finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'spantaleev:master' into default_room_version_9

Browse Source
This commit is contained in:
Wm Salt Hale
2021-12-14 18:19:26 -08:00
committed by GitHub
parent a1cbd5459c 5be1310541
commit 3001b2d32d
183 changed files with 2161 additions and 625 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
roles/matrix-awx/scripts/matrix_build_room_list.py
View File

@ -5,10 +5,11 @@ import json
janitor_token = sys.argv[1]
synapse_container_ip = sys.argv[2]
synapse_container_port = sys.argv[3]
# collect total amount of rooms
rooms_raw_url = 'http://' + synapse_container_ip + ':8008/_synapse/admin/v1/rooms'
rooms_raw_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms'
rