mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-01-26 09:54:56 +01:00
Compare commits
14 Commits
1f2109df3a
...
3c9c0d0da6
Author | SHA1 | Date | |
---|---|---|---|
|
3c9c0d0da6 | ||
|
c97dd0b24f | ||
|
66ea709cb3 | ||
|
7911cdb232 | ||
|
fb05eace5a | ||
|
3ad2211d74 | ||
|
11a90a4789 | ||
|
d89e627a79 | ||
|
4d39efe6f6 | ||
|
358b3486f9 | ||
|
47a337258c | ||
|
cea437c844 | ||
|
f1c238e732 | ||
|
9cb2a3d927 |
@ -26,6 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.alertma
|
||||
|
||||
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
### Join to rooms as the bot manually
|
||||
|
||||
ℹ️ **This bot does not accept room invitations automatically**. To deliver messages to rooms, the bot must be joined to all rooms manually.
|
||||
|
@ -28,6 +28,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.chatgpt
|
||||
|
||||
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
To make sure the bot can read encrypted messages, it will need an encryption key, just like any other new user. While obtaining the access token, follow the prompts to setup a backup key. More information can be found in the [Element documentation](https://element.io/help#encryption6).
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
@ -28,6 +28,8 @@ If you would like Draupnir to be able to deactivate users, move aliases, shutdow
|
||||
|
||||
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
### Make sure the account is free from rate limiting
|
||||
|
||||
If your homeserver's implementation is Synapse, you will need to prevent it from rate limiting the bot's account. **This is a required step. If you do not configure it, Draupnir will crash.**
|
||||
|
@ -26,6 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb
|
||||
|
||||
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
To enable the bot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `ACCESS_TOKEN_FOR_GONEB_HERE` and `ACCESS_TOKEN_FOR_ANOTHER_GONEB_HERE` with the ones created [above](#obtain-an-access-token).
|
||||
|
@ -79,4 +79,6 @@ You should start in the following order
|
||||
|
||||
This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands, you'll first need to `exec` into the maubot container with `docker exec -it matrix-bot-maubot sh`.
|
||||
|
||||
Alternatively, you can follow our generic [obtain an access token](obtaining-access-tokens.md) documentation. Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will give your bot issues in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients).
|
||||
Alternatively, you can refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will causes issues to your bot in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
@ -24,6 +24,8 @@ If you would like Mjolnir to be able to deactivate users, move aliases, shutdown
|
||||
|
||||
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
### Make sure the account is free from rate limiting
|
||||
|
||||
If your homeserver's implementation is Synapse, you will need to prevent it from rate limiting the bot's account. **This is a required step. If you do not configure it, Mjolnir will crash.**
|
||||
|
@ -70,7 +70,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -101,7 +101,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -96,7 +96,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -55,7 +55,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -65,7 +65,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -65,7 +65,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -104,7 +104,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -121,7 +121,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -106,7 +106,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -82,7 +82,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -88,7 +88,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send `login-matrix` to the bot and follow instructions about how to send the access token to it
|
||||
|
||||
|
@ -62,7 +62,7 @@ This is the recommended way of setting up Double Puppeting, as it's easier to ac
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -73,7 +73,7 @@ Enabling double puppeting by enabling the [Shared Secret Auth](configuring-playb
|
||||
|
||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
||||
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to obtain one](obtaining-access-tokens.md).
|
||||
|
||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||
|
||||
|
@ -26,13 +26,13 @@ matrix_dimension_admins:
|
||||
|
||||
The admin interface is accessible within Element Web by accessing it in any room and clicking the cog wheel/settings icon in the top right. Currently, Dimension can be opened in Element Web by the "Add widgets, bridges, & bots" link in the room information.
|
||||
|
||||
### Access token
|
||||
### Obtain an access token
|
||||
|
||||
We recommend that you create a dedicated Matrix user for Dimension (`dimension` is a good username). Follow our [Registering users](registering-users.md) guide to learn how to register **a regular (non-admin) user**.
|
||||
|
||||
You are required to specify an access token (belonging to this new user) for Dimension to work. To get an access token for the Dimension user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md).
|
||||
You are required to specify an access token (belonging to this new user) for Dimension to work. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.**
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
Add access token to your configuration file (`inventory/host_vars/matrix.example.com/vars.yml`):
|
||||
|
||||
|
@ -42,6 +42,8 @@ Take note of each room's room ID (different clients show the room ID in a differ
|
||||
|
||||
In order for the sender user created above to be able to send messages to the room, we'll need to obtain an access token for it. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
## Adjusting the playbook configuration
|
||||
|
||||
After doing the preparation steps above, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs):
|
||||
|
@ -39,15 +39,15 @@ For a list of all configuration options see the role defaults [`roles/matrix-use
|
||||
|
||||
In the default configuration, the UVS Server is only reachable via the docker network, which is fine if e.g. Jitsi is also running in a container on the host. However, it is possible to expose UVS via setting `matrix_user_verification_service_container_http_host_bind_port`.
|
||||
|
||||
### Access token
|
||||
### Obtain an access token
|
||||
|
||||
The Synapse Access Token is used to verify RoomMembership and PowerLevel against `matrix_user_verification_service_uvs_homeserver_url`.
|
||||
|
||||
We recommend that you create a dedicated Matrix user for uvs (`uvs` is a good username). Follow our [Registering users](registering-users.md) guide to register a user with administration privileges.
|
||||
|
||||
You are required to specify an access token (belonging to this new user) for UVS to work. To get an access token for the UVS user, you can follow the documentation on [how to do obtain an access token](obtaining-access-tokens.md).
|
||||
You are required to specify an access token (belonging to this new user) for UVS to work. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.**
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
```yaml
|
||||
matrix_user_verification_service_uvs_access_token: "YOUR ACCESS TOKEN HERE"
|
||||
|
@ -18,6 +18,8 @@ You can use the **[Purge History API](https://github.com/element-hq/synapse/blob
|
||||
|
||||
To make use of this Synapse Admin API, **you'll need an admin access token** first. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
|
||||
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
Synapse's Admin API is not exposed to the internet by default, following [official Synapse reverse-proxying recommendations](https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). To expose it you will need to add `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` to your `vars.yml` file.
|
||||
|
||||
Follow the [Purge History API](https://github.com/element-hq/synapse/blob/master/docs/admin_api/purge_history_api.md) documentation page for the actual purging instructions.
