mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-11-14 06:22:51 +01:00
00ec22688a
Looks like we may not have to do this, since 1.4.2 fixes edge cases for people who used the broken 1.4.0 release. We jumped straight to 1.4.1, so maybe we're okay. Still, upgrading anyway, just in case.
158 lines
6.8 KiB
YAML
158 lines
6.8 KiB
YAML
matrix_mxisd_enabled: true
|
|
|
|
matrix_mxisd_docker_image: "kamax/mxisd:1.4.2"
|
|
matrix_mxisd_base_path: "{{ matrix_base_data_path }}/mxisd"
|
|
matrix_mxisd_config_path: "{{ matrix_mxisd_base_path }}/config"
|
|
matrix_mxisd_data_path: "{{ matrix_mxisd_base_path }}/data"
|
|
|
|
# Controls whether the mxisd web server's port (`8090`) is exposed outside of the container.
|
|
matrix_mxisd_container_expose_port: false
|
|
|
|
# List of systemd services that matrix-mxisd.service depends on
|
|
matrix_mxisd_systemd_required_services_list: ['docker.service']
|
|
|
|
# List of systemd services that matrix-mxisd.service wants
|
|
matrix_mxisd_systemd_wanted_services_list: []
|
|
|
|
# Your identity server is private by default.
|
|
# To ensure maximum discovery, you can make your identity server
|
|
# also forward lookups to the central matrix.org Identity server
|
|
# (at the cost of potentially leaking all your contacts information).
|
|
# Enabling this is discouraged. Learn more here: https://github.com/kamax-io/mxisd/blob/master/docs/features/identity.md#lookups
|
|
matrix_mxisd_matrixorg_forwarding_enabled: false
|
|
|
|
# mxisd has serveral supported identity stores.
|
|
# One of them is storing identities directly in Synapse's database.
|
|
# Learn more here: https://github.com/kamax-matrix/mxisd/blob/master/docs/stores/synapse.md
|
|
matrix_mxisd_synapsesql_enabled: false
|
|
matrix_mxisd_synapsesql_type: ""
|
|
matrix_mxisd_synapsesql_connection: ""
|
|
|
|
# Setting up email-sending settings is required for using mxisd.
|
|
matrix_mxisd_threepid_medium_email_identity_from: "matrix@{{ matrix_domain }}"
|
|
matrix_mxisd_threepid_medium_email_connectors_smtp_host: ""
|
|
matrix_mxisd_threepid_medium_email_connectors_smtp_port: 587
|
|
matrix_mxisd_threepid_medium_email_connectors_smtp_tls: 1
|
|
matrix_mxisd_threepid_medium_email_connectors_smtp_login: ""
|
|
matrix_mxisd_threepid_medium_email_connectors_smtp_password: ""
|
|
|
|
# DNS overwrites are useful for telling mxisd how it can reach the homeserver directly.
|
|
# Useful when reverse-proxying certain URLs (e.g. `/_matrix/client/r0/user_directory/search`) to mxisd,
|
|
# so that mxisd can rewrite the original URL to one that would reach the homeserver.
|
|
matrix_mxisd_dns_overwrite_enabled: false
|
|
matrix_mxisd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix }}"
|
|
matrix_mxisd_dns_overwrite_homeserver_client_value: "http://matrix-synapse:8008"
|
|
|
|
# Override the default email templates
|
|
# To use this, fill in the template variables with the full desired template as a multi-line YAML variable
|
|
#
|
|
# More info:
|
|
# https://github.com/kamax-matrix/mxisd/blob/master/docs/threepids/notification/template-generator.md
|
|
# https://github.com/kamax-matrix/mxisd/tree/master/src/main/resources/threepids/email
|
|
matrix_mxisd_threepid_medium_email_custom_templates_enabled: false
|
|
matrix_mxisd_threepid_medium_email_custom_invite_template: ""
|
|
matrix_mxisd_threepid_medium_email_custom_session_validation_template: ""
|
|
matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template: ""
|
|
matrix_mxisd_threepid_medium_email_custom_matrixid_template: ""
