ProfessionalUwU/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2024-09-20 04:42:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ProfessionalUwU:b5ac236475378f768a4dab8610eaebc5c69159e1
Branches Tags
ProfessionalUwU:master
ProfessionalUwU:renovate/zeratax-matrix-registration-0.x
ProfessionalUwU:renovate/ghcr.io-matrixgpt-matrix-chatgpt-bot-3.x
ProfessionalUwU:synapse-cache-tuning
ProfessionalUwU:bye-bye-nginx-proxy
ProfessionalUwU:HarHarLinks/hookshot-encryption
ProfessionalUwU:traefik
...
compare: ProfessionalUwU:7d72b578268f46972de72ee9c0d2de52547eeed7
Branches Tags
ProfessionalUwU:master
ProfessionalUwU:renovate/zeratax-matrix-registration-0.x
ProfessionalUwU:renovate/ghcr.io-matrixgpt-matrix-chatgpt-bot-3.x
ProfessionalUwU:synapse-cache-tuning
ProfessionalUwU:bye-bye-nginx-proxy
ProfessionalUwU:HarHarLinks/hookshot-encryption
ProfessionalUwU:traefik

48 Commits
b5ac236475 ... 7d72b57826

Author SHA1 Message Date
Slavi Pantaleev
7d72b57826 Update all roles to versions that respect devture_systemd_docker_base_container_networks_driver_options 2024-09-18 15:40:57 +03:00
Slavi Pantaleev
275e98219f Switch from passing matrix_playbook_docker_network_mtu to respecting devture_systemd_docker_base_container_networks_driver_options 
Related to:
- 3cc7d12396
- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3502
 2024-09-18 15:17:08 +03:00
Slavi Pantaleev
a46fd9a0f2 Upgrade systemd_docker_base (v1.2.0-0 -> v1.3.0-0) 
The new version includes `devture_systemd_docker_base_container_networks_driver_options`
due to 3cc7d12396

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3502
 2024-09-18 15:15:58 +03:00
David Mehren
f53cf4b345
Add a global config option for Docker network MTU 2024-09-18 13:55:29 +02:00
Slavi Pantaleev
4d52880170 Upgrade matrix-alertmanager-receiver (2024.8.28 -> 2024.9.18) 
Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3539

Related to https://github.com/metio/matrix-alertmanager-receiver/pull/42
 2024-09-18 14:48:25 +03:00
Slavi Pantaleev
5b2600b074
Merge pull request #3537 from aine-etke/patch-651904 
synapse-admin v0.10.3-etke14: bulk registration works again, add ability to change avatars
 2024-09-18 09:22:32 +03:00
Aine
14a31e3e40
synapse-admin v0.10.3-etke14: bulk registration works again, add ability to change avatars 2024-09-18 09:19:39 +03:00
Slavi Pantaleev
d9285203fa
Merge pull request #3536 from spantaleev/renovate/joseluisq-static-web-server-2.x 
Update joseluisq/static-web-server Docker tag to v2.33.0
 2024-09-18 09:06:13 +03:00
renovate[bot]
34634f144c
Update joseluisq/static-web-server Docker tag to v2.33.0 2024-09-17 23:06:37 +00:00
Slavi Pantaleev
cf5763978b Upgrade synapse-s3-storage-provider (1.3.0 -> 1.5.0) and adapt configuration 
1.3.0 fails to work against the new Synapse (v1.115.0) image.
See: https://github.com/matrix-org/synapse-s3-storage-provider/pull/114

Related to: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3535
 2024-09-17 21:25:15 +03:00
Slavi Pantaleev
bc0d4759db
Merge pull request #3535 from spantaleev/renovate/ghcr.io-element-hq-synapse-1.x 
Update ghcr.io/element-hq/synapse Docker tag to v1.115.0
 2024-09-17 21:14:25 +03:00
renovate[bot]
605d054549
Update ghcr.io/element-hq/synapse Docker tag to v1.115.0 2024-09-17 15:15:35 +00:00
Slavi Pantaleev
aee7d2ca6c Do not use command_prefix = default for Meta bridges anymore 
Seems like `default` is not a supported value and will not
make the bridge autoconfigure itself with the correct prefix anymore.

A value of `default` would be taken literally.
 2024-09-17 16:16:48 +03:00
Slavi Pantaleev
d3b1060428 Fix Gmessages regression (missing homeserver.address and homeserver.domain configuration) 
f9705b3323 reworked the configuration and missed wiring
these to the existing variables.
 2024-09-17 16:04:39 +03:00
Slavi Pantaleev
de34392edf
Merge pull request #3534 from KloolK/patch-2 
Update maintenance-upgrading-services.md
 2024-09-17 14:32:04 +03:00
Jan
239c7eddf8
Update maintenance-upgrading-services.md 2024-09-17 13:28:40 +02:00
Slavi Pantaleev
67df140ef4 Upgrade Traefik (v3.1.2-1 -> v3.1.3-0) 2024-09-17 10:42:27 +03:00
Slavi Pantaleev
53f3c94bef Enable backfilling for mautrix-gmessages, mautrix-signal and mautrix-slack 
We'be already been going against upstream defaults and have been
enabling backfilling for a few other bridges (Messenger, Instagram, Telegram, Twitter).

Now I'm enabling backfilling by default for the remaining ones, for
consistency.
 2024-09-17 09:39:35 +03:00
Slavi Pantaleev
f9705b3323 Upgrade mautrix-gmessages (v0.4.3 -> v0.5.0) and adapt configuration 
Related to:
- https://github.com/mautrix/gmessages/releases/tag/v0.5.0
- https://mau.fi/blog/2024-09-mautrix-release/

It seems like the new version does not support a `/metrics` endpoint.
We skip keep the Ansible variables, but they're not doing anything.
 2024-09-17 09:39:35 +03:00
Slavi Pantaleev
01e5514c4b Upgrade mautrix-meta (v0.3.2 -> v0.4.0) and adapt configuration 
Related to:
- https://github.com/mautrix/meta/releases/tag/v0.4.0
- https://mau.fi/blog/2024-09-mautrix-release/

It seems like the new version does not support a `/metrics` endpoint.
We skip keep the Ansible variables, but they're not doing anything.
 2024-09-17 09:39:35 +03:00
Slavi Pantaleev
626a851c82 Fix username_template potentially not being taken into account for mautrix-slack 
While working on upgrading the Meta bridges to bridgev2, I've noticed
that {% raw %} and {% endraw %} on lines like that (immediately
preceding `username_template` may cause YAML indentation issues.
 2024-09-17 09:39:35 +03:00
Slavi Pantaleev
52018c652f
Merge pull request #3530 from spantaleev/renovate/dock.mau.dev-mautrix-signal-0.x 
Update dock.mau.dev/mautrix/signal Docker tag to v0.7.1
 2024-09-17 06:36:02 +03:00
Slavi Pantaleev
42cc7b0844
Merge pull request #3531 from spantaleev/renovate/dock.mau.dev-mautrix-slack-0.x 
Update dock.mau.dev/mautrix/slack Docker tag to v0.1.1
 2024-09-17 06:34:19 +03:00
renovate[bot]
ca0abda581
Update dock.mau.dev/mautrix/slack Docker tag to v0.1.1 2024-09-16 13:07:41 +00:00
renovate[bot]
7507383a90
Update dock.mau.dev/mautrix/signal Docker tag to v0.7.1 2024-09-16 13:07:37 +00:00
Slavi Pantaleev
5ec468cc78
Merge pull request #3528 from spantaleev/renovate/ajbura-cinny-4.x 
Update ajbura/cinny Docker tag to v4.2.1
 2024-09-14 20:11:50 +03:00
renovate[bot]
3622d71d09
Update ajbura/cinny Docker tag to v4.2.1 2024-09-14 15:40:47 +00:00
Slavi Pantaleev
1666d1a1ff
Merge pull request #3526 from aine-etke/patch-158339 
Synapse-Admin: Add UI option to block deleted rooms from being rejoined
 2024-09-14 12:48:04 +03:00
Aine
97cf596683
Synapse-Admin: Add UI option to block deleted rooms from being rejoined 2024-09-14 11:06:33 +03:00
comeUpWithItLater
11e241e30a
Added an example of fronting the playbook's integrated Traefik reverse-proxy with the existing Caddy container (#3514) 
* Added an example of fronting the playbook's integrated Traefik reverse-proxy with the existing Caddy container (not the `apt-get` or `yum` installed Caddy).  Helpful for folks who have an existing server with a Caddy container already serving multiple applications.

* Update examples/reverse-proxies/caddy2-in-container/README.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update examples/reverse-proxies/caddy2-in-container/README.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Update examples/reverse-proxies/caddy2-in-container/README.md

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Code formatted, linted with yamllint

* README.md updated

* docs/configuring-playbook-own-webserver-caddy.md removed

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2024-09-14 09:06:40 +03:00
Slavi Pantaleev
4bb08d4a53
Merge pull request #3525 from spantaleev/renovate/matrixdotorg-dendrite-monolith-0.x 
Update matrixdotorg/dendrite-monolith Docker tag to v0.13.8
 2024-09-13 21:28:34 +03:00
renovate[bot]
71abb52d59
Update matrixdotorg/dendrite-monolith Docker tag to v0.13.8 2024-09-13 16:39:54 +00:00
Slavi Pantaleev
482861fce1
Merge pull request #3523 from spantaleev/renovate/matrixdotorg-mjolnir-1.x 
Update matrixdotorg/mjolnir Docker tag to v1.7.0
 2024-09-12 22:13:27 +03:00
renovate[bot]
9ac29e7055
Update matrixdotorg/mjolnir Docker tag to v1.7.0 2024-09-12 18:34:27 +00:00
Slavi Pantaleev
00910248d2 Add baibot preset for Mistral 2024-09-12 21:33:39 +03:00
Slavi Pantaleev
74cc935ea6 Minor rewording 2024-09-12 20:53:19 +03:00
Slavi Pantaleev
1851973734 Add support for baibot 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3369
 2024-09-12 15:19:46 +03:00
Slavi Pantaleev
c65ddd649e Fix reverting synapse-admin to upstream instructions 
Ref: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3521
 2024-09-12 15:14:55 +03:00
Aine
951c9c97a8
fix synapse-admin image prefix (#3521) 
* fix synapse-admin image prefix

* fix typo
 2024-09-12 15:14:12 +03:00
Slavi Pantaleev
b725f52677
Merge pull request #3520 from aine-etke/patch-343 
add missing prefix to synapse-admin version
 2024-09-12 12:14:23 +03:00
Aine
9cb3ca2f2d
add missing prefix to synapse-admin version 2024-09-12 12:13:02 +03:00
Slavi Pantaleev
968f305844 Announce the switch to etke.cc's synapse-admin fork 
Related to: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3519
 2024-09-12 11:33:11 +03:00
Aine
73d338d9d1
Switch Synapse-Admin to etke.cc fork (#3519) 
* switch to synapse-admin fork

* Fix typo

* Close unclosed ) and reword sentence

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2024-09-12 11:31:12 +03:00
Slavi Pantaleev
5778e84925 Make use of media_path setting to fix media URLs for Heisenbridge 
Related to:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3518
- https://github.com/hifi/heisenbridge/issues/294

With this patch, when `matrix_heisenbridge_path_prefix` is the default
one we use (`/heisenbrdige`), URLs like this are constructed:

https://matrix.DOMAIN/heisenbridge/_heisenbridge/media/SERVER_NAME/MEDIA_ID/CHECKSUM/FILENAME

If `matrix_heisenbridge_path_prefix` is set to `/`, URLs like this are constructed:

https://matrix.DOMAIN/_heisenbridge/media/SERVER_NAME/MEDIA_ID/CHECKSUM/FILENAME

Our Traefik labels support handling both cases correctly.
 2024-09-12 07:48:27 +03:00
Slavi Pantaleev
8e5e923214
Merge pull request #3517 from damadmai/matrix_media_repo_fix_signing_key_gen 
Add temp suffix for container name to avoid conflict
 2024-09-12 01:09:22 +03:00
Daniel A. Maierhofer
716177d5bc Add temp suffix for container name to avoid conflict 2024-09-11 23:40:10 +02:00
Slavi Pantaleev
c54c5c0076
Merge pull request #3515 from spantaleev/renovate/ajbura-cinny-4.x 
Update ajbura/cinny Docker tag to v4.2.0
 2024-09-11 17:53:48 +03:00
renovate[bot]
a482b95149
Update ajbura/cinny Docker tag to v4.2.0 2024-09-11 14:48:21 +00:00
123 changed files with 2763 additions and 892 deletions
Show Stats Expand all files Collapse all files

34
CHANGELOG.md
View File

@ -1,3 +1,37 @@
# 2024-09-12
## Support for baibot
The playbook now supports installing [baibot](./docs/configuring-playbook-bot-baibot.md) (pronounced bye-bot) - a [Matrix](https://matrix.org/) bot developed by [etke.cc](https://etke.cc/) that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you. 🤖
It supports [OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) models, as well as many other [☁️ providers](https://github.com/etkecc/baibot/blob/main/docs/providers.md).
It's designed as a more private and [✨ featureful](https://github.com/etkecc/baibot/?tab=readme-ov-file#-features) alternative to the now-unmaintained [matrix-chatgpt-bot](./docs/configuring-playbook-bot-chatgpt.md).
To get started, see the [Setting up baibot](./docs/configuring-playbook-bot-baibot.md) documentation page.
## Switching synapse-admin to etke.cc's fork
The playbook now installs [etke.cc](https://etke.cc/)'s [fork](https://github.com/etkecc/synapse-admin) of [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) (originally developed by [Awesome-Technologies](https://github.com/Awesome-Technologies)). This fork is a drop-in replacement for the original software.
The creation of the fork has been provoked by users frequently encountering issues with the original synapse-admin software, such as unintentionally deleting their one-and-only admin user account (fixed [here](https://github.com/etkecc/synapse-admin/pull/1) and also contributed upstream [here](https://github.com/Awesome-Technologies/synapse-admin/pull/608) - to no avail for now). Since its inception, [a bunch of other quality-of-life improvements](https://github.com/etkecc/synapse-admin?tab=readme-ov-file#changes) have been made to the fork.
If upstream synapse-admin picks up the pace and improves, the etke.cc fork may disappear and the playbook may switch to the original software again. Until that time comes, we believe that etke.cc's fork is the better software to use right now.
If you'd like to switch back to the original synapse-admin software, you can do so by adding the following configuration to your `vars.yml` file:
```yml
matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}awesometechnologies/synapse-admin:{{ matrix_synapse_admin_version }}"
matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_synapse_admin_version: 0.10.3
# If you need self-building (if running on arm32), uncomment this.
# matrix_synapse_admin_container_image_self_build_repo: "https://github.com/Awesome-Technologies/synapse-admin.git"
```
# 2024-08-17
## New appservice-double-puppet service for better double-puppeting

1
README.md
View File

@ -133,6 +133,7 @@ Bots provide various additional functionality to your installation.
| Name | Default? | Description | Documentation |
| ---- | -------- | ----------- | ------------- |
| [baibot](https://github.com/etkecc/baibot) | x | A bot that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you | [Link](docs/configuring-playbook-bot-baibot.md) |
| [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) | x | Bot for scheduling one-off & recurring reminders and alarms | [Link](docs/configuring-playbook-bot-matrix-reminder-bot.md) |
| [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) | x | Bot for invitations by creating and managing registration tokens | [Link](docs/configuring-playbook-bot-matrix-registration-bot.md) |
| [maubot](https://github.com/maubot/maubot) | x | A plugin-based Matrix bot system | [Link](docs/configuring-playbook-bot-maubot.md) |

