Merge pull request #1229 from wol-win/feature/signal_config

Feature/signal config
2024-11-06 02:37:31 +01:00 · 2021-08-18 09:42:46 +03:00 · 2021-08-18 09:42:46 +03:00 · 511a267b00
commit 511a267b00
parent 2c80e0bc89 5a828f36a6
3 changed files with 67 additions and 7 deletions
--- a/docs/configuring-playbook-bridge-mautrix-signal.md
+++ b/docs/configuring-playbook-bridge-mautrix-signal.md
@ -12,6 +12,51 @@ Use the following playbook configuration:
 matrix_mautrix_signal_enabled: true
 ```

+There are some additional things you may wish to configure about the bridge before you continue.
+
+The relay bot functionality is off by default. If you would like to enable the relay bot, add the following to your `vars.yml` file:
+```yaml
+matrix_mautrix_signal_relaybot_enabled: true
+```
+If you want to activate the relay bot in a room, use `!signal set-relay`.
+Use `!signal unset-relay` to deactivate.
+By default, any user on your homeserver will be able to use the bridge.
+If you enable the relay bot functionality, it will relay every user's messages in a portal room - no matter which homeserver they're from.
+
+Different levels of permission can be granted to users:
+
+* relay - Allowed to be relayed through the bridge, no access to commands;
+* user - Use the bridge with puppeting;
+* admin - Use and administer the bridge.
+
+The permissions are following the sequence: nothing < relay < user < admin.
+
+The default permissions are set as follows:
+```yaml
+permissions:
+  '*': relay
+  YOUR_DOMAIN: user
+```
+
+If you want to augment the preset permissions, you might want to set the additional permissions with the following settings in your `vars.yml` file:
+```yaml
+matrix_mautrix_signal_configuration_extension_yaml: |
+  bridge:
+    permissions:
+      '@YOUR_USERNAME:YOUR_DOMAIN': admin
+```
+
+This will add the admin permission to the specific user, while keepting the default permissions.
+
+In case you want to replace the default permissions settings **completely**, populate the following item within your `vars.yml` file:
+```yaml
+matrix_mautrix_signal_bridge_permissions: |
+  '@ADMIN:YOUR_DOMAIN': admin
+  '@USER:YOUR_DOMAIN' : user
+```
+
+You may wish to look at `roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure.
+
 ## Set up Double Puppeting

 If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-signal/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it.
--- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml
@ -70,14 +70,30 @@ matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
 matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}'

 matrix_mautrix_signal_appservice_database: "{{
- 	{
- 		'postgres': matrix_mautrix_signal_database_connection_string,
- 	}[matrix_mautrix_signal_database_engine]
+  {
+    'postgres': matrix_mautrix_signal_database_connection_string,
+  }[matrix_mautrix_signal_database_engine]
 }}"

 # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
 matrix_mautrix_signal_login_shared_secret: ''

+# Enable bridge relay bot functionality
+matrix_mautrix_signal_relaybot_enabled: false
+
+# Permissions for using the bridge.
+# Permitted values:
+#      relay - Allowed to be relayed through the bridge, no access to commands.
+#       user - Use the bridge with puppeting.
+#      admin - Use and administrate the bridge.
+# Permitted keys:
+#        * - All Matrix users
+#   domain - All users on that homeserver
+#     mxid - Specific user
+matrix_mautrix_signal_bridge_permissions: |
+  '*': relay
+  '{{ matrix_mautrix_signal_homeserver_domain }}': user
+
 # Default configuration template which covers the generic use case.
 # You can customize it by controlling the various variables inside it.
 #
--- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
+++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
@ -188,14 +188,13 @@ bridge:
    #        * - All Matrix users
    #   domain - All users on that homeserver
    #     mxid - Specific user
-    permissions:
-      '{{ matrix_mautrix_signal_homeserver_domain }}': relay
-      '{{ matrix_mautrix_signal_homeserver_domain }}': user
+    permissions: 
+        {{ matrix_mautrix_signal_bridge_permissions|from_yaml }}

    relay:
        # Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
        # authenticated user into a relaybot for that chat.
-        enabled: true
+        enabled: {{ matrix_mautrix_signal_relaybot_enabled }}
        # The formats to use when sending messages to Signal via a relay user.
        #
        # Available variables: