matrix-docker-ansible-deploy/roles/custom/matrix-bot-draupnir/defaults/main.yml

---
# A moderation tool for Matrix
# Project source code URL: https://github.com/the-draupnir-project/Draupnir

matrix_bot_draupnir_enabled: true

# renovate: datasource=docker depName=gnuxie/draupnir
matrix_bot_draupnir_version: "v2.0.1"

matrix_bot_draupnir_container_image_self_build: false
matrix_bot_draupnir_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"

matrix_bot_draupnir_docker_image: "{{ matrix_bot_draupnir_docker_image_name_prefix }}gnuxie/draupnir:{{ matrix_bot_draupnir_version }}"
matrix_bot_draupnir_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_draupnir_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_bot_draupnir_docker_image_force_pull: "{{ matrix_bot_draupnir_docker_image.endswith(':latest') }}"

matrix_bot_draupnir_base_path: "{{ matrix_base_data_path }}/draupnir"
matrix_bot_draupnir_config_path: "{{ matrix_bot_draupnir_base_path }}/config"
matrix_bot_draupnir_data_path: "{{ matrix_bot_draupnir_base_path }}/data"
matrix_bot_draupnir_docker_src_files_path: "{{ matrix_bot_draupnir_base_path }}/docker-src"

matrix_bot_draupnir_abuse_reporting_enabled: false
matrix_bot_draupnir_web_enabled: "{{ matrix_bot_draupnir_abuse_reporting_enabled }}"
matrix_bot_draupnir_display_reports: "{{ matrix_bot_draupnir_abuse_reporting_enabled }}"

matrix_bot_draupnir_container_network: ""

matrix_bot_draupnir_container_additional_networks: "{{ matrix_bot_draupnir_container_additional_networks_auto + matrix_bot_draupnir_container_additional_networks_custom }}"
matrix_bot_draupnir_container_additional_networks_auto: []
matrix_bot_draupnir_container_additional_networks_custom: []

# Controls whether the matrix-bot-draupnir container exposes its HTTP port (tcp/80 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8766"), or empty string to not expose.
matrix_bot_draupnir_container_http_host_bind_port: ''

# A list of extra arguments to pass to the container
matrix_bot_draupnir_container_extra_arguments: []

# List of systemd services that matrix-bot-draupnir.service depends on
matrix_bot_draupnir_systemd_required_services_list: "{{ matrix_bot_draupnir_systemd_required_services_list_default + matrix_bot_draupnir_systemd_required_services_list_auto + matrix_bot_draupnir_systemd_required_services_list_custom }}"
matrix_bot_draupnir_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_bot_draupnir_systemd_required_services_list_auto: []
matrix_bot_draupnir_systemd_required_services_list_custom: []

# List of systemd services that matrix-bot-draupnir.service wants
matrix_bot_draupnir_systemd_wanted_services_list: []

# Whether Draupnir should talk to the homeserver through Pantalaimon
# If true, then other variables must be provided including pointing
# `matrix_bot_draupnir_homeserver_url` to the Pantalaimon URL.
#
# The upstream project discourages enabling this option, because it is
# known that running Draupnir along with Pantalaimon breaks all workflows that involve
# answering prompts with reactions. (Hint: a lot of workflows rely on them.)
matrix_bot_draupnir_pantalaimon_use: false

# If you choose to accept the risks of using Pantalaimon in your installation
# against the upstream advice, you can enable this to disable the warning about it.
matrix_bot_draupnir_pantalaimon_breakage_ignore: false

# Tells the bot if it should use its native E2EE support in the form of experimental Rust Crypto in the bot SDK.
# This option is mutually exclusive with `matrix_bot_draupnir_pantalaimon_use`.
# Rust Crypto requires a clean access token that has not touched E2EE so curl is recommended as a method to obtain it.
matrix_bot_draupnir_enable_experimental_rust_crypto: false

# The access token for the bot user. Required if Pantalaimon is NOT used.
# (Otherwise provide `matrix_bot_draupnir_pantalaimon_username` and `matrix_bot_draupnir_pantalaimon_password` instead.)
matrix_bot_draupnir_access_token: ""

# Username and password for the bot. Required if Pantalaimon is used.
# (Otherwise provide `matrix_bot_draupnir_access_token` instead.)
matrix_bot_draupnir_pantalaimon_username: ""
matrix_bot_draupnir_pantalaimon_password: ""

# Username and password the bot uses for logging in directly. If Pantalaimon is used,
# these values become the values of `matrix_bot_draupnir_pantalaimon_username` and `matrix_bot_draupnir_pantalaimon_password`
matrix_bot_draupnir_login: "{{ matrix_bot_draupnir_pantalaimon_username if matrix_bot_draupnir_pantalaimon_use == 'true' else 'bot.draupnir' }}"
matrix_bot_draupnir_password: "{{ matrix_bot_draupnir_pantalaimon_password }}"

