Merge 1e8d4c5ba05616248098f5fd76b8c6ddb163cd51 into fb82b4672301b27bc5da9a9d3b668e37cd17a487

Update docs/README.md (#3822 )
* Update docs/README.md: add "installation guides" section Add the emoji to the link to quick-start.md only and not to full installation guide to emphasize the quick start guide Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: move a link to faq.md down Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: add "Maintenance" section Add a hint to join the support room under "Maintenance" header. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: create the "configuration options" section and add a note Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: sort list items Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: emphasize the anchor link to faq.md Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: add other anchor links to the "other documentation pages" section Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: add the emoji ℹ️ before the anchor link to faq.md Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: explanation about FAQ Remove the hint to check the installation guides as links to them are listed on top of this page. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: update text of the anchor link to docs/getting-the-playbook.md Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> --------- Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> Co-authored-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
2025-02-14 11:08:56 +01:00 · 2024-11-26 02:13:07 +09:00 · 2024-11-25 18:18:11 +02:00 · 2024-11-25 13:57:36 +02:00 · 2024-11-25 20:42:02 +09:00 · 2024-11-25 10:22:20 +02:00
23 changed files with 460 additions and 84 deletions
--- a/.github/workflows/close-stale-issues.yml
+++ b/.github/workflows/close-stale-issues.yml
@ -1,11 +1,14 @@
 ---
-name: 'Close stale issues'
+name: 'Close stale issues and PRs'
 on:  # yamllint disable-line rule:truthy
+  # Use this to do a dry run from a pull request
+  # pull_request:
  schedule:
    - cron: '30 1 * * *'

 permissions:
  issues: write
+  pull-requests: write

 jobs:
  stale:
@ -14,14 +17,34 @@ jobs:
    steps:
      - uses: actions/stale@v9
        with:
-          # Don't process pull requests at all
-          days-before-pr-stale: -1
-          stale-issue-message: 'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days.'
+          ######################################################################
+          # Issues/PRs
+          ######################################################################
+          exempt-assignees: 'spantaleev,aine-etke'
+          operations-per-run: 100
+          # Use this to do a dry run from a pull request
+          # debug-only: true
+          ######################################################################
+          # Issues
+          ######################################################################
+          stale-issue-message: 'This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days. To exempt the issue from being marked as stale again due to inactivity, add "confirmed" label.'
          close-issue-message: 'This issue was closed because it has been stalled for 7 days with no activity. If this issue is still reproduced, feel free to provide the issue with up-to-date information.'
          stale-issue-label: 'stale'
          # Add this label to exempt the issue from being marked as stale due to inactivity
          exempt-issue-labels: 'confirmed'
          # An allow-list of label(s) to only process the issues which contain one of these label(s).
-          any-of-issue-labels: 'question,needs-info'
-          # Use this to do a dry run from a pull request
-          # debug-only: true
+          any-of-issue-labels: 'needs-info,question'
+          ######################################################################
+          # PRs
+          ######################################################################
+          days-before-pr-stale: '365'
+          days-before-pr-close: '30'
+          stale-pr-message: 'This PR is stale because it has not been provided with required information or its conflicts have not been fixed over a year. Remove stale label or this will be closed in 30 days. To exempt the PR from being marked as stale again due to inactivity, add "confirmed" label.'
+          close-pr-message: 'This PR was closed because it has been stalled for 30 days with no activity.'
+          stale-pr-label: 'stale'
+          # Add this label to exempt the PR from being marked as stale due to inactivity
+          exempt-pr-labels: 'confirmed'
+          # An allow-list of label(s) to only process the PRs which contain one of these label(s).
+          any-of-pr-labels: 'needs-info,needs-rebase'
+          # Use this to ignore updates such as comments (only to keep the PR alive by bumping)
+          ignore-pr-updates: true
--- a/docs/README.md
+++ b/docs/README.md
@ -1,49 +1,86 @@
 # Table of Contents

- [FAQ](faq.md) - lots of questions and answers. Jump to [Prerequisites](prerequisites.md) to avoid reading too much and to just start a guided installation.
+## ⬇️ Installaton guides <!-- NOTE: the 🚀 emoji is used by "Getting started" on README.md -->

- [Quick start](quick-start.md) - follow the guide to set up minimum core services on your server
+There are two installation guides available for beginners and advanced users.

- [Prerequisites](prerequisites.md) - go here to a guided installation using this Ansible playbook
+- ⚡ **[Quick start](quick-start.md) (for beginners)**: this is recommended for those who do not have an existing Matrix server and want to start quickly with "opinionated defaults".

- [Configuring your DNS settings](configuring-dns.md)
+- **Full installation guide (for advanced users)**: if you need to import an existing Matrix server's data into the new server or want to learn more while setting up the server, follow this guide.

- [Getting this playbook's source code](getting-the-playbook.md)
+    - [Prerequisites](prerequisites.md)

- [Configuring the playbook](configuring-playbook.md)
+    - [Configuring your DNS settings](configuring-dns.md)

- [Installing](installing.md)
+    - [Getting the playbook](getting-the-playbook.md)

-  - **Importing data from another server installation**
+    - [Configuring the playbook](configuring-playbook.md)

-    - [Importing an existing SQLite database (from another Synapse installation)](importing-synapse-sqlite.md) (optional)
+    - [Installing](installing.md)

-    - [Importing an existing Postgres database (from another installation)](importing-postgres.md) (optional)
+## 🛠️ Configuration options

-    - [Importing `media_store` data files from an existing Synapse installation](importing-synapse-media-store.md) (optional)
+<!--
+NOTE:
+- Avoid putting the same anchor links as configuring-playbook.md lists under the "configuration options" section. Note that most of them are linked to "configure-playbook-*.md" and their titles start with "Setting up" (e.g. "Setting up Hydrogen").
+-->

-  - [Server Delegation](howto-server-delegation.md)
+You can check useful documentation for configuring components here: [Configuring the playbook](configuring-playbook.md)

-    - Server Delegation via a well-known file (recommended): [Installing well-known files on the base domain's server](configuring-well-known.md#installing-well-known-files-on-the-base-domain-s-server)
+- [Administration](configuring-playbook.md#administration) -  services that help you in administrating and monitoring your Matrix installation

-      - [Serving the base domain](configuring-playbook-base-domain-serving.md)
+- [Authentication and user-related](configuring-playbook.md#authentication-and-user-related) - extend and modify how users are authenticated on your homeserver