409
docs/configuring-playbook-bot-baibot.md Normal file
View File

@ -0,0 +1,409 @@
# Setting up baibot (optional)
<p align="center">
<img src="https://github.com/etkecc/baibot/raw/main/etc/assets/baibot.svg" alt="baibot logo" width="150" />
<h1 align="center">baibot</h1>
</p>
🤖 [baibot](https://github.com/etkecc/baibot) (pronounced bye-bot) is a [Matrix](https://matrix.org/) bot developed by [etke.cc](https://etke.cc/) that exposes the power of [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) to you. 🤖
It supports [OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) models, as many well as other [☁️ providers](https://github.com/etkecc/baibot/blob/main/docs/providers.md).
It's designed as a more private and [✨ featureful](https://github.com/etkecc/baibot/?tab=readme-ov-file#-features) alternative to [matrix-chatgpt-bot](./configuring-playbook-bot-chatgpt.md). See the [baibot](https://github.com/etkecc/baibot) project and its documentation for more information.
## Prerequisites
API access to one or more LLM [☁️ providers](https://github.com/etkecc/baibot/blob/main/docs/providers.md).
## Adjusting the playbook configuration
There are **a lot of configuration options** (some required, some possibly required, some optional), so they're **split into multiple sections below**:
<!-- no toc -->
- [Base configuration](#base-configuration)
- [👮‍♂️ Administrator configuration](#-administrator-configuration)
- [👥 Initial users configuration](#-initial-users-configuration)
- [🤖 Configuring agents via Ansible](#-configuring-agents-via-ansible)
- [🤝 Configuring initial default handlers](#-configuring-initial-default-handlers)
Depending on your current `vars.yml` file and desired configuration, **you may require more than just the [base configuration](#base-configuration)**.
### Base configuration
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
```yaml
matrix_bot_baibot_enabled: true
# Uncomment and adjust this part if you'd like to use a username different than the default
# matrix_bot_baibot_config_user_mxid_localpart: baibot
# Generate a strong password here. Consider generating it with `pwgen -s 64 1`.
# If you'd like to change this password subsequently, see the details below.
matrix_bot_baibot_config_user_password: 'PASSWORD_FOR_THE_BOT'
# An optional passphrase to use for backing up and recovering the bot's encryption keys.
# You can use any string here. Consider generating it with `pwgen -s 64 1`.
#
# If set to null, the recovery module will not be used and losing your session/database
# will mean you lose access to old messages in encrypted room.
# It's highly recommended that you configure this to avoid losing access to encrypted messages.
#
# Changing this subsequently will also cause you to lose access to old messages in encrypted rooms.
# For details about changing this subsequently or resetting, see `defaults/main.yml` in the baibot role.
matrix_bot_baibot_config_user_encryption_recovery_passphrase: 'ANY_LONG_AND_SECURE_PASSPHRASE_STRING_HERE'
# An optional secret for encrypting the bot's session data (see `matrix_bot_baibot_data_path`).
# This must be 32-bytes (64 characters when HEX-encoded).
# Generate it with: `openssl rand -hex 32`
# Set to null or empty to avoid using encryption.
# Changing this subsequently requires that you also throw away all data (see `matrix_bot_baibot_data_path`)
matrix_bot_baibot_config_persistence_session_encryption_key: 'A_HEX_STRING_OF_64_CHARACTERS_HERE'
# An optional secret for encrypting bot configuration stored in Matrix's account data.
# This must be 32-bytes (64 characters when HEX-encoded).
# Generate it with: `openssl rand -hex 32`
# Set to null or empty to avoid using encryption.
# Changing this subsequently will make you lose your configuration.
matrix_bot_baibot_config_persistence_config_encryption_key: 'A_HEX_STRING_OF_64_CHARACTERS_HERE'
```
As mentioned above, **this may not be enough**. Continue with the configuration sections below.
### 👮‍♂️ Administrator configuration
This is an addition to the [base configuration](#base-configuration).
To specify who is considered a bot [👮‍♂️ Administrator](https://github.com/etkecc/baibot/blob/main/docs/access.md#administrators), you either need to specify `matrix_bot_baibot_config_access_admin_patterns` or `matrix_admin`. The latter is a single variable which affects all bridges and bots.
If `matrix_admin` is already configured in your `vars.yml` configuration, you can skip this section.
**If necessary**, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
```yml
# Uncomment to add one or more admins to this bridge:
#
# matrix_bot_baibot_config_access_admin_patterns:
# - "@*:example.com"
# - "@admin:another.com"
#
# .. unless you've made yourself an admin of all bots/bridges like this:
#
# matrix_admin: '@yourAdminAccount:domain.com'
```
### 👥 Initial users configuration
By default, **all users on your homeserver are considered allowed users**. If that's OK, you can skip this section.
This is an addition to the [base configuration](#base-configuration).
To specify who is considered a bot [👥 User](https://github.com/etkecc/baibot/blob/main/docs/access.md#user), you may:
- define an **initial** value for `matrix_bot_baibot_config_initial_global_config_user_patterns` Ansible variable, as shown below
- configure the list at runtime via the bot's `!bai access set-users SPACE_SEPARATED_PATTERNS` command
Configuring `matrix_bot_baibot_config_initial_global_config_user_patterns` is optional, but it can be useful to pre-configure the bot with a list of users who should have access to the bot's features.
**Note**: Once initially configured, the allowed users list **cannot be managed via Ansible anymore**. It can only be managed subsequently via bot commands.
**If necessary**, add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file:
```yml
# Uncomment and adjust the bot users if necessary:
#
# Subsequent changes to `matrix_bot_baibot_config_initial_global_config_user_patterns` do not affect the bot's behavior.
# Once initially configured, the allowed users list is managed via bot commands, not via Ansible.
#
# matrix_bot_baibot_config_initial_global_config_user_patterns:
# - "@*:{{ matrix_bot_baibot_config_homeserver_server_name }}"
```
### 🤖 Configuring agents via Ansible
You are **not required** to define agents [statically](https://github.com/etkecc/baibot/blob/main/docs/configuration/README.md#static-configuration) via Ansible. **To get started quickly**, you can **skip this section and define agents at runtime via chat commands** (following the bot's guidance).
Privileged users (like the [👮‍♂️ Administrator](#-administrator-configuration), but potentially others too - see the upstream [🔒 access](https://github.com/etkecc/baibot/blob/main/docs/access.md) documentation) can **define agents dynamically at any time** via chat commands.
The Ansible role includes preset variables for easily enabling some [🤖 agents](https://github.com/etkecc/baibot/blob/main/docs/agents.md) on various [☁️ providers](https://github.com/etkecc/baibot/blob/main/docs/providers.md) (e.g. OpenAI, etc).
Besides the presets, the Ansible role also includes support for configuring additional statically-defined agents via the `matrix_bot_baibot_config_agents_static_definitions_custom` Ansible variable.
Agents defined statically and those created dynamically (via chat) are named differently, so **conflict cannot arise**.
Depending on your propensity for [GitOps](https://en.wikipedia.org/wiki/DevOps#GitOps), you may prefer to define agents statically via Ansible, or you may wish to do it dynamically via chat.
Before proceeding, we recommend reading the upstream documentation on [How to choose a provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md#how-to-choose-a-provider). In short, it's probably best to go with [OpenAI](#openai).
#### Anthropic
You can statically-define a single [🤖 agent](https://github.com/etkecc/baibot/blob/main/docs/agents.md) instance powered by the [Anthropic provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md#anthropic) with the help of the playbook's preset variables.
Here's an example **addition** to your `vars.yml` file:
```yml
matrix_bot_baibot_config_agents_static_definitions_anthropic_enabled: true
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_api_key: "YOUR_API_KEY_HERE"
# If you'd like to use another text-generation agent, uncomment and adjust:
# matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_model_id: claude-3-5-sonnet-20240620
# See `defaults/main.yml` in the baibot role for more configuration options.
```
If you'd like to use more than one model, take a look at the [Configuring additional agents (without a preset)](#configuring-additional-agents-without-a-preset) section below.
💡 You may also wish to use this new agent for [🤝 Configuring initial default handlers](#-configuring-initial-default-handlers).
#### Groq
You can statically-define a single [🤖 agent](https://github.com/etkecc/baibot/blob/main/docs/agents.md) instance powered by the [Groq provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md#groq) with the help of the playbook's preset variables.
Here's an example **addition** to your `vars.yml` file:
```yml
matrix_bot_baibot_config_agents_static_definitions_groq_enabled: true
matrix_bot_baibot_config_agents_static_definitions_groq_config_api_key: "YOUR_API_KEY_HERE"
# Specify the text-generation agent you'd like to use
matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_model_id: "llama3-70b-8192"
# Uncomment and adjust if you're not happy with these speech-to-text defaults:
#
# matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_enabled: true
# matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_model_id: whisper-large-v3
# See `defaults/main.yml` in the baibot role for more configuration options.
```
Because this is a [statically](https://github.com/etkecc/baibot/blob/main/docs/configuration/README.md#static-configuration)-defined agent, it will be given a `static/` ID prefix and will be named `static/groq`.
If you'd like to use more than one model, take a look at the [Configuring additional agents (without a preset)](#configuring-additional-agents-without-a-preset) section below.
💡 You may also wish to use this new agent for [🤝 Configuring initial default handlers](#-configuring-initial-default-handlers).
#### Mistral
You can statically-define a single [🤖 agent](https://github.com/etkecc/baibot/blob/main/docs/agents.md) instance powered by the [🇫🇷 Mistral provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md#mistral) with the help of the playbook's preset variables.
Here's an example **addition** to your `vars.yml` file:
```yml
matrix_bot_baibot_config_agents_static_definitions_mistral_enabled: true
matrix_bot_baibot_config_agents_static_definitions_mistral_config_api_key: "YOUR_API_KEY_HERE"
# Uncomment and adjust if you're not happy with these defaults:
# matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_model_id: mistral-large-latest
# See `defaults/main.yml` in the baibot role for more configuration options.
```
Because this is a [statically](https://github.com/etkecc/baibot/blob/main/docs/configuration/README.md#static-configuration)-defined agent, it will be given a `static/` ID prefix and will be named `static/mistral`.
If you'd like to use more than one model, take a look at the [Configuring additional agents (without a preset)](#configuring-additional-agents-without-a-preset) section below.
💡 You may also wish to use this new agent for [🤝 Configuring initial default handlers](#-configuring-initial-default-handlers).
#### OpenAI
You can statically-define a single [🤖 agent](https://github.com/etkecc/baibot/blob/main/docs/agents.md) instance powered by the [OpenAI provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md#openai) with the help of the playbook's preset variables.
The OpenAI provider is **only meant to be used with OpenAI's official API** and compatibility with other services (which do not fully adhere to the OpenAI API spec completely) is limited. **If you're targeting an OpenAI-compatible service**, use the [OpenAI Compatible](#openai-compatible) provider instead.
Here's an example **addition** to your `vars.yml` file:
```yml
matrix_bot_baibot_config_agents_static_definitions_openai_enabled: true
matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key: "YOUR_API_KEY_HERE"
# If you'd like to use another text-generation agent, uncomment and adjust:
# matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4o
# See `defaults/main.yml` in the baibot role for more configuration options.
```
Because this is a [statically](https://github.com/etkecc/baibot/blob/main/docs/configuration/README.md#static-configuration)-defined agent, it will be given a `static/` ID prefix and will be named `static/openai`.
If you'd like to use more than one model, take a look at the [Configuring additional agents (without a preset)](#configuring-additional-agents-without-a-preset) section below.
💡 You may also wish to use this new agent for [🤝 Configuring initial default handlers](#-configuring-initial-default-handlers).
#### OpenAI Compatible
You can statically-define a single [🤖 agent](https://github.com/etkecc/baibot/blob/main/docs/agents.md) instance powered by the [OpenAI Compatible provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md#openai-compatible) with the help of the playbook's preset variables.
This provider allows you to use OpenAI-compatible API services like [OpenRouter](https://github.com/etkecc/baibot/blob/main/docs/providers.md#openrouter), [Together AI](https://github.com/etkecc/baibot/blob/main/docs/providers.md#together-ai), etc.
Some of these popular services already have **shortcut** providers (see [supported providers](https://github.com/etkecc/baibot/blob/main/docs/providers.md#supported-providers) leading to this one behind the scenes - this make it easier to get started.
As of this moment, the playbook does not include presets for any of these services, so you'll need to [Configuring additional agents (without a preset)](#configuring-additional-agents-without-a-preset).
#### Configuring additional agents (without a preset)
The Ansible role may be lacking preset variables for some [☁️ provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md), or you may wish to statically-define an agent on the same provider twice (or more) with different configuration.
It's possible to inject your own agent configuration using the `matrix_bot_baibot_config_agents_static_definitions_custom` Ansible variable.
You can also define providers at runtime, by chatting with the bot, so using Ansible is not a requirement.
Below is an an **example** demonstrating **statically-defining agents via Ansible without using presets**:
```yml
matrix_bot_baibot_config_agents_static_definitions_custom:
# This agent will use the GPT 3.5 model and will only support text-generation,
# even though the `openai` provider could support other features (e.g. image-generation).
- id: my-openai-gpt-3.5-turbo-agent
provider: openai
config:
base_url: https://api.openai.com/v1
api_key: "YOUR_API_KEY_HERE"
text_generation:
model_id: gpt-3.5-turbo-0125
prompt: You are a brief, but helpful bot.
temperature: 1.0
max_response_tokens: 4096
max_context_tokens: 16385
speech_to_text: null
text_to_speech: null
image_generation: null
# This agent uses the `openai` provider, but adjusts the base URL, so that it points to some Ollama instance
# (which supports an OpenAI-compatible API).
- id: my-ollama-agent
provider: openai
config:
base_url: http://ollama-service:1234/v1
api_key: ""
text_generation:
model_id: "llama3.1:8b"
prompt: "You are an assistant based on the Llama3.1:8b model. Be brief in your responses."
temperature: 1.0
max_response_tokens: 4096
max_context_tokens: 128000
speech_to_text: null
text_to_speech: null
image_generation: null
```
Because these are [statically](https://github.com/etkecc/baibot/blob/main/docs/configuration/README.md#static-configuration)-defined agents, they will be given a `static/` ID prefix and will be named `static/my-openai-gpt-3.5-turbo-agent` and `static/my-ollama-agent`, respectively.
💡 To figure out what to put in the `config` section, refer to the [☁️ provider](https://github.com/etkecc/baibot/blob/main/docs/providers.md) page, which contains **sample configuration YAML for each provider**.
As with any [🤖 agent](https://github.com/etkecc/baibot/blob/main/docs/agents.md), defining them means they exist. To actually make use of them, they need to be configured as handlers globally or in a specific room - see [Mixing & matching models](https://github.com/etkecc/baibot/blob/main/docs/features.md#mixing--matching-models).
💡 You may also wish to use these new agents for [🤝 Configuring initial default handlers](#-configuring-initial-default-handlers).
### 🤝 Configuring initial default handlers
This section is only useful if you're [🤖 Configuring agents via Ansible](#-configuring-agents-via-ansible), as it lets you put these agents to use as soon as the bot starts (by adjusting the bot's **initial global configuration**).
If you're not configuring agents via Ansible, you can skip this section.
This section is only useful the first time around. **Once initially configured the global configuration cannot be managed Ansible**, but only via bot commands.
baibot supports [various purposes](https://github.com/etkecc/baibot/blob/main/docs/features.md):
- [💬 text-generation](https://github.com/etkecc/baibot/blob/main/docs/features.md#-text-generation): communicating with you via text
- [🦻 speech-to-text](https://github.com/etkecc/baibot/blob/main/docs/features.md#-speech-to-text): turning your voice messages into text
- [🗣️ text-to-speech](https://github.com/etkecc/baibot/blob/main/docs/features.md#-text-to-speech): turning bot or users text messages into voice messages
- [🖌️ image-generation](https://github.com/etkecc/baibot/blob/main/docs/features.md#-image-generation): generating images based on instructions
- ❓ catch-all: special purposes, indicating use as a fallback (when no specific handler is configured)
[Mixing & matching models](https://github.com/etkecc/baibot/blob/main/docs/features.md#mixing--matching-models) is made possible by the bot's ability to have different [🤝 handlers](https://github.com/etkecc/baibot/blob/main/docs/configuration/handlers.md) configured for different purposes.
This configuration can be done as a global fallback, or per-room. Both of these [🛠️ configurations](https://github.com/etkecc/baibot/blob/main/docs/configuration/README.md) are managed at runtime (viat chat), but **the global configuration can have some initial defaults configured via Ansible**.
You can configure the **initial values** for these via Ansible, via the `matrix_bot_baibot_config_initial_global_config_handler_*` variables.
Example **additional** `vars.yml` configuration:
```yml
# NOTE: these are initial defaults for the bot's global configuration.
# As such, changing any of these values subsequently has no effect on the bot's behavior.
# Once initially configured, the global configuration is managed via bot commands, not via Ansible.
matrix_bot_baibot_config_initial_global_config_handler_catch_all: static/openai
# In this example, there's no need to define any of these below.
# Configuring the catch-all purpose handler is enough.
matrix_bot_baibot_config_initial_global_config_handler_text_generation: null
matrix_bot_baibot_config_initial_global_config_handler_text_to_speech: null
matrix_bot_baibot_config_initial_global_config_handler_speech_to_text: null
matrix_bot_baibot_config_initial_global_config_handler_image_generation: null
```
**Note**: these are initial defaults for the bot's global configuration. As such, changing any of these values subsequently has no effect on the bot's behavior. **Once initially configured the global configuration cannot be managed Ansible**, but only via bot commands.
## Installing
After configuring the playbook, run the [installation](installing.md) command again:
```sh
just run-tags install-all,ensure-matrix-users-created,start
```
**Notes**:
- the `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account
- if you change the bot password (`matrix_bot_baibot_config_user_password` in your `vars.yml` file) subsequently, the bot user's credentials on the homeserver won't be updated automatically. If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it, and then update `matrix_bot_baibot_config_user_password` to let the bot know its new password
## Usage
To use the bot, invite the `@baibot:DOMAIN` bot user into a room.
If you're an allowed bot [👥 user](https://github.com/etkecc/baibot/blob/main/docs/access.md#user) (see [👥 Initial users configuration](#-initial-users-configuration)), the bot will accept your invitation and join the room.
After joining, the bot will introduce itself and show information about the [✨ features](https://github.com/etkecc/baibot/blob/main/docs/features.md) that are enabled for it.
If you've [🤖 configured one or more agents via Ansible](#-configuring-agents-via-ansible) and have [🤝 configured initial default handlers](#configuring-initial-default-handlers), the bot will immediately be able to make use of these agents for this new room. Otherwise, you will need to configure agents and/or handlers via chat commands.
Send `!bai help` to the room at any time to see the bot's help menu for additional commands.
You can also refer to the upstream [baibot](https://github.com/etkecc/baibot) project's documentation.
## Debugging
As with all other services, you can find service logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by running something like `journalctl -fu matrix-bot-baibot`
The default logging level for this service is `info`, but you can increase it to `debug` (or even `trace`) with the following additional configuration:
```yaml
# Adjust the bot's own logging level.
matrix_bot_baibot_config_logging_level_baibot: debug
# Adjust the logging level for the mxlink bot library used by the bot.
matrix_bot_baibot_config_logging_level_mxlink: debug
# Adjust the logging level for other libraries used by the bot.
# Having this set to a value other than "warn" can be very noisy.
matrix_bot_baibot_config_logging_level_other_libs: debug
```
**Alternatively**, you can use a single variable to set the logging level for all of the above (bot + all libraries):
```yaml
matrix_bot_baibot_config_logging: debug
```

2
docs/configuring-playbook-bot-chatgpt.md
View File

@ -4,6 +4,8 @@ The playbook can install and configure [matrix-chatgpt-bot](https://github.com/m
Talk to [ChatGPT](https://openai.com/blog/chatgpt/) via your favourite Matrix client!
**Note**: [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) is now an archived (**unmaintained**) project. Talking to ChatGPT (and many other LLM providers) can happen via the much more featureful [baibot](./configuring-playbook-bot-baibot.md) bot supported by the playbook.
## 1. Register the bot account

6
docs/configuring-playbook-bridge-mautrix-gmessages.md
View File

@ -14,14 +14,12 @@ matrix_mautrix_gmessages_enabled: true
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
### Method 1: automatically, by enabling Appservice Double Puppet or Shared Secret Auth
### Method 1: automatically, by enabling Appservice Double Puppet
The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service or the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service for this playbook.
The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service for this playbook.
Enabling [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service works at the time of writing, but is deprecated and will stop working in the future.
### Method 2: manually, by asking each user to provide a working access token
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).

6
docs/configuring-playbook-bridge-mautrix-meta-instagram.md
View File

@ -66,14 +66,12 @@ You may wish to look at `roles/custom/matrix-bridge-mautrix-meta-instagram/templ
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
### Method 1: automatically, by enabling Appservice Double Puppet or Shared Secret Auth
### Method 1: automatically, by enabling Appservice Double Puppet
The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service or the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service for this playbook.
The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service for this playbook.
Enabling [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service works at the time of writing, but is deprecated and will stop working in the future.
### Method 2: manually, by asking each user to provide a working access token
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).

6
docs/configuring-playbook-bridge-mautrix-meta-messenger.md
View File

@ -77,14 +77,12 @@ You may wish to look at `roles/custom/matrix-bridge-mautrix-meta-messenger/templ
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
### Method 1: automatically, by enabling Appservice Double Puppet or Shared Secret Auth
### Method 1: automatically, by enabling Appservice Double Puppet
The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service or the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service for this playbook.
The bridge will automatically perform Double Puppeting if you enable the [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) service for this playbook.
Enabling [Appservice Double Puppet](configuring-playbook-appservice-double-puppet.md) is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) service works at the time of writing, but is deprecated and will stop working in the future.
### Method 2: manually, by asking each user to provide a working access token
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).

10
docs/configuring-playbook-synapse-admin.md
View File

@ -1,10 +1,10 @@
# Setting up Synapse Admin (optional)
The playbook can install and configure [synapse-admin](https://github.com/Awesome-Technologies/synapse-admin) for you.
The playbook can install and configure [etkecc/synapse-admin](https://github.com/etkecc/synapse-admin) (a [feature-rich](https://github.com/etkecc/synapse-admin#fork-differences) fork of [Awesome-Technologies/synapse-admin](https://github.com/Awesome-Technologies/synapse-admin)) for you.
It's a web UI tool you can use to **administrate users and rooms on your Matrix server**. It's designed to work with the Synapse homeserver implementation, but to some extent may work with [Dendrite](./configuring-playbook-dendrite.md) as well.
synapse-admin is a web UI tool you can use to **administrate users, rooms, media, etc. on your Matrix server**. It's designed to work with the Synapse homeserver implementation, but to some extent may work with [Dendrite](./configuring-playbook-dendrite.md) as well.
See the project's [documentation](https://github.com/Awesome-Technologies/synapse-admin) to learn what it does and why it might be useful to you.
See the project's [documentation](https://github.com/etkecc/synapse-admin) to learn what it does and why it might be useful to you.
## Adjusting the playbook configuration
@ -15,12 +15,12 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.
matrix_synapse_admin_enabled: true
```
**Note**: Synapse Admin requires Synapse's [Admin APIs](https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/index.html) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, the playbook **automatically** exposes the Synapse Admin API publicly for you. Depending on the homeserver implementation you're using (Synapse, Dendrite), this is equivalent to:
**Note**: Synapse Admin requires Synapse's [Admin APIs](https://element-hq.github.io/synapse/latest/usage/administration/admin_api/index.html) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://element-hq.github.io/synapse/latest/reverse_proxy.html#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, the playbook **automatically** exposes the Synapse Admin API publicly for you. Depending on the homeserver implementation you're using (Synapse, Dendrite), this is equivalent to:
- for [Synapse](./configuring-playbook-synapse.md) (our default homeserver implementation): `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true`
- for [Dendrite](./configuring-playbook-dendrite.md): `matrix_dendrite_container_labels_public_client_synapse_admin_api_enabled: true`
By default, synapse-admin installation will be [restricted to only work with one homeserver](https://github.com/Awesome-Technologies/synapse-admin/blob/e21e44362c879ac41f47c580b04210842b6ff3d7/README.md#restricting-available-homeserver) - the one managed by the playbook. To adjust these restrictions, tweak the `matrix_synapse_admin_config_restrictBaseUrl` variable.
By default, synapse-admin installation will be [restricted to only work with one homeserver](https://github.com/etkecc/synapse-admin/blob/e21e44362c879ac41f47c580b04210842b6ff3d7/README.md#restricting-available-homeserver) - the one managed by the playbook. To adjust these restrictions, tweak the `matrix_synapse_admin_config_restrictBaseUrl` variable.
## Installing

4
docs/configuring-playbook.md
View File

@ -187,7 +187,9 @@ When you're done with all the configuration you'd like to do, continue with [Ins
### Bots
- [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) - a bot through which you can talk to the [ChatGPT](https://openai.com/blog/chatgpt/) model(optional)
- [Setting up baibot](configuring-playbook-bot-baibot.md) - a bot through which you can talk to various [AI](https://en.wikipedia.org/wiki/Artificial_intelligence) / [Large Language Models](https://en.wikipedia.org/wiki/Large_language_model) services ([OpenAI](https://openai.com/)'s [ChatGPT](https://openai.com/blog/chatgpt/) and [others](https://github.com/etkecc/baibot/blob/main/docs/providers.md)) (optional)
- [Setting up matrix-bot-chatgpt](configuring-playbook-bot-chatgpt.md) - a bot through which you can talk to the [ChatGPT](https://openai.com/blog/chatgpt/) model (optional)
- [Setting up matrix-reminder-bot](configuring-playbook-bot-matrix-reminder-bot.md) - a bot to remind you about stuff (optional)

2
docs/maintenance-upgrading-services.md
View File

@ -9,7 +9,7 @@ To upgrade services:
- update your playbook directory and all upstream Ansible roles (defined in the `requirements.yml` file) using:
- either: `just update`
- or: a combination of `git pull` and `just role` (or `make roles`)
- or: a combination of `git pull` and `just roles` (or `make roles`)
- take a look at [the changelog](../CHANGELOG.md) to see if there have been any backward-incompatible changes that you need to take care of

43
examples/reverse-proxies/caddy2-in-container/Caddyfile Normal file
View File

@ -0,0 +1,43 @@
matrix.example.tld {
handle {
encode zstd gzip
# Use the docker service name instead of localhost or 127.0.0.1 here
matrix-traefik:8080 {
header_up X-Forwarded-Port {http.request.port}
header_up X-Forwarded-TlsProto {tls_protocol}
header_up X-Forwarded-TlsCipher {tls_cipher}
header_up X-Forwarded-HttpsProto {proto}
}
}
}
# Put `https://` at the beginning to enforce https protocol as 8448 is not the default https port (which is 443)
https://matrix.example.tld:8448 {
handle {
encode zstd gzip
# Use the docker service name instead of localhost or 127.0.0.1 here
reverse_proxy matrix-traefik:8448 {
header_up X-Forwarded-Port {http.request.port}
header_up X-Forwarded-TlsProto {tls_protocol}
header_up X-Forwarded-TlsCipher {tls_cipher}
header_up X-Forwarded-HttpsProto {proto}
}
}
}
example.tld {
# Uncomment this if you are following "(Option 3): Setting up reverse-proxying of the well-known files from the base domain's server to the Matrix server" of https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md#option-3-setting-up-reverse-proxying-of-the-well-known-files-from-the-base-domains-server-to-the-matrix-server
@wellknown {
path /.well-known/matrix/*
}
handle @wellknown {
reverse_proxy https://matrix.example.tld {
header_up Host {http.reverse_proxy.upstream.hostport}
}
}
}

19
examples/reverse-proxies/caddy2-in-container/README.md Normal file
View File

@ -0,0 +1,19 @@
# Caddy reverse-proxy fronting the playbook's integrated Traefik reverse-proxy
This directory contains a sample config that shows you how to front the integrated [Traefik](https://traefik.io/) reverse-proxy webserver with your own **containerized** [Caddy](https://caddyserver.com/) reverse-proxy. If you have a server with a Caddy container already serving several applications and you want to install Matrix on it (with no changes to existing traffic routing), then this guide is for you.
Note: if you're running Caddy on the host itself (not in a container), refer to the [caddy2](../caddy2/README.md) example instead.
## Prerequisite configuration
To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix.<your-domain>/vars.yml`).
Then, adjust your Caddy `docker-compose.yaml` file (if you're using docker-compose for running your Caddy container). See [examples/reverse-proxies/caddy2-in-container/docker-compose.yaml](./docker-compose.yaml).
## Using the Caddyfile
You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile.
In both cases make sure to replace all the `example.tld` domains with your own domain.
This example does not include additional services like Element, but you should be able copy the first block and replace the `matrix.` subdomain with the subdomain of the some other service (e.g. `element.`).

23
examples/reverse-proxies/caddy2-in-container/docker-compose.yaml Normal file
View File

@ -0,0 +1,23 @@
---
version: "3.9"
services:
caddy:
image: caddy:2.5.1-alpine
networks:
# add this, so that caddy can talk to the playbook-managed-traefik
- traefik
ports:
- "80:80"
- "443:443"
- "8448:8448"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
# - ./site:/var/www
# Other configurations ...
networks:
# add this as well
traefik:
name: traefik
external: true

79
group_vars/matrix_servers
View File

@ -275,6 +275,8 @@ devture_systemd_service_manager_services_list_auto: |
+
([{'name': 'matrix-bot-buscarron.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'buscarron', 'bot-buscarron']}] if matrix_bot_buscarron_enabled else [])
+
([{'name': 'matrix-bot-baibot.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'baibot', 'bot-baibot']}] if matrix_bot_baibot_enabled else [])
+
([{'name': 'matrix-bot-go-neb.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'go-neb', 'bot-go-neb']}] if matrix_bot_go_neb_enabled else [])
+
([{'name': 'matrix-bot-honoroit.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'honoroit', 'bot-honoroit']}] if matrix_bot_honoroit_enabled else [])
@ -1495,17 +1497,13 @@ matrix_mautrix_meta_messenger_homeserver_address: "{{ matrix_addons_homeserver_c
matrix_mautrix_meta_messenger_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.fb.hs', rounds=655555) | to_uuid }}"
matrix_mautrix_meta_messenger_bridge_login_shared_secret_map_auto: |-
matrix_mautrix_meta_messenger_double_puppet_secrets_auto: |-
{{
({
{
matrix_mautrix_meta_messenger_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token)
})
}
if matrix_appservice_double_puppet_enabled
else (
{matrix_mautrix_meta_messenger_homeserver_domain: matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret}
if matrix_synapse_ext_password_provider_shared_secret_auth_enabled
else {}
)
else {}
}}
matrix_mautrix_meta_messenger_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}"
@ -1573,17 +1571,13 @@ matrix_mautrix_meta_instagram_homeserver_address: "{{ matrix_addons_homeserver_c
matrix_mautrix_meta_instagram_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.ig.hs', rounds=655555) | to_uuid }}"
matrix_mautrix_meta_instagram_bridge_login_shared_secret_map_auto: |-
matrix_mautrix_meta_instagram_double_puppet_secrets_auto: |-
{{
({
{
matrix_mautrix_meta_instagram_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token)
})
}
if matrix_appservice_double_puppet_enabled
else (
{matrix_mautrix_meta_instagram_homeserver_domain: matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret}
if matrix_synapse_ext_password_provider_shared_secret_auth_enabled
else {}
)
else {}
}}
matrix_mautrix_meta_instagram_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}"
@ -1804,15 +1798,13 @@ matrix_mautrix_gmessages_appservice_token: "{{ '%s' | format(matrix_homeserver_g
matrix_mautrix_gmessages_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_mautrix_gmessages_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gmessa.hs.token', rounds=655555) | to_uuid }}"
matrix_mautrix_gmessages_login_shared_secret: |-
matrix_mautrix_gmessages_double_puppet_secrets_auto: |-
{{
("as_token:" + matrix_appservice_double_puppet_registration_as_token)
{
matrix_mautrix_gmessages_homeserver_domain: ("as_token:" + matrix_appservice_double_puppet_registration_as_token)
}
if matrix_appservice_double_puppet_enabled
else (
matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled
if matrix_synapse_ext_password_provider_shared_secret_auth_enabled
else ""
)
else {}
}}
matrix_mautrix_gmessages_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}"
@ -2731,6 +2723,41 @@ matrix_bot_buscarron_database_password: "{{ '%s' | format(matrix_homeserver_gene
#
######################################################################
######################################################################
#
# matrix-bot-baibot
#
######################################################################
# We don't enable bots by default.
matrix_bot_baibot_enabled: false
matrix_bot_baibot_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_bot_baibot_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
}}
matrix_bot_baibot_config_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_bot_baibot_container_network: "{{ matrix_addons_container_network }}"
matrix_bot_baibot_container_additional_networks_auto: |-
{{
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
) | unique
}}
######################################################################
#
# /matrix-bot-baibot
#
######################################################################
######################################################################
#
# matrix-bot-postmoogle
@ -5418,6 +5445,12 @@ matrix_user_creator_users_auto: |
'initial_type': 'admin',
}] if matrix_bot_matrix_registration_bot_enabled else [])
+
([{
'username': matrix_bot_baibot_config_user_mxid_localpart,
'initial_password': matrix_bot_baibot_config_user_password,
'initial_type': 'bot',
}] if matrix_bot_baibot_enabled else [])
+
([{
'username': matrix_bot_chatgpt_matrix_bot_username_localpart,
'initial_password': matrix_bot_chatgpt_matrix_bot_password,

28
requirements.yml
View File

@ -16,22 +16,22 @@
version: 129c8590e106b83e6f4c259649a613c6279e937a
name: docker_sdk_for_python
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
version: v2.2.2-0
version: v2.2.2-1
name: etherpad
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
version: v4.98-r0-1-0
version: v4.98-r0-1-1
name: exim_relay
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git
version: v11.1.4-0
version: v11.1.4-1
name: grafana
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
version: v9646-0
version: v9646-1
name: jitsi
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-keydb.git
version: v6.3.4-2
version: v6.3.4-3
name: keydb
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
version: v2.10.0-1
version: v2.10.0-2
name: ntfy
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
version: 201c939eed363de269a83ba29784fc3244846048
@ -43,25 +43,25 @@
version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
name: playbook_state_preserver
- src: git+https://github.com/devture/com.devture.ansible.role.postgres.git
version: v16.3-2
version: v16.3-3
name: postgres
- src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git
version: 8c3585fb4857dbac026b2974bb6525289240effb
version: ccfd8db07fd8725119f0e06ba5144b8f58a67890
name: postgres_backup
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
version: v2.54.1-0
version: v2.54.1-1
name: prometheus
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
version: v1.8.2-0
version: v1.8.2-1
name: prometheus_node_exporter
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
version: v0.14.0-5
version: v0.14.0-6
name: prometheus_postgres_exporter
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-redis.git
version: v7.2.5-0
version: v7.2.5-1
name: redis
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
version: v1.2.0-0
version: v1.3.0-0
name: systemd_docker_base
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_service_manager.git
version: v1.0.0-4
@ -70,7 +70,7 @@
version: v1.0.0-0
name: timesync
- src: git+https://github.com/devture/com.devture.ansible.role.traefik.git
version: v3.1.2-1
version: v3.1.3-1
name: traefik
- src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git
version: v2.8.3-4

2
roles/custom/matrix-alertmanager-receiver/defaults/main.yml
View File

@ -6,7 +6,7 @@
matrix_alertmanager_receiver_enabled: true
# renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
matrix_alertmanager_receiver_version: 2024.8.28
matrix_alertmanager_receiver_version: 2024.9.18
matrix_alertmanager_receiver_scheme: https

3
roles/custom/matrix-alertmanager-receiver/tasks/install.yml
View File

@ -63,7 +63,7 @@
cmd: |-
{{ devture_systemd_docker_base_host_command_docker }} buildx build
--tag={{ matrix_alertmanager_receiver_container_image }}
--file={{ matrix_alertmanager_receiver_container_src_path }}/contrib/Dockerfile
--file={{ matrix_alertmanager_receiver_container_src_path }}/Dockerfile
{{ matrix_alertmanager_receiver_container_src_path }}
changed_when: true
@ -72,6 +72,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_alertmanager_receiver_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-alertmanager-receiver.service installed
ansible.builtin.template:

1
roles/custom/matrix-appservice-draupnir-for-all/tasks/setup_install.yml
View File

@ -80,6 +80,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_appservice_draupnir_for_all_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-appservice-draupnir-for-all.service installed
ansible.builtin.template:

488
roles/custom/matrix-bot-baibot/defaults/main.yml Normal file
View File

@ -0,0 +1,488 @@
---
# baibot is a bot exposing the power of Large Language Models to you.
# Project source code URL: https://github.com/etkecc/baibot
matrix_bot_baibot_enabled: true
matrix_bot_baibot_container_image_self_build: false
matrix_bot_baibot_container_repo: "https://github.com/etkecc/baibot.git"
matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_version == 'latest' else matrix_bot_baibot_version }}"
matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
# renovate: datasource=docker depName=ghcr.io/etkecc/baibot
matrix_bot_baibot_version: latest
matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_name_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
matrix_bot_baibot_container_image_name_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else 'ghcr.io/' }}"
matrix_bot_baibot_container_image_force_pull: "{{ matrix_bot_baibot_container_image.endswith(':latest') }}"
matrix_bot_baibot_base_path: "{{ matrix_base_data_path }}/baibot"
matrix_bot_baibot_config_path: "{{ matrix_bot_baibot_base_path }}/config"
matrix_bot_baibot_data_path: "{{ matrix_bot_baibot_base_path }}/data"
matrix_bot_baibot_container_network: ""
matrix_bot_baibot_container_additional_networks: "{{ matrix_bot_baibot_container_additional_networks_auto + matrix_bot_baibot_container_additional_networks_custom }}"
matrix_bot_baibot_container_additional_networks_auto: []
matrix_bot_baibot_container_additional_networks_custom: []
# A list of extra arguments to pass to the container
matrix_bot_baibot_container_extra_arguments: []
# List of systemd services that matrix-bot-baibot.service depends on
matrix_bot_baibot_systemd_required_services_list: "{{ matrix_bot_baibot_systemd_required_services_list_default + matrix_bot_baibot_systemd_required_services_list_auto + matrix_bot_baibot_systemd_required_services_list_custom }}"
matrix_bot_baibot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_bot_baibot_systemd_required_services_list_auto: []
matrix_bot_baibot_systemd_required_services_list_custom: []
# List of systemd services that matrix-bot-baibot.service wants
matrix_bot_baibot_systemd_wanted_services_list: []
# Controls the `homeserver.server_name` configuration setting.
matrix_bot_baibot_config_homeserver_server_name: "{{ matrix_domain }}"
# Controls the `homeserver.url` configuration setting.
matrix_bot_baibot_config_homeserver_url: ""
# Controls the `user.mxid_localpart` configuration setting.
#
# This affects the bot's username.
# Changing this subsequently will require you to drop the bot's session/database (see `matrix_bot_baibot_data_path`),
# so it can start fresh.
matrix_bot_baibot_config_user_mxid_localpart: baibot
# Controls the `user.password` configuration setting.
matrix_bot_baibot_config_user_password: ''
# Controls the `user.name` configuration setting.
#
# The name the bot uses as a display name and when it refers to itself.
# If you leave this empty, the bot will use the default (baibot).
#
# Also see: `matrix_bot_baibot_config_user_mxid_localpart`
matrix_bot_baibot_config_user_name: baibot
# Controls the `user.encryption.recovery_passphrase` configuration setting.
#
# An optional passphrase to use for backing up and recovering the bot's encryption keys.
# You can use any string here.
#
# If left empty, the recovery module will not be used and losing your session/database (see persistence)
# will mean you lose access to old messages in encrypted room.
#
# Changing this subsequently will also cause you to lose access to old messages in encrypted rooms.
# If you really need to change this:
# - Set `matrix_bot_baibot_config_user_encryption_recovery_reset_allowed` to `true` and adjust the passphrase
# - Remove your session file and database (see persistence)
# - Restart the bot
# - Then restore `matrix_bot_baibot_config_user_encryption_recovery_reset_allowed` to `false` to prevent accidental resets in the future
matrix_bot_baibot_config_user_encryption_recovery_passphrase: null
# Controls the `user.encryption.recovery_passphrase` configuration setting.
#
# An optional flag to reset the encryption recovery passphrase (see `matrix_bot_baibot_config_user_encryption_recovery_passphrase`).
matrix_bot_baibot_config_user_encryption_recovery_reset_allowed: false
# Controls the `command_prefix` configuration setting.
# If you leave this empty, the bot will use the default (!bai).
matrix_bot_baibot_config_command_prefix: "!bai"
# Controls the `access.admin_patterns` configuration setting.
# A space-separated list of MXID patterns which specify who is an admin.
#
# Example:
# matrix_bot_baibot_config_access_admin_patterns:
# - "@*:example.com"
# - "@admin:another.com"
matrix_bot_baibot_config_access_admin_patterns: "{{ [matrix_admin] if matrix_admin else [] }}"
# Controls the `persistence.data_dir_path` configuration setting.
#
# The bot runs in a container, so this is the in-container path referring to the data directory on the host
# (see `matrix_bot_baibot_data_path`).
#
# You generally don't need to change this.
matrix_bot_baibot_config_persistence_data_dir_path: /data
# Controls the `persistence.session_encryption_key` configuration setting.
#
# An optional secret for encrypting the bot's session data (see `matrix_bot_baibot_data_path`).
# This must be 32-bytes (64 characters when HEX-encoded).
# Generate it with: `openssl rand -hex 32`
# Leave null or empty to avoid using encryption.
# Changing this subsequently requires that you also throw away all data (see `matrix_bot_baibot_data_path`)
matrix_bot_baibot_config_persistence_session_encryption_key: null
# Controls the `persistence.config_encryption_key` configuration setting.
#
# An optional secret for encrypting bot configuration stored in Matrix's account data.
# This must be 32-bytes (64 characters when HEX-encoded).
# Generate it with: `openssl rand -hex 32`
# Leave null or empty to avoid using encryption.
# Changing this subsequently will make you lose your configuration.
matrix_bot_baibot_config_persistence_config_encryption_key: null
# Controls the `agents.static_definitions` configuration setting.
#
# There are some presets (e.g. `matrix_bot_baibot_config_agents_static_definitions_openai_*`) you can easily use to get started with a given provider.
# You can also define your own agents via `matrix_bot_baibot_config_agents_static_definitions_custom`.
matrix_bot_baibot_config_agents_static_definitions: "{{ matrix_bot_baibot_config_agents_static_definitions_auto + matrix_bot_baibot_config_agents_static_definitions_custom }}"
matrix_bot_baibot_config_agents_static_definitions_auto: |-
{{
([{
'id': matrix_bot_baibot_config_agents_static_definitions_anthropic_id,
'provider': matrix_bot_baibot_config_agents_static_definitions_anthropic_provider,
'config': matrix_bot_baibot_config_agents_static_definitions_anthropic_config,
}] if matrix_bot_baibot_config_agents_static_definitions_anthropic_enabled else [])
+
([{
'id': matrix_bot_baibot_config_agents_static_definitions_groq_id,
'provider': matrix_bot_baibot_config_agents_static_definitions_groq_provider,
'config': matrix_bot_baibot_config_agents_static_definitions_groq_config,
}] if matrix_bot_baibot_config_agents_static_definitions_groq_enabled else [])
+
([{
'id': matrix_bot_baibot_config_agents_static_definitions_mistral_id,
'provider': matrix_bot_baibot_config_agents_static_definitions_mistral_provider,
'config': matrix_bot_baibot_config_agents_static_definitions_mistral_config,
}] if matrix_bot_baibot_config_agents_static_definitions_mistral_enabled else [])
+
([{
'id': matrix_bot_baibot_config_agents_static_definitions_openai_id,
'provider': matrix_bot_baibot_config_agents_static_definitions_openai_provider,
'config': matrix_bot_baibot_config_agents_static_definitions_openai_config,
}] if matrix_bot_baibot_config_agents_static_definitions_openai_enabled else [])
}}
matrix_bot_baibot_config_agents_static_definitions_custom: []
########################################################################################
# #
# Anthropic agent configuration #
# #
########################################################################################
matrix_bot_baibot_config_agents_static_definitions_anthropic_enabled: false
matrix_bot_baibot_config_agents_static_definitions_anthropic_id: anthropic
matrix_bot_baibot_config_agents_static_definitions_anthropic_provider: anthropic
matrix_bot_baibot_config_agents_static_definitions_anthropic_config: "{{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_yaml | from_yaml | combine(matrix_bot_baibot_config_agents_static_definitions_anthropic_config_extension, recursive=True)}}"
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_yaml: "{{ lookup('template', 'templates/provider/anthropic-config.yml.j2') }}"
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_extension: "{{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_extension_yaml | from_yaml if matrix_bot_baibot_config_agents_static_definitions_anthropic_config_extension_yaml | from_yaml is mapping else {} }}"
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_extension_yaml: |
# Your custom YAML configuration for this provider's configuration goes here.
# This configuration extends the default starting configuration (`matrix_bot_baibot_config_agents_static_definitions_anthropic_config`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_bot_baibot_config_agents_static_definitions_anthropic_config_yaml`.
#
# Example configuration extension follows:
#
# text_generation:
# temperature: 3.5
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_base_url: https://api.anthropic.com/v1
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_api_key: ""
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_enabled: true
# For valid model choices, see: https://platform.anthropic.com/docs/models
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_model_id: claude-3-5-sonnet-20240620
# The prompt text to use (can be null or empty to not use a prompt).
# See: https://huggingface.co/docs/transformers/en/tasks/prompting
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_prompt: null
# The temperature parameter controls the randomness of the generated text.
# See: https://blogs.novita.ai/what-are-large-language-model-settings-temperature-top-p-and-max-tokens/#what-is-llm-temperature
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_temperature: 1.0
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_max_response_tokens: 8192
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_max_context_tokens: 204800
########################################################################################
# #
# /Anthropic agent configuration #
# #
########################################################################################
########################################################################################
# #
# Groq agent configuration #
# #
########################################################################################
matrix_bot_baibot_config_agents_static_definitions_groq_enabled: false
matrix_bot_baibot_config_agents_static_definitions_groq_id: groq
matrix_bot_baibot_config_agents_static_definitions_groq_provider: groq
matrix_bot_baibot_config_agents_static_definitions_groq_config: "{{ matrix_bot_baibot_config_agents_static_definitions_groq_config_yaml | from_yaml | combine(matrix_bot_baibot_config_agents_static_definitions_groq_config_extension, recursive=True)}}"
matrix_bot_baibot_config_agents_static_definitions_groq_config_yaml: "{{ lookup('template', 'templates/provider/groq-config.yml.j2') }}"
matrix_bot_baibot_config_agents_static_definitions_groq_config_extension: "{{ matrix_bot_baibot_config_agents_static_definitions_groq_config_extension_yaml | from_yaml if matrix_bot_baibot_config_agents_static_definitions_groq_config_extension_yaml | from_yaml is mapping else {} }}"
matrix_bot_baibot_config_agents_static_definitions_groq_config_extension_yaml: |
# Your custom YAML configuration for this provider's configuration goes here.
# This configuration extends the default starting configuration (`matrix_bot_baibot_config_agents_static_definitions_groq_config`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_bot_baibot_config_agents_static_definitions_groq_config_yaml`.
#
# Example configuration extension follows:
#
# text_generation:
# temperature: 3.5
matrix_bot_baibot_config_agents_static_definitions_groq_config_base_url: https://api.groq.com/openai/v1
matrix_bot_baibot_config_agents_static_definitions_groq_config_api_key: ""
matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_enabled: true
# For valid model choices, see: https://platform.groq.com/docs/models
matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_model_id: ""
# The prompt text to use (can be null or empty to not use a prompt).
# See: https://huggingface.co/docs/transformers/en/tasks/prompting
matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_prompt: null
# The temperature parameter controls the randomness of the generated text.
# See: https://blogs.novita.ai/what-are-large-language-model-settings-temperature-top-p-and-max-tokens/#what-is-llm-temperature
matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_temperature: 1.0
matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_max_response_tokens: 4096
matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_max_context_tokens: 131072
matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_enabled: true
matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_model_id: whisper-large-v3
########################################################################################
# #
# /Groq agent configuration #
# #
########################################################################################
########################################################################################
# #
# Mistral agent configuration #
# #
########################################################################################
matrix_bot_baibot_config_agents_static_definitions_mistral_enabled: false
matrix_bot_baibot_config_agents_static_definitions_mistral_id: mistral
matrix_bot_baibot_config_agents_static_definitions_mistral_provider: mistral
matrix_bot_baibot_config_agents_static_definitions_mistral_config: "{{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_yaml | from_yaml | combine(matrix_bot_baibot_config_agents_static_definitions_mistral_config_extension, recursive=True)}}"
matrix_bot_baibot_config_agents_static_definitions_mistral_config_yaml: "{{ lookup('template', 'templates/provider/mistral-config.yml.j2') }}"
matrix_bot_baibot_config_agents_static_definitions_mistral_config_extension: "{{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_extension_yaml | from_yaml if matrix_bot_baibot_config_agents_static_definitions_mistral_config_extension_yaml | from_yaml is mapping else {} }}"
matrix_bot_baibot_config_agents_static_definitions_mistral_config_extension_yaml: |
# Your custom YAML configuration for this provider's configuration goes here.
# This configuration extends the default starting configuration (`matrix_bot_baibot_config_agents_static_definitions_mistral_config`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_bot_baibot_config_agents_static_definitions_mistral_config_yaml`.
#
# Example configuration extension follows:
#
# text_generation:
# temperature: 3.5
matrix_bot_baibot_config_agents_static_definitions_mistral_config_base_url: https://api.mistral.ai/v1
matrix_bot_baibot_config_agents_static_definitions_mistral_config_api_key: ""
matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_enabled: true
# For valid model choices, see: https://platform.mistral.com/docs/models
matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_model_id: mistral-large-latest
# The prompt text to use (can be null or empty to not use a prompt).
# See: https://huggingface.co/docs/transformers/en/tasks/prompting
matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_prompt: null
# The temperature parameter controls the randomness of the generated text.
# See: https://blogs.novita.ai/what-are-large-language-model-settings-temperature-top-p-and-max-tokens/#what-is-llm-temperature
matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_temperature: 1.0
matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_max_response_tokens: 4096
matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_max_context_tokens: 128000
########################################################################################
# #
# /Mistral agent configuration #
# #
########################################################################################
########################################################################################
# #
# OpenAI agent configuration #
# #
########################################################################################
matrix_bot_baibot_config_agents_static_definitions_openai_enabled: false
matrix_bot_baibot_config_agents_static_definitions_openai_id: openai
matrix_bot_baibot_config_agents_static_definitions_openai_provider: openai
matrix_bot_baibot_config_agents_static_definitions_openai_config: "{{ matrix_bot_baibot_config_agents_static_definitions_openai_config_yaml | from_yaml | combine(matrix_bot_baibot_config_agents_static_definitions_openai_config_extension, recursive=True)}}"
matrix_bot_baibot_config_agents_static_definitions_openai_config_yaml: "{{ lookup('template', 'templates/provider/openai-config.yml.j2') }}"
matrix_bot_baibot_config_agents_static_definitions_openai_config_extension: "{{ matrix_bot_baibot_config_agents_static_definitions_openai_config_extension_yaml | from_yaml if matrix_bot_baibot_config_agents_static_definitions_openai_config_extension_yaml | from_yaml is mapping else {} }}"
matrix_bot_baibot_config_agents_static_definitions_openai_config_extension_yaml: |
# Your custom YAML configuration for this provider's configuration goes here.
# This configuration extends the default starting configuration (`matrix_bot_baibot_config_agents_static_definitions_openai_config`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_bot_baibot_config_agents_static_definitions_openai_config_yaml`.
#
# Example configuration extension follows:
#
# text_generation:
# temperature: 3.5
matrix_bot_baibot_config_agents_static_definitions_openai_config_base_url: https://api.openai.com/v1
# The API key is intentionally not required. Some OpenAI-compatible APIs do not require a key.
matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key: ""
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_enabled: true
# For valid model choices, see: https://platform.openai.com/docs/models
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4o
# The prompt text to use (can be null or empty to not use a prompt).
# See: https://huggingface.co/docs/transformers/en/tasks/prompting
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_prompt: null
# The temperature parameter controls the randomness of the generated text.
# See: https://blogs.novita.ai/what-are-large-language-model-settings-temperature-top-p-and-max-tokens/#what-is-llm-temperature
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_temperature: 1.0
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_max_response_tokens: 16384
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_max_context_tokens: 128000
matrix_bot_baibot_config_agents_static_definitions_openai_config_speech_to_text_enabled: true
matrix_bot_baibot_config_agents_static_definitions_openai_config_speech_to_text_model_id: whisper-1
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_enabled: true
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_model_id: tts-1-hd
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_voice: onyx
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_speed: 1.0
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_response_format: opus
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_enabled: true
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_model_id: dall-e-3
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_style: vivid
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_size: 1024x1024
########################################################################################
# #
# /OpenAI agent configuration #
# #
########################################################################################
# Controls the `initial_global_config.handler.catch_all` configuration setting.
#
# This is an initial global configuration setting.
# It only affects the first run of the bot. Configuration is later managed at runtime.
matrix_bot_baibot_config_initial_global_config_handler_catch_all: null
# Controls the `initial_global_config.handler.text_generation` configuration setting.
#
# This is an initial global configuration setting.
# It only affects the first run of the bot. Configuration is later managed at runtime.
matrix_bot_baibot_config_initial_global_config_handler_text_generation: null
# Controls the `initial_global_config.handler.text_to_speech` configuration setting.
#
# This is an initial global configuration setting.
# It only affects the first run of the bot. Configuration is later managed at runtime.
matrix_bot_baibot_config_initial_global_config_handler_text_to_speech: null
# Controls the `initial_global_config.handler.speech_to_text` configuration setting.
#
# This is an initial global configuration setting.
# It only affects the first run of the bot. Configuration is later managed at runtime.
matrix_bot_baibot_config_initial_global_config_handler_speech_to_text: null
# Controls the `initial_global_config.handler.image_generation` configuration setting.
#
# This is an initial global configuration setting.
# It only affects the first run of the bot. Configuration is later managed at runtime.
matrix_bot_baibot_config_initial_global_config_handler_image_generation: null
# Controls the `initial_global_config.user_patterns` configuration setting.
#
# A space-separated list of MXID patterns which specify who can use the bot.
# By default, we let anyone on the homeserver use the bot.
#
# This is an initial global configuration setting.
# It only affects the first run of the bot. Configuration is later managed at runtime.
matrix_bot_baibot_config_initial_global_config_user_patterns:
- "@*:{{ matrix_bot_baibot_config_homeserver_server_name }}"
# Controls the `logging` configuration setting.
#
# This could take a single value (e.g. `warn`) to affect all tracing targets,
# or individual libraries (e.g. `mxlink`, `baibot`) can be configured independently of the main level.
#
# Below, we configure the logging level for:
# - the bot (baibot), via `matrix_bot_baibot_config_logging_level_baibot`
# - the bot framework that the bot is based on (mxlink), via `matrix_bot_baibot_config_logging_level_mxlink`
# - everything else (external libraries), via `matrix_bot_baibot_config_logging_level_other_libs`
#
# Valid values for each level are: `trace`, `debug`, `info`, `warn`, `error`.
# Learn more here: https://stackoverflow.com/a/73735203
matrix_bot_baibot_config_logging: "{{ matrix_bot_baibot_config_logging_level_other_libs }},mxlink={{ matrix_bot_baibot_config_logging_level_mxlink }},baibot={{ matrix_bot_baibot_config_logging_level_baibot }}"
# Adjust the logging level for other libraries used by the bot.
matrix_bot_baibot_config_logging_level_other_libs: warn
# Affects the logging level of the bot framework (mxlink) that the bot is based on.
# Related to `matrix_bot_baibot_config_logging`
matrix_bot_baibot_config_logging_level_mxlink: info
# Affects the logging level of the bot itself.
# Related to `matrix_bot_baibot_config_logging`
matrix_bot_baibot_config_logging_level_baibot: info
# Holds the final baibot configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_baibot_configuration_yaml` or `matrix_bot_baibot_configuration_extension_yaml`.
matrix_bot_baibot_configuration: "{{ matrix_bot_baibot_configuration_yaml | from_yaml | combine(matrix_bot_baibot_configuration_extension, recursive=True) }}"
# Default baibot configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_bot_baibot_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_bot_baibot_configuration_yaml: "{{ lookup('template', 'templates/config.yml.j2') }}"
matrix_bot_baibot_configuration_extension_yaml: |
# Your custom YAML configuration for baibot goes here.
# This configuration extends the default starting configuration (`matrix_bot_baibot_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_bot_baibot_configuration_yaml`.
#
# Example configuration extension follows:
#
# user:
# password: something
matrix_bot_baibot_configuration_extension: "{{ matrix_bot_baibot_configuration_extension_yaml | from_yaml if matrix_bot_baibot_configuration_extension_yaml | from_yaml is mapping else {} }}"
# Additional environment variables to pass to the baibot container.
#
# Environment variables take priority over settings in the configuration file.
#
# Example:
# matrix_bot_baibot_environment_variables_extension: |
# BAIBOT_USER_PASSWORD=password
matrix_bot_baibot_environment_variables_extension: ''

77
roles/custom/matrix-bot-baibot/tasks/install.yml Normal file
View File

@ -0,0 +1,77 @@
---
- name: Ensure baibot paths exist
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- {path: "{{ matrix_bot_baibot_config_path }}", when: true}
- {path: "{{ matrix_bot_baibot_data_path }}", when: true}
- {path: "{{ matrix_bot_baibot_container_src_files_path }}", when: matrix_bot_baibot_container_image_self_build}
when: "item.when | bool"
- name: Ensure baibot configuration installed
ansible.builtin.copy:
content: "{{ matrix_bot_baibot_configuration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_bot_baibot_config_path }}/config.yml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure baibot environment variables file created
ansible.builtin.template:
src: "{{ role_path }}/templates/env.j2"
dest: "{{ matrix_bot_baibot_config_path }}/env"
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
mode: 0640
- name: Ensure baibot image is pulled
community.docker.docker_image:
name: "{{ matrix_bot_baibot_container_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_bot_baibot_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_baibot_container_image_force_pull }}"
when: "not matrix_bot_baibot_container_image_self_build | bool"
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- name: Ensure baibot repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_bot_baibot_container_repo }}"
version: "{{ matrix_bot_baibot_container_repo_version }}"
dest: "{{ matrix_bot_baibot_container_src_files_path }}"
force: "yes"
become: true
become_user: "{{ matrix_user_username }}"
register: matrix_bot_baibot_git_pull_results
when: "matrix_bot_baibot_container_image_self_build | bool"
- name: Ensure baibot image is built
community.docker.docker_image:
name: "{{ matrix_bot_baibot_container_image }}"
source: build
force_source: "{{ matrix_bot_baibot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_baibot_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_bot_baibot_container_src_files_path }}"
pull: true
when: "matrix_bot_baibot_container_image_self_build | bool"
- name: Ensure baibot container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_baibot_container_network }}"
driver: bridge
- name: Ensure matrix-bot-baibot.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-bot-baibot.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-baibot.service"
mode: 0644

20
roles/custom/matrix-bot-baibot/tasks/main.yml Normal file
View File

@ -0,0 +1,20 @@
---
- tags:
- setup-all
- setup-bot-baibot
- install-all
- install-bot-baibot
block:
- when: matrix_bot_baibot_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- when: matrix_bot_baibot_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
- tags:
- setup-all
- setup-bot-baibot
block:
- when: not matrix_bot_baibot_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml"

25
roles/custom/matrix-bot-baibot/tasks/uninstall.yml Normal file
View File

@ -0,0 +1,25 @@
---
- name: Check existence of matrix-baibot service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-baibot.service"
register: matrix_bot_baibot_service_stat
- when: matrix_bot_baibot_service_stat.stat.exists | bool
block:
- name: Ensure matrix-baibot is stopped
ansible.builtin.service:
name: matrix-bot-baibot
state: stopped
enabled: false
daemon_reload: true
- name: Ensure matrix-bot-baibot.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-baibot.service"
state: absent
- name: Ensure Matrix baibot paths don't exist
ansible.builtin.file:
path: "{{ matrix_bot_baibot_base_path }}"
state: absent

28
roles/custom/matrix-bot-baibot/tasks/validate_config.yml Normal file
View File

@ -0,0 +1,28 @@
---
- name: Fail if required baibot settings not defined
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and vars[item.name] == ''"
with_items:
- {'name': 'matrix_bot_baibot_config_user_mxid_localpart', when: true}
- {'name': 'matrix_bot_baibot_config_user_password', when: true}
- {'name': 'matrix_bot_baibot_container_network', when: true}
- {'name': 'matrix_bot_baibot_config_homeserver_url', when: true}
- {'name': 'matrix_bot_baibot_config_agents_static_definitions_anthropic_config_api_key', when: "{{ matrix_bot_baibot_config_agents_static_definitions_anthropic_enabled }}"}
- {'name': 'matrix_bot_baibot_config_agents_static_definitions_groq_config_api_key', when: "{{ matrix_bot_baibot_config_agents_static_definitions_groq_enabled }}"}
- {'name': 'matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_model_id', when: "{{ matrix_bot_baibot_config_agents_static_definitions_groq_enabled and matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_enabled }}"}
- {'name': 'matrix_bot_baibot_config_agents_static_definitions_mistral_config_api_key', when: "{{ matrix_bot_baibot_config_agents_static_definitions_mistral_enabled }}"}
- {'name': 'matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_model_id', when: "{{ matrix_bot_baibot_config_agents_static_definitions_mistral_enabled and matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_enabled }}"}
- {'name': 'matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key', when: "{{ matrix_bot_baibot_config_agents_static_definitions_openai_enabled }}"}
- name: Fail if admin patterns list is empty
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`matrix_bot_baibot_config_access_admin_patterns`) to specify which users are bot administrators.
when: "matrix_bot_baibot_config_access_admin_patterns | length == 0"

85
roles/custom/matrix-bot-baibot/templates/config.yml.j2 Normal file
View File

@ -0,0 +1,85 @@
# Default configuration for baibot.
# To extend it, use `matrix_bot_baibot_configuration_extension_yaml`.
homeserver:
# The canonical homeserver domain name
server_name: {{ matrix_bot_baibot_config_homeserver_server_name | to_json }}
url: {{ matrix_bot_baibot_config_homeserver_url | to_json }}
user:
mxid_localpart: {{ matrix_bot_baibot_config_user_mxid_localpart | to_json }}
password: {{ matrix_bot_baibot_config_user_password | to_json }}
# The name the bot uses as a display name and when it refers to itself.
# Leave empty to use the default (baibot).
name: {{ matrix_bot_baibot_config_user_name | to_json }}
encryption:
# An optional passphrase to use for backing up and recovering the bot's encryption keys.
# You can use any string here.
#
# If left empty, the recovery module will not be used and losing your session/database (see persistence)
# will mean you lose access to old messages in encrypted room.
#
# Changing this subsequently will also cause you to lose access to old messages in encrypted rooms.
# If you really need to change this:
# - Set `encryption_recovery_reset_allowed` to `true` and adjust the passphrase
# - Remove your session file and database (see persistence)
# - Restart the bot
# - Then restore `encryption_recovery_reset_allowed` to `false` to prevent accidental resets in the future
recovery_passphrase: {{ matrix_bot_baibot_config_user_encryption_recovery_passphrase | to_json }}
# An optional flag to reset the encryption recovery passphrase.
recovery_reset_allowed: {{ matrix_bot_baibot_config_user_encryption_recovery_reset_allowed | to_json }}
# Command prefix. Leave empty to use the default (!bai).
command_prefix: {{ matrix_bot_baibot_config_command_prefix | to_json }}
access:
# Space-separated list of MXID patterns which specify who is an admin.
admin_patterns: {{ matrix_bot_baibot_config_access_admin_patterns | to_json }}
persistence:
data_dir_path: {{ matrix_bot_baibot_config_persistence_data_dir_path | to_json }}
# An optional secret for encrypting the bot's session data (stored in data_dir_path).
# This must be 32-bytes (64 characters when HEX-encoded).
# Generate it with: `openssl rand -hex 32`
# Leave null or empty to avoid using encryption.
# Changing this subsequently requires that you also throw away all data stored in data_dir_path.
session_encryption_key: {{ matrix_bot_baibot_config_persistence_session_encryption_key | to_json }}
# An optional secret for encrypting bot configuration stored in Matrix's account data.
# This must be 32-bytes (64 characters when HEX-encoded).
# Generate it with: `openssl rand -hex 32`
# Leave null or empty to avoid using encryption.
# Changing this subsequently will make you lose your configuration.
config_encryption_key: {{ matrix_bot_baibot_config_persistence_config_encryption_key | to_json }}
agents:
# A list of statically-defined agents.
static_definitions: {{ matrix_bot_baibot_config_agents_static_definitions | to_json }}
# Initial global configuration. This only affects the first run of the bot.
# Configuration is later managed at runtime.
initial_global_config:
handler:
catch_all: {{ matrix_bot_baibot_config_initial_global_config_handler_catch_all | to_json }}
text_generation: {{ matrix_bot_baibot_config_initial_global_config_handler_text_generation | to_json }}
text_to_speech: {{ matrix_bot_baibot_config_initial_global_config_handler_text_to_speech | to_json }}
speech_to_text: {{ matrix_bot_baibot_config_initial_global_config_handler_speech_to_text | to_json }}
image_generation: {{ matrix_bot_baibot_config_initial_global_config_handler_image_generation | to_json }}
# Space-separated list of MXID patterns which specify who can use the bot.
# By default, we let anyone on the homeserver use the bot.
user_patterns: {{ matrix_bot_baibot_config_initial_global_config_user_patterns | to_json}}
# Controls logging.
#
# Sets all tracing targets (external crates) to warn, and our own logs to debug.
# For even more verbose logging, one may also use trace.
#
# matrix_sdk_crypto may be chatty and could be added with an error level.
#
# Learn more here: https://stackoverflow.com/a/73735203
logging: {{ matrix_bot_baibot_config_logging | to_json }}

1
roles/custom/matrix-bot-baibot/templates/env.j2 Normal file
View File

@ -0,0 +1 @@
{{ matrix_bot_baibot_environment_variables_extension }}

13
roles/custom/matrix-bot-baibot/templates/provider/anthropic-config.yml.j2 Normal file
View File

@ -0,0 +1,13 @@
#jinja2: lstrip_blocks: "True"
base_url: {{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_base_url | to_json }}
api_key: {{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_api_key | to_json }}
{% if matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_enabled %}
text_generation:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_model_id | to_json }}
prompt: {{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_prompt | to_json }}
temperature: {{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_temperature | to_json }}
max_response_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_max_response_tokens | int | to_json }}
max_context_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_max_context_tokens | int | to_json }}
{% endif %}

18
roles/custom/matrix-bot-baibot/templates/provider/groq-config.yml.j2 Normal file
View File

@ -0,0 +1,18 @@
#jinja2: lstrip_blocks: "True"
base_url: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_base_url | to_json }}
api_key: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_api_key | to_json }}
{% if matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_enabled %}
text_generation:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_model_id | to_json }}
prompt: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_prompt | to_json }}
temperature: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_temperature | to_json }}
max_response_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_max_response_tokens | int | to_json }}
max_context_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_text_generation_max_context_tokens | int | to_json }}
{% endif %}
{% if matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_enabled %}
speech_to_text:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_groq_config_speech_to_text_model_id | to_json }}
{% endif %}

13
roles/custom/matrix-bot-baibot/templates/provider/mistral-config.yml.j2 Normal file
View File

@ -0,0 +1,13 @@
#jinja2: lstrip_blocks: "True"
base_url: {{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_base_url | to_json }}
api_key: {{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_api_key | to_json }}
{% if matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_enabled %}
text_generation:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_model_id | to_json }}
prompt: {{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_prompt | to_json }}
temperature: {{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_temperature | to_json }}
max_response_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_max_response_tokens | int | to_json }}
max_context_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_mistral_config_text_generation_max_context_tokens | int | to_json }}
{% endif %}

33
roles/custom/matrix-bot-baibot/templates/provider/openai-config.yml.j2 Normal file
View File

@ -0,0 +1,33 @@
#jinja2: lstrip_blocks: "True"
base_url: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_base_url | to_json }}
api_key: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key | to_json }}
{% if matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_enabled %}
text_generation:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id | to_json }}
prompt: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_prompt | to_json }}
temperature: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_temperature | to_json }}
max_response_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_max_response_tokens | int | to_json }}
max_context_tokens: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_max_context_tokens | int | to_json }}
{% endif %}
{% if matrix_bot_baibot_config_agents_static_definitions_openai_config_speech_to_text_enabled %}
speech_to_text:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_speech_to_text_model_id | to_json }}
{% endif %}
{% if matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_enabled %}
text_to_speech:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_model_id | to_json }}
voice: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_voice | to_json }}
speed: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_speed | float }}
response_format: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_response_format | to_json }}
{% endif %}
{% if matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_enabled %}
image_generation:
model_id: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_model_id | to_json }}
style: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_style | to_json }}
size: {{ matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_size | to_json }}
{% endif %}

53
roles/custom/matrix-bot-baibot/templates/systemd/matrix-bot-baibot.service.j2 Normal file
View File

@ -0,0 +1,53 @@
#jinja2: lstrip_blocks: "True"
[Unit]
Description=Matrix baibot bot
{% for service in matrix_bot_baibot_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_bot_baibot_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-baibot 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-baibot 2>/dev/null || true'
{#
We mount a tmpfs at /tmp, because the bot may write temporary files there
(see its `src/agent/provider/openai_compat/controller.rs`).
#}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-bot-baibot \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--read-only \
--network={{ matrix_bot_baibot_container_network }} \
--env-file={{ matrix_bot_baibot_config_path }}/env \
--mount type=bind,src={{ matrix_bot_baibot_config_path }}/config.yml,dst=/app/config.yml,ro \
--mount type=bind,src={{ matrix_bot_baibot_data_path }},dst=/data \
--tmpfs=/tmp:rw,noexec,nosuid,size=1024m \
{% for arg in matrix_bot_baibot_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_bot_baibot_container_image }}
{% for network in matrix_bot_baibot_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-baibot
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-baibot
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-bot-baibot 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-baibot 2>/dev/null || true'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-bot-baibot
[Install]
WantedBy=multi-user.target

1
roles/custom/matrix-bot-buscarron/tasks/setup_install.yml
View File

@ -97,6 +97,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_buscarron_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-buscarron.service restarted, if necessary
ansible.builtin.service:

1
roles/custom/matrix-bot-chatgpt/tasks/install.yml
View File

@ -61,6 +61,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_chatgpt_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-chatgpt.service installed
ansible.builtin.template:

1
roles/custom/matrix-bot-draupnir/tasks/setup_install.yml
View File

@ -75,6 +75,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_draupnir_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-draupnir.service installed
ansible.builtin.template:

1
roles/custom/matrix-bot-go-neb/tasks/install.yml
View File

@ -48,6 +48,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_go_neb_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-go-neb.service installed
ansible.builtin.template:

1
roles/custom/matrix-bot-honoroit/tasks/setup_install.yml
View File

@ -91,6 +91,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_honoroit_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-honoroit.service installed
ansible.builtin.template:

1
roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml
View File

@ -61,6 +61,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_matrix_registration_bot_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-matrix-registration-bot.service installed
ansible.builtin.template:

1
roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
View File

@ -89,6 +89,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_matrix_reminder_bot_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-matrix-reminder-bot.service installed
ansible.builtin.template:

1
roles/custom/matrix-bot-maubot/tasks/setup_install.yml
View File

@ -75,6 +75,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_maubot_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-maubot.service installed
ansible.builtin.template:

2
roles/custom/matrix-bot-mjolnir/defaults/main.yml
View File

@ -5,7 +5,7 @@
matrix_bot_mjolnir_enabled: true
# renovate: datasource=docker depName=matrixdotorg/mjolnir
matrix_bot_mjolnir_version: "v1.6.5"
matrix_bot_mjolnir_version: "v1.7.0"
matrix_bot_mjolnir_container_image_self_build: false
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"

1
roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml
View File

@ -64,6 +64,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_mjolnir_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-mjolnir.service installed
ansible.builtin.template:

1
roles/custom/matrix-bot-postmoogle/tasks/setup_install.yml
View File

@ -84,6 +84,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_postmoogle_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-postmoogle.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml
View File

@ -109,6 +109,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_appservice_discord_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-appservice-discord.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml
View File

@ -193,6 +193,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_appservice_irc_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-appservice-irc.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml
View File

@ -102,6 +102,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_appservice_kakaotalk_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-appservice-kakaotalk-node.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml
View File

@ -87,6 +87,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_appservice_slack_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-appservice-slack support files installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml
View File

@ -86,6 +86,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_appservice_webhooks_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-appservice-webhooks support files installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml
View File

@ -88,6 +88,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_beeper_linkedin_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-beeper-linkedin.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml
View File

@ -131,6 +131,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_go_skype_bridge_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-go-skype-bridge.service installed
ansible.builtin.template:

13
roles/custom/matrix-bridge-heisenbridge/defaults/main.yml
View File

@ -46,7 +46,7 @@ matrix_heisenbridge_container_labels_traefik_tls_certResolver: default # noqa v
matrix_heisenbridge_container_labels_traefik_media_enabled: true
matrix_heisenbridge_container_labels_traefik_media_hostname: "{{ matrix_heisenbridge_container_labels_traefik_hostname }}"
# The path prefix must either be `/` or not end with a slash (e.g. `/heisenbridge`).
matrix_heisenbridge_container_labels_traefik_media_path_prefix: "{{ '/_heisenbridge/media' if matrix_heisenbridge_container_labels_traefik_path_prefix == '/' else (matrix_heisenbridge_container_labels_traefik_path_prefix + '/_heisenbridge/media') }}"
matrix_heisenbridge_container_labels_traefik_media_path_prefix: "{{ '' if matrix_heisenbridge_container_labels_traefik_path_prefix == '/' else (matrix_heisenbridge_container_labels_traefik_path_prefix) }}/_heisenbridge/media"
matrix_heisenbridge_container_labels_traefik_media_rule: "Host(`{{ matrix_heisenbridge_container_labels_traefik_media_hostname }}`){% if matrix_heisenbridge_container_labels_traefik_media_path_prefix != '/' %} && PathPrefix(`{{ matrix_heisenbridge_container_labels_traefik_media_path_prefix }}`){% endif %}"
matrix_heisenbridge_container_labels_traefik_media_priority: 0
matrix_heisenbridge_container_labels_traefik_media_entrypoints: "{{ matrix_heisenbridge_container_labels_traefik_entrypoints }}"
@ -79,19 +79,16 @@ matrix_heisenbridge_homeserver_url: ""
matrix_heisenbridge_appservice_token: ''
matrix_heisenbridge_homeserver_token: ''
# In light of Synapse sunsetting unauthenticated media, we'd like to move to Heisenbridge's media proxy,
# announced here: https://github.com/hifi/heisenbridge/releases/tag/v1.15.0
#
# It seems like the media proxy is not working as expected, so we're disabling it for now and falling back to our old media URL (pointing Heisenbridge to the homeserver URL).
# Right now, Heisenbridge is still generating URLs like `{media_url}/_matrix/media/v3/download/DOMAIN/FILE_ID/FILE_NAME`,
# so pointing `media_url` to the homeserver is a good fit.
# matrix_heisenbridge_config_media_url: "{{ matrix_heisenbridge_scheme }}://{{ matrix_heisenbridge_hostname }}{{ matrix_heisenbridge_path_prefix }}"
matrix_heisenbridge_config_media_url: "{{ matrix_heisenbridge_scheme }}://{{ matrix_heisenbridge_hostname }}"
# This matches the hardcoded `DEFAULT_MEDIA_PATH` in Heisenbridge, but uses `matrix_heisenbridge_path_prefix` as the path prefix.
# See: https://github.com/hifi/heisenbridge/blob/7e18a5818f4a8c86cc62e474eee1631d16cb2602/heisenbridge/__main__.py#L66
matrix_heisenbridge_config_media_path: "{{ matrix_heisenbridge_container_labels_traefik_media_path_prefix }}/{server}/{media_id}/{checksum}{filename}"
matrix_heisenbridge_config_media_key: "{{ matrix_heisenbridge_homeserver_token }}"
matrix_heisenbridge_config_displayname: "Heisenbridge"
matrix_heisenbridge_registration_yaml_heisenbridge:
media_url: "{{ matrix_heisenbridge_config_media_url }}"
media_path: "{{ matrix_heisenbridge_config_media_path }}"
media_key: "{{ matrix_heisenbridge_config_media_key }}"
displayname: "{{ matrix_heisenbridge_config_displayname }}"

1
roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml
View File

@ -44,6 +44,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_heisenbridge_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-heisenbridge.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml
View File

@ -112,6 +112,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_hookshot_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure mautrix-hookshot support files installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml
View File

@ -98,6 +98,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_discord_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-discord.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
View File

@ -128,6 +128,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_facebook_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-facebook.service installed
ansible.builtin.template:

23
roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
View File

@ -9,7 +9,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma
matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages
matrix_mautrix_gmessages_version: v0.4.3
matrix_mautrix_gmessages_version: v0.5.0
# See: https://mau.dev/mautrix/gmessages/container_registry
matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_name_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}"
@ -25,6 +25,12 @@ matrix_mautrix_gmessages_homeserver_address: ""
matrix_mautrix_gmessages_homeserver_domain: "{{ matrix_domain }}"
matrix_mautrix_gmessages_appservice_address: "http://matrix-mautrix-gmessages:8080"
matrix_mautrix_gmessages_backfill_enabled: true
matrix_mautrix_gmessages_backfill_max_initial_messages: 50
matrix_mautrix_gmessages_backfill_max_catchup_messages: 500
matrix_mautrix_gmessages_backfill_unread_hours_threshold: 720
matrix_mautrix_gmessages_backfill_threads_max_initial_messages: 50
matrix_mautrix_gmessages_command_prefix: "!gm"
matrix_mautrix_gmessages_container_network: ""
@ -132,18 +138,23 @@ matrix_mautrix_gmessages_appservice_database_uri: "{{
}[matrix_mautrix_gmessages_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth) or Appservice Double Puppet.
matrix_mautrix_gmessages_login_shared_secret: ''
matrix_mautrix_gmessages_bridge_login_shared_secret_map:
"{{ {matrix_mautrix_gmessages_homeserver_domain: matrix_mautrix_gmessages_login_shared_secret} if matrix_mautrix_gmessages_login_shared_secret else {} }}"
matrix_mautrix_gmessages_double_puppet_secrets: "{{ matrix_mautrix_gmessages_double_puppet_secrets_auto | combine(matrix_mautrix_gmessages_double_puppet_secrets_custom) }}"
matrix_mautrix_gmessages_double_puppet_secrets_auto: {}
matrix_mautrix_gmessages_double_puppet_secrets_custom: {}
# Enable End-to-bridge encryption
matrix_mautrix_gmessages_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
matrix_mautrix_gmessages_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}"
matrix_mautrix_gmessages_bridge_encryption_require: false
matrix_mautrix_gmessages_bridge_encryption_appservice: false
matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_gmessages_bridge_encryption_allow }}"
matrix_mautrix_gmessages_network_displayname_template: "{% raw %}{{or .FullName .PhoneNumber}}{% endraw %}"
matrix_mautrix_gmessages_appservice_username_template: "{% raw %}gmessages_{{.}}{% endraw %}"
matrix_mautrix_gmessages_public_media_signing_key: ''
matrix_mautrix_gmessages_bridge_personal_filtering_spaces: true
matrix_mautrix_gmessages_bridge_mute_bridging: true
matrix_mautrix_gmessages_bridge_permissions: |
{{

1
roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml
View File

@ -147,6 +147,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_gmessages_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-gmessages.service restarted, if necessary
ansible.builtin.service:

3
roles/custom/matrix-bridge-mautrix-gmessages/tasks/validate_config.yml
View File

@ -22,3 +22,6 @@
when: "item.old in vars"
with_items:
- {'old': 'matrix_mautrix_gmessages_log_level', 'new': 'matrix_mautrix_gmessages_logging_level'}
- {'old': 'matrix_mautrix_gmessages_bridge_mute_bridging', 'new': '<removed>'}
- {'old': 'matrix_mautrix_gmessages_login_shared_secret', 'new': '<removed>'}
- {'old': 'matrix_mautrix_gmessages_bridge_login_shared_secret_map', 'new': 'matrix_mautrix_gmessages_double_puppet_secrets_custom'}

588
roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2
View File

@ -1,20 +1,172 @@
#jinja2: lstrip_blocks: "True"
# Network-specific config options
network:
# Displayname template for SMS users.
# {% raw %}{{.FullName}}{% endraw %} - Full name provided by the phone
# {% raw %}{{.FirstName}}{% endraw %} - First name provided by the phone
# {% raw %}{{.PhoneNumber}}{% endraw %} - Formatted phone number provided by the phone
displayname_template: {{ matrix_mautrix_gmessages_network_displayname_template | to_json }}
# Settings for how the bridge appears to the phone.
device_meta:
# OS name to tell the phone. This is the name that shows up in the paired devices list.
os: mautrix-gmessages
# Browser type to tell the phone. This decides which icon is shown.
# Valid types: OTHER, CHROME, FIREFOX, SAFARI, OPERA, IE, EDGE
browser: OTHER
# Device type to tell the phone. This also affects the icon, as well as how many sessions are allowed simultaneously.
# One web, two tablets and one PWA should be able to connect at the same time.
# Valid types: WEB, TABLET, PWA
type: TABLET
# Should the bridge aggressively set itself as the active device if the user opens Google Messages in a browser?
# If this is disabled, the user must manually use the `set-active` command to reactivate the bridge.
aggressive_reconnect: false
# Number of chats to sync when connecting to Google Messages.
initial_chat_sync_count: 25
# Config options that affect the central bridge module.
bridge:
# The prefix for commands. Only required in non-management rooms.
command_prefix: '!gm'
# Should the bridge create a space for each login containing the rooms that account is in?
personal_filtering_spaces: {{ matrix_mautrix_gmessages_bridge_personal_filtering_spaces | to_json }}
# Whether the bridge should set names and avatars explicitly for DM portals.
# This is only necessary when using clients that don't support MSC4171.
private_chat_portal_meta: false
# Should events be handled asynchronously within portal rooms?
# If true, events may end up being out of order, but slow events won't block other ones.
async_events: false
# Should every user have their own portals rather than sharing them?
# By default, users who are in the same group on the remote network will be
# in the same Matrix room bridged to that group. If this is set to true,
# every user will get their own Matrix room instead.
split_portals: false
# Should the bridge resend `m.bridge` events to all portals on startup?
resend_bridge_info: false
# Should leaving Matrix rooms be bridged as leaving groups on the remote network?
bridge_matrix_leave: false
# Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority.
# Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone.
tag_only_on_create: true
# Should room mute status only be synced when creating the portal?
# Like tags, mutes can't currently be synced back to the remote network.
mute_only_on_create: true
# What should be done to portal rooms when a user logs out or is logged out?
# Permitted values:
# nothing - Do nothing, let the user stay in the portals
# kick - Remove the user from the portal rooms, but don't delete them
# unbridge - Remove all ghosts in the room and disassociate it from the remote chat
# delete - Remove all ghosts and users from the room (i.e. delete it)
cleanup_on_logout:
# Should cleanup on logout be enabled at all?
enabled: false
# Settings for manual logouts (explicitly initiated by the Matrix user)
manual:
# Action for private portals which will never be shared with other Matrix users.
private: nothing
# Action for portals with a relay user configured.
relayed: nothing
# Action for portals which may be shared, but don't currently have any other Matrix users.
shared_no_users: nothing
# Action for portals which have other logged-in Matrix users.
shared_has_users: nothing
# Settings for credentials being invalidated (initiated by the remote network, possibly through user action).
# Keys have the same meanings as in the manual section.
bad_credentials:
private: nothing
relayed: nothing
shared_no_users: nothing
shared_has_users: nothing
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, the set-relay command can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: false
# Should only admins be allowed to set themselves as relay users?
# If true, non-admins can only set users listed in default_relays as relays in a room.
admin_only: true
# List of user login IDs which anyone can set as a relay, as long as the relay user is in the room.
default_relays: []
# The formats to use when sending messages via the relaybot.
# Available variables:
# .Sender.UserID - The Matrix user ID of the sender.
# .Sender.Displayname - The display name of the sender (if set).
# .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room.
# .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set,
# plus the user ID in parentheses if the displayname is not unique.
# If the displayname is not set, this is just the user ID.
# .Message - The `formatted_body` field of the message.
# .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string.
# .FileName - The name of the file being sent.
message_formats:
m.text: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}{% endraw %}"
m.notice: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}{% endraw %}"
m.emote: "{% raw %}* <b>{{ .Sender.DisambiguatedName }}</b> {{ .Message }}{% endraw %}"
m.file: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.image: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.audio: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.video: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.location: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
# For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names.
# This has all the Sender variables available under message_formats (but without the .Sender prefix).
# Note that you need to manually remove the displayname from message_formats above.
displayname_format: "{% raw %}{{ .DisambiguatedName }}{% endraw %}"
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# commands - Access to use commands in the bridge, but not login.
# user - Access to use the bridge with puppeting.
# admin - Full access, user level with some additional administration tools.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_gmessages_bridge_permissions|to_json }}
# Config for the bridge's database.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: postgres
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: {{ matrix_mautrix_gmessages_appservice_database_uri|to_json }}
# Maximum number of connections.
max_open_conns: 5
max_idle_conns: 1
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# Homeserver details.
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: {{ matrix_mautrix_gmessages_homeserver_address }}
# Local addresses without HTTPS are generally recommended when the bridge is running on the same machine,
# but https also works if they run on different machines.
address: {{ matrix_mautrix_gmessages_homeserver_address | to_json }}
# The domain of the homeserver (also known as server_name, used for MXIDs, etc).
domain: {{ matrix_mautrix_gmessages_homeserver_domain }}
domain: {{ matrix_mautrix_gmessages_homeserver_domain | to_json }}
# What software is the homeserver running?
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's google messages connection state changes.
# If set, the bridge will make POST requests to this URL whenever a user's remote network connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
status_endpoint:
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# If set, the bridge will make POST requests to this URL when processing a message from Matrix.
# It will make one request when receiving the message (step BRIDGE), one after decrypting if applicable
# (step DECRYPTED) and one after sending to the remote network (step REMOTE). Errors will also be reported.
# The bridge will use the appservice as_token to authorize requests.
message_send_checkpoint_endpoint:
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
async_media: false
@ -26,33 +178,19 @@ homeserver:
ping_interval_seconds: 0
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
# Changing these values requires regeneration of the registration (except when noted otherwise)
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_gmessages_appservice_address }}
# A public address that external services can use to reach this appservice.
# This value doesn't affect the registration file.
public_address: https://bridge.example.com
# The hostname and port where this appservice should listen.
# For Docker, you generally have to change the hostname to 0.0.0.0.
hostname: 0.0.0.0
port: 8080
# Database config.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: postgres
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: {{ matrix_mautrix_gmessages_appservice_database_uri|to_json }}
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# The unique ID of this appservice.
id: gmessages
# Appservice bot details.
@ -64,229 +202,223 @@ appservice:
displayname: Google Messages bridge bot
avatar: mxc://maunium.net/yGOdcrJcwqARZqdzbfuxfhzb
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# Whether to receive ephemeral events via appservice transactions.
ephemeral_events: true
# Should incoming events be handled asynchronously?
# This may be necessary for large public instances with lots of messages going through.
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
# This value doesn't affect the registration file.
async_transactions: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "{{ matrix_mautrix_gmessages_appservice_token }}"
hs_token: "{{ matrix_mautrix_gmessages_homeserver_token }}"
as_token: {{ matrix_mautrix_gmessages_appservice_token | to_json }}
hs_token: {{ matrix_mautrix_gmessages_homeserver_token | to_json }}
# Segment API key to track some events, like provisioning API login and encryption errors.
segment_key: null
# Optional user_id to use when sending Segment events. If null, defaults to using mxID.
segment_user_id: null
# Localpart template of MXIDs for remote users.
# {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the user.
username_template: {{ matrix_mautrix_gmessages_appservice_username_template | to_json }}
# Prometheus config.
metrics:
# Enable prometheus metrics?
enabled: {{ matrix_mautrix_gmessages_metrics_enabled | to_json }}
# IP and port where the metrics listener should be. The path is always /metrics
listen: 0.0.0.0:8001
google_messages:
# OS name to tell the phone. This is the name that shows up in the paired devices list.
os: mautrix-gmessages
# Browser type to tell the phone. This decides which icon is shown.
# Valid types: OTHER, CHROME, FIREFOX, SAFARI, OPERA, IE, EDGE
browser: OTHER
# Should the bridge aggressively set itself as the active device if the user opens Google Messages in a browser?
# If this is disabled, the user must manually use the `reconnect` command to reactivate the bridge.
aggressive_reconnect: false
# Bridge config
bridge:
# Localpart template of MXIDs for SMS users.
# {{ '{{.}}' }} is replaced with an identifier of the recipient.
username_template: "{{ 'gmessages_{{.}}' }}"
# Displayname template for SMS users.
# {{ '{{.FullName}}' }} - Full name provided by the phone
# {{ '{{.FirstName}}' }} - First name provided by the phone
# {{ '{{.PhoneNumber}}' }} - Formatted phone number provided by the phone
displayname_template: "{{ '{{or .FullName .PhoneNumber}}' }}"
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
personal_filtering_spaces: {{ matrix_mautrix_gmessages_bridge_personal_filtering_spaces | to_json }}
# Should the bridge send a read receipt from the bridge bot when a message has been sent to the phone?
delivery_receipts: false
# Config options that affect the Matrix connector of the bridge.
matrix:
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Whether the bridge should send a read receipt after successfully bridging a message.
delivery_receipts: false
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
message_error_notices: true
portal_message_buffer: 128
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
# Whether the bridge should update the m.direct account data event when double puppeting is enabled.
sync_direct_chat_list: false
# Number of chats to sync when connecting to Google Messages.
initial_chat_sync_count: 25
# Backfill settings
backfill:
# Number of messages to backfill in new chats.
initial_limit: 50
# Number of messages to backfill on startup if the last message ID in the chat sync doesn't match the last bridged message.
missed_limit: 100
# Whether created rooms should have federation enabled. If false, created portal rooms
# will never be federated. Changing this option requires recreating rooms.
federate_rooms: {{ matrix_mautrix_gmessages_federate_rooms | to_json }}
# The threshold as bytes after which the bridge should roundtrip uploads via the disk
# rather than keeping the whole file in memory.
upload_file_threshold: 5242880
# Servers to always allow double puppeting from
double_puppet_server_map:
"{{ matrix_mautrix_gmessages_homeserver_domain }}": {{ matrix_mautrix_gmessages_homeserver_address }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
# Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors.
analytics:
# API key to send with tracking requests. Tracking is disabled if this is null.
token: null
# Address to send tracking requests to.
url: https://api.segment.io/v1/track
# Optional user ID for tracking events. If null, defaults to using Matrix user ID.
user_id: null
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate" or null, a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: disable
# Whether to allow provisioning API requests to be authed using Matrix access tokens.
# This follows the same rules as double puppeting to determine which server to contact to check the token,
# which means that by default, it only works for users on the same server as the bridge.
allow_matrix_auth: true
# Enable debug API at /debug with provisioning authentication.
debug_endpoints: false
# Some networks require publicly accessible media download links (e.g. for user avatars when using Discord webhooks).
# These settings control whether the bridge will provide such public media access.
public_media:
# Should public media be enabled at all?
# The public_address field under the appservice section MUST be set when enabling public media.
enabled: false
# A key for signing public media URLs.
# If set to "generate", a random key will be generated.
signing_key: {{ matrix_mautrix_gmessages_public_media_signing_key | to_json }}
# Number of seconds that public media URLs are valid for.
# If set to 0, URLs will never expire.
expiry: 0
# Length of hash to use for public media URLs. Must be between 0 and 32.
hash_length: 32
# Settings for converting remote media to custom mxc:// URIs instead of reuploading.
# More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html
direct_media:
# Should custom mxc:// URIs be used instead of reuploading media?
enabled: false
# The server name to use for the custom mxc:// URIs.
# This server name will effectively be a real Matrix server, it just won't implement anything other than media.
# You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge.
server_name: media.example.com
# Optionally a custom .well-known response. This defaults to `server_name:443`
well_known_response:
# Optionally specify a custom prefix for the media ID part of the MXC URI.
media_id_prefix:
# If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916
# media download redirects if the requester supports it. Optionally, you can force redirects
# and not allow proxying at all by setting this to false.
# This option does nothing if the remote network does not support media downloads over HTTP.
allow_proxy: true
# Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file.
# This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them.
server_key: ""
# Settings for backfilling messages.
# Note that the exact way settings are applied depends on the network connector.
# See https://docs.mau.fi/bridges/general/backfill.html for more details.
backfill:
# Whether to do backfilling at all.
enabled: {{ matrix_mautrix_gmessages_backfill_enabled | to_json }}
# Maximum number of messages to backfill in empty rooms.
max_initial_messages: {{ matrix_mautrix_gmessages_backfill_max_initial_messages | to_json }}
# Maximum number of missed messages to backfill after bridge restarts.
max_catchup_messages: {{ matrix_mautrix_gmessages_backfill_max_catchup_messages | to_json }}
# If a backfilled chat is older than this number of hours,
# mark it as read even if it's unread on the remote network.
unread_hours_threshold: {{ matrix_mautrix_gmessages_backfill_unread_hours_threshold | to_json }}
# Settings for backfilling threads within other backfills.
threads:
# Maximum number of messages to backfill in a new thread.
max_initial_messages: {{ matrix_mautrix_gmessages_backfill_threads_max_initial_messages | to_json }}
# Settings for the backwards backfill queue. This only applies when connecting to
# Beeper as standard Matrix servers don't support inserting messages into history.
queue:
# Should the backfill queue be enabled?
enabled: false
# Number of messages to backfill in one batch.
batch_size: 100
# Delay between batches in seconds.
batch_delay: 20
# Maximum number of batches to backfill per portal.
# If set to -1, all available messages will be backfilled.
max_batches: -1
# Optional network-specific overrides for max batches.
# Interpretation of this field depends on the network connector.
max_batches_override: {}
# Settings for enabling double puppeting
double_puppet:
# Servers to always allow double puppeting from.
# This is only for other servers and should NOT contain the server the bridge is on.
servers: {}
