICIPANT_STRESS BRIDGE_STRESS_THRESHOLD -ENABLE_AUTH +ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }} ENABLE_AUTO_OWNER ENABLE_CODEC_VP8 ENABLE_CODEC_VP9 From 012440c309c18a53dea6b362aea7fb8887bfe8cb Mon Sep 17 00:00:00 2001 From: Nate Date: Sun, 25 Jul 2021 14:16:37 -0700 Subject: [PATCH 04/82] Allow for self-building of reminder-bot --- .../defaults/main.yml | 5 +++++ .../tasks/setup_install.yml | 22 +++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml b/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml index 6a5a837eb..3e955673d 100644 --- a/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml +++ b/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml @@ -2,6 +2,11 @@ # See: https://github.com/anoadragon453/matrix-reminder-bot matrix_bot_matrix_reminder_bot_enabled: true + +matrix_bot_matrix_reminder_bot_container_self_build: false +matrix_bot_matrix_reminder_bot_docker_repo: "https://github.com/anoadragon453/matrix-reminder-bot.git" +matrix_bot_matrix_reminder_bot_docker_src_files_path: "{{ matrix_base_data_path }}/matrix-reminder-bot/docker-src" + matrix_bot_matrix_reminder_bot_version: release-v0.2.1 matrix_bot_matrix_reminder_bot_docker_image: "{{ matrix_container_global_registry_prefix }}anoa/matrix-reminder-bot:{{ matrix_bot_matrix_reminder_bot_version }}" matrix_bot_matrix_reminder_bot_docker_image_force_pull: "{{ matrix_bot_matrix_reminder_bot_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 195485e43..12d387540 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -37,6 +37,7 @@ - { path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true } - { path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true } - { path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true } + - { path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true} when: "item.when|bool" - name: Ensure matrix-reminder-bot image is pulled @@ -45,6 +46,27 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}" + when: "matrix_bot_matrix_reminder_bot_enabled|bool and not matrix_bot_matrix_reminder_bot_container_self_build|bool" + +- name: Ensure matrix-reminder-bot repository is present on self-build + git: + repo: "{{ matrix_bot_matrix_reminder_bot_docker_repo }}" + dest: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" + force: "yes" + register: matrix_bot_matrix_reminder_bot_git_pull_results + when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_container_self_build|bool" + +- name: Ensure matrix-reminder-bot image is built + docker_image: + name: "{{ matrix_bot_matrix_reminder_bot_docker_image }}" + source: build + force_source: "{{ matrix_bot_matrix_reminder_bot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" + build: + dockerfile: docker/Dockerfile + path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" + pull: yes + when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_container_self_build|bool" - name: Ensure matrix-reminder-bot config installed copy: From f5d6b01b9fc9129b4bffc73fd5a5a3236a32bb1d Mon Sep 17 00:00:00 2001 From: Nate Date: Sun, 25 Jul 2021 14:24:38 -0700 Subject: [PATCH 05/82] Updated group_vars to update self_build based on matrix_architecture --- group_vars/matrix_servers | 1 + 1 file changed, 1 insertion(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index be840e230..43cd9b2b5 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -811,6 +811,7 @@ matrix_bot_matrix_reminder_bot_systemd_required_services_list: | # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_matrix_reminder_bot_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_matrix_reminder_bot_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'reminder.bot.db') | to_uuid }}" +matrix_bot_matrix_reminder_bot_container_self_build: "{{ matrix_architecture != 'amd64' }}" ###################################################################### # From 49abe66f1dd5c3376324797e36645e32c243d4fc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Jul 2021 08:54:35 +0300 Subject: [PATCH 06/82] Remove unnecessary if condition All of `setup_install.yml` only runs if `matrix_bot_matrix_reminder_bot_enabled`, so it's not necessary to add that condition once again. --- .../matrix-bot-matrix-reminder-bot/tasks/setup_install.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml index 12d387540..dada8167e 100644 --- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml +++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml @@ -46,7 +46,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}" - when: "matrix_bot_matrix_reminder_bot_enabled|bool and not matrix_bot_matrix_reminder_bot_container_self_build|bool" + when: "not matrix_bot_matrix_reminder_bot_container_self_build|bool" - name: Ensure matrix-reminder-bot repository is present on self-build git: @@ -54,7 +54,7 @@ dest: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" force: "yes" register: matrix_bot_matrix_reminder_bot_git_pull_results - when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_container_self_build|bool" + when: "matrix_bot_matrix_reminder_bot_container_self_build|bool" - name: Ensure matrix-reminder-bot image is built docker_image: @@ -66,7 +66,7 @@ dockerfile: docker/Dockerfile path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}" pull: yes - when: "matrix_bot_matrix_reminder_bot_enabled|bool and matrix_bot_matrix_reminder_bot_container_self_build|bool" + when: "matrix_bot_matrix_reminder_bot_container_self_build|bool" - name: Ensure matrix-reminder-bot config installed copy: From 975a49be54b34aa523b1706bae5be2e3cb0e3f9e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 26 Jul 2021 08:56:35 +0300 Subject: [PATCH 07/82] Update docs/self-building.md --- docs/self-building.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/self-building.md b/docs/self-building.md index 50fef2a3e..3ab743f01 100644 --- a/docs/self-building.md +++ b/docs/self-building.md @@ -25,8 +25,10 @@ List of roles where self-building the Docker image is currently possible: - `matrix-bridge-mautrix-facebook` - `matrix-bridge-mautrix-hangouts` - `matrix-bridge-mautrix-telegram` +- `matrix-bridge-mautrix-signal` - `matrix-bridge-mx-puppet-skype` - `matrix-bot-mjolnir` +- `matrix-bot-matrix-reminder-bot` Adding self-building support to other roles is welcome. Feel free to contribute! From 67db5a0024aee891a148a096cc960a64d6d9f873 Mon Sep 17 00:00:00 2001 From: Michael Collins Date: Tue, 27 Jul 2021 15:12:03 +0800 Subject: [PATCH 08/82] GoMatrixHosting v0.5.5 --- .../matrix-awx/tasks/set_variables_ma1sd.yml | 25 +++++-------------- .../tasks/set_variables_synapse.yml | 25 +++++++++++-------- 2 files changed, 20 insertions(+), 30 deletions(-) diff --git a/roles/matrix-awx/tasks/set_variables_ma1sd.yml b/roles/matrix-awx/tasks/set_variables_ma1sd.yml index 853d8c091..50aea14ca 100755 --- a/roles/matrix-awx/tasks/set_variables_ma1sd.yml +++ b/roles/matrix-awx/tasks/set_variables_ma1sd.yml @@ -29,12 +29,7 @@ insertafter: '# Synapse Extension Start' with_dict: 'matrix_synapse_ext_password_provider_rest_auth_enabled': 'true' - 'matrix_synapse_ext_password_provider_rest_auth_endpoint': 'http://matrix-ma1sd:8090' - when: ext_matrix_ma1sd_auth_store == 'LDAP/AD' - -- name: Strip header from ma1sd configuration extension if using internal auth - set_fact: - ext_matrix_ma1sd_configuration_extension_yaml_parsed: "{{ ext_matrix_ma1sd_configuration_extension_yaml.splitlines() | reject('search', '^matrix_client_element_configuration_extension_json:') | list }}" + 'matrix_synapse_ext_password_provider_rest_auth_endpoint': '"http://matrix-ma1sd:8090"' when: ext_matrix_ma1sd_auth_store == 'LDAP/AD' - name: Remove entire ma1sd configuration extension @@ -52,22 +47,13 @@ regexp: '^# Start ma1sd Extension# End ma1sd Extension' replace: '# Start ma1sd Extension\n# End ma1sd Extension' -- name: Insert ma1sd configuration extension header if using external LDAP/AD with ma1sd +- name: Insert/Update ma1sd configuration extension variables delegate_to: 127.0.0.1 - lineinfile: + blockinfile: path: '{{ awx_cached_matrix_vars }}' - line: "matrix_ma1sd_configuration_extension_yaml: |" + marker: "# {mark} ma1sd ANSIBLE MANAGED BLOCK" insertafter: '# Start ma1sd Extension' - when: ext_matrix_ma1sd_auth_store == 'LDAP/AD' - -- name: Set ma1sd configuration extension if using external LDAP/AD with ma1sd - delegate_to: 127.0.0.1 - lineinfile: - path: '{{ awx_cached_matrix_vars }}' - insertbefore: '# End ma1sd Extension' - line: '{{ item }}' - with_items: "{{ ext_matrix_ma1sd_configuration_extension_yaml_parsed }}" - when: ext_matrix_ma1sd_auth_store == 'LDAP/AD' + block: '{{ ext_matrix_ma1sd_configuration_extension_yaml }}' - name: Record ma1sd Custom variables locally on AWX delegate_to: 127.0.0.1 @@ -79,6 +65,7 @@ with_dict: 'ext_matrix_ma1sd_auth_store': '{{ ext_matrix_ma1sd_auth_store }}' 'ext_matrix_ma1sd_configuration_extension_yaml': '{{ ext_matrix_ma1sd_configuration_extension_yaml.splitlines() | to_json }}' + no_log: True - name: Save new 'Configure ma1sd' survey.json to the AWX tower, template delegate_to: 127.0.0.1 diff --git a/roles/matrix-awx/tasks/set_variables_synapse.yml b/roles/matrix-awx/tasks/set_variables_synapse.yml index cd200f5f4..53d78081a 100755 --- a/roles/matrix-awx/tasks/set_variables_synapse.yml +++ b/roles/matrix-awx/tasks/set_variables_synapse.yml @@ -154,17 +154,6 @@ with_items: "{{ ext_federation_whitelist_raw.splitlines() }}" when: ext_federation_whitelist_raw|length > 0 -- name: Record Synapse Custom variables locally on AWX - delegate_to: 127.0.0.1 - lineinfile: - path: '{{ awx_cached_matrix_vars }}' - regexp: "^#? *{{ item.key | regex_escape() }}:" - line: "{{ item.key }}: {{ item.value }}" - insertafter: '# Custom Settings Start' - with_dict: - 'ext_federation_whitelist_raw': '{{ ext_federation_whitelist_raw.splitlines() | to_json }}' - 'ext_url_preview_accept_language_default': '{{ ext_url_preview_accept_language_default.splitlines() | to_json }}' - - name: Set ext_recaptcha_public_key to a 'public-key' if undefined set_fact: ext_recaptcha_public_key="public-key" when: (ext_recaptcha_public_key is not defined) or (ext_recaptcha_public_key|length == 0) @@ -185,6 +174,20 @@ ' recaptcha_public_key': '{{ ext_recaptcha_public_key }}' ' recaptcha_private_key': '{{ ext_recaptcha_private_key }}' +- name: Record Synapse Custom variables locally on AWX + delegate_to: 127.0.0.1 + lineinfile: + path: '{{ awx_cached_matrix_vars }}' + regexp: "^#? *{{ item.key | regex_escape() }}:" + line: "{{ item.key }}: {{ item.value }}" + insertafter: '# Custom Settings Start' + with_dict: + 'ext_federation_whitelist_raw': '{{ ext_federation_whitelist_raw.splitlines() | to_json }}' + 'ext_url_preview_accept_language_default': '{{ ext_url_preview_accept_language_default.splitlines() | to_json }}' + 'ext_enable_registration_captcha': '{{ ext_enable_registration_captcha }}' + 'ext_recaptcha_public_key': '"{{ ext_recaptcha_public_key }}"' + 'ext_recaptcha_private_key': '"{{ ext_recaptcha_private_key }}"' + - name: Save new 'Configure Synapse' survey.json to the AWX tower, template delegate_to: 127.0.0.1 template: From 676101e9995d57d4c5311f3271ab233733cabec3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 28 Jul 2021 11:08:50 +0300 Subject: [PATCH 09/82] Minor fixups for ma1sd 2.5.0 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1171 --- group_vars/matrix_servers | 12 +----------- roles/matrix-ma1sd/defaults/main.yml | 4 +--- roles/matrix-ma1sd/tasks/validate_config.yml | 1 + 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 931207d2e..349e1eba0 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1117,17 +1117,7 @@ matrix_mailer_container_image_self_build: "{{ matrix_architecture != 'amd64'}}" # If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this. matrix_ma1sd_enabled: true -# There's no prebuilt ma1sd image for the `arm32` architecture. -# We're relying on self-building there. -matrix_ma1sd_architecture: "{{ - { - 'amd64': 'amd64', - 'arm32': 'arm32', - 'arm64': 'arm64', - }[matrix_architecture] -}}" - -matrix_ma1sd_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}" +matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" # Normally, matrix-nginx-proxy is enabled and nginx can reach ma1sd over the container network. # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose diff --git a/roles/matrix-ma1sd/defaults/main.yml b/roles/matrix-ma1sd/defaults/main.yml index 036db4caa..f91189f59 100644 --- a/roles/matrix-ma1sd/defaults/main.yml +++ b/roles/matrix-ma1sd/defaults/main.yml @@ -7,11 +7,9 @@ matrix_ma1sd_container_image_self_build: false matrix_ma1sd_container_image_self_build_repo: "https://github.com/ma1uta/ma1sd.git" matrix_ma1sd_container_image_self_build_branch: "{{ matrix_ma1sd_version }}" -matrix_ma1sd_architecture: "" - matrix_ma1sd_version: "2.5.0" -matrix_ma1sd_docker_image: "{{ matrix_ma1sd_docker_image_name_prefix }}ma1uta/ma1sd:{{ matrix_ma1sd_version }}-{{ matrix_ma1sd_architecture }}" +matrix_ma1sd_docker_image: "{{ matrix_ma1sd_docker_image_name_prefix }}ma1uta/ma1sd:{{ matrix_ma1sd_version }}" matrix_ma1sd_docker_image_name_prefix: "{{ 'localhost/' if matrix_ma1sd_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_ma1sd_docker_image_force_pull: "{{ matrix_ma1sd_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-ma1sd/tasks/validate_config.yml b/roles/matrix-ma1sd/tasks/validate_config.yml index 4ca25e7ec..4f80b1548 100644 --- a/roles/matrix-ma1sd/tasks/validate_config.yml +++ b/roles/matrix-ma1sd/tasks/validate_config.yml @@ -28,6 +28,7 @@ - 'matrix_ma1sd_ldap_auth_filter' - 'matrix_ma1sd_ldap_directory_filter' - 'matrix_ma1sd_template_config' + - 'matrix_ma1sd_architecture' - name: Ensure ma1sd configuration does not contain any dot-notation keys fail: From 179775b92db59cdde6a87c9944cbe6e58d14acc3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 29 Jul 2021 18:51:22 +0300 Subject: [PATCH 10/82] Upgrade Synapse (1.38.1 -> 1.39.0) --- roles/matrix-synapse/defaults/main.yml | 4 +- .../templates/synapse/homeserver.yaml.j2 | 103 ------------------ 2 files changed, 2 insertions(+), 105 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 7b4d8f447..628ea431f 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont # amd64 gets released first. # arm32 relies on self-building, so the same version can be built immediately. # arm64 users need to wait for a prebuilt image to become available. -matrix_synapse_version: v1.38.1 -matrix_synapse_version_arm64: v1.38.1 +matrix_synapse_version: v1.39.0 +matrix_synapse_version_arm64: v1.39.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index f3d0734b5..f184cc298 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1314,91 +1314,6 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json #auto_join_rooms_for_guests: false -## Account Validity ## - -# Optional account validity configuration. This allows for accounts to be denied -# any request after a given period. -# -# Once this feature is enabled, Synapse will look for registered users without an -# expiration date at startup and will add one to every account it found using the -# current settings at that time. -# This means that, if a validity period is set, and Synapse is restarted (it will -# then derive an expiration date from the current validity period), and some time -# after that the validity period changes and Synapse is restarted, the users' -# expiration dates won't be updated unless their account is manually renewed. This -# date will be randomly selected within a range [now + period - d ; now + period], -# where d is equal to 10% of the validity period. -# -account_validity: - # The account validity feature is disabled by default. Uncomment the - # following line to enable it. - # - #enabled: true - - # The period after which an account is valid after its registration. When - # renewing the account, its validity period will be extended by this amount - # of time. This parameter is required when using the account validity - # feature. - # - #period: 6w - - # The amount of time before an account's expiry date at which Synapse will - # send an email to the account's email address with a renewal link. By - # default, no such emails are sent. - # - # If you enable this setting, you will also need to fill out the 'email' and - # 'public_baseurl' configuration sections. - # - #renew_at: 1w - - # The subject of the email sent out with the renewal link. '%(app)s' can be - # used as a placeholder for the 'app_name' parameter from the 'email' - # section. - # - # Note that the placeholder must be written '%(app)s', including the - # trailing 's'. - # - # If this is not set, a default value is used. - # - #renew_email_subject: "Renew your %(app)s account" - - # Directory in which Synapse will try to find templates for the HTML files to - # serve to the user when trying to renew an account. If not set, default - # templates from within the Synapse package will be used. - # - # The currently available templates are: - # - # * account_renewed.html: Displayed to the user after they have successfully - # renewed their account. - # - # * account_previously_renewed.html: Displayed to the user if they attempt to - # renew their account with a token that is valid, but that has already - # been used. In this case the account is not renewed again. - # - # * invalid_token.html: Displayed to the user when they try to renew an account - # with an unknown or invalid renewal token. - # - # See https://github.com/matrix-org/synapse/tree/master/synapse/res/templates for - # default template contents. - # - # The file name of some of these templates can be configured below for legacy - # reasons. - # - #template_dir: "res/templates" - - # A custom file name for the 'account_renewed.html' template. - # - # If not set, the file is assumed to be named "account_renewed.html". - # - #account_renewed_html_path: "account_renewed.html" - - # A custom file name for the 'invalid_token.html' template. - # - # If not set, the file is assumed to be named "invalid_token.html". - # - #invalid_token_html_path: "invalid_token.html" - - ## Metrics ### # Enable collection and rendering of performance metrics @@ -2710,11 +2625,6 @@ stats: # #enabled: false - # The size of each timeslice in the room_stats_historical and - # user_stats_historical tables, as a time period. Defaults to "1d". - # - #bucket_size: 1h - # Server Notices room configuration # @@ -2807,19 +2717,6 @@ alias_creation_rules: {{ matrix_synapse_alias_creation_rules|to_json }} room_list_publication_rules: {{ matrix_synapse_room_list_publication_rules|to_json }} -# Server admins can define a Python module that implements extra rules for -# allowing or denying incoming events. In order to work, this module needs to -# override the methods defined in synapse/events/third_party_rules.py. -# -# This feature is designed to be used in closed federations only, where each -# participating server enforces the same rules. -# -#third_party_event_rules: -# module: "my_custom_project.SuperRulesSet" -# config: -# example_option: 'things' - - ## Opentracing ## # These settings enable opentracing, which implements distributed tracing. From dca876a8f064d00d8c6235d3eea231f931663483 Mon Sep 17 00:00:00 2001 From: 0xLAITH <61520996+0xLAITH@users.noreply.github.com> Date: Sun, 1 Aug 2021 19:34:54 +0000 Subject: [PATCH 11/82] Update howto-server-delegation.md The attached code for the "Serving the Federation API with your certificates and matrix-nginx-proxy" section suggests using the matrix. certificate for the federation API as opposed to the necessary certificate for the federation to work. This can cause some confusion to readers. --- docs/howto-server-delegation.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/howto-server-delegation.md b/docs/howto-server-delegation.md index b89bd2f22..e9ca5bde6 100644 --- a/docs/howto-server-delegation.md +++ b/docs/howto-server-delegation.md @@ -82,8 +82,8 @@ Based on your setup, you have different ways to go about it: # # NOTE: these are in-container paths. `/matrix/ssl` on the host is mounted into the container # at the same path (`/matrix/ssl`) by default, so if that's the path you need, it would be seamless. -matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate: /matrix/ssl/config/live/matrix./fullchain.pem -matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate_key: /matrix/ssl/config/live/matrix./privkey.pem +matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate: /matrix/ssl/config/live//fullchain.pem +matrix_nginx_proxy_proxy_matrix_federation_api_ssl_certificate_key: /matrix/ssl/config/live//privkey.pem ``` If your files are not in `/matrix/ssl` but in some other location, you would need to mount them into the container: From 519eef9e4b7c33948d070aa8eada3641d53cf911 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 2 Aug 2021 10:08:24 +0300 Subject: [PATCH 12/82] Remove unnecessary argument from Postgres import command The default of using the `matrix` database is better anyway. --- docs/importing-postgres.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/importing-postgres.md b/docs/importing-postgres.md index b905ba7b7..84347b573 100644 --- a/docs/importing-postgres.md +++ b/docs/importing-postgres.md @@ -23,7 +23,7 @@ To import, run this command (make sure to replace ` Date: Wed, 4 Aug 2021 09:09:27 +0300 Subject: [PATCH 13/82] Upgrade Element (1.7.33 -> 1.7.34) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 5cf2e5b03..dd649ffdf 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -3,7 +3,7 @@ matrix_client_element_enabled: true matrix_client_element_container_image_self_build: false matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git" -matrix_client_element_version: v1.7.33 +matrix_client_element_version: v1.7.34 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From a68ac9cb4ff3a5f9da4e844ded4cfa3ebdb0b151 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 4 Aug 2021 14:44:47 +0300 Subject: [PATCH 14/82] Split install/uninstall tasks in matrix-email2matrix --- roles/matrix-email2matrix/tasks/main.yml | 10 ++- .../tasks/setup_email2matrix.yml | 88 ------------------- .../tasks/setup_install.yml | 39 ++++++++ .../tasks/setup_uninstall.yml | 35 ++++++++ 4 files changed, 82 insertions(+), 90 deletions(-) delete mode 100644 roles/matrix-email2matrix/tasks/setup_email2matrix.yml create mode 100644 roles/matrix-email2matrix/tasks/setup_install.yml create mode 100644 roles/matrix-email2matrix/tasks/setup_uninstall.yml diff --git a/roles/matrix-email2matrix/tasks/main.yml b/roles/matrix-email2matrix/tasks/main.yml index 231146730..77be72790 100644 --- a/roles/matrix-email2matrix/tasks/main.yml +++ b/roles/matrix-email2matrix/tasks/main.yml @@ -8,8 +8,14 @@ - setup-all - setup-email2matrix -- import_tasks: "{{ role_path }}/tasks/setup_email2matrix.yml" - when: run_setup|bool +- import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup|bool and matrix_email2matrix_enabled|bool" + tags: + - setup-all + - setup-email2matrix + +- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup|bool and not matrix_email2matrix_enabled|bool" tags: - setup-all - setup-email2matrix diff --git a/roles/matrix-email2matrix/tasks/setup_email2matrix.yml b/roles/matrix-email2matrix/tasks/setup_email2matrix.yml deleted file mode 100644 index d5fa73a51..000000000 --- a/roles/matrix-email2matrix/tasks/setup_email2matrix.yml +++ /dev/null @@ -1,88 +0,0 @@ ---- - -# -# Tasks related to setting up Email2Matrix -# - -- name: Ensure Email2Matrix paths exist - file: - path: "{{ item }}" - state: directory - mode: 0750 - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - with_items: - - "{{ matrix_email2matrix_base_path }}" - - "{{ matrix_email2matrix_config_dir_path }}" - when: matrix_email2matrix_enabled|bool - -- name: Ensure Email2Matrix configuration file created - template: - src: "{{ role_path }}/templates/config.json.j2" - dest: "{{ matrix_email2matrix_config_dir_path }}/config.json" - owner: "{{ matrix_user_username }}" - group: "{{ matrix_user_groupname }}" - mode: 0640 - when: matrix_email2matrix_enabled|bool - -- name: Ensure Email2Matrix image is pulled - docker_image: - name: "{{ matrix_email2matrix_docker_image }}" - source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_email2matrix_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_email2matrix_docker_image_force_pull }}" - when: matrix_email2matrix_enabled|bool - -- name: Ensure matrix-email2matrix.service installed - template: - src: "{{ role_path }}/templates/systemd/matrix-email2matrix.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-email2matrix.service" - mode: 0644 - register: matrix_email2matrix_systemd_service_result - when: matrix_email2matrix_enabled|bool - -- name: Ensure systemd reloaded after matrix-email2matrix.service installation - service: - daemon_reload: yes - when: "matrix_email2matrix_enabled|bool and matrix_email2matrix_systemd_service_result.changed" - -# -# Tasks related to getting rid of the Email2Matrix (if it was previously enabled) -# - -- name: Check existence of matrix-email2matrix service - stat: - path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" - register: matrix_email2matrix_service_stat - when: "not matrix_email2matrix_enabled|bool" - -- name: Ensure matrix-email2matrix is stopped - service: - name: matrix-email2matrix - state: stopped - daemon_reload: yes - register: stopping_result - when: "not matrix_email2matrix_enabled|bool and matrix_email2matrix_service_stat.stat.exists" - -- name: Ensure matrix-email2matrix.service doesn't exist - file: - path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" - state: absent - when: "not matrix_email2matrix_enabled|bool and matrix_email2matrix_service_stat.stat.exists" - -- name: Ensure systemd reloaded after matrix-email2matrix.service removal - service: - daemon_reload: yes - when: "not matrix_email2matrix_enabled|bool and matrix_email2matrix_service_stat.stat.exists" - -- name: Ensure Email2Matrix data path doesn't exist - file: - path: "{{ matrix_email2matrix_base_path }}" - state: absent - when: "not matrix_email2matrix_enabled|bool" - -- name: Ensure Email2Matrix Docker image doesn't exist - docker_image: - name: "{{ matrix_email2matrix_docker_image }}" - state: absent - when: "not matrix_email2matrix_enabled|bool" diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/matrix-email2matrix/tasks/setup_install.yml new file mode 100644 index 000000000..a167911f2 --- /dev/null +++ b/roles/matrix-email2matrix/tasks/setup_install.yml @@ -0,0 +1,39 @@ +--- + +- name: Ensure Email2Matrix paths exist + file: + path: "{{ item }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - "{{ matrix_email2matrix_base_path }}" + - "{{ matrix_email2matrix_config_dir_path }}" + +- name: Ensure Email2Matrix configuration file created + template: + src: "{{ role_path }}/templates/config.json.j2" + dest: "{{ matrix_email2matrix_config_dir_path }}/config.json" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure Email2Matrix image is pulled + docker_image: + name: "{{ matrix_email2matrix_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_email2matrix_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_email2matrix_docker_image_force_pull }}" + +- name: Ensure matrix-email2matrix.service installed + template: + src: "{{ role_path }}/templates/systemd/matrix-email2matrix.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + mode: 0644 + register: matrix_email2matrix_systemd_service_result + +- name: Ensure systemd reloaded after matrix-email2matrix.service installation + service: + daemon_reload: yes + when: "matrix_email2matrix_systemd_service_result.changed|bool" diff --git a/roles/matrix-email2matrix/tasks/setup_uninstall.yml b/roles/matrix-email2matrix/tasks/setup_uninstall.yml new file mode 100644 index 000000000..b0b44cca6 --- /dev/null +++ b/roles/matrix-email2matrix/tasks/setup_uninstall.yml @@ -0,0 +1,35 @@ +--- + +- name: Check existence of matrix-email2matrix service + stat: + path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + register: matrix_email2matrix_service_stat + +- name: Ensure matrix-email2matrix is stopped + service: + name: matrix-email2matrix + state: stopped + daemon_reload: yes + register: stopping_result + when: "matrix_email2matrix_service_stat.stat.exists|bool" + +- name: Ensure matrix-email2matrix.service doesn't exist + file: + path: "{{ matrix_systemd_path }}/matrix-email2matrix.service" + state: absent + when: "matrix_email2matrix_service_stat.stat.exists|bool" + +- name: Ensure systemd reloaded after matrix-email2matrix.service removal + service: + daemon_reload: yes + when: "matrix_email2matrix_service_stat.stat.exists|bool" + +- name: Ensure Email2Matrix data path doesn't exist + file: + path: "{{ matrix_email2matrix_base_path }}" + state: absent + +- name: Ensure Email2Matrix Docker image doesn't exist + docker_image: + name: "{{ matrix_email2matrix_docker_image }}" + state: absent From 2697590d28c71dfba644b5de8e2141fbd8d00496 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 4 Aug 2021 14:51:15 +0300 Subject: [PATCH 15/82] Remove some useless if conditions --- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 8 ++++---- .../tasks/setup_install.yml | 6 +++--- .../tasks/setup_install.yml | 12 ++++++------ 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml index 4cfbde9ed..4f98635d7 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml @@ -40,7 +40,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}" - when: matrix_mautrix_facebook_enabled|bool and not matrix_mautrix_facebook_container_image_self_build + when: not matrix_mautrix_facebook_container_image_self_build - name: Ensure Mautrix Facebook paths exist file: @@ -63,7 +63,7 @@ # version: "{{ matrix_coturn_docker_image.split(':')[1] }}" force: "yes" register: matrix_mautrix_facebook_git_pull_results - when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build" + when: "matrix_mautrix_facebook_container_image_self_build|bool" - name: Ensure Mautrix Facebook Docker image is built docker_image: @@ -75,7 +75,7 @@ dockerfile: Dockerfile path: "{{ matrix_mautrix_facebook_docker_src_files_path }}" pull: yes - when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build|bool" + when: "matrix_mautrix_facebook_container_image_self_build|bool" - name: Check if an old database file already exists stat: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml index 14ae255f5..d5373134c 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml @@ -40,7 +40,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_hangouts_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_hangouts_docker_image_force_pull }}" - when: matrix_mautrix_hangouts_enabled|bool and not matrix_mautrix_hangouts_container_image_self_build + when: not matrix_mautrix_hangouts_container_image_self_build - name: Ensure Mautrix Hangouts paths exist file: @@ -54,7 +54,7 @@ - { path: "{{ matrix_mautrix_hangouts_config_path }}", when: true } - { path: "{{ matrix_mautrix_hangouts_data_path }}", when: true } - { path: "{{ matrix_mautrix_hangouts_docker_src_files_path }}", when: "{{ matrix_mautrix_hangouts_container_image_self_build }}" } - when: matrix_mautrix_hangouts_enabled|bool and item.when|bool + when: "item.when|bool" - name: Ensure Mautrix Hangots repository is present on self build git: @@ -62,7 +62,7 @@ dest: "{{ matrix_mautrix_hangouts_docker_src_files_path }}" force: "yes" register: matrix_mautrix_hangouts_git_pull_results - when: "matrix_mautrix_hangouts_enabled|bool and matrix_mautrix_hangouts_container_image_self_build|bool" + when: "matrix_mautrix_hangouts_container_image_self_build|bool" - name: Ensure Mautrix Hangouts Docker image is built docker_image: @@ -74,7 +74,7 @@ dockerfile: Dockerfile path: "{{ matrix_mautrix_hangouts_docker_src_files_path }}" pull: yes - when: "matrix_mautrix_hangouts_enabled|bool and matrix_mautrix_hangouts_container_image_self_build|bool" + when: "matrix_mautrix_hangouts_container_image_self_build|bool" - name: Check if an old database file already exists stat: diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml index 604742309..38a7f62ef 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml @@ -13,7 +13,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_instagram_docker_image_force_pull }}" - when: matrix_mautrix_instagram_enabled|bool and not matrix_mautrix_instagram_container_image_self_build + when: not matrix_mautrix_instagram_container_image_self_build - name: Ensure Mautrix instagram paths exist file: @@ -38,7 +38,7 @@ dest: "{{ matrix_mautrix_instagram_docker_src_files_path }}" force: "yes" register: matrix_mautrix_instagram_git_pull_results - when: "matrix_mautrix_instagram_enabled|bool and matrix_mautrix_instagram_container_image_self_build" + when: "matrix_mautrix_instagram_container_image_self_build|bool" - name: Ensure Mautrix instagram Docker image is built docker_image: @@ -50,7 +50,7 @@ dockerfile: Dockerfile path: "{{ matrix_mautrix_instagram_docker_src_files_path }}" pull: yes - when: "matrix_mautrix_instagram_enabled|bool and matrix_mautrix_instagram_container_image_self_build|bool" + when: "matrix_mautrix_instagram_container_image_self_build|bool" - name: Ensure mautrix-instagram config.yaml installed copy: diff --git a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml index 551092576..88710868c 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml @@ -14,7 +14,7 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}" - when: "matrix_mautrix_signal_enabled|bool and not matrix_mautrix_signal_container_self_build|bool" + when: "not matrix_mautrix_signal_container_self_build|bool" - name: Ensure Mautrix Signal repository is present on self-build @@ -23,7 +23,7 @@ dest: "{{ matrix_mautrix_signal_docker_src_files_path }}" force: "yes" register: matrix_mautrix_signal_git_pull_results - when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_container_self_build|bool" + when: "matrix_mautrix_signal_container_self_build|bool" - name: Ensure Mautrix Signal image is built docker_image: @@ -35,8 +35,8 @@ dockerfile: Dockerfile path: "{{ matrix_mautrix_signal_docker_src_files_path }}" pull: yes - when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_container_self_build|bool" - + when: "matrix_mautrix_signal_container_self_build|bool" + - name: Ensure Mautrix Signal Daemon image is pulled docker_image: @@ -53,7 +53,7 @@ dest: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}" force: "yes" register: matrix_mautrix_signal_daemon_git_pull_results - when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_daemon_container_self_build|bool" + when: "matrix_mautrix_signal_daemon_container_self_build|bool" - name: Ensure Mautrix Signal Daemon image is built docker_image: @@ -65,7 +65,7 @@ dockerfile: Dockerfile path: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}" pull: yes - when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_daemon_container_self_build|bool" + when: "matrix_mautrix_signal_daemon_container_self_build|bool" - name: Ensure Mautrix Signal paths exist file: From 421f85defa089cee619ac779d6f558f3b754cf86 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 4 Aug 2021 15:03:45 +0300 Subject: [PATCH 16/82] Add self-building support to matrix-email2matrix --- docs/self-building.md | 1 + group_vars/matrix_servers | 2 ++ roles/matrix-email2matrix/defaults/main.yml | 8 +++++- .../tasks/setup_install.yml | 28 +++++++++++++++++-- 4 files changed, 36 insertions(+), 3 deletions(-) diff --git a/docs/self-building.md b/docs/self-building.md index 3ab743f01..61f05c48d 100644 --- a/docs/self-building.md +++ b/docs/self-building.md @@ -29,6 +29,7 @@ List of roles where self-building the Docker image is currently possible: - `matrix-bridge-mx-puppet-skype` - `matrix-bot-mjolnir` - `matrix-bot-matrix-reminder-bot` +- `matrix-email2matrix` Adding self-building support to other roles is welcome. Feel free to contribute! diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a2ccd3f10..cc45042db 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1037,6 +1037,8 @@ matrix_dynamic_dns_enabled: false matrix_email2matrix_enabled: false +matrix_email2matrix_container_image_self_build: "{{ matrix_architecture != 'amd64' }}" + ###################################################################### # # /matrix-email2matrix diff --git a/roles/matrix-email2matrix/defaults/main.yml b/roles/matrix-email2matrix/defaults/main.yml index e6bfa0fe6..3dfabc1af 100644 --- a/roles/matrix-email2matrix/defaults/main.yml +++ b/roles/matrix-email2matrix/defaults/main.yml @@ -2,9 +2,15 @@ matrix_email2matrix_enabled: true matrix_email2matrix_base_path: "{{ matrix_base_data_path }}/email2matrix" matrix_email2matrix_config_dir_path: "{{ matrix_email2matrix_base_path }}/config" +matrix_email2matrix_docker_src_files_path: "{{ matrix_email2matrix_base_path }}/docker-src" + +matrix_email2matrix_container_image_self_build: false +matrix_email2matrix_container_image_self_build_repo: "https://github.com/devture/email2matrix.git" +matrix_email2matrix_container_image_self_build_branch: "{{ matrix_email2matrix_version }}" matrix_email2matrix_version: 1.0.1 -matrix_email2matrix_docker_image: "{{ matrix_container_global_registry_prefix }}devture/email2matrix:{{ matrix_email2matrix_version }}" +matrix_email2matrix_docker_image_prefix: "{{ 'localhost/' if matrix_email2matrix_container_image_self_build else matrix_container_global_registry_prefix }}" +matrix_email2matrix_docker_image: "{{ matrix_email2matrix_docker_image_prefix }}devture/email2matrix:{{ matrix_email2matrix_version }}" matrix_email2matrix_docker_image_force_pull: "{{ matrix_email2matrix_docker_image.endswith(':latest') }}" # A list of extra arguments to pass to the container diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/matrix-email2matrix/tasks/setup_install.yml index a167911f2..67e4ea5df 100644 --- a/roles/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/matrix-email2matrix/tasks/setup_install.yml @@ -8,8 +8,10 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - "{{ matrix_email2matrix_base_path }}" - - "{{ matrix_email2matrix_config_dir_path }}" + - { path: "{{ matrix_email2matrix_base_path }}", when: true } + - { path: "{{ matrix_email2matrix_config_dir_path }}", when: true } + - { path: "{{ matrix_email2matrix_docker_src_files_path }}", when: "{{ matrix_email2matrix_container_image_self_build }}"} + when: "item.when|bool" - name: Ensure Email2Matrix configuration file created template: @@ -25,6 +27,28 @@ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_email2matrix_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_email2matrix_docker_image_force_pull }}" + when: "not matrix_email2matrix_container_image_self_build|bool" + +- name: Ensure Email2Matrix repository is present on self-build + git: + repo: "{{ matrix_email2matrix_container_image_self_build_repo }}" + dest: "{{ matrix_email2matrix_docker_src_files_path }}" + version: "{{ matrix_email2matrix_container_image_self_build_branch }}" + force: "yes" + register: matrix_email2matrix_git_pull_results + when: "matrix_email2matrix_container_image_self_build|bool" + +- name: Ensure Email2Matrix Docker image is built + docker_image: + name: "{{ matrix_email2matrix_docker_image }}" + source: build + force_source: "{{ matrix_email2matrix_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_email2matrix_git_pull_results.changed }}" + build: + dockerfile: etc/docker/Dockerfile + path: "{{ matrix_email2matrix_docker_src_files_path }}" + pull: yes + when: "matrix_email2matrix_container_image_self_build|bool" - name: Ensure matrix-email2matrix.service installed template: From 23006fd64e1e3a3c9e6d0486e66ec2c9b550d383 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 4 Aug 2021 17:59:49 +0300 Subject: [PATCH 17/82] Fix email2matrix path initialization Regression since 421f85defa089cee --- roles/matrix-email2matrix/tasks/setup_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-email2matrix/tasks/setup_install.yml b/roles/matrix-email2matrix/tasks/setup_install.yml index 67e4ea5df..7805c2c1f 100644 --- a/roles/matrix-email2matrix/tasks/setup_install.yml +++ b/roles/matrix-email2matrix/tasks/setup_install.yml @@ -2,7 +2,7 @@ - name: Ensure Email2Matrix paths exist file: - path: "{{ item }}" + path: "{{ item.path }}" state: directory mode: 0750 owner: "{{ matrix_user_username }}" From f3aae70f70df2bde966f9472008963963377d36f Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Sat, 7 Aug 2021 02:47:51 -0500 Subject: [PATCH 18/82] Upgrade Hydrogen (0.2.3 -> 0.2.5) --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index e4adb8c05..3cc1df2a2 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -5,7 +5,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.2.3 +matrix_client_hydrogen_version: v0.2.5 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From d2a1b8b13478680f89a16e719860e39fda5a5369 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Sat, 7 Aug 2021 15:47:24 +0200 Subject: [PATCH 19/82] whatsapp bridge has new docker image location See https://github.com/mautrix/whatsapp/releases/tag/v0.1.8 --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index f8ae7d873..41bfb8be3 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -5,7 +5,7 @@ matrix_mautrix_whatsapp_enabled: true matrix_mautrix_whatsapp_version: latest # See: https://mau.dev/tulir/mautrix-whatsapp/container_registry -matrix_mautrix_whatsapp_docker_image: "dock.mau.dev/tulir/mautrix-whatsapp:{{ matrix_mautrix_whatsapp_version }}" +matrix_mautrix_whatsapp_docker_image: "dock.mau.dev/mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_force_pull: "{{ matrix_mautrix_whatsapp_docker_image.endswith(':latest') }}" matrix_mautrix_whatsapp_base_path: "{{ matrix_base_data_path }}/mautrix-whatsapp" From d11d6f52ae06d40d8d023a9b4a7b2e785e5f7c1a Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Mon, 9 Aug 2021 10:57:45 +0200 Subject: [PATCH 20/82] Update IRC appservice https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.29.0 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index c351bafa2..7ed9ee896 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -7,7 +7,7 @@ matrix_appservice_irc_container_self_build: false matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git" matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src" -matrix_appservice_irc_version: release-0.27.0 +matrix_appservice_irc_version: release-0.29.