# Controls if we activate the config block for Pantalaimon for now. Its name will
# probably be changed for our usecase due to Draupnir's push to scrub Pantalaimon from the codebase.
matrix_bot_draupnir_login_native: ""

# The room ID where people can use the bot. The bot has no access controls, so
# anyone in this room can use the bot - secure your room!
# This should be a room alias or room ID - not a matrix.to URL.
# Note: Draupnir is fairly verbose - expect a lot of messages from it.
matrix_bot_draupnir_management_room: ""

# Endpoint URL that Draupnir uses to interact with the Matrix homeserver (client-server API).
# Set this to the Pantalaimon URL if you're using that.
matrix_bot_draupnir_homeserver_url: ""

# Endpoint URL that Draupnir could use to fetch events related to reports (client-server API and /_synapse/).
# Only set this to the public-internet homeserver client API URL. Do NOT set this to the Pantalaimon URL.
matrix_bot_draupnir_raw_homeserver_url: ""

# Disable Server ACL is used if you do not want to give the bot the right to apply Server ACLs in rooms without complaints from the bot.
# This setting is described the following way in the configuration.
#
# Whether or not Draupnir should apply `m.room.server_acl` events.
# DO NOT change this to `true` unless you are very confident that you know what you are doing.
# It is recommended to consult with people from the upstream project beforehand.
#
# It is exposed here because it is common enough to be valid to expose.
matrix_bot_draupnir_disable_server_acl: "false"

# Controls if the room state backing store is activated.
# Room state backing store makes restarts of the bot lightning fast as the bot does not suffer from amnesia.
# This config option has diminished improvements for bots on extremely fast homeservers or very very small bots on fast homeservers.
matrix_bot_draupnir_enable_room_state_backing_store: "true"

# Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_bot_draupnir_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_bot_draupnir_configuration_yaml: "{{ lookup('template', 'templates/production.yaml.j2') }}"

matrix_bot_draupnir_configuration_extension_yaml: |
  # Your custom YAML configuration goes here.
  # This configuration extends the default starting configuration (`matrix_bot_draupnir_configuration_yaml`).
  #
  # You can override individual variables from the default configuration, or introduce new ones.
  #
  # If you need something more special, you can take full control by
  # completely redefining `matrix_bot_draupnir_configuration_yaml`.

matrix_bot_draupnir_configuration_extension: "{{ matrix_bot_draupnir_configuration_extension_yaml | from_yaml if matrix_bot_draupnir_configuration_extension_yaml | from_yaml is mapping else {} }}"

# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_bot_draupnir_configuration_yaml`.
matrix_bot_draupnir_configuration: "{{ matrix_bot_draupnir_configuration_yaml | from_yaml | combine(matrix_bot_draupnir_configuration_extension, recursive=True) }}"

# Controls whether labels will be added that redirect the /_matrix/client/../rooms/../report paths to Draupnir
# Following these recommendations (https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md), by default, we don't.
# Regardless of whether this is enabled, it may or may not take effect due to the value of other variables.
# See `matrix_synapse_container_labels_traefik_enabled` or `matrix_synapse_container_labels_matrix_related_labels_enabled`
matrix_bot_draupnir_container_labels_traefik_enabled: false
matrix_bot_draupnir_container_labels_traefik_docker_network: "{{ matrix_draupnir_bot_container_network }}"
matrix_bot_draupnir_container_labels_traefik_hostname: "{{ matrix_synapse_container_labels_traefik_hostname }}"
matrix_bot_draupnir_container_labels_traefik_path_regexp: "^/_matrix/client/(r0|v3)/rooms/([^/]*)/report/"
matrix_bot_draupnir_container_labels_traefik_rule: "Host(`{{ matrix_bot_draupnir_container_labels_traefik_hostname }}`) && PathRegexp(`{{ matrix_bot_draupnir_container_labels_traefik_path_regexp }}`)"
matrix_bot_draupnir_container_labels_traefik_priority: 0
matrix_bot_draupnir_container_labels_traefik_entrypoints: "{{ matrix_synapse_container_labels_traefik_entrypoints }}"
matrix_bot_draupnir_container_labels_traefik_tls: "{{ matrix_bot_draupnir_container_labels_traefik_entrypoints != 'web' }}"
matrix_bot_draupnir_container_labels_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}"  # noqa var-naming
# matrix_bot_draupnir_container_labels_traefik_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_bot_draupnir_container_labels_traefik_labels_additional_labels: |
#   my.label=1
#   another.label="here"
matrix_bot_draupnir_container_labels_traefik_labels_additional_labels: ''