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
When setting up some optional features like bots and bridges you will need to provide an access token for some user. This document provides documentation on how to obtain such an access token.
|
||||
|
||||
**Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.**
|
||||
⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
|
@ -1103,9 +1103,16 @@ matrix_mautrix_discord_container_additional_networks_auto: |-
|
||||
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
|
||||
+
|
||||
([postgres_container_network] if postgres_enabled and matrix_mautrix_facebook_database_hostname == postgres_connection_hostname else [])
|
||||
+
|
||||
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_mautrix_discord_container_labels_traefik_enabled) else [])
|
||||
) | unique
|
||||
}}
|
||||
|
||||
matrix_mautrix_discord_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
|
||||
matrix_mautrix_discord_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
|
||||
matrix_mautrix_discord_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
|
||||
matrix_mautrix_discord_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
|
||||
|
||||
matrix_mautrix_discord_systemd_required_services_list_auto: |
|
||||
{{
|
||||
matrix_addons_homeserver_systemd_services_list
|
||||
@ -1116,9 +1123,13 @@ matrix_mautrix_discord_systemd_required_services_list_auto: |
|
||||
matrix_mautrix_discord_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.as.tok', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_mautrix_discord_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_mautrix_discord_homeserver_public_address: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}://{{ matrix_server_fqn_matrix }}"
|
||||
matrix_mautrix_discord_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.hs.tok', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_mautrix_discord_bridge_avatar_proxy_key: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'maudisc.avatar', rounds=655555) | to_uuid }}"
|
||||
|
||||
matrix_mautrix_discord_hostname: "{{ matrix_server_fqn_matrix }}"
|
||||
matrix_mautrix_discord_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
|
||||
|
||||
matrix_mautrix_discord_bridge_login_shared_secret_map_auto: |-
|
||||
{{
|
||||
({
|
||||
@ -2726,7 +2737,7 @@ matrix_bot_matrix_registration_bot_container_additional_networks_auto: |-
|
||||
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
|
||||
}}
|
||||
|
||||
matrix_bot_matrix_registration_bot_matrix_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
matrix_bot_matrix_registration_bot_api_base_url: "{{ matrix_addons_homeserver_client_api_url }}"
|
||||
|
||||
######################################################################
|
||||
#
|
||||
|
@ -20,12 +20,19 @@ matrix_bot_matrix_registration_bot_config_path: "{{ matrix_bot_matrix_registrati
|
||||
matrix_bot_matrix_registration_bot_data_path: "{{ matrix_bot_matrix_registration_bot_base_path }}/data"
|
||||
|
||||
matrix_bot_matrix_registration_bot_bot_server: "{{ matrix_homeserver_url }}"
|
||||
matrix_bot_matrix_registration_bot_api_base_url: "{{ matrix_homeserver_url }}"
|
||||
|
||||
# The bot's username. This user needs to be created manually beforehand.
|
||||
# Also see `matrix_bot_matrix_registration_bot_user_password`.
|
||||
matrix_bot_matrix_registration_bot_matrix_user_id_localpart: "bot.matrix-registration-bot"
|
||||
|
||||
matrix_bot_matrix_registration_bot_matrix_user_id: '@{{ matrix_bot_matrix_registration_bot_matrix_user_id_localpart }}:{{ matrix_domain }}'
|
||||
|
||||
# The bot's password (can also be used to login via a client like Element Web)
|
||||
matrix_bot_matrix_registration_bot_bot_password: ''
|
||||
|
||||
# Homeserver base URL
|
||||
matrix_bot_matrix_registration_bot_api_base_url: "{{ matrix_homeserver_url }}"
|
||||
|
||||
# Optional variable that only needs to be set if the bot account is not admin
|
||||
# Needs to be a valid access token of an admin account
|
||||
matrix_bot_matrix_registration_bot_api_token: ''
|
||||
@ -51,11 +58,3 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list_custom: []
|
||||
|
||||
# List of systemd services that matrix-bot-matrix-registration-bot.service wants
|
||||
matrix_bot_matrix_registration_bot_systemd_wanted_services_list: []
|
||||
|
||||
# The bot's username. This user needs to be created manually beforehand.
|
||||
# Also see `matrix_bot_matrix_registration_bot_user_password`.
|
||||
matrix_bot_matrix_registration_bot_matrix_user_id_localpart: "bot.matrix-registration-bot"
|
||||
|
||||
matrix_bot_matrix_registration_bot_matrix_user_id: '@{{ matrix_bot_matrix_registration_bot_matrix_user_id_localpart }}:{{ matrix_domain }}'
|
||||
|
||||
matrix_bot_matrix_registration_bot_matrix_homeserver_url: ""
|
||||
|
@ -10,7 +10,7 @@
|
||||
with_items:
|
||||
- {path: "{{ matrix_bot_matrix_registration_bot_config_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_matrix_registration_bot_data_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}", when: true}
|
||||
- {path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}", when: "{{ matrix_bot_matrix_registration_bot_container_image_self_build }}"}
|
||||
when: "item.when | bool"
|
||||
|
||||
- name: Ensure matrix-registration-bot configuration file created
|
||||
@ -33,7 +33,9 @@
|
||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
||||
until: result is not failed
|
||||
|
||||
- name: Ensure matrix-registration-bot repository is present on self-build
|
||||
- when: matrix_bot_matrix_registration_bot_container_image_self_build | bool
|
||||
block:
|
||||
- name: Ensure matrix-registration-bot repository is present on self-build
|
||||
ansible.builtin.git:
|
||||
repo: "{{ matrix_bot_matrix_registration_bot_docker_repo }}"
|
||||
version: "{{ matrix_bot_matrix_registration_bot_docker_repo_version }}"
|
||||
@ -42,9 +44,8 @@
|
||||
become: true
|
||||
become_user: "{{ matrix_user_username }}"
|
||||
register: matrix_bot_matrix_registration_bot_git_pull_results
|
||||
when: "matrix_bot_matrix_registration_bot_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure matrix-registration-bot image is built
|
||||
- name: Ensure matrix-registration-bot image is built
|
||||
community.docker.docker_image:
|
||||
name: "{{ matrix_bot_matrix_registration_bot_docker_image }}"
|
||||
source: build
|
||||
@ -54,7 +55,6 @@
|
||||
dockerfile: Dockerfile
|
||||
path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}"
|
||||
pull: true
|
||||
when: "matrix_bot_matrix_registration_bot_container_image_self_build | bool"
|
||||
|
||||
- name: Ensure matrix-registration-bot container network is created
|
||||
community.general.docker_network:
|
||||
|
@ -7,12 +7,14 @@
|
||||
when: "vars[item] == ''"
|
||||
with_items:
|
||||
- "matrix_bot_matrix_registration_bot_bot_password"
|
||||
- "matrix_bot_matrix_registration_bot_matrix_homeserver_url"
|
||||
- "matrix_bot_matrix_registration_bot_api_base_url"
|
||||
|
||||
- name: (Deprecation) Catch and report old settings
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
ansible.builtin.fail:
|
||||
msg: >-
|
||||
Your configuration contains a variable, which is deprecated - Please check the documentation on how to configure the matrix-registration-bot.