-    - [Server Delegation via a DNS SRV record (advanced)](howto-srv-server-delegation.md)
+- [Bots](configuring-playbook.md#bots) - bots provide various additional functionality to your installation
+
+- [Bridges](configuring-playbook.md#bridging-other-networks) - bridges can be used to connect your Matrix installation with third-party communication networks
+
+- [Clients](configuring-playbook.md#clients) - web clients for Matrix that you can host on your own domains
+
+- [Core service adjustments](configuring-playbook.md#core-service-adjustments) - backbone of your Matrix system
+
+- [File Storage](configuring-playbook.md#file-storage) - use alternative file storage to the default `media_store` folder
+
+<!-- NOTE: sort list items above alphabetically -->
+
+- [Other specialized services](configuring-playbook.md#other-specialized-services) - various services that don't fit any other categories
+
+## 👨‍🔧 Maintenance
+
+If your server and services experience issues, feel free to come to [our support room](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com) and ask for help.
+
+<!-- NOTE: sort list items alphabetically -->
+
+- [Checking if services work](maintenance-checking-services.md)
+
+- [Maintenance and Troubleshooting](maintenance-and-troubleshooting.md)
+
+- [PostgreSQL maintenance](maintenance-postgres.md)
+
+- [Synapse maintenance](maintenance-synapse.md)
+
+- [Upgrading services](maintenance-upgrading-services.md)
+
+## Other documentation pages <!-- NOTE: this header's title and the section below need optimization -->
+
+- ℹ️ **[FAQ](faq.md)** - various Frequently Asked Questions about Matrix, with a focus on this Ansible playbook
+
+<!-- NOTE: sort list items under faq.md alphabetically -->
+
+- [Alternative architectures](alternative-architectures.md)
+
+- [Container images used by the playbook](container-images.md)
+
+- [Obtaining an Access Token](obtaining-access-tokens.md)

 - [Playbook tags](playbook-tags.md)

 - [Registering users](registering-users.md)

- [Updating users passwords](updating-users-passwords.md)
+- [Running `just` commands](just.md)

- [Maintenance / checking if services work](maintenance-checking-services.md)
-
- [Maintenance / upgrading services](maintenance-upgrading-services.md)
-
- [Maintenance / Synapse](maintenance-synapse.md)
-
- [Maintenance / PostgreSQL](maintenance-postgres.md)
-
- [Maintenance and Troubleshooting](maintenance-and-troubleshooting.md)
+- [Self-building](self-building.md)

 - [Uninstalling](uninstalling.md)
+
+- [Updating users passwords](updating-users-passwords.md)
--- a/docs/maintenance-migrating.md
+++ b/docs/maintenance-migrating.md
@ -1,14 +1,67 @@
-> **Note**: This migration guide is applicable if you migrate from one server to another server having the same CPU architecture (e.g. both servers being `amd64`).
->
-> If you're trying to migrate between different architectures (e.g. `amd64` --> `arm64`), simply copying the complete `/matrix` directory is not possible as it would move the raw PostgreSQL data (`/matrix/postgres/data`) between different architectures. In this specific case, you can use the guide below as a reference, but you would also need to avoid syncing `/matrix/postgres/data` to the new host, and also dump the database on your current server and import it properly on the new server. See our [Backing up PostgreSQL](maintenance-postgres.md#backing-up-postgresql) docs for help with PostgreSQL backup/restore.
-
 # Migrating to new server

-1. Prepare by lowering DNS TTL for your domains (`matrix.example.com`, etc.), so that DNS record changes (step 4 below) would happen faster, leading to less downtime
-2. Stop all services on the old server and make sure they won't be starting again. Execute this on the old server: `systemctl disable --now matrix*` (you might have to cd to /etc/systemd/system/ first)
-3. Copy directory `/matrix` from the old server to the new server. Make sure to preserve ownership and permissions (use `cp -p` or `rsync -ar`)!
-4. Make sure your DNS records are adjusted to point to the new server's IP address
-5. Remove old server from the `inventory/hosts` file and add new server.
-6. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-system-user`. This will create the `matrix` user and group on the new server
-7. Because the `matrix` user and group are created dynamically on each server, the user/group ID may differ between the old and new server. We suggest that you adjust ownership of `/matrix` files manually by running this on the new server: `chown -R matrix:matrix /matrix`.
-8. Run `ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start` to finish the installation and start all services
+This documentation explains how to migrate your Matrix services (server, client, bridges, etc.) and data **from an old server to a new server**.
+
+**Notes**:
+- This migration guide is applicable if you migrate from one server to another server having the same CPU architecture (e.g. both servers being `amd64`).
+
+  If you're trying to migrate between different architectures (e.g. `amd64` --> `arm64`), simply copying the complete `/matrix` directory is **not** possible as it would move the raw PostgreSQL data (`/matrix/postgres/data`) between different architectures. In this specific case, you can use the guide below as a reference, but you would also need to avoid syncing `/matrix/postgres/data` to the new host, and also dump the database on your current server and import it properly on the new server. See our [Backing up PostgreSQL](maintenance-postgres.md#backing-up-postgresql) docs for help with PostgreSQL backup/restore.
+- If you have any questions about migration or encountered an issue during migration, do not hesitate to ask for help on [our Matrix room](https://matrix.to/#/%23matrix-docker-ansible-deploy:devture.com). You probably might want to prepare a temporary/sub account on another Matrix server in case it becomes impossible to use your server due to migration failure by any chance.
+
+- You can't change the domain (specified in the `matrix_domain` variable) after the initial deployment.
+
+## Lower DNS TTL
+
+Prepare by lowering DNS TTL for your domains (`matrix.example.com`, etc.), so that DNS record changes would happen faster, leading to less downtime.
+
+## Stop services on the old server completely
+
+Before migrating, you need to stop all services on the old server and make sure they won't be starting again.
+
+To do so, it is recommended to run the `systemctl` command on the server. Running the playbook's `stop` tag also stops the services, but just once; they will start again if you reboot the server.
+
+Log in to the old server and run the command as `root` (or a user that can run it with `sudo`):
+
+```sh
+cd /etc/systemd/system/ && systemctl disable --now matrix*
+```
+
+## Copy data directory to the new server
+
+After you've confirmed that all services were stopped, copy the `/matrix` directory from the old server to the new server. When copying, make sure to preserve ownership and permissions (use `cp -p` or `rsync -ar`)!
+
+## Adjust DNS records
+
+Make sure your DNS records are adjusted to point to the new server's IP address.
+
+## Update `inventory/hosts` file
+
+Having adjusted DNS records, replace the old server's external IP address on the `inventory/hosts` file with that of the new server.
+
+## Create `matrix` user and group on the new server
+
+Then, run the command below on your local computer to create the `matrix` user and group on the new server:
+
+```sh
+ansible-playbook -i inventory/hosts setup.yml --tags=setup-system-user
+```
+
+**Note**: because the `matrix` user and group are created dynamically on each server, the user/group ID may differ between the old and new server. We suggest that you adjust ownership of `/matrix` files. To adjust the ownership, log in to the new server and run the command:
+
+```sh
+chown -R matrix:matrix /matrix
+```
+
+## Install and start all services on the new server
+
+Finally, run the command below on your local computer to finish the installation and start all services:
+
+```sh
+ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start
+```
+
+### Check if services work
+
+After starting the services, you probably might want to ensure that you've migrated things correctly and that services are running. For instructions, see: [check if services work](maintenance-checking-services.md)
+
+Having make sure that both services and federation work as expected, you can safely shutdown the old server.
--- a/docs/maintenance-upgrading-services.md
+++ b/docs/maintenance-upgrading-services.md
@ -14,27 +14,37 @@ If you want to be notified when new versions of Synapse are released, you should

