From 09d9db561718aa8a8d60f2ebaaae56e2acb52df7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 18 Jun 2024 15:40:07 +0300 Subject: [PATCH] Add variables for controlling the native auto-accept-invites Synapse feature Related to https://github.com/element-hq/synapse/pull/17147 --- ...ing-playbook-synapse-auto-accept-invite.md | 31 ++++++++++++++++--- roles/custom/matrix-synapse/defaults/main.yml | 25 +++++++++++++++ .../matrix-synapse/tasks/validate_config.yml | 12 +++++++ .../templates/synapse/homeserver.yaml.j2 | 8 ++++- 4 files changed, 71 insertions(+), 5 deletions(-) diff --git a/docs/configuring-playbook-synapse-auto-accept-invite.md b/docs/configuring-playbook-synapse-auto-accept-invite.md index ccc4b0c33..e380d4f93 100644 --- a/docs/configuring-playbook-synapse-auto-accept-invite.md +++ b/docs/configuring-playbook-synapse-auto-accept-invite.md @@ -5,7 +5,12 @@ The playbook can install and configure [synapse-auto-invite-accept](https://gith See that project's [documentation](https://github.com/matrix-org/synapse-auto-accept-invite) to learn what it does and why it might be useful to you. In short, it automatically accepts room invites. You can specify that only 1:1 room invites are auto-accepted. Defaults to false if not specified. -If you decide that you'd like to let this playbook install it for you, you need a configuration like this: +**NOTE**: Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the same feature [has been merged](https://github.com/element-hq/synapse/pull/17147) into Synapse (see the [Native alternative](#native-alternative) section below). You'd better use the native feature, instead of the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module. + + +## Configuration + +If you decide that you'd like to let this playbook install the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite module for you, you need a configuration like this: ```yaml matrix_synapse_ext_synapse_auto_accept_invite_enabled: true @@ -13,12 +18,30 @@ matrix_synapse_ext_synapse_auto_accept_invite_enabled: true matrix_synapse_ext_synapse_auto_accept_invite_accept_invites_only_direct_messages: true ``` -## Synapse worker deployments +### Synapse worker deployments -In a [workerized Synapse deployment](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/c9a842147e09647c355799ca024d65a5de66b099/docs/configuring-playbook-synapse.md#load-balancing-with-workers) it is possible to run this module on a worker to reduce the load on the main process (Default is 'null'). For example add this to your configuration: +In a [workerized Synapse deployment](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/c9a842147e09647c355799ca024d65a5de66b099/docs/configuring-playbook-synapse.md#load-balancing-with-workers) it is possible to run this module on a worker to reduce the load on the main process (Default is `null`). For example, add this to your configuration: ```yaml matrix_synapse_ext_synapse_auto_accept_invite_worker_to_run_on: 'matrix-synapse-worker-generic-0' ``` -There might be an [issue with federation](https://github.com/matrix-org/synapse-auto-accept-invite/issues/18). \ No newline at end of file +There might be an [issue with federation](https://github.com/matrix-org/synapse-auto-accept-invite/issues/18). + + +## Native alternative + +Since Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the functionality provided by the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module [has been made](https://github.com/element-hq/synapse/pull/17147) part of Synapse. + +Here's example configuration for using the **native** Synapse feature: + +```yml +matrix_synapse_auto_accept_invites_enabled: true + +# Default settings below. Uncomment and adjust if necessary. +# matrix_synapse_auto_accept_invites_only_for_direct_messages: false +# matrix_synapse_auto_accept_invites_only_from_local_users: false + +# If workers are enabled, you may delegate usage to a specific worker. +# matrix_synapse_auto_accept_invites_worker_to_run_on: 'matrix-synapse-worker-generic-0' +``` diff --git a/roles/custom/matrix-synapse/defaults/main.yml b/roles/custom/matrix-synapse/defaults/main.yml index 99249e077..4c8465077 100644 --- a/roles/custom/matrix-synapse/defaults/main.yml +++ b/roles/custom/matrix-synapse/defaults/main.yml @@ -543,6 +543,27 @@ matrix_synapse_auto_join_rooms: [] # automatically if they don't already exist. matrix_synapse_autocreate_auto_join_rooms: true +# Controls whether room invites will be accepted on behalf of users. +# See: https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#auto-accept-invites +# This should