mirror/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2025-02-25 00:14:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
matrix-docker-ansible-deploy/roles/custom/matrix-user-verification-service/defaults/main.yml
Slavi Pantaleev d6bf789710 Remove matrix_container_global_registry_prefix variable 
This is done for a few reasons:

- less globals and more indepdendence for each role is better. We rely
  on various externally-hosted roles and they don't rely on this global
  either.

- `matrix_container_global_registry_prefix` could make people think they
  could just override this variable and have all their images pull from
  elsewhere. This is rarely the case, unless you've taken special care
  to mirror all the various components (from their respective
  registries) to your own. In such a case, you probably know what you're
  mirroring and can adjust individual variables.

- nowadays, various components live on different registries.
  With Docker Inc tightening rate limits for Docker Hub, it's even more
  likely that we'll see increased diversity in where images are hosted
2025-02-23 10:15:41 +02:00

80 lines
4.5 KiB
YAML
Raw Blame History

---
# matrix-user-verification-service - Service to verify details of a user based on an Open ID token
# Project source code URL: https://github.com/matrix-org/matrix-user-verification-service
# Set this to the display name for ansible used in Output e.g. fail_msg
matrix_user_verification_service_ansible_name: "Matrix User Verification Service"
# Enable by default. This is overwritten in provided group vars.
matrix_user_verification_service_enabled: true
matrix_user_verification_service_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_user_verification_service_container_image_self_build_repo: "https://github.com/matrix-org/matrix-user-verification-service"
matrix_user_verification_service_container_image_self_build_branch: "{{ 'master' if matrix_registration_version == 'latest' else matrix_user_verification_service_version }}"
# Fix version tag
# renovate: datasource=docker depName=matrixdotorg/matrix-user-verification-service
matrix_user_verification_service_version: "v3.0.0"
# Paths
matrix_user_verification_service_base_path: "{{ matrix_base_data_path }}/user-verification-service"
matrix_user_verification_service_config_path: "{{ matrix_user_verification_service_base_path }}/config"
matrix_user_verification_service_config_env_file: "{{ matrix_user_verification_service_config_path }}/.env"
matrix_user_verification_service_docker_src_files_path: "{{ matrix_user_verification_service_base_path }}/docker-src"
# Docker
matrix_user_verification_service_docker_image: "{{ matrix_user_verification_service_docker_image_registry_prefix }}matrixdotorg/matrix-user-verification-service:{{ matrix_user_verification_service_version }}"
matrix_user_verification_service_docker_image_registry_prefix: docker.io/
matrix_user_verification_service_docker_image_force_pull: "{{ matrix_user_verification_service_docker_image.endswith(':latest') }}"
# The base container network. It will be auto-created by this role if it doesn't exist already.
matrix_user_verification_service_container_network: ""
# A list of additional container networks that the container would be connected to.
# The role does not create these networks, so make sure they already exist.
# Use this to expose this container to another reverse proxy, which runs in a different container network.
matrix_user_verification_service_container_additional_networks: []
matrix_user_verification_service_container_name: "matrix-user-verification-service"
# This will be set in group vars
matrix_user_verification_service_container_http_host_bind_port: ''
matrix_user_verification_service_container_extra_arguments: []
# Systemd
matrix_user_verification_service_systemd_required_services_list: []
matrix_user_verification_service_systemd_wanted_services_list: []
matrix_user_verification_service_systemd_service_basename: "matrix-user-verification-service"
matrix_user_verification_service_systemd_service_name: "{{ matrix_user_verification_service_systemd_service_basename }}.service"
# Matrix User Verification Service Configuration
## REQUIRED
# Homeserver client API admin token (synapse only)- Required for the service to verify room membership
matrix_user_verification_service_uvs_access_token: ''
# homeserver client api url
matrix_user_verification_service_uvs_homeserver_url: ""
# disable check for non private ip range of homeserver. e.g. set to `true` if your homeserver domain resolves to a private ip.
matrix_user_verification_service_uvs_disable_ip_blacklist: false
## OPTIONAL
# Require an Auth-Token with API calls. If set to false, UVS will reply to any API call.
# The Auth-Token is defined via: matrix_user_verification_service_uvs_auth_token
matrix_user_verification_service_uvs_require_auth: true
# Auth token to protect the API
# If enabled any calls to the provided API endpoints need have the header "Authorization: Bearer TOKEN".
# A Token will be derived from matrix_homeserver_generic_secret_key in group_vars/matrix_servers
matrix_user_verification_service_uvs_auth_token: ''
# Pin UVS to only check openId Tokens for the matrix_server_name configured by this playbook.
matrix_user_verification_service_uvs_pin_openid_verify_server_name: true
# Matrix server name to verify OpenID tokens against.
# This is not the homeserverURL, but rather the domain in the Matrix "user ID"
# UVS can also be instructed to verify against the Matrix server name passed in the token, to enable set to ""
matrix_user_verification_service_uvs_openid_verify_server_name: "{{ matrix_domain }}"
# Log level
# See choices here: https://github.com/winstonjs/winston#logging-levels
matrix_user_verification_service_uvs_log_level: info
Reference in New Issue View Git Blame Copy Permalink