 ## Steps to upgrade the Matrix services

+### Check the changelog
+
 Before updating the playbook and the Ansible roles in the playbook, take a look at [the changelog](../CHANGELOG.md) to see if there have been any backward-incompatible changes that you need to take care of.

-If it looks good to you, go to the `matrix-docker-ansible-deploy` directory, then:
+### Update the playbook and the Ansible roles

- update your playbook directory and all upstream Ansible roles (defined in the `requirements.yml` file) using:
+If it looks good to you, go to the `matrix-docker-ansible-deploy` directory, update your playbook directory and all upstream Ansible roles (defined in the `requirements.yml` file) by running:

-  - either: `just update`
-  - or: a combination of `git pull` and `just roles` (or `make roles` if you have `make` program on your computer instead of `just`)
+- either: `just update`
+- or: a combination of `git pull` and `just roles` (or `make roles` if you have `make` program on your computer instead of `just`)

-  If you don't have either `just` tool or `make` program, you can run the `ansible-galaxy` tool directly: `rm -rf roles/galaxy; ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force`
+If you don't have either `just` tool or `make` program, you can run the `ansible-galaxy` tool directly: `rm -rf roles/galaxy; ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force`

-  For details about `just` commands, take a look at: [Running `just` commands](just.md).
+**Note**: for details about `just` commands, take a look at: [Running `just` commands](just.md).

- re-run the [playbook setup](installing.md#maintaining-your-setup-in-the-future) and restart all services:
+### Re-run the playbook setup

-  ```sh
-  ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start
-  ```
+After updating the Ansible roles, then re-run the [playbook setup](installing.md#maintaining-your-setup-in-the-future) and restart all services:

-Note that if you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [this page on the playbook tags](playbook-tags.md) for more information.
+```sh
+ansible-playbook -i inventory/hosts setup.yml --tags=install-all,start
+```

-A way to invoke these `ansible-playbook` commands with less typing is to run the `just` "recipe": `just install-all` or `just setup-all`.
+If you remove components from `vars.yml`, or if we switch some component from being installed by default to not being installed by default anymore, you'd need to run the setup command with `--tags=setup-all` instead of `--tags=install-all`. See [this page on the playbook tags](playbook-tags.md) for more information.

-**Note**: major version upgrades to the internal PostgreSQL database are not done automatically. To upgrade it, refer to the [upgrading PostgreSQL guide](maintenance-postgres.md#upgrading-postgresql).
+#### Run `just` to execute shortcut command
+
+If you want to invoke the `ansible-playbook` command with less typing, you can run `just` to execute the shortcut command: `just install-all` (or `just setup-all`). Note that it restarts all services automatically.
+
+## PostgreSQL major version upgrade
+
+Major version upgrades to the internal PostgreSQL database are not done automatically. Upgrades must be performed manually.
+
+For details about upgrading it, refer to the [upgrading PostgreSQL guide](maintenance-postgres.md#upgrading-postgresql).
--- a/docs/quick-start.md
+++ b/docs/quick-start.md
@ -25,6 +25,8 @@ Please remember to replace `example.com` with your own domain before running any

 At first, **check prerequisites** and prepare for installation by setting up programs [on your own computer](prerequisites.md#your-local-computer) and [your server](prerequisites.md#server). You also need `root` access on your server (a user that could elevate to `root` via `sudo` also works).

