Add support for bridge self signing

This also moves msc4190 to the correct section for twitter
2025-10-25 13:30:40 +02:00 · 2025-10-17 21:28:17 +02:00
parent 544d25e8c3
commit d43f03bbca
17 changed files with 40 additions and 5 deletions
--- a/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml
@@ -35,6 +35,7 @@ matrix_mautrix_bluesky_homeserver_domain: '{{ matrix_domain }}'
 matrix_mautrix_bluesky_appservice_address: 'http://matrix-mautrix-bluesky:29340'

 matrix_mautrix_bluesky_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
+matrix_mautrix_bluesky_self_sign_enabled: "{{ matrix_bridges_self_sign_enabled }}"

 # A public address that external services can use to reach this appservice.
 matrix_mautrix_bluesky_appservice_public_address: ''
--- a/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2
@@ -359,6 +359,9 @@ encryption:
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_bluesky_msc4190_enabled | to_json }}
+    # Whether to enable self-signing for bridges (Only the bridge bot uses this for now)
+    # Requires msc4190 to replace keys on reset
+    self_sign: {{ matrix_mautrix_bluesky_self_sign_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_bluesky_bridge_encryption_key_sharing_allow | to_json }}