mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-14 20:27:18 +01:00
Upgrade Hookshot (5.4.1 -> 6.0.1)
This commit is contained in:
parent
daf9418610
commit
119e78bc11
@ -25,9 +25,9 @@ Finally, run the playbook (see [installing](installing.md)).
|
|||||||
|
|
||||||
### End-to-bridge encryption
|
### End-to-bridge encryption
|
||||||
|
|
||||||
You can enable [experimental encryption](https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html) for Hookshot by adding `matrix_hookshot_experimental_encryption_enabled: true` to your configuration (`vars.yml`) and [executing the playbook](installing.md) again.
|
You can enable [encryption](https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html) for Hookshot by adding `matrix_hookshot_encryption_enabled: true` to your configuration (`vars.yml`) and [executing the playbook](installing.md) again.
|
||||||
|
|
||||||
Should the crypto store be corrupted, you can reset it by executing this Ansible playbook with the tag `reset-hookshot-encryption` added, for example `ansible-playbook -i inventory/hosts setup.yml -K --tags=reset-hookshot-encryption`.
|
Should the crypto store be corrupted, you can reset it by executing this Ansible playbook with the tag `reset-hookshot-encryption` added, for example `ansible-playbook -i inventory/hosts setup.yml --tags=reset-hookshot-encryption`.
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
|
@ -4403,7 +4403,7 @@ ntfy_visitor_request_limit_exempt_hosts_hostnames_auto: |
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
redis_enabled: "{{ not (keydb_enabled or valkey_enabled) and (matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_experimental_encryption_enabled)) }}"
|
redis_enabled: "{{ not (keydb_enabled or valkey_enabled) and (matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_encryption_enabled)) }}"
|
||||||
|
|
||||||
redis_identifier: matrix-redis
|
redis_identifier: matrix-redis
|
||||||
|
|
||||||
@ -4455,7 +4455,7 @@ keydb_arch: |-
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
valkey_enabled: "{{ matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_experimental_encryption_enabled) }}"
|
valkey_enabled: "{{ matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_encryption_enabled) }}"
|
||||||
|
|
||||||
valkey_identifier: matrix-valkey
|
valkey_identifier: matrix-valkey
|
||||||
|
|
||||||
|
@ -17,10 +17,10 @@ matrix_hookshot_container_additional_networks_auto: []
|
|||||||
matrix_hookshot_container_additional_networks_custom: []
|
matrix_hookshot_container_additional_networks_custom: []
|
||||||
|
|
||||||
# renovate: datasource=docker depName=halfshot/matrix-hookshot
|
# renovate: datasource=docker depName=halfshot/matrix-hookshot
|
||||||
matrix_hookshot_version: 5.4.1
|
matrix_hookshot_version: 6.0.1
|
||||||
|
|
||||||
matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
|
matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}matrix-org/matrix-hookshot:{{ matrix_hookshot_version }}"
|
||||||
matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}"
|
matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else 'ghcr.io/' }}"
|
||||||
matrix_hookshot_docker_image_force_pull: "{{ matrix_hookshot_docker_image.endswith(':latest') }}"
|
matrix_hookshot_docker_image_force_pull: "{{ matrix_hookshot_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_hookshot_base_path: "{{ matrix_base_data_path }}/hookshot"
|
matrix_hookshot_base_path: "{{ matrix_base_data_path }}/hookshot"
|
||||||
@ -46,17 +46,18 @@ matrix_hookshot_appservice_hostname: "{{ matrix_hookshot_public_hostname }}"
|
|||||||
matrix_hookshot_appservice_endpoint: "{{ matrix_hookshot_public_endpoint }}/_matrix/app"
|
matrix_hookshot_appservice_endpoint: "{{ matrix_hookshot_public_endpoint }}/_matrix/app"