+When preparing your server, make sure to check [the server specs you need](faq.md#what-kind-of-server-specs-do-i-need). We recommend starting with a server having at least 2GB of memory.
+
 <!--
 TODO: Add one liners (or instructions, a script, etc.) for easy and consistent installation of required software. See: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3757
 -->
@ -171,7 +173,7 @@ After configuring the playbook, run the command below and wait until it finishes
 ansible-playbook -i inventory/hosts setup.yml --tags=install-matrix-static-files,start
 ```

-💡 Running the `install-matrix-static-files` playbook tag (as done here) is an optimized version of running [the full setup command](#run-the-installation-command).
+💡 Running the `install-matrix-static-files` playbook tag (as done here) is an optimized version of running [the full setup command](#run-installation-command).

 After the command finishes, you can also check whether your server federates with the Matrix network by using the [Federation Tester](https://federationtester.matrix.org/) against your base domain (`example.com`), not the `matrix.example.com` subdomain.

--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@ -1598,7 +1598,10 @@ matrix_mautrix_meta_messenger_container_labels_traefik_tls_certResolver: "{{ tra
 matrix_mautrix_meta_messenger_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
 matrix_mautrix_meta_messenger_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"

+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_hostname: "{{ matrix_server_fqn_matrix }}"
+
 matrix_mautrix_meta_messenger_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.fb.as', rounds=655555) | to_uuid }}"
+matrix_mautrix_meta_messenger_appservice_bridgev2_enabled: false

 matrix_mautrix_meta_messenger_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"

@ -1672,7 +1675,10 @@ matrix_mautrix_meta_instagram_container_labels_traefik_tls_certResolver: "{{ tra
 matrix_mautrix_meta_instagram_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
 matrix_mautrix_meta_instagram_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"

+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_hostname: "{{ matrix_server_fqn_matrix }}"
+
 matrix_mautrix_meta_instagram_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.meta.ig.as', rounds=655555) | to_uuid }}"
+matrix_mautrix_meta_instagram_appservice_bridgev2_enabled: false

 matrix_mautrix_meta_instagram_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"

@ -2064,6 +2070,8 @@ matrix_mautrix_whatsapp_container_labels_traefik_tls_certResolver: "{{ traefik_c
 matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
 matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"

+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname: "{{ matrix_server_fqn_matrix }}"
+
 matrix_mautrix_whatsapp_systemd_required_services_list_auto: |
  {{
    matrix_addons_homeserver_systemd_services_list
@ -2072,6 +2080,7 @@ matrix_mautrix_whatsapp_systemd_required_services_list_auto: |
  }}

 matrix_mautrix_whatsapp_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.as.token', rounds=655555) | to_uuid }}"
+matrix_mautrix_whatsapp_appservice_bridgev2_enabled: false

 matrix_mautrix_whatsapp_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
 matrix_mautrix_whatsapp_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.hs.token', rounds=655555) | to_uuid }}"
@ -5943,6 +5952,15 @@ matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_auto: "{{

 matrix_static_files_file_matrix_server_property_m_server: "{{ matrix_server_fqn_matrix_federation }}:{{ matrix_federation_public_port }}"

+# mautrix-manager auto-configuration disabled by default
+matrix_static_files_file_matrix_mautrix_enabled: false
+matrix_static_files_file_matrix_mautrix_property_fi_mau_bridges:
+  - "https://bridges.example.com/signal"
+  # TODO populate with enabled bridges
+
+matrix_static_files_file_matrix_mautrix_property_fi_mau_external_bridge_servers:
+  []
+
 matrix_static_files_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"

 matrix_static_files_self_check_hostname_matrix: "{{ matrix_server_fqn_matrix }}"
--- a/requirements.yml
+++ b/requirements.yml
@ -10,7 +10,7 @@
  version: v0.2.0-0
  name: container_socket_proxy
 - src: git+https://github.com/geerlingguy/ansible-role-docker
-  version: 7.4.2
+  version: 7.4.3
  name: docker
 - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git
  version: 129c8590e106b83e6f4c259649a613c6279e937a
--- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
@ -55,6 +55,17 @@ matrix_mautrix_meta_instagram_container_labels_metrics_middleware_basic_auth_ena
 # See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
 matrix_mautrix_meta_instagram_container_labels_metrics_middleware_basic_auth_users: ''

+# Controls whether labels will be added that expose the bridge's bridgev2 API endpoints
+matrix_mautrix_meta_instagram_container_labels_bridgev2_enabled: "{{ matrix_mautrix_meta_instagram_appservice_bridgev2_enabled }}"
+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_hostname: ""
+# Following two variables should be RegEx-escaped, see https://doc.traefik.io/traefik/middlewares/http/replacepathregex/
+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_stripprefix: "/_matrix/{{ matrix_mautrix_meta_instagram_identifier }}"
+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_rule: "Host(`{{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_hostname }}`) && PathPrefix(`{{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_stripprefix }}`)"
+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_priority: 0
+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_entrypoints: "{{ matrix_mautrix_meta_instagram_container_labels_traefik_entrypoints }}"
+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_tls: "{{ matrix_mautrix_meta_instagram_container_labels_metrics_traefik_entrypoints != 'web' }}"
+matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_tls_certResolver: "{{ matrix_mautrix_meta_instagram_container_labels_traefik_tls_certResolver }}"  # noqa var-naming
+
 # matrix_mautrix_meta_instagram_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
 # See `../templates/labels.j2` for details.
 #
@ -144,6 +155,10 @@ matrix_mautrix_meta_instagram_appservice_database_uri: |-

 matrix_mautrix_meta_instagram_appservice_token: ''

+# Whether to make public the bridgev2 API endpoints.
+# See https://spec.mau.fi/megabridge/
+matrix_mautrix_meta_instagram_appservice_bridgev2_enabled: false
+
 # Controls which service this bridge is for.
 # Valid options:
 # * facebook - connect to FB Messenger via facebook.com
--- a/roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/validate_config.yml
@ -8,6 +8,7 @@
  with_items:
    - {'name': 'matrix_mautrix_meta_instagram_metrics_proxying_hostname', when: "{{ matrix_mautrix_meta_instagram_metrics_proxying_enabled }}"}
    - {'name': 'matrix_mautrix_meta_instagram_metrics_proxying_path_prefix', when: "{{ matrix_mautrix_meta_instagram_metrics_proxying_enabled }}"}
+    - {'name': 'matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_hostname', when: "{{ matrix_mautrix_meta_instagram_container_labels_bridgev2_enabled }}"}
    - {'name': 'matrix_mautrix_meta_instagram_appservice_token', when: true}
    - {'name': 'matrix_mautrix_meta_instagram_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_meta_instagram_container_network', when: true}
--- a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/labels.j2
+++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/labels.j2
@ -43,6 +43,38 @@ traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-metrics.tls.
 {% endif %}


+{% if matrix_mautrix_meta_instagram_container_labels_bridgev2_enabled %}
+############################################################
+#                                                          #
+# Appservice Bridgev2 API                                  #
+#                                                          #
+############################################################
+
+traefik.http.middlewares.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2-stripprefix.stripprefix.prefixes={{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_stripprefix }}
+traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2.middlewares={{ matrix_mautrix_meta_instagram_identifier }}-bridgev2-stripprefix
+
+traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2.rule={{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_rule }}
+