not be used together with the `synapse_auto_accept_invite` module (see `matrix_synapse_ext_synapse_auto_accept_invite_enabled`). +# Also see: +# - `matrix_synapse_auto_accept_invites_only_for_direct_messages` +# - `matrix_synapse_auto_accept_invites_only_from_local_users` +# - `matrix_synapse_auto_accept_invites_worker_to_run_on` +matrix_synapse_auto_accept_invites_enabled: false + +# Controls whether auto-invite acceptance should only be done for direct messages. +# Related to: `matrix_synapse_auto_accept_invites_enabled` +matrix_synapse_auto_accept_invites_only_for_direct_messages: false + +# Controls whether auto-invite acceptance should only be done when the invitatio nis coming from a local user. +# Related to: `matrix_synapse_auto_accept_invites_enabled` +matrix_synapse_auto_accept_invites_only_from_local_users: false + +# When Synapse workers enabled it is possible (but not required) to assign a worker to run the auto-accept-invites feature on (null = main process). +# Related to: `matrix_synapse_auto_accept_invites_enabled` +matrix_synapse_auto_accept_invites_worker_to_run_on: null + # Controls whether password authentication is allowed # It may be useful when you've configured OAuth, SAML or CAS and want authentication # to happen only through them @@ -1228,6 +1249,10 @@ matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count: 0 matrix_synapse_ext_synapse_s3_storage_provider_periodic_migration_schedule: '*-*-* 05:00:00' # Synapse module to automatically accept room invites. +# +# Since Synapse v1.109.0 (https://github.com/element-hq/synapse/pull/17147), +# this functionality has been merged into Synapse. See `matrix_synapse_auto_accept_invites_enabled`. +# # See: https://github.com/matrix-org/synapse-auto-accept-invite # Installing it requires building a customized Docker image for Synapse (see `matrix_synapse_container_image_customizations_enabled`). # Enabling this will enable customizations and inject the appropriate Dockerfile clauses for installing synapse-auto-accept-invite. diff --git a/roles/custom/matrix-synapse/tasks/validate_config.yml b/roles/custom/matrix-synapse/tasks/validate_config.yml index d29a70b1d..4a3727733 100644 --- a/roles/custom/matrix-synapse/tasks/validate_config.yml +++ b/roles/custom/matrix-synapse/tasks/validate_config.yml @@ -121,3 +121,15 @@ when: "matrix_synapse_container_image_customizations_templates_git_repository_keyscan_enabled | bool and vars[item] == ''" with_items: - matrix_synapse_container_image_customizations_templates_git_repository_keyscan_hostname + + +- name: Fail when auto-accept-invite enabled as a native feature and a module at the same time + ansible.builtin.fail: + msg: >- + Your configuration enables the auto-accept invites feature both as a native Synapse feature (`matrix_synapse_auto_accept_invites_enabled`) and a 3rd party module (`matrix_synapse_ext_synapse_auto_accept_invite_enabled`). + This is unnecessary, since they both do the same and the native feature is built on top of the 3rd party module anyway. + Enabling both at the same time will lead to issues. + We recommend leaving `matrix_synapse_auto_accept_invites_enabled` in your configuration and removing `matrix_synapse_ext_synapse_auto_accept_invite_enabled`. + when: + - matrix_synapse_auto_accept_invites_enabled + - matrix_synapse_ext_synapse_auto_accept_invite_enabled diff --git a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 7193f9529..dc9970ec9 100644 --- a/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1550,6 +1550,12 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json # #auto_join_rooms_for_guests: false +auto_accept_invites: + enabled: {{ matrix_synapse_auto_accept_invites_enabled | to_json }} + only_for_direct_messages: {{ matrix_synapse_auto_accept_invites_only_for_direct_messages | to_json }} + only_from_local_users: {{ matrix_synapse_auto_accept_invites_only_from_local_users | to_json }} + worker_to_run_on: {{ matrix_synapse_auto_accept_invites_worker_to_run_on | to_json }} + # Whether to inhibit errors raised when registering a new account if the user ID # already exists. If turned on, that requests to /register/available will always # show a user ID as available, and Synapse won't raise an error when starting @@ -1565,7 +1571,7 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json # Enable collection and rendering of performance metrics # -enable_metrics: {{ matrix_synapse_metrics_enabled|to_json }} +enable_metrics: {{ matrix_synapse_metrics_enabled|to_json }} # Enable sentry integration # NOTE: While attempts are made to ensure that the logs don't contain