From 177ac8caa19fd80772bdaec38cedd14e39543f38 Mon Sep 17 00:00:00 2001 From: Catalan Lover Date: Mon, 20 Jan 2025 14:39:40 +0100 Subject: [PATCH] Replace old warnings with Github Markdown Warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I executed a Search for `⚠️ **Warning**:` and replaced it with ``` > [!WARNING] > ``` I also capitalised the first letter where missing. Draupnir Docs have been excluded from this Commit as to not cause a separate PR im working on for the Draupnir docs to have potential merge conflicts and im making said change in that document too. --- docs/configuring-playbook-alertmanager-receiver.md | 3 ++- docs/configuring-playbook-appservice-draupnir-for-all.md | 3 ++- docs/configuring-playbook-bot-chatgpt.md | 3 ++- docs/configuring-playbook-bot-go-neb.md | 3 ++- docs/configuring-playbook-bot-maubot.md | 3 ++- docs/configuring-playbook-bot-mjolnir.md | 6 ++++-- docs/configuring-playbook-bridge-appservice-kakaotalk.md | 3 ++- docs/configuring-playbook-dimension.md | 3 ++- docs/configuring-playbook-email.md | 3 ++- docs/configuring-playbook-email2matrix.md | 3 ++- docs/configuring-playbook-jitsi.md | 6 ++++-- docs/configuring-playbook-matrix-corporal.md | 3 ++- docs/configuring-playbook-synapse-admin.md | 3 ++- docs/configuring-playbook-traefik.md | 6 ++++-- docs/configuring-playbook-user-verification-service.md | 3 ++- docs/installing.md | 3 ++- docs/maintenance-synapse.md | 3 ++- docs/obtaining-access-tokens.md | 3 ++- docs/registering-users.md | 9 ++++++--- 19 files changed, 48 insertions(+), 24 deletions(-) diff --git a/docs/configuring-playbook-alertmanager-receiver.md b/docs/configuring-playbook-alertmanager-receiver.md index 8a0b8776b..2184821fb 100644 --- a/docs/configuring-playbook-alertmanager-receiver.md +++ b/docs/configuring-playbook-alertmanager-receiver.md @@ -26,7 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.alertma The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ### Join to rooms as the bot manually diff --git a/docs/configuring-playbook-appservice-draupnir-for-all.md b/docs/configuring-playbook-appservice-draupnir-for-all.md index d3e4741b2..ee5c11700 100644 --- a/docs/configuring-playbook-appservice-draupnir-for-all.md +++ b/docs/configuring-playbook-appservice-draupnir-for-all.md @@ -28,7 +28,8 @@ The management room has to be given an alias, and your bot has to be invited to This management room is used to control who has access to your D4A deployment. The room stores this data inside of the control room state so your bot must have sufficient powerlevel to send custom state events. This is default 50 or moderator as Element clients call this powerlevel. -⚠️ **Warning**: anyone in this room can control the bot so it is important that you only invite trusted users to this room. +> [!WARNING] +> Anyone in this room can control the bot so it is important that you only invite trusted users to this room. ## Adjusting the playbook configuration diff --git a/docs/configuring-playbook-bot-chatgpt.md b/docs/configuring-playbook-bot-chatgpt.md index 3ed5ef729..d29e6855d 100644 --- a/docs/configuring-playbook-bot-chatgpt.md +++ b/docs/configuring-playbook-bot-chatgpt.md @@ -28,7 +28,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.chatgpt The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. To make sure the bot can read encrypted messages, it will need an encryption key, just like any other new user. While obtaining the access token, follow the prompts to setup a backup key. More information can be found in the [Element documentation](https://element.io/help#encryption6). diff --git a/docs/configuring-playbook-bot-go-neb.md b/docs/configuring-playbook-bot-go-neb.md index cd6e875cd..ff428c3e1 100644 --- a/docs/configuring-playbook-bot-go-neb.md +++ b/docs/configuring-playbook-bot-go-neb.md @@ -26,7 +26,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.go-neb The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ## Adjusting DNS records diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 0436de588..be267b326 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -100,4 +100,5 @@ This can be done via `mbc login` then `mbc auth` (see the [maubot documentation] Alternatively, you can refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). Be aware that you'd better use the **Obtain an access token via curl** method (not **Obtain an access token via Element Web**) as the latter will causes issues to your bot in encrypted rooms. Read [more](https://docs.mau.fi/maubot/usage/basic.html#creating-clients). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. diff --git a/docs/configuring-playbook-bot-mjolnir.md b/docs/configuring-playbook-bot-mjolnir.md index 87a8f85dc..9e40ceb04 100644 --- a/docs/configuring-playbook-bot-mjolnir.md +++ b/docs/configuring-playbook-bot-mjolnir.md @@ -24,7 +24,8 @@ If you would like Mjolnir to be able to deactivate users, move aliases, shutdown The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ### Make sure the account is free from rate limiting @@ -54,7 +55,8 @@ You can obtain an access token for a homeserver admin account in the same way as Using your own account, create a new invite only room that you will use to manage the bot. This is the room where you will see the status of the bot and where you will send commands to the bot, such as the command to ban a user from another room. -⚠️ **Warning**: anyone in this room can control the bot so it is important that you only invite trusted users to this room. +> [!WARNING] +> Anyone in this room can control the bot so it is important that you only invite trusted users to this room. It is possible to make the management room encrypted (E2EE). If doing so, then you MUST enable and use Pantalaimon (see [below](#configuration-with-e2ee-support)). diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md index af0955273..9b029e194 100644 --- a/docs/configuring-playbook-bridge-appservice-kakaotalk.md +++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md @@ -4,7 +4,8 @@ The playbook can install and configure [matrix-appservice-kakaotalk](https://src See the project's [documentation](https://src.miscworks.net/fair/matrix-appservice-kakaotalk/src/branch/master/README.md) to learn what it does and why it might be useful to you. -⚠️ **Warning**: there have been recent reports (~2022-09-16) that **using this bridge may get your account banned**. +> [!WARNING] +> There have been recent reports (~2022-09-16) that **using this bridge may get your account banned**. ## Prerequisite (optional) diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index 7d1c0ce3f..71d5b9c0d 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -34,7 +34,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=dimension p Dimension requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ## Adjusting DNS records diff --git a/docs/configuring-playbook-email.md b/docs/configuring-playbook-email.md index b10dd8224..85fa6e37a 100644 --- a/docs/configuring-playbook-email.md +++ b/docs/configuring-playbook-email.md @@ -6,7 +6,8 @@ The email server would attempt to deliver emails directly to their final destina By default, emails are sent from `matrix@matrix.example.com`, as specified by the `exim_relay_sender_address` playbook variable. -⚠️ **Warning**: On some cloud providers (Google Cloud, etc.), [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so sending email directly from your server is not possible. You will need to [relay email through another SMTP server](#relaying-email-through-another-smtp-server). +> [!WARNING] +> On some cloud providers (Google Cloud, etc.), [port 25 is always blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/), so sending email directly from your server is not possible. You will need to [relay email through another SMTP server](#relaying-email-through-another-smtp-server). 💡 To improve deliverability, we recommend [relaying email through another SMTP server](#relaying-email-through-another-smtp-server) anyway. diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index d703d5417..64ef5e112 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -36,7 +36,8 @@ Take note of the user's ID as it needs to be specified as `MatrixUserId` on your Email2Matrix requires an access token for the sender user to be able to send messages to the room. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ### Join to rooms as the sender user manually diff --git a/docs/configuring-playbook-jitsi.md b/docs/configuring-playbook-jitsi.md index a6b3cc28f..882d434e4 100644 --- a/docs/configuring-playbook-jitsi.md +++ b/docs/configuring-playbook-jitsi.md @@ -72,7 +72,8 @@ jitsi_prosody_auth_internal_accounts: #### Authenticate using Matrix OpenID: Auth-Type `matrix` -⚠️ **Warning**: this breaks the Jitsi instance on federated rooms probably and does not allow sharing conference links with guests. +> [!WARNING] +> This breaks the Jitsi instance on federated rooms probably and does not allow sharing conference links with guests. This authentication method requires [Matrix User Verification Service](https://github.com/matrix-org/matrix-user-verification-service), which can be installed using this [playbook](configuring-playbook-user-verification-service.md). It verifies against Matrix openID, and requires a user-verification-service to run. @@ -149,7 +150,8 @@ To enable the Gravatar service, add the following configuration to your `vars.ym jitsi_disable_gravatar: false ``` -⚠️ **Warning**: this will result in third party request leaking data to the Gravatar Service (`gravatar.com`, unless configured otherwise). Besides metadata, the Matrix user_id and possibly the room ID (via `referrer` header) will be also sent to the third party. +> [!WARNING] +> This will result in third party request leaking data to the Gravatar Service (`gravatar.com`, unless configured otherwise). Besides metadata, the Matrix user_id and possibly the room ID (via `referrer` header) will be also sent to the third party. ### Fine tune Jitsi (optional) diff --git a/docs/configuring-playbook-matrix-corporal.md b/docs/configuring-playbook-matrix-corporal.md index 6c4df4985..fea63b552 100644 --- a/docs/configuring-playbook-matrix-corporal.md +++ b/docs/configuring-playbook-matrix-corporal.md @@ -2,7 +2,8 @@
-⚠️ **Warning**: This is an advanced feature! It requires prior experience with Matrix and a specific need for using [Matrix Corporal](https://github.com/devture/matrix-corporal). If you're unsure whether you have such a need, you most likely don't. +> [!WARNING] +> This is an advanced feature! It requires prior experience with Matrix and a specific need for using [Matrix Corporal](https://github.com/devture/matrix-corporal). If you're unsure whether you have such a need, you most likely don't.
diff --git a/docs/configuring-playbook-synapse-admin.md b/docs/configuring-playbook-synapse-admin.md index 22635d012..bc404b9f1 100644 --- a/docs/configuring-playbook-synapse-admin.md +++ b/docs/configuring-playbook-synapse-admin.md @@ -27,7 +27,8 @@ matrix_synapse_admin_enabled: true By default, synapse-admin installation will be [restricted to only work with one homeserver](https://github.com/etkecc/synapse-admin/blob/e21e44362c879ac41f47c580b04210842b6ff3d7/README.md#restricting-available-homeserver) - the one managed by the playbook. To adjust these restrictions, tweak the `matrix_synapse_admin_config_restrictBaseUrl` variable. -⚠️ **Warning**: If you're using [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) (MAS) for authentication, you will be able to [log into synapse-admin with an access token](https://github.com/etkecc/synapse-admin/pull/58), but certain synapse-admin features (especially those around user management) will be limited or not work at all. +> [!WARNING] +> If you're using [Matrix Authentication Service](./configuring-playbook-matrix-authentication-service.md) (MAS) for authentication, you will be able to [log into synapse-admin with an access token](https://github.com/etkecc/synapse-admin/pull/58), but certain synapse-admin features (especially those around user management) will be limited or not work at all. ### Adjusting the Synapse Admin URL (optional) diff --git a/docs/configuring-playbook-traefik.md b/docs/configuring-playbook-traefik.md index 66d6b1aee..b9f3e86e8 100644 --- a/docs/configuring-playbook-traefik.md +++ b/docs/configuring-playbook-traefik.md @@ -34,7 +34,8 @@ traefik_dashboard_basicauth_user: YOUR_USERNAME_HERE traefik_dashboard_basicauth_password: YOUR_PASSWORD_HERE ``` -⚠️ **Warning**: Enabling the dashboard on a hostname you use for something else (like `matrix_server_fqn_matrix` in the configuration above) may cause conflicts. Enabling the Traefik Dashboard makes Traefik capture all `/dashboard` and `/api` requests and forward them to itself. If any of the services hosted on the same hostname requires any of these 2 URL prefixes, you will experience problems. So far, we're not aware of any playbook services which occupy these endpoints and are likely to cause conflicts. +> [!WARNING] +> Enabling the dashboard on a hostname you use for something else (like `matrix_server_fqn_matrix` in the configuration above) may cause conflicts. Enabling the Traefik Dashboard makes Traefik capture all `/dashboard` and `/api` requests and forward them to itself. If any of the services hosted on the same hostname requires any of these 2 URL prefixes, you will experience problems. So far, we're not aware of any playbook services which occupy these endpoints and are likely to cause conflicts. ## Additional configuration @@ -134,7 +135,8 @@ Changing the `url` to one with an `http://` prefix would allow to connect to the With these changes, all TCP traffic will be reverse-proxied to the target system. -⚠️ **Warning**: This configuration might lead to problems or need additional steps when a [certbot](https://certbot.eff.org/) behind Traefik also tries to manage [Let's Encrypt](https://letsencrypt.org/) certificates, as Traefik captures all traffic to ```PathPrefix(`/.well-known/acme-challenge/`)```. +> [!WARNING] +> This configuration might lead to problems or need additional steps when a [certbot](https://certbot.eff.org/) behind Traefik also tries to manage [Let's Encrypt](https://letsencrypt.org/) certificates, as Traefik captures all traffic to ```PathPrefix(`/.well-known/acme-challenge/`)```. ## Traefik behind a `proxy_protocol` reverse-proxy diff --git a/docs/configuring-playbook-user-verification-service.md b/docs/configuring-playbook-user-verification-service.md index 4b62c378b..0459752bb 100644 --- a/docs/configuring-playbook-user-verification-service.md +++ b/docs/configuring-playbook-user-verification-service.md @@ -43,7 +43,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=uvs passwor UVS requires an access token as an admin user to verify RoomMembership and PowerLevel against `matrix_user_verification_service_uvs_homeserver_url`. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ## Adjusting the playbook configuration diff --git a/docs/installing.md b/docs/installing.md index c4eda3b9f..bcd2e2325 100644 --- a/docs/installing.md +++ b/docs/installing.md @@ -53,7 +53,8 @@ To do the installation **without** starting services, run `ansible-playbook` wit ansible-playbook -i inventory/hosts setup.yml --tags=install-all ``` -⚠️ **Warning**: do not run the just "recipe" `just install-all` instead, because it automatically starts services at the end of execution. See: [Difference between playbook tags and shortcuts](just.md#difference-between-playbook-tags-and-shortcuts) +> [!WARNING] +> Do not run the just "recipe" `just install-all` instead, because it automatically starts services at the end of execution. See: [Difference between playbook tags and shortcuts](just.md#difference-between-playbook-tags-and-shortcuts) When this command completes, services won't be running yet. diff --git a/docs/maintenance-synapse.md b/docs/maintenance-synapse.md index 0c2eded9b..3bb315fcb 100644 --- a/docs/maintenance-synapse.md +++ b/docs/maintenance-synapse.md @@ -18,7 +18,8 @@ You can use the **[Purge History API](https://github.com/element-hq/synapse/blob To make use of this Synapse Admin API, **you'll need an admin access token** first. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md). -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. Synapse's Admin API is not exposed to the internet by default, following [official Synapse reverse-proxying recommendations](https://github.com/element-hq/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). To expose it you will need to add `matrix_synapse_container_labels_public_client_synapse_admin_api_enabled: true` to your `vars.yml` file. diff --git a/docs/obtaining-access-tokens.md b/docs/obtaining-access-tokens.md index e1f69b226..909d62b8f 100644 --- a/docs/obtaining-access-tokens.md +++ b/docs/obtaining-access-tokens.md @@ -2,7 +2,8 @@ When setting up some optional features like bots and bridges you will need to provide an access token for some user. This document provides documentation on how to obtain such an access token. -⚠️ **Warning**: Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. +> [!WARNING] +> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone. ## Prerequisites diff --git a/docs/registering-users.md b/docs/registering-users.md index ca62398da..1d92ce131 100644 --- a/docs/registering-users.md +++ b/docs/registering-users.md @@ -42,7 +42,8 @@ ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=USERNAME_HE Feel free to register as many users (for friends, family, etc.) as you want. Still, perhaps you should grant full administrative access to your user account only (with `admin=yes`), and others should be created with `admin=no`. -⚠️ **Warning**: If you're registering users against Matrix Authentication Service, do note that it [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information. +> [!WARNING] +> If you're registering users against Matrix Authentication Service, do note that it [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information. ### Registering users manually for Synapse @@ -80,13 +81,15 @@ This `register-user` script actually invokes the `mas-cli manage register-user` /matrix/matrix-authentication-service/bin/mas-cli manage register-user --help ``` -⚠️ **Warning**: Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information. +> [!WARNING] +> Matrix Authentication Service [still insists](https://github.com/element-hq/matrix-authentication-service/issues/1505) on having a verified email address for each user. Upon a user's first login, they will be asked to confirm their email address. This requires that email sending is [configured](./configuring-playbook-email.md). You can also consult the [Working around email deliverability issues](./configuring-playbook-matrix-authentication-service.md#working-around-email-deliverability-issues) section for more information. ## Managing users via a Web UI To manage users more easily (via a web user-interace), you can install [Synapse Admin](configuring-playbook-synapse-admin.md). -⚠️ **Warning**: If you're using [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), note that user management via synapse-admin is not fully working yet. See the [Expectations](configuring-playbook-matrix-authentication-service.md#expectations) section for more information. +> [!WARNING] +> If you're using [Matrix Authentication Service](configuring-playbook-matrix-authentication-service.md), note that user management via synapse-admin is not fully working yet. See the [Expectations](configuring-playbook-matrix-authentication-service.md#expectations) section for more information. ## Letting certain users register on your private server