+{% if matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_priority | int > 0 %}
+traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2.priority={{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_priority }}
+{% endif %}
+
+traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2.service={{ matrix_mautrix_meta_instagram_identifier }}-appservice
+traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2.entrypoints={{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_entrypoints }}
+
+traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2.tls={{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_tls | to_json }}
+{% if matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_tls %}
+traefik.http.routers.{{ matrix_mautrix_meta_instagram_identifier }}-bridgev2.tls.certResolver={{ matrix_mautrix_meta_instagram_container_labels_bridgev2_traefik_tls_certResolver }}
+{% endif %}
+
+############################################################
+#                                                          #
+# /Appservice Bridgev2 API                                 #
+#                                                          #
+############################################################
+{% endif %}
+
+
 {% endif %}

 {{ matrix_mautrix_meta_instagram_container_labels_additional_labels }}
--- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
@ -55,6 +55,17 @@ matrix_mautrix_meta_messenger_container_labels_metrics_middleware_basic_auth_ena
 # See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
 matrix_mautrix_meta_messenger_container_labels_metrics_middleware_basic_auth_users: ''

+# Controls whether labels will be added that expose the bridge's bridgev2 API endpoints
+matrix_mautrix_meta_messenger_container_labels_bridgev2_enabled: "{{ matrix_mautrix_meta_messenger_appservice_bridgev2_enabled }}"
+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_hostname: ""
+# Following two variables should be RegEx-escaped, see https://doc.traefik.io/traefik/middlewares/http/replacepathregex/
+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_stripprefix: "/_matrix/{{ matrix_mautrix_meta_messenger_identifier }}"
+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_rule: "Host(`{{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_hostname }}`) && PathPrefix(`{{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_stripprefix }}`)"
+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_priority: 0
+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_entrypoints: "{{ matrix_mautrix_meta_messenger_container_labels_traefik_entrypoints }}"
+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_tls: "{{ matrix_mautrix_meta_messenger_container_labels_metrics_traefik_entrypoints != 'web' }}"
+matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_tls_certResolver: "{{ matrix_mautrix_meta_messenger_container_labels_traefik_tls_certResolver }}"  # noqa var-naming
+
 # matrix_mautrix_meta_messenger_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
 # See `../templates/labels.j2` for details.
 #
@ -144,6 +155,10 @@ matrix_mautrix_meta_messenger_appservice_database_uri: |-

 matrix_mautrix_meta_messenger_appservice_token: ''

+# Whether to make public the bridgev2 API endpoints.
+# See https://spec.mau.fi/megabridge/
+matrix_mautrix_meta_messenger_appservice_bridgev2_enabled: false
+
 # Controls which service this bridge is for.
 # Valid options:
 # * facebook - connect to FB Messenger via facebook.com
--- a/roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/validate_config.yml
@ -8,6 +8,7 @@
  with_items:
    - {'name': 'matrix_mautrix_meta_messenger_metrics_proxying_hostname', when: "{{ matrix_mautrix_meta_messenger_metrics_proxying_enabled }}"}
    - {'name': 'matrix_mautrix_meta_messenger_metrics_proxying_path_prefix', when: "{{ matrix_mautrix_meta_messenger_metrics_proxying_enabled }}"}
+    - {'name': 'matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_hostname', when: "{{ matrix_mautrix_meta_messenger_container_labels_bridgev2_enabled }}"}
    - {'name': 'matrix_mautrix_meta_messenger_appservice_token', when: true}
    - {'name': 'matrix_mautrix_meta_messenger_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_meta_messenger_container_network', when: true}
--- a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/labels.j2
+++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/labels.j2
@ -43,6 +43,38 @@ traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-metrics.tls.
 {% endif %}


+{% if matrix_mautrix_meta_messenger_container_labels_bridgev2_enabled %}
+############################################################
+#                                                          #
+# Appservice Bridgev2 API                                  #
+#                                                          #
+############################################################
+
+traefik.http.middlewares.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2-stripprefix.stripprefix.prefixes={{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_stripprefix }}
+traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2.middlewares={{ matrix_mautrix_meta_messenger_identifier }}-bridgev2-stripprefix
+
+traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2.rule={{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_rule }}
+
+{% if matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_priority | int > 0 %}
+traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2.priority={{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_priority }}
+{% endif %}
+
+traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2.service={{ matrix_mautrix_meta_messenger_identifier }}-appservice
+traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2.entrypoints={{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_entrypoints }}
+
+traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2.tls={{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_tls | to_json }}
+{% if matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_tls %}
+traefik.http.routers.{{ matrix_mautrix_meta_messenger_identifier }}-bridgev2.tls.certResolver={{ matrix_mautrix_meta_messenger_container_labels_bridgev2_traefik_tls_certResolver }}
+{% endif %}
+
+############################################################
+#                                                          #
+# /Appservice Bridgev2 API                                 #
+#                                                          #
+############################################################
+{% endif %}
+
+
 {% endif %}

 {{ matrix_mautrix_meta_messenger_container_labels_additional_labels }}
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
@ -4,6 +4,8 @@

 matrix_mautrix_whatsapp_enabled: true

+matrix_mautrix_whatsapp_identifier: matrix-mautrix-whatsapp
+
 matrix_mautrix_whatsapp_container_image_self_build: false
 matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
 matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
@ -23,7 +25,11 @@ matrix_mautrix_whatsapp_docker_src_files_path: "{{ matrix_mautrix_whatsapp_base_

 matrix_mautrix_whatsapp_homeserver_address: ""
 matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}"
-matrix_mautrix_whatsapp_appservice_address: "http://matrix-mautrix-whatsapp:8080"
+matrix_mautrix_whatsapp_appservice_address: "http://{{ matrix_mautrix_whatsapp_identifier }}:8080"
+
+# Whether to make public the bridgev2 API endpoints.
+# See https://spec.mau.fi/megabridge/
+matrix_mautrix_whatsapp_appservice_bridgev2_enabled: false

 matrix_mautrix_whatsapp_extev_polls: false

@ -55,6 +61,17 @@ matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_enabled:
 # See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
 matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_users: ''

+# Controls whether labels will be added that expose the bridge's bridgev2 API endpoints
+matrix_mautrix_whatsapp_container_labels_bridgev2_enabled: "{{ matrix_mautrix_whatsapp_appservice_bridgev2_enabled }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname: ""
+# Following two variables should be RegEx-escaped, see https://doc.traefik.io/traefik/middlewares/http/replacepathregex/
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_stripprefix: "/_matrix/{{ matrix_mautrix_whatsapp_identifier }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_rule: "Host(`{{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname }}`) && PathPrefix(`{{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_stripprefix }}`)"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_priority: 0