# Whether to allow client API URL discovery for other servers. When using this option,
# users on other servers can use double puppeting even if their server URLs aren't
# explicitly added to the servers map above.
allow_discovery: false
# Shared secrets for automatic double puppeting.
# See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions.
secrets: {{ matrix_mautrix_gmessages_double_puppet_secrets | to_json }}
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Whether to enable encryption at all. If false, the bridge will not function in encrypted rooms.
allow: {{ matrix_mautrix_gmessages_bridge_encryption_allow | to_json }}
# Whether to force-enable encryption in all bridged rooms.
default: {{ matrix_mautrix_gmessages_bridge_encryption_default | to_json }}
# Whether to require all messages to be encrypted and drop any unencrypted messages.
require: {{ matrix_mautrix_gmessages_bridge_encryption_require | to_json }}
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: {{ matrix_mautrix_gmessages_bridge_encryption_appservice | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow | to_json }}
# Pickle key for encrypting encryption keys in the bridge database.
# If set to generate, a random key will be generated.
pickle_key: mautrix.bridge.e2ee
# Options for deleting megolm sessions from the bridge.
delete_keys:
# Beeper-specific: delete outbound sessions when hungryserv confirms
# that the user has uploaded the key to key backup.
delete_outbound_on_ack: false
# Don't store outbound sessions in the inbound table.
dont_store_outbound: false
# Ratchet megolm sessions forward after decrypting messages.
ratchet_on_decrypt: false
# Delete fully used keys (index >= max_messages) after decrypting messages.
delete_fully_used_on_decrypt: false
# Delete previous megolm sessions from same device when receiving a new one.
delete_prev_on_new_session: false
# Delete megolm sessions received from a device when the device is deleted.
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret_map: {{ matrix_mautrix_gmessages_bridge_login_shared_secret_map|to_json }}
# Whether to explicitly set the avatar and room name for private chat portal rooms.
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
# If set to `always`, all DM rooms will have explicit names and avatars set.
# If set to `never`, DM rooms will never have names and avatars set.
private_chat_portal_meta: default
# Should Matrix m.notice-type messages be bridged?
bridge_notices: true
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it, except if the config file is not writable.
resend_bridge_info: false
# When using double puppeting, should muted chats be muted in Matrix?
mute_bridging: {{ matrix_mautrix_gmessages_bridge_mute_bridging | to_json }}
# When using double puppeting, should archived chats be moved to a specific tag in Matrix?
# This can be set to a tag (e.g. m.lowpriority), or null to disable.
archive_tag: null
# Same as above, but for pinned chats. The favorite tag is called m.favourite
pinned_tag: null
# Should mute status and tags only be bridged when the portal room is created?
tag_only_on_create: true
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: {{ matrix_mautrix_gmessages_federate_rooms|to_json }}
# Should the bridge never send alerts to the bridge management room?
# These are mostly things like the user being logged out.
disable_bridge_alerts: false
# Send captions in the same message as images. This will send data compatible with both MSC2530 and MSC3552.
# This is currently not supported in most clients.
caption_in_message: false
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!gm"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Google Messages bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: {{ matrix_mautrix_gmessages_bridge_encryption_allow|to_json }}
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: {{ matrix_mautrix_gmessages_bridge_encryption_default|to_json }}
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
appservice: false
# Require encryption, drop any unencrypted messages.
require: false
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow|to_json }}
# Options for deleting megolm sessions from the bridge.
delete_keys:
# Beeper-specific: delete outbound sessions when hungryserv confirms
# that the user has uploaded the key to key backup.
delete_outbound_on_ack: false
# Don't store outbound sessions in the inbound table.
dont_store_outbound: false
# Ratchet megolm sessions forward after decrypting messages.
ratchet_on_decrypt: false
# Delete fully used keys (index >= max_messages) after decrypting messages.
delete_fully_used_on_decrypt: false
# Delete previous megolm sessions from same device when receiving a new one.
delete_prev_on_new_session: false
# Delete megolm sessions received from a device when the device is deleted.
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from SMS to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to
# configure the m.room.encryption event content. See:
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
# more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is
# set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate", a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: generate
# Permissions for using the bridge.
# Permitted values:
# user - Access to use the bridge to link their own Google Messages on android.
# admin - User level and some additional administration tools
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_gmessages_bridge_permissions|to_json }}
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from the remote network to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to configure the m.room.encryption event content.
# See https://spec.matrix.org/v1.10/client-server-api/#mroomencryption for more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Logging config. See https://github.com/tulir/zeroconfig for details.
logging:
min_level: {{ matrix_mautrix_gmessages_logging_level }}
writers:
- type: stdout
format: pretty-colored
format: pretty

1
roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml
View File

@ -128,6 +128,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_googlechat_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-googlechat.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml
View File

@ -128,6 +128,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_hangouts_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-hangouts.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml
View File

@ -80,6 +80,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_instagram_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-instagram.service installed
ansible.builtin.template:

38
roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
View File

@ -13,7 +13,7 @@ matrix_mautrix_meta_instagram_enabled: true
matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_instagram_version: v0.3.2
matrix_mautrix_meta_instagram_version: v0.4.0
matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram"
matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config"
@ -194,10 +194,15 @@ matrix_mautrix_meta_instagram_bridge_displayname_suffix: |-
matrix_mautrix_meta_instagram_bridge_displayname_template: '{% raw %}{{or .DisplayName .Username "Unknown user"}}{% endraw %}{{ (" " ~ matrix_mautrix_meta_instagram_bridge_displayname_suffix) if matrix_mautrix_meta_instagram_bridge_displayname_suffix else "" }}'
# The prefix for commands. Only required in non-management rooms.
# If set to "default", will be determined based on meta -> mode (`matrix_mautrix_meta_instagram_meta_mode`):
# - "!ig" for instagram
# - "!fb" for facebook
matrix_mautrix_meta_instagram_bridge_command_prefix: default
matrix_mautrix_meta_instagram_bridge_command_prefix: |-
{{
({
'facebook': '!fb',
'facebook-tor': '!fb',
'messenger': '!fb',
'instagram': '!ig',
})[matrix_mautrix_meta_instagram_meta_mode]
}}
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
@ -214,9 +219,9 @@ matrix_mautrix_meta_instagram_bridge_encryption_allow_key_sharing: "{{ matrix_ma
matrix_mautrix_meta_instagram_bridge_encryption_appservice: false
matrix_mautrix_meta_instagram_bridge_encryption_require: false
matrix_mautrix_meta_instagram_bridge_login_shared_secret_map: "{{ matrix_mautrix_meta_instagram_bridge_login_shared_secret_map_auto | combine(matrix_mautrix_meta_instagram_bridge_login_shared_secret_map_custom) }}"
matrix_mautrix_meta_instagram_bridge_login_shared_secret_map_auto: {}
matrix_mautrix_meta_instagram_bridge_login_shared_secret_map_custom: {}
matrix_mautrix_meta_instagram_double_puppet_secrets: "{{ matrix_mautrix_meta_instagram_double_puppet_secrets_auto | combine(matrix_mautrix_meta_instagram_double_puppet_secrets_custom) }}"
matrix_mautrix_meta_instagram_double_puppet_secrets_auto: {}
matrix_mautrix_meta_instagram_double_puppet_secrets_custom: {}
matrix_mautrix_meta_instagram_bridge_permissions: "{{ matrix_mautrix_meta_instagram_bridge_permissions_default | combine(matrix_mautrix_meta_instagram_bridge_permissions_custom) }}"
@ -231,16 +236,15 @@ matrix_mautrix_meta_instagram_bridge_permissions_custom: {}
# Enable bridge relay bot functionality
matrix_mautrix_meta_instagram_bridge_relay_enabled: "{{ matrix_bridges_relay_enabled }}"
matrix_mautrix_meta_instagram_bridge_relay_admin_only: true
matrix_mautrix_meta_instagram_bridge_relay_default_relays: []
matrix_mautrix_meta_instagram_bridge_management_room_text_welcome: |-
{{
({
'facebook': "Hello, I'm a Facebook bridge bot.",
'facebook-tor': "Hello, I'm a Facebook bridge bot which uses Tor.",
'messenger': "Hello, I'm a Messenger bridge bot.",
'instagram': "Hello, I'm an Instagram bridge bot.",
})[matrix_mautrix_meta_instagram_meta_mode]
}}
matrix_mautrix_meta_instagram_backfill_enabled: true
matrix_mautrix_meta_instagram_backfill_max_initial_messages: 50
matrix_mautrix_meta_instagram_backfill_max_catchup_messages: 500
matrix_mautrix_meta_instagram_backfill_unread_hours_threshold: 720
matrix_mautrix_meta_instagram_backfill_threads_max_initial_messages: 50
matrix_mautrix_meta_instagram_public_media_signing_key: ''
# Specifies the default log level.
# This bridge uses zerolog, so valid levels are: panic, fatal, error, warn, info, debug, trace

1
roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/install.yml
View File

@ -107,6 +107,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_meta_instagram_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure mautrix-meta-instagram.service installed
ansible.builtin.template:

2
roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/validate_config.yml
View File

@ -23,3 +23,5 @@
when: "item.old in vars"
with_items:
- {'old': 'matrix_mautrix_meta_instagram_bridge_login_shared_secret', 'new': '<removed>'}
- {'old': 'matrix_mautrix_meta_instagram_bridge_login_shared_secret_map_custom', 'new': '<superseded by matrix_mautrix_meta_instagram_double_puppet_secrets_custom>'}
- {'old': 'matrix_mautrix_meta_instagram_bridge_management_room_text_welcome', 'new': '<removed>'}

630
roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2
View File

@ -1,7 +1,168 @@
#jinja2: lstrip_blocks: "True"
# Network-specific config options
network:
# Which service is this bridge for? Available options:
# * unset - allow users to pick any service when logging in (except facebook-tor)
# * facebook - connect to FB Messenger via facebook.com
# * facebook-tor - connect to FB Messenger via facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion
# (note: does not currently proxy media downloads)
# * messenger - connect to FB Messenger via messenger.com (can be used with the facebook side deactivated)
# * instagram - connect to Instagram DMs via instagram.com
#
# Remember to change the appservice id, bot profile info, bridge username_template and management_room_text too.
mode: {{ matrix_mautrix_meta_instagram_meta_mode | to_json }}
# When in Instagram mode, should the bridge connect to WhatsApp servers for encrypted chats?
# In FB/Messenger mode encryption is always enabled, this option only affects Instagram mode.
ig_e2ee: {{ matrix_mautrix_meta_instagram_meta_ig_e2ee | to_json }}
# Displayname template for FB/IG users. Available variables:
# .DisplayName - The display name set by the user.
# .Username - The username set by the user.
# .ID - The internal user ID of the user.
displayname_template: {{ matrix_mautrix_meta_instagram_bridge_displayname_template | to_json }}
# Static proxy address (HTTP or SOCKS5) for connecting to Meta.
proxy:
# HTTP endpoint to request new proxy address from, for dynamically assigned proxies.
# The endpoint must return a JSON body with a string field called proxy_url.
get_proxy_from:
# Minimum interval between full reconnects in seconds, default is 1 hour
min_full_reconnect_interval_seconds: 3600
# Interval to force refresh the connection (full reconnect), default is 20 hours. Set 0 to disable force refreshes.
force_refresh_interval_seconds: 72000
# Disable fetching XMA media (reels, stories, etc) when backfilling.
disable_xma_backfill: true
# Disable fetching XMA media entirely.
disable_xma_always: false
# Config options that affect the central bridge module.
bridge:
# The prefix for commands. Only required in non-management rooms.
command_prefix: {{ matrix_mautrix_meta_instagram_bridge_command_prefix | to_json }}
# Should the bridge create a space for each login containing the rooms that account is in?
personal_filtering_spaces: {{ matrix_mautrix_meta_instagram_bridge_personal_filtering_spaces | to_json }}
# Whether the bridge should set names and avatars explicitly for DM portals.
# This is only necessary when using clients that don't support MSC4171.
private_chat_portal_meta: false
# Should events be handled asynchronously within portal rooms?
# If true, events may end up being out of order, but slow events won't block other ones.
async_events: false
# Should every user have their own portals rather than sharing them?
# By default, users who are in the same group on the remote network will be
# in the same Matrix room bridged to that group. If this is set to true,
# every user will get their own Matrix room instead.
split_portals: false
# Should the bridge resend `m.bridge` events to all portals on startup?
resend_bridge_info: false
# Should leaving Matrix rooms be bridged as leaving groups on the remote network?
bridge_matrix_leave: false
# Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority.
# Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone.
tag_only_on_create: true
# Should room mute status only be synced when creating the portal?
# Like tags, mutes can't currently be synced back to the remote network.
mute_only_on_create: true
# What should be done to portal rooms when a user logs out or is logged out?
# Permitted values:
# nothing - Do nothing, let the user stay in the portals
# kick - Remove the user from the portal rooms, but don't delete them
# unbridge - Remove all ghosts in the room and disassociate it from the remote chat
# delete - Remove all ghosts and users from the room (i.e. delete it)
cleanup_on_logout:
# Should cleanup on logout be enabled at all?
enabled: false
# Settings for manual logouts (explicitly initiated by the Matrix user)
manual:
# Action for private portals which will never be shared with other Matrix users.
private: nothing
# Action for portals with a relay user configured.
relayed: nothing
# Action for portals which may be shared, but don't currently have any other Matrix users.
shared_no_users: nothing
# Action for portals which have other logged-in Matrix users.
shared_has_users: nothing
# Settings for credentials being invalidated (initiated by the remote network, possibly through user action).
# Keys have the same meanings as in the manual section.
bad_credentials:
private: nothing
relayed: nothing
shared_no_users: nothing
shared_has_users: nothing
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, the set-relay command can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: {{ matrix_mautrix_meta_instagram_bridge_relay_enabled | to_json }}
# Should only admins be allowed to set themselves as relay users?
# If true, non-admins can only set users listed in default_relays as relays in a room.
admin_only: {{ matrix_mautrix_meta_instagram_bridge_relay_admin_only | to_json }}
# List of user login IDs which anyone can set as a relay, as long as the relay user is in the room.
default_relays: {{ matrix_mautrix_meta_instagram_bridge_relay_default_relays | to_json }}
# The formats to use when sending messages via the relaybot.
# Available variables:
# .Sender.UserID - The Matrix user ID of the sender.
# .Sender.Displayname - The display name of the sender (if set).
# .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room.
# .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set,
# plus the user ID in parentheses if the displayname is not unique.
# If the displayname is not set, this is just the user ID.
# .Message - The `formatted_body` field of the message.
# .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string.
# .FileName - The name of the file being sent.
message_formats:
m.text: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}{% endraw %}"
m.notice: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}{% endraw %}"
m.emote: "{% raw %}* <b>{{ .Sender.DisambiguatedName }}</b> {{ .Message }}{% endraw %}"
m.file: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.image: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.audio: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.video: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.location: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
# For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names.
# This has all the Sender variables available under message_formats (but without the .Sender prefix).
# Note that you need to manually remove the displayname from message_formats above.
displayname_format: "{% raw %}{{ .DisambiguatedName }}{% endraw %}"
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# commands - Access to use commands in the bridge, but not login.
# user - Access to use the bridge with puppeting.
# admin - Full access, user level with some additional administration tools.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_meta_instagram_bridge_permissions | to_json }}
# Config for the bridge's database.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: {{ matrix_mautrix_meta_instagram_appservice_database_type | to_json }}
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: {{ matrix_mautrix_meta_instagram_appservice_database_uri | to_json }}
# Maximum number of connections.
max_open_conns: 5
max_idle_conns: 1
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# Homeserver details.
homeserver:
# The address that this appservice can use to connect to the homeserver.
# Local addresses without HTTPS are generally recommended when the bridge is running on the same machine,
# but https also works if they run on different machines.
address: {{ matrix_mautrix_meta_instagram_homeserver_address | to_json }}
# The domain of the homeserver (also known as server_name, used for MXIDs, etc).
domain: {{ matrix_mautrix_meta_instagram_homeserver_domain | to_json }}
@ -10,11 +171,15 @@ homeserver:
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's meta connection state changes.
# If set, the bridge will make POST requests to this URL whenever a user's remote network connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
status_endpoint:
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# If set, the bridge will make POST requests to this URL when processing a message from Matrix.
# It will make one request when receiving the message (step BRIDGE), one after decrypting if applicable
# (step DECRYPTED) and one after sending to the remote network (step REMOTE). Errors will also be reported.
# The bridge will use the appservice as_token to authorize requests.
message_send_checkpoint_endpoint:
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
async_media: false
@ -26,33 +191,19 @@ homeserver:
ping_interval_seconds: 0
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
# Changing these values requires regeneration of the registration (except when noted otherwise)
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_meta_instagram_appservice_address | to_json }}
# A public address that external services can use to reach this appservice.
# This value doesn't affect the registration file.
public_address: https://bridge.example.com
# The hostname and port where this appservice should listen.
# For Docker, you generally have to change the hostname to 0.0.0.0.
hostname: 0.0.0.0
port: 29319
# Database config.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: {{ matrix_mautrix_meta_instagram_appservice_database_type | to_json }}
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: {{ matrix_mautrix_meta_instagram_appservice_database_uri | to_json }}
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# The unique ID of this appservice.
id: {{ matrix_mautrix_meta_instagram_appservice_id | to_json }}
# Appservice bot details.
@ -62,268 +213,225 @@ appservice:
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: {{ matrix_mautrix_meta_instagram_appservice_displayname | to_json }}
# You can use mxc://maunium.net/JxjlbZUlCPULEeHZSwleUXQv for an Instagram avatar,
# or mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak for Facebook Messenger
avatar: {{ matrix_mautrix_meta_instagram_appservice_avatar | to_json }}
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# Whether to receive ephemeral events via appservice transactions.
ephemeral_events: true
# Should incoming events be handled asynchronously?
# This may be necessary for large public instances with lots of messages going through.
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
# This value doesn't affect the registration file.
async_transactions: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: {{ matrix_mautrix_meta_instagram_appservice_token | to_json }}
hs_token: {{ matrix_mautrix_meta_instagram_homeserver_token | to_json }}
# Prometheus config.
metrics:
# Enable prometheus metrics?
enabled: {{ matrix_mautrix_meta_instagram_metrics_enabled | to_json }}
# IP and port where the metrics listener should be. The path is always /metrics
listen: "0.0.0.0.0:8000"
meta:
# Which service is this bridge for? Available options:
# * facebook - connect to FB Messenger via facebook.com
# * facebook-tor - connect to FB Messenger via facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion
# (note: does not currently proxy media downloads)
# * messenger - connect to FB Messenger via messenger.com (can be used with the facebook side deactivated)
# * instagram - connect to Instagram DMs via instagram.com
#
# Remember to change the appservice id, bot profile info, bridge username_template and management_room_text too.
mode: {{ matrix_mautrix_meta_instagram_meta_mode | to_json }}
# When in Instagram mode, should the bridge connect to WhatsApp servers for encrypted chats?
# In FB/Messenger mode encryption is always enabled, this option only affects Instagram mode.
ig_e2ee: {{ matrix_mautrix_meta_instagram_meta_ig_e2ee | to_json }}
# Static proxy address (HTTP or SOCKS5) for connecting to Meta.
proxy:
# HTTP endpoint to request new proxy address from, for dynamically assigned proxies.
# The endpoint must return a JSON body with a string field called proxy_url.
get_proxy_from:
# Bridge config
bridge:
# Localpart template of MXIDs for FB/IG users.
# {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the FB/IG user.
# Localpart template of MXIDs for remote users.
# {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the user.
username_template: {{ matrix_mautrix_meta_instagram_bridge_username_template | to_json }}
# Displayname template for FB/IG users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
# {% raw %}{{.DisplayName}}{% endraw %} - The display name set by the user.
# {% raw %}{{.Username}}{% endraw %} - The username set by the user.
# {% raw %}{{.ID}}{% endraw %} - The internal user ID of the user.
displayname_template: {{ matrix_mautrix_meta_instagram_bridge_displayname_template | to_json }}
# Whether to explicitly set the avatar and room name for private chat portal rooms.
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
# If set to `always`, all DM rooms will have explicit names and avatars set.
# If set to `never`, DM rooms will never have names and avatars set.
private_chat_portal_meta: default
portal_message_buffer: 128
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
# Users who logged in before turning this on should run `!meta sync-space` to create and fill the space for the first time.
personal_filtering_spaces: {{ matrix_mautrix_meta_instagram_bridge_personal_filtering_spaces | to_json }}
# Should Matrix m.notice-type messages be bridged?
bridge_notices: true
# Should the bridge send a read receipt from the bridge bot when a message has been sent to FB/IG?
delivery_receipts: false
# Config options that affect the Matrix connector of the bridge.
matrix:
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Whether the bridge should send a read receipt after successfully bridging a message.
delivery_receipts: false
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
message_error_notices: true
# Should the bridge never send alerts to the bridge management room?
# These are mostly things like the user being logged out.
disable_bridge_alerts: false
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic and is therefore prone to race conditions.
# Whether the bridge should update the m.direct account data event when double puppeting is enabled.
sync_direct_chat_list: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it, except if the config file is not writable.
resend_bridge_info: false
# Send captions in the same message as images. This will send data compatible with both MSC2530.
# This is currently not supported in most clients.
caption_in_message: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
# Whether created rooms should have federation enabled. If false, created portal rooms
# will never be federated. Changing this option requires recreating rooms.
federate_rooms: {{ matrix_mautrix_meta_instagram_bridge_federate_rooms | to_json }}
# Should mute status be bridged? Allowed options: always, on-create, never
mute_bridging: on-create
# Servers to always allow double puppeting from
double_puppet_server_map: {}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
# The threshold as bytes after which the bridge should roundtrip uploads via the disk
# rather than keeping the whole file in memory.
upload_file_threshold: 5242880
# Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors.
analytics:
# API key to send with tracking requests. Tracking is disabled if this is null.
token: null
# Address to send tracking requests to.
url: https://api.segment.io/v1/track
# Optional user ID for tracking events. If null, defaults to using Matrix user ID.
user_id: null
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate" or null, a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: disable
# Whether to allow provisioning API requests to be authed using Matrix access tokens.
# This follows the same rules as double puppeting to determine which server to contact to check the token,
# which means that by default, it only works for users on the same server as the bridge.
allow_matrix_auth: true
# Enable debug API at /debug with provisioning authentication.
debug_endpoints: false
# Some networks require publicly accessible media download links (e.g. for user avatars when using Discord webhooks).
# These settings control whether the bridge will provide such public media access.
public_media:
# Should public media be enabled at all?
# The public_address field under the appservice section MUST be set when enabling public media.
enabled: false
# A key for signing public media URLs.
# If set to "generate", a random key will be generated.
signing_key: {{ matrix_mautrix_meta_instagram_public_media_signing_key | to_json }}
# Number of seconds that public media URLs are valid for.
# If set to 0, URLs will never expire.
expiry: 0
# Length of hash to use for public media URLs. Must be between 0 and 32.
hash_length: 32
# Settings for converting remote media to custom mxc:// URIs instead of reuploading.
# More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html
direct_media:
# Should custom mxc:// URIs be used instead of reuploading media?
enabled: false
# The server name to use for the custom mxc:// URIs.
# This server name will effectively be a real Matrix server, it just won't implement anything other than media.
# You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge.
server_name: media.example.com
# Optionally a custom .well-known response. This defaults to `server_name:443`
well_known_response:
# Optionally specify a custom prefix for the media ID part of the MXC URI.
media_id_prefix:
# If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916
# media download redirects if the requester supports it. Optionally, you can force redirects
# and not allow proxying at all by setting this to false.
# This option does nothing if the remote network does not support media downloads over HTTP.
allow_proxy: true
# Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file.
# This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them.
server_key: ""
# Settings for backfilling messages.
# Note that the exact way settings are applied depends on the network connector.
# See https://docs.mau.fi/bridges/general/backfill.html for more details.
backfill:
# Whether to do backfilling at all.
enabled: {{ matrix_mautrix_meta_instagram_backfill_enabled | to_json }}
# Maximum number of messages to backfill in empty rooms.
max_initial_messages: {{ matrix_mautrix_meta_instagram_backfill_max_initial_messages | to_json}}
# Maximum number of missed messages to backfill after bridge restarts.
max_catchup_messages: {{ matrix_mautrix_meta_instagram_backfill_max_catchup_messages | to_json }}
# If a backfilled chat is older than this number of hours,
# mark it as read even if it's unread on the remote network.
unread_hours_threshold: {{ matrix_mautrix_meta_instagram_backfill_unread_hours_threshold | to_json }}
# Settings for backfilling threads within other backfills.
threads:
# Maximum number of messages to backfill in a new thread.
max_initial_messages: {{ matrix_mautrix_meta_instagram_backfill_threads_max_initial_messages | to_json }}
# Settings for the backwards backfill queue. This only applies when connecting to
# Beeper as standard Matrix servers don't support inserting messages into history.
queue:
# Should the backfill queue be enabled?
enabled: false
# Number of messages to backfill in one batch.
batch_size: 100
# Delay between batches in seconds.
batch_delay: 20
# Maximum number of batches to backfill per portal.
# If set to -1, all available messages will be backfilled.
max_batches: -1
# Optional network-specific overrides for max batches.
# Interpretation of this field depends on the network connector.
max_batches_override: {}
# Settings for enabling double puppeting
double_puppet:
# Servers to always allow double puppeting from.
# This is only for other servers and should NOT contain the server the bridge is on.
servers: {}
# Whether to allow client API URL discovery for other servers. When using this option,
# users on other servers can use double puppeting even if their server URLs aren't
# explicitly added to the servers map above.
allow_discovery: false
# Shared secrets for automatic double puppeting.
# See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions.
secrets: {{ matrix_mautrix_meta_instagram_double_puppet_secrets | to_json }}
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Whether to enable encryption at all. If false, the bridge will not function in encrypted rooms.
allow: {{ matrix_mautrix_meta_instagram_bridge_encryption_allow | to_json }}
# Whether to force-enable encryption in all bridged rooms.
default: {{ matrix_mautrix_meta_instagram_bridge_encryption_default | to_json }}
# Whether to require all messages to be encrypted and drop any unencrypted messages.
require: {{ matrix_mautrix_meta_instagram_bridge_encryption_require | to_json }}
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: {{ matrix_mautrix_meta_instagram_bridge_encryption_appservice | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_meta_instagram_bridge_encryption_allow_key_sharing | to_json }}
# Pickle key for encrypting encryption keys in the bridge database.
# If set to generate, a random key will be generated.
pickle_key: mautrix.bridge.e2ee
# Options for deleting megolm sessions from the bridge.
delete_keys:
# Beeper-specific: delete outbound sessions when hungryserv confirms
# that the user has uploaded the key to key backup.
delete_outbound_on_ack: false
# Don't store outbound sessions in the inbound table.
dont_store_outbound: false
# Ratchet megolm sessions forward after decrypting messages.
ratchet_on_decrypt: false
# Delete fully used keys (index >= max_messages) after decrypting messages.
delete_fully_used_on_decrypt: false
# Delete previous megolm sessions from same device when receiving a new one.
delete_prev_on_new_session: false
# Delete megolm sessions received from a device when the device is deleted.
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret_map: {{ matrix_mautrix_meta_instagram_bridge_login_shared_secret_map | to_json }}
# The prefix for commands. Only required in non-management rooms.
# If set to "default", will be determined based on meta -> mode, "!ig" for instagram and "!fb" for facebook
command_prefix: {{ matrix_mautrix_meta_instagram_bridge_command_prefix | to_json }}
backfill:
# If disabled, old messages will never be bridged.
enabled: true
# By default, Meta sends info about approximately 20 recent threads. If this is set to something else than 0,
# the bridge will request more threads on first login, until it reaches the specified number of pages
# or the end of the inbox.
inbox_fetch_pages: 0
# By default, Meta only sends one old message per thread. If this is set to a something else than 0,
# the bridge will delay handling the one automatically received message and request more messages to backfill.
# One page usually contains 20 messages. This can technically be set to -1 to fetch all messages,
# but that will block bridging messages until the entire backfill is completed.
history_fetch_pages: 0
# Same as above, but for catchup backfills (i.e. when the bridge is restarted).
catchup_fetch_pages: 5
# Maximum age of chats to leave as unread when backfilling. 0 means all chats can be left as unread.
# If non-zero, chats that are older than this will be marked as read, even if they're still unread on Meta.
unread_hours_threshold: 0
# Backfill queue settings. Only relevant for Beeper, because standard Matrix servers
# don't support inserting messages into room history.
queue:
# How many pages of messages to request in one go (without sleeping between requests)?
pages_at_once: 5
# Maximum number of pages to fetch. -1 to fetch all pages until the start of the chat.
max_pages: -1
# How long to sleep after fetching a bunch of pages ("bunch" defined by pages_at_once).
sleep_between_tasks: 20s
# Disable fetching XMA media (reels, stories, etc) when backfilling.
dont_fetch_xma: true
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: {{ matrix_mautrix_meta_instagram_bridge_management_room_text_welcome | to_json }}
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: {{ matrix_mautrix_meta_instagram_bridge_encryption_allow | to_json }}
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: {{ matrix_mautrix_meta_instagram_bridge_encryption_default | to_json }}
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
appservice: {{ matrix_mautrix_meta_instagram_bridge_encryption_appservice | to_json }}
# Require encryption, drop any unencrypted messages.
require: {{ matrix_mautrix_meta_instagram_bridge_encryption_require | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_meta_instagram_bridge_encryption_allow_key_sharing | to_json }}
# Options for deleting megolm sessions from the bridge.
delete_keys:
# Beeper-specific: delete outbound sessions when hungryserv confirms
# that the user has uploaded the key to key backup.
delete_outbound_on_ack: false
# Don't store outbound sessions in the inbound table.
dont_store_outbound: false
# Ratchet megolm sessions forward after decrypting messages.
ratchet_on_decrypt: false
# Delete fully used keys (index >= max_messages) after decrypting messages.
delete_fully_used_on_decrypt: false
# Delete previous megolm sessions from same device when receiving a new one.
delete_prev_on_new_session: false
# Delete megolm sessions received from a device when the device is deleted.
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from FB/IG to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to
# configure the m.room.encryption event content. See:
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
# more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is
# set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate", a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: disable
# Enable debug API at /debug with provisioning authentication.
debug_endpoints: false
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# user - Access to use the bridge to chat with a Meta account.
# admin - User level and some additional administration tools
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_meta_instagram_bridge_permissions | to_json }}
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: {{ matrix_mautrix_meta_instagram_bridge_relay_enabled | to_json }}
# Should only admins be allowed to set themselves as relay users?
admin_only: {{ matrix_mautrix_meta_instagram_bridge_relay_admin_only | to_json }}
# The formats to use when sending messages to Meta via the relaybot.
message_formats:
m.text: "{% raw %}{{ .Sender.Displayname }}: {{ .Message }}{% endraw %}"
m.notice: "{% raw %}{{ .Sender.Displayname }}: {{ .Message }}{% endraw %}"
m.emote: "{% raw %}* {{ .Sender.Displayname }} {{ .Message }}{% endraw %}"
m.file: "{% raw %}{{ .Sender.Displayname }} sent a file{% endraw %}"
m.image: "{% raw %}{{ .Sender.Displayname }} sent an image{% endraw %}"
m.audio: "{% raw %}{{ .Sender.Displayname }} sent an audio file{% endraw %}"
m.video: "{% raw %}{{ .Sender.Displayname }} sent a video{% endraw %}"
m.location: "{% raw %}{{ .Sender.Displayname }} sent a location{% endraw %}"
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from the remote network to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to configure the m.room.encryption event content.
# See https://spec.matrix.org/v1.10/client-server-api/#mroomencryption for more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Logging config. See https://github.com/tulir/zeroconfig for details.
logging:
min_level: {{ matrix_mautrix_meta_instagram_logging_min_level | to_json }}
writers:
- type: stdout
format: pretty
- type: stdout
format: pretty

38
roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
View File

@ -13,7 +13,7 @@ matrix_mautrix_meta_messenger_enabled: true
matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_messenger_version: v0.3.2
matrix_mautrix_meta_messenger_version: v0.4.0
matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger"
matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config"
@ -194,10 +194,15 @@ matrix_mautrix_meta_messenger_bridge_displayname_suffix: |-
matrix_mautrix_meta_messenger_bridge_displayname_template: '{% raw %}{{or .DisplayName .Username "Unknown user"}}{% endraw %}{{ (" " ~ matrix_mautrix_meta_messenger_bridge_displayname_suffix) if matrix_mautrix_meta_messenger_bridge_displayname_suffix else "" }}'
# The prefix for commands. Only required in non-management rooms.
# If set to "default", will be determined based on meta -> mode (`matrix_mautrix_meta_messenger_meta_mode`):
# - "!ig" for instagram
# - "!fb" for facebook
matrix_mautrix_meta_messenger_bridge_command_prefix: default
matrix_mautrix_meta_messenger_bridge_command_prefix: |-
{{
({
'facebook': '!fb',
'facebook-tor': '!fb',
'messenger': '!fb',
'instagram': '!ig',
})[matrix_mautrix_meta_messenger_meta_mode]
}}
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
@ -214,9 +219,9 @@ matrix_mautrix_meta_messenger_bridge_encryption_allow_key_sharing: "{{ matrix_ma
matrix_mautrix_meta_messenger_bridge_encryption_appservice: false
matrix_mautrix_meta_messenger_bridge_encryption_require: false
matrix_mautrix_meta_messenger_bridge_login_shared_secret_map: "{{ matrix_mautrix_meta_messenger_bridge_login_shared_secret_map_auto | combine(matrix_mautrix_meta_messenger_bridge_login_shared_secret_map_custom) }}"
matrix_mautrix_meta_messenger_bridge_login_shared_secret_map_auto: {}
matrix_mautrix_meta_messenger_bridge_login_shared_secret_map_custom: {}
matrix_mautrix_meta_messenger_double_puppet_secrets: "{{ matrix_mautrix_meta_messenger_double_puppet_secrets_auto | combine(matrix_mautrix_meta_messenger_double_puppet_secrets_custom) }}"
matrix_mautrix_meta_messenger_double_puppet_secrets_auto: {}
matrix_mautrix_meta_messenger_double_puppet_secrets_custom: {}
matrix_mautrix_meta_messenger_bridge_permissions: "{{ matrix_mautrix_meta_messenger_bridge_permissions_default | combine(matrix_mautrix_meta_messenger_bridge_permissions_custom) }}"
@ -231,16 +236,15 @@ matrix_mautrix_meta_messenger_bridge_permissions_custom: {}
# Enable bridge relay bot functionality
matrix_mautrix_meta_messenger_bridge_relay_enabled: "{{ matrix_bridges_relay_enabled }}"
matrix_mautrix_meta_messenger_bridge_relay_admin_only: true
matrix_mautrix_meta_messenger_bridge_relay_default_relays: []
matrix_mautrix_meta_messenger_bridge_management_room_text_welcome: |-
{{
({
'facebook': "Hello, I'm a Facebook bridge bot.",
'facebook-tor': "Hello, I'm a Facebook bridge bot which uses Tor.",
'messenger': "Hello, I'm a Messenger bridge bot.",
'instagram': "Hello, I'm an Instagram bridge bot.",
})[matrix_mautrix_meta_messenger_meta_mode]
}}
matrix_mautrix_meta_messenger_backfill_enabled: true
matrix_mautrix_meta_messenger_backfill_max_initial_messages: 50
matrix_mautrix_meta_messenger_backfill_max_catchup_messages: 500
matrix_mautrix_meta_messenger_backfill_unread_hours_threshold: 720
matrix_mautrix_meta_messenger_backfill_threads_max_initial_messages: 50
matrix_mautrix_meta_messenger_public_media_signing_key: ''
# Specifies the default log level.
# This bridge uses zerolog, so valid levels are: panic, fatal, error, warn, info, debug, trace

1
roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/install.yml
View File

@ -107,6 +107,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_meta_messenger_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure mautrix-meta-messenger.service installed
ansible.builtin.template:

2
roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/validate_config.yml
View File

@ -23,3 +23,5 @@
when: "item.old in vars"
with_items:
- {'old': 'matrix_mautrix_meta_messenger_bridge_login_shared_secret', 'new': '<removed>'}
- {'old': 'matrix_mautrix_meta_messenger_bridge_login_shared_secret_map_custom', 'new': '<superseded by matrix_mautrix_meta_messenger_double_puppet_secrets_custom>'}
- {'old': 'matrix_mautrix_meta_messenger_bridge_management_room_text_welcome', 'new': '<removed>'}

630
roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2
View File

@ -1,7 +1,168 @@
#jinja2: lstrip_blocks: "True"
# Network-specific config options
network:
# Which service is this bridge for? Available options:
# * unset - allow users to pick any service when logging in (except facebook-tor)
# * facebook - connect to FB Messenger via facebook.com
# * facebook-tor - connect to FB Messenger via facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion
# (note: does not currently proxy media downloads)
# * messenger - connect to FB Messenger via messenger.com (can be used with the facebook side deactivated)
# * instagram - connect to Instagram DMs via instagram.com
#
# Remember to change the appservice id, bot profile info, bridge username_template and management_room_text too.
mode: {{ matrix_mautrix_meta_messenger_meta_mode | to_json }}
# When in Instagram mode, should the bridge connect to WhatsApp servers for encrypted chats?
# In FB/Messenger mode encryption is always enabled, this option only affects Instagram mode.
ig_e2ee: {{ matrix_mautrix_meta_messenger_meta_ig_e2ee | to_json }}
# Displayname template for FB/IG users. Available variables:
# .DisplayName - The display name set by the user.
# .Username - The username set by the user.
# .ID - The internal user ID of the user.
displayname_template: {{ matrix_mautrix_meta_messenger_bridge_displayname_template | to_json }}
# Static proxy address (HTTP or SOCKS5) for connecting to Meta.
proxy:
# HTTP endpoint to request new proxy address from, for dynamically assigned proxies.
# The endpoint must return a JSON body with a string field called proxy_url.
get_proxy_from:
# Minimum interval between full reconnects in seconds, default is 1 hour
min_full_reconnect_interval_seconds: 3600
# Interval to force refresh the connection (full reconnect), default is 20 hours. Set 0 to disable force refreshes.
force_refresh_interval_seconds: 72000
# Disable fetching XMA media (reels, stories, etc) when backfilling.
disable_xma_backfill: true
# Disable fetching XMA media entirely.
disable_xma_always: false
# Config options that affect the central bridge module.
bridge:
# The prefix for commands. Only required in non-management rooms.
command_prefix: {{ matrix_mautrix_meta_messenger_bridge_command_prefix | to_json }}
# Should the bridge create a space for each login containing the rooms that account is in?
personal_filtering_spaces: {{ matrix_mautrix_meta_messenger_bridge_personal_filtering_spaces | to_json }}
# Whether the bridge should set names and avatars explicitly for DM portals.
# This is only necessary when using clients that don't support MSC4171.
private_chat_portal_meta: false
# Should events be handled asynchronously within portal rooms?
# If true, events may end up being out of order, but slow events won't block other ones.
async_events: false
# Should every user have their own portals rather than sharing them?
# By default, users who are in the same group on the remote network will be
# in the same Matrix room bridged to that group. If this is set to true,
# every user will get their own Matrix room instead.
split_portals: false
# Should the bridge resend `m.bridge` events to all portals on startup?
resend_bridge_info: false
# Should leaving Matrix rooms be bridged as leaving groups on the remote network?
bridge_matrix_leave: false
# Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority.
# Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone.
tag_only_on_create: true
# Should room mute status only be synced when creating the portal?
# Like tags, mutes can't currently be synced back to the remote network.
mute_only_on_create: true
# What should be done to portal rooms when a user logs out or is logged out?
# Permitted values:
# nothing - Do nothing, let the user stay in the portals
# kick - Remove the user from the portal rooms, but don't delete them
# unbridge - Remove all ghosts in the room and disassociate it from the remote chat
# delete - Remove all ghosts and users from the room (i.e. delete it)
cleanup_on_logout:
# Should cleanup on logout be enabled at all?
enabled: false
# Settings for manual logouts (explicitly initiated by the Matrix user)
manual:
# Action for private portals which will never be shared with other Matrix users.
private: nothing
# Action for portals with a relay user configured.
relayed: nothing
# Action for portals which may be shared, but don't currently have any other Matrix users.
shared_no_users: nothing
# Action for portals which have other logged-in Matrix users.
shared_has_users: nothing
# Settings for credentials being invalidated (initiated by the remote network, possibly through user action).
# Keys have the same meanings as in the manual section.
bad_credentials:
private: nothing
relayed: nothing
shared_no_users: nothing
shared_has_users: nothing
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, the set-relay command can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: {{ matrix_mautrix_meta_messenger_bridge_relay_enabled | to_json }}
# Should only admins be allowed to set themselves as relay users?
# If true, non-admins can only set users listed in default_relays as relays in a room.
admin_only: {{ matrix_mautrix_meta_messenger_bridge_relay_admin_only | to_json }}
# List of user login IDs which anyone can set as a relay, as long as the relay user is in the room.
default_relays: {{ matrix_mautrix_meta_messenger_bridge_relay_default_relays | to_json }}
# The formats to use when sending messages via the relaybot.
# Available variables:
# .Sender.UserID - The Matrix user ID of the sender.
# .Sender.Displayname - The display name of the sender (if set).
# .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room.
# .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set,
# plus the user ID in parentheses if the displayname is not unique.
# If the displayname is not set, this is just the user ID.
# .Message - The `formatted_body` field of the message.
# .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string.
# .FileName - The name of the file being sent.
message_formats:
m.text: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}{% endraw %}"
m.notice: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}{% endraw %}"
m.emote: "{% raw %}* <b>{{ .Sender.DisambiguatedName }}</b> {{ .Message }}{% endraw %}"
m.file: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.image: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.audio: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.video: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
m.location: "{% raw %}<b>{{ .Sender.DisambiguatedName }}</b> sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}{% endraw %}"
# For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names.
# This has all the Sender variables available under message_formats (but without the .Sender prefix).
# Note that you need to manually remove the displayname from message_formats above.
displayname_format: "{% raw %}{{ .DisambiguatedName }}{% endraw %}"
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# commands - Access to use commands in the bridge, but not login.
# user - Access to use the bridge with puppeting.
# admin - Full access, user level with some additional administration tools.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_meta_messenger_bridge_permissions | to_json }}
# Config for the bridge's database.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: {{ matrix_mautrix_meta_messenger_appservice_database_type | to_json }}
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: {{ matrix_mautrix_meta_messenger_appservice_database_uri | to_json }}
# Maximum number of connections.
max_open_conns: 5
max_idle_conns: 1
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# Homeserver details.
homeserver:
# The address that this appservice can use to connect to the homeserver.
# Local addresses without HTTPS are generally recommended when the bridge is running on the same machine,
# but https also works if they run on different machines.
address: {{ matrix_mautrix_meta_messenger_homeserver_address | to_json }}
# The domain of the homeserver (also known as server_name, used for MXIDs, etc).
domain: {{ matrix_mautrix_meta_messenger_homeserver_domain | to_json }}
@ -10,11 +171,15 @@ homeserver:
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
software: standard
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's meta connection state changes.
# If set, the bridge will make POST requests to this URL whenever a user's remote network connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
status_endpoint:
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# If set, the bridge will make POST requests to this URL when processing a message from Matrix.
# It will make one request when receiving the message (step BRIDGE), one after decrypting if applicable
# (step DECRYPTED) and one after sending to the remote network (step REMOTE). Errors will also be reported.
# The bridge will use the appservice as_token to authorize requests.
message_send_checkpoint_endpoint:
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
async_media: false
@ -26,33 +191,19 @@ homeserver:
ping_interval_seconds: 0
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
# Changing these values requires regeneration of the registration (except when noted otherwise)
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_meta_messenger_appservice_address | to_json }}
# A public address that external services can use to reach this appservice.
# This value doesn't affect the registration file.
public_address: https://bridge.example.com
# The hostname and port where this appservice should listen.
# For Docker, you generally have to change the hostname to 0.0.0.0.
hostname: 0.0.0.0
port: 29319
# Database config.
database:
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
type: {{ matrix_mautrix_meta_messenger_appservice_database_type | to_json }}
# The database URI.
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
# https://github.com/mattn/go-sqlite3#connection-string
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
uri: {{ matrix_mautrix_meta_messenger_appservice_database_uri | to_json }}
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
# Parsed with https://pkg.go.dev/time#ParseDuration
max_conn_idle_time: null
max_conn_lifetime: null
# The unique ID of this appservice.
id: {{ matrix_mautrix_meta_messenger_appservice_id | to_json }}
# Appservice bot details.
@ -62,268 +213,225 @@ appservice:
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: {{ matrix_mautrix_meta_messenger_appservice_displayname | to_json }}
# You can use mxc://maunium.net/JxjlbZUlCPULEeHZSwleUXQv for an Instagram avatar,
# or mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak for Facebook Messenger
avatar: {{ matrix_mautrix_meta_messenger_appservice_avatar | to_json }}
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# Whether to receive ephemeral events via appservice transactions.
ephemeral_events: true
# Should incoming events be handled asynchronously?
# This may be necessary for large public instances with lots of messages going through.
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
# This value doesn't affect the registration file.
async_transactions: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: {{ matrix_mautrix_meta_messenger_appservice_token | to_json }}
hs_token: {{ matrix_mautrix_meta_messenger_homeserver_token | to_json }}
# Prometheus config.
metrics:
# Enable prometheus metrics?
enabled: {{ matrix_mautrix_meta_messenger_metrics_enabled | to_json }}
# IP and port where the metrics listener should be. The path is always /metrics
listen: "0.0.0.0.0:8000"
meta:
# Which service is this bridge for? Available options:
# * facebook - connect to FB Messenger via facebook.com
# * facebook-tor - connect to FB Messenger via facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion
# (note: does not currently proxy media downloads)
# * messenger - connect to FB Messenger via messenger.com (can be used with the facebook side deactivated)
# * instagram - connect to Instagram DMs via instagram.com
#
# Remember to change the appservice id, bot profile info, bridge username_template and management_room_text too.
mode: {{ matrix_mautrix_meta_messenger_meta_mode | to_json }}
# When in Instagram mode, should the bridge connect to WhatsApp servers for encrypted chats?
# In FB/Messenger mode encryption is always enabled, this option only affects Instagram mode.
ig_e2ee: {{ matrix_mautrix_meta_messenger_meta_ig_e2ee | to_json }}
# Static proxy address (HTTP or SOCKS5) for connecting to Meta.
proxy:
# HTTP endpoint to request new proxy address from, for dynamically assigned proxies.
# The endpoint must return a JSON body with a string field called proxy_url.
get_proxy_from:
# Bridge config
bridge:
# Localpart template of MXIDs for FB/IG users.
# {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the FB/IG user.
# Localpart template of MXIDs for remote users.
# {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the user.
username_template: {{ matrix_mautrix_meta_messenger_bridge_username_template | to_json }}
# Displayname template for FB/IG users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
# {% raw %}{{.DisplayName}}{% endraw %} - The display name set by the user.
# {% raw %}{{.Username}}{% endraw %} - The username set by the user.
# {% raw %}{{.ID}}{% endraw %} - The internal user ID of the user.
displayname_template: {{ matrix_mautrix_meta_messenger_bridge_displayname_template | to_json }}
# Whether to explicitly set the avatar and room name for private chat portal rooms.
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
# If set to `always`, all DM rooms will have explicit names and avatars set.
# If set to `never`, DM rooms will never have names and avatars set.
private_chat_portal_meta: default
portal_message_buffer: 128
# Should the bridge create a space for each logged-in user and add bridged rooms to it?
# Users who logged in before turning this on should run `!meta sync-space` to create and fill the space for the first time.
personal_filtering_spaces: {{ matrix_mautrix_meta_messenger_bridge_personal_filtering_spaces | to_json }}
# Should Matrix m.notice-type messages be bridged?
bridge_notices: true
# Should the bridge send a read receipt from the bridge bot when a message has been sent to FB/IG?
delivery_receipts: false
# Config options that affect the Matrix connector of the bridge.
matrix:
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
message_status_events: false
# Whether the bridge should send a read receipt after successfully bridging a message.
delivery_receipts: false
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
message_error_notices: true
# Should the bridge never send alerts to the bridge management room?
# These are mostly things like the user being logged out.
disable_bridge_alerts: false
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic and is therefore prone to race conditions.
# Whether the bridge should update the m.direct account data event when double puppeting is enabled.
sync_direct_chat_list: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it, except if the config file is not writable.
resend_bridge_info: false
# Send captions in the same message as images. This will send data compatible with both MSC2530.
# This is currently not supported in most clients.
caption_in_message: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
# Whether created rooms should have federation enabled. If false, created portal rooms
# will never be federated. Changing this option requires recreating rooms.
federate_rooms: {{ matrix_mautrix_meta_messenger_bridge_federate_rooms | to_json }}
# Should mute status be bridged? Allowed options: always, on-create, never
mute_bridging: on-create
# Servers to always allow double puppeting from
double_puppet_server_map: {}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
# The threshold as bytes after which the bridge should roundtrip uploads via the disk
# rather than keeping the whole file in memory.
upload_file_threshold: 5242880
# Segment-compatible analytics endpoint for tracking some events, like provisioning API login and encryption errors.
analytics:
# API key to send with tracking requests. Tracking is disabled if this is null.
token: null
# Address to send tracking requests to.
url: https://api.segment.io/v1/track
# Optional user ID for tracking events. If null, defaults to using Matrix user ID.
user_id: null
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate" or null, a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: disable
# Whether to allow provisioning API requests to be authed using Matrix access tokens.
# This follows the same rules as double puppeting to determine which server to contact to check the token,
# which means that by default, it only works for users on the same server as the bridge.
allow_matrix_auth: true
# Enable debug API at /debug with provisioning authentication.
debug_endpoints: false
# Some networks require publicly accessible media download links (e.g. for user avatars when using Discord webhooks).
# These settings control whether the bridge will provide such public media access.
public_media:
# Should public media be enabled at all?
# The public_address field under the appservice section MUST be set when enabling public media.
enabled: false
# A key for signing public media URLs.
# If set to "generate", a random key will be generated.
signing_key: {{ matrix_mautrix_meta_messenger_public_media_signing_key | to_json }}
# Number of seconds that public media URLs are valid for.
# If set to 0, URLs will never expire.
expiry: 0
# Length of hash to use for public media URLs. Must be between 0 and 32.
hash_length: 32
# Settings for converting remote media to custom mxc:// URIs instead of reuploading.
# More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html
direct_media:
# Should custom mxc:// URIs be used instead of reuploading media?
enabled: false
# The server name to use for the custom mxc:// URIs.
# This server name will effectively be a real Matrix server, it just won't implement anything other than media.
# You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge.
server_name: media.example.com
# Optionally a custom .well-known response. This defaults to `server_name:443`
well_known_response:
# Optionally specify a custom prefix for the media ID part of the MXC URI.
media_id_prefix:
# If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916
# media download redirects if the requester supports it. Optionally, you can force redirects
# and not allow proxying at all by setting this to false.
# This option does nothing if the remote network does not support media downloads over HTTP.
allow_proxy: true
# Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file.
# This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them.
server_key: ""
# Settings for backfilling messages.
# Note that the exact way settings are applied depends on the network connector.
# See https://docs.mau.fi/bridges/general/backfill.html for more details.
backfill:
# Whether to do backfilling at all.
enabled: {{ matrix_mautrix_meta_messenger_backfill_enabled | to_json }}
# Maximum number of messages to backfill in empty rooms.
max_initial_messages: {{ matrix_mautrix_meta_messenger_backfill_max_initial_messages | to_json}}
# Maximum number of missed messages to backfill after bridge restarts.
max_catchup_messages: {{ matrix_mautrix_meta_messenger_backfill_max_catchup_messages | to_json }}
# If a backfilled chat is older than this number of hours,
# mark it as read even if it's unread on the remote network.
unread_hours_threshold: {{ matrix_mautrix_meta_messenger_backfill_unread_hours_threshold | to_json }}
# Settings for backfilling threads within other backfills.
threads:
# Maximum number of messages to backfill in a new thread.
max_initial_messages: {{ matrix_mautrix_meta_messenger_backfill_threads_max_initial_messages | to_json }}
# Settings for the backwards backfill queue. This only applies when connecting to
# Beeper as standard Matrix servers don't support inserting messages into history.
queue:
# Should the backfill queue be enabled?
enabled: false
# Number of messages to backfill in one batch.
batch_size: 100
# Delay between batches in seconds.
batch_delay: 20
# Maximum number of batches to backfill per portal.
# If set to -1, all available messages will be backfilled.
max_batches: -1
# Optional network-specific overrides for max batches.
# Interpretation of this field depends on the network connector.
max_batches_override: {}
# Settings for enabling double puppeting
double_puppet:
# Servers to always allow double puppeting from.
# This is only for other servers and should NOT contain the server the bridge is on.
servers: {}
# Whether to allow client API URL discovery for other servers. When using this option,
# users on other servers can use double puppeting even if their server URLs aren't
# explicitly added to the servers map above.
allow_discovery: false
# Shared secrets for automatic double puppeting.
# See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions.
secrets: {{ matrix_mautrix_meta_messenger_double_puppet_secrets | to_json }}
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Whether to enable encryption at all. If false, the bridge will not function in encrypted rooms.
allow: {{ matrix_mautrix_meta_messenger_bridge_encryption_allow | to_json }}
# Whether to force-enable encryption in all bridged rooms.
default: {{ matrix_mautrix_meta_messenger_bridge_encryption_default | to_json }}
# Whether to require all messages to be encrypted and drop any unencrypted messages.
require: {{ matrix_mautrix_meta_messenger_bridge_encryption_require | to_json }}
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: {{ matrix_mautrix_meta_messenger_bridge_encryption_appservice | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_meta_messenger_bridge_encryption_allow_key_sharing | to_json }}
# Pickle key for encrypting encryption keys in the bridge database.
# If set to generate, a random key will be generated.
pickle_key: mautrix.bridge.e2ee
# Options for deleting megolm sessions from the bridge.
delete_keys:
# Beeper-specific: delete outbound sessions when hungryserv confirms
# that the user has uploaded the key to key backup.
delete_outbound_on_ack: false
# Don't store outbound sessions in the inbound table.
dont_store_outbound: false
# Ratchet megolm sessions forward after decrypting messages.
ratchet_on_decrypt: false
# Delete fully used keys (index >= max_messages) after decrypting messages.
delete_fully_used_on_decrypt: false
# Delete previous megolm sessions from same device when receiving a new one.
delete_prev_on_new_session: false
# Delete megolm sessions received from a device when the device is deleted.
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret_map: {{ matrix_mautrix_meta_messenger_bridge_login_shared_secret_map | to_json }}
# The prefix for commands. Only required in non-management rooms.
# If set to "default", will be determined based on meta -> mode, "!ig" for instagram and "!fb" for facebook
command_prefix: {{ matrix_mautrix_meta_messenger_bridge_command_prefix | to_json }}
backfill:
# If disabled, old messages will never be bridged.
enabled: true
# By default, Meta sends info about approximately 20 recent threads. If this is set to something else than 0,
# the bridge will request more threads on first login, until it reaches the specified number of pages
# or the end of the inbox.
inbox_fetch_pages: 0
# By default, Meta only sends one old message per thread. If this is set to a something else than 0,
# the bridge will delay handling the one automatically received message and request more messages to backfill.
# One page usually contains 20 messages. This can technically be set to -1 to fetch all messages,
# but that will block bridging messages until the entire backfill is completed.
history_fetch_pages: 0
# Same as above, but for catchup backfills (i.e. when the bridge is restarted).
catchup_fetch_pages: 5
# Maximum age of chats to leave as unread when backfilling. 0 means all chats can be left as unread.
# If non-zero, chats that are older than this will be marked as read, even if they're still unread on Meta.
unread_hours_threshold: 0
# Backfill queue settings. Only relevant for Beeper, because standard Matrix servers
# don't support inserting messages into room history.
queue:
# How many pages of messages to request in one go (without sleeping between requests)?
pages_at_once: 5
# Maximum number of pages to fetch. -1 to fetch all pages until the start of the chat.
max_pages: -1
# How long to sleep after fetching a bunch of pages ("bunch" defined by pages_at_once).
sleep_between_tasks: 20s
# Disable fetching XMA media (reels, stories, etc) when backfilling.
dont_fetch_xma: true
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: {{ matrix_mautrix_meta_messenger_bridge_management_room_text_welcome | to_json }}
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: {{ matrix_mautrix_meta_messenger_bridge_encryption_allow | to_json }}
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: {{ matrix_mautrix_meta_messenger_bridge_encryption_default | to_json }}
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
appservice: {{ matrix_mautrix_meta_messenger_bridge_encryption_appservice | to_json }}
# Require encryption, drop any unencrypted messages.
require: {{ matrix_mautrix_meta_messenger_bridge_encryption_require | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_meta_messenger_bridge_encryption_allow_key_sharing | to_json }}
# Options for deleting megolm sessions from the bridge.
delete_keys:
# Beeper-specific: delete outbound sessions when hungryserv confirms
# that the user has uploaded the key to key backup.
delete_outbound_on_ack: false
# Don't store outbound sessions in the inbound table.
dont_store_outbound: false
# Ratchet megolm sessions forward after decrypting messages.
ratchet_on_decrypt: false
# Delete fully used keys (index >= max_messages) after decrypting messages.
delete_fully_used_on_decrypt: false
# Delete previous megolm sessions from same device when receiving a new one.
delete_prev_on_new_session: false
# Delete megolm sessions received from a device when the device is deleted.
delete_on_device_delete: false
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
periodically_delete_expired: false
# Delete inbound megolm sessions that don't have the received_at field used for
# automatic ratcheting and expired session deletion. This is meant as a migration
# to delete old keys prior to the bridge update.
delete_outdated_inbound: false
# What level of device verification should be required from users?
#
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from FB/IG to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to
# configure the m.room.encryption event content. See:
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
# more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is
# set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Settings for provisioning API
provisioning:
# Prefix for the provisioning API paths.
prefix: /_matrix/provision
# Shared secret for authentication. If set to "generate", a random secret will be generated,
# or if set to "disable", the provisioning API will be disabled.
shared_secret: disable
# Enable debug API at /debug with provisioning authentication.
debug_endpoints: false
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# user - Access to use the bridge to chat with a Meta account.
# admin - User level and some additional administration tools
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_meta_messenger_bridge_permissions | to_json }}
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: {{ matrix_mautrix_meta_messenger_bridge_relay_enabled | to_json }}
# Should only admins be allowed to set themselves as relay users?
admin_only: {{ matrix_mautrix_meta_messenger_bridge_relay_admin_only | to_json }}
# The formats to use when sending messages to Meta via the relaybot.
message_formats:
m.text: "{% raw %}{{ .Sender.Displayname }}: {{ .Message }}{% endraw %}"
m.notice: "{% raw %}{{ .Sender.Displayname }}: {{ .Message }}{% endraw %}"
m.emote: "{% raw %}* {{ .Sender.Displayname }} {{ .Message }}{% endraw %}"
m.file: "{% raw %}{{ .Sender.Displayname }} sent a file{% endraw %}"
m.image: "{% raw %}{{ .Sender.Displayname }} sent an image{% endraw %}"
m.audio: "{% raw %}{{ .Sender.Displayname }} sent an audio file{% endraw %}"
m.video: "{% raw %}{{ .Sender.Displayname }} sent a video{% endraw %}"
m.location: "{% raw %}{{ .Sender.Displayname }} sent a location{% endraw %}"
# Valid levels:
# unverified - Send keys to all device in the room.
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
# Note that creating user signatures from the bridge bot is not currently possible.
# verified - Require manual per-device verification
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
verification_levels:
# Minimum level for which the bridge should send keys to when bridging messages from the remote network to Matrix.
receive: unverified
# Minimum level that the bridge should accept for incoming Matrix messages.
send: unverified
# Minimum level that the bridge should require for accepting key requests.
share: cross-signed-tofu
# Options for Megolm room key rotation. These options allow you to configure the m.room.encryption event content.
# See https://spec.matrix.org/v1.10/client-server-api/#mroomencryption for more information about that event.
rotation:
# Enable custom Megolm room key rotation settings. Note that these
# settings will only apply to rooms created after this option is set.
enable_custom: false
# The maximum number of milliseconds a session should be used
# before changing it. The Matrix spec recommends 604800000 (a week)
# as the default.
milliseconds: 604800000
# The maximum number of messages that should be sent with a given a
# session before changing it. The Matrix spec recommends 100 as the
# default.
messages: 100
# Disable rotating keys when a user's devices change?
# You should not enable this option unless you understand all the implications.
disable_device_change_key_rotation: false
# Logging config. See https://github.com/tulir/zeroconfig for details.
logging:
min_level: {{ matrix_mautrix_meta_messenger_logging_min_level | to_json }}
writers:
- type: stdout
format: pretty
- type: stdout
format: pretty

8
roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
View File

@ -9,7 +9,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/
matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
matrix_mautrix_signal_version: v0.7.0
matrix_mautrix_signal_version: v0.7.1
# See: https://mau.dev/mautrix/signal/container_registry
matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}"
@ -100,6 +100,12 @@ matrix_mautrix_signal_logging_level: 'warn'
# If false, created portal rooms will never be federated.
matrix_mautrix_signal_federate_rooms: true
matrix_mautrix_signal_backfill_enabled: true
matrix_mautrix_signal_backfill_max_initial_messages: 50
matrix_mautrix_signal_backfill_max_catchup_messages: 500
matrix_mautrix_signal_backfill_unread_hours_threshold: 720
matrix_mautrix_signal_backfill_threads_max_initial_messages: 50
# Whether or not metrics endpoint should be enabled.
# Enabling them is usually enough for a local (in-container) Prometheus to consume them.
# If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_signal_metrics_proxying_enabled`.

1
roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml
View File

@ -141,6 +141,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_signal_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-signal.service installed
ansible.builtin.template:

10
roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2
View File

@ -280,18 +280,18 @@ direct_media:
# See https://docs.mau.fi/bridges/general/backfill.html for more details.
backfill:
# Whether to do backfilling at all.
enabled: false
enabled: {{ matrix_mautrix_signal_backfill_enabled | to_json }}
# Maximum number of messages to backfill in empty rooms.
max_initial_messages: 50
max_initial_messages: {{ matrix_mautrix_signal_backfill_max_initial_messages | to_json }}
# Maximum number of missed messages to backfill after bridge restarts.
max_catchup_messages: 500
max_catchup_messages: {{ matrix_mautrix_signal_backfill_max_catchup_messages | to_json }}
# If a backfilled chat is older than this number of hours,
# mark it as read even if it's unread on the remote network.
unread_hours_threshold: 720
unread_hours_threshold: {{ matrix_mautrix_signal_backfill_unread_hours_threshold| to_json }}
# Settings for backfilling threads within other backfills.
threads:
# Maximum number of messages to backfill in a new thread.
max_initial_messages: 50
max_initial_messages: {{ matrix_mautrix_signal_backfill_threads_max_initial_messages | to_json }}
# Settings for the backwards backfill queue. This only applies when connecting to
# Beeper as standard Matrix servers don't support inserting messages into history.
queue:

8
roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml
View File

@ -9,7 +9,7 @@ matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/s
matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/slack
matrix_mautrix_slack_version: v0.1.0
matrix_mautrix_slack_version: v0.1.1
# See: https://mau.dev/mautrix/slack/container_registry
matrix_mautrix_slack_docker_image: "{{ matrix_mautrix_slack_docker_image_name_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}"
matrix_mautrix_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_slack_container_image_self_build else 'dock.mau.dev/' }}"
@ -55,6 +55,12 @@ matrix_mautrix_slack_homeserver_token: ''
matrix_mautrix_slack_appservice_bot_username: slackbot
matrix_mautrix_slack_backfill_enabled: true
matrix_mautrix_slack_backfill_max_initial_messages: 50
matrix_mautrix_slack_backfill_max_catchup_messages: 500
matrix_mautrix_slack_backfill_unread_hours_threshold: 720
matrix_mautrix_slack_backfill_threads_max_initial_messages: 50
# Minimum severity of journal log messages.
# Options: debug, info, warn, error, fatal
matrix_mautrix_slack_logging_level: 'warn'

1
roles/custom/matrix-bridge-mautrix-slack/tasks/setup_install.yml
View File

@ -98,6 +98,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_slack_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-slack.service installed
ansible.builtin.template:

14
roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2
View File

@ -244,9 +244,7 @@ appservice:
hs_token: {{ matrix_mautrix_slack_homeserver_token | to_json }}
# Localpart template of MXIDs for remote users.
# {% raw %}
# {{.}} is replaced with the internal ID of the user.
# {% endraw %}
# {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the user.
username_template: "{% raw %}slack_{{.}}{% endraw %}"
# Config options that affect the Matrix connector of the bridge.
@ -319,18 +317,18 @@ direct_media:
# See https://docs.mau.fi/bridges/general/backfill.html for more details.
backfill:
# Whether to do backfilling at all.
enabled: false
enabled: {{ matrix_mautrix_slack_backfill_enabled | to_json }}
# Maximum number of messages to backfill in empty rooms.
max_initial_messages: 50
max_initial_messages: {{ matrix_mautrix_slack_backfill_max_initial_messages | to_json }}
# Maximum number of missed messages to backfill after bridge restarts.
max_catchup_messages: 500
max_catchup_messages: {{ matrix_mautrix_slack_backfill_max_catchup_messages | to_json }}
# If a backfilled chat is older than this number of hours,
# mark it as read even if it's unread on the remote network.
unread_hours_threshold: 720
unread_hours_threshold: {{ matrix_mautrix_slack_backfill_unread_hours_threshold| to_json }}
# Settings for backfilling threads within other backfills.
threads:
# Maximum number of messages to backfill in a new thread.
max_initial_messages: 50
max_initial_messages: {{ matrix_mautrix_slack_backfill_threads_max_initial_messages | to_json }}
# Settings for the backwards backfill queue. This only applies when connecting to
# Beeper as standard Matrix servers don't support inserting messages into history.
queue:

7
roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
View File

@ -1,10 +1,5 @@
# File : roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
# Author : Pierre (McFly) Marty <paq.marty@gmail.com>
# Date : 17.01.2024
# Last Modified Date: 17.01.2024
# Last Modified By : Pierre (McFly) Marty <paq.marty@gmail.com>
# -----
---
# mautrix-telegram is a Matrix <-> Telegram bridge
# Project source code URL: https://github.com/mautrix/telegram

1
roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml
View File

@ -153,6 +153,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_telegram_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-telegram.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml
View File

@ -82,6 +82,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_twitter_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-twitter.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
View File

@ -141,6 +141,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_whatsapp_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-whatsapp.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml
View File

@ -96,6 +96,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_wsproxy_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-wsproxy.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml
View File

@ -117,6 +117,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mx_puppet_discord_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mx-puppet-discord.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml
View File

@ -118,6 +118,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mx_puppet_groupme_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mx-puppet-groupme.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml
View File

@ -97,6 +97,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mx_puppet_instagram_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mx-puppet-instagram.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml
View File

@ -128,6 +128,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mx_puppet_slack_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mx-puppet-slack.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml
View File

@ -118,6 +118,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mx_puppet_steam_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mx-puppet-steam.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml
View File

@ -128,6 +128,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mx_puppet_twitter_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mx-puppet-twitter.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-sms/tasks/setup_install.yml
View File

@ -51,6 +51,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_sms_bridge_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-sms-bridge.service installed
ansible.builtin.template:

1
roles/custom/matrix-bridge-wechat/tasks/install.yml
View File

@ -113,6 +113,7 @@
community.general.docker_network:
name: "{{ matrix_wechat_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-wechat.service installed
ansible.builtin.template:

2
roles/custom/matrix-cactus-comments-client/defaults/main.yml
View File

@ -13,7 +13,7 @@ matrix_cactus_comments_client_public_path: "{{ matrix_cactus_comments_client_bas
matrix_cactus_comments_client_public_path_file_permissions: "0644"
# renovate: datasource=docker depName=joseluisq/static-web-server
matrix_cactus_comments_client_version: 2.32.2
matrix_cactus_comments_client_version: 2.33.0
matrix_cactus_comments_client_container_image: "{{ matrix_container_global_registry_prefix }}joseluisq/static-web-server:{{ matrix_cactus_comments_client_container_image_tag }}"
matrix_cactus_comments_client_container_image_tag: "{{ 'latest' if matrix_cactus_comments_client_version == 'latest' else (matrix_cactus_comments_client_version + '-alpine') }}"

1
roles/custom/matrix-cactus-comments-client/tasks/install.yml
View File

@ -76,6 +76,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_cactus_comments_client_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-cactus-comments-client.service installed
ansible.builtin.template:

2
roles/custom/matrix-client-cinny/defaults/main.yml
View File

@ -7,7 +7,7 @@ matrix_client_cinny_container_image_self_build: false
matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git"
# renovate: datasource=docker depName=ajbura/cinny
matrix_client_cinny_version: v4.1.0
matrix_client_cinny_version: v4.2.1
matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}"
matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}"

1
roles/custom/matrix-client-cinny/tasks/setup_install.yml
View File

@ -69,6 +69,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_client_cinny_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-client-cinny.service installed
ansible.builtin.template:

1
roles/custom/matrix-client-element/tasks/setup_install.yml
View File

@ -103,6 +103,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_client_element_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-client-element.service installed
ansible.builtin.template:

1
roles/custom/matrix-client-hydrogen/tasks/setup_install.yml
View File

@ -81,6 +81,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_client_hydrogen_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-client-hydrogen.service installed
ansible.builtin.template:

1
roles/custom/matrix-client-schildichat/tasks/setup_install.yml
View File

@ -102,6 +102,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_client_schildichat_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-client-schildichat.service installed
ansible.builtin.template:

1
roles/custom/matrix-conduit/tasks/setup_install.yml
View File

@ -39,6 +39,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_conduit_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure Conduit container image is pulled
community.docker.docker_image:

1
roles/custom/matrix-corporal/tasks/setup_install.yml
View File

@ -71,6 +71,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_corporal_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-corporal.service installed
ansible.builtin.template:

1
roles/custom/matrix-coturn/tasks/setup_install.yml
View File

@ -99,6 +99,7 @@
community.docker.docker_network:
name: "{{ matrix_coturn_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-coturn.service installed
ansible.builtin.template:

2
roles/custom/matrix-dendrite/defaults/main.yml
View File

@ -13,7 +13,7 @@ matrix_dendrite_docker_image_path: "matrixdotorg/dendrite-monolith"
matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}{{ matrix_dendrite_docker_image_path }}:{{ matrix_dendrite_docker_image_tag }}"
matrix_dendrite_docker_image_name_prefix: "{{ 'localhost/' if matrix_dendrite_container_image_self_build else matrix_container_global_registry_prefix }}"
# renovate: datasource=docker depName=matrixdotorg/dendrite-monolith
matrix_dendrite_docker_image_tag: "v0.13.7"
matrix_dendrite_docker_image_tag: "v0.13.8"
matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}"
matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite"

1
roles/custom/matrix-dendrite/tasks/setup_install.yml
View File

@ -112,6 +112,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_dendrite_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure Dendrite support files installed
ansible.builtin.template:

1
roles/custom/matrix-dimension/tasks/setup_install.yml
View File

@ -133,6 +133,7 @@
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_dimension_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-dimension.service installed
ansible.builtin.template:

Some files were not shown because too many files have changed in this diff Show More