|
||||||
|
|
||||||
# The variables below control the Redis cache parameters.
|
# The variables below control the Redis cache parameters.
|
||||||
# Using caching is required when experimental encryption is enabled (`matrix_hookshot_experimental_encryption_enabled`)
|
# Using caching is required when encryption is enabled (`matrix_hookshot_encryption_enabled`)
|
||||||
# but may also speed up Hookshot startup, etc.
|
# but may also speed up Hookshot startup, etc.
|
||||||
matrix_hookshot_cache_redis_host: ''
|
matrix_hookshot_cache_redis_host: ''
|
||||||
matrix_hookshot_cache_redis_port: "6379"
|
matrix_hookshot_cache_redis_port: "6379"
|
||||||
matrix_hookshot_cache_redisUri: "{{ ('redis://' + matrix_hookshot_cache_redis_host + ':' + matrix_hookshot_cache_redis_port) if matrix_hookshot_cache_redis_host else '' }}" # noqa var-naming
|
matrix_hookshot_cache_redisUri: "{{ ('redis://' + matrix_hookshot_cache_redis_host + ':' + matrix_hookshot_cache_redis_port) if matrix_hookshot_cache_redis_host else '' }}" # noqa var-naming
|
||||||
|
|
||||||
# Controls whether the experimental end-to-bridge encryption support is enabled.
|
# Controls whether the end-to-bridge encryption support is enabled.
|
||||||
# This requires that:
|
# This requires that:
|
||||||
# - support to also be enabled in the homeserver, see the documentation of Hookshot.
|
# - support to also be enabled in the homeserver, see the documentation of Hookshot.
|
||||||
# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables.
|
# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables.
|
||||||
matrix_hookshot_experimental_encryption_enabled: false
|
# See: https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html
|
||||||
|
matrix_hookshot_encryption_enabled: false
|
||||||
|
|
||||||
# Controls whether metrics are enabled in the bridge configuration.
|
# Controls whether metrics are enabled in the bridge configuration.
|
||||||
# Enabling them is usually enough for a local (in-container) Prometheus to consume them.
|
# Enabling them is usually enough for a local (in-container) Prometheus to consume them.
|
||||||
|
@ -31,6 +31,7 @@
|
|||||||
- {'old': 'matrix_hookshot_ident', 'new': 'matrix_hookshot_identifier'}
|
- {'old': 'matrix_hookshot_ident', 'new': 'matrix_hookshot_identifier'}
|
||||||
- {'old': 'matrix_hookshot_queue_host', 'new': 'matrix_hookshot_cache_redis_host'}
|
- {'old': 'matrix_hookshot_queue_host', 'new': 'matrix_hookshot_cache_redis_host'}
|
||||||
- {'old': 'matrix_hookshot_queue_port', 'new': 'matrix_hookshot_cache_redis_port'}
|
- {'old': 'matrix_hookshot_queue_port', 'new': 'matrix_hookshot_cache_redis_port'}
|
||||||
|
- {'old': 'matrix_hookshot_experimental_encryption_enabled', 'new': 'matrix_hookshot_encryption_enabled'}
|
||||||
|
|
||||||
- name: Fail if required Hookshot settings not defined
|
- name: Fail if required Hookshot settings not defined
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
@ -96,7 +97,7 @@
|
|||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: >-
|
msg: >-
|
||||||
You need to define a required configuration setting (`matrix_hookshot_cache_redis*`) to enable Hookshot encryption.
|
You need to define a required configuration setting (`matrix_hookshot_cache_redis*`) to enable Hookshot encryption.
|
||||||
when: "matrix_hookshot_experimental_encryption_enabled and matrix_hookshot_cache_redisUri == ''"
|
when: "matrix_hookshot_encryption_enabled and matrix_hookshot_cache_redisUri == ''"
|
||||||
|
|
||||||
- name: (Deprecation) Catch and report old metrics usage
|
- name: (Deprecation) Catch and report old metrics usage
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
|
@ -113,8 +113,8 @@ metrics:
|
|||||||
cache:
|
cache:
|
||||||
redisUri: {{ matrix_hookshot_cache_redisUri | to_json }}
|
redisUri: {{ matrix_hookshot_cache_redisUri | to_json }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if matrix_hookshot_experimental_encryption_enabled %}
|
{% if matrix_hookshot_encryption_enabled %}
|
||||||
experimentalEncryption:
|
encryption:
|
||||||
storagePath: /data/encryption
|
storagePath: /data/encryption
|
||||||
{% endif %}
|
{% endif %}
|
||||||
logging:
|
logging:
|
||||||
|
@ -29,8 +29,9 @@ sender_localpart: hookshot
|
|||||||
url: "http://{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}" # This should match the bridge.port in your config file
|
url: "http://{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}" # This should match the bridge.port in your config file
|
||||||
rate_limited: false
|
rate_limited: false
|
||||||
|
|
||||||
{% if matrix_hookshot_experimental_encryption_enabled %}
|
{% if matrix_hookshot_encryption_enabled %}
|
||||||
de.sorunome.msc2409.push_ephemeral: true
|
de.sorunome.msc2409.push_ephemeral: true
|
||||||
push_ephemeral: true
|
push_ephemeral: true
|
||||||
org.matrix.msc3202: true
|
org.matrix.msc3202: true
|
||||||
|
org.matrix.msc3202: true
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
Loading…
Reference in New Issue
Block a user