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_entrypoints: "{{ matrix_mautrix_whatsapp_container_labels_traefik_entrypoints }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls: "{{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_entrypoints != 'web' }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls_certResolver: "{{ matrix_mautrix_whatsapp_container_labels_traefik_tls_certResolver }}"  # noqa var-naming
+
 # matrix_mautrix_whatsapp_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
 # See `../templates/labels.j2` for details.
 #
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
@ -22,7 +22,7 @@
              caller: "{{ role_path | basename }}"
              engine_variable_name: 'matrix_mautrix_whatsapp_database_engine'
              engine_old: 'sqlite'
-              systemd_services_to_stop: ['matrix-mautrix-whatsapp.service']
+              systemd_services_to_stop: ['{{ matrix_mautrix_whatsapp_identifier }}.service']
              pgloader_options: ['--with "quote identifiers"']

        - ansible.builtin.set_fact:
@ -89,7 +89,7 @@

 - name: (Data relocation) Ensure matrix-mautrix-whatsapp.service is stopped
  ansible.builtin.service:
-    name: matrix-mautrix-whatsapp
+    name: "{{ matrix_mautrix_whatsapp_identifier }}"
    state: stopped
    enabled: false
    daemon_reload: true
@ -146,12 +146,12 @@
 - name: Ensure matrix-mautrix-whatsapp.service installed
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-mautrix-whatsapp.service.j2"
-    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/{{ matrix_mautrix_whatsapp_identifier }}.service"
    mode: 0644

 - name: Ensure matrix-mautrix-whatsapp.service restarted, if necessary
  ansible.builtin.service:
-    name: "matrix-mautrix-whatsapp.service"
+    name: "{{ matrix_mautrix_whatsapp_identifier }}.service"
    state: restarted
    daemon_reload: true
  when: "matrix_mautrix_whatsapp_requires_restart | bool"
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml
@ -2,19 +2,19 @@

 - name: Check existence of matrix-mautrix-whatsapp service
  ansible.builtin.stat:
-    path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service"
+    path: "{{ devture_systemd_docker_base_systemd_path }}/{{ matrix_mautrix_whatsapp_identifier }}.service"
  register: matrix_mautrix_whatsapp_service_stat

 - when: matrix_mautrix_whatsapp_service_stat.stat.exists | bool
  block:
    - name: Ensure matrix-mautrix-whatsapp is stopped
      ansible.builtin.service:
-        name: matrix-mautrix-whatsapp
+        name: "{{ matrix_mautrix_whatsapp_identifier }}"
        state: stopped
        enabled: false
        daemon_reload: true

    - name: Ensure matrix-mautrix-whatsapp.service doesn't exist
      ansible.builtin.file:
-        path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-whatsapp.service"
+        path: "{{ devture_systemd_docker_base_systemd_path }}/{{ matrix_mautrix_whatsapp_identifier }}.service"
        state: absent
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
@ -10,6 +10,7 @@
    - {'name': 'matrix_mautrix_whatsapp_homeserver_address', when: true}
    - {'name': 'matrix_mautrix_whatsapp_homeserver_token', when: true}
    - {'name': 'matrix_mautrix_whatsapp_database_hostname', when: "{{ matrix_mautrix_whatsapp_database_engine == 'postgres' }}"}
+    - {'name': 'matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname', when: "{{ matrix_mautrix_whatsapp_container_labels_bridgev2_enabled }}"}

 - name: (Deprecation) Catch and report renamed settings
  ansible.builtin.fail:
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/labels.j2
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/labels.j2
@ -5,7 +5,8 @@ traefik.enable=true
 traefik.docker.network={{ matrix_mautrix_whatsapp_container_labels_traefik_docker_network }}
 {% endif %}

-traefik.http.services.matrix-mautrix-whatsapp-metrics.loadbalancer.server.port=8001
+traefik.http.services.{{ matrix_mautrix_whatsapp_identifier }}-appservice.loadbalancer.server.port=8080
+traefik.http.services.{{ matrix_mautrix_whatsapp_identifier }}-metrics.loadbalancer.server.port=8001

 {% if matrix_mautrix_whatsapp_container_labels_metrics_enabled %}
 ############################################################
@ -15,22 +16,22 @@ traefik.http.services.matrix-mautrix-whatsapp-metrics.loadbalancer.server.port=8
 ############################################################

 {% if matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_enabled %}
-traefik.http.middlewares.matrix-mautrix-whatsapp-metrics-basic-auth.basicauth.users={{ matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_users }}
-traefik.http.routers.matrix-mautrix-whatsapp-metrics.middlewares=matrix-mautrix-whatsapp-metrics-basic-auth
+traefik.http.middlewares.{{ matrix_mautrix_whatsapp_identifier }}-metrics-basic-auth.basicauth.users={{ matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_users }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-metrics.middlewares={{ matrix_mautrix_whatsapp_identifier }}-metrics-basic-auth
 {% endif %}

-traefik.http.routers.matrix-mautrix-whatsapp-metrics.rule={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_rule }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-metrics.rule={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_rule }}

 {% if matrix_mautrix_whatsapp_container_labels_metrics_traefik_priority | int > 0 %}
-traefik.http.routers.matrix-mautrix-whatsapp-metrics.priority={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_priority }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-metrics.priority={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_priority }}
 {% endif %}

-traefik.http.routers.matrix-mautrix-whatsapp-metrics.service=matrix-mautrix-whatsapp-metrics
-traefik.http.routers.matrix-mautrix-whatsapp-metrics.entrypoints={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_entrypoints }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-metrics.service={{ matrix_mautrix_whatsapp_identifier }}-metrics
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-metrics.entrypoints={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_entrypoints }}

-traefik.http.routers.matrix-mautrix-whatsapp-metrics.tls={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_tls | to_json }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-metrics.tls={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_tls | to_json }}
 {% if matrix_mautrix_whatsapp_container_labels_metrics_traefik_tls %}
-traefik.http.routers.matrix-mautrix-whatsapp-metrics.tls.certResolver={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_tls_certResolver }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-metrics.tls.certResolver={{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_tls_certResolver }}
 {% endif %}

 ############################################################
@ -40,6 +41,36 @@ traefik.http.routers.matrix-mautrix-whatsapp-metrics.tls.certResolver={{ matrix_
 ############################################################
 {% endif %}

+{% if matrix_mautrix_whatsapp_container_labels_bridgev2_enabled %}
+############################################################
+#                                                          #
+# Appservice Bridgev2 API                                  #
+#                                                          #
+############################################################
+
+traefik.http.middlewares.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2-stripprefix.stripprefix.prefixes={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_stripprefix }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.middlewares={{ matrix_mautrix_whatsapp_identifier }}-bridgev2-stripprefix
+
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.rule={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_rule }}
+
+{% if matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_priority | int > 0 %}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.priority={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_priority }}
+{% endif %}
+
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.service={{ matrix_mautrix_whatsapp_identifier }}-appservice
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.entrypoints={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_entrypoints }}
+
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.tls={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls | to_json }}