|
|
|
|
# Controls whether the self-check feature should validate SSL certificates.
|
|
matrix_mxisd_self_check_validate_certificates: true
|
|
|
|
# Default mxisd configuration template which covers the generic use case.
|
|
# You can customize it by controlling the various variables inside it.
|
|
#
|
|
# For a more advanced customization, you can extend the default (see `matrix_mxisd_configuration_extension_yaml`)
|
|
# or completely replace this variable with your own template.
|
|
matrix_mxisd_configuration_yaml: |
|
|
matrix:
|
|
domain: {{ matrix_domain }}
|
|
|
|
server:
|
|
name: {{ matrix_server_fqn_matrix }}
|
|
|
|
key:
|
|
path: /var/mxisd/sign.key
|
|
|
|
storage:
|
|
provider:
|
|
sqlite:
|
|
database: /var/mxisd/mxisd.db
|
|
|
|
{% if matrix_mxisd_dns_overwrite_enabled %}
|
|
dns:
|
|
overwrite:
|
|
homeserver:
|
|
client:
|
|
- name: {{ matrix_mxisd_dns_overwrite_homeserver_client_name }}
|
|
value: {{ matrix_mxisd_dns_overwrite_homeserver_client_value }}
|
|
{% endif %}
|
|
|
|
{% if matrix_mxisd_matrixorg_forwarding_enabled %}
|
|
forward:
|
|
servers: ['matrix-org']
|
|
{% endif %}
|
|
|
|
threepid:
|
|
medium:
|
|
email:
|
|
identity:
|
|
from: {{ matrix_mxisd_threepid_medium_email_identity_from }}
|
|
connectors:
|
|
smtp:
|
|
host: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_host }}
|
|
port: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_port }}
|
|
tls: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_tls }}
|
|
login: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_login }}
|
|
password: {{ matrix_mxisd_threepid_medium_email_connectors_smtp_password }}
|
|
{% if matrix_mxisd_threepid_medium_email_custom_templates_enabled %}
|
|
generators:
|
|
template:
|
|
{% if matrix_mxisd_threepid_medium_email_custom_invite_template %}
|
|
invite: '/var/mxisd/invite-template.eml'
|
|
{% endif %}
|
|
{% if matrix_mxisd_threepid_medium_email_custom_session_validation_template or matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template %}
|
|
session:
|
|
{% if matrix_mxisd_threepid_medium_email_custom_session_validation_template %}
|
|
validation: '/var/mxisd/validate-template.eml'
|
|
{% endif %}
|
|
{% if matrix_mxisd_threepid_medium_email_custom_unbind_fraudulent_template %}
|
|
unbind:
|
|
frandulent: '/var/mxisd/unbind-fraudulent.eml'
|
|
{% endif %}
|
|
{% endif %}
|
|
{% if matrix_mxisd_threepid_medium_email_custom_matrixid_template %}
|
|
generic:
|
|
matrixId: '/var/mxisd/mxid-template.eml'
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
synapseSql:
|
|
enabled: {{ matrix_mxisd_synapsesql_enabled }}
|
|
type: {{ matrix_mxisd_synapsesql_type }}
|
|
connection: {{ matrix_mxisd_synapsesql_connection }}
|
|
|
|
matrix_mxisd_configuration_extension_yaml: |
|
|
# Your custom YAML configuration for mxisd goes here.
|
|
# This configuration extends the default starting configuration (`matrix_mxisd_configuration_yaml`).
|
|
#
|
|
# You can override individual variables from the default configuration, or introduce new ones.
|
|
#
|
|
# If you need something more special, you can take full control by
|
|
# completely redefining `matrix_mxisd_configuration_yaml`.
|
|
#
|
|
# Example configuration extension follows:
|
|
#
|
|
# ldap:
|
|
# enabled: true
|
|
# connection:
|
|
# host: ldapHostnameOrIp
|
|
# tls: false
|
|
# port: 389
|
|
# baseDns: ['OU=Users,DC=example,DC=org']
|
|
# bindDn: CN=My Mxisd User,OU=Users,DC=example,DC=org
|
|
# bindPassword: TheUserPassword
|
|
|
|
# Holds the final mxisd configuration (a combination of the default and its extension).
|
|
# You most likely don't need to touch this variable. Instead, see `matrix_mxisd_configuration_yaml`.
|
|
matrix_mxisd_configuration: "{{ matrix_mxisd_configuration_yaml|from_yaml|combine(matrix_mxisd_configuration_extension, recursive=True) }}"
|