refactor: remove signalgo and update signal to 'after merge'
This commit is contained in:
parent
0e4c878ee3
commit
2f6525ccb3
@ -111,8 +111,7 @@ Bridges can be used to connect your matrix installation with third-party communi
|
|||||||
| [mautrix-hangouts](https://github.com/mautrix/hangouts) | x | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | [Link](docs/configuring-playbook-bridge-mautrix-hangouts.md) |
|
| [mautrix-hangouts](https://github.com/mautrix/hangouts) | x | Bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) | [Link](docs/configuring-playbook-bridge-mautrix-hangouts.md) |
|
||||||
| [mautrix-googlechat](https://github.com/mautrix/googlechat) | x | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | [Link](docs/configuring-playbook-bridge-mautrix-googlechat.md) |
|
| [mautrix-googlechat](https://github.com/mautrix/googlechat) | x | Bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) | [Link](docs/configuring-playbook-bridge-mautrix-googlechat.md) |
|
||||||
| [mautrix-instagram](https://github.com/mautrix/instagram) | x | Bridge to [Instagram](https://instagram.com/) | [Link](docs/configuring-playbook-bridge-mautrix-instagram.md) |
|
| [mautrix-instagram](https://github.com/mautrix/instagram) | x | Bridge to [Instagram](https://instagram.com/) | [Link](docs/configuring-playbook-bridge-mautrix-instagram.md) |
|
||||||
| (Deprecated) [mautrix-signal](https://github.com/mautrix/signal) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) |
|
| [mautrix-signal](https://github.com/mautrix/signal) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signal.md) |
|
||||||
| [mautrix-signalgo](https://github.com/mautrix/signalgo) | x | Bridge to [Signal](https://www.signal.org/) | [Link](docs/configuring-playbook-bridge-mautrix-signalgo.md) |
|
|
||||||
| [beeper-linkedin](https://github.com/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) |
|
| [beeper-linkedin](https://github.com/beeper/linkedin) | x | Bridge to [LinkedIn](https://www.linkedin.com/) | [Link](docs/configuring-playbook-bridge-beeper-linkedin.md) |
|
||||||
| [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) |
|
| [matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) | x | Bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-appservice-irc.md) |
|
||||||
| [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) |
|
| [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) | x | Bridge to [Discord](https://discordapp.com/) | [Link](docs/configuring-playbook-bridge-appservice-discord.md) |
|
||||||
|
@ -1,6 +1,4 @@
|
|||||||
# Setting up Mautrix Signal (Deprected) (optional)
|
# Setting up Mautrix signal (optional)
|
||||||
|
|
||||||
**This legacy bridge is known to be not working. The documentation and the setup remain available but we do encourage one to proceed with [Mautrix Signalgo](configuring-playbook-bridge-mautrix-signalgo.md).**
|
|
||||||
|
|
||||||
The playbook can install and configure [mautrix-signal](https://github.com/mautrix/signal) for you.
|
The playbook can install and configure [mautrix-signal](https://github.com/mautrix/signal) for you.
|
||||||
|
|
||||||
@ -8,6 +6,8 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/signal/inde
|
|||||||
|
|
||||||
**Note/Prerequisite**: If you're running with the Postgres database server integrated by the playbook (which is the default), you don't need to do anything special and can easily proceed with installing. However, if you're [using an external Postgres server](configuring-playbook-external-postgres.md), you'd need to manually prepare a Postgres database for this bridge and adjust the variables related to that (`matrix_mautrix_signal_database_*`).
|
**Note/Prerequisite**: If you're running with the Postgres database server integrated by the playbook (which is the default), you don't need to do anything special and can easily proceed with installing. However, if you're [using an external Postgres server](configuring-playbook-external-postgres.md), you'd need to manually prepare a Postgres database for this bridge and adjust the variables related to that (`matrix_mautrix_signal_database_*`).
|
||||||
|
|
||||||
|
**Note**: This revamped version of the [mautrix-signal (legacy)](configuring-playbook-bridge-mautrix-signal.md) may increase the CPU usage of your homeserver.
|
||||||
|
|
||||||
Use the following playbook configuration:
|
Use the following playbook configuration:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
@ -16,14 +16,7 @@ matrix_mautrix_signal_enabled: true
|
|||||||
|
|
||||||
There are some additional things you may wish to configure about the bridge before you continue.
|
There are some additional things you may wish to configure about the bridge before you continue.
|
||||||
|
|
||||||
The relay bot functionality is off by default. If you would like to enable the relay bot, add the following to your `vars.yml` file:
|
|
||||||
```yaml
|
|
||||||
matrix_mautrix_signal_relaybot_enabled: true
|
|
||||||
```
|
|
||||||
If you want to activate the relay bot in a room, use `!signal set-relay`.
|
|
||||||
Use `!signal unset-relay` to deactivate.
|
|
||||||
By default, any user on your homeserver will be able to use the bridge.
|
By default, any user on your homeserver will be able to use the bridge.
|
||||||
If you enable the relay bot functionality, it will relay every user's messages in a portal room - no matter which homeserver they're from.
|
|
||||||
|
|
||||||
Different levels of permission can be granted to users:
|
Different levels of permission can be granted to users:
|
||||||
|
|
||||||
@ -48,7 +41,7 @@ matrix_mautrix_signal_configuration_extension_yaml: |
|
|||||||
'@YOUR_USERNAME:YOUR_DOMAIN': admin
|
'@YOUR_USERNAME:YOUR_DOMAIN': admin
|
||||||
```
|
```
|
||||||
|
|
||||||
This will add the admin permission to the specific user, while keepting the default permissions.
|
This will add the admin permission to the specific user, while keeping the default permissions.
|
||||||
|
|
||||||
In case you want to replace the default permissions settings **completely**, populate the following item within your `vars.yml` file:
|
In case you want to replace the default permissions settings **completely**, populate the following item within your `vars.yml` file:
|
||||||
```yaml
|
```yaml
|
||||||
@ -79,7 +72,7 @@ When using this method, **each user** that wishes to enable Double Puppeting nee
|
|||||||
|
|
||||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
||||||
|
|
||||||
- make sure you don't log out the `Mautrix-Signal` device some time in the future, as that would break the Double Puppeting feature
|
- make sure you don't log out the `Mautrix-signal` device some time in the future, as that would break the Double Puppeting feature
|
||||||
|
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
@ -1,80 +0,0 @@
|
|||||||
# Setting up Mautrix Signalgo (optional)
|
|
||||||
|
|
||||||
The playbook can install and configure [mautrix-signalgo](https://github.com/mautrix/signalgo) for you.
|
|
||||||
|
|
||||||
See the project's [documentation](https://docs.mau.fi/bridges/python/signalgo/index.html) to learn what it does and why it might be useful to you.
|
|
||||||
|
|
||||||
**Note/Prerequisite**: If you're running with the Postgres database server integrated by the playbook (which is the default), you don't need to do anything special and can easily proceed with installing. However, if you're [using an external Postgres server](configuring-playbook-external-postgres.md), you'd need to manually prepare a Postgres database for this bridge and adjust the variables related to that (`matrix_mautrix_signalgo_database_*`).
|
|
||||||
|
|
||||||
**Note**: This revamped version of the [mautrix-signal (legacy)](configuring-playbook-bridge-mautrix-signal.md) may increase the CPU usage of your homeserver.
|
|
||||||
|
|
||||||
Use the following playbook configuration:
|
|
||||||
|
|
||||||
```yaml
|
|
||||||
matrix_mautrix_signalgo_enabled: true
|
|
||||||
```
|
|
||||||
|
|
||||||
There are some additional things you may wish to configure about the bridge before you continue.
|
|
||||||
|
|
||||||
By default, any user on your homeserver will be able to use the bridge.
|
|
||||||
|
|
||||||
Different levels of permission can be granted to users:
|
|
||||||
|
|
||||||
* relay - Allowed to be relayed through the bridge, no access to commands;
|
|
||||||
* user - Use the bridge with puppeting;
|
|
||||||
* admin - Use and administer the bridge.
|
|
||||||
|
|
||||||
The permissions are following the sequence: nothing < relay < user < admin.
|
|
||||||
|
|
||||||
The default permissions are set as follows:
|
|
||||||
```yaml
|
|
||||||
permissions:
|
|
||||||
'*': relay
|
|
||||||
YOUR_DOMAIN: user
|
|
||||||
```
|
|
||||||
|
|
||||||
If you want to augment the preset permissions, you might want to set the additional permissions with the following settings in your `vars.yml` file:
|
|
||||||
```yaml
|
|
||||||
matrix_mautrix_signalgo_configuration_extension_yaml: |
|
|
||||||
bridge:
|
|
||||||
permissions:
|
|
||||||
'@YOUR_USERNAME:YOUR_DOMAIN': admin
|
|
||||||
```
|
|
||||||
|
|
||||||
This will add the admin permission to the specific user, while keeping the default permissions.
|
|
||||||
|
|
||||||
In case you want to replace the default permissions settings **completely**, populate the following item within your `vars.yml` file:
|
|
||||||
```yaml
|
|
||||||
matrix_mautrix_signalgo_bridge_permissions: |
|
|
||||||
'@ADMIN:YOUR_DOMAIN': admin
|
|
||||||
'@USER:YOUR_DOMAIN' : user
|
|
||||||
```
|
|
||||||
|
|
||||||
You may wish to look at `roles/custom/matrix-bridge-mautrix-signalgo/templates/config.yaml.j2` to find more information on the permissions settings and other options you would like to configure.
|
|
||||||
|
|
||||||
## Set up Double Puppeting
|
|
||||||
|
|
||||||
If you'd like to use [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do), you have 2 ways of going about it.
|
|
||||||
|
|
||||||
### Method 1: automatically, by enabling Shared Secret Auth
|
|
||||||
|
|
||||||
The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
|
|
||||||
|
|
||||||
This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
|
|
||||||
|
|
||||||
### Method 2: manually, by asking each user to provide a working access token
|
|
||||||
|
|
||||||
**Note**: This method for enabling Double Puppeting can be configured only after you've already set up bridging (see [Usage](#usage)).
|
|
||||||
|
|
||||||
When using this method, **each user** that wishes to enable Double Puppeting needs to follow the following steps:
|
|
||||||
|
|
||||||
- retrieve a Matrix access token for yourself. Refer to the documentation on [how to do that](obtaining-access-tokens.md).
|
|
||||||
|
|
||||||
- send the access token to the bot. Example: `login-matrix MATRIX_ACCESS_TOKEN_HERE`
|
|
||||||
|
|
||||||
- make sure you don't log out the `Mautrix-Signalgo` device some time in the future, as that would break the Double Puppeting feature
|
|
||||||
|
|
||||||
|
|
||||||
## Usage
|
|
||||||
|
|
||||||
You then need to start a chat with `@signalgobot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
|
|
@ -130,9 +130,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins
|
|||||||
|
|
||||||
- [Setting up Mautrix Twitter bridging](configuring-playbook-bridge-mautrix-twitter.md) (optional)
|
- [Setting up Mautrix Twitter bridging](configuring-playbook-bridge-mautrix-twitter.md) (optional)
|
||||||
|
|
||||||
- ~~[Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md)~~ (Deprecated) (optional) - Replaced by [Signalgo](configuring-playbook-bridge-mautrix-signalgo.md).
|
- [Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md) (optional)
|
||||||
|
|
||||||
- [Setting up Mautrix Signalgo bridging](configuring-playbook-bridge-mautrix-signalgo.md) (optional)
|
|
||||||
|
|
||||||
- [Setting up Mautrix wsproxy for bridging Android SMS or Apple iMessage](configuring-playbook-bridge-mautrix-wsproxy.md) (optional)
|
- [Setting up Mautrix wsproxy for bridging Android SMS or Apple iMessage](configuring-playbook-bridge-mautrix-wsproxy.md) (optional)
|
||||||
|
|
||||||
|
@ -97,8 +97,6 @@ matrix_homeserver_container_extra_arguments_auto: |
|
|||||||
+
|
+
|
||||||
(['--mount type=bind,src=' + matrix_mautrix_signal_config_path + '/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro'] if matrix_mautrix_signal_enabled else [])
|
(['--mount type=bind,src=' + matrix_mautrix_signal_config_path + '/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro'] if matrix_mautrix_signal_enabled else [])
|
||||||
+
|
+
|
||||||
(['--mount type=bind,src=' + matrix_mautrix_signalgo_config_path + '/registration.yaml,dst=/matrix-mautrix-signalgo-registration.yaml,ro'] if matrix_mautrix_signalgo_enabled else [])
|
|
||||||
+
|
|
||||||
(['--mount type=bind,src=' + matrix_mautrix_telegram_config_path + '/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro'] if matrix_mautrix_telegram_enabled else [])
|
(['--mount type=bind,src=' + matrix_mautrix_telegram_config_path + '/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro'] if matrix_mautrix_telegram_enabled else [])
|
||||||
+
|
+
|
||||||
(['--mount type=bind,src=' + matrix_mautrix_twitter_config_path + '/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro'] if matrix_mautrix_twitter_enabled else [])
|
(['--mount type=bind,src=' + matrix_mautrix_twitter_config_path + '/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro'] if matrix_mautrix_twitter_enabled else [])
|
||||||
@ -162,8 +160,6 @@ matrix_homeserver_app_service_config_files_auto: |
|
|||||||
+
|
+
|
||||||
(['/matrix-mautrix-signal-registration.yaml'] if matrix_mautrix_signal_enabled else [])
|
(['/matrix-mautrix-signal-registration.yaml'] if matrix_mautrix_signal_enabled else [])
|
||||||
+
|
+
|
||||||
(['/matrix-mautrix-signalgo-registration.yaml'] if matrix_mautrix_signalgo_enabled else [])
|
|
||||||
+
|
|
||||||
(['/matrix-mautrix-telegram-registration.yaml'] if matrix_mautrix_telegram_enabled else [])
|
(['/matrix-mautrix-telegram-registration.yaml'] if matrix_mautrix_telegram_enabled else [])
|
||||||
+
|
+
|
||||||
(['/matrix-mautrix-twitter-registration.yaml'] if matrix_mautrix_twitter_enabled else [])
|
(['/matrix-mautrix-twitter-registration.yaml'] if matrix_mautrix_twitter_enabled else [])
|
||||||
@ -278,11 +274,7 @@ devture_systemd_service_manager_services_list_auto: |
|
|||||||
+
|
+
|
||||||
([{'name': 'matrix-mautrix-instagram.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-instagram']}] if matrix_mautrix_instagram_enabled else [])
|
([{'name': 'matrix-mautrix-instagram.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-instagram']}] if matrix_mautrix_instagram_enabled else [])
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-mautrix-signal.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-signal']}] if matrix_mautrix_signal_enabled else [])
|
([{'name': 'matrix-mautrix-signal.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-signal', 'mautrix-signal']}] if matrix_mautrix_signal_enabled else [])
|
||||||
+
|
|
||||||
([{'name': 'matrix-mautrix-signal-daemon.service', 'priority': 1900, 'groups': ['matrix', 'bridges', 'mautrix-signal', 'mautrix-signal-daemon']}] if matrix_mautrix_signal_enabled else [])
|
|
||||||
+
|
|
||||||
([{'name': 'matrix-mautrix-signalgo.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-signalgo', 'mautrix-signalgo']}] if matrix_mautrix_signalgo_enabled else [])
|
|
||||||
+
|
+
|
||||||
([{'name': 'matrix-mautrix-telegram.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-telegram']}] if matrix_mautrix_telegram_enabled else [])
|
([{'name': 'matrix-mautrix-telegram.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-telegram']}] if matrix_mautrix_telegram_enabled else [])
|
||||||
+
|
+
|
||||||
@ -1044,7 +1036,6 @@ matrix_mautrix_instagram_database_password: "{{ '%s' | format(matrix_homeserver_
|
|||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# matrix-bridge-mautrix-signal
|
# matrix-bridge-mautrix-signal
|
||||||
@ -1054,6 +1045,8 @@ matrix_mautrix_instagram_database_password: "{{ '%s' | format(matrix_homeserver_