|
||||
when: "item in vars"
|
||||
Your configuration contains a variable, which now has a different name.
|
||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- "matrix_bot_matrix_registration_bot_bot_access_token"
|
||||
- {'old': 'matrix_bot_matrix_registration_bot_bot_access_token', 'new': '<removed>'}
|
||||
- {'old': 'matrix_bot_matrix_registration_bot_matrix_homeserver_url', 'new': 'matrix_bot_matrix_registration_bot_api_base_url'}
|
||||
|
@ -6,8 +6,8 @@ bot:
|
||||
api:
|
||||
# API endpoint of the registration tokens
|
||||
base_url: {{ matrix_bot_matrix_registration_bot_api_base_url|to_json }}
|
||||
# Access token of an administrator on the server
|
||||
{% if matrix_bot_matrix_registration_bot_api_token | length > 0 %}
|
||||
# Access token of an administrator on the server
|
||||
token: {{ matrix_bot_matrix_registration_bot_api_token|to_json }}
|
||||
{% endif %}
|
||||
|
||||
|
@ -4,6 +4,10 @@
|
||||
|
||||
matrix_mautrix_discord_enabled: true
|
||||
|
||||
matrix_mautrix_discord_hostname: ""
|
||||
matrix_mautrix_discord_path_prefix: /
|
||||
matrix_mautrix_discord_scheme: https
|
||||
|
||||
matrix_mautrix_discord_container_image_self_build: false
|
||||
matrix_mautrix_discord_container_image_self_build_repo: "https://mau.dev/mautrix/discord.git"
|
||||
matrix_mautrix_discord_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_discord_version == 'latest' else matrix_mautrix_discord_version }}"
|
||||
@ -22,11 +26,31 @@ matrix_mautrix_discord_data_path: "{{ matrix_mautrix_discord_base_path }}/data"
|
||||
matrix_mautrix_discord_docker_src_files_path: "{{ matrix_mautrix_discord_base_path }}/docker-src"
|
||||
|
||||
matrix_mautrix_discord_homeserver_address: ""
|
||||
matrix_mautrix_discord_homeserver_public_address: ''
|
||||
matrix_mautrix_discord_homeserver_domain: "{{ matrix_domain }}"
|
||||
matrix_mautrix_discord_appservice_address: "http://matrix-mautrix-discord:8080"
|
||||
|
||||
matrix_mautrix_discord_command_prefix: "!discord"
|
||||
matrix_mautrix_discord_bridge_command_prefix: "!discord"
|
||||
|
||||
# Publicly accessible base URL that Discord can use to reach the bridge, used for avatars in relay mode.
|
||||
# If not set, avatars will not be bridged. Only the /mautrix-discord/avatar/{server}/{id}/{hash} endpoint is used on this address.
|
||||
# This should not have a trailing slash, the endpoint above will be appended to the provided address.
|
||||
matrix_mautrix_discord_bridge_public_address: "{{ (matrix_mautrix_discord_scheme + '://' + matrix_mautrix_discord_hostname + (matrix_mautrix_discord_path_prefix if matrix_mautrix_discord_path_prefix != '/' else '')) if matrix_mautrix_discord_hostname else '' }}"
|
||||
|
||||
# A random key used to sign the avatar URLs. The bridge will only accept requests with a valid signature.
|
||||
matrix_mautrix_discord_bridge_avatar_proxy_key: ''
|
||||
|
||||
# Localpart template of MXIDs for Discord users.
|
||||
# {{ '{{.}}' }} is replaced with the internal ID of the Discord user.
|
||||
matrix_mautrix_discord_bridge_username_template: "{% raw %}discord_{{.}}{% endraw %}"
|
||||
|
||||
# Displayname template for Discord users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
|
||||
matrix_mautrix_discord_bridge_displayname_template: "{% raw %}{{or .GlobalName .Username}}{{if .Bot}} (bot){{end}}{% endraw %}"
|
||||
|
||||
# Displayname template for Discord channels (bridged as rooms, or spaces when type=4).
|
||||
matrix_mautrix_discord_bridge_channel_name_template: "{% raw %}{{if or (eq .Type 3) (eq .Type 4)}}{{.Name}}{{else}}#{{.Name}}{{end}}{% endraw %}"
|
||||
|
||||
# Displayname template for Discord guilds (bridged as spaces).
|
||||
matrix_mautrix_discord_bridge_guild_name_template: "{% raw %}{{.Name}}{% endraw %}"
|
||||
|
||||
matrix_mautrix_discord_bridge_permissions: |
|
||||
{{
|
||||
@ -40,6 +64,38 @@ matrix_mautrix_discord_container_additional_networks: "{{ matrix_mautrix_discord
|
||||
matrix_mautrix_discord_container_additional_networks_auto: []
|
||||
matrix_mautrix_discord_container_additional_networks_custom: []
