Add support for automatic Double Puppeting for all Mautrix bridges

This commit is contained in:
Slavi Pantaleev 2020-01-12 20:28:36 +02:00
parent 53186ffa1c
commit bd38861179
10 changed files with 156 additions and 20 deletions

View File

@ -1,3 +1,14 @@
# 2020-01-12
## Added support for automatic Double Puppeting for all Mautrix bridges
Double Puppeting can now be easily enabled for all Mautrix bridges supported by the playbook (Facebook, Hangouts, Whatsapp, Telegram).
This is possible due to those bridges' integration with [matrix-synapse-shared-secret-auth](https://github.com/devture/matrix-synapse-shared-secret-auth) - yet another component that this playbook can install for you.
To get started, following the playbook's documentation for the bridge you'd like to configure.
# 2019-12-06 # 2019-12-06
## Added support for an alternative method for using another webserver ## Added support for an alternative method for using another webserver

View File

@ -8,27 +8,22 @@ See the project's [documentation](https://github.com/tulir/mautrix-facebook/wiki
matrix_mautrix_facebook_enabled: true matrix_mautrix_facebook_enabled: true
``` ```
## Usage
You then need to start a chat with `@facebookbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). ## Set up Double Puppeting
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-facebook/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it.
### Set up bridging ### Method 1: automatically, by enabling Shared Secret Auth
Send `login YOUR_FACEBOOK_EMAIL_ADDRESS YOUR_FACEBOOK_PASSWORD` to the bridge bot to enable bridging for your Facebook/Messenger account. The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
You can learn more here about authentication from the bridge's [official documentation on Authentication](https://github.com/tulir/mautrix-facebook/wiki/Authentication). This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
If you run into trouble, check the [Troubleshooting](#troubleshooting) section below. ### Method 2: manually, by asking each user to provide a working access token
After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting). **Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
### Set up Double Puppeting
**Note**: Double Puppeting can be configured only after you've already [set up bridging](#set-up-bridging).
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-facebook/wiki/Authentication#double-puppeting) (hint: you most likely do), you should:
- retrieve a Matrix access token for yourself. You can use the following command: - retrieve a Matrix access token for yourself. You can use the following command:
@ -43,6 +38,19 @@ https://matrix.DOMAIN/_matrix/client/r0/login
- make sure you don't log out the `Mautrix-Facebook` device some time in the future, as that would break the Double Puppeting feature - make sure you don't log out the `Mautrix-Facebook` device some time in the future, as that would break the Double Puppeting feature
## Usage
You then need to start a chat with `@facebookbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
Send `login YOUR_FACEBOOK_EMAIL_ADDRESS YOUR_FACEBOOK_PASSWORD` to the bridge bot to enable bridging for your Facebook/Messenger account.
You can learn more here about authentication from the bridge's [official documentation on Authentication](https://github.com/tulir/mautrix-facebook/wiki/Authentication).
If you run into trouble, check the [Troubleshooting](#troubleshooting) section below.
After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so.
## Set up community-grouping ## Set up community-grouping
This is an **optional feature** that you may wish to enable. This is an **optional feature** that you may wish to enable.
@ -74,7 +82,7 @@ If you don't see all your contacts, you may wish to send a `sync` message to the
If your Matrix server is in a wildly different location than where you usually use your Facebook account from, the bridge's login attempts may be outright rejected by Facebook. Along with that, Facebook may even force you to change the account's password. If your Matrix server is in a wildly different location than where you usually use your Facebook account from, the bridge's login attempts may be outright rejected by Facebook. Along with that, Facebook may even force you to change the account's password.
If you happen to run into this problem while [setting up bridging](#set-up-bridging), try to first get a successful session up by logging in to Facebook through the Matrix server's IP address. If you happen to run into this problem while [setting up bridging](#usage), try to first get a successful session up by logging in to Facebook through the Matrix server's IP address.
The easiest way to do this may be to use [sshuttle](https://sshuttle.readthedocs.io/) to proxy your traffic through the Matrix server. The easiest way to do this may be to use [sshuttle](https://sshuttle.readthedocs.io/) to proxy your traffic through the Matrix server.
@ -88,4 +96,4 @@ Once connected, you should be able to verify that you're browsing the web throug
Then proceed to log in to [Facebook/Messenger](https://www.facebook.com/). Then proceed to log in to [Facebook/Messenger](https://www.facebook.com/).
Once logged in, proceed to [set up bridging](#set-up-bridging). Once logged in, proceed to [set up bridging](#usage).

View File

@ -11,6 +11,37 @@ To enable the [Google Hangouts](https://hangouts.google.com/) bridge just use th
matrix_mautrix_hangouts_enabled: true matrix_mautrix_hangouts_enabled: true
``` ```
## Set up Double Puppeting
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-hangouts/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it.
### Method 1: automatically, by enabling Shared Secret Auth
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
### Method 2: manually, by asking each user to provide a working access token
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
- retrieve a Matrix access token for yourself. You can use the following command:
```
curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Hangouts", "initial_device_display_name": "Mautrix-Hangouts"}' \
https://matrix.DOMAIN/_matrix/client/r0/login
```
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
- make sure you don't log out the `Mautrix-Hangouts` device some time in the future, as that would break the Double Puppeting feature
## Usage ## Usage
Once the bot is enabled you need to start a chat with `Hangouts bridge bot` with handle `@hangoutsbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). Once the bot is enabled you need to start a chat with `Hangouts bridge bot` with handle `@hangoutsbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
@ -22,3 +53,6 @@ Automatic login may not work. If it does not, reload the page and select the "Ma
Once logged in, recent chats should show up as new conversations automatically. Other chats will get portals as you receive messages. Once logged in, recent chats should show up as new conversations automatically. Other chats will get portals as you receive messages.
You can learn more about authentication from the bridge's [official documentation on Authentication](https://github.com/tulir/mautrix-hangouts/wiki/Authentication). You can learn more about authentication from the bridge's [official documentation on Authentication](https://github.com/tulir/mautrix-hangouts/wiki/Authentication).
After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so.

View File

@ -12,6 +12,38 @@ matrix_mautrix_telegram_api_id: YOUR_TELEGRAM_APP_ID
matrix_mautrix_telegram_api_hash: YOUR_TELEGRAM_API_HASH matrix_mautrix_telegram_api_hash: YOUR_TELEGRAM_API_HASH
``` ```
## Set up Double Puppeting
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-telegram/wiki/Authentication#replacing-telegram-accounts-matrix-puppet-with-matrix-account) (hint: you most likely do), you have 2 ways of going about it.
### Method 1: automatically, by enabling Shared Secret Auth
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
### Method 2: manually, by asking each user to provide a working access token
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging.
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
- retrieve a Matrix access token for yourself. You can use the following command:
```
curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Telegram", "initial_device_display_name": "Mautrix-Telegram"}' \
https://matrix.DOMAIN/_matrix/client/r0/login
```
- send `login-matrix` to the bot and follow instructions about how to send the access token to it
- make sure you don't log out the `Mautrix-Telegram` device some time in the future, as that would break the Double Puppeting feature
## Usage
You then need to start a chat with `@telegrambot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). You then need to start a chat with `@telegrambot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
If you want to use the relay-bot feature ([relay bot documentation](https://github.com/tulir/mautrix-telegram/wiki/Relay-bot)), which allows anonymous user to chat with telegram users, use the following additional playbook configuration: If you want to use the relay-bot feature ([relay bot documentation](https://github.com/tulir/mautrix-telegram/wiki/Relay-bot)), which allows anonymous user to chat with telegram users, use the following additional playbook configuration:

View File

@ -10,4 +10,36 @@ Use the following playbook configuration:
matrix_mautrix_whatsapp_enabled: true matrix_mautrix_whatsapp_enabled: true
``` ```
## Set up Double Puppeting
If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-whatsapp/wiki/Authentication#replacing-whatsapp-accounts-matrix-puppet-with-matrix-account) (hint: you most likely do), you have 2 ways of going about it.
### Method 1: automatically, by enabling Shared Secret Auth
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
### Method 2: manually, by asking each user to provide a working access token
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
- retrieve a Matrix access token for yourself. You can use the following command:
```
curl \
--data '{"identifier": {"type": "m.id.user", "user": "YOUR_MATRIX_USERNAME" }, "password": "YOUR_MATRIX_PASSWORD", "type": "m.login.password", "device_id": "Mautrix-Whatsapp", "initial_device_display_name": "Mautrix-Whatsapp"}' \
https://matrix.DOMAIN/_matrix/client/r0/login
```
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
- make sure you don't log out the `Mautrix-Whatsapp` device some time in the future, as that would break the Double Puppeting feature
## Usage
You then need to start a chat with `@whatsappbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). You then need to start a chat with `@whatsappbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).

View File

@ -149,6 +149,8 @@ matrix_mautrix_facebook_appservice_token: "{{ matrix_synapse_macaroon_secret_key
matrix_mautrix_facebook_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'fb.hs.token') | to_uuid }}" matrix_mautrix_facebook_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'fb.hs.token') | to_uuid }}"
matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
###################################################################### ######################################################################
# #
# /matrix-bridge-mautrix-facebook # /matrix-bridge-mautrix-facebook
@ -176,6 +178,8 @@ matrix_mautrix_hangouts_appservice_token: "{{ matrix_synapse_macaroon_secret_key
matrix_mautrix_hangouts_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'ho.hs.token') | to_uuid }}" matrix_mautrix_hangouts_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'ho.hs.token') | to_uuid }}"
matrix_mautrix_hangouts_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
###################################################################### ######################################################################
# #
# /matrix-bridge-mautrix-hangouts # /matrix-bridge-mautrix-hangouts
@ -195,7 +199,6 @@ matrix_mautrix_hangouts_homeserver_token: "{{ matrix_synapse_macaroon_secret_key
# We don't enable bridges by default. # We don't enable bridges by default.
matrix_mautrix_telegram_enabled: false matrix_mautrix_telegram_enabled: false
matrix_mautrix_telegram_systemd_required_services_list: | matrix_mautrix_telegram_systemd_required_services_list: |
{{ {{
['docker.service'] ['docker.service']
@ -211,6 +214,8 @@ matrix_mautrix_telegram_public_endpoint: "/{{ matrix_synapse_macaroon_secret_key
matrix_mautrix_telegram_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9006' }}" matrix_mautrix_telegram_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9006' }}"
matrix_mautrix_telegram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
###################################################################### ######################################################################
# #
# /matrix-bridge-mautrix-telegram # /matrix-bridge-mautrix-telegram
@ -238,6 +243,8 @@ matrix_mautrix_whatsapp_appservice_token: "{{ matrix_synapse_macaroon_secret_key
matrix_mautrix_whatsapp_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'whats.hs.token') | to_uuid }}" matrix_mautrix_whatsapp_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'whats.hs.token') | to_uuid }}"
matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
###################################################################### ######################################################################
# #
# /matrix-bridge-mautrix-whatsapp # /matrix-bridge-mautrix-whatsapp

View File

@ -27,6 +27,9 @@ matrix_mautrix_facebook_systemd_wanted_services_list: []
matrix_mautrix_facebook_appservice_token: '' matrix_mautrix_facebook_appservice_token: ''
matrix_mautrix_facebook_homeserver_token: '' matrix_mautrix_facebook_homeserver_token: ''
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_facebook_login_shared_secret: ''
# Default configuration template which covers the generic use case. # Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it. # You can customize it by controlling the various variables inside it.
# #
@ -129,7 +132,7 @@ matrix_mautrix_facebook_configuration_yaml: |
# If set, custom puppets will be enabled automatically for local users # If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix` # instead of users having to find an access token and run `login-matrix`
# manually. # manually.
login_shared_secret: null login_shared_secret: {{ matrix_mautrix_facebook_login_shared_secret|to_json }}
# Whether or not to bridge presence in both directions. Facebook allows users not to broadcast # Whether or not to bridge presence in both directions. Facebook allows users not to broadcast
# presence, but then it won't send other users' presence to the client. # presence, but then it won't send other users' presence to the client.
presence: true presence: true

View File

@ -29,6 +29,9 @@ matrix_mautrix_hangouts_systemd_wanted_services_list: []
matrix_mautrix_hangouts_appservice_token: '' matrix_mautrix_hangouts_appservice_token: ''
matrix_mautrix_hangouts_homeserver_token: '' matrix_mautrix_hangouts_homeserver_token: ''
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_hangouts_login_shared_secret: ''
# Default configuration template which covers the generic use case. # Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it. # You can customize it by controlling the various variables inside it.
# #
@ -115,7 +118,7 @@ matrix_mautrix_hangouts_configuration_yaml: |
# If set, custom puppets will be enabled automatically for local users # If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix` # instead of users having to find an access token and run `login-matrix`
# manually. # manually.
login_shared_secret: null login_shared_secret: {{ matrix_mautrix_hangouts_login_shared_secret|to_json }}
# Whether or not to update avatars when syncing all contacts at startup. # Whether or not to update avatars when syncing all contacts at startup.
update_avatar_initial_sync: true update_avatar_initial_sync: true

View File

@ -43,6 +43,9 @@ matrix_mautrix_telegram_systemd_wanted_services_list: []
matrix_mautrix_telegram_appservice_token: '' matrix_mautrix_telegram_appservice_token: ''
matrix_mautrix_telegram_homeserver_token: '' matrix_mautrix_telegram_homeserver_token: ''
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_telegram_login_shared_secret: ''
# Default configuration template which covers the generic use case. # Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it. # You can customize it by controlling the various variables inside it.
# #
@ -192,7 +195,7 @@ matrix_mautrix_telegram_configuration_yaml: |
# If set, custom puppets will be enabled automatically for local users # If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix` # instead of users having to find an access token and run `login-matrix`
# manually. # manually.
login_shared_secret: null login_shared_secret: {{ matrix_mautrix_telegram_login_shared_secret|to_json }}
# Set to false to disable link previews in messages sent to Telegram. # Set to false to disable link previews in messages sent to Telegram.
telegram_link_preview: true telegram_link_preview: true
# Use inline images instead of a separate message for the caption. # Use inline images instead of a separate message for the caption.

View File

@ -27,6 +27,9 @@ matrix_mautrix_whatsapp_systemd_wanted_services_list: []
matrix_mautrix_whatsapp_appservice_token: '' matrix_mautrix_whatsapp_appservice_token: ''
matrix_mautrix_whatsapp_homeserver_token: '' matrix_mautrix_whatsapp_homeserver_token: ''
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_whatsapp_login_shared_secret: ''
# Default mautrix-whatsapp configuration template which covers the generic use case. # Default mautrix-whatsapp configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it. # You can customize it by controlling the various variables inside it.
# #
@ -137,7 +140,7 @@ matrix_mautrix_whatsapp_configuration_yaml: |
# If set, custom puppets will be enabled automatically for local users # If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix` # instead of users having to find an access token and run `login-matrix`
# manually. # manually.
login_shared_secret: null login_shared_secret: {{ matrix_mautrix_whatsapp_login_shared_secret|to_json }}
# Whether or not to invite own WhatsApp user's Matrix puppet into private # Whether or not to invite own WhatsApp user's Matrix puppet into private
# chat portals when backfilling if needed. # chat portals when backfilling if needed.