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 6ecfbe98b1c47337be8dfa64fc361d20fa77438b Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Mon, 9 Aug 2021 11:19:12 +0200 Subject: [PATCH 21/82] New version of Mautrix Signal bridge version 0.2.0 provided through new GitLab repository location --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 7ff450d9a..8ff2fbb6d 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -1,16 +1,16 @@ # mautrix-signal is a Matrix <-> Signal bridge -# See: https://github.com/tulir/mautrix-signal +# See: https://github.com/mautrix/signal matrix_mautrix_signal_enabled: true matrix_mautrix_signal_container_self_build: false -matrix_mautrix_signal_docker_repo: "https://mau.dev/tulir/mautrix-signal.git" +matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git" matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: latest matrix_mautrix_signal_daemon_version: latest -# See: https://mau.dev/tulir/mautrix-signal/container_registry -matrix_mautrix_signal_docker_image: "dock.mau.dev/tulir/mautrix-signal:{{ matrix_mautrix_signal_version }}" +# See: https://mau.dev/mautrix/signal/container_registry +matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" matrix_mautrix_signal_daemon_container_self_build: false From 24589b91f4822fd082f3563da21ccab263b1cd75 Mon Sep 17 00:00:00 2001 From: Sebastian Gumprich Date: Mon, 9 Aug 2021 19:01:51 +0200 Subject: [PATCH 22/82] irc appservice image tag has a 'v' now --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index 7ed9ee896..b0f27e657 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -7,7 +7,7 @@ matrix_appservice_irc_container_self_build: false matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git" matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src" -matrix_appservice_irc_version: release-0.29.0 +matrix_appservice_irc_version: release-v0.29.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From bfb61e776e817b2219d26b195291ead5d4fd0344 Mon Sep 17 00:00:00 2001 From: Michael Collins Date: Tue, 10 Aug 2021 12:58:10 +0800 Subject: [PATCH 23/82] GMH v0.5.7... maybe! --- roles/matrix-common-after/tasks/awx_post.yml | 6 ------ roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 4 ++-- .../templates/nginx/conf.d/matrix-base-domain.conf.j2 | 4 ++++ 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/roles/matrix-common-after/tasks/awx_post.yml b/roles/matrix-common-after/tasks/awx_post.yml index 1e194046f..ef12a8674 100644 --- a/roles/matrix-common-after/tasks/awx_post.yml +++ b/roles/matrix-common-after/tasks/awx_post.yml @@ -62,9 +62,3 @@ group: matrix mode: '0574' when: customise_base_domain_website is defined - -- name: Ensure erroneous /chroot/website/matrix-domain location doesn't exist - file: - path: /chroot/website/matrix-domain - state: absent - when: customise_base_domain_website is defined diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 1d59f5677..2f36945d2 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -127,7 +127,7 @@ mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_nginx_proxy_base_domain_serving_enabled|bool + when: matrix_nginx_proxy_base_domain_serving_enabled|bool and not matrix_awx_enabled|bool - name: Ensure Matrix nginx-proxy homepage for base domain exists copy: @@ -136,7 +136,7 @@ mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_nginx_proxy_base_domain_serving_enabled|bool and matrix_nginx_proxy_base_domain_homepage_enabled|bool + when: matrix_nginx_proxy_base_domain_serving_enabled|bool and matrix_nginx_proxy_base_domain_homepage_enabled|bool and not matrix_awx_enabled|bool - name: Ensure Matrix nginx-proxy configuration for base domain exists template: diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 index fc567aa3e..a88c66854 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 @@ -1,7 +1,11 @@ #jinja2: lstrip_blocks: "True" {% macro render_vhost_directives() %} +{% if matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled %} + root {{ matrix_nginx_proxy_data_path_in_container if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path }}; +{% else %} root {{ matrix_nginx_proxy_data_path_in_container if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path }}/matrix-domain; +{% endif %} gzip on; gzip_types text/plain application/json; From 2469ada5204151960365dddf995db7039718c78d Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Tue, 10 Aug 2021 15:32:07 +0200 Subject: [PATCH 24/82] Update Synapse (1.39.0 -> 1.40.0) --- roles/matrix-synapse/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 628ea431f..d8a93b054 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont # amd64 gets released first. # arm32 relies on self-building, so the same version can be built immediately. # arm64 users need to wait for a prebuilt image to become available. -matrix_synapse_version: v1.39.0 -matrix_synapse_version_arm64: v1.39.0 +matrix_synapse_version: v1.40.0 +matrix_synapse_version_arm64: v1.40.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 05ad62038612aac0299d503546f922a65e16e545 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 10 Aug 2021 17:36:39 +0300 Subject: [PATCH 25/82] Update homeserver.yaml to keep up with Synapse v1.40.0 Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1225 --- .../templates/synapse/homeserver.yaml.j2 | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index f184cc298..8f0f2eb9b 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -732,6 +732,48 @@ caches: ## Database ## +# The 'database' setting defines the database that synapse uses to store all of +# its data. +# +# 'name' gives the database engine to use: either 'sqlite3' (for SQLite) or +# 'psycopg2' (for PostgreSQL). +# +# 'txn_limit' gives the maximum number of transactions to run per connection +# before reconnecting. Defaults to 0, which means no limit. +# +# 'args' gives options which are passed through to the database engine, +# except for options starting 'cp_', which are used to configure the Twisted +# connection pool. For a reference to valid arguments, see: +# * for sqlite: https://docs.python.org/3/library/sqlite3.html#sqlite3.connect +# * for postgres: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS +# * for the connection pool: https://twistedmatrix.com/documents/current/api/twisted.enterprise.adbapi.ConnectionPool.html#__init__ +# +# +# Example SQLite configuration: +# +#database: +# name: sqlite3 +# args: +# database: /path/to/homeserver.db +# +# +# Example Postgres configuration: +# +#database: +# name: psycopg2 +# txn_limit: 10000 +# args: +# user: synapse_user +# password: secretpassword +# database: synapse +# host: localhost +# port: 5432 +# cp_min: 5 +# cp_max: 10 +# +# For more information on using Synapse with Postgres, +# see https://matrix-org.github.io/synapse/latest/postgres.html. +# database: # The database engine name name: "psycopg2" From bce94c5860d645862eb148cfd3788d0f389a7d93 Mon Sep 17 00:00:00 2001 From: Toni Spets Date: Tue, 10 Aug 2021 21:09:28 +0300 Subject: [PATCH 26/82] Allow configuring synapse database transaction limit --- roles/matrix-synapse/defaults/main.yml | 1 + roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index d8a93b054..83d2e51d8 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -453,6 +453,7 @@ matrix_synapse_replication_http_port: 9093 matrix_synapse_sentry_dsn: "" # Postgres database information +matrix_synapse_database_txn_limit: 0 matrix_synapse_database_host: "matrix-postgres" matrix_synapse_database_port: 5432 matrix_synapse_database_user: "synapse" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 8f0f2eb9b..4fd258f17 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -777,6 +777,7 @@ caches: database: # The database engine name name: "psycopg2" + txn_limit: {{ matrix_synapse_database_txn_limit }} args: user: {{ matrix_synapse_database_user|string|to_json }} password: {{ matrix_synapse_database_password|string|to_json }} From 8238d65e5f44d5bd70f860d1e4b189c366ce97d3 Mon Sep 17 00:00:00 2001 From: Michael Collins Date: Wed, 11 Aug 2021 14:19:19 +0800 Subject: [PATCH 27/82] simplify template conditional --- .../templates/nginx/conf.d/matrix-base-domain.conf.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 index a88c66854..78e8a6326 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 @@ -2,7 +2,7 @@ {% macro render_vhost_directives() %} {% if matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled %} - root {{ matrix_nginx_proxy_data_path_in_container if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path }}; + root {{ matrix_nginx_proxy_data_path_in_container }}; {% else %} root {{ matrix_nginx_proxy_data_path_in_container if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path }}/matrix-domain; {% endif %} From 2e30802b87428b4da7afe282a202efa9c0af7691 Mon Sep 17 00:00:00 2001 From: Michael Collins Date: Wed, 11 Aug 2021 15:21:09 +0800 Subject: [PATCH 28/82] use group variables instead --- group_vars/matrix_servers | 1 + roles/matrix-nginx-proxy/defaults/main.yml | 1 + .../templates/nginx/conf.d/matrix-base-domain.conf.j2 | 6 +----- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index cc45042db..667d5a88e 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -41,6 +41,7 @@ matrix_awx_enabled: false matrix_nginx_proxy_data_path: "{{ '/chroot/website' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else (matrix_nginx_proxy_base_path + '/data') }}" matrix_nginx_proxy_data_path_in_container: "{{ '/nginx-data/matrix-domain' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/nginx-data' }}" +matrix_nginx_proxy_data_path_extension: "{{ '' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/matrix-domain' }}" ###################################################################### # diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 59dddafb4..d8c378066 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -10,6 +10,7 @@ matrix_nginx_proxy_docker_image_force_pull: "{{ matrix_nginx_proxy_docker_image. matrix_nginx_proxy_base_path: "{{ matrix_base_data_path }}/nginx-proxy" matrix_nginx_proxy_data_path: "{{ matrix_nginx_proxy_base_path }}/data" matrix_nginx_proxy_data_path_in_container: "/nginx-data" +matrix_nginx_proxy_data_path_extension: "/matrix_domain" matrix_nginx_proxy_confd_path: "{{ matrix_nginx_proxy_base_path }}/conf.d" # List of systemd services that matrix-nginx-proxy.service depends on diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 index 78e8a6326..b02942838 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2 @@ -1,11 +1,7 @@ #jinja2: lstrip_blocks: "True" {% macro render_vhost_directives() %} -{% if matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled %} - root {{ matrix_nginx_proxy_data_path_in_container }}; -{% else %} - root {{ matrix_nginx_proxy_data_path_in_container if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path }}/matrix-domain; -{% endif %} + root {{ matrix_nginx_proxy_data_path_in_container if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path }}{{ matrix_nginx_proxy_data_path_extension }}; gzip on; gzip_types text/plain application/json; From 4d57a41b3f6123a06562fdf20cf8451ea48c0897 Mon Sep 17 00:00:00 2001 From: Michael Collins Date: Wed, 11 Aug 2021 17:18:57 +0800 Subject: [PATCH 29/82] remove matrix_awx_enabled from these --- group_vars/matrix_servers | 1 + roles/matrix-nginx-proxy/defaults/main.yml | 3 +++ roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml | 4 ++-- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 667d5a88e..a4e00d41b 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -42,6 +42,7 @@ matrix_awx_enabled: false matrix_nginx_proxy_data_path: "{{ '/chroot/website' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else (matrix_nginx_proxy_base_path + '/data') }}" matrix_nginx_proxy_data_path_in_container: "{{ '/nginx-data/matrix-domain' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/nginx-data' }}" matrix_nginx_proxy_data_path_extension: "{{ '' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/matrix-domain' }}" +matrix_nginx_proxy_base_domain_create_directory: "{{ false if matrix_awx_enabled else true }}" ###################################################################### # diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index d8c378066..87cbcde1d 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -76,6 +76,9 @@ matrix_nginx_proxy_container_federation_host_bind_port: '8448' # in the `{{ matrix_nginx_proxy_data_path }}/matrix-domain` (`/matrix/nginx-proxy/data/matrix-domain`) directory. matrix_nginx_proxy_base_domain_serving_enabled: false +# Controls whether the base domain directory and default index.html file are created. +matrix_nginx_proxy_base_domain_create_directory: true + matrix_nginx_proxy_base_domain_hostname: "{{ matrix_domain }}" # Controls whether `matrix_nginx_proxy_base_domain_homepage_template` would be dumped to an `index.html` file diff --git a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml index 2f36945d2..149fadab7 100644 --- a/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml +++ b/roles/matrix-nginx-proxy/tasks/setup_nginx_proxy.yml @@ -127,7 +127,7 @@ mode: 0750 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_nginx_proxy_base_domain_serving_enabled|bool and not matrix_awx_enabled|bool + when: matrix_nginx_proxy_base_domain_serving_enabled|bool and matrix_nginx_proxy_base_domain_create_directory|bool - name: Ensure Matrix nginx-proxy homepage for base domain exists copy: @@ -136,7 +136,7 @@ mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - when: matrix_nginx_proxy_base_domain_serving_enabled|bool and matrix_nginx_proxy_base_domain_homepage_enabled|bool and not matrix_awx_enabled|bool + when: matrix_nginx_proxy_base_domain_serving_enabled|bool and matrix_nginx_proxy_base_domain_homepage_enabled|bool and matrix_nginx_proxy_base_domain_create_directory|bool - name: Ensure Matrix nginx-proxy configuration for base domain exists template: From 4c12c1892ca9e153d015a13354f806ae8801659f Mon Sep 17 00:00:00 2001 From: Michael Collins Date: Wed, 11 Aug 2021 17:32:38 +0800 Subject: [PATCH 30/82] use saner folder permissions --- roles/matrix-awx/tasks/customise_website_access_export.yml | 2 +- roles/matrix-common-after/tasks/awx_post.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-awx/tasks/customise_website_access_export.yml b/roles/matrix-awx/tasks/customise_website_access_export.yml index 290197662..d4f48f42c 100755 --- a/roles/matrix-awx/tasks/customise_website_access_export.yml +++ b/roles/matrix-awx/tasks/customise_website_access_export.yml @@ -176,7 +176,7 @@ state: directory owner: matrix group: matrix - mode: '0574' + mode: '0770' when: customise_base_domain_website is defined - name: Ensure /chroot/export location exists diff --git a/roles/matrix-common-after/tasks/awx_post.yml b/roles/matrix-common-after/tasks/awx_post.yml index ef12a8674..b934104bc 100644 --- a/roles/matrix-common-after/tasks/awx_post.yml +++ b/roles/matrix-common-after/tasks/awx_post.yml @@ -60,5 +60,5 @@ state: directory owner: matrix group: matrix - mode: '0574' + mode: '0770' when: customise_base_domain_website is defined From e90b33c4e38e68b9001a54330029dafb4b27b3c3 Mon Sep 17 00:00:00 2001 From: Jaffex <31133207+Jaffex@users.noreply.github.com> Date: Thu, 12 Aug 2021 12:43:12 +0200 Subject: [PATCH 31/82] Update matrix-mautrix-signal config to 0.2.0 to enable relay mode --- .../templates/config.yaml.j2 | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index ca5060a70..d4f64c790 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -9,6 +9,12 @@ homeserver: # Only applies if address starts with https:// verify_ssl: true asmux: false + # Number of retries for all HTTP requests if the homeserver isn't reachable. + http_retry_count: 4 + # The URL to push real-time bridge status to. + # If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes. + # The bridge will use the appservice as_token to authorize requests. + status_endpoint: null # Application service host/registration related details # Changing these values requires regeneration of the registration. @@ -80,6 +86,9 @@ signal: avatar_dir: /signald/avatars # Directory where signald stores auth data. Used to delete data when logging out. data_dir: /signald/data + # Whether or not unknown signald accounts should be deleted when the bridge is started. + # When this is enabled, any UserInUse errors should be resolved by restarting the bridge. + delete_unknown_accounts_on_start: false # Whether or not message attachments should be removed from disk after they're bridged. remove_file_after_handling: true @@ -164,12 +173,15 @@ bridge: # This field will automatically be changed back to false after it, # except if the config file is not writable. resend_bridge_info: false + # Interval at which to resync contacts. + periodic_sync: 0 # The prefix for commands. Only required in non-management rooms. command_prefix: "!signal" # Permissions for using the bridge. # Permitted values: + # relay - Allowed to be relayed through the bridge, no access to commands. # user - Use the bridge with puppeting. # admin - Use and administrate the bridge. # Permitted keys: @@ -177,8 +189,30 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: + '{{ matrix_mautrix_signal_homeserver_domain }}': relay '{{ matrix_mautrix_signal_homeserver_domain }}': user + relay: + # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any + # authenticated user into a relaybot for that chat. + enabled: true + # The formats to use when sending messages to Signal via a relay user. + # + # Available variables: + # $sender_displayname - The display name of the sender (e.g. Example User) + # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) + # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) + # $message - The message content + message_formats: + m.text: '$sender_displayname: $message' + m.notice: '$sender_displayname: $message' + m.emote: '* $sender_displayname $message' + m.file: '$sender_displayname sent a file' + m.image: '$sender_displayname sent an image' + m.audio: '$sender_displayname sent an audio file' + m.video: '$sender_displayname sent a video' + m.location: '$sender_displayname sent a location' + # Python logging configuration. # From e6b77284f2dd4d9b5549601947d9b9d09f5375e5 Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Fri, 13 Aug 2021 17:46:37 +0200 Subject: [PATCH 32/82] Relay bot configurable + permissions Enable / disable relay bot functionality as configuratoin paramter; set bridge permissions for base domain users to user level --- .../matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index d4f64c790..ef66ee914 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -188,14 +188,13 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - '{{ matrix_mautrix_signal_homeserver_domain }}': relay - '{{ matrix_mautrix_signal_homeserver_domain }}': user + permissions: + {{ matrix_mautrix_signal_homeserver_domain }}: user relay: # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any # authenticated user into a relaybot for that chat. - enabled: true + enabled: {{ matrix_mautrix_signal_relaybot_enabled }} # The formats to use when sending messages to Signal via a relay user. # # Available variables: From 5ca28ba87249951e24cd226e4ccfdf81aadd98d3 Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Fri, 13 Aug 2021 17:48:05 +0200 Subject: [PATCH 33/82] Default relay bot functionality setting Per default relay bot functionality is disabled; the bridge user permissions depends on the relay bot, if enabled the base domain users are on level relay, else remain on user; --- .../defaults/main.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 8ff2fbb6d..157922c66 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -78,6 +78,9 @@ matrix_mautrix_signal_appservice_database: "{{ # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). matrix_mautrix_signal_login_shared_secret: '' +# Enable bridge relay bot functionality +matrix_mautrix_signal_relaybot_enabled: false + # Default configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # @@ -93,6 +96,21 @@ matrix_mautrix_signal_configuration_extension_yaml: | # # If you need something more special, you can take full control by # completely redefining `matrix_mautrix_signal_configuration_yaml`. + # + # Permissions for using the bridge. + # Permitted values: + # relay - Allowed to be relayed through the bridge, no access to commands. + # user - Use the bridge with puppeting. + # admin - Use and administrate the bridge. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + # + bridge: + permissions: + {{ matrix_mautrix_signal_homeserver_domain }}: "{{ "relay" if matrix_mautrix_signal_relaybot_enabled else "user" }}" + matrix_mautrix_signal_configuration_extension: "{{ matrix_mautrix_signal_configuration_extension_yaml|from_yaml if matrix_mautrix_signal_configuration_extension_yaml|from_yaml is mapping else {} }}" From c3b4a1a66d7796d84b8c0b2eaf4970405a6d28fc Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Fri, 13 Aug 2021 17:48:28 +0200 Subject: [PATCH 34/82] Augment documentation for relay bot --- ...figuring-playbook-bridge-mautrix-signal.md | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 6d3c4dfbd..e91487faa 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -12,6 +12,27 @@ Use the following playbook configuration: matrix_mautrix_signal_enabled: true ``` +There are some additional things you may wish to configure about the bridge before you continue. + +The relay bot functionality is off by default. If you would like to enable the relay bot, add the following to your `vars.yml` file: +```yaml +matrix_mautrix_signal_relaybot_enabled: true +``` + +Additionally the permissions for the bridge grant user rights to all base domain users in case the relay bot is disabled, or relay rights in case the relay bot is enabled. + +If you would like to have a more specific setting of the permissions you can set the permissions as follows (example). For more details see also [mautrix-bridge documentation](https://docs.mau.fi/bridges/python/signal/relay-mode.html) +```yaml +matrix_mautrix_signal_configuration_extension_yaml: | + bridge: + permissions: + '@YOUR_USERNAME:YOUR_DOMAIN': admin + '*': user + YOUR_DOMAIN: relay +``` + +You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. + ## Set up Double Puppeting If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-signal/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it. From bb931493eeb26a55f8dd60e26d2cbea04885b99b Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Fri, 13 Aug 2021 20:15:19 +0200 Subject: [PATCH 35/82] Update as per suggestion --- docs/configuring-playbook-bridge-mautrix-signal.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index e91487faa..30b7bba80 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -27,8 +27,8 @@ matrix_mautrix_signal_configuration_extension_yaml: | bridge: permissions: '@YOUR_USERNAME:YOUR_DOMAIN': admin - '*': user - YOUR_DOMAIN: relay + YOUR_DOMAIN: user + '*': relay ``` You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. From a34241e4ccbbdeb982ceb662d320da7a0b995480 Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Fri, 13 Aug 2021 21:11:41 +0200 Subject: [PATCH 36/82] Remove intial permissions seting Permissions, when set in the template, will be augmented rahter than replaced when using matrix_mautrix_signal_configuration_extension_yaml. Therefore, permissions shall only be set in the defaults/vars.yml or in the HS specific vars.yml file --- roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index ef66ee914..f0b9af869 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -188,8 +188,10 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - permissions: - {{ matrix_mautrix_signal_homeserver_domain }}: user + #permissions: + # + # Remark: permissions will be set in the defaults/main.yml file of this role + # (see matrix_mautrix_signal_configuration_extension_yaml) relay: # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any From d9e8be7c7997042963382dea0b8da1c38b5b8b5c Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Sat, 14 Aug 2021 17:32:54 +0200 Subject: [PATCH 37/82] Update docs/configuring-playbook-bridge-mautrix-signal.md Document how to enable relay functionality in a room Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com> --- docs/configuring-playbook-bridge-mautrix-signal.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 30b7bba80..06881b604 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -18,7 +18,8 @@ The relay bot functionality is off by default. If you would like to enable the r ```yaml matrix_mautrix_signal_relaybot_enabled: true ``` - +If you want to activate the relay bot in a room, use `!signal set-relay`. +Use `!signal unset-relay` to deactivate. Additionally the permissions for the bridge grant user rights to all base domain users in case the relay bot is disabled, or relay rights in case the relay bot is enabled. If you would like to have a more specific setting of the permissions you can set the permissions as follows (example). For more details see also [mautrix-bridge documentation](https://docs.mau.fi/bridges/python/signal/relay-mode.html) From ae9639585ccedc1e303fb28e03b844432d4c380e Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Sat, 14 Aug 2021 17:35:49 +0200 Subject: [PATCH 38/82] Update roles/matrix-bridge-mautrix-signal/defaults/main.yml Improved setup through template file Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com> --- .../defaults/main.yml | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 157922c66..48aa25661 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -96,21 +96,6 @@ matrix_mautrix_signal_configuration_extension_yaml: | # # If you need something more special, you can take full control by # completely redefining `matrix_mautrix_signal_configuration_yaml`. - # - # Permissions for using the bridge. - # Permitted values: - # relay - Allowed to be relayed through the bridge, no access to commands. - # user - Use the bridge with puppeting. - # admin - Use and administrate the bridge. - # Permitted keys: - # * - All Matrix users - # domain - All users on that homeserver - # mxid - Specific user - # - bridge: - permissions: - {{ matrix_mautrix_signal_homeserver_domain }}: "{{ "relay" if matrix_mautrix_signal_relaybot_enabled else "user" }}" - matrix_mautrix_signal_configuration_extension: "{{ matrix_mautrix_signal_configuration_extension_yaml|from_yaml if matrix_mautrix_signal_configuration_extension_yaml|from_yaml is mapping else {} }}" From d249fe874ede76f244c2701e42ab8c2199a5f5af Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Sat, 14 Aug 2021 17:36:43 +0200 Subject: [PATCH 39/82] Update roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 Updated settings in template file: * relay for any user * user permissions only for HS domain users Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com> --- .../matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index f0b9af869..5628b9426 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -188,10 +188,9 @@ bridge: # * - All Matrix users # domain - All users on that homeserver # mxid - Specific user - #permissions: - # - # Remark: permissions will be set in the defaults/main.yml file of this role - # (see matrix_mautrix_signal_configuration_extension_yaml) + permissions: + *: relay + '{{ matrix_mautrix_signal_homeserver_domain }}': user relay: # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any From 30aa8c2c3f88ae0c2725b8c069f1ecef5639bce9 Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Sat, 14 Aug 2021 17:38:58 +0200 Subject: [PATCH 40/82] Update docs/configuring-playbook-bridge-mautrix-signal.md Improvement of documentation Co-authored-by: Jan <31133207+Jaffex@users.noreply.github.com> --- docs/configuring-playbook-bridge-mautrix-signal.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 06881b604..efd4d96f5 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -20,7 +20,8 @@ matrix_mautrix_signal_relaybot_enabled: true ``` If you want to activate the relay bot in a room, use `!signal set-relay`. Use `!signal unset-relay` to deactivate. -Additionally the permissions for the bridge grant user rights to all base domain users in case the relay bot is disabled, or relay rights in case the relay bot is enabled. +By default, any user on your homeserver will be able to use the bridge. +If you enable the relay bot functionality, it will relay every user's messages in a portal room - no matter which homeserver they're from. If you would like to have a more specific setting of the permissions you can set the permissions as follows (example). For more details see also [mautrix-bridge documentation](https://docs.mau.fi/bridges/python/signal/relay-mode.html) ```yaml From f988fd33391f923ec997fc6f71ba663dc6dc03e9 Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Sat, 14 Aug 2021 17:47:31 +0200 Subject: [PATCH 41/82] Change sequence of permissions As per earlier comment (see from tulir) the sequence has been changed. --- roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index 5628b9426..2adfd5203 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -189,8 +189,8 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - *: relay '{{ matrix_mautrix_signal_homeserver_domain }}': user + *: relay relay: # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any From 7486db0d1a88d40bd9d02bfd96be7386f99e1fae Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Sat, 14 Aug 2021 17:58:08 +0200 Subject: [PATCH 42/82] Missing ticks --- roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index 2adfd5203..ecd5902b5 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -190,7 +190,7 @@ bridge: # mxid - Specific user permissions: '{{ matrix_mautrix_signal_homeserver_domain }}': user - *: relay + '*': relay relay: # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any From 46340fdf63de3ca28fc731f2fbbc3936d0e03c43 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sun, 15 Aug 2021 08:45:21 +0300 Subject: [PATCH 43/82] Simplify if condition --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a4e00d41b..a8e392820 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -42,7 +42,7 @@ matrix_awx_enabled: false matrix_nginx_proxy_data_path: "{{ '/chroot/website' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else (matrix_nginx_proxy_base_path + '/data') }}" matrix_nginx_proxy_data_path_in_container: "{{ '/nginx-data/matrix-domain' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/nginx-data' }}" matrix_nginx_proxy_data_path_extension: "{{ '' if (matrix_awx_enabled and not matrix_nginx_proxy_base_domain_homepage_enabled) else '/matrix-domain' }}" -matrix_nginx_proxy_base_domain_create_directory: "{{ false if matrix_awx_enabled else true }}" +matrix_nginx_proxy_base_domain_create_directory: "{{ not matrix_awx_enabled }}" ###################################################################### # From d0b557eb6f0c56ad86c20bab642e29dcfb0e430c Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Sun, 15 Aug 2021 08:42:21 +0200 Subject: [PATCH 44/82] Replace tabs to spaces to prevent problems in YAML --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 48aa25661..93472d51e 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -70,9 +70,9 @@ matrix_mautrix_signal_database_name: 'matrix_mautrix_signal' matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}' matrix_mautrix_signal_appservice_database: "{{ - { - 'postgres': matrix_mautrix_signal_database_connection_string, - }[matrix_mautrix_signal_database_engine] + { + 'postgres': matrix_mautrix_signal_database_connection_string, + }[matrix_mautrix_signal_database_engine] }}" # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). From df82ec13b2181bdfad43343f47bc166e98134777 Mon Sep 17 00:00:00 2001 From: Dan Arnfield Date: Mon, 16 Aug 2021 08:44:02 -0500 Subject: [PATCH 45/82] docker-ce is now available for Debian Bullseye --- roles/matrix-base/tasks/server_base/setup_debian.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/roles/matrix-base/tasks/server_base/setup_debian.yml b/roles/matrix-base/tasks/server_base/setup_debian.yml index 54e52c1b8..37706d1f9 100644 --- a/roles/matrix-base/tasks/server_base/setup_debian.yml +++ b/roles/matrix-base/tasks/server_base/setup_debian.yml @@ -23,14 +23,7 @@ repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" state: present update_cache: yes - when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' and not ansible_distribution_release == 'bullseye' - -- name: Ensure Docker repository is enabled (using Debian Buster on Debian Bullseye, for which there is no Docker yet) - apt_repository: - repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} buster stable" - state: present - update_cache: yes - when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' and ansible_distribution_release == 'bullseye' + when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce' - name: Ensure APT packages are installed apt: From 70d412e5236c3fd0a8928bf0d4a05eabcfdeb08b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 16 Aug 2021 18:10:15 +0300 Subject: [PATCH 46/82] Upgrade Element (1.7.34 -> 1.8.0) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index dd649ffdf..fc1f40bc3 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -3,7 +3,7 @@ matrix_client_element_enabled: true matrix_client_element_container_image_self_build: false matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git" -matrix_client_element_version: v1.7.34 +matrix_client_element_version: v1.8.0 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From b1c94efcd8bfba5047765c53f19a1af585153a34 Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Mon, 16 Aug 2021 18:23:40 +0200 Subject: [PATCH 47/82] Make template generic for the pemission settings --- roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index ecd5902b5..1c7a637fc 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -189,8 +189,7 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - '{{ matrix_mautrix_signal_homeserver_domain }}': user - '*': relay + {{ matrix_mautrix_signal_bridge_permissions|from_yaml }} relay: # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any From 4b7506ca1a0c13a31adf4e4eaea1e6f79c02b9b3 Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Mon, 16 Aug 2021 18:24:12 +0200 Subject: [PATCH 48/82] Preset the permissions inline with other bridges --- .../matrix-bridge-mautrix-signal/defaults/main.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 93472d51e..93993fa11 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -81,6 +81,19 @@ matrix_mautrix_signal_login_shared_secret: '' # Enable bridge relay bot functionality matrix_mautrix_signal_relaybot_enabled: false +# Permissions for using the bridge. +# Permitted values: +# relay - Allowed to be relayed through the bridge, no access to commands. +# user - Use the bridge with puppeting. +# admin - Use and administrate the bridge. +# Permitted keys: +# * - All Matrix users +# domain - All users on that homeserver +# mxid - Specific user +matrix_mautrix_signal_bridge_permissions: | + '*': relay + '{{ matrix_mautrix_signal_homeserver_domain }}': user + # Default configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # From 5a828f36a6226c4a44449b355a1e3fa2d3f5957a Mon Sep 17 00:00:00 2001 From: Wolfgang Winter Date: Mon, 16 Aug 2021 18:24:55 +0200 Subject: [PATCH 49/82] Document the permissions settings. Distinguish between augmenting and overwriting. --- ...figuring-playbook-bridge-mautrix-signal.md | 28 +++++++++++++++++-- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index efd4d96f5..131d3abad 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -23,14 +23,36 @@ Use `!signal unset-relay` to deactivate. By default, any user on your homeserver will be able to use the bridge. If you enable the relay bot functionality, it will relay every user's messages in a portal room - no matter which homeserver they're from. -If you would like to have a more specific setting of the permissions you can set the permissions as follows (example). For more details see also [mautrix-bridge documentation](https://docs.mau.fi/bridges/python/signal/relay-mode.html) +Different levels of permission can be granted to users: + +* relay - Allowed to be relayed through the bridge, no access to commands; +* user - Use the bridge with puppeting; +* admin - Use and administer the bridge. + +The permissions are following the sequence: nothing < relay < user < admin. + +The default permissions are set as follows: +```yaml +permissions: + '*': relay + YOUR_DOMAIN: user +``` + +If you want to augment the preset permissions, you might want to set the additional permissions with the following settings in your `vars.yml` file: ```yaml matrix_mautrix_signal_configuration_extension_yaml: | bridge: permissions: '@YOUR_USERNAME:YOUR_DOMAIN': admin - YOUR_DOMAIN: user - '*': relay +``` + +This will add the admin permission to the specific user, while keepting the default permissions. + +In case you want to replace the default permissions settings **completely**, populate the following item within your `vars.yml` file: +```yaml +matrix_mautrix_signal_bridge_permissions: | + '@ADMIN:YOUR_DOMAIN': admin + '@USER:YOUR_DOMAIN' : user ``` You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure. From 4fe27a7645e605b36e77a0865356846a445bd75e Mon Sep 17 00:00:00 2001 From: Toni Spets Date: Tue, 17 Aug 2021 07:50:53 +0300 Subject: [PATCH 50/82] Pin Heisenbridge to 1.0.0 --- roles/matrix-bridge-heisenbridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/matrix-bridge-heisenbridge/defaults/main.yml index be95af8da..f7db9f7d3 100644 --- a/roles/matrix-bridge-heisenbridge/defaults/main.yml +++ b/roles/matrix-bridge-heisenbridge/defaults/main.yml @@ -3,7 +3,7 @@ matrix_heisenbridge_enabled: true -matrix_heisenbridge_version: latest +matrix_heisenbridge_version: 1.0.0 matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}" matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}" From 854ea911950369fdc36f6fd4b56641dbea1aad0f Mon Sep 17 00:00:00 2001 From: pushytoxin Date: Tue, 17 Aug 2021 10:21:53 +0200 Subject: [PATCH 51/82] Mautrix-Facebook repo location update, pin v0.3.1 The Github link is just a redirect to Tulir's own GitLab, so I replaced the self-build link The docker container repository was rearranged hierarchically (dock.mau.dev/tulir/mautrix-facebook -> dock.mau.dev/mautrix/facebook) Tagged versions have been made available, thus :latest -> :v0.3.1 --- roles/matrix-bridge-mautrix-facebook/defaults/main.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml index 71a225f7c..4f024bdf7 100644 --- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -4,11 +4,10 @@ matrix_mautrix_facebook_enabled: true matrix_mautrix_facebook_container_image_self_build: false -matrix_mautrix_facebook_container_image_self_build_repo: "https://github.com/tulir/mautrix-facebook.git" +matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git" -matrix_mautrix_facebook_version: latest -# See: https://mau.dev/tulir/mautrix-facebook/container_registry -matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}tulir/mautrix-facebook:{{ matrix_mautrix_facebook_version }}" +matrix_mautrix_facebook_version: v0.3.1 +matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}" matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}" matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}" From 12dbb29675d0cb589218a26208390efd8ed61683 Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Tue, 17 Aug 2021 12:47:52 +0200 Subject: [PATCH 52/82] Upgrade Element (1.8.0 -> 1.8.1) Element web/desktop has just been updated to fix some regressions in regard to VoIP. --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index fc1f40bc3..0c0480f1e 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -3,7 +3,7 @@ matrix_client_element_enabled: true matrix_client_element_container_image_self_build: false matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git" -matrix_client_element_version: v1.8.0 +matrix_client_element_version: v1.8.1 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From dc8000760bcd997177c4558ca77b22e7e6c5a7c5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 18 Aug 2021 09:50:10 +0300 Subject: [PATCH 53/82] Bump Coturn version tag (4.5.2-r2 -> 4.5.2-r3) Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1236 --- roles/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index 455656863..eb55e5006 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -5,7 +5,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" -matrix_coturn_version: 4.5.2-r2 +matrix_coturn_version: 4.5.2-r3 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From 6299bc0300d7c38070a319a6b2b2522bbc86a27d Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 16:49:35 +0200 Subject: [PATCH 54/82] Update readme mautrix bridges --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 096c04e38..47119d14d 100644 --- a/README.md +++ b/README.md @@ -45,17 +45,17 @@ Using this playbook, you can get the following services configured on your serve - (optional, advanced) the [Matrix Corporal](https://github.com/devture/matrix-corporal) reconciliator and gateway for a managed Matrix server -- (optional) the [mautrix-telegram](https://github.com/tulir/mautrix-telegram) bridge for bridging your Matrix server to [Telegram](https://telegram.org/) +- (optional) the [mautrix-telegram](https://github.com/mautrix/telegram) bridge for bridging your Matrix server to [Telegram](https://telegram.org/) -- (optional) the [mautrix-whatsapp](https://github.com/tulir/mautrix-whatsapp) bridge for bridging your Matrix server to [WhatsApp](https://www.whatsapp.com/) +- (optional) the [mautrix-whatsapp](https://github.com/mautrix/whatsapp) bridge for bridging your Matrix server to [WhatsApp](https://www.whatsapp.com/) -- (optional) the [mautrix-facebook](https://github.com/tulir/mautrix-facebook) bridge for bridging your Matrix server to [Facebook](https://facebook.com/) +- (optional) the [mautrix-facebook](https://github.com/mautrix/facebook) bridge for bridging your Matrix server to [Facebook](https://facebook.com/) -- (optional) the [mautrix-hangouts](https://github.com/tulir/mautrix-hangouts) bridge for bridging your Matrix server to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) +- (optional) the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge for bridging your Matrix server to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) -- (optional) the [mautrix-instagram](https://github.com/tulir/mautrix-instagram) bridge for bridging your Matrix server to [Instagram](https://instagram.com/) +- (optional) the [mautrix-instagram](https://github.com/mautrix/instagram) bridge for bridging your Matrix server to [Instagram](https://instagram.com/) -- (optional) the [mautrix-signal](https://github.com/tulir/mautrix-signal) bridge for bridging your Matrix server to [Signal](https://www.signal.org/) +- (optional) the [mautrix-signal](https://github.com/mautrix/signal) bridge for bridging your Matrix server to [Signal](https://www.signal.org/) - (optional) the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge for bridging your Matrix server to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) From ef0ed0af3d9d56b0667d1ec3c5f0821885407090 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 16:54:45 +0200 Subject: [PATCH 55/82] Update container-images.md --- docs/container-images.