|
||||
|
||||
# matrix_mautrix_discord_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
|
||||
# See `../templates/labels.j2` for details.
|
||||
#
|
||||
# To inject your own other container labels, see `matrix_mautrix_discord_container_labels_additional_labels`.
|
||||
matrix_mautrix_discord_container_labels_traefik_enabled: true
|
||||
matrix_mautrix_discord_container_labels_traefik_docker_network: "{{ matrix_mautrix_discord_container_network }}"
|
||||
matrix_mautrix_discord_container_labels_traefik_hostname: "{{ matrix_mautrix_discord_hostname }}"
|
||||
# The path prefix must either be `/` or not end with a slash (e.g. `/matrix-alertmanager-receiver`).
|
||||
matrix_mautrix_discord_container_labels_traefik_path_prefix: "{{ matrix_mautrix_discord_path_prefix }}"
|
||||
matrix_mautrix_discord_container_labels_traefik_entrypoints: web-secure
|
||||
matrix_mautrix_discord_container_labels_traefik_tls_certResolver: default # noqa var-naming
|
||||
|
||||
# Controls whether labels will be added that expose the bridge's avatar proxy (`/mautrix-discord/avatar/{server}/{id}/{hash}`).
|
||||
# See: matrix_mautrix_discord_bridge_public_address
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_enabled: "{{ matrix_mautrix_discord_bridge_public_address != '' }}"
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_hostname: "{{ matrix_mautrix_discord_container_labels_traefik_hostname }}"
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_path_prefix: "{{ matrix_mautrix_discord_container_labels_traefik_path_prefix if matrix_mautrix_discord_container_labels_traefik_path_prefix == '/' else (matrix_mautrix_discord_container_labels_traefik_path_prefix + '/') }}mautrix-discord/avatar"
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_traefik_rule: "Host(`{{ matrix_mautrix_discord_container_labels_traefik_hostname }}`) && PathPrefix(`{{ matrix_mautrix_discord_container_labels_avatar_proxy_path_prefix }}`)"
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_traefik_priority: 0
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_traefik_entrypoints: "{{ matrix_mautrix_discord_container_labels_traefik_entrypoints }}"
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_traefik_tls: "{{ matrix_mautrix_discord_container_labels_avatar_proxy_traefik_entrypoints != 'web' }}"
|
||||
matrix_mautrix_discord_container_labels_avatar_proxy_traefik_tls_certResolver: "{{ matrix_mautrix_discord_container_labels_traefik_tls_certResolver }}" # noqa var-naming
|
||||
|
||||
# matrix_mautrix_discord_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
|
||||
# See `../templates/labels.j2` for details.
|
||||
#
|
||||
# Example:
|
||||
# matrix_mautrix_discord_container_labels_additional_labels: |
|
||||
# my.label=1
|
||||
# another.label="here"
|
||||
matrix_mautrix_discord_container_labels_additional_labels: ''
|
||||
|
||||
# A list of extra arguments to pass to the container
|
||||
matrix_mautrix_discord_container_extra_arguments: []
|
||||
|
||||
@ -56,6 +112,8 @@ matrix_mautrix_discord_appservice_token: ''
|
||||
matrix_mautrix_discord_homeserver_token: ''
|
||||
|
||||
matrix_mautrix_discord_appservice_bot_username: discordbot
|
||||
matrix_mautrix_discord_appservice_bot_displayname: Discord bridge bot
|
||||
matrix_mautrix_discord_appservice_bot_avatar: mxc://maunium.net/nIdEykemnwdisvHbpxflpDlC
|
||||
|
||||
matrix_mautrix_discord_provisioning_shared_secret: disable
|
||||
|
||||
@ -162,6 +220,9 @@ matrix_mautrix_discord_registration: "{{ matrix_mautrix_discord_registration_yam
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_discord_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_discord_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}"
|
||||
matrix_mautrix_discord_bridge_encryption_require: false
|
||||
matrix_mautrix_discord_bridge_encryption_appservice: false
|
||||
matrix_mautrix_discord_bridge_encryption_plaintext_mentions: false
|
||||
matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_discord_bridge_encryption_allow }}"
|
||||
|
||||
# On Conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge.
|
||||
|
@ -93,6 +93,16 @@
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
|
||||
- name: Ensure mautrix-discord support files installed
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/{{ item }}.j2"
|
||||
dest: "{{ matrix_mautrix_discord_base_path }}/{{ item }}"
|
||||
mode: 0640
|
||||
owner: "{{ matrix_user_username }}"
|
||||
group: "{{ matrix_user_groupname }}"
|
||||
with_items:
|
||||
- labels
|
||||
|
||||
- name: Ensure mautrix-discord container network is created
|
||||
community.general.docker_network:
|
||||
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
|
||||
|
@ -9,9 +9,11 @@
|
||||
- {'name': 'matrix_mautrix_discord_appservice_token', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_homeserver_address', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_homeserver_token', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_homeserver_public_address', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_bridge_public_address', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_container_network', when: true}
|
||||
- {'name': 'matrix_mautrix_discord_database_hostname', when: "{{ matrix_mautrix_discord_database_engine == 'postgres' }}"}
|
||||
- {'name': 'matrix_mautrix_discord_container_labels_avatar_proxy_hostname', when: "{{ matrix_mautrix_discord_container_labels_avatar_proxy_enabled }}"}
|
||||
- {'name': 'matrix_mautrix_discord_container_labels_avatar_proxy_path_prefix', when: "{{ matrix_mautrix_discord_container_labels_avatar_proxy_enabled }}"}
|
||||
|
||||
- name: (Deprecation) Catch and report renamed settings
|
||||
ansible.builtin.fail:
|
||||
@ -21,3 +23,5 @@
|
||||
when: "item.old in vars"
|
||||
with_items:
|
||||
- {'old': 'matrix_mautrix_discord_login_shared_secret', 'new': '<removed>'}
|
||||
- {'old': 'matrix_mautrix_discord_homeserver_public_address', 'new': 'matrix_mautrix_discord_bridge_public_address'}
|
||||
- {'old': 'matrix_mautrix_discord_command_prefix', 'new': 'matrix_mautrix_discord_bridge_command_prefix'}
|
||||
|
@ -3,13 +3,12 @@
|
||||
homeserver:
|
||||
# The address that this appservice can use to connect to the homeserver.
|
||||
address: {{ matrix_mautrix_discord_homeserver_address | to_json }}
|
||||
# Publicly accessible base URL for media, used for avatars in relay mode.
|
||||
# If not set, the connection address above will be used.
|
||||
public_address: {{ matrix_mautrix_discord_homeserver_public_address | to_json }}
|
||||
# The domain of the homeserver (for MXIDs, etc).
|
||||
# The domain of the homeserver (also known as server_name, used for MXIDs, etc).
|
||||
domain: {{ matrix_mautrix_discord_homeserver_domain | to_json }}
|
||||
# Is the homeserver actually mautrix-asmux?
|
||||
asmux: false
|
||||
|
||||
# What software is the homeserver running?
|
||||
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
|
||||
software: standard
|
||||
# The URL to push real-time bridge status to.
|
||||
# If set, the bridge will make POST requests to this URL whenever a user's discord connection state changes.
|
||||
# The bridge will use the appservice as_token to authorize requests.
|
||||
@ -19,6 +18,13 @@ homeserver:
|
||||
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
|
||||
async_media: false
|
||||
|
||||
# Should the bridge use a websocket for connecting to the homeserver?
|
||||
# The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
|
||||
# mautrix-asmux (deprecated), and hungryserv (proprietary).
|
||||
websocket: false
|
||||
# How often should the websocket be pinged? Pinging will be disabled if this is zero.
|
||||
ping_interval_seconds: 0
|
||||
|
||||
# Application service host/registration related details.
|
||||
# Changing these values requires regeneration of the registration.
|
||||
appservice:
|
||||
@ -31,13 +37,14 @@ appservice:
|
||||
|
||||
# Database config.
|
||||
database:
|
||||
# The database type. "sqlite3" and "postgres" are supported.
|
||||
type: {{ matrix_mautrix_discord_appservice_database_type|to_json }}
|
||||
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
|
||||
type: {{ matrix_mautrix_discord_appservice_database_type | to_json }}
|
||||
# The database URI.
|
||||
# SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string
|
||||
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
|
||||
# https://github.com/mattn/go-sqlite3#connection-string
|
||||
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
|
||||
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
|
||||
uri: {{ matrix_mautrix_discord_appservice_database_uri|to_json }}
|
||||
uri: {{ matrix_mautrix_discord_appservice_database_uri | to_json }}
|
||||
# Maximum number of connections. Mostly relevant for Postgres.
|
||||
max_open_conns: 20
|
||||
max_idle_conns: 2
|
||||
@ -51,15 +58,21 @@ appservice:
|
||||
# Appservice bot details.
|
||||
bot:
|
||||
# Username of the appservice bot.
|
||||
username: {{ matrix_mautrix_discord_appservice_bot_username|to_json }}
|
||||
username: {{ matrix_mautrix_discord_appservice_bot_username | to_json }}
|
||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||
# to leave display name/avatar as-is.
|
||||
displayname: Discord bridge bot
|
||||
avatar: mxc://maunium.net/nIdEykemnwdisvHbpxflpDlC
|
||||
displayname: {{ matrix_mautrix_discord_appservice_bot_displayname | to_json }}
|
||||
avatar: {{ matrix_mautrix_discord_appservice_bot_avatar | to_json }}
|
||||
|
||||
# Whether or not to receive ephemeral events via appservice transactions.
|
||||
# Requires MSC2409 support (i.e. Synapse 1.22+).
|
||||
ephemeral_events: true
|
||||
|
||||
# Should incoming events be handled asynchronously?
|
||||
# This may be necessary for large public instances with lots of messages going through.
|
||||
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
|
||||
async_transactions: false
|
||||
|
||||
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
|
||||
as_token: {{ matrix_mautrix_discord_appservice_token | to_json }}
|
||||
hs_token: {{ matrix_mautrix_discord_homeserver_token | to_json }}
|
||||
@ -67,51 +80,67 @@ appservice:
|
||||
# Bridge config
|
||||
bridge:
|
||||
# Localpart template of MXIDs for Discord users.
|
||||
# {{ '{{.}}' }} is replaced with the internal ID of the Discord user.
|
||||
username_template: "{{ 'discord_{{.}}' }}"
|
||||
# {% raw %}{{.}}{% endraw %} is replaced with the internal ID of the Discord user.
|
||||
username_template: {{ matrix_mautrix_discord_bridge_username_template | to_json }}
|
||||
# Displayname template for Discord users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
|
||||
# Available variables:
|
||||
# {{ '{{.ID}}' }} - Internal user ID
|
||||
# {{ '{{.Username}}' }} - Legacy display/username on Discord
|
||||
# {{ '{{.GlobalName}}' }} - New displayname on Discord
|
||||
# {{ '{{.Discriminator}}' }} - The 4 numbers after the name on Discord
|
||||
# {{ '{{.Bot}}' }} - Whether the user is a bot
|
||||
# {{ '{{.System}}' }} - Whether the user is an official system user
|
||||
# {{ '{{.Webhook}}' }} - Whether the user is a webhook and is not an application
|
||||
# {{ '{{.Application}}' }} - Whether the user is an application
|
||||
displayname_template: "{{ '{{or .GlobalName .Username}}{{if .Bot}} (bot){{end}}' }}"
|
||||
# .ID - Internal user ID
|
||||
# .Username - Legacy display/username on Discord
|
||||
# .GlobalName - New displayname on Discord
|
||||
# .Discriminator - The 4 numbers after the name on Discord
|
||||
# .Bot - Whether the user is a bot
|
||||
# .System - Whether the user is an official system user
|
||||
# .Webhook - Whether the user is a webhook and is not an application
|
||||
# .Application - Whether the user is an application
|
||||
displayname_template: {{ matrix_mautrix_discord_bridge_displayname_template | to_json }}