+{% if matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls %}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.tls.certResolver={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls_certResolver }}
+{% endif %}
+
+############################################################
+#                                                          #
+# /Appservice Bridgev2 API                                 #
+#                                                          #
+############################################################
+{% endif %}

 {% endif %}

--- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2
@ -13,12 +13,12 @@ DefaultDependencies=no
 [Service]
 Type=simple
 Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
-ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-whatsapp 2>/dev/null || true'
-ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true'
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_mautrix_whatsapp_identifier }} 2>/dev/null || true'
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_mautrix_whatsapp_identifier }} 2>/dev/null || true'

 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--rm \
-			--name=matrix-mautrix-whatsapp \
+			--name={{ matrix_mautrix_whatsapp_identifier }} \
 			--log-driver=none \
 			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
 			--cap-drop=ALL \
@ -34,16 +34,16 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			/usr/bin/mautrix-whatsapp -c /config/config.yaml -r /config/registration.yaml

 {% for network in matrix_mautrix_whatsapp_container_additional_networks %}
-ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-whatsapp
+ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} {{ matrix_mautrix_whatsapp_identifier }}
 {% endfor %}

-ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-whatsapp
+ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach {{ matrix_mautrix_whatsapp_identifier }}

-ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-whatsapp 2>/dev/null || true'
-ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-whatsapp 2>/dev/null || true'
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} {{ matrix_mautrix_whatsapp_identifier }} 2>/dev/null || true'
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm {{ matrix_mautrix_whatsapp_identifier }} 2>/dev/null || true'
 Restart=always
 RestartSec=30
-SyslogIdentifier=matrix-mautrix-whatsapp
+SyslogIdentifier={{ matrix_mautrix_whatsapp_identifier }}

 [Install]
 WantedBy=multi-user.target
--- a/roles/custom/matrix-static-files/defaults/main.yml
+++ b/roles/custom/matrix-static-files/defaults/main.yml
@ -349,6 +349,65 @@ matrix_static_files_file_matrix_support_configuration: "{{ matrix_static_files_f
 #                                                                      #
 ########################################################################

+########################################################################
+#                                                                      #
+# Related to /.well-known/matrix/mautrix                               #
+#                                                                      #
+########################################################################
+
+# Controls whether a `/.well-known/matrix/mautrix` file is generated and used at all.
+# For details about this file, see mautrix/manager auto-configuration section : https://github.com/mautrix/manager#auto-configuration
+#
+# This is not enabled by default, as for it to be useful, other information is necessary.
+# See `matrix_static_files_file_matrix_mautrix_property_fi_mau_bridges`, `matrix_static_files_file_matrix_mautrix_property_fi_mau_external_bridge_servers`, etc.
+matrix_static_files_file_matrix_mautrix_enabled: false
+
+# Controls the fi.mau.bridges property in the /.well-known/matrix/mautrix file
+# It indexes local bridges implementing the bridgev2 API
+# Example entry : https://bridges.example.com/signal
+matrix_static_files_file_matrix_mautrix_property_fi_mau_bridges: []
+
+# Controls the fi.mau.external_bridge_servers property in the /.well-known/matrix/mautrix file
+# It indexes remote servers with bridges implementing the bridgev2 API
+# Example entry : anotherserver.example.org
+matrix_static_files_file_matrix_mautrix_property_fi_mau_external_bridge_servers:
+  []
+
+# Default /.well-known/matrix/mautrix configuration template which covers the generic use case.
+# You can customize it by controlling the various variables inside it.
+#
+# For a more advanced customization, you can extend the default (see `matrix_static_files_file_matrix_mautrix_configuration_extension_json`)
+# or completely replace this variable with your own template.
+matrix_static_files_file_matrix_mautrix_configuration_json: "{{ lookup('template', 'templates/public/.well-known/matrix/mautrix.j2') }}"
+
+# Your custom JSON configuration for /.well-known/matrix/mautrix should go to `matrix_static_files_file_matrix_mautrix_configuration_extension_json`.
+# This configuration extends the default starting configuration (`matrix_static_files_file_matrix_mautrix_configuration_extension_json`).
+#
+# You can override individual variables from the default configuration, or introduce new ones.
+#
+# If you need something more special, you can take full control by
+# completely redefining `matrix_static_files_file_matrix_mautrix_configuration_json`.
+#
+# Example configuration extension follows:
+#
+# matrix_static_files_file_matrix_mautrix_configuration_extension_json: |
+#   {
+#     "m.another": "value",
+#     "m.yet_another": 3
+#   }
+matrix_static_files_file_matrix_mautrix_configuration_extension_json: "{}"
+
+matrix_static_files_file_matrix_mautrix_configuration_extension: "{{ matrix_static_files_file_matrix_mautrix_configuration_extension_json | from_json if matrix_static_files_file_matrix_mautrix_configuration_extension_json | from_json is mapping else {} }}"
+
+# Holds the final /.well-known/matrix/mautrix configuration (a combination of the default and its extension).
+# You most likely don't need to touch this variable. Instead, see `matrix_static_files_file_matrix_mautrix_configuration_json` or `matrix_static_files_file_matrix_mautrix_configuration_extension_json`.
+matrix_static_files_file_matrix_mautrix_configuration: "{{ matrix_static_files_file_matrix_mautrix_configuration_json | combine(matrix_static_files_file_matrix_mautrix_configuration_extension, recursive=True) }}"
+
+########################################################################
+#                                                                      #
+# /Related to /.well-known/matrix/mautrix                              #
+#                                                                      #
+########################################################################

 ########################################################################
 #                                                                      #
--- a/roles/custom/matrix-static-files/tasks/install.yml
+++ b/roles/custom/matrix-static-files/tasks/install.yml
@ -52,6 +52,10 @@
      dest: "{{ matrix_static_files_public_well_known_matrix_path }}/support"
      when: "{{ matrix_static_files_file_matrix_support_enabled }}"

+    - content: "{{ matrix_static_files_file_matrix_mautrix_configuration | to_nice_json }}"
+      dest: "{{ matrix_static_files_public_well_known_matrix_path }}/mautrix"
+      when: "{{ matrix_static_files_file_matrix_mautrix_enabled }}"
+
    # This one will not be deleted if `matrix_static_files_file_index_html_enabled` flips to `false`.
    # See the comment for `matrix_static_files_file_index_html_enabled` to learn why.
    - content: "{{ matrix_static_files_file_index_html_template }}"
@ -70,6 +74,12 @@
    state: absent
  when: "not matrix_static_files_file_matrix_support_enabled | bool"

+- name: Ensure /.well-known/matrix/mautrix file deleted if not enabled
+  ansible.builtin.file:
+    path: "{{ matrix_static_files_public_well_known_matrix_path }}/mautrix"
+    state: absent
+  when: "not matrix_static_files_file_matrix_mautrix_enabled | bool"
+
 - name: Ensure matrix-static-files container image is pulled
  community.docker.docker_image:
    name: "{{ matrix_static_files_container_image }}"
--- a/roles/custom/matrix-static-files/tasks/self_check_well_known.yml
+++ b/roles/custom/matrix-static-files/tasks/self_check_well_known.yml
@ -24,6 +24,21 @@
      ansible.builtin.set_fact:
        well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"

+- when: matrix_static_files_file_matrix_mautrix_enabled | bool
+  block:
+    - name: Prepare /.well-known/matrix/mautrix to well-known files to check, if enabled
+      ansible.builtin.set_fact:
+        well_known_file_check_matrix_mautrix:
+          path: /.well-known/matrix/mautrix
+          purpose: Mautrix bridge discovery
+          cors: true
+          follow_redirects: safe
+          validate_certs: "{{ matrix_static_files_self_check_validate_certificates }}"
+
+    - name: Inject /.well-known/matrix/mautrix to well-known files to check, if enabled
+      ansible.builtin.set_fact:
+        well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_mautrix] }}"
+
 - name: Perform well-known checks
  ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"
  with_items: "{{ well_known_file_checks }}"
--- a/roles/custom/matrix-static-files/templates/public/.well-known/matrix/mautrix.j2
+++ b/roles/custom/matrix-static-files/templates/public/.well-known/matrix/mautrix.j2
@ -0,0 +1,4 @@
+{
+  "fi.mau.bridges": {{ matrix_static_files_file_matrix_mautrix_property_fi_mau_bridges|to_json }},
+  "fi.mau.external_bridge_servers": {{ matrix_static_files_file_matrix_mautrix_property_fi_mau_external_bridge_servers|to_json }}
+}
Author	SHA1	Message	Date
ignyx	7b0e69f3b7	Merge 1e8d4c5ba05616248098f5fd76b8c6ddb163cd51 into fb82b4672301b27bc5da9a9d3b668e37cd17a487	2024-11-26 02:13:07 +09:00
Suguru Hirahara	fb82b46723	Update docs/README.md (#3822 ) * Update docs/README.md: add "installation guides" section Add the emoji to the link to quick-start.md only and not to full installation guide to emphasize the quick start guide Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: move a link to faq.md down Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: add "Maintenance" section Add a hint to join the support room under "Maintenance" header. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: create the "configuration options" section and add a note Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: sort list items Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: emphasize the anchor link to faq.md Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: add other anchor links to the "other documentation pages" section Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: add the emoji ℹ️ before the anchor link to faq.md Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: explanation about FAQ Remove the hint to check the installation guides as links to them are listed on top of this page. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/README.md: update text of the anchor link to docs/getting-the-playbook.md Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> --------- Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> Co-authored-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-25 18:18:11 +02:00
Slavi Pantaleev	bcd6798367	Merge pull request #3819 from luixxiul/fix Update docs/maintenance-upgrading-services.md: replace the list with sections	2024-11-25 13:57:36 +02:00
Suguru Hirahara	ad3534dd9e	Update docs/maintenance-upgrading-services.md: replace the list with sections Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-25 20:42:02 +09:00
Suguru Hirahara	9ed782fcfd	Update docs/quick-start.md (#3818 ) * Edit docs/quick-start.md: add recommended server specs Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/quick-start.md: fix an anchor link Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> --------- Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> Co-authored-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-25 10:22:20 +02:00
Suguru Hirahara	b940b85914	Edit docs/maintenance-migrating.md (#3816 ) * Edit docs/maintenance-migrating.md: replace the numbering list with sections for each item Also: add an ansible-playbook command with the stop tag as the main command to stop the Matrix services. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Edit docs/maintenance-migrating.md: move the note under the header Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/maintenance-migrating.md Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Edit docs/maintenance-migrating.md: add a section "checking if services work" The commit does not include the detail as having another similar section increases doubles effort to maintain them and increases possibility of causing discrepancy. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Edit docs/maintenance-migrating.md: add a note about joining the support room on Matrix Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Edit docs/maintenance-migrating.md: replace hosts with inventory/hosts Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Edit docs/maintenance-migrating.md: instruction to run ansible-playbook commands locally Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Edit docs/maintenance-migrating.md: edit the check section Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Update docs/maintenance-migrating.md Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update docs/maintenance-migrating.md: reflect the review and edit a note for creating a temporary account on another server Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> * Minor rewording in maintenance-migrating.md --------- Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org> Co-authored-by: Suguru Hirahara <acioustick@noreply.codeberg.org> Co-authored-by: Slavi Pantaleev <slavi@devture.com>	2024-11-25 10:03:18 +02:00
Slavi Pantaleev	5317ef61a5	Merge pull request #3817 from luixxiul/close-stale-issues Update .github/workflows/close-stale-issues.yml: edit stale messages and fix any-of-labels	2024-11-25 07:49:52 +02:00
Suguru Hirahara	204878709a	Update .github/workflows/close-stale-issues.yml: correct the stale message for PRs Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-25 14:01:56 +09:00
Suguru Hirahara	ea7ffa8929	Update .github/workflows/close-stale-issues.yml: edit stale messages and fix any-of-labels This is a follow-up to 5483925ee4ed40b6d4129e22b714dcf588a97520. Since any-of-issue/pr-labels overrides any-of-labels, the values specified by the latter need to be specified by the former. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-25 13:18:02 +09:00
Slavi Pantaleev	5483925ee4	Merge pull request #3813 from luixxiul/fix Update .github/workflows/close-stale-issues.yml: include PRs	2024-11-24 08:35:14 +02:00
Slavi Pantaleev	cb4770abb0	Merge pull request #3814 from spantaleev/renovate/docker-7.x Update dependency docker to v7.4.3	2024-11-24 08:20:01 +02:00
renovate[bot]	c8affda9db	Update dependency docker to v7.4.3	2024-11-23 20:04:02 +00:00
Suguru Hirahara	ce0036e396	Set operations-per-run to 100 https://github.com/spantaleev/matrix-docker-ansible-deploy/actions/runs/11987582115/job/33421900339?pr=3813 has performed 62 operations, and 100 should be sufficient for a while. Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-23 22:42:02 +09:00
Suguru Hirahara	77ef807c54	Update .github/workflows/close-stale-issues.yml: set ignore-pr-updates to true Without this option, stale counters for each PR keep restarting whenever any update occurs or a comment is added to them. Since the counters for PR are set to 365 days, ignore-pr-updates should help us to get rid of zombie PRs (which are kept open by bumps). Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-23 21:18:57 +09:00
Suguru Hirahara	94f15c451e	Update .github/workflows/close-stale-issues.yml: set exempt-assignees Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-23 21:18:34 +09:00
Suguru Hirahara	b979bfed9e	Update .github/workflows/close-stale-issues.yml: create issues/PRs section Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-23 21:18:15 +09:00
Suguru Hirahara	c1909001a1	Update .github/workflows/close-stale-issues.yml: include PRs Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>	2024-11-23 21:17:42 +09:00
Paul ALNET	1e8d4c5ba0	refactor: use identifier variable in mautrix-whatsapp role	2024-10-21 22:26:08 +02:00
Paul ALNET	74b9a47ddb	feat: support mautrix-whatsapp bridgev2 APIs	2024-10-21 21:53:54 +02:00
Paul ALNET	c5f263a9cd	feat: support mautrix-instagram bridgev2 APIs	2024-10-21 14:55:54 +02:00
ignyx	21ad191e9b	fix: wrong variable in mautrix-meta config validation Co-authored-by: Slavi Pantaleev <slavi@devture.com>	2024-10-20 21:48:47 +02:00
Paul ALNET	564b3cf169	feat: serve mautrix bridgev2 wellknown file	2024-10-20 21:41:08 +02:00
Paul ALNET	c57c9f68c0	fix: add missing path prefix for mautrix-manager compatibility	2024-10-16 11:13:30 +02:00
Paul ALNET	61851df37a	feat: support mautrix-messenger bridgev2 APIs	2024-10-07 15:56:31 +02:00