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/container-images.md b/docs/container-images.md index f2914488b..21f055b82 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -40,17 +40,17 @@ These services are not part of our default installation, but can be enabled by [ - [zeratax/matrix-registration](https://hub.docker.com/r/devture/zeratax-matrix-registration/) - [matrix-registration](https://github.com/ZerataX/matrix-registration): a simple python application to have a token based matrix registration (optional) -- [tulir/mautrix-telegram](https://mau.dev/tulir/mautrix-telegram/container_registry) - the [mautrix-telegram](https://github.com/tulir/mautrix-telegram) bridge to [Telegram](https://telegram.org/) (optional) +- [mautrix/telegram](https://mau.dev/mautrix/telegram/container_registry) - the [mautrix-telegram](https://github.com/mautrix/telegram) bridge to [Telegram](https://telegram.org/) (optional) -- [tulir/mautrix-whatsapp](https://mau.dev/tulir/mautrix-whatsapp/container_registry) - the [mautrix-whatsapp](https://github.com/tulir/mautrix-whatsapp) bridge to [Whatsapp](https://www.whatsapp.com/) (optional) +- [mautrix/whatsapp](https://mau.dev/mautrix/whatsapp/container_registry) - the [mautrix-whatsapp](https://github.com/mautrix/whatsapp) bridge to [Whatsapp](https://www.whatsapp.com/) (optional) -- [tulir/mautrix-facebook](https://mau.dev/tulir/mautrix-facebook/container_registry) - the [mautrix-facebook](https://github.com/tulir/mautrix-facebook) bridge to [Facebook](https://facebook.com/) (optional) +- [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) - the [mautrix-facebook](https://github.com/mautrix/facebook) bridge to [Facebook](https://facebook.com/) (optional) -- [tulir/mautrix-hangouts](https://mau.dev/tulir/mautrix-hangouts/container_registry) - the [mautrix-hangouts](https://github.com/tulir/mautrix-hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional) +- [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) - the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional) -- [tulir/mautrix-instagram](https://mau.dev/tulir/mautrix-instagram/container_registry) - the [mautrix-instagram](https://github.com/tulir/mautrix-instagram) bridge to [Instagram](https://instagram.com/) (optional) +- [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) - the [mautrix-instagram](https://github.com/mautrix/instagram) bridge to [Instagram](https://instagram.com/) (optional) -- [tulir/mautrix-signal](https://mau.dev/tulir/mautrix-signal/container_registry) - the [mautrix-signal](https://github.com/tulir/mautrix-signal) bridge to [Signal](https://www.signal.org/) (optional) +- [mautrix/signal](https://mau.dev/mautrix/signal/container_registry) - the [mautrix-signal](https://github.com/mautrix/signal) bridge to [Signal](https://www.signal.org/) (optional) - [matrixdotorg/matrix-appservice-irc](https://hub.docker.com/r/matrixdotorg/matrix-appservice-irc) - the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) From 868ac12cf4f62cac4bd463102fda3287acc210b4 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 16:57:57 +0200 Subject: [PATCH 56/82] update mautrix docs --- docs/configuring-playbook-bridge-mautrix-facebook.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-facebook.md b/docs/configuring-playbook-bridge-mautrix-facebook.md index d07873ae4..282865e73 100644 --- a/docs/configuring-playbook-bridge-mautrix-facebook.md +++ b/docs/configuring-playbook-bridge-mautrix-facebook.md @@ -1,8 +1,8 @@ # Setting up Mautrix Facebook (optional) -The playbook can install and configure [mautrix-facebook](https://github.com/tulir/mautrix-facebook) for you. +The playbook can install and configure [mautrix-facebook](https://github.com/mautrix/facebook) for you. -See the project's [documentation](https://github.com/tulir/mautrix-facebook/blob/master/ROADMAP.md) to learn what it does and why it might be useful to you. +See the project's [documentation](https://github.com/mautrix/facebook/blob/master/ROADMAP.md) to learn what it does and why it might be useful to you. ```yaml matrix_mautrix_facebook_enabled: true From 9d571e3c8e7e9edbf4f353b6ac355471a3be7403 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 16:59:41 +0200 Subject: [PATCH 57/82] Update configuring-playbook-bridge-mautrix-hangouts.md --- docs/configuring-playbook-bridge-mautrix-hangouts.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index a74b1f11a..fa1a69a04 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -1,8 +1,8 @@ # Setting up Mautrix Hangouts (optional) -The playbook can install and configure [mautrix-hangouts](https://github.com/tulir/mautrix-hangouts) for you. +The playbook can install and configure [mautrix-hangouts](https://github.com/mautrix/hangouts) for you. -See the project's [documentation](https://github.com/tulir/mautrix-hangouts/wiki#usage) to learn what it does and why it might be useful to you. +See the project's [documentation](https://github.com/mautrix/hangouts/wiki#usage) to learn what it does and why it might be useful to you. To enable the [Google Hangouts](https://hangouts.google.com/) bridge just use the following playbook configuration: @@ -14,7 +14,7 @@ matrix_mautrix_hangouts_enabled: true ## Set up Double Puppeting -If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-hangouts/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it. +If you'd like to use [Double Puppeting](https://github.com/mautrix/hangouts/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it. ### Method 1: automatically, by enabling Shared Secret Auth @@ -52,7 +52,7 @@ Automatic login may not work. If it does not, reload the page and select the "Ma Once logged in, recent chats should show up as new conversations automatically. Other chats will get portals as you receive messages. -You can learn more about authentication from the bridge's [official documentation on Authentication](https://github.com/tulir/mautrix-hangouts/wiki/Authentication). +You can learn more about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/hangouts/authentication.html). After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so. From 91c9aec973f329f8217caac3a9337650c897636d Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:00:47 +0200 Subject: [PATCH 58/82] Update configuring-playbook-bridge-mautrix-instagram.md --- docs/configuring-playbook-bridge-mautrix-instagram.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-mautrix-instagram.md b/docs/configuring-playbook-bridge-mautrix-instagram.md index 7cdbc7a8a..38d107d0e 100644 --- a/docs/configuring-playbook-bridge-mautrix-instagram.md +++ b/docs/configuring-playbook-bridge-mautrix-instagram.md @@ -1,6 +1,6 @@ # Setting up Mautrix Instagram (optional) -The playbook can install and configure [mautrix-instagram](https://github.com/tulir/mautrix-instagram) for you. +The playbook can install and configure [mautrix-instagram](https://github.com/mautrix/instagram) for you. See the project's [documentation](https://docs.mau.fi/bridges/python/instagram/index.html) to learn what it does and why it might be useful to you. From 9b1ff158f89c9144cf7c1226f7276ea3b2f05f5b Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:03:20 +0200 Subject: [PATCH 59/82] Update configuring-playbook-bridge-mautrix-signal.md --- docs/configuring-playbook-bridge-mautrix-signal.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-signal.md b/docs/configuring-playbook-bridge-mautrix-signal.md index 131d3abad..f47640b9f 100644 --- a/docs/configuring-playbook-bridge-mautrix-signal.md +++ b/docs/configuring-playbook-bridge-mautrix-signal.md @@ -1,8 +1,8 @@ # Setting up Mautrix Signal (optional) -The playbook can install and configure [mautrix-signal](https://github.com/tulir/mautrix-signal) for you. +The playbook can install and configure [mautrix-signal](https://github.com/mautrix/signal) for you. -See the project's [documentation](https://github.com/tulir/mautrix-signal/wiki) to learn what it does and why it might be useful to you. +See the project's [documentation](https://docs.mau.fi/bridges/python/signal/index.html) to learn what it does and why it might be useful to you. **Note/Prerequisite**: If you're running with the Postgres database server integrated by the playbook (which is the default), you don't need to do anything special and can easily proceed with installing. However, if you're [using an external Postgres server](configuring-playbook-external-postgres.md), you'd need to manually prepare a Postgres database for this bridge and adjust the variables related to that (`matrix_mautrix_signal_database_*`). @@ -59,7 +59,7 @@ You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yam ## Set up Double Puppeting -If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-signal/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it. +If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. ### Method 1: automatically, by enabling Shared Secret Auth From 4292dbe238af4578352ac4a73f06776bd5976e92 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:06:53 +0200 Subject: [PATCH 60/82] Update configuring-playbook-bridge-mautrix-hangouts.md --- docs/configuring-playbook-bridge-mautrix-hangouts.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-hangouts.md b/docs/configuring-playbook-bridge-mautrix-hangouts.md index fa1a69a04..1b31e75aa 100644 --- a/docs/configuring-playbook-bridge-mautrix-hangouts.md +++ b/docs/configuring-playbook-bridge-mautrix-hangouts.md @@ -2,7 +2,7 @@ The playbook can install and configure [mautrix-hangouts](https://github.com/mautrix/hangouts) for you. -See the project's [documentation](https://github.com/mautrix/hangouts/wiki#usage) to learn what it does and why it might be useful to you. +See the project's [documentation](https://docs.mau.fi/bridges/python/hangouts/index.html) to learn what it does and why it might be useful to you. To enable the [Google Hangouts](https://hangouts.google.com/) bridge just use the following playbook configuration: @@ -14,7 +14,7 @@ matrix_mautrix_hangouts_enabled: true ## Set up Double Puppeting -If you'd like to use [Double Puppeting](https://github.com/mautrix/hangouts/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it. +If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. ### Method 1: automatically, by enabling Shared Secret Auth From 57fb6e7f719635ed1e014e063f190edcbf18c948 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:09:19 +0200 Subject: [PATCH 61/82] Update configuring-playbook-bridge-mautrix-telegram.md --- docs/configuring-playbook-bridge-mautrix-telegram.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-telegram.md b/docs/configuring-playbook-bridge-mautrix-telegram.md index bfdc6fc57..0ac6c1030 100644 --- a/docs/configuring-playbook-bridge-mautrix-telegram.md +++ b/docs/configuring-playbook-bridge-mautrix-telegram.md @@ -1,8 +1,8 @@ # Setting up Mautrix Telegram (optional) -The playbook can install and configure [mautrix-telegram](https://github.com/tulir/mautrix-telegram) for you. +The playbook can install and configure [mautrix-telegram](https://github.com/mautrix/telegram) for you. -See the project's [documentation](https://github.com/tulir/mautrix-telegram/wiki#usage) to learn what it does and why it might be useful to you. +See the project's [documentation](https://docs.mau.fi/bridges/python/telegram/index.html) to learn what it does and why it might be useful to you. You'll need to obtain API keys from [https://my.telegram.org/apps](https://my.telegram.org/apps) and then use the following playbook configuration: @@ -14,7 +14,7 @@ matrix_mautrix_telegram_api_hash: YOUR_TELEGRAM_API_HASH ## Set up Double Puppeting -If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-telegram/wiki/Authentication#replacing-telegram-accounts-matrix-puppet-with-matrix-account) (hint: you most likely do), you have 2 ways of going about it. +If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. ### Method 1: automatically, by enabling Shared Secret Auth @@ -45,7 +45,7 @@ https://matrix.DOMAIN/_matrix/client/r0/login You then need to start a chat with `@telegrambot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). -If you want to use the relay-bot feature ([relay bot documentation](https://github.com/tulir/mautrix-telegram/wiki/Relay-bot)), which allows anonymous user to chat with telegram users, use the following additional playbook configuration: +If you want to use the relay-bot feature ([relay bot documentation](https://docs.mau.fi/bridges/python/telegram/relay-bot.html)), which allows anonymous user to chat with telegram users, use the following additional playbook configuration: ```yaml matrix_mautrix_telegram_bot_token: YOUR_TELEGRAM_BOT_TOKEN From 301626d91d65ac7bdb13d866a1e751baf8cc2990 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:11:09 +0200 Subject: [PATCH 62/82] Update configuring-playbook-bridge-mautrix-whatsapp.md --- docs/configuring-playbook-bridge-mautrix-whatsapp.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bridge-mautrix-whatsapp.md b/docs/configuring-playbook-bridge-mautrix-whatsapp.md index 78ae28635..1e5f70380 100644 --- a/docs/configuring-playbook-bridge-mautrix-whatsapp.md +++ b/docs/configuring-playbook-bridge-mautrix-whatsapp.md @@ -1,8 +1,8 @@ # Setting up Mautrix Whatsapp (optional) -The playbook can install and configure [mautrix-whatsapp](https://github.com/tulir/mautrix-whatsapp) for you. +The playbook can install and configure [mautrix-whatsapp](https://github.com/mautrix/whatsapp) for you. -See the project's [documentation](https://github.com/tulir/mautrix-whatsapp/wiki) to learn what it does and why it might be useful to you. +See the project's [documentation](https://docs.mau.fi/bridges/go/whatsapp/index.html) to learn what it does and why it might be useful to you. Use the following playbook configuration: @@ -13,7 +13,7 @@ matrix_mautrix_whatsapp_enabled: true ## Set up Double Puppeting -If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-whatsapp/wiki/Authentication#replacing-whatsapp-accounts-matrix-puppet-with-matrix-account) (hint: you most likely do), you have 2 ways of going about it. +If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. ### Method 1: automatically, by enabling Shared Secret Auth From 69f333ea251091637fad96ff57f8fd90d95eb0ca Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:14:18 +0200 Subject: [PATCH 63/82] Update main.yml --- roles/matrix-bridge-mautrix-facebook/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml index 4f024bdf7..6c1d6b69d 100644 --- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -1,5 +1,5 @@ # mautrix-facebook is a Matrix <-> Facebook bridge -# See: https://github.com/tulir/mautrix-facebook +# See: https://github.com/mautrix/facebook matrix_mautrix_facebook_enabled: true @@ -106,7 +106,7 @@ matrix_mautrix_facebook_registration_yaml: | - exclusive: true regex: '^@{{ matrix_mautrix_facebook_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_facebook_homeserver_domain|regex_escape }}$' url: {{ matrix_mautrix_facebook_appservice_address }} - # See https://github.com/tulir/mautrix-signal/issues/43 + # See https://github.com/mautrix/signal/issues/43 sender_localpart: _bot_{{ matrix_mautrix_facebook_appservice_bot_username }} rate_limited: false de.sorunome.msc2409.push_ephemeral: true From b9124c0080f7a1beac58871b0d3a0329c7115ba9 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:16:58 +0200 Subject: [PATCH 64/82] update new repo name mautrix-hangouts --- roles/matrix-bridge-mautrix-hangouts/defaults/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml index 48b66b8d6..fa46d33c9 100644 --- a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml @@ -1,14 +1,14 @@ # mautrix-hangouts is a Matrix <-> Hangouts bridge -# See: https://github.com/tulir/mautrix-hangouts +# See: https://github.com/mautrix/hangouts matrix_mautrix_hangouts_enabled: true matrix_mautrix_hangouts_container_image_self_build: false -matrix_mautrix_hangouts_container_image_self_build_repo: "https://github.com/tulir/mautrix-hangouts.git" +matrix_mautrix_hangouts_container_image_self_build_repo: "https://github.com/mautrix/hangouts.git" matrix_mautrix_hangouts_version: latest -# See: https://mau.dev/tulir/mautrix-hangouts/container_registry -matrix_mautrix_hangouts_docker_image: "{{ matrix_mautrix_hangouts_docker_image_name_prefix }}tulir/mautrix-hangouts:{{ matrix_mautrix_hangouts_version }}" +# See: https://mau.dev/mautrix/hangouts/container_registry +matrix_mautrix_hangouts_docker_image: "{{ matrix_mautrix_hangouts_docker_image_name_prefix }}mautrix/hangouts:{{ matrix_mautrix_hangouts_version }}" matrix_mautrix_hangouts_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_hangouts_container_image_self_build else 'dock.mau.dev/' }}" matrix_mautrix_hangouts_docker_image_force_pull: "{{ matrix_mautrix_hangouts_docker_image.endswith(':latest') }}" @@ -107,7 +107,7 @@ matrix_mautrix_hangouts_registration_yaml: | - exclusive: true regex: '^@{{ matrix_mautrix_hangouts_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_hangouts_homeserver_domain|regex_escape }}$' url: {{ matrix_mautrix_hangouts_appservice_address }} - # See https://github.com/tulir/mautrix-signal/issues/43 + # See https://github.com/mautrix/signal/issues/43 sender_localpart: _bot_{{ matrix_mautrix_hangouts_appservice_bot_username }} rate_limited: false de.sorunome.msc2409.push_ephemeral: true From 1ae4032cb707b673344941408d3909315bc07cb4 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:17:44 +0200 Subject: [PATCH 65/82] update new repo name mautrix --- roles/matrix-bridge-mautrix-instagram/defaults/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml index 5204386d5..a648018ec 100644 --- a/roles/matrix-bridge-mautrix-instagram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-instagram/defaults/main.yml @@ -1,14 +1,14 @@ # mautrix-instagram is a Matrix <-> Instagram bridge -# See: https://github.com/tulir/mautrix-instagram +# See: https://github.com/mautrix/instagram matrix_mautrix_instagram_enabled: true matrix_mautrix_instagram_container_image_self_build: false -matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/tulir/mautrix-instagram.git" +matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git" matrix_mautrix_instagram_version: latest # See: https://mau.dev/tulir/mautrix-instagram/container_registry -matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}tulir/mautrix-instagram:{{ matrix_mautrix_instagram_version }}" +matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}" matrix_mautrix_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else 'dock.mau.dev/' }}" matrix_mautrix_instagram_docker_image_force_pull: "{{ matrix_mautrix_instagram_docker_image.endswith(':latest') }}" @@ -97,7 +97,7 @@ matrix_mautrix_instagram_registration_yaml: | - exclusive: true regex: '^@{{ matrix_mautrix_instagram_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_instagram_homeserver_domain|regex_escape }}$' url: {{ matrix_mautrix_instagram_appservice_address }} - # See https://github.com/tulir/mautrix-signal/issues/43 + # See https://github.com/mautrix/signal/issues/43 sender_localpart: _bot_{{ matrix_mautrix_instagram_appservice_bot_username }} rate_limited: false de.sorunome.msc2409.push_ephemeral: true From 43c9eab6b90664eca6f8b6595c4eddf93f7dfbf0 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:20:18 +0200 Subject: [PATCH 66/82] update mautrix new repo name --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index e49de8e32..f8faff150 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -1,5 +1,5 @@ # mautrix-telegram is a Matrix <-> Telegram bridge -# See: https://github.com/tulir/mautrix-telegram +# See: https://github.com/mautrix/telegram matrix_mautrix_telegram_enabled: true @@ -10,12 +10,12 @@ matrix_telegram_lottieconverter_docker_src_files_path: "{{ matrix_base_data_path matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.14" # needs to be ajusted according to FROM clause of Dockerfile of mautrix-telegram matrix_mautrix_telegram_container_self_build: false -matrix_mautrix_telegram_docker_repo: "https://mau.dev/tulir/mautrix-telegram.git" +matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git" matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" matrix_mautrix_telegram_version: v0.9.0 -# See: https://mau.dev/tulir/mautrix-telegram/container_registry -matrix_mautrix_telegram_docker_image: "dock.mau.dev/tulir/mautrix-telegram:{{ matrix_mautrix_telegram_version }}" +# See: https://mau.dev/mautrix/telegram/container_registry +matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" matrix_mautrix_telegram_base_path: "{{ matrix_base_data_path }}/mautrix-telegram" @@ -123,7 +123,7 @@ matrix_mautrix_telegram_registration_yaml: | aliases: - exclusive: true regex: '^#telegram_.+:{{ matrix_mautrix_telegram_homeserver_domain|regex_escape }}$' - # See https://github.com/tulir/mautrix-signal/issues/43 + # See https://github.com/mautrix/signal/issues/43 sender_localpart: _bot_{{ matrix_mautrix_telegram_appservice_bot_username }} url: {{ matrix_mautrix_telegram_appservice_address }} rate_limited: false From 7eec01e359d1f518602270e3c4133480374cf0cf Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:21:20 +0200 Subject: [PATCH 67/82] update mautrix new repo name --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 41bfb8be3..87a24bf68 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -1,10 +1,10 @@ # mautrix-whatsapp is a Matrix <-> Whatsapp bridge -# See: https://github.com/tulir/mautrix-whatsapp +# See: https://github.com/mautrix/whatsapp matrix_mautrix_whatsapp_enabled: true matrix_mautrix_whatsapp_version: latest -# See: https://mau.dev/tulir/mautrix-whatsapp/container_registry +# See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "dock.mau.dev/mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_force_pull: "{{ matrix_mautrix_whatsapp_docker_image.endswith(':latest') }}" @@ -96,7 +96,7 @@ matrix_mautrix_whatsapp_registration_yaml: | url: {{ matrix_mautrix_whatsapp_appservice_address }} as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" hs_token: "{{ matrix_mautrix_whatsapp_homeserver_token }}" - # See https://github.com/tulir/mautrix-signal/issues/43 + # See https://github.com/mautrix/signal/issues/43 sender_localpart: _bot_{{ matrix_mautrix_whatsapp_appservice_bot_username }} rate_limited: false namespaces: From 7d0ce01792ccbb631ea36a49f167fc9ce4587ece Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:24:54 +0200 Subject: [PATCH 68/82] update links --- roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index 1c7a637fc..19c3ba053 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -140,7 +140,7 @@ bridge: # If false, created portal rooms will never be federated. federate_rooms: true # End-to-bridge encryption support options. You must install the e2be optional dependency for - # this to work. See https://github.com/tulir/mautrix-telegram/wiki/End‐to‐bridge-encryption + # this to work. See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html encryption: # Allow encryption, work in group chat rooms with e2ee enabled allow: false From 4240df64010a59cece54e7aabda26da026d47d57 Mon Sep 17 00:00:00 2001 From: AtomHare Date: Wed, 18 Aug 2021 17:25:45 +0200 Subject: [PATCH 69/82] update link --- .../matrix-bridge-mautrix-signal/templates/registration.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 index 54df82da8..32e913a19 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/registration.yaml.j2 @@ -12,7 +12,7 @@ namespaces: - exclusive: true regex: '^#signal_.+:{{ matrix_mautrix_signal_homeserver_domain|regex_escape }}$' url: {{ matrix_mautrix_signal_appservice_address }} -# See https://github.com/tulir/mautrix-signal/issues/43 +# See https://github.com/mautrix/signal/issues/43 sender_localpart: _bot_{{ matrix_mautrix_signal_appservice_bot_username }} rate_limited: false de.sorunome.msc2409.push_ephemeral: true From d9d9554a7449da23248ab371aea8bfbcd878974e Mon Sep 17 00:00:00 2001 From: nono Date: Thu, 19 Aug 2021 14:08:53 +0200 Subject: [PATCH 70/82] Update the docker image version for mautrix-telegram --- roles/matrix-bridge-mautrix-telegram/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index f8faff150..a105621a6 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -13,7 +13,7 @@ matrix_mautrix_telegram_container_self_build: false matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git" matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src" -matrix_mautrix_telegram_version: v0.9.0 +matrix_mautrix_telegram_version: v0.10.1 # See: https://mau.dev/mautrix/telegram/container_registry matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}" matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}" From f5a7e6d78b015f3e4ef6197123f314a6e1bb341f Mon Sep 17 00:00:00 2001 From: sakkiii Date: Fri, 20 Aug 2021 19:47:11 +0530 Subject: [PATCH 71/82] Certbot update v1.18.0 --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 87cbcde1d..75b84d7c7 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -409,7 +409,7 @@ matrix_ssl_additional_domains_to_obtain_certificates_for: [] # Controls whether to obtain production or staging certificates from Let's Encrypt. matrix_ssl_lets_encrypt_staging: false -matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.17.0" +matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.18.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 matrix_ssl_lets_encrypt_support_email: ~ From 9860fb46757f46a13dbec2725734259a65271779 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 20 Aug 2021 17:48:18 +0300 Subject: [PATCH 72/82] Upgrade Sygnal (v0.9.0 -> v0.10.1) --- CHANGELOG.md | 14 +++++ group_vars/matrix_servers | 10 ---- roles/matrix-sygnal/defaults/main.yml | 22 +------- roles/matrix-sygnal/tasks/setup_install.yml | 33 ------------ roles/matrix-sygnal/tasks/validate_config.yml | 8 --- roles/matrix-sygnal/templates/sygnal.yaml.j2 | 51 ------------------- 6 files changed, 15 insertions(+), 123 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8fd1c8d2d..88e26339d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,17 @@ +# 2021-08-20 + +# Sygnal upgraded - ARM support and no longer requires a database + +The [Sygnal](docs/configuring-playbook-sygnal.md) push gateway has been upgraded from `v0.9.0` to `v0.10.1`. + +This is an optional component for the playbook, so most of our users wouldn't care about this announcement. + +Since this feels like a relatively big (and untested, as of yet) Sygnal change, we're putting up this changelog entry. + +The new version is also available for the ARM architecture. It also no longer requires a database anymore. +If you need to downgrade to the previous version, changing `matrix_sygnal_version` or `matrix_sygnal_docker_image` will not be enough, as we've removed the `database` configuration completely. You'd need to switch to an earlier playbook commit. + + # 2021-05-21 ## Hydrogen support diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a8e392820..1952b3386 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1462,12 +1462,6 @@ matrix_postgres_additional_databases: | 'password': matrix_etherpad_database_password, }] if (matrix_etherpad_enabled and matrix_etherpad_database_engine == 'postgres' and matrix_etherpad_database_hostname == 'matrix-postgres') else []) + - ([{ - 'name': matrix_sygnal_database_name, - 'username': matrix_sygnal_database_username, - 'password': matrix_sygnal_database_password, - }] if (matrix_sygnal_enabled and matrix_sygnal_database_engine == 'postgres' and matrix_sygnal_database_hostname == 'matrix-postgres') else []) - + ([{ 'name': matrix_prometheus_postgres_exporter_database_name, 'username': matrix_prometheus_postgres_exporter_database_username, @@ -1512,10 +1506,6 @@ matrix_sygnal_metrics_prometheus_enabled: "{{ matrix_prometheus_enabled }}" matrix_sygnal_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:6000' }}" -# Postgres is the default, except if not using `matrix_postgres` (internal postgres) -matrix_sygnal_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" -matrix_sygnal_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'sygnal') | to_uuid }}" - ###################################################################### # # /matrix-sygnal diff --git a/roles/matrix-sygnal/defaults/main.yml b/roles/matrix-sygnal/defaults/main.yml index 476ac2ad4..70d530f86 100644 --- a/roles/matrix-sygnal/defaults/main.yml +++ b/roles/matrix-sygnal/defaults/main.yml @@ -7,7 +7,7 @@ matrix_sygnal_base_path: "{{ matrix_base_data_path }}/sygnal" matrix_sygnal_config_path: "{{ matrix_sygnal_base_path }}/config" matrix_sygnal_data_path: "{{ matrix_sygnal_base_path }}/data" -matrix_sygnal_version: v0.9.0 +matrix_sygnal_version: v0.10.1 matrix_sygnal_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/sygnal:{{ matrix_sygnal_version }}" matrix_sygnal_docker_image_force_pull: "{{ matrix_sygnal_docker_image.endswith(':latest') }}" @@ -25,26 +25,6 @@ matrix_sygnal_container_http_host_bind_port: '' # A list of extra arguments to pass to the container matrix_sygnal_container_extra_arguments: [] -# Database-related configuration fields. -# -# To use SQLite, stick to these defaults. -# -# To use Postgres: -# - change the engine (`matrix_sygnal_database_engine: 'postgres'`) -# - adjust your database credentials via the `matrix_sygnal_postgres_*` variables -matrix_sygnal_database_engine: 'sqlite' - -matrix_sygnal_sqlite_database_path_local: "{{ matrix_sygnal_data_path }}/sygnal.db" -matrix_sygnal_sqlite_database_path_in_container: "/data/sygnal.db" - -matrix_sygnal_database_username: 'matrix_sygnal' -matrix_sygnal_database_password: 'some-password' -matrix_sygnal_database_hostname: 'matrix-postgres' -matrix_sygnal_database_port: 5432 -matrix_sygnal_database_name: 'matrix_sygnal' - -matrix_sygnal_database_connection_string: 'postgres://{{ matrix_sygnal_database_username }}:{{ matrix_sygnal_database_password }}@{{ matrix_sygnal_database_hostname }}:{{ matrix_sygnal_database_port }}/{{ matrix_sygnal_database_name }}' - # A map (dictionary) of apps instances that this server works with. # # Example configuration: diff --git a/roles/matrix-sygnal/tasks/setup_install.yml b/roles/matrix-sygnal/tasks/setup_install.yml index afac61c48..b85b6bfff 100644 --- a/roles/matrix-sygnal/tasks/setup_install.yml +++ b/roles/matrix-sygnal/tasks/setup_install.yml @@ -1,32 +1,5 @@ --- -- set_fact: - matrix_sygnal_requires_restart: false - -- block: - - name: Check if an SQLite database already exists - stat: - path: "{{ matrix_sygnal_sqlite_database_path_local }}" - register: matrix_sygnal_sqlite_database_path_local_stat_result - - - block: - - set_fact: - matrix_postgres_db_migration_request: - src: "{{ matrix_sygnal_sqlite_database_path_local }}" - dst: "{{ matrix_sygnal_database_connection_string }}" - caller: "{{ role_path|basename }}" - engine_variable_name: 'matrix_sygnal_database_engine' - engine_old: 'sqlite' - systemd_services_to_stop: ['matrix-sygnal.service'] - pgloader_options: ['--with "quote identifiers"'] - - - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" - - - set_fact: - matrix_sygnal_requires_restart: true - when: "matrix_sygnal_sqlite_database_path_local_stat_result.stat.exists|bool" - when: "matrix_sygnal_database_engine == 'postgres'" - - name: Ensure Sygnal image is pulled docker_image: name: "{{ matrix_sygnal_docker_image }}" @@ -65,9 +38,3 @@ service: daemon_reload: yes when: "matrix_sygnal_systemd_service_result.changed|bool" - -- name: Ensure matrix-sygnal.service restarted, if necessary - service: - name: "matrix-sygnal.service" - state: restarted - when: "matrix_sygnal_requires_restart|bool" diff --git a/roles/matrix-sygnal/tasks/validate_config.yml b/roles/matrix-sygnal/tasks/validate_config.yml index efd64104a..1cf8357ee 100644 --- a/roles/matrix-sygnal/tasks/validate_config.yml +++ b/roles/matrix-sygnal/tasks/validate_config.yml @@ -3,11 +3,3 @@ msg: >- Enabling Sygnal requires that you specify at least one app in `matrix_sygnal_apps` when: "matrix_sygnal_enabled and matrix_sygnal_apps|length == 0" - -- name: Fail if running on a non-supported architecture - fail: - msg: >- - Sygnal can only be used on the amd64 architecture for now. - Only amd64 container images are pushed for the `docker.io/matrixdotorg/sygnal` container image. - Either use a different image (by redefining `matrix_sygnal_docker_image`) or consider contributing self-building support to this role. - when: "matrix_sygnal_enabled and matrix_architecture != 'amd64' and matrix_sygnal_docker_image.startswith('docker.io/matrixdotorg/sygnal')" diff --git a/roles/matrix-sygnal/templates/sygnal.yaml.j2 b/roles/matrix-sygnal/templates/sygnal.yaml.j2 index bb8c521d9..bb81ea9a4 100644 --- a/roles/matrix-sygnal/templates/sygnal.yaml.j2 +++ b/roles/matrix-sygnal/templates/sygnal.yaml.j2 @@ -3,57 +3,6 @@ # See: matrix.org ## -# The 'database' setting defines the database that sygnal uses to store all of -# its data. -# -# 'name' gives the database engine to use: either 'sqlite3' (for SQLite) or -# 'psycopg2' (for PostgreSQL). -# -# 'args' gives options which are passed through to the database engine, -# except for options starting 'cp_', which are used to configure the Twisted -# connection pool. For a reference to valid arguments, see: -# * for sqlite: https://docs.python.org/3/library/sqlite3.html#sqlite3.connect -# * for postgres: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS -# * for the connection pool: https://twistedmatrix.com/documents/current/api/twisted.enterprise.adbapi.ConnectionPool.html#__init__ -# -# -# Example SQLite configuration: -# -#database: -# name: sqlite3 -# args: -# dbfile: /path/to/database.db -# -# -# Example Postgres configuration: -# -#database: -# name: psycopg2 -# args: -# host: localhost -# database: sygnal -# user: sygnal -# password: pass -# cp_min: 1 -# cp_max: 5 -# -{% if matrix_sygnal_database_engine == 'sqlite' %} -database: - name: sqlite3 - args: - dbfile: {{ matrix_sygnal_sqlite_database_path_in_container|to_json }} -{% else %} -database: - name: psycopg2 - args: - host: {{ matrix_sygnal_database_hostname|to_json }} - database: {{ matrix_sygnal_database_name|to_json }} - user: {{ matrix_sygnal_database_username|to_json }} - password: {{ matrix_sygnal_database_password|to_json }} - cp_min: 1 - cp_max: 5 -{% endif %} - ## Logging # # log: From b13cf1871fde73a6043e3075a3bd8bbcebf0fc26 Mon Sep 17 00:00:00 2001 From: Alexandar Mechev Date: Sat, 21 Aug 2021 17:32:45 +0200 Subject: [PATCH 73/82] add code for LinkedIn Bridge --- group_vars/matrix_servers | 40 +++ .../defaults/main.yml | 107 +++++++ .../tasks/init.yml | 16 ++ .../tasks/main.yml | 21 ++ .../tasks/setup_install.yml | 115 ++++++++ .../tasks/setup_uninstall.yml | 24 ++ .../tasks/validate_config.yml | 11 + .../templates/config.yaml.j2 | 267 ++++++++++++++++++ .../systemd/matrix-beeper-linkedin.service.j2 | 42 +++ setup.yml | 1 + 10 files changed, 644 insertions(+) create mode 100644 roles/matrix-bridge-beeper-linkedin/defaults/main.yml create mode 100644 roles/matrix-bridge-beeper-linkedin/tasks/init.yml create mode 100644 roles/matrix-bridge-beeper-linkedin/tasks/main.yml create mode 100644 roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml create mode 100644 roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml create mode 100644 roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml create mode 100644 roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a8e392820..a3ef6e107 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -216,6 +216,40 @@ matrix_appservice_irc_database_password: "{{ matrix_synapse_macaroon_secret_key ###################################################################### +###################################################################### +# +# /matrix-bridge-beeper-linkedin +# +###################################################################### + +# We don't enable bridges by default. +matrix_beeper_linkedin_enabled: false + +matrix_beeper_linkedin_systemd_required_services_list: | + {{ + ['docker.service'] + + + (['matrix-synapse.service'] if matrix_synapse_enabled else []) + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + }} + +matrix_beeper_linkedin_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'linked.as.token') | to_uuid }}" + +matrix_beeper_linkedin_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'linked.hs.token') | to_uuid }}" + +matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" + +matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}" + +# Postgres is the default, except if not using `matrix_postgres` (internal postgres) +matrix_beeper_linkedin_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_beeper_linkedin_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'maulinkedin.db') | to_uuid }}" + + + ###################################################################### # # matrix-bridge-mautrix-facebook @@ -1372,6 +1406,12 @@ matrix_postgres_additional_databases: | 'password': matrix_appservice_irc_database_password, }] if (matrix_appservice_irc_enabled and matrix_appservice_irc_database_engine == 'postgres' and matrix_appservice_irc_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_beeper_linkedin_database_name, + 'username': matrix_beeper_linkedin_database_username, + 'password': matrix_beeper_linkedin_database_password, + }] if (matrix_beeper_linkedin_enabled and matrix_beeper_linkedin_database_engine == 'postgres' and matrix_beeper_linkedin_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_mautrix_facebook_database_name, 'username': matrix_mautrix_facebook_database_username, diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml new file mode 100644 index 000000000..851b88179 --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -0,0 +1,107 @@ +# beeper-linkedin is a Matrix <-> LinkedIn bridge +# See: https://gitlab.com/beeper/linkedin + +matrix_beeper_linkedin_enabled: true + +matrix_beeper_linkedin_version: v0.5.0 +# See: https://gitlab.com/beeper/linkedin/container_registry +matrix_beeper_linkedin_docker_image: "registry.gitlab.com/beeper/linkedin:{{ matrix_beeper_linkedin_version }}-amd64" +matrix_beeper_linkedin_docker_image_force_pull: "{{ matrix_beeper_linkedin_docker_image.endswith(':latest-amd64') }}" + +matrix_beeper_linkedin_base_path: "{{ matrix_base_data_path }}/beeper-linkedin" +matrix_beeper_linkedin_config_path: "{{ matrix_beeper_linkedin_base_path }}/config" +matrix_beeper_linkedin_data_path: "{{ matrix_beeper_linkedin_base_path }}/data" + +matrix_beeper_linkedin_homeserver_address: "{{ matrix_homeserver_container_url }}" +matrix_beeper_linkedin_homeserver_domain: "{{ matrix_domain }}" +matrix_beeper_linkedin_appservice_address: "http://matrix-beeper-linkedin:29319" + +# A list of extra arguments to pass to the container +matrix_beeper_linkedin_container_extra_arguments: [] + +# List of systemd services that matrix-beeper-linkedin.service depends on. +matrix_beeper_linkedin_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-beeper-linkedin.service wants +matrix_beeper_linkedin_systemd_wanted_services_list: [] + +matrix_beeper_linkedin_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'linked.as.token') | to_uuid }}" +matrix_beeper_linkedin_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'linked.hs.token') | to_uuid }}" + +matrix_beeper_linkedin_appservice_bot_username: linkedinbot + + +# Database-related configuration fields. (only works with postgres for now!) +# To use Postgres: +# - change the engine (`matrix_beeper_linkedin_database_engine: 'postgres'`) +# - adjust your database credentials via the `matrix_beeper_linkedin_postgres_*` variables +matrix_beeper_linkedin_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" + +matrix_beeper_linkedin_sqlite_database_path_local: "{{ matrix_beeper_linkedin_data_path }}/beeper-linkedin.db" +matrix_beeper_linkedin_sqlite_database_path_in_container: "/data/beeper-linkedin.db" + +matrix_beeper_linkedin_database_username: 'matrix_beeper_linkedin' +matrix_beeper_linkedin_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'maulinkedin.db') | to_uuid }}" +matrix_beeper_linkedin_database_hostname: 'matrix-postgres' +matrix_beeper_linkedin_database_port: 5432 +matrix_beeper_linkedin_database_name: 'matrix_beeper_linkedin' + +matrix_beeper_linkedin_database_connection_string: 'postgresql://{{ matrix_beeper_linkedin_database_username }}:{{ matrix_beeper_linkedin_database_password }}@{{ matrix_beeper_linkedin_database_hostname }}:{{ matrix_beeper_linkedin_database_port }}/{{ matrix_beeper_linkedin_database_name }}?sslmode=disable' + +matrix_beeper_linkedin_appservice_database_type: "{{ + { + 'sqlite': 'sqlite3', + 'postgres':'postgres', + }[matrix_beeper_linkedin_database_engine] +}}" + +matrix_beeper_linkedin_appservice_database_uri: "{{ + { + 'sqlite': matrix_beeper_linkedin_sqlite_database_path_in_container, + 'postgres': matrix_beeper_linkedin_database_connection_string, + }[matrix_beeper_linkedin_database_engine] +}}" + + +# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). +matrix_beeper_linkedin_login_shared_secret: '' + +# Default beeper-linkedin configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_beeper_linkedin_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_beeper_linkedin_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" + +matrix_beeper_linkedin_configuration_extension_yaml: | + # Your custom YAML configuration goes here. + # This configuration extends the default starting configuration (`matrix_beeper_linkedin_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_beeper_linkedin_configuration_yaml`. + +matrix_beeper_linkedin_configuration_extension: "{{ matrix_beeper_linkedin_configuration_extension_yaml|from_yaml if matrix_beeper_linkedin_configuration_extension_yaml|from_yaml is mapping else {} }}" + +# Holds the final configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_beeper_linkedin_configuration_yaml`. +matrix_beeper_linkedin_configuration: "{{ matrix_beeper_linkedin_configuration_yaml|from_yaml|combine(matrix_beeper_linkedin_configuration_extension, recursive=True) }}" + +matrix_beeper_linkedin_registration_yaml: | + id: linkedin + url: {{ matrix_beeper_linkedin_appservice_address }} + as_token: "{{ matrix_beeper_linkedin_appservice_token }}" + hs_token: "{{ matrix_beeper_linkedin_homeserver_token }}" + + sender_localpart: _bot_{{ matrix_beeper_linkedin_appservice_bot_username }} + rate_limited: false + namespaces: + users: + - regex: '^@linkedin_.