|
|||||||
# We don't enable bridges by default.
|
# We don't enable bridges by default.
|
||||||
matrix_mautrix_signal_enabled: false
|
matrix_mautrix_signal_enabled: false
|
||||||
|
|
||||||
|
matrix_mautrix_signal_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_systemd_required_services_list: |
|
matrix_mautrix_signal_systemd_required_services_list: |
|
||||||
{{
|
{{
|
||||||
['docker.service']
|
['docker.service']
|
||||||
@ -1063,17 +1056,15 @@ matrix_mautrix_signal_systemd_required_services_list: |
|
|||||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
||||||
+
|
+
|
||||||
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
|
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
|
||||||
+
|
|
||||||
['matrix-mautrix-signal-daemon.service']
|
|
||||||
}}
|
}}
|
||||||
|
|
||||||
matrix_mautrix_signal_homeserver_domain: '{{ matrix_domain }}'
|
matrix_mautrix_signal_homeserver_domain: "{{ matrix_domain }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_homeserver_address: "{{ matrix_homeserver_container_url }}"
|
matrix_mautrix_signal_homeserver_address: "{{ matrix_homeserver_container_url }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'si.hs.token', rounds=655555) | to_uuid }}"
|
matrix_mautrix_signal_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sigo.hs.token', rounds=655555) | to_uuid }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'si.as.token', rounds=655555) | to_uuid }}"
|
matrix_mautrix_signal_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sigo.as.token', rounds=655555) | to_uuid }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
||||||
|
|
||||||
@ -1083,67 +1074,16 @@ matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provi
|
|||||||
# - `matrix_nginx_proxy_proxy_matrix_metrics_enabled`
|
# - `matrix_nginx_proxy_proxy_matrix_metrics_enabled`
|
||||||
matrix_mautrix_signal_metrics_enabled: "{{ prometheus_enabled }}"
|
matrix_mautrix_signal_metrics_enabled: "{{ prometheus_enabled }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_database_engine: 'postgres'
|
matrix_mautrix_signal_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
||||||
matrix_mautrix_signal_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
matrix_mautrix_signal_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
||||||
matrix_mautrix_signal_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signal.db', rounds=655555) | to_uuid }}"
|
matrix_mautrix_signal_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signal.db', rounds=655555) | to_uuid }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
|
|
||||||
matrix_mautrix_signal_daemon_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# /matrix-bridge-mautrix-signal
|
# /matrix-bridge-mautrix-signal
|
||||||
#
|
#
|
||||||
######################################################################
|
######################################################################
|
||||||
|
|
||||||
######################################################################
|
|
||||||
#
|
|
||||||
# matrix-bridge-mautrix-signalgo
|
|
||||||
#
|
|
||||||
######################################################################
|
|
||||||
|
|
||||||
# We don't enable bridges by default.
|
|
||||||
matrix_mautrix_signalgo_enabled: false
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_systemd_required_services_list: |
|
|
||||||
{{
|
|
||||||
['docker.service']
|
|
||||||
+
|
|
||||||
['matrix-' + matrix_homeserver_implementation + '.service']
|
|
||||||
+
|
|
||||||
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
|
|
||||||
+
|
|
||||||
(['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
|
|
||||||
}}
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_homeserver_domain: "{{ matrix_domain }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_homeserver_address: "{{ matrix_homeserver_container_url }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sigo.hs.token', rounds=655555) | to_uuid }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'sigo.as.token', rounds=655555) | to_uuid }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
|
|
||||||
|
|
||||||
# People using an external Prometheus server will need to toggle all of these to be able to consume metrics remotely:
|
|
||||||
# - `matrix_mautrix_signalgo_metrics_enabled`
|
|
||||||
# - `matrix_mautrix_signalgo_proxying_metrics_enabled`
|
|
||||||
# - `matrix_nginx_proxy_proxy_matrix_metrics_enabled`
|
|
||||||
matrix_mautrix_signalgo_metrics_enabled: "{{ prometheus_enabled }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
|
|
||||||
matrix_mautrix_signalgo_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
|
|
||||||
matrix_mautrix_signalgo_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.signalgo.db', rounds=655555) | to_uuid }}"
|
|
||||||
|
|
||||||
######################################################################
|
|
||||||
#
|
|
||||||
# /matrix-bridge-mautrix-signalgo
|
|
||||||
#
|
|
||||||
######################################################################
|
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
#
|
#
|
||||||
# matrix-bridge-mautrix-telegram
|
# matrix-bridge-mautrix-telegram
|
||||||
@ -3195,12 +3135,6 @@ devture_postgres_managed_databases_auto: |
|
|||||||
'password': matrix_mautrix_signal_database_password,
|
'password': matrix_mautrix_signal_database_password,
|
||||||
}] if (matrix_mautrix_signal_enabled and matrix_mautrix_signal_database_engine == 'postgres' and matrix_mautrix_signal_database_hostname == devture_postgres_connection_hostname) else [])
|
}] if (matrix_mautrix_signal_enabled and matrix_mautrix_signal_database_engine == 'postgres' and matrix_mautrix_signal_database_hostname == devture_postgres_connection_hostname) else [])
|
||||||
+
|
+
|
||||||
([{
|
|
||||||
'name': matrix_mautrix_signalgo_database_name,
|
|
||||||
'username': matrix_mautrix_signalgo_database_username,
|
|
||||||
'password': matrix_mautrix_signalgo_database_password,
|
|
||||||
}] if (matrix_mautrix_signalgo_enabled and matrix_mautrix_signalgo_database_engine == 'postgres' and matrix_mautrix_signalgo_database_hostname == devture_postgres_connection_hostname) else [])
|
|
||||||
+
|
|
||||||
([{
|
([{
|
||||||
'name': matrix_mautrix_wsproxy_syncproxy_database_name,
|
'name': matrix_mautrix_wsproxy_syncproxy_database_name,
|
||||||
'username': matrix_mautrix_wsproxy_syncproxy_database_username,
|
'username': matrix_mautrix_wsproxy_syncproxy_database_username,
|
||||||
|
@ -1,72 +1,55 @@
|
|||||||
---
|
---
|
||||||
# mautrix-signal is a Matrix <-> Signal bridge
|
# mautrix-signal is a Matrix <-> signal bridge
|
||||||
# Project source code URL: https://github.com/mautrix/signal
|
# Project source code URL: https://github.com/mautrix/signal
|
||||||
|
|
||||||
matrix_mautrix_signal_enabled: true
|
matrix_mautrix_signal_enabled: true
|
||||||
|
|
||||||
matrix_mautrix_signal_container_image_self_build: false
|
matrix_mautrix_signal_container_image_self_build: false
|
||||||
matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git"
|
matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/signal.git"
|
||||||
matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
|
matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
|
||||||
matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src"
|
|
||||||
|
|
||||||
# renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
|
# renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
|
||||||
matrix_mautrix_signal_version: v0.4.3
|
matrix_mautrix_signal_version: 6e7faa2a6583ab324826e1c1d9e34794abfafb9f-amd64
|
||||||
# renovate: datasource=docker depName=signald/signald
|
|
||||||
matrix_mautrix_signal_daemon_version: 0.23.2
|
|
||||||
# See: https://mau.dev/mautrix/signal/container_registry
|
# See: https://mau.dev/mautrix/signal/container_registry
|
||||||
matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_version }}"
|
matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_version }}"
|
||||||
matrix_mautrix_signal_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_signal_container_image_self_build else 'dock.mau.dev/' }}"
|
matrix_mautrix_signal_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_signal_container_image_self_build else 'dock.mau.dev/' }}"
|
||||||
matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}"
|
matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_daemon_container_image_self_build: false
|
|
||||||
matrix_mautrix_signal_daemon_docker_repo: "https://gitlab.com/signald/signald"
|
|
||||||
matrix_mautrix_signal_daemon_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_daemon_version == 'latest' else matrix_mautrix_signal_daemon_version }}"
|
|
||||||
matrix_mautrix_signal_daemon_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signald/docker-src"
|
|
||||||
|
|
||||||
matrix_mautrix_signal_daemon_docker_image: "{{ matrix_mautrix_signal_daemon_docker_image_name_prefix }}signald/signald:{{ matrix_mautrix_signal_daemon_docker_image_tag }}"
|
|
||||||
matrix_mautrix_signal_daemon_docker_image_name_prefix: "docker.io/"
|
|
||||||
matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image_tag.endswith(':latest') }}"
|
|
||||||
matrix_mautrix_signal_daemon_docker_image_tag: "{{ matrix_mautrix_signal_daemon_version }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"
|
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"
|
||||||
matrix_mautrix_signal_config_path: "{{ matrix_mautrix_signal_base_path }}/bridge"
|
matrix_mautrix_signal_config_path: "{{ matrix_mautrix_signal_base_path }}/config"
|
||||||
matrix_mautrix_signal_daemon_path: "{{ matrix_mautrix_signal_base_path }}/signald"
|
matrix_mautrix_signal_data_path: "{{ matrix_mautrix_signal_base_path }}/data"
|
||||||
|
matrix_mautrix_signal_docker_src_files_path: "{{ matrix_mautrix_signal_base_path }}/docker-src"
|
||||||
|
|
||||||
matrix_mautrix_signal_homeserver_address: ''
|
matrix_mautrix_signal_homeserver_address: "{{ matrix_homeserver_container_url }}"
|
||||||
matrix_mautrix_signal_homeserver_domain: ''
|
matrix_mautrix_signal_homeserver_domain: "{{ matrix_domain }}"
|
||||||
matrix_mautrix_signal_appservice_address: 'http://matrix-mautrix-signal:29328'
|
matrix_mautrix_signal_appservice_address: "http://matrix-mautrix-signal:8080"
|
||||||
|
|
||||||
matrix_mautrix_signal_command_prefix: "!signal"
|
matrix_mautrix_signal_command_prefix: "!signal"
|
||||||
|
|
||||||
# Controls whether the matrix-mautrix-signal container exposes its port (tcp/29328 in the container).
|
matrix_mautrix_signal_bridge_permissions: |
|
||||||
#
|
{{
|
||||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9006"), or empty string to not expose.
|
{'*': 'relay', matrix_mautrix_signal_homeserver_domain: 'user'}
|
||||||
matrix_mautrix_signal_container_http_host_bind_port: ''
|
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
||||||
|
}}
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
# A list of extra arguments to pass to the container
|
||||||
matrix_mautrix_signal_container_extra_arguments: []
|
matrix_mautrix_signal_container_extra_arguments: []
|
||||||
|
|
||||||
# List of systemd services that matrix-mautrix-signal.service depends on.
|
# List of systemd services that matrix-mautrix-signal.service depends on.
|
||||||
matrix_mautrix_signal_systemd_required_services_list:
|
matrix_mautrix_signal_systemd_required_services_list: ['docker.service']
|
||||||
- 'docker.service'
|
|
||||||
- 'matrix-mautrix-signal-daemon.service'
|
|
||||||
|
|
||||||
# List of systemd services that matrix-mautrix-signal.service wants
|
# List of systemd services that matrix-mautrix-signal.service wants
|
||||||
matrix_mautrix_signal_systemd_wanted_services_list: []
|
matrix_mautrix_signal_systemd_wanted_services_list: []
|
||||||
|
|
||||||
# List of systemd services that matrix-mautrix-signal-daemon.service depends on.
|
|
||||||
matrix_mautrix_signal_daemon_systemd_required_services_list: ['docker.service']
|
|
||||||
|
|
||||||
# List of systemd services that matrix-mautrix-signal-daemon.service wants
|
|
||||||
matrix_mautrix_signal_daemon_systemd_wanted_services_list: []
|
|
||||||
|
|
||||||
matrix_mautrix_signal_appservice_token: ''
|
matrix_mautrix_signal_appservice_token: ''
|
||||||
matrix_mautrix_signal_homeserver_token: ''
|
matrix_mautrix_signal_homeserver_token: ''
|
||||||
|
|
||||||
matrix_mautrix_signal_appservice_bot_username: signalbot
|
matrix_mautrix_signal_appservice_bot_username: signalbot
|
||||||
|
|
||||||
# Specifies the default log level for all bridge loggers.
|
# Minimum severity of journal log messages.
|
||||||
matrix_mautrix_signal_logging_level: WARNING
|
# Options: debug, info, warn, error, fatal
|
||||||
|
matrix_mautrix_signal_logging_level: 'warn'
|
||||||
|
|
||||||
# Whether or not created rooms should have federation enabled.
|
# Whether or not created rooms should have federation enabled.
|
||||||
# If false, created portal rooms will never be federated.
|
# If false, created portal rooms will never be federated.
|
||||||
@ -82,50 +65,51 @@ matrix_mautrix_signal_metrics_enabled: false
|
|||||||
# See the `matrix-nginx-proxy` role for details about enabling `matrix_nginx_proxy_proxy_matrix_metrics_enabled`.
|
# See the `matrix-nginx-proxy` role for details about enabling `matrix_nginx_proxy_proxy_matrix_metrics_enabled`.
|
||||||
matrix_mautrix_signal_metrics_proxying_enabled: false
|
matrix_mautrix_signal_metrics_proxying_enabled: false
|
||||||
|
|
||||||
# Database-related configuration fields
|
# Database-related configuration fields.
|
||||||
#
|
#
|
||||||
# This bridge only supports postgres.
|
# To use SQLite, stick to these defaults.
|
||||||
#
|
#
|
||||||
matrix_mautrix_signal_database_engine: 'postgres'
|
# To use Postgres:
|
||||||
|
# - change the engine (`matrix_mautrix_signal_database_engine: 'postgres'`)
|
||||||
|
# - adjust your database credentials via the `matrix_mautrix_signal_database_*` variables
|
||||||
|
matrix_mautrix_signal_database_engine: 'sqlite'
|
||||||
|
|
||||||
|
matrix_mautrix_signal_sqlite_database_path_local: "{{ matrix_mautrix_signal_data_path }}/mautrix-signal.db"
|
||||||
|
matrix_mautrix_signal_sqlite_database_path_in_container: "/data/mautrix-signal.db?_txlock=immediate"
|
||||||
|
|
||||||
matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
|
matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
|
||||||
matrix_mautrix_signal_database_password: 'some-password'
|
matrix_mautrix_signal_database_password: 'some-password'
|
||||||
matrix_mautrix_signal_database_hostname: ''
|
matrix_mautrix_signal_database_hostname: ''
|
||||||
matrix_mautrix_signal_database_port: 5432
|
matrix_mautrix_signal_database_port: 5432
|
||||||
matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
|
matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
|
||||||
|
matrix_mautrix_signal_database_sslmode: disable
|
||||||
|
|
||||||
matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}'
|
matrix_mautrix_signal_database_connection_string: 'postgresql://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}?sslmode={{ matrix_mautrix_signal_database_sslmode }}'
|
||||||
|
|
||||||
matrix_mautrix_signal_appservice_database: "{{
|
matrix_mautrix_signal_appservice_database_type: "{{
|
||||||
{
|
{
|
||||||
|
'sqlite': 'sqlite3-fk-wal',
|
||||||
|
'postgres':'postgres',
|
||||||
|
}[matrix_mautrix_signal_database_engine]
|
||||||
|
}}"
|
||||||
|
|
||||||
|
matrix_mautrix_signal_appservice_database_uri: "{{
|
||||||
|
{
|
||||||
|
'sqlite': matrix_mautrix_signal_sqlite_database_path_in_container,
|
||||||
'postgres': matrix_mautrix_signal_database_connection_string,
|
'postgres': matrix_mautrix_signal_database_connection_string,
|
||||||
}[matrix_mautrix_signal_database_engine]
|
}[matrix_mautrix_signal_database_engine]
|
||||||
}}"
|
}}"
|
||||||
|
|
||||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
||||||
matrix_mautrix_signal_login_shared_secret: ''
|
matrix_mautrix_signal_login_shared_secret: ''
|
||||||
|
matrix_mautrix_signal_bridge_login_shared_secret_map:
|
||||||
|
"{{ {matrix_mautrix_signal_homeserver_domain: matrix_mautrix_signal_login_shared_secret} if matrix_mautrix_signal_login_shared_secret else {} }}"
|
||||||
|
|
||||||
# Enable bridge relay bot functionality
|
# Servers to always allow double puppeting from
|
||||||
matrix_mautrix_signal_relaybot_enabled: "{{ matrix_bridges_relay_enabled }}"
|
matrix_mautrix_signal_bridge_double_puppet_server_map:
|
||||||
|
"{{ matrix_mautrix_signal_homeserver_domain : matrix_mautrix_signal_homeserver_address }}"
|
||||||
|
|
||||||
# Permissions for using the bridge.
|
# Default mautrix-signal configuration template which covers the generic use case.
|
||||||
# Permitted values:
|
|
||||||
# relay - Allowed to be relayed through the bridge, no access to commands.
|
|
||||||
# user - Use the bridge with puppeting.
|
|
||||||
# admin - Use and administrate the bridge.
|
|
||||||
# Permitted keys:
|
|
||||||
# * - All Matrix users
|
|
||||||
# domain - All users on that homeserver
|
|
||||||
# mxid - Specific user
|
|
||||||
#
|
|
||||||
# This variable used to contain a YAML string, but now needs to contain a hashmap/dictionary.
|
|
||||||
matrix_mautrix_signal_bridge_permissions: |
|
|
||||||
{{
|
|
||||||
{'*': 'relay', matrix_mautrix_signal_homeserver_domain: 'user'}
|
|
||||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
|
||||||
}}
|
|
||||||
|
|
||||||
# Default configuration template which covers the generic use case.
|
|
||||||
# You can customize it by controlling the various variables inside it.
|
# You can customize it by controlling the various variables inside it.
|
||||||
#
|
#
|
||||||
# For a more advanced customization, you can extend the default (see `matrix_mautrix_signal_configuration_extension_yaml`)
|
# For a more advanced customization, you can extend the default (see `matrix_mautrix_signal_configuration_extension_yaml`)
|
||||||
@ -147,19 +131,29 @@ matrix_mautrix_signal_configuration_extension: "{{ matrix_mautrix_signal_configu
|
|||||||
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_signal_configuration_yaml`.
|
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_signal_configuration_yaml`.
|
||||||
matrix_mautrix_signal_configuration: "{{ matrix_mautrix_signal_configuration_yaml | from_yaml | combine(matrix_mautrix_signal_configuration_extension, recursive=True) }}"
|
matrix_mautrix_signal_configuration: "{{ matrix_mautrix_signal_configuration_yaml | from_yaml | combine(matrix_mautrix_signal_configuration_extension, recursive=True) }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_registration_yaml: "{{ lookup('template', 'templates/registration.yaml.j2') }}"
|
matrix_mautrix_signal_registration_yaml: |
|
||||||
|
id: signal
|
||||||
|
url: {{ matrix_mautrix_signal_appservice_address }}
|
||||||
|
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
|
||||||
|
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
|
||||||
|
# See https://github.com/mautrix/signal/issues/43
|
||||||
|
sender_localpart: _bot_{{ matrix_mautrix_signal_appservice_bot_username }}
|
||||||
|
rate_limited: false
|
||||||
|
namespaces:
|
||||||
|
users:
|
||||||
|
- regex: '^@signal_[-a-f0-9]+:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
|
||||||
|
exclusive: true
|
||||||
|
- exclusive: true
|
||||||
|
regex: '^@{{ matrix_mautrix_signal_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
|
||||||
|
de.sorunome.msc2409.push_ephemeral: true
|
||||||
|
|
||||||
matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml | from_yaml }}"
|
matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml | from_yaml }}"
|
||||||
|
|
||||||
matrix_mautrix_signal_log_level: 'DEBUG'
|
# Enable End-to-bridge encryption
|
||||||
|
|
||||||
matrix_mautrix_signal_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
matrix_mautrix_signal_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||||
matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
||||||
matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
||||||
|
|
||||||
# Additional environment variables to pass to the Signal Daemon container
|
# On conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge.
|
||||||
#
|
# Setting this to false fixed the issue.
|
||||||
# Example:
|
matrix_mautrix_signal_bridge_restricted_rooms: true
|
||||||
# matrix_mautrix_signal_daemon_environment_variables_extension: |
|
|
||||||
# SIGNALD_TRUST_NEW_KEYS=true
|
|
||||||
matrix_mautrix_signal_daemon_environment_variables_extension: ''
|
|
||||||
|
@ -3,7 +3,7 @@
|
|||||||
- name: Fail if matrix-nginx-proxy role already executed
|
- name: Fail if matrix-nginx-proxy role already executed
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: >-
|
msg: >-
|
||||||
Trying to append mautrix-whatapp-metrics's reverse-proxying configuration to matrix-nginx-proxy,
|
Trying to append mautrix-signal-metrics's reverse-proxying configuration to matrix-nginx-proxy,
|
||||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
but it's pointless since the matrix-nginx-proxy role had already executed.
|
||||||
To fix this, please change the order of roles in your playbook,
|
To fix this, please change the order of roles in your playbook,
|
||||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-signal role.
|
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-signal role.
|
||||||
@ -18,7 +18,7 @@
|
|||||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
{% if matrix_nginx_proxy_enabled | default(False) %}
|
||||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
||||||
resolver 127.0.0.11 valid=5s;
|
resolver 127.0.0.11 valid=5s;
|
||||||
set $backend "matrix-mautrix-signal:8000";
|
set $backend "matrix-mautrix-signal:8001";
|
||||||
proxy_pass http://$backend/metrics;
|
proxy_pass http://$backend/metrics;
|
||||||
{% else %}
|
{% else %}
|
||||||
return 404 "matrix-nginx-proxy is disabled and no host port was bound to the container, so metrics are unavailable";
|
return 404 "matrix-nginx-proxy is disabled and no host port was bound to the container, so metrics are unavailable";
|
||||||
|
@ -1,30 +1,71 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- name: Ensure Mautrix Signal image is pulled
|
- ansible.builtin.set_fact:
|
||||||
|
matrix_mautrix_signal_requires_restart: false
|
||||||
|
|
||||||
|
- when: "matrix_mautrix_signal_database_engine == 'postgres'"
|
||||||
|
block:
|
||||||
|
- name: Check if an SQLite database already exists
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "{{ matrix_mautrix_signal_sqlite_database_path_local }}"
|
||||||
|
register: matrix_mautrix_signal_sqlite_database_path_local_stat_result
|
||||||
|
|
||||||
|
- when: "matrix_mautrix_signal_sqlite_database_path_local_stat_result.stat.exists | bool"
|
||||||
|
block:
|
||||||
|
- ansible.builtin.include_role:
|
||||||
|
name: galaxy/com.devture.ansible.role.postgres
|
||||||
|
tasks_from: migrate_db_to_postgres
|
||||||
|
vars:
|
||||||
|
devture_postgres_db_migration_request:
|
||||||
|
src: "{{ matrix_mautrix_signal_sqlite_database_path_local }}"
|
||||||
|
dst: "{{ matrix_mautrix_signal_database_connection_string }}"
|
||||||
|
caller: "{{ role_path | basename }}"
|
||||||
|
engine_variable_name: 'matrix_mautrix_signal_database_engine'
|
||||||
|
engine_old: 'sqlite'
|
||||||
|
systemd_services_to_stop: ['matrix-mautrix-signal.service']
|
||||||
|
pgloader_options: ['--with "quote identifiers"']
|
||||||
|
|
||||||
|
- ansible.builtin.set_fact:
|
||||||
|
matrix_mautrix_signal_requires_restart: true
|
||||||
|
|
||||||
|
- name: Ensure Mautrix signal paths exists
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ item.path }}"
|
||||||
|
state: directory
|
||||||
|
mode: 0750
|
||||||
|
owner: "{{ matrix_user_username }}"
|
||||||
|
group: "{{ matrix_user_groupname }}"
|
||||||
|
with_items:
|
||||||
|
- {path: "{{ matrix_mautrix_signal_base_path }}", when: true}
|
||||||
|
- {path: "{{ matrix_mautrix_signal_config_path }}", when: true}
|
||||||
|
- {path: "{{ matrix_mautrix_signal_data_path }}", when: true}
|
||||||
|
- {path: "{{ matrix_mautrix_signal_docker_src_files_path }}", when: "{{ matrix_mautrix_signal_container_image_self_build }}"}
|
||||||
|
when: item.when | bool
|
||||||
|
|
||||||
|
- name: Ensure Mautrix signal image is pulled
|
||||||
community.docker.docker_image:
|
community.docker.docker_image:
|
||||||
name: "{{ matrix_mautrix_signal_docker_image }}"
|
name: "{{ matrix_mautrix_signal_docker_image }}"
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
||||||
force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
|
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
|
||||||
when: "not matrix_mautrix_signal_container_image_self_build | bool"
|
when: not matrix_mautrix_signal_container_image_self_build
|
||||||
register: result
|
register: result
|
||||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
retries: "{{ devture_playbook_help_container_retries_count }}"
|
||||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
||||||
until: result is not failed
|
until: result is not failed
|
||||||
|
|
||||||
|
- name: Ensure Mautrix signal repository is present on self-build
|
||||||
- name: Ensure Mautrix Signal repository is present on self-build
|
|
||||||
ansible.builtin.git:
|
ansible.builtin.git:
|
||||||
repo: "{{ matrix_mautrix_signal_docker_repo }}"
|
repo: "{{ matrix_mautrix_signal_container_image_self_build_repo }}"
|
||||||
version: "{{ matrix_mautrix_signal_docker_repo_version }}"
|
|
||||||
dest: "{{ matrix_mautrix_signal_docker_src_files_path }}"
|
dest: "{{ matrix_mautrix_signal_docker_src_files_path }}"
|
||||||
|
version: "{{ matrix_mautrix_signal_container_image_self_build_branch }}"
|
||||||
force: "yes"
|
force: "yes"
|
||||||
become: true
|
become: true
|
||||||
become_user: "{{ matrix_user_username }}"
|
become_user: "{{ matrix_user_username }}"
|
||||||
register: matrix_mautrix_signal_git_pull_results
|
register: matrix_mautrix_signal_git_pull_results
|
||||||
when: "matrix_mautrix_signal_container_image_self_build | bool"
|
when: "matrix_mautrix_signal_container_image_self_build | bool"
|
||||||
|
|
||||||
- name: Ensure Mautrix Signal image is built
|
- name: Ensure Mautrix signal Docker image is built
|
||||||
community.docker.docker_image:
|
community.docker.docker_image:
|
||||||
name: "{{ matrix_mautrix_signal_docker_image }}"
|
name: "{{ matrix_mautrix_signal_docker_image }}"
|
||||||
source: build
|
source: build
|
||||||
@ -36,62 +77,38 @@
|
|||||||
pull: true
|
pull: true
|
||||||
when: "matrix_mautrix_signal_container_image_self_build | bool"
|
when: "matrix_mautrix_signal_container_image_self_build | bool"
|
||||||
|
|
||||||
|
- name: Check if an old database file exists
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "{{ matrix_mautrix_signal_base_path }}/mautrix-signal.db"
|
||||||
|
register: matrix_mautrix_signal_stat_database
|
||||||
|
|
||||||
- name: Ensure Mautrix Signal Daemon image is pulled
|
- name: Check if an old matrix state file exists
|
||||||
community.docker.docker_image:
|
ansible.builtin.stat:
|
||||||
name: "{{ matrix_mautrix_signal_daemon_docker_image }}"
|
path: "{{ matrix_mautrix_signal_base_path }}/mx-state.json"
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
register: matrix_mautrix_signal_stat_mx_state
|
||||||
force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_daemon_docker_image_force_pull }}"
|
|
||||||
when: matrix_mautrix_signal_enabled and not matrix_mautrix_signal_daemon_container_image_self_build | bool
|
|
||||||
register: matrix_mautrix_signal_daemon_pull_results
|
|
||||||
|
|
||||||
- name: Ensure Mautrix Signal Daemon repository is present on self-build
|
- name: (Data relocation) Ensure matrix-mautrix-signal.service is stopped
|
||||||
ansible.builtin.git:
|
ansible.builtin.service:
|
||||||
repo: "{{ matrix_mautrix_signal_daemon_docker_repo }}"
|
name: matrix-mautrix-signal
|
||||||
version: "{{ matrix_mautrix_signal_daemon_docker_repo_version }}"
|
state: stopped
|
||||||
dest: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}"
|
enabled: false
|
||||||
force: "yes"
|
daemon_reload: true
|
||||||
become: true
|
failed_when: false
|
||||||
become_user: "{{ matrix_user_username }}"
|
when: "matrix_mautrix_signal_stat_database.stat.exists"
|
||||||
register: matrix_mautrix_signal_daemon_git_pull_results
|
|
||||||
when: "matrix_mautrix_signal_daemon_container_image_self_build | bool"
|
|
||||||
|
|
||||||
- name: Ensure Mautrix Signal Daemon image is built
|
- name: (Data relocation) Move mautrix-signal database file to ./data directory
|
||||||
community.docker.docker_image:
|
ansible.builtin.command:
|
||||||
name: "{{ matrix_mautrix_signal_daemon_docker_image }}"
|
cmd: "mv {{ matrix_mautrix_signal_base_path }}/mautrix-signal.db {{ matrix_mautrix_signal_data_path }}/mautrix-signal.db"
|
||||||
source: build
|
creates: "{{ matrix_mautrix_signal_data_path }}/mautrix-signal.db"
|
||||||
force_source: "{{ matrix_mautrix_signal_daemon_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
removes: "{{ matrix_mautrix_signal_base_path }}/mautrix-signal.db"
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_daemon_git_pull_results.changed }}"
|
when: "matrix_mautrix_signal_stat_database.stat.exists"
|
||||||
build:
|
|
||||||
dockerfile: Containerfile
|
|
||||||
path: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}"
|
|
||||||
pull: true
|
|
||||||
when: "matrix_mautrix_signal_daemon_container_image_self_build | bool"
|
|
||||||
|
|
||||||
- name: Ensure Mautrix Signal paths exist
|
- name: (Data relocation) Move mautrix-signal mx-state file to ./data directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.command:
|
||||||
path: "{{ item }}"
|
cmd: "mv {{ matrix_mautrix_signal_base_path }}/mx-state.json {{ matrix_mautrix_signal_data_path }}/mx-state.json"
|
||||||
state: directory
|
creates: "{{ matrix_mautrix_signal_data_path }}/mx-state.json"
|
||||||
mode: 0750
|
removes: "{{ matrix_mautrix_signal_base_path }}/mx-state.json"
|
||||||
owner: "{{ matrix_user_username }}"
|
when: "matrix_mautrix_signal_stat_mx_state.stat.exists"
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- "{{ matrix_mautrix_signal_base_path }}"
|
|
||||||
- "{{ matrix_mautrix_signal_config_path }}"
|
|
||||||
- "{{ matrix_mautrix_signal_daemon_path }}"
|
|
||||||
- "{{ matrix_mautrix_signal_daemon_path }}/avatars"
|
|
||||||
- "{{ matrix_mautrix_signal_daemon_path }}/attachments"
|
|
||||||
- "{{ matrix_mautrix_signal_daemon_path }}/data"
|
|
||||||
|
|
||||||
|
|
||||||
- name: Ensure mautrix-signal-daemon environment variables file created
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/env.j2"
|
|
||||||
dest: "{{ matrix_mautrix_signal_daemon_path }}/env"
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
mode: 0644
|
|
||||||
|
|
||||||
- name: Ensure mautrix-signal config.yaml installed
|
- name: Ensure mautrix-signal config.yaml installed
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
@ -109,15 +126,15 @@
|
|||||||
owner: "{{ matrix_user_username }}"
|
owner: "{{ matrix_user_username }}"
|
||||||
group: "{{ matrix_user_groupname }}"
|
group: "{{ matrix_user_groupname }}"
|
||||||
|
|
||||||
- name: Ensure matrix-mautrix-signal-daemon.service installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal-daemon.service.j2"
|
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service"
|
|
||||||
mode: 0644
|
|
||||||
register: matrix_mautrix_signal_daemon_systemd_service_result
|
|
||||||
|
|
||||||
- name: Ensure matrix-mautrix-signal.service installed
|
- name: Ensure matrix-mautrix-signal.service installed
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2"
|
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signal.service.j2"
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service"
|
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
|
||||||
|
- name: Ensure matrix-mautrix-signal.service restarted, if necessary
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: "matrix-mautrix-signal.service"
|
||||||
|
state: restarted
|
||||||
|
daemon_reload: true
|
||||||
|
when: "matrix_mautrix_signal_requires_restart | bool"
|
||||||
|
@ -1,26 +1,5 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
# Signal daemon service
|
|
||||||
- name: Check existence of matrix-mautrix-signal-daemon service
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service"
|
|
||||||
register: matrix_mautrix_signal_daemon_service_stat
|
|
||||||
|
|
||||||
- when: matrix_mautrix_signal_daemon_service_stat.stat.exists | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure matrix-mautrix-signal-daemon is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-mautrix-signal-daemon
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Ensure matrix-mautrix-signal-daemon.service doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal-daemon.service"
|
|
||||||
state: absent
|
|
||||||
|
|
||||||
# Bridge service
|
|
||||||
- name: Check existence of matrix-mautrix-signal service
|
- name: Check existence of matrix-mautrix-signal service
|
||||||
ansible.builtin.stat:
|
ansible.builtin.stat:
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service"
|
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signal.service"
|
||||||
|
@ -6,35 +6,15 @@
|
|||||||
You need to define a required configuration setting (`{{ item.name }}`).
|
You need to define a required configuration setting (`{{ item.name }}`).
|
||||||
when: "item.when | bool and vars[item.name] == ''"
|
when: "item.when | bool and vars[item.name] == ''"
|
||||||
with_items:
|
with_items:
|
||||||
- {'name': 'matrix_mautrix_signal_homeserver_domain', when: true}
|
|
||||||
- {'name': 'matrix_mautrix_signal_homeserver_address', when: true}
|
|
||||||
- {'name': 'matrix_mautrix_signal_homeserver_token', when: true}
|
|
||||||
- {'name': 'matrix_mautrix_signal_appservice_token', when: true}
|
- {'name': 'matrix_mautrix_signal_appservice_token', when: true}
|
||||||
|
- {'name': 'matrix_mautrix_signal_homeserver_token', when: true}
|
||||||
- {'name': 'matrix_mautrix_signal_database_hostname', when: "{{ matrix_mautrix_signal_database_engine == 'postgres' }}"}
|
- {'name': 'matrix_mautrix_signal_database_hostname', when: "{{ matrix_mautrix_signal_database_engine == 'postgres' }}"}
|
||||||
|
|
||||||
- name: (Deprecation) Fail if matrix_mautrix_signal_bridge_permissions specified as YAML string, instead of a dictionary
|
- name: (Deprecation) Catch and report renamed settings
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: >-
|
|
||||||
The `matrix_mautrix_signal_bridge_permissions` variable in your configuration is specified as a YAML string.
|
|
||||||
The playbook now expects a hashmap/dictionary in this variable.
|
|
||||||
Change your configuration like this:
|
|
||||||
matrix_mautrix_signal_bridge_permissions: {{ matrix_mautrix_signal_bridge_permissions | from_yaml | to_json }}
|
|
||||||
when: "matrix_mautrix_signal_bridge_permissions is string"
|
|
||||||
|
|
||||||
- name: (Deprecation) Catch and report renamed Signal variables
|
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: >-
|
msg: >-
|
||||||
Your configuration contains a variable, which now has a different name.
|
Your configuration contains a variable, which now has a different name.
|
||||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
||||||
when: "item.old in vars"
|
when: "item.old in vars"
|
||||||
with_items:
|
with_items:
|
||||||
- {'old': 'matrix_mautrix_signal_container_exposed_port_number', 'new': '<superseded by matrix_mautrix_signal_container_http_host_bind_port>'}
|
- {'old': 'matrix_mautrix_signal_log_level', 'new': 'matrix_mautrix_signal_logging_level'}
|
||||||
- {'old': 'matrix_mautrix_signal_db_user', 'new': 'matrix_mautrix_signal_database_username'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_db_password', 'new': 'matrix_mautrix_signal_database_password'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_db_database', 'new': 'matrix_mautrix_signal_database_name'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_db_host', 'new': 'matrix_mautrix_signal_database_hostname'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_db_port', 'new': 'matrix_mautrix_signal_database_port'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_db_url', 'new': 'matrix_mautrix_signal_database_connection_string'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_configuration_permissions', 'new': '<superseded by matrix_mautrix_signal_configuration_extension_yaml>'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_container_self_build', 'new': 'matrix_mautrix_signal_container_image_self_build'}
|
|
||||||
- {'old': 'matrix_mautrix_signal_daemon_container_self_build', 'new': 'matrix_mautrix_signal_daemon_container_image_self_build'}
|
|
||||||
|
@ -5,269 +5,258 @@ homeserver:
|
|||||||
address: {{ matrix_mautrix_signal_homeserver_address }}
|
address: {{ matrix_mautrix_signal_homeserver_address }}
|
||||||
# The domain of the homeserver (for MXIDs, etc).
|
# The domain of the homeserver (for MXIDs, etc).
|
||||||
domain: {{ matrix_mautrix_signal_homeserver_domain }}
|
domain: {{ matrix_mautrix_signal_homeserver_domain }}
|
||||||
# Whether or not to verify the SSL certificate of the homeserver.
|
|
||||||
# Only applies if address starts with https://
|
# What software is the homeserver running?
|
||||||
verify_ssl: true
|
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
|
||||||
asmux: false
|
software: standard
|
||||||
# Number of retries for all HTTP requests if the homeserver isn't reachable.
|
|
||||||
http_retry_count: 4
|
|
||||||
# The URL to push real-time bridge status to.
|
# The URL to push real-time bridge status to.
|
||||||
# If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
|
# If set, the bridge will make POST requests to this URL whenever a user's discord connection state changes.
|
||||||
# The bridge will use the appservice as_token to authorize requests.
|
# The bridge will use the appservice as_token to authorize requests.
|
||||||
status_endpoint: null
|
status_endpoint: null
|
||||||
# Endpoint for reporting per-message status.
|
# Endpoint for reporting per-message status.
|
||||||
message_send_checkpoint_endpoint: null
|
message_send_checkpoint_endpoint: null
|
||||||
|
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
|
||||||
|
async_media: false
|
||||||
|
|
||||||
# Application service host/registration related details
|
# Should the bridge use a websocket for connecting to the homeserver?
|
||||||
|
# The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
|
||||||
|
# mautrix-asmux (deprecated), and hungryserv (proprietary).
|
||||||
|
websocket: false
|
||||||
|
# How often should the websocket be pinged? Pinging will be disabled if this is zero.
|
||||||
|
ping_interval_seconds: 0
|
||||||
|
|
||||||
|
# Application service host/registration related details.
|
||||||
# Changing these values requires regeneration of the registration.
|
# Changing these values requires regeneration of the registration.
|
||||||
appservice:
|
appservice:
|
||||||
# The address that the homeserver can use to connect to this appservice.
|
# The address that the homeserver can use to connect to this appservice.
|
||||||
address: {{ matrix_mautrix_signal_appservice_address }}
|
address: {{ matrix_mautrix_signal_appservice_address | to_json }}
|
||||||
# When using https:// the TLS certificate and key files for the address.
|
|
||||||
tls_cert: false
|
|
||||||
tls_key: false
|
|
||||||
|
|
||||||
# The hostname and port where this appservice should listen.
|
# The hostname and port where this appservice should listen.
|
||||||
hostname: 0.0.0.0
|
hostname: 0.0.0.0
|
||||||
port: 29328
|
port: 8080
|
||||||
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
|
|
||||||
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
|
|
||||||
max_body_size: 1
|
|
||||||
|
|
||||||
# The full URI to the database. SQLite and Postgres are supported.
|
# Database config.
|
||||||
# Format examples:
|
database:
|
||||||
# SQLite: sqlite:///filename.db
|
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
|
||||||
# Postgres: postgres://username:password@hostname/dbname
|
type: {{ matrix_mautrix_signal_appservice_database_type|to_json }}
|
||||||
database: {{ matrix_mautrix_signal_database_connection_string }}
|
# The database URI.
|
||||||
# Additional arguments for asyncpg.create_pool() or sqlite3.connect()
|
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
|
||||||
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
|
# https://github.com/mattn/go-sqlite3#connection-string
|
||||||
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
|
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
|
||||||
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
|
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
|
||||||
database_opts:
|
uri: {{ matrix_mautrix_signal_appservice_database_uri|to_json }}
|
||||||
min_size: 5
|
# Maximum number of connections. Mostly relevant for Postgres.
|
||||||
max_size: 10
|
max_open_conns: 20
|
||||||
|
max_idle_conns: 2
|
||||||
|
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
|
||||||
|
# Parsed with https://pkg.go.dev/time#ParseDuration
|
||||||
|
max_conn_idle_time: null
|
||||||
|
max_conn_lifetime: null
|
||||||
|
|
||||||
# The unique ID of this appservice.
|
# The unique ID of this appservice.
|
||||||
id: signal
|
id: signal
|
||||||
|
# Appservice bot details.
|
||||||
|
bot:
|
||||||
# Username of the appservice bot.
|
# Username of the appservice bot.
|
||||||
bot_username: {{ matrix_mautrix_signal_appservice_bot_username|to_json }}
|
username: signalbot
|
||||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
||||||
# to leave display name/avatar as-is.
|
# to leave display name/avatar as-is.
|
||||||
bot_displayname: Signal bridge bot
|
displayname: signal bridge bot
|
||||||
bot_avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
|
avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
|
||||||
|
|
||||||
# Whether or not to receive ephemeral events via appservice transactions.
|
# Whether or not to receive ephemeral events via appservice transactions.
|
||||||
# Requires MSC2409 support (i.e. Synapse 1.22+).
|
# Requires MSC2409 support (i.e. Synapse 1.22+).
|
||||||
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
|
ephemeral_events: true
|
||||||
ephemeral_events: false
|
|
||||||
|
# Should incoming events be handled asynchronously?
|
||||||
|
# This may be necessary for large public instances with lots of messages going through.
|
||||||
|
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
|
||||||
|
async_transactions: false
|
||||||
|
|
||||||
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
|
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
|
||||||
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
|
as_token: {{ matrix_mautrix_signal_appservice_token | to_json }}
|
||||||
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
|
hs_token: {{ matrix_mautrix_signal_homeserver_token | to_json }}
|
||||||
|
|
||||||
# Prometheus telemetry config. Requires prometheus-client to be installed.
|
# Prometheus config.
|
||||||
metrics:
|
metrics:
|
||||||
enabled: {{ matrix_mautrix_signal_metrics_enabled | to_json }}
|
# Enable prometheus metrics?
|
||||||
listen_port: 8000
|
|
||||||
|
|
||||||
# Manhole config.
|
|
||||||
manhole:
|
|
||||||
# Whether or not opening the manhole is allowed.
|
|
||||||
enabled: false
|
enabled: false
|
||||||
# The path for the unix socket.
|
# IP and port where the metrics listener should be. The path is always /metrics
|
||||||
path: /var/tmp/mautrix-signal.manhole
|
listen: 127.0.0.1:8000
|
||||||
# The list of UIDs who can be added to the whitelist.
|
|
||||||
# If empty, any UIDs can be specified in the open-manhole command.
|
|
||||||
whitelist:
|
|
||||||
- 0
|
|
||||||
|
|
||||||
signal:
|
|
||||||
# Path to signald unix socket
|
|
||||||
socket_path: /signald/signald.sock
|
|
||||||
# Directory for temp files when sending files to Signal. This should be an
|
|
||||||
# absolute path that signald can read. For attachments in the other direction,
|
|
||||||
# make sure signald is configured to use an absolute path as the data directory.
|
|
||||||
outgoing_attachment_dir: /signald/attachments
|
|
||||||
# Directory where signald stores avatars for groups.
|
|
||||||
avatar_dir: /signald/avatars
|
|
||||||
# Directory where signald stores auth data. Used to delete data when logging out.
|
|
||||||
data_dir: /signald/data
|
|
||||||
# Whether or not unknown signald accounts should be deleted when the bridge is started.
|
|
||||||
# When this is enabled, any UserInUse errors should be resolved by restarting the bridge.
|
|
||||||
delete_unknown_accounts_on_start: false
|
|
||||||
# Whether or not message attachments should be removed from disk after they're bridged.
|
|
||||||
remove_file_after_handling: true
|
|
||||||
# Whether or not users can register a primary device
|
|
||||||
registration_enabled: true
|
|
||||||
|
|
||||||
# Bridge config
|
# Bridge config
|
||||||
bridge:
|
bridge:
|
||||||
# Localpart template of MXIDs for Signal users.
|
# Localpart template of MXIDs for Signal users.
|
||||||
# {userid} is replaced with an identifier for the Signal user.
|
# {{ '{{.}}' }} is replaced with the internal ID of the Signal user.
|
||||||
username_template: "signal_{userid}"
|
username_template: "{{ 'signal_{{.}}' }}"
|
||||||
# Displayname template for Signal users.
|
# Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
|
||||||
# {displayname} is replaced with the displayname of the Signal user, which is the first
|
# Available variables: TODO
|
||||||
# available variable in displayname_preference. The variables in displayname_preference
|
displayname_template: "{{ '{{.ProfileName}} (Signal)' }}"
|
||||||
# can also be used here directly.
|
# Whether to explicitly set the avatar and room name for private chat portal rooms.
|
||||||
displayname_template: "{displayname} (Signal)"
|
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
|
||||||
# Whether or not contact list displaynames should be used.
|
# If set to `always`, all DM rooms will have explicit names and avatars set.
|
||||||
# Possible values: disallow, allow, prefer
|
# If set to `never`, DM rooms will never have names and avatars set.
|
||||||
#
|
private_chat_portal_meta: default
|
||||||
# Multi-user instances are recommended to disallow contact list names, as otherwise there can
|
|
||||||
# be conflicts between names from different users' contact lists.
|
|
||||||
contact_list_names: disallow
|
|
||||||
# Available variables: full_name, first_name, last_name, phone, uuid
|
|
||||||
displayname_preference:
|
|
||||||
- full_name
|
|
||||||
- phone
|
|
||||||
|
|
||||||
# Whether or not to create portals for all groups on login/connect.
|
portal_message_buffer: 128
|
||||||
autocreate_group_portal: true
|
|
||||||
# Whether or not to create portals for all contacts on login/connect.
|
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
|
||||||
autocreate_contact_portal: false
|
delivery_receipts: false
|
||||||
# Whether or not to use /sync to get read receipts and typing notifications
|
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
|
||||||
# when double puppeting is enabled
|
message_status_events: false
|
||||||
sync_with_custom_puppets: true
|
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
|
||||||
# Whether or not to update the m.direct account data event when double puppeting is enabled.
|
message_error_notices: true
|
||||||
|
# Should the bridge update the m.direct account data event when double puppeting is enabled.
|
||||||
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
|
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
|
||||||
# and is therefore prone to race conditions.
|
# and is therefore prone to race conditions.
|
||||||
sync_direct_chat_list: false
|
sync_direct_chat_list: false
|
||||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
|
||||||
double_puppet_allow_discovery: false
|
# This field will automatically be changed back to false after it, except if the config file is not writable.
|
||||||
# Servers to allow double puppeting from, even if double_puppet_allow_discovery is false.
|
resend_bridge_info: false
|
||||||
double_puppet_server_map: {}
|
|
||||||
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
|
|
||||||
#
|
|
||||||
# If set, custom puppets will be enabled automatically for local users
|
|
||||||
# instead of users having to find an access token and run `login-matrix`
|
|
||||||
# manually.
|
|
||||||
# If using this for other servers than the bridge's server,
|
|
||||||
# you must also set the URL in the double_puppet_server_map.
|
|
||||||
login_shared_secret_map:
|
|
||||||
{{ matrix_mautrix_signal_homeserver_domain }}: {{ matrix_mautrix_signal_login_shared_secret|to_json }}
|
|
||||||
# Whether or not created rooms should have federation enabled.
|
# Whether or not created rooms should have federation enabled.
|
||||||
# If false, created portal rooms will never be federated.
|
# If false, created portal rooms will never be federated.
|
||||||
federate_rooms: {{ matrix_mautrix_signal_federate_rooms|to_json }}
|
federate_rooms: {{ matrix_mautrix_signal_federate_rooms|to_json }}
|
||||||
# End-to-bridge encryption support options. You must install the e2be optional dependency for
|
# Servers to always allow double puppeting from
|
||||||
# this to work. See https://github.com/tulir/mautrix-telegram/wiki/End‐to‐bridge-encryption
|
double_puppet_server_map:
|
||||||
|
"{{ matrix_mautrix_signal_homeserver_domain }}": {{ matrix_mautrix_signal_homeserver_address }}
|
||||||
|
# Allow using double puppeting from any server with a valid client .well-known file.
|
||||||
|
double_puppet_allow_discovery: false
|
||||||
|
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
|
||||||
|
#
|
||||||
|
# If set, double puppeting will be enabled automatically for local users
|
||||||
|
# instead of users having to find an access token and run `login-matrix`
|
||||||
|
# manually.
|
||||||
|
login_shared_secret_map: {{ matrix_mautrix_signal_bridge_login_shared_secret_map|to_json }}
|
||||||
|
|
||||||
|
# Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
|
||||||
|
# Null means there's no enforced timeout.
|
||||||
|
message_handling_timeout:
|
||||||
|
# Send an error message after this timeout, but keep waiting for the response until the deadline.
|
||||||
|
# This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
|
||||||
|
# If the message is older than this when it reaches the bridge, the message won't be handled at all.
|
||||||
|
error_after: null
|
||||||
|
# Drop messages after this timeout. They may still go through if the message got sent to the servers.
|
||||||
|
# This is counted from the time the bridge starts handling the message.
|
||||||
|
deadline: 120s
|
||||||
|
|
||||||
|
# The prefix for commands. Only required in non-management rooms.
|
||||||
|
command_prefix: "{{ matrix_mautrix_signal_command_prefix }}"
|
||||||
|
# Messages sent upon joining a management room.
|
||||||
|
# Markdown is supported. The defaults are listed below.
|
||||||
|
management_room_text:
|
||||||
|
# Sent when joining a room.
|
||||||
|
welcome: "Hello, I'm a signal bridge bot."
|
||||||
|
# Sent when joining a management room and the user is already logged in.
|
||||||
|
welcome_connected: "Use `help` for help."
|
||||||
|
# Sent when joining a management room and the user is not logged in.
|
||||||
|
welcome_unconnected: "Use `help` for help or `login` to log in."
|
||||||
|
# Optional extra text sent when joining a management room.
|
||||||
|
additional_help: ""
|
||||||
|
|
||||||
|
# End-to-bridge encryption support options.
|
||||||
|
#
|
||||||
|
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
|
||||||
encryption:
|
encryption:
|
||||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||||
allow: {{ matrix_mautrix_signal_bridge_encryption_allow|to_json }}
|
allow: {{ matrix_mautrix_signal_bridge_encryption_allow|to_json }}
|
||||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||||
default: {{ matrix_mautrix_signal_bridge_encryption_default|to_json }}
|
default: {{ matrix_mautrix_signal_bridge_encryption_default|to_json }}
|
||||||
# Options for automatic key sharing.
|
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
|
||||||
key_sharing:
|
appservice: false
|
||||||
|
# Require encryption, drop any unencrypted messages.
|
||||||
|
require: false
|
||||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
||||||
# You must use a client that supports requesting keys from other users to use this feature.
|
# You must use a client that supports requesting keys from other users to use this feature.
|
||||||
allow: {{ matrix_mautrix_signal_bridge_encryption_key_sharing_allow|to_json }}
|
allow_key_sharing: {{ matrix_mautrix_signal_bridge_encryption_key_sharing_allow|to_json }}
|
||||||
# Require the requesting device to have a valid cross-signing signature?
|
# Options for deleting megolm sessions from the bridge.
|
||||||
# This doesn't require that the bridge has verified the device, only that the user has verified it.
|
delete_keys:
|
||||||
# Not yet implemented.
|
# Beeper-specific: delete outbound sessions when hungryserv confirms
|
||||||
require_cross_signing: false
|
# that the user has uploaded the key to key backup.
|
||||||
# Require devices to be verified by the bridge?
|
delete_outbound_on_ack: false
|
||||||
# Verification by the bridge is not yet implemented.
|
# Don't store outbound sessions in the inbound table.
|
||||||
require_verification: true
|
dont_store_outbound: false
|
||||||
# Whether or not to explicitly set the avatar and room name for private
|
# Ratchet megolm sessions forward after decrypting messages.
|
||||||
# chat portal rooms. This will be implicitly enabled if encryption.default is true.
|
ratchet_on_decrypt: false
|
||||||
private_chat_portal_meta: false
|
# Delete fully used keys (index >= max_messages) after decrypting messages.
|
||||||
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
|
delete_fully_used_on_decrypt: false
|
||||||
# been sent to Signal. This let's you check manually whether the bridge is receiving your
|
# Delete previous megolm sessions from same device when receiving a new one.
|
||||||
# messages.
|
delete_prev_on_new_session: false
|
||||||
# Note that this is not related to Signal delivery receipts.
|
# Delete megolm sessions received from a device when the device is deleted.
|
||||||
delivery_receipts: false
|
delete_on_device_delete: false
|
||||||
# Whether or not delivery errors should be reported as messages in the Matrix room. (not yet implemented)
|
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
|
||||||
delivery_error_reports: true
|
periodically_delete_expired: false
|
||||||
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
|
# Delete inbound megolm sessions that don't have the received_at field used for
|
||||||
# This field will automatically be changed back to false after it,
|
# automatic ratcheting and expired session deletion. This is meant as a migration
|
||||||
# except if the config file is not writable.
|
# to delete old keys prior to the bridge update.
|
||||||
resend_bridge_info: false
|
delete_outdated_inbound: false
|
||||||
# Interval at which to resync contacts (in seconds).
|
# What level of device verification should be required from users?
|
||||||
periodic_sync: 0
|
#
|
||||||
|
# Valid levels:
|
||||||
|
# unverified - Send keys to all device in the room.
|
||||||
|
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
|
||||||
|
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
|
||||||
|
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
|
||||||
|
# Note that creating user signatures from the bridge bot is not currently possible.
|
||||||
|
# verified - Require manual per-device verification
|
||||||
|
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
|
||||||
|
verification_levels:
|
||||||
|
# Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix.
|
||||||
|
receive: unverified
|
||||||
|
# Minimum level that the bridge should accept for incoming Matrix messages.
|
||||||
|
send: unverified
|
||||||
|
# Minimum level that the bridge should require for accepting key requests.
|
||||||
|
share: cross-signed-tofu
|
||||||
|
# Options for Megolm room key rotation. These options allow you to
|
||||||
|
# configure the m.room.encryption event content. See:
|
||||||
|
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
|
||||||
|
# more information about that event.
|
||||||
|
rotation:
|
||||||
|
# Enable custom Megolm room key rotation settings. Note that these
|
||||||
|
# settings will only apply to rooms created after this option is
|
||||||
|
# set.
|
||||||
|
enable_custom: false
|
||||||
|
# The maximum number of milliseconds a session should be used
|
||||||
|
# before changing it. The Matrix spec recommends 604800000 (a week)
|
||||||
|
# as the default.
|
||||||
|
milliseconds: 604800000
|
||||||
|
# The maximum number of messages that should be sent with a given a
|
||||||
|
# session before changing it. The Matrix spec recommends 100 as the
|
||||||
|
# default.
|
||||||
|
messages: 100
|
||||||
|
|
||||||
# Provisioning API part of the web server for automated portal creation and fetching information.
|
# Disable rotating keys when a user's devices change?
|
||||||
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
|
# You should not enable this option unless you understand all the implications.
|
||||||
|
disable_device_change_key_rotation: false
|
||||||
|
|
||||||
|
# Settings for provisioning API
|
||||||
provisioning:
|
provisioning:
|
||||||
# Whether or not the provisioning API should be enabled.
|
# Prefix for the provisioning API paths.
|
||||||
enabled: true
|
prefix: /_matrix/provision
|
||||||
# The prefix to use in the provisioning API endpoints.
|
# Shared secret for authentication. If set to "generate", a random secret will be generated,
|
||||||
prefix: /_matrix/provision/v1
|
# or if set to "disable", the provisioning API will be disabled.
|
||||||
# The shared secret to authorize users of the API.
|
|
||||||
# Set to "generate" to generate and save a new token.
|
|
||||||
shared_secret: generate
|
shared_secret: generate
|
||||||
|
# Enable debug API at /debug with provisioning authentication.
|
||||||
# The prefix for commands. Only required in non-management rooms.
|
debug_endpoints: false
|
||||||
command_prefix: "{{ matrix_mautrix_signal_command_prefix }}"
|
|
||||||
|
|
||||||
# Messages sent upon joining a management room.
|
|
||||||
# Markdown is supported. The defaults are listed below.
|
|
||||||
management_room_text:
|
|
||||||
# Sent when joining a room.
|
|
||||||
welcome: "Hello, I'm a Signal bridge bot."
|
|
||||||
# Sent when joining a management room and the user is already logged in.
|
|
||||||
welcome_connected: "Use `help` for help."
|
|
||||||
# Sent when joining a management room and the user is not logged in.
|
|
||||||
welcome_unconnected: "Use `help` for help or `register` to log in."
|
|
||||||
# Optional extra text sent when joining a management room.
|
|
||||||
additional_help: ""
|
|
||||||
|
|
||||||
# Send each message separately (for readability in some clients)
|
|
||||||
management_room_multiple_messages: false
|
|
||||||
|
|
||||||
# Permissions for using the bridge.
|
# Permissions for using the bridge.
|
||||||
# Permitted values:
|
# Permitted values:
|
||||||
# relay - Allowed to be relayed through the bridge, no access to commands.
|
# relay - Talk through the relaybot (if enabled), no access otherwise
|
||||||
# user - Use the bridge with puppeting.
|
# user - Access to use the bridge to chat with a Signal account.
|
||||||
# admin - Use and administrate the bridge.
|
# admin - User level and some additional administration tools
|
||||||
# Permitted keys:
|
# Permitted keys:
|
||||||
# * - All Matrix users
|
# * - All Matrix users
|
||||||
# domain - All users on that homeserver
|
# domain - All users on that homeserver
|
||||||
# mxid - Specific user
|
# mxid - Specific user
|
||||||
permissions: {{ matrix_mautrix_signal_bridge_permissions|to_json }}
|
permissions: {{ matrix_mautrix_signal_bridge_permissions|to_json }}
|
||||||
|
|
||||||
relay:
|
# Logging config. See https://github.com/tulir/zeroconfig for details.
|
||||||
# Whether or not relay mode should be allowed. If allowed, `!signal set-relay` can be used to turn any
|
|
||||||
# authenticated user into a relaybot for that chat.
|
|
||||||
enabled: {{ matrix_mautrix_signal_relaybot_enabled }}
|
|
||||||
# The formats to use when sending messages to Signal via a relay user.
|
|
||||||
#
|
|
||||||
# Available variables:
|
|
||||||
# $sender_displayname - The display name of the sender (e.g. Example User)
|
|
||||||
# $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
|
|
||||||
# $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com)
|
|
||||||
# $message - The message content
|
|
||||||
message_formats:
|
|
||||||
m.text: '$sender_displayname: $message'
|
|
||||||
m.notice: '$sender_displayname: $message'
|
|
||||||
m.emote: '* $sender_displayname $message'
|
|
||||||
m.file: '$sender_displayname sent a file'
|
|
||||||
m.image: '$sender_displayname sent an image'
|
|
||||||
m.audio: '$sender_displayname sent an audio file'
|
|
||||||
m.video: '$sender_displayname sent a video'
|
|
||||||
m.location: '$sender_displayname sent a location'
|
|
||||||
|
|
||||||
|
|
||||||
# Python logging configuration.
|
|
||||||
#
|
|
||||||
# See section 16.7.2 of the Python documentation for more info:
|
|
||||||
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
|
|
||||||
logging:
|
logging:
|
||||||
version: 1
|
directory: ./logs
|
||||||
formatters:
|
file_name_format: ''
|
||||||
colored:
|
file_date_format: "2006-01-02"
|
||||||
(): mautrix_signal.util.ColorFormatter
|
file_mode: 384
|
||||||
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
|
timestamp_format: Jan _2, 2006 15:04:05
|
||||||
normal:
|
print_level: {{ matrix_mautrix_signal_logging_level | to_json }}
|
||||||
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
|
print_json: false
|
||||||
handlers:
|
file_json: false
|
||||||
console:
|
|
||||||
class: logging.StreamHandler
|
|
||||||
formatter: colored
|
|
||||||
loggers:
|
|
||||||
mau:
|
|
||||||
level: {{ matrix_mautrix_signal_logging_level|to_json }}
|
|
||||||
aiohttp:
|
|
||||||
level: {{ matrix_mautrix_signal_logging_level|to_json }}
|
|
||||||
root:
|
|
||||||
level: {{ matrix_mautrix_signal_logging_level|to_json }}
|
|
||||||
handlers: [console]
|
|
||||||
|
@ -1 +0,0 @@
|
|||||||
{{ matrix_mautrix_signal_daemon_environment_variables_extension }}
|
|
@ -1,18 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
id: signal
|
|
||||||
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
|
|
||||||
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
|
|
||||||
namespaces:
|
|
||||||
users:
|
|
||||||
- exclusive: true
|
|
||||||
regex: '^@signal_.+:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
|
|
||||||
- exclusive: true
|
|
||||||
regex: '^@{{ matrix_mautrix_signal_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
|
|
||||||
aliases:
|
|
||||||
- exclusive: true
|
|
||||||
regex: '^#signal_.+:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
|
|
||||||
url: {{ matrix_mautrix_signal_appservice_address }}
|
|
||||||
# See https://github.com/mautrix/signal/issues/43
|
|
||||||
sender_localpart: _bot_{{ matrix_mautrix_signal_appservice_bot_username }}
|
|
||||||
rate_limited: false
|
|
||||||
de.sorunome.msc2409.push_ephemeral: true
|
|
@ -1,52 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
[Unit]
|
|
||||||
Description=Matrix Mautrix Signal daemon
|
|
||||||
|
|
||||||
{% for service in matrix_mautrix_signal_daemon_systemd_required_services_list %}
|
|
||||||
Requires={{ service }}
|
|
||||||
After={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
{% for service in matrix_mautrix_signal_daemon_systemd_wanted_services_list %}
|
|
||||||
Wants={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|
||||||
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-signal-daemon 2>/dev/null || true'
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true'
|
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
|
||||||
|
|
||||||
# Migration task required by the 0.19.0 upgrade
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \
|
|
||||||
--log-driver=none \
|
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
|
||||||
--cap-drop=ALL \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
|
||||||
{{ matrix_mautrix_signal_daemon_docker_image }} \
|
|
||||||
--migrate-data
|
|
||||||
|
|
||||||
# We can't use `--read-only` for this bridge.
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal-daemon \
|
|
||||||
--log-driver=none \
|
|
||||||
--env-file={{ matrix_mautrix_signal_daemon_path }}/env \
|
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
|
||||||
--cap-drop=ALL \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
|
||||||
{{ matrix_mautrix_signal_daemon_docker_image }}
|
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-signal-daemon 2>/dev/null || true'
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal-daemon 2>/dev/null || true'
|
|
||||||
|
|
||||||
Restart=always
|
|
||||||
RestartSec=30
|
|
||||||
SyslogIdentifier=matrix-mautrix-signal-daemon
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -1,15 +1,14 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
#jinja2: lstrip_blocks: "True"
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Matrix Mautrix Signal server
|
Description=Matrix Mautrix signal bridge
|
||||||
|
|
||||||
{% for service in matrix_mautrix_signal_systemd_required_services_list %}
|
{% for service in matrix_mautrix_signal_systemd_required_services_list %}
|
||||||
Requires={{ service }}
|
Requires={{ service }}
|
||||||
After={{ service }}
|
After={{ service }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|
||||||
{% for service in matrix_mautrix_signal_systemd_wanted_services_list %}
|
{% for service in matrix_mautrix_signal_systemd_wanted_services_list %}
|
||||||
Wants={{ service }}
|
Wants={{ service }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
DefaultDependencies=no
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
Type=simple
|
||||||
@ -22,25 +21,20 @@ ExecStartPre={{ matrix_host_command_sleep }} 5
|
|||||||
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal \
|
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signal \
|
||||||
--log-driver=none \
|
--log-driver=none \
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
||||||
--cap-drop=ALL \
|
--cap-drop=ALL \
|
||||||
--read-only \
|
--network={{ matrix_docker_network }} \
|
||||||
--tmpfs /tmp \
|
--mount type=bind,src={{ matrix_mautrix_signal_config_path }},dst=/config,ro \
|
||||||
{% if matrix_mautrix_signal_container_http_host_bind_port %}
|
--mount type=bind,src={{ matrix_mautrix_signal_data_path }},dst=/data \
|
||||||
-p {{ matrix_mautrix_signal_container_http_host_bind_port }}:29328 \
|
--workdir=/data \
|
||||||
{% endif %}
|
|
||||||
-v {{ matrix_mautrix_signal_daemon_path }}:/signald:z \
|
|
||||||
-v {{ matrix_mautrix_signal_config_path }}:/config:z \
|
|
||||||
{% for arg in matrix_mautrix_signal_container_extra_arguments %}
|
{% for arg in matrix_mautrix_signal_container_extra_arguments %}
|
||||||
{{ arg }} \
|
{{ arg }} \
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ matrix_mautrix_signal_docker_image }} \
|
{{ matrix_mautrix_signal_docker_image }} \
|
||||||
python3 -m mautrix_signal -c /config/config.yaml --no-update
|
/usr/bin/mautrix-signal -c /config/config.yaml -r /config/registration.yaml --no-update
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-signal 2>/dev/null || true'
|
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-signal 2>/dev/null || true'
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true'
|
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signal 2>/dev/null || true'
|
||||||
|
|
||||||
Restart=always
|
Restart=always
|
||||||
RestartSec=30
|
RestartSec=30
|
||||||
SyslogIdentifier=matrix-mautrix-signal
|
SyslogIdentifier=matrix-mautrix-signal
|
||||||
|
@ -1,159 +0,0 @@
|
|||||||
---
|
|
||||||
# mautrix-signalgo is a Matrix <-> signalgo bridge
|
|
||||||
# Project source code URL: https://github.com/mautrix/signalgo
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_enabled: true
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_container_image_self_build: false
|
|
||||||
matrix_mautrix_signalgo_container_image_self_build_repo: "https://mau.dev/mautrix/signalgo.git"
|
|
||||||
matrix_mautrix_signalgo_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signalgo_version == 'latest' else matrix_mautrix_signalgo_version }}"
|
|
||||||
|
|
||||||
# renovate: datasource=docker depName=dock.mau.dev/mautrix/signalgo
|
|
||||||
matrix_mautrix_signalgo_version: 63b24c86d1bcd87f20e830d7134cbb39f8de4e3f-amd64
|
|
||||||
|
|
||||||
# See: https://mau.dev/mautrix/signalgo/container_registry
|
|
||||||
matrix_mautrix_signalgo_docker_image: "{{ matrix_mautrix_signalgo_docker_image_name_prefix }}mautrix/signalgo:{{ matrix_mautrix_signalgo_version }}"
|
|
||||||
matrix_mautrix_signalgo_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_signalgo_container_image_self_build else 'dock.mau.dev/' }}"
|
|
||||||
matrix_mautrix_signalgo_docker_image_force_pull: "{{ matrix_mautrix_signalgo_docker_image.endswith(':latest') }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_base_path: "{{ matrix_base_data_path }}/mautrix-signalgo"
|
|
||||||
matrix_mautrix_signalgo_config_path: "{{ matrix_mautrix_signalgo_base_path }}/config"
|
|
||||||
matrix_mautrix_signalgo_data_path: "{{ matrix_mautrix_signalgo_base_path }}/data"
|
|
||||||
matrix_mautrix_signalgo_docker_src_files_path: "{{ matrix_mautrix_signalgo_base_path }}/docker-src"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_homeserver_address: "{{ matrix_homeserver_container_url }}"
|
|
||||||
matrix_mautrix_signalgo_homeserver_domain: "{{ matrix_domain }}"
|
|
||||||
matrix_mautrix_signalgo_appservice_address: "http://matrix-mautrix-signalgo:8080"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_command_prefix: "!signalgo"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_bridge_permissions: |
|
|
||||||
{{
|
|
||||||
{'*': 'relay', matrix_mautrix_signalgo_homeserver_domain: 'user'}
|
|
||||||
| combine({matrix_admin: 'admin'} if matrix_admin else {})
|
|
||||||
}}
|
|
||||||
|
|
||||||
# A list of extra arguments to pass to the container
|
|
||||||
matrix_mautrix_signalgo_container_extra_arguments: []
|
|
||||||
|
|
||||||
# List of systemd services that matrix-mautrix-signalgo.service depends on.
|
|
||||||
matrix_mautrix_signalgo_systemd_required_services_list: ['docker.service']
|
|
||||||
|
|
||||||
# List of systemd services that matrix-mautrix-signalgo.service wants
|
|
||||||
matrix_mautrix_signalgo_systemd_wanted_services_list: []
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_appservice_token: ''
|
|
||||||
matrix_mautrix_signalgo_homeserver_token: ''
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_appservice_bot_username: signalgobot
|
|
||||||
|
|
||||||
# Minimum severity of journal log messages.
|
|
||||||
# Options: debug, info, warn, error, fatal
|
|
||||||
matrix_mautrix_signalgo_logging_level: 'warn'
|
|
||||||
|
|
||||||
# Whether or not created rooms should have federation enabled.
|
|
||||||
# If false, created portal rooms will never be federated.
|
|
||||||
matrix_mautrix_signalgo_federate_rooms: true
|
|
||||||
|
|
||||||
# Whether or not metrics endpoint should be enabled.
|
|
||||||
# Enabling them is usually enough for a local (in-container) Prometheus to consume them.
|
|
||||||
# If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_signal_metrics_proxying_enabled`.
|
|
||||||
matrix_mautrix_signalgo_metrics_enabled: false
|
|
||||||
|
|
||||||
# Controls whether metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/mautrix-signal`.
|
|
||||||
# This will only work take effect if `matrix_nginx_proxy_proxy_matrix_metrics_enabled: true`.
|
|
||||||
# See the `matrix-nginx-proxy` role for details about enabling `matrix_nginx_proxy_proxy_matrix_metrics_enabled`.
|
|
||||||
matrix_mautrix_signalgo_metrics_proxying_enabled: false
|
|
||||||
|
|
||||||
# Database-related configuration fields.
|
|
||||||
#
|
|
||||||
# To use SQLite, stick to these defaults.
|
|
||||||
#
|
|
||||||
# To use Postgres:
|
|
||||||
# - change the engine (`matrix_mautrix_signalgo_database_engine: 'postgres'`)
|
|
||||||
# - adjust your database credentials via the `matrix_mautrix_signalgo_database_*` variables
|
|
||||||
matrix_mautrix_signalgo_database_engine: 'sqlite'
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_sqlite_database_path_local: "{{ matrix_mautrix_signalgo_data_path }}/mautrix-signalgo.db"
|
|
||||||
matrix_mautrix_signalgo_sqlite_database_path_in_container: "/data/mautrix-signalgo.db"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_database_username: 'matrix_mautrix_signalgo'
|
|
||||||
matrix_mautrix_signalgo_database_password: 'some-password'
|
|
||||||
matrix_mautrix_signalgo_database_hostname: ''
|
|
||||||
matrix_mautrix_signalgo_database_port: 5432
|
|
||||||
matrix_mautrix_signalgo_database_name: 'matrix_mautrix_signalgo'
|
|
||||||
matrix_mautrix_signalgo_database_sslmode: disable
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_database_connection_string: 'postgresql://{{ matrix_mautrix_signalgo_database_username }}:{{ matrix_mautrix_signalgo_database_password }}@{{ matrix_mautrix_signalgo_database_hostname }}:{{ matrix_mautrix_signalgo_database_port }}/{{ matrix_mautrix_signalgo_database_name }}?sslmode={{ matrix_mautrix_signalgo_database_sslmode }}'
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_appservice_database_type: "{{
|
|
||||||
{
|
|
||||||
'sqlite': 'sqlite3-fk-wal',
|
|
||||||
'postgres':'postgres',
|
|
||||||
}[matrix_mautrix_signalgo_database_engine]
|
|
||||||
}}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_appservice_database_uri: "{{
|
|
||||||
{
|
|
||||||
'sqlite': matrix_mautrix_signalgo_sqlite_database_path_in_container,
|
|
||||||
'postgres': matrix_mautrix_signalgo_database_connection_string,
|
|
||||||
}[matrix_mautrix_signalgo_database_engine]
|
|
||||||
}}"
|
|
||||||
|
|
||||||
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
|
||||||
matrix_mautrix_signalgo_login_shared_secret: ''
|
|
||||||
matrix_mautrix_signalgo_bridge_login_shared_secret_map:
|
|
||||||
"{{ {matrix_mautrix_signalgo_homeserver_domain: matrix_mautrix_signalgo_login_shared_secret} if matrix_mautrix_signalgo_login_shared_secret else {} }}"
|
|
||||||
|
|
||||||
# Servers to always allow double puppeting from
|
|
||||||
matrix_mautrix_signalgo_bridge_double_puppet_server_map:
|
|
||||||
"{{ matrix_mautrix_signalgo_homeserver_domain : matrix_mautrix_signalgo_homeserver_address }}"
|
|
||||||
|
|
||||||
# Default mautrix-signalgo configuration template which covers the generic use case.
|
|
||||||
# You can customize it by controlling the various variables inside it.
|
|
||||||
#
|
|
||||||
# For a more advanced customization, you can extend the default (see `matrix_mautrix_signalgo_configuration_extension_yaml`)
|
|
||||||
# or completely replace this variable with your own template.
|
|
||||||
matrix_mautrix_signalgo_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_configuration_extension_yaml: |
|
|
||||||
# Your custom YAML configuration goes here.
|
|
||||||
# This configuration extends the default starting configuration (`matrix_mautrix_signalgo_configuration_yaml`).
|
|
||||||
#
|
|
||||||
# You can override individual variables from the default configuration, or introduce new ones.
|
|
||||||
#
|
|
||||||
# If you need something more special, you can take full control by
|
|
||||||
# completely redefining `matrix_mautrix_signalgo_configuration_yaml`.
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_configuration_extension: "{{ matrix_mautrix_signalgo_configuration_extension_yaml | from_yaml if matrix_mautrix_signalgo_configuration_extension_yaml | from_yaml is mapping else {} }}"
|
|
||||||
|
|
||||||
# Holds the final configuration (a combination of the default and its extension).
|
|
||||||
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_signalgo_configuration_yaml`.
|
|
||||||
matrix_mautrix_signalgo_configuration: "{{ matrix_mautrix_signalgo_configuration_yaml | from_yaml | combine(matrix_mautrix_signalgo_configuration_extension, recursive=True) }}"
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_registration_yaml: |
|
|
||||||
id: signalgo
|
|
||||||
url: {{ matrix_mautrix_signalgo_appservice_address }}
|
|
||||||
as_token: "{{ matrix_mautrix_signalgo_appservice_token }}"
|
|
||||||
hs_token: "{{ matrix_mautrix_signalgo_homeserver_token }}"
|
|
||||||
# See https://github.com/mautrix/signal/issues/43
|
|
||||||
sender_localpart: _bot_{{ matrix_mautrix_signalgo_appservice_bot_username }}
|
|
||||||
rate_limited: false
|
|
||||||
namespaces:
|
|
||||||
users:
|
|
||||||
- regex: '^@signalgo_[-a-f0-9]+:{{ matrix_mautrix_signalgo_homeserver_domain | regex_escape }}$'
|
|
||||||
exclusive: true
|
|
||||||
- exclusive: true
|
|
||||||
regex: '^@{{ matrix_mautrix_signalgo_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_signalgo_homeserver_domain | regex_escape }}$'
|
|
||||||
de.sorunome.msc2409.push_ephemeral: true
|
|
||||||
|
|
||||||
matrix_mautrix_signalgo_registration: "{{ matrix_mautrix_signalgo_registration_yaml | from_yaml }}"
|
|
||||||
|
|
||||||
# Enable End-to-bridge encryption
|
|
||||||
matrix_mautrix_signalgo_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
|
||||||
matrix_mautrix_signalgo_bridge_encryption_default: "{{ matrix_mautrix_signalgo_bridge_encryption_allow }}"
|
|
||||||
matrix_mautrix_signalgo_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signalgo_bridge_encryption_allow }}"
|
|
||||||
|
|
||||||
# On conduit versions before 0.5.0 this option prevented users from joining spaces created by the bridge.
|
|
||||||
# Setting this to false fixed the issue.
|
|
||||||
matrix_mautrix_signalgo_bridge_restricted_rooms: true
|
|
@ -1,35 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Fail if matrix-nginx-proxy role already executed
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: >-
|
|
||||||
Trying to append mautrix-signalgo-metrics's reverse-proxying configuration to matrix-nginx-proxy,
|
|
||||||
but it's pointless since the matrix-nginx-proxy role had already executed.
|
|
||||||
To fix this, please change the order of roles in your playbook,
|
|
||||||
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-signalgo role.
|
|
||||||
when: matrix_nginx_proxy_role_executed | default(False) | bool
|
|
||||||
|
|
||||||
- when: matrix_mautrix_signalgo_metrics_proxying_enabled | bool
|
|
||||||
block:
|
|
||||||
- name: Generate mautrix-signalgo metrics proxying configuration for matrix-nginx-proxy (matrix.DOMAIN/metrics/mautrix-signalgo)
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
matrix_mautrix_signalgo_nginx_metrics_configuration_block: |
|
|
||||||
location /metrics/mautrix-signalgo {
|
|
||||||
{% if matrix_nginx_proxy_enabled | default(False) %}
|
|
||||||
{# Use the embedded DNS resolver in Docker containers to discover the service #}
|
|
||||||
resolver 127.0.0.11 valid=5s;
|
|
||||||
set $backend "matrix-mautrix-signalgo:8001";
|
|
||||||
proxy_pass http://$backend/metrics;
|
|
||||||
{% else %}
|
|
||||||
return 404 "matrix-nginx-proxy is disabled and no host port was bound to the container, so metrics are unavailable";
|
|
||||||
{% endif %}
|
|
||||||
}
|
|
||||||
|
|
||||||
- name: Register mautrix-signalgo metrics proxying configuration with matrix-nginx-proxy (matrix.DOMAIN/metrics/mautrix-signalgo)
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
matrix_nginx_proxy_proxy_matrix_metrics_additional_system_location_configuration_blocks: |
|
|
||||||
{{
|
|
||||||
matrix_nginx_proxy_proxy_matrix_metrics_additional_system_location_configuration_blocks | default([])
|
|
||||||
+
|
|
||||||
[matrix_mautrix_signalgo_nginx_metrics_configuration_block]
|
|
||||||
}}
|
|
@ -1,29 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-nginx-proxy
|
|
||||||
- install-all
|
|
||||||
- install-nginx-proxy
|
|
||||||
block:
|
|
||||||
- when: matrix_mautrix_signalgo_enabled | bool and matrix_mautrix_signalgo_metrics_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/inject_into_nginx_proxy.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-mautrix-signalgo
|
|
||||||
- install-all
|
|
||||||
- install-mautrix-signalgo
|
|
||||||
block:
|
|
||||||
- when: matrix_mautrix_signalgo_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
|
|
||||||
|
|
||||||
- when: matrix_mautrix_signalgo_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
|
|
||||||
|
|
||||||
- tags:
|
|
||||||
- setup-all
|
|
||||||
- setup-mautrix-signalgo
|
|
||||||
block:
|
|
||||||
- when: not matrix_mautrix_signalgo_enabled | bool
|
|
||||||
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
|
|
@ -1,140 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- ansible.builtin.set_fact:
|
|
||||||
matrix_mautrix_signalgo_requires_restart: false
|
|
||||||
|
|
||||||
- when: "matrix_mautrix_signalgo_database_engine == 'postgres'"
|
|
||||||
block:
|
|
||||||
- name: Check if an SQLite database already exists
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ matrix_mautrix_signalgo_sqlite_database_path_local }}"
|
|
||||||
register: matrix_mautrix_signalgo_sqlite_database_path_local_stat_result
|
|
||||||
|
|
||||||
- when: "matrix_mautrix_signalgo_sqlite_database_path_local_stat_result.stat.exists | bool"
|
|
||||||
block:
|
|
||||||
- ansible.builtin.include_role:
|
|
||||||
name: galaxy/com.devture.ansible.role.postgres
|
|
||||||
tasks_from: migrate_db_to_postgres
|
|
||||||
vars:
|
|
||||||
devture_postgres_db_migration_request:
|
|
||||||
src: "{{ matrix_mautrix_signalgo_sqlite_database_path_local }}"
|
|
||||||
dst: "{{ matrix_mautrix_signalgo_database_connection_string }}"
|
|
||||||
caller: "{{ role_path | basename }}"
|
|
||||||
engine_variable_name: 'matrix_mautrix_signalgo_database_engine'
|
|
||||||
engine_old: 'sqlite'
|
|
||||||
systemd_services_to_stop: ['matrix-mautrix-signalgo.service']
|
|
||||||
pgloader_options: ['--with "quote identifiers"']
|
|
||||||
|
|
||||||
- ansible.builtin.set_fact:
|
|
||||||
matrix_mautrix_signalgo_requires_restart: true
|
|
||||||
|
|
||||||
- name: Ensure Mautrix Signalgo paths exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ item.path }}"
|
|
||||||
state: directory
|
|
||||||
mode: 0750
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
with_items:
|
|
||||||
- {path: "{{ matrix_mautrix_signalgo_base_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_mautrix_signalgo_config_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_mautrix_signalgo_data_path }}", when: true}
|
|
||||||
- {path: "{{ matrix_mautrix_signalgo_docker_src_files_path }}", when: "{{ matrix_mautrix_signalgo_container_image_self_build }}"}
|
|
||||||
when: item.when | bool
|
|
||||||
|
|
||||||
- name: Ensure Mautrix Signalgo image is pulled
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_mautrix_signalgo_docker_image }}"
|
|
||||||
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
|
|
||||||
force_source: "{{ matrix_mautrix_signalgo_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signalgo_docker_image_force_pull }}"
|
|
||||||
when: not matrix_mautrix_signalgo_container_image_self_build
|
|
||||||
register: result
|
|
||||||
retries: "{{ devture_playbook_help_container_retries_count }}"
|
|
||||||
delay: "{{ devture_playbook_help_container_retries_delay }}"
|
|
||||||
until: result is not failed
|
|
||||||
|
|
||||||
- name: Ensure Mautrix Signalgo repository is present on self-build
|
|
||||||
ansible.builtin.git:
|
|
||||||
repo: "{{ matrix_mautrix_signalgo_container_image_self_build_repo }}"
|
|
||||||
dest: "{{ matrix_mautrix_signalgo_docker_src_files_path }}"
|
|
||||||
version: "{{ matrix_mautrix_signalgo_container_image_self_build_branch }}"
|
|
||||||
force: "yes"
|
|
||||||
become: true
|
|
||||||
become_user: "{{ matrix_user_username }}"
|
|
||||||
register: matrix_mautrix_signalgo_git_pull_results
|
|
||||||
when: "matrix_mautrix_signalgo_container_image_self_build | bool"
|
|
||||||
|
|
||||||
- name: Ensure Mautrix Signalgo Docker image is built
|
|
||||||
community.docker.docker_image:
|
|
||||||
name: "{{ matrix_mautrix_signalgo_docker_image }}"
|
|
||||||
source: build
|
|
||||||
force_source: "{{ matrix_mautrix_signalgo_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
|
|
||||||
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signalgo_git_pull_results.changed }}"
|
|
||||||
build:
|
|
||||||
dockerfile: Dockerfile
|
|
||||||
path: "{{ matrix_mautrix_signalgo_docker_src_files_path }}"
|
|
||||||
pull: true
|
|
||||||
when: "matrix_mautrix_signalgo_container_image_self_build | bool"
|
|
||||||
|
|
||||||
- name: Check if an old database file exists
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ matrix_mautrix_signalgo_base_path }}/mautrix-signalgo.db"
|
|
||||||
register: matrix_mautrix_signalgo_stat_database
|
|
||||||
|
|
||||||
- name: Check if an old matrix state file exists
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ matrix_mautrix_signalgo_base_path }}/mx-state.json"
|
|
||||||
register: matrix_mautrix_signalgo_stat_mx_state
|
|
||||||
|
|
||||||
- name: (Data relocation) Ensure matrix-mautrix-signalgo.service is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-mautrix-signalgo
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
failed_when: false
|
|
||||||
when: "matrix_mautrix_signalgo_stat_database.stat.exists"
|
|
||||||
|
|
||||||
- name: (Data relocation) Move mautrix-signalgo database file to ./data directory
|
|
||||||
ansible.builtin.command:
|
|
||||||
cmd: "mv {{ matrix_mautrix_signalgo_base_path }}/mautrix-signalgo.db {{ matrix_mautrix_signalgo_data_path }}/mautrix-signalgo.db"
|
|
||||||
creates: "{{ matrix_mautrix_signalgo_data_path }}/mautrix-signalgo.db"
|
|
||||||
removes: "{{ matrix_mautrix_signalgo_base_path }}/mautrix-signalgo.db"
|
|
||||||
when: "matrix_mautrix_signalgo_stat_database.stat.exists"
|
|
||||||
|
|
||||||
- name: (Data relocation) Move mautrix-signalgo mx-state file to ./data directory
|
|
||||||
ansible.builtin.command:
|
|
||||||
cmd: "mv {{ matrix_mautrix_signalgo_base_path }}/mx-state.json {{ matrix_mautrix_signalgo_data_path }}/mx-state.json"
|
|
||||||
creates: "{{ matrix_mautrix_signalgo_data_path }}/mx-state.json"
|
|
||||||
removes: "{{ matrix_mautrix_signalgo_base_path }}/mx-state.json"
|
|
||||||
when: "matrix_mautrix_signalgo_stat_mx_state.stat.exists"
|
|
||||||
|
|
||||||
- name: Ensure mautrix-signalgo config.yaml installed
|
|
||||||
ansible.builtin.copy:
|
|
||||||
content: "{{ matrix_mautrix_signalgo_configuration | to_nice_yaml(indent=2, width=999999) }}"
|
|
||||||
dest: "{{ matrix_mautrix_signalgo_config_path }}/config.yaml"
|
|
||||||
mode: 0644
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
|
|
||||||
- name: Ensure mautrix-signalgo registration.yaml installed
|
|
||||||
ansible.builtin.copy:
|
|
||||||
content: "{{ matrix_mautrix_signalgo_registration | to_nice_yaml(indent=2, width=999999) }}"
|
|
||||||
dest: "{{ matrix_mautrix_signalgo_config_path }}/registration.yaml"
|
|
||||||
mode: 0644
|
|
||||||
owner: "{{ matrix_user_username }}"
|
|
||||||
group: "{{ matrix_user_groupname }}"
|
|
||||||
|
|
||||||
- name: Ensure matrix-mautrix-signalgo.service installed
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: "{{ role_path }}/templates/systemd/matrix-mautrix-signalgo.service.j2"
|
|
||||||
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signalgo.service"
|
|
||||||
mode: 0644
|
|
||||||
|
|
||||||
- name: Ensure matrix-mautrix-signalgo.service restarted, if necessary
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: "matrix-mautrix-signalgo.service"
|
|
||||||
state: restarted
|
|
||||||
daemon_reload: true
|
|
||||||
when: "matrix_mautrix_signalgo_requires_restart | bool"
|
|
@ -1,20 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Check existence of matrix-mautrix-signalgo service
|
|
||||||
ansible.builtin.stat:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signalgo.service"
|
|
||||||
register: matrix_mautrix_signalgo_service_stat
|
|
||||||
|
|
||||||
- when: matrix_mautrix_signalgo_service_stat.stat.exists | bool
|
|
||||||
block:
|
|
||||||
- name: Ensure matrix-mautrix-signalgo is stopped
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: matrix-mautrix-signalgo
|
|
||||||
state: stopped
|
|
||||||
enabled: false
|
|
||||||
daemon_reload: true
|
|
||||||
|
|
||||||
- name: Ensure matrix-mautrix-signalgo.service doesn't exist
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-signalgo.service"
|
|
||||||
state: absent
|
|
@ -1,20 +0,0 @@
|
|||||||
---
|
|
||||||
|
|
||||||
- name: Fail if required mautrix-signalgo settings not defined
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: >-
|
|
||||||
You need to define a required configuration setting (`{{ item.name }}`).
|
|
||||||
when: "item.when | bool and vars[item.name] == ''"
|
|
||||||
with_items:
|
|
||||||
- {'name': 'matrix_mautrix_signalgo_appservice_token', when: true}
|
|
||||||
- {'name': 'matrix_mautrix_signalgo_homeserver_token', when: true}
|
|
||||||
- {'name': 'matrix_mautrix_signalgo_database_hostname', when: "{{ matrix_mautrix_signalgo_database_engine == 'postgres' }}"}
|
|
||||||
|
|
||||||
- name: (Deprecation) Catch and report renamed settings
|
|
||||||
ansible.builtin.fail:
|
|
||||||
msg: >-
|
|
||||||
Your configuration contains a variable, which now has a different name.
|
|
||||||
Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
|
|
||||||
when: "item.old in vars"
|
|
||||||
with_items:
|
|
||||||
- {'old': 'matrix_mautrix_signalgo_log_level', 'new': 'matrix_mautrix_signalgo_logging_level'}
|
|
@ -1,262 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
# Homeserver details
|
|
||||||
homeserver:
|
|
||||||
# The address that this appservice can use to connect to the homeserver.
|
|
||||||
address: {{ matrix_mautrix_signalgo_homeserver_address }}
|
|
||||||
# The domain of the homeserver (for MXIDs, etc).
|
|
||||||
domain: {{ matrix_mautrix_signalgo_homeserver_domain }}
|
|
||||||
|
|
||||||
# What software is the homeserver running?
|
|
||||||
# Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
|
|
||||||
software: standard
|
|
||||||
# The URL to push real-time bridge status to.
|
|
||||||
# If set, the bridge will make POST requests to this URL whenever a user's discord connection state changes.
|
|
||||||
# The bridge will use the appservice as_token to authorize requests.
|
|
||||||
status_endpoint: null
|
|
||||||
# Endpoint for reporting per-message status.
|
|
||||||
message_send_checkpoint_endpoint: null
|
|
||||||
# Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
|
|
||||||
async_media: false
|
|
||||||
|
|
||||||
# Should the bridge use a websocket for connecting to the homeserver?
|
|
||||||
# The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
|
|
||||||
# mautrix-asmux (deprecated), and hungryserv (proprietary).
|
|
||||||
websocket: false
|
|
||||||
# How often should the websocket be pinged? Pinging will be disabled if this is zero.
|
|
||||||
ping_interval_seconds: 0
|
|
||||||
|
|
||||||
# Application service host/registration related details.
|
|
||||||
# Changing these values requires regeneration of the registration.
|
|
||||||
appservice:
|
|
||||||
# The address that the homeserver can use to connect to this appservice.
|
|
||||||
address: {{ matrix_mautrix_signalgo_appservice_address | to_json }}
|
|
||||||
|
|
||||||
# The hostname and port where this appservice should listen.
|
|
||||||
hostname: 0.0.0.0
|
|
||||||
port: 8080
|
|
||||||
|
|
||||||
# Database config.
|
|
||||||
database:
|
|
||||||
# The database type. "sqlite3-fk-wal" and "postgres" are supported.
|
|
||||||
type: {{ matrix_mautrix_signalgo_appservice_database_type|to_json }}
|
|
||||||
# The database URI.
|
|
||||||
# SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended.
|
|
||||||
# https://github.com/mattn/go-sqlite3#connection-string
|
|
||||||
# Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
|
|
||||||
# To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
|
|
||||||
uri: {{ matrix_mautrix_signalgo_appservice_database_uri|to_json }}
|
|
||||||
# Maximum number of connections. Mostly relevant for Postgres.
|
|
||||||
max_open_conns: 20
|
|
||||||
max_idle_conns: 2
|
|
||||||
# Maximum connection idle time and lifetime before they're closed. Disabled if null.
|
|
||||||
# Parsed with https://pkg.go.dev/time#ParseDuration
|
|
||||||
max_conn_idle_time: null
|
|
||||||
max_conn_lifetime: null
|
|
||||||
|
|
||||||
# The unique ID of this appservice.
|
|
||||||
id: signalgo
|
|
||||||
# Appservice bot details.
|
|
||||||
bot:
|
|
||||||
# Username of the appservice bot.
|
|
||||||
username: signalgobot
|
|
||||||
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
|
|
||||||
# to leave display name/avatar as-is.
|
|
||||||
displayname: Signalgo bridge bot
|
|
||||||
avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
|
|
||||||
|
|
||||||
# Whether or not to receive ephemeral events via appservice transactions.
|
|
||||||
# Requires MSC2409 support (i.e. Synapse 1.22+).
|
|
||||||
ephemeral_events: true
|
|
||||||
|
|
||||||
# Should incoming events be handled asynchronously?
|
|
||||||
# This may be necessary for large public instances with lots of messages going through.
|
|
||||||
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
|
|
||||||
async_transactions: false
|
|
||||||
|
|
||||||
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
|
|
||||||
as_token: {{ matrix_mautrix_signalgo_appservice_token | to_json }}
|
|
||||||
hs_token: {{ matrix_mautrix_signalgo_homeserver_token | to_json }}
|
|
||||||
|
|
||||||
# Prometheus config.
|
|
||||||
metrics:
|
|
||||||
# Enable prometheus metrics?
|
|
||||||
enabled: false
|
|
||||||
# IP and port where the metrics listener should be. The path is always /metrics
|
|
||||||
listen: 127.0.0.1:8000
|
|
||||||
|
|
||||||
# Bridge config
|
|
||||||
bridge:
|
|
||||||
# Localpart template of MXIDs for Signal users.
|
|
||||||
# {{ '{{.}}' }} is replaced with the internal ID of the Signal user.
|
|
||||||
username_template: "{{ 'signalgo_{{.}}' }}"
|
|
||||||
# Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled.
|
|
||||||
# Available variables: TODO
|
|
||||||
displayname_template: "{{ '{{.ProfileName}} (Signalgo)' }}"
|
|
||||||
# Whether to explicitly set the avatar and room name for private chat portal rooms.
|
|
||||||
# If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
|
|
||||||
# If set to `always`, all DM rooms will have explicit names and avatars set.
|
|
||||||
# If set to `never`, DM rooms will never have names and avatars set.
|
|
||||||
private_chat_portal_meta: default
|
|
||||||
|
|
||||||
portal_message_buffer: 128
|
|
||||||
|
|
||||||
# Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
|
|
||||||
delivery_receipts: false
|
|
||||||
# Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
|
|
||||||
message_status_events: false
|
|
||||||
# Whether the bridge should send error notices via m.notice events when a message fails to bridge.
|
|
||||||
message_error_notices: true
|
|
||||||
# Should the bridge update the m.direct account data event when double puppeting is enabled.
|
|
||||||
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
|
|
||||||
# and is therefore prone to race conditions.
|
|
||||||
sync_direct_chat_list: false
|
|
||||||
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
|
|
||||||
# This field will automatically be changed back to false after it, except if the config file is not writable.
|
|
||||||
resend_bridge_info: false
|
|
||||||
# Whether or not created rooms should have federation enabled.
|
|
||||||
# If false, created portal rooms will never be federated.
|
|
||||||
federate_rooms: {{ matrix_mautrix_signalgo_federate_rooms|to_json }}
|
|
||||||
# Servers to always allow double puppeting from
|
|
||||||
double_puppet_server_map:
|
|
||||||
"{{ matrix_mautrix_signalgo_homeserver_domain }}": {{ matrix_mautrix_signalgo_homeserver_address }}
|
|
||||||
# Allow using double puppeting from any server with a valid client .well-known file.
|
|
||||||
double_puppet_allow_discovery: false
|
|
||||||
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
|
|
||||||
#
|
|
||||||
# If set, double puppeting will be enabled automatically for local users
|
|
||||||
# instead of users having to find an access token and run `login-matrix`
|
|
||||||
# manually.
|
|
||||||
login_shared_secret_map: {{ matrix_mautrix_signalgo_bridge_login_shared_secret_map|to_json }}
|
|
||||||
|
|
||||||
# Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
|
|
||||||
# Null means there's no enforced timeout.
|
|
||||||
message_handling_timeout:
|
|
||||||
# Send an error message after this timeout, but keep waiting for the response until the deadline.
|
|
||||||
# This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
|
|
||||||
# If the message is older than this when it reaches the bridge, the message won't be handled at all.
|
|
||||||
error_after: null
|
|
||||||
# Drop messages after this timeout. They may still go through if the message got sent to the servers.
|
|
||||||
# This is counted from the time the bridge starts handling the message.
|
|
||||||
deadline: 120s
|
|
||||||
|
|
||||||
# The prefix for commands. Only required in non-management rooms.
|
|
||||||
command_prefix: "{{ matrix_mautrix_signalgo_command_prefix }}"
|
|
||||||
# Messages sent upon joining a management room.
|
|
||||||
# Markdown is supported. The defaults are listed below.
|
|
||||||
management_room_text:
|
|
||||||
# Sent when joining a room.
|
|
||||||
welcome: "Hello, I'm a Signalgo bridge bot."
|
|
||||||
# Sent when joining a management room and the user is already logged in.
|
|
||||||
welcome_connected: "Use `help` for help."
|
|
||||||
# Sent when joining a management room and the user is not logged in.
|
|
||||||
welcome_unconnected: "Use `help` for help or `login` to log in."
|
|
||||||
# Optional extra text sent when joining a management room.
|
|
||||||
additional_help: ""
|
|
||||||
|
|
||||||
# End-to-bridge encryption support options.
|
|
||||||
#
|
|
||||||
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
|
|
||||||
encryption:
|
|
||||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
|
||||||
allow: {{ matrix_mautrix_signalgo_bridge_encryption_allow|to_json }}
|
|
||||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
|
||||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
|
||||||
default: {{ matrix_mautrix_signalgo_bridge_encryption_default|to_json }}
|
|
||||||
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
|
|
||||||
appservice: false
|
|
||||||
# Require encryption, drop any unencrypted messages.
|
|
||||||
require: false
|
|
||||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
|
||||||
# You must use a client that supports requesting keys from other users to use this feature.
|
|
||||||
allow_key_sharing: {{ matrix_mautrix_signalgo_bridge_encryption_key_sharing_allow|to_json }}
|
|
||||||
# Options for deleting megolm sessions from the bridge.
|
|
||||||
delete_keys:
|
|
||||||
# Beeper-specific: delete outbound sessions when hungryserv confirms
|
|
||||||
# that the user has uploaded the key to key backup.
|
|
||||||
delete_outbound_on_ack: false
|
|
||||||
# Don't store outbound sessions in the inbound table.
|
|
||||||
dont_store_outbound: false
|
|
||||||
# Ratchet megolm sessions forward after decrypting messages.
|
|
||||||
ratchet_on_decrypt: false
|
|
||||||
# Delete fully used keys (index >= max_messages) after decrypting messages.
|
|
||||||
delete_fully_used_on_decrypt: false
|
|
||||||
# Delete previous megolm sessions from same device when receiving a new one.
|
|
||||||
delete_prev_on_new_session: false
|
|
||||||
# Delete megolm sessions received from a device when the device is deleted.
|
|
||||||
delete_on_device_delete: false
|
|
||||||
# Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
|
|
||||||
periodically_delete_expired: false
|
|
||||||
# Delete inbound megolm sessions that don't have the received_at field used for
|
|
||||||
# automatic ratcheting and expired session deletion. This is meant as a migration
|
|
||||||
# to delete old keys prior to the bridge update.
|
|
||||||
delete_outdated_inbound: false
|
|
||||||
# What level of device verification should be required from users?
|
|
||||||
#
|
|
||||||
# Valid levels:
|
|
||||||
# unverified - Send keys to all device in the room.
|
|
||||||
# cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
|
|
||||||
# cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
|
|
||||||
# cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
|
|
||||||
# Note that creating user signatures from the bridge bot is not currently possible.
|
|
||||||
# verified - Require manual per-device verification
|
|
||||||
# (currently only possible by modifying the `trust` column in the `crypto_device` database table).
|
|
||||||
verification_levels:
|
|
||||||
# Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix.
|
|
||||||
receive: unverified
|
|
||||||
# Minimum level that the bridge should accept for incoming Matrix messages.
|
|
||||||
send: unverified
|
|
||||||
# Minimum level that the bridge should require for accepting key requests.
|
|
||||||
share: cross-signed-tofu
|
|
||||||
# Options for Megolm room key rotation. These options allow you to
|
|
||||||
# configure the m.room.encryption event content. See:
|
|
||||||
# https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
|
|
||||||
# more information about that event.
|
|
||||||
rotation:
|
|
||||||
# Enable custom Megolm room key rotation settings. Note that these
|
|
||||||
# settings will only apply to rooms created after this option is
|
|
||||||
# set.
|
|
||||||
enable_custom: false
|
|
||||||
# The maximum number of milliseconds a session should be used
|
|
||||||
# before changing it. The Matrix spec recommends 604800000 (a week)
|
|
||||||
# as the default.
|
|
||||||
milliseconds: 604800000
|
|
||||||
# The maximum number of messages that should be sent with a given a
|
|
||||||
# session before changing it. The Matrix spec recommends 100 as the
|
|
||||||
# default.
|
|
||||||
messages: 100
|
|
||||||
|
|
||||||
# Disable rotating keys when a user's devices change?
|
|
||||||
# You should not enable this option unless you understand all the implications.
|
|
||||||
disable_device_change_key_rotation: false
|
|
||||||
|
|
||||||
# Settings for provisioning API
|
|
||||||
provisioning:
|
|
||||||
# Prefix for the provisioning API paths.
|
|
||||||
prefix: /_matrix/provision
|
|
||||||
# Shared secret for authentication. If set to "generate", a random secret will be generated,
|
|
||||||
# or if set to "disable", the provisioning API will be disabled.
|
|
||||||
shared_secret: generate
|
|
||||||
# Enable debug API at /debug with provisioning authentication.
|
|
||||||
debug_endpoints: false
|
|
||||||
|
|
||||||
# Permissions for using the bridge.
|
|
||||||
# Permitted values:
|
|
||||||
# relay - Talk through the relaybot (if enabled), no access otherwise
|
|
||||||
# user - Access to use the bridge to chat with a Signal account.
|
|
||||||
# admin - User level and some additional administration tools
|
|
||||||
# Permitted keys:
|
|
||||||
# * - All Matrix users
|
|
||||||
# domain - All users on that homeserver
|
|
||||||
# mxid - Specific user
|
|
||||||
permissions: {{ matrix_mautrix_signalgo_bridge_permissions|to_json }}
|
|
||||||
|
|
||||||
# Logging config. See https://github.com/tulir/zeroconfig for details.
|
|
||||||
logging:
|
|
||||||
directory: ./logs
|
|
||||||
file_name_format: ''
|
|
||||||
file_date_format: "2006-01-02"
|
|
||||||
file_mode: 384
|
|
||||||
timestamp_format: Jan _2, 2006 15:04:05
|
|
||||||
print_level: {{ matrix_mautrix_signalgo_logging_level | to_json }}
|
|
||||||
print_json: false
|
|
||||||
file_json: false
|
|
@ -1,43 +0,0 @@
|
|||||||
#jinja2: lstrip_blocks: "True"
|
|
||||||
[Unit]
|
|
||||||
Description=Matrix Mautrix Signalgo bridge
|
|
||||||
{% for service in matrix_mautrix_signalgo_systemd_required_services_list %}
|
|
||||||
Requires={{ service }}
|
|
||||||
After={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
{% for service in matrix_mautrix_signalgo_systemd_wanted_services_list %}
|
|
||||||
Wants={{ service }}
|
|
||||||
{% endfor %}
|
|
||||||
DefaultDependencies=no
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=simple
|
|
||||||
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-signalgo 2>/dev/null || true'
|
|
||||||
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signalgo 2>/dev/null || true'
|
|
||||||
|
|
||||||
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
|
|
||||||
ExecStartPre={{ matrix_host_command_sleep }} 5
|
|
||||||
|
|
||||||
ExecStart={{ devture_systemd_docker_base_host_command_docker }} run --rm --name matrix-mautrix-signalgo \
|
|
||||||
--log-driver=none \
|
|
||||||
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
|
|
||||||
--cap-drop=ALL \
|
|
||||||
--network={{ matrix_docker_network }} \
|
|
||||||
--mount type=bind,src={{ matrix_mautrix_signalgo_config_path }},dst=/config,ro \
|
|
||||||
--mount type=bind,src={{ matrix_mautrix_signalgo_data_path }},dst=/data \
|
|
||||||
--workdir=/data \
|
|
||||||
{% for arg in matrix_mautrix_signalgo_container_extra_arguments %}
|
|
||||||
{{ arg }} \
|
|
||||||
{% endfor %}
|
|
||||||
{{ matrix_mautrix_signalgo_docker_image }} \
|
|
||||||
/usr/bin/mautrix-signal -c /config/config.yaml -r /config/registration.yaml --no-update
|
|
||||||
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-signalgo 2>/dev/null || true'
|
|
||||||
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-signalgo 2>/dev/null || true'
|
|
||||||
Restart=always
|
|
||||||
RestartSec=30
|
|
||||||
SyslogIdentifier=matrix-mautrix-signalgo
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
@ -60,7 +60,6 @@
|
|||||||
- custom/matrix-bridge-mautrix-instagram
|
- custom/matrix-bridge-mautrix-instagram
|
||||||
- custom/matrix-bridge-mautrix-telegram
|
- custom/matrix-bridge-mautrix-telegram
|
||||||
- custom/matrix-bridge-mautrix-signal
|
- custom/matrix-bridge-mautrix-signal
|
||||||
- custom/matrix-bridge-mautrix-signalgo
|
|
||||||
- custom/matrix-bridge-mautrix-gmessages
|
- custom/matrix-bridge-mautrix-gmessages
|
||||||
- custom/matrix-bridge-mautrix-whatsapp
|
- custom/matrix-bridge-mautrix-whatsapp
|
||||||
- custom/matrix-bridge-mautrix-wsproxy
|
- custom/matrix-bridge-mautrix-wsproxy
|
||||||
|
Loading…
Reference in New Issue
Block a user