|
||||
# Displayname template for Discord channels (bridged as rooms, or spaces when type=4).
|
||||
# Available variables:
|
||||
# {{ '{{.Name}}' }} - Channel name, or user displayname (pre-formatted with displayname_template) in DMs.
|
||||
# {{ '{{.ParentName}}' }} - Parent channel name (used for categories).
|
||||
# {{ '{{.GuildName}}' }} - Guild name.
|
||||
# {{ '{{.NSFW}}' }} - Whether the channel is marked as NSFW.
|
||||
# {{ '{{.Type}}' }} - Channel type (see values at https://github.com/bwmarrin/discordgo/blob/v0.25.0/structs.go#L251-L267)
|
||||
channel_name_template: "{{ '{{if or (eq .Type 3) (eq .Type 4)}}{{.Name}}{{else}}#{{.Name}}{{end}}' }}"
|
||||
# .Name - Channel name, or user displayname (pre-formatted with displayname_template) in DMs.
|
||||
# .ParentName - Parent channel name (used for categories).
|
||||
# .GuildName - Guild name.
|
||||
# .NSFW - Whether the channel is marked as NSFW.
|
||||
# .Type - Channel type (see values at https://github.com/bwmarrin/discordgo/blob/v0.25.0/structs.go#L251-L267)
|
||||
channel_name_template: {{ matrix_mautrix_discord_bridge_channel_name_template | to_json }}
|
||||
# Displayname template for Discord guilds (bridged as spaces).
|
||||
# Available variables:
|
||||
# {{ '{{.Name}}' }} - Guild name
|
||||
guild_name_template: "{{ '{{.Name}}' }}"
|
||||
# Should the bridge explicitly set the avatar and room name for DM portal rooms?
|
||||
# This is implicitly enabled in encrypted rooms.
|
||||
# .Name - Guild name
|
||||
guild_name_template: {{ matrix_mautrix_discord_bridge_guild_name_template | to_json }}
|
||||
# Whether to explicitly set the avatar and room name for private chat portal rooms.
|
||||
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
|
||||
# If set to `always`, all DM rooms will have explicit names and avatars set.
|
||||
# If set to `never`, DM rooms will never have names and avatars set.
|
||||
private_chat_portal_meta: default
|
||||
|
||||
# Publicly accessible base URL that Discord can use to reach the bridge, used for avatars in relay mode.
|
||||
# If not set, avatars will not be bridged. Only the /mautrix-discord/avatar/{server}/{id}/{hash} endpoint is used on this address.
|
||||
# This should not have a trailing slash, the endpoint above will be appended to the provided address.
|
||||
public_address: {{ matrix_mautrix_discord_bridge_public_address | to_json }}
|
||||
# A random key used to sign the avatar URLs. The bridge will only accept requests with a valid signature.
|
||||
avatar_proxy_key: {{ matrix_mautrix_discord_bridge_avatar_proxy_key | to_json }}
|
||||
|
||||
portal_message_buffer: 128
|
||||
|
||||
# Number of private channel portals to create on bridge startup.
|
||||
# Other portals will be created when receiving messages.
|
||||
startup_private_channel_create_limit: 5
|
||||
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Discord?
|
||||
delivery_receipts: false
|
||||
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
|
||||
message_status_events: true
|
||||
message_status_events: false
|
||||
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
|
||||
message_error_notices: true
|
||||
# Should the bridge use space-restricted join rules instead of invite-only for guild rooms?
|
||||
# This can avoid unnecessary invite events in guild rooms when members are synced in.
|
||||
restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms|to_json }}
|
||||
restricted_rooms: {{ matrix_mautrix_discord_bridge_restricted_rooms | to_json }}
|
||||
# Should the bridge automatically join the user to threads on Discord when the thread is opened on Matrix?
|
||||
# This only works with clients that support thread read receipts (MSC3771 added in Matrix v1.4).
|
||||
autojoin_thread_on_open: true
|
||||
# Should inline fields in Discord embeds be bridged as HTML tables to Matrix?
|
||||
# Tables aren't supported in all clients, but are the only way to emulate the Discord inline field UI.
|
||||
embed_fields_as_tables: true
|
||||
# Should guild channels be muted when the portal is created? This only meant for single-user instances,
|
||||
# it won't mute it for all users if there are multiple Matrix users in the same Discord guild.
|
||||
mute_channels_on_create: false
|
||||
# Should the bridge update the m.direct account data event when double puppeting is enabled.
|
||||
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
|
||||
# and is therefore prone to race conditions.
|
||||
@ -120,7 +149,7 @@ bridge:
|
||||
# This field will automatically be changed back to false after it, except if the config file is not writable.
|
||||
resend_bridge_info: false
|
||||
# Should incoming custom emoji reactions be bridged as mxc:// URIs?
|
||||
# If set to false, custom emoji reactions will be bridged as the shortcode instead, and the image wont be available.
|
||||
# If set to false, custom emoji reactions will be bridged as the shortcode instead, and the image won't be available.
|
||||
custom_emoji_reactions: true
|
||||
# Should the bridge attempt to completely delete portal rooms when a channel is deleted on Discord?
|
||||
# If true, the bridge will try to kick Matrix users from the room. Otherwise, the bridge only makes ghosts leave.
|
||||
@ -130,7 +159,7 @@ bridge:
|
||||
delete_guild_on_leave: true
|
||||
# Whether or not created rooms should have federation enabled.
|
||||
# If false, created portal rooms will never be federated.
|
||||
federate_rooms: {{ matrix_mautrix_discord_federate_rooms|to_json }}
|
||||
federate_rooms: {{ matrix_mautrix_discord_federate_rooms | to_json }}
|
||||
# Prefix messages from webhooks with the profile info? This can be used along with a custom displayname_template
|
||||
# to better handle webhooks that change their name all the time (like ones used by bridges).
|
||||
prefix_webhook_messages: false
|
||||
@ -140,24 +169,29 @@ bridge:
|
||||
# like the official client does? The other option is sending the media in the message send request as a form part
|
||||
# (which is always used by bots and webhooks).
|
||||
use_discord_cdn_upload: true
|
||||
# Proxy for Discord connections
|
||||
proxy:
|
||||
# Should mxc uris copied from Discord be cached?
|
||||
# This can be `never` to never cache, `unencrypted` to only cache unencrypted mxc uris, or `always` to cache everything.
|
||||
# If you have a media repo that generates non-unique mxc uris, you should set this to never.
|
||||
cache_media: unencrypted
|
||||
# Patterns for converting Discord media to custom mxc:// URIs instead of reuploading.
|
||||
# Each of the patterns can be set to null to disable custom URIs for that type of media.
|
||||
# Settings for converting Discord media to custom mxc:// URIs instead of reuploading.
|
||||
# More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html
|
||||
media_patterns:
|
||||
direct_media:
|
||||
# Should custom mxc:// URIs be used instead of reuploading media?
|
||||
enabled: false
|
||||
# Pattern for normal message attachments.
|
||||
attachments: {% raw %}mxc://discord-media.mau.dev/attachments|{{.ChannelID}}|{{.AttachmentID}}|{{.FileName}}{% endraw %}
|
||||
# Pattern for custom emojis.
|
||||
emojis: {% raw %}mxc://discord-media.mau.dev/emojis|{{.ID}}.{{.Ext}}{% endraw %}
|
||||
# Pattern for stickers. Note that animated lottie stickers will not be converted if this is enabled.
|
||||
stickers: {% raw %}mxc://discord-media.mau.dev/stickers|{{.ID}}.{{.Ext}}{% endraw %}
|
||||
# Pattern for static user avatars.
|
||||
avatars: {% raw %}mxc://discord-media.mau.dev/avatars|{{.UserID}}|{{.AvatarID}}.{{.Ext}}{% endraw %}
|
||||
# The server name to use for the custom mxc:// URIs.
|
||||
# This server name will effectively be a real Matrix server, it just won't implement anything other than media.
|
||||
# You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge.
|
||||
server_name: discord-media.example.com
|
||||
# Optionally a custom .well-known response. This defaults to `server_name:443`
|
||||
well_known_response:
|
||||
# The bridge supports MSC3860 media download redirects and will use them if the requester supports it.
|
||||
# Optionally, you can force redirects and not allow proxying at all by setting this to false.
|
||||
allow_proxy: true
|
||||
# Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file.
|
||||
# This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them.
|
||||
server_key: ""
|
||||
# Settings for converting animated stickers.
|
||||
animated_sticker:
|
||||
# Format to which animated stickers should be converted.
|
||||
@ -181,11 +215,10 @@ bridge:
|
||||
# If set, double puppeting will be enabled automatically for local users
|
||||
# instead of users having to find an access token and run `login-matrix`
|
||||
# manually.
|
||||
login_shared_secret_map: {{ matrix_mautrix_discord_bridge_login_shared_secret_map|to_json }}
|
||||
login_shared_secret_map: {{ matrix_mautrix_discord_bridge_login_shared_secret_map | to_json }}
|
||||
|
||||
# The prefix for commands. Only required in non-management rooms.
|
||||
command_prefix: "{{ matrix_mautrix_discord_command_prefix }}"
|
||||
|
||||
command_prefix: {{ matrix_mautrix_discord_bridge_command_prefix | to_json }}
|
||||
# Messages sent upon joining a management room.
|
||||
# Markdown is supported. The defaults are listed below.
|
||||
management_room_text:
|
||||
@ -227,15 +260,40 @@ bridge:
|
||||
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: {{ matrix_mautrix_discord_bridge_encryption_allow|to_json }}
|
||||
allow: {{ matrix_mautrix_discord_bridge_encryption_allow | to_json }}
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: {{ matrix_mautrix_discord_bridge_encryption_default|to_json }}
|
||||
default: {{ matrix_mautrix_discord_bridge_encryption_default | to_json }}
|
||||
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
|
||||
appservice: {{ matrix_mautrix_discord_bridge_encryption_appservice | to_json}}
|
||||
# Require encryption, drop any unencrypted messages.
|
||||
require: false
|
||||
require: {{ matrix_mautrix_discord_bridge_encryption_require | to_json }}
|
||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
||||
# You must use a client that supports requesting keys from other users to use this feature.
|
||||
allow_key_sharing: {{ matrix_mautrix_discord_bridge_encryption_key_sharing_allow|to_json }}
|
||||
allow_key_sharing: {{ matrix_mautrix_discord_bridge_encryption_key_sharing_allow | to_json }}
|
||||
# Should users mentions be in the event wire content to enable the server to send push notifications?
|
||||
plaintext_mentions: {{ matrix_mautrix_discord_bridge_encryption_plaintext_mentions | to_json }}
|
||||
# Options for deleting megolm sessions from the bridge.
|
||||
delete_keys:
|
||||
# Beeper-specific: delete outbound sessions when hungryserv confirms
|
||||
# that the user has uploaded the key to key backup.
|
||||
delete_outbound_on_ack: false
|
||||
# Don't store outbound sessions in the inbound table.
|
||||
dont_store_outbound: false
|
||||
# Ratchet megolm sessions forward after decrypting messages.
|
||||
ratchet_on_decrypt: false
|
||||
# Delete fully used keys (index >= max_messages) after decrypting messages.
|
||||
delete_fully_used_on_decrypt: false
|
||||
# Delete previous megolm sessions from same device when receiving a new one.
|
||||
delete_prev_on_new_session: false
|
||||
# Delete megolm sessions received from a device when the device is deleted.
|
||||
delete_on_device_delete: false
|
||||
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
|
||||
periodically_delete_expired: false
|
||||
# Delete inbound megolm sessions that don't have the received_at field used for
|
||||
# automatic ratcheting and expired session deletion. This is meant as a migration
|
||||
# to delete old keys prior to the bridge update.
|
||||
delete_outdated_inbound: false
|
||||
# What level of device verification should be required from users?
|
||||
#
|
||||
# Valid levels:
|
||||
@ -271,6 +329,10 @@ bridge:
|
||||
# default.
|
||||
messages: 100
|
||||
|
||||
# Disable rotating keys when a user's devices change?
|
||||
# You should not enable this option unless you understand all the implications.
|
||||
disable_device_change_key_rotation: false
|
||||
|
||||
# Settings for provisioning API
|
||||
provisioning:
|
||||
# Prefix for the provisioning API paths.
|
||||
@ -278,6 +340,8 @@ bridge:
|
||||
# Shared secret for authentication. If set to "generate", a random secret will be generated,
|
||||
# or if set to "disable", the provisioning API will be disabled.
|
||||
shared_secret: {{ matrix_mautrix_discord_provisioning_shared_secret | to_json }}
|
||||
# Enable debug API at /debug with provisioning authentication.
|
||||
debug_endpoints: false
|
||||
|
||||
# Permissions for using the bridge.
|
||||
# Permitted values:
|
||||
@ -290,12 +354,9 @@ bridge:
|
||||
# mxid - Specific user
|
||||
permissions: {{ matrix_mautrix_discord_bridge_permissions|to_json }}
|
||||
|
||||
# Logging config. See https://github.com/tulir/zeroconfig for details.
|
||||
logging:
|
||||
directory: ./logs
|
||||
file_name_format: ''
|
||||
file_date_format: "2006-01-02"
|
||||
file_mode: 384
|
||||
timestamp_format: Jan _2, 2006 15:04:05
|
||||
print_level: {{ matrix_mautrix_discord_logging_level | to_json }}
|
||||
print_json: false
|
||||
file_json: false
|
||||
min_level: {{ matrix_mautrix_discord_logging_level | to_json }}
|
||||
writers:
|
||||
- type: stdout
|
||||
format: pretty-colored
|
||||
|
@ -0,0 +1,58 @@
|
||||
{% if matrix_mautrix_discord_container_labels_traefik_enabled %}
|
||||
traefik.enable=true
|
||||
|
||||
{% if matrix_mautrix_discord_container_labels_traefik_docker_network %}
|
||||
traefik.docker.network={{ matrix_mautrix_discord_container_labels_traefik_docker_network }}
|
||||
{% endif %}
|
||||
|
||||
traefik.http.services.matrix-mautrix-discord.loadbalancer.server.port=8080
|
||||
|
||||
{% if matrix_mautrix_discord_container_labels_avatar_proxy_enabled %}
|
||||
############################################################
|
||||
# #
|
||||
# Avatar proxy #
|
||||
# #
|
||||
############################################################
|
||||
|
||||
{% set middlewares = [] %}
|
||||
|
||||
{% if matrix_mautrix_discord_container_labels_traefik_path_prefix != '/' %}
|
||||
traefik.http.middlewares.matrix-mautrix-discord-slashless-redirect.redirectregex.regex=({{ matrix_mautrix_discord_container_labels_traefik_path_prefix | quote }})$
|
||||
traefik.http.middlewares.matrix-mautrix-discord-slashless-redirect.redirectregex.replacement=${1}/
|
||||
{% set middlewares = middlewares + ['matrix-mautrix-discord-slashless-redirect'] %}
|
||||
{% endif %}
|
||||
|
||||
{% if matrix_mautrix_discord_container_labels_traefik_path_prefix != '/' %}
|
||||
traefik.http.middlewares.matrix-mautrix-discord-strip-prefix.stripprefix.prefixes={{ matrix_mautrix_discord_container_labels_traefik_path_prefix }}
|
||||
{% set middlewares = middlewares + ['matrix-mautrix-discord-strip-prefix'] %}
|
||||
{% endif %}
|
||||
|
||||
traefik.http.routers.matrix-mautrix-discord-avatar-proxy.rule={{ matrix_mautrix_discord_container_labels_avatar_proxy_traefik_rule }}
|
||||
|
||||
{% if matrix_mautrix_discord_container_labels_avatar_proxy_traefik_priority | int > 0 %}
|
||||
traefik.http.routers.matrix-mautrix-discord-avatar-proxy.priority={{ matrix_mautrix_discord_container_labels_avatar_proxy_traefik_priority }}
|
||||
{% endif %}
|
||||
|
||||
{% if middlewares | length > 0 %}
|
||||
traefik.http.routers.matrix-mautrix-discord-avatar-proxy.middlewares={{ middlewares | join(',') }}
|
||||
{% endif %}
|
||||
|
||||
traefik.http.routers.matrix-mautrix-discord-avatar-proxy.service=matrix-mautrix-discord
|
||||
traefik.http.routers.matrix-mautrix-discord-avatar-proxy.entrypoints={{ matrix_mautrix_discord_container_labels_avatar_proxy_traefik_entrypoints }}
|
||||
|
||||
traefik.http.routers.matrix-mautrix-discord-avatar-proxy.tls={{ matrix_mautrix_discord_container_labels_avatar_proxy_traefik_tls | to_json }}
|
||||
{% if matrix_mautrix_discord_container_labels_avatar_proxy_traefik_tls %}
|
||||
traefik.http.routers.matrix-mautrix-discord-avatar-proxy.tls.certResolver={{ matrix_mautrix_discord_container_labels_avatar_proxy_traefik_tls_certResolver }}
|
||||
{% endif %}
|
||||
|
||||
############################################################
|
||||
# #
|
||||
# /Avatar proxy #
|
||||
# #
|
||||
############################################################
|
||||
{% endif %}
|
||||
|
||||
|
||||
{% endif %}
|
||||
|
||||
{{ matrix_mautrix_discord_container_labels_additional_labels }}
|
@ -23,6 +23,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
|
||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ matrix_mautrix_discord_container_network }} \
|
||||
--label-file={{ matrix_mautrix_discord_base_path }}/labels \
|
||||
--mount type=bind,src={{ matrix_mautrix_discord_config_path }},dst=/config,ro \
|
||||
--mount type=bind,src={{ matrix_mautrix_discord_data_path }},dst=/data \
|
||||
--workdir=/data \
|
||||
|
@ -23,7 +23,7 @@ matrix_registration_data_path: "{{ matrix_registration_base_path }}/data"
|
||||
matrix_registration_docker_src_files_path: "{{ matrix_registration_base_path }}/docker-src"
|
||||
|
||||
# renovate: datasource=docker depName=zeratax/matrix-registration
|
||||
matrix_registration_version: "v0.7.2"
|
||||
matrix_registration_version: "v0.9.1"
|
||||
|
||||
matrix_registration_docker_image: "{{ matrix_registration_docker_image_name_prefix }}zeratax/matrix-registration:{{ matrix_registration_version }}"
|
||||
matrix_registration_docker_image_name_prefix: "{{ 'localhost/' if matrix_registration_container_image_self_build else matrix_container_global_registry_prefix }}"
|
||||
|
Loading…
x
Reference in New Issue
Block a user