+:{{ matrix_beeper_linkedin_homeserver_domain|regex_escape }}$' + exclusive: true + - exclusive: true + regex: '^@{{ matrix_beeper_linkedin_appservice_bot_username|regex_escape }}:{{ matrix_beeper_linkedin_homeserver_domain|regex_escape }}$' + de.sorunome.msc2409.push_ephemeral: true + +matrix_beeper_linkedin_registration: "{{ matrix_beeper_linkedin_registration_yaml|from_yaml }}" diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml new file mode 100644 index 000000000..755ac2f53 --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml @@ -0,0 +1,16 @@ +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-beeper-linkedin.service'] }}" + when: matrix_beeper_linkedin_enabled|bool + +# If the matrix-synapse role is not used, these variables may not exist. +- set_fact: + matrix_synapse_container_extra_arguments: > + {{ matrix_synapse_container_extra_arguments|default([]) }} + + + ["--mount type=bind,src={{ matrix_beeper_linkedin_config_path }}/registration.yaml,dst=/matrix-beeper-linkedin-registration.yaml,ro"] + + matrix_synapse_app_service_config_files: > + {{ matrix_synapse_app_service_config_files|default([]) }} + + + {{ ["/matrix-beeper-linkedin-registration.yaml"] }} + when: matrix_beeper_linkedin_enabled|bool diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/main.yml b/roles/matrix-bridge-beeper-linkedin/tasks/main.yml new file mode 100644 index 000000000..79c54f1ac --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/tasks/main.yml @@ -0,0 +1,21 @@ +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup|bool and matrix_beeper_linkedin_enabled|bool" + tags: + - setup-all + - setup-beeper-linkedin + +- import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup and matrix_beeper_linkedin_enabled" + tags: + - setup-all + - setup-beeper-linkedin + +- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup and not matrix_beeper_linkedin_enabled" + tags: + - setup-all + - setup-beeper-linkedin diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml new file mode 100644 index 000000000..c2ccf8dc5 --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -0,0 +1,115 @@ +--- + +# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. +# We don't want to fail in such cases. +- name: Fail if matrix-synapse role already executed + fail: + msg: >- + The matrix-bridge-beeper-linkedin role needs to execute before the matrix-synapse role. + when: "matrix_synapse_role_executed|default(False)" + +- set_fact: + matrix_beeper_linkedin_requires_restart: false + +- block: + - name: Check if an SQLite database already exists + stat: + path: "{{ matrix_beeper_linkedin_sqlite_database_path_local }}" + register: matrix_beeper_linkedin_sqlite_database_path_local_stat_result + + - block: + - set_fact: + matrix_postgres_db_migration_request: + src: "{{ matrix_beeper_linkedin_sqlite_database_path_local }}" + dst: "{{ matrix_beeper_linkedin_database_connection_string }}" + caller: "{{ role_path|basename }}" + engine_variable_name: 'matrix_beeper_linkedin_database_engine' + engine_old: 'sqlite' + systemd_services_to_stop: ['matrix-beeper-linkedin.service'] + pgloader_options: ['--with "quote identifiers"'] + + - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" + + - set_fact: + matrix_beeper_linkedin_requires_restart: true + when: "matrix_beeper_linkedin_sqlite_database_path_local_stat_result.stat.exists|bool" + when: "matrix_beeper_linkedin_database_engine == 'postgres'" + +- name: Ensure Beeper LinkedIn image is pulled + docker_image: + name: "{{ matrix_beeper_linkedin_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_beeper_linkedin_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_beeper_linkedin_docker_image_force_pull }}" + +- name: Ensure Beeper LinkedIn paths exists + file: + path: "{{ item }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - "{{ matrix_beeper_linkedin_base_path }}" + - "{{ matrix_beeper_linkedin_config_path }}" + - "{{ matrix_beeper_linkedin_data_path }}" + +- name: Check if an old database file exists + stat: + path: "{{ matrix_beeper_linkedin_base_path }}/beeper-linkedin.db" + register: matrix_beeper_linkedin_stat_database + +- name: Check if an old matrix state file exists + stat: + path: "{{ matrix_beeper_linkedin_base_path }}/mx-state.json" + register: matrix_beeper_linkedin_stat_mx_state + +- name: (Data relocation) Ensure matrix-beeper-linkedin.service is stopped + service: + name: matrix-beeper-linkedin + state: stopped + daemon_reload: yes + failed_when: false + when: "matrix_beeper_linkedin_stat_database.stat.exists" + +- name: (Data relocation) Move beeper-linkedin database file to ./data directory + command: "mv {{ matrix_beeper_linkedin_base_path }}/beeper-linkedin.db {{ matrix_beeper_linkedin_data_path }}/beeper-linkedin.db" + when: "matrix_beeper_linkedin_stat_database.stat.exists" + +- name: (Data relocation) Move beeper-linkedin mx-state file to ./data directory + command: "mv {{ matrix_beeper_linkedin_base_path }}/mx-state.json {{ matrix_beeper_linkedin_data_path }}/mx-state.json" + when: "matrix_beeper_linkedin_stat_mx_state.stat.exists" + +- name: Ensure beeper-linkedin config.yaml installed + copy: + content: "{{ matrix_beeper_linkedin_configuration|to_nice_yaml }}" + dest: "{{ matrix_beeper_linkedin_config_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure beeper-linkedin registration.yaml installed + copy: + content: "{{ matrix_beeper_linkedin_registration|to_nice_yaml }}" + dest: "{{ matrix_beeper_linkedin_config_path }}/registration.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-beeper-linkedin.service installed + template: + src: "{{ role_path }}/templates/systemd/matrix-beeper-linkedin.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + mode: 0644 + register: matrix_beeper_linkedin_systemd_service_result + +- name: Ensure systemd reloaded after matrix-beeper-linkedin.service installation + service: + daemon_reload: yes + when: "matrix_beeper_linkedin_systemd_service_result.changed" + +- name: Ensure matrix-beeper-linkedin.service restarted, if necessary + service: + name: "matrix-beeper-linkedin.service" + state: restarted + when: "matrix_beeper_linkedin_requires_restart|bool" diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml new file mode 100644 index 000000000..004b788ec --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml @@ -0,0 +1,24 @@ +--- + +- name: Check existence of matrix-beeper-linkedin service + stat: + path: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + register: matrix_beeper_linkedin_service_stat + +- name: Ensure matrix-beeper-linkedin is stopped + service: + name: matrix-beeper-linkedin + state: stopped + daemon_reload: yes + when: "matrix_beeper_linkedin_service_stat.stat.exists" + +- name: Ensure matrix-beeper-linkedin.service doesn't exist + file: + path: "{{ matrix_systemd_path }}/matrix-beeper-linkedin.service" + state: absent + when: "matrix_beeper_linkedin_service_stat.stat.exists" + +- name: Ensure systemd reloaded after matrix-beeper-linkedin.service removal + service: + daemon_reload: yes + when: "matrix_beeper_linkedin_service_stat.stat.exists" diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml b/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml new file mode 100644 index 000000000..fe33defaf --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/tasks/validate_config.yml @@ -0,0 +1,11 @@ +--- + +- name: Fail if required settings not defined + fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_beeper_linkedin_appservice_token" + - "matrix_beeper_linkedin_homeserver_token" + diff --git a/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 b/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 new file mode 100644 index 000000000..4fb6b055a --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2 @@ -0,0 +1,267 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details. +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_beeper_linkedin_homeserver_address }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_beeper_linkedin_homeserver_domain }} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + # Whether or not the homeserver supports asmux-specific endpoints, + # such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically + # updating m.direct. + asmux: false + # Number of retries for all HTTP requests if the homeserver isn't reachable. + http_retry_count: 4 + + +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_beeper_linkedin_appservice_address }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 29319 + + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. Only Postgres is currently supported. + database: {{ matrix_beeper_linkedin_appservice_database_uri|to_json }} + # Additional arguments for asyncpg.create_pool() + # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool + database_opts: + min_size: 5 + max_size: 10 + + # Provisioning API part of the web server for automated portal creation and fetching information. + # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). + provisioning: + # Whether or not the provisioning API should be enabled. + enabled: true + # The prefix to use in the provisioning API endpoints. + prefix: /_matrix/provision/v1 + # The shared secret to authorize users of the API. + # Set to "generate" to generate and save a new token. + shared_secret: generate + + # The unique ID of this appservice. + id: beeper_linkedin + # Appservice bot details. + bot: + # Username of the appservice bot. + username: {{ matrix_beeper_linkedin_appservice_bot_username|to_json }} + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + displayname: LinkedIn bridge bot + avatar: mxc://sumnerevans.com/XMtwdeUBnxYvWNFFrfeTSHqB + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + # You should disable bridge -> sync_with_custom_puppets when this is enabled. + ephemeral_events: false + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "{{ matrix_beeper_linkedin_appservice_token }}" + hs_token: "{{ matrix_beeper_linkedin_homeserver_token }}" + + +# Prometheus telemetry config. Requires prometheus-client to be installed. +metrics: + enabled: false + listen_port: 8000 + +# Manhole config. +manhole: + # Whether or not opening the manhole is allowed. + enabled: false + # The path for the unix socket. + path: /var/tmp/linkedin-matrix.manhole + # The list of UIDs who can be added to the whitelist. + # If empty, any UIDs can be specified in the open-manhole command. + whitelist: + - 0 + + +# Bridge config +bridge: + # Localpart template of MXIDs for LinkedIn users. + username_template: "linkedin_{userid}" + # Displayname template for LinkedIn users. + # Localpart template for per-user room grouping community IDs. + # The bridge will create these communities and add all of the specific user's portals to the community. + # {localpart} is the MXID localpart and {server} is the MXID server part of the user. + # (Note that, by default, non-admins might not have your homeserver's permission to create + # communities. You should set `enable_group_creation: true` in homeserver.yaml to fix this.) + # `linkedin_{localpart}={server}` is a good value. + community_template: null + + # Displayname template for LinkedIn users. + # {displayname} is replaced with the display name of the LinkedIn user + # as defined below in displayname_preference. + # Keys available for displayname_preference are also available here. + displayname_template: "{displayname} (LinkedIn)" + + # Number of chats to sync (and create portals for) on startup/login. + # Set 0 to disable automatic syncing. + initial_chat_sync: 10 + + # Whether or not the LinkedIn users of logged in Matrix users should be + # invited to private chats when the user sends a message from another client. + invite_own_puppet_to_pm: false + # Whether or not to use /sync to get presence, read receipts and typing notifications + # when double puppeting is enabled + sync_with_custom_puppets: true + # Whether or not to update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Servers to always allow double puppeting from + double_puppet_server_map: {} + # example.com: https://example.com + # Allow using double puppeting from any server with a valid client .well-known file. + + # Maximum number of seconds since last message in chat to skip + # syncing the chat in any case. This setting will take priority + # over both recovery_chat_sync_limit and initial_chat_sync_count. + # Default is 3 days = 259200 seconds + sync_max_chat_age: 259200 + + # Whether or not to sync with custom puppets to receive EDUs that + # are not normally sent to appservices. + sync_with_custom_puppets: true + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret: {{ matrix_beeper_linkedin_login_shared_secret|to_json }} + + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + + # Whether or not to bridge presence in both directions. LinkedIn allows users not to broadcast + # presence, but then it won't send other users' presence to the client. + presence: {{ matrix_beeper_linkedin_bridge_presence|to_json }} + # Whether or not to update avatars when syncing all contacts at startup. + update_avatar_initial_sync: true + + + # End-to-bridge encryption support options. These require matrix-nio to be installed with pip + # and login_shared_secret to be configured in order to get a device for the bridge bot. + # + # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal + # application service. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Options for automatic key sharing. + key_sharing: + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow: false + # Require the requesting device to have a valid cross-signing signature? + # This doesn't require that the bridge has verified the device, only that the user has verified it. + # Not yet implemented. + require_cross_signing: false + # Require devices to be verified by the bridge? + # Verification by the bridge is not yet implemented. + require_verification: true + # Whether or not the bridge should send a read receipt from the bridge bot when a message has + # been sent to LinkedIn. + delivery_receipts: false + # Whether to allow inviting arbitrary mxids to portal rooms + allow_invites: false + + # Settings for backfilling messages from LinkedIn. + backfill: + # Whether or not the LinkedIn users of logged in Matrix users should be + # invited to private chats when backfilling history from LinkedIn. This is + # usually needed to prevent rate limits and to allow timestamp massaging. + invite_own_puppet: true + # Maximum number of messages to backfill initially. + # Set to 0 to disable backfilling when creating portal. + initial_limit: 0 + # Maximum number of messages to backfill if messages were missed while + # the bridge was disconnected. + # Set to 0 to disable backfilling missed messages. + missed_limit: 1000 + # If using double puppeting, should notifications be disabled + # while the initial backfill is in progress? + disable_notifications: false + periodic_reconnect: + # TODO needed? + # Interval in seconds in which to automatically reconnect all users. + # This can be used to automatically mitigate the bug where Linkedin stops sending messages. + # Set to -1 to disable periodic reconnections entirely. + interval: -1 + # What to do in periodic reconnects. Either "refresh" or "reconnect" + mode: refresh + # Should even disconnected users be reconnected? + always: false + # The number of seconds that a disconnection can last without triggering an automatic re-sync + # and missed message backfilling when reconnecting. + # Set to 0 to always re-sync, or -1 to never re-sync automatically. + resync_max_disconnected_time: 5 + # Whether or not temporary disconnections should send notices to the notice room. + # If this is false, disconnections will never send messages and connections will only send + # messages if it was disconnected for more than resync_max_disconnected_time seconds. + temporary_disconnect_notices: true + # Whether or not the bridge should try to "refresh" the connection if a normal reconnection + # attempt fails. + refresh_on_reconnection_fail: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, + # except if the config file is not writable. + resend_bridge_info: false + # When using double puppeting, should muted chats be muted in Matrix? + mute_bridging: false + # Whether or not mute status and tags should only be bridged when the portal room is created. + tag_only_on_create: true + + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!li" + + # Permissions for using the bridge. + # Permitted values: + # user - Access to use the bridge to chat with a Linkedin account. + # admin - User level and some additional administration tools + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "{{ matrix_beeper_linkedin_homeserver_domain }}": user + + + +# Logging config. +logging: + version: 1 + formatters: + colored: + (): mautrix.util.logging.color.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: DEBUG + paho: + level: INFO + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [ console] + diff --git a/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 b/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 new file mode 100644 index 000000000..4498b4f02 --- /dev/null +++ b/roles/matrix-bridge-beeper-linkedin/templates/systemd/matrix-beeper-linkedin.service.j2 @@ -0,0 +1,42 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix Beeper Linkedin bridge +{% for service in matrix_beeper_linkedin_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_beeper_linkedin_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null' + +# Intentional delay, so that the homeserver (we likely depend on) can manage to start. +ExecStartPre={{ matrix_host_command_sleep }} 5 + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-beeper-linkedin \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_docker_network }} \ + -v {{ matrix_beeper_linkedin_config_path }}:/data:z \ + --workdir=/opt/linkedin-matrix \ + {% for arg in matrix_beeper_linkedin_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_beeper_linkedin_docker_image }} \ + python3 -m linkedin_matrix -c /data/config.yaml -r /data/registration.yaml + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-beeper-linkedin 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-beeper-linkedin 2>/dev/null' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-beeper-linkedin + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 142364c46..21d67f1a8 100755 --- a/setup.yml +++ b/setup.yml @@ -18,6 +18,7 @@ - matrix-bridge-appservice-slack - matrix-bridge-appservice-webhooks - matrix-bridge-appservice-irc + - matrix-bridge-beeper-linkedin - matrix-bridge-mautrix-facebook - matrix-bridge-mautrix-hangouts - matrix-bridge-mautrix-instagram From 340e0fabc4b52a9a0d5cb01b11e23a19d709fa92 Mon Sep 17 00:00:00 2001 From: Alexandar Mechev Date: Sat, 21 Aug 2021 18:24:30 +0200 Subject: [PATCH 74/82] Adds Documentation for LinkedIn Bridge --- README.md | 2 + ...iguring-playbook-bridge-beeper-linkedin.md | 59 +++++++++++++++++++ docs/configuring-playbook.md | 2 + 3 files changed, 63 insertions(+) create mode 100644 docs/configuring-playbook-bridge-beeper-linkedin.md diff --git a/README.md b/README.md index 47119d14d..edda6f995 100644 --- a/README.md +++ b/README.md @@ -57,6 +57,8 @@ Using this playbook, you can get the following services configured on your serve - (optional) the [mautrix-signal](https://github.com/mautrix/signal) bridge for bridging your Matrix server to [Signal](https://www.signal.org/) +- (optional) the [beeper-linkedin](https://gitlab.com/beeper/linkedin) bridge for bridging your Matrix server to [LinkedIn](https://www.linkedin.com/) + - (optional) the [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) bridge for bridging your Matrix server to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) - (optional) the [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) bridge for bridging your Matrix server to [Discord](https://discordapp.com/) diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md new file mode 100644 index 000000000..390794290 --- /dev/null +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -0,0 +1,59 @@ +# Setting up Beeper Linkedin (optional) + +The playbook can install and configure [beeper-linkedin](https://gitlab.com/beeper/linkedin) for you. This bridge is based on the mautrix-python framework and can be configured in a similar way to the other mautrix bridges + +See the project's [documentation](https://gitlab.com/beeper/linkedin/-/blob/master/README.md) to learn what it does and why it might be useful to you. + +```yaml +matrix_beeper_linkedin_enabled: true +``` + +There are some additional things you may wish to configure about the bridge before you continue. + +Encryption support is off by default. If you would like to enable encryption, add the following to your `vars.yml` file: +```yaml +matrix_beeper_linkedin_configuration_extension_yaml: | + bridge: + encryption: + allow: true + default: true +``` + +If you would like to be able to administrate the bridge from your account it can be configured like this: +```yaml +matrix_beeper_linkedin_configuration_extension_yaml: | + bridge: + permissions: + '@YOUR_USERNAME:YOUR_DOMAIN': admin +``` + +You may wish to look at `roles/matrix-bridge-beeper-linkedin/templates/config.yaml.j2` to find other things you would like to configure. + + +## Set up Double Puppeting + +If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it. + +### Method 1: automatically, by enabling Shared Secret Auth + +The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook. + +This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future. + + +## Usage + +You then need to start a chat with `@linkedinbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). + +Send `login YOUR_LINKEDIN_EMAIL_ADDRESS` to the bridge bot to enable bridging for your LinkedIn account. + +If you run into trouble, check the [Troubleshooting](#troubleshooting) section below. + +After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so. + + +## Troubleshooting + +### Bridge asking for 2FA even if you don't have 2FA enabled + +If you don't have 2FA enabled and are logging in from a strange IP for the first time, LinkedIn will send an email with a one-time code. You can use this code to authorize the bridge session. In my experience, once the IP is authorized, you will not be asked again. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index fae66dca2..60c7a4bf2 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -104,6 +104,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Appservice IRC bridging](configuring-playbook-bridge-appservice-irc.md) (optional) +- [Setting up Beeper LinkedIn bridging](configuring-playbook-bridge-beeper-linkedin.md) (optional) + - [Setting up Appservice Discord bridging](configuring-playbook-bridge-appservice-discord.md) (optional) - [Setting up Appservice Slack bridging](configuring-playbook-bridge-appservice-slack.md) (optional) From 48548eb561e1d0c05de590744c88eff98fcbe9e2 Mon Sep 17 00:00:00 2001 From: sakkiii Date: Sun, 22 Aug 2021 18:45:25 +0530 Subject: [PATCH 75/82] Postgres Minor Updates --- roles/matrix-postgres/defaults/main.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 9c1cac9a9..8439241ad 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -17,11 +17,11 @@ matrix_postgres_architecture: amd64 # > LOG: startup process (PID 37) was terminated by signal 11: Segmentation fault matrix_postgres_docker_image_suffix: "{{ '-alpine' if matrix_postgres_architecture in ['amd64', 'arm64'] else '' }}" -matrix_postgres_docker_image_v9: "{{ matrix_container_global_registry_prefix }}postgres:9.6.22{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.17{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.12{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.7{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.3{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v9: "{{ matrix_container_global_registry_prefix }}postgres:9.6.23{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.18{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.13{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.8{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.4{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v13 }}" # This variable is assigned at runtime. Overriding its value has no effect. From 78b62664cdd4b65846a1698b3efbb414d8cf13fb Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Mon, 23 Aug 2021 10:29:05 +0200 Subject: [PATCH 76/82] Update to version v0.30.0 https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.30.0 --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index b0f27e657..1843e4af8 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -7,7 +7,7 @@ matrix_appservice_irc_container_self_build: false matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git" matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src" -matrix_appservice_irc_version: release-v0.29.0 +matrix_appservice_irc_version: release-v0.30.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 13e660bffd6c1314da2019c31a92d2fa0ad73d89 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 23 Aug 2021 15:02:28 +0300 Subject: [PATCH 77/82] Add missing section separator --- group_vars/matrix_servers | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a3ef6e107..e2c758f5c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -218,7 +218,7 @@ matrix_appservice_irc_database_password: "{{ matrix_synapse_macaroon_secret_key ###################################################################### # -# /matrix-bridge-beeper-linkedin +# matrix-bridge-beeper-linkedin # ###################################################################### @@ -248,7 +248,11 @@ matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if m matrix_beeper_linkedin_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_beeper_linkedin_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'maulinkedin.db') | to_uuid }}" - +###################################################################### +# +# /matrix-bridge-beeper-linkedin +# +###################################################################### ###################################################################### # From 78c22138a5b5feed8cc921806cc85df888057600 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 23 Aug 2021 15:06:00 +0300 Subject: [PATCH 78/82] Do not reference variables from other roles This configuration is supposed to be kept clean and not reference variables defined in other roles. `group_vars/matrix_servers` redefines these to hook our various roles together. --- roles/matrix-bridge-beeper-linkedin/defaults/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml index 851b88179..dfe9709dc 100644 --- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -25,8 +25,8 @@ matrix_beeper_linkedin_systemd_required_services_list: ['docker.service'] # List of systemd services that matrix-beeper-linkedin.service wants matrix_beeper_linkedin_systemd_wanted_services_list: [] -matrix_beeper_linkedin_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'linked.as.token') | to_uuid }}" -matrix_beeper_linkedin_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'linked.hs.token') | to_uuid }}" +matrix_beeper_linkedin_appservice_token: "" +matrix_beeper_linkedin_homeserver_token: "" matrix_beeper_linkedin_appservice_bot_username: linkedinbot @@ -35,13 +35,13 @@ matrix_beeper_linkedin_appservice_bot_username: linkedinbot # To use Postgres: # - change the engine (`matrix_beeper_linkedin_database_engine: 'postgres'`) # - adjust your database credentials via the `matrix_beeper_linkedin_postgres_*` variables -matrix_beeper_linkedin_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_beeper_linkedin_database_engine: "sqlite" matrix_beeper_linkedin_sqlite_database_path_local: "{{ matrix_beeper_linkedin_data_path }}/beeper-linkedin.db" matrix_beeper_linkedin_sqlite_database_path_in_container: "/data/beeper-linkedin.db" matrix_beeper_linkedin_database_username: 'matrix_beeper_linkedin' -matrix_beeper_linkedin_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'maulinkedin.db') | to_uuid }}" +matrix_beeper_linkedin_database_password: "" matrix_beeper_linkedin_database_hostname: 'matrix-postgres' matrix_beeper_linkedin_database_port: 5432 matrix_beeper_linkedin_database_name: 'matrix_beeper_linkedin' From 603ad7c52bba98959dcb77dc20fca09e0b550575 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 23 Aug 2021 15:12:19 +0300 Subject: [PATCH 79/82] Remove (non-working) SQLite support from beeper-linkedin bridge This bridge doesn't support SQLite anyway, so it's not necessary to carry around configuration fields and code for migration from SQLite to Postgres. There's nothing to migrate. --- group_vars/matrix_servers | 2 - .../defaults/main.yml | 13 +--- .../tasks/setup_install.yml | 59 ------------------- 3 files changed, 3 insertions(+), 71 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e2c758f5c..4575ff635 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -244,8 +244,6 @@ matrix_beeper_linkedin_login_shared_secret: "{{ matrix_synapse_ext_password_prov matrix_beeper_linkedin_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}" -# Postgres is the default, except if not using `matrix_postgres` (internal postgres) -matrix_beeper_linkedin_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_beeper_linkedin_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'maulinkedin.db') | to_uuid }}" ###################################################################### diff --git a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml index dfe9709dc..ff3243cd0 100644 --- a/roles/matrix-bridge-beeper-linkedin/defaults/main.yml +++ b/roles/matrix-bridge-beeper-linkedin/defaults/main.yml @@ -31,14 +31,9 @@ matrix_beeper_linkedin_homeserver_token: "" matrix_beeper_linkedin_appservice_bot_username: linkedinbot -# Database-related configuration fields. (only works with postgres for now!) -# To use Postgres: -# - change the engine (`matrix_beeper_linkedin_database_engine: 'postgres'`) -# - adjust your database credentials via the `matrix_beeper_linkedin_postgres_*` variables -matrix_beeper_linkedin_database_engine: "sqlite" - -matrix_beeper_linkedin_sqlite_database_path_local: "{{ matrix_beeper_linkedin_data_path }}/beeper-linkedin.db" -matrix_beeper_linkedin_sqlite_database_path_in_container: "/data/beeper-linkedin.db" +# Database-related configuration fields. +# Only Postgres is supported. +matrix_beeper_linkedin_database_engine: "postgres" matrix_beeper_linkedin_database_username: 'matrix_beeper_linkedin' matrix_beeper_linkedin_database_password: "" @@ -50,14 +45,12 @@ matrix_beeper_linkedin_database_connection_string: 'postgresql://{{ matrix_beepe matrix_beeper_linkedin_appservice_database_type: "{{ { - 'sqlite': 'sqlite3', 'postgres':'postgres', }[matrix_beeper_linkedin_database_engine] }}" matrix_beeper_linkedin_appservice_database_uri: "{{ { - 'sqlite': matrix_beeper_linkedin_sqlite_database_path_in_container, 'postgres': matrix_beeper_linkedin_database_connection_string, }[matrix_beeper_linkedin_database_engine] }}" diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml index c2ccf8dc5..97d05a45e 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml @@ -8,33 +8,6 @@ The matrix-bridge-beeper-linkedin role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed|default(False)" -- set_fact: - matrix_beeper_linkedin_requires_restart: false - -- block: - - name: Check if an SQLite database already exists - stat: - path: "{{ matrix_beeper_linkedin_sqlite_database_path_local }}" - register: matrix_beeper_linkedin_sqlite_database_path_local_stat_result - - - block: - - set_fact: - matrix_postgres_db_migration_request: - src: "{{ matrix_beeper_linkedin_sqlite_database_path_local }}" - dst: "{{ matrix_beeper_linkedin_database_connection_string }}" - caller: "{{ role_path|basename }}" - engine_variable_name: 'matrix_beeper_linkedin_database_engine' - engine_old: 'sqlite' - systemd_services_to_stop: ['matrix-beeper-linkedin.service'] - pgloader_options: ['--with "quote identifiers"'] - - - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" - - - set_fact: - matrix_beeper_linkedin_requires_restart: true - when: "matrix_beeper_linkedin_sqlite_database_path_local_stat_result.stat.exists|bool" - when: "matrix_beeper_linkedin_database_engine == 'postgres'" - - name: Ensure Beeper LinkedIn image is pulled docker_image: name: "{{ matrix_beeper_linkedin_docker_image }}" @@ -54,32 +27,6 @@ - "{{ matrix_beeper_linkedin_config_path }}" - "{{ matrix_beeper_linkedin_data_path }}" -- name: Check if an old database file exists - stat: - path: "{{ matrix_beeper_linkedin_base_path }}/beeper-linkedin.db" - register: matrix_beeper_linkedin_stat_database - -- name: Check if an old matrix state file exists - stat: - path: "{{ matrix_beeper_linkedin_base_path }}/mx-state.json" - register: matrix_beeper_linkedin_stat_mx_state - -- name: (Data relocation) Ensure matrix-beeper-linkedin.service is stopped - service: - name: matrix-beeper-linkedin - state: stopped - daemon_reload: yes - failed_when: false - when: "matrix_beeper_linkedin_stat_database.stat.exists" - -- name: (Data relocation) Move beeper-linkedin database file to ./data directory - command: "mv {{ matrix_beeper_linkedin_base_path }}/beeper-linkedin.db {{ matrix_beeper_linkedin_data_path }}/beeper-linkedin.db" - when: "matrix_beeper_linkedin_stat_database.stat.exists" - -- name: (Data relocation) Move beeper-linkedin mx-state file to ./data directory - command: "mv {{ matrix_beeper_linkedin_base_path }}/mx-state.json {{ matrix_beeper_linkedin_data_path }}/mx-state.json" - when: "matrix_beeper_linkedin_stat_mx_state.stat.exists" - - name: Ensure beeper-linkedin config.yaml installed copy: content: "{{ matrix_beeper_linkedin_configuration|to_nice_yaml }}" @@ -107,9 +54,3 @@ service: daemon_reload: yes when: "matrix_beeper_linkedin_systemd_service_result.changed" - -- name: Ensure matrix-beeper-linkedin.service restarted, if necessary - service: - name: "matrix-beeper-linkedin.service" - state: restarted - when: "matrix_beeper_linkedin_requires_restart|bool" From ee663e819e58bea0cd5255dd785196fee6cbc773 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 23 Aug 2021 15:27:03 +0300 Subject: [PATCH 80/82] Announce LinkedIn Messaging bridging support Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1242 --- CHANGELOG.md | 11 +++++++++++ docs/configuring-playbook-bridge-beeper-linkedin.md | 6 +++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 88e26339d..9c48f483a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +# 2021-08-23 + +## LinkedIn bridging support via beeper-linkedin + +Thanks to [Alexandar Mechev](https://github.com/apmechev), the playbook can now install the [beeper-linkedin](https://gitlab.com/beeper/linkedin) bridge for bridging to [LinkedIn](https://www.linkedin.com/) Messaging. + +This brings the total number of bridges supported by the playbook up to 20. See all supported bridges [here](docs/configuring-playbook.md#bridging-other-networks). + +To get started with bridging to LinkedIn, see [Setting up Beeper LinkedIn bridging](docs/configuring-playbook-bridge-beeper-linkedin.md). + + # 2021-08-20 # Sygnal upgraded - ARM support and no longer requires a database diff --git a/docs/configuring-playbook-bridge-beeper-linkedin.md b/docs/configuring-playbook-bridge-beeper-linkedin.md index 390794290..bcc9d0f5c 100644 --- a/docs/configuring-playbook-bridge-beeper-linkedin.md +++ b/docs/configuring-playbook-bridge-beeper-linkedin.md @@ -1,6 +1,6 @@ # Setting up Beeper Linkedin (optional) -The playbook can install and configure [beeper-linkedin](https://gitlab.com/beeper/linkedin) for you. This bridge is based on the mautrix-python framework and can be configured in a similar way to the other mautrix bridges +The playbook can install and configure [beeper-linkedin](https://gitlab.com/beeper/linkedin) for you, for bridging to [LinkedIn](https://www.linkedin.com/) Messaging. This bridge is based on the mautrix-python framework and can be configured in a similar way to the other mautrix bridges See the project's [documentation](https://gitlab.com/beeper/linkedin/-/blob/master/README.md) to learn what it does and why it might be useful to you. @@ -45,7 +45,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac You then need to start a chat with `@linkedinbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). -Send `login YOUR_LINKEDIN_EMAIL_ADDRESS` to the bridge bot to enable bridging for your LinkedIn account. +Send `login YOUR_LINKEDIN_EMAIL_ADDRESS` to the bridge bot to enable bridging for your LinkedIn account. If you run into trouble, check the [Troubleshooting](#troubleshooting) section below. @@ -56,4 +56,4 @@ After successfully enabling bridging, you may wish to [set up Double Puppeting]( ### Bridge asking for 2FA even if you don't have 2FA enabled -If you don't have 2FA enabled and are logging in from a strange IP for the first time, LinkedIn will send an email with a one-time code. You can use this code to authorize the bridge session. In my experience, once the IP is authorized, you will not be asked again. +If you don't have 2FA enabled and are logging in from a strange IP for the first time, LinkedIn will send an email with a one-time code. You can use this code to authorize the bridge session. In my experience, once the IP is authorized, you will not be asked again. From 4b643db31b948a93262d55109f0c8e4d0ed54d38 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 23 Aug 2021 15:31:33 +0300 Subject: [PATCH 81/82] Upgrade devture/exim-relay (4.94.2-r0-2 -> 4.94.2-r0-3) Related to https://github.com/devture/exim-relay/pull/11 --- roles/matrix-mailer/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-mailer/defaults/main.yml b/roles/matrix-mailer/defaults/main.yml index 8ca1a8a39..19bc1656b 100644 --- a/roles/matrix-mailer/defaults/main.yml +++ b/roles/matrix-mailer/defaults/main.yml @@ -7,7 +7,7 @@ matrix_mailer_container_image_self_build_repository_url: "https://github.com/dev matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src" matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}" -matrix_mailer_version: 4.94.2-r0-2 +matrix_mailer_version: 4.94.2-r0-3 matrix_mailer_docker_image: "{{ matrix_mailer_docker_image_name_prefix }}devture/exim-relay:{{ matrix_mailer_version }}" matrix_mailer_docker_image_name_prefix: "{{ 'localhost/' if matrix_mailer_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}" From 57414ec2becaa11c55c3277f5623b9b61bf0f378 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 23 Aug 2021 15:39:54 +0300 Subject: [PATCH 82/82] Upgrade matrix-corporal (2.1.1 -> 2.1.2) --- roles/matrix-corporal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-corporal/defaults/main.yml b/roles/matrix-corporal/defaults/main.yml index 881bee67b..313f79a8f 100644 --- a/roles/matrix-corporal/defaults/main.yml +++ b/roles/matrix-corporal/defaults/main.yml @@ -22,7 +22,7 @@ matrix_corporal_container_extra_arguments: [] # List of systemd services that matrix-corporal.service depends on matrix_corporal_systemd_required_services_list: ['docker.service'] -matrix_corporal_version: 2.1.1 +matrix_corporal_version: 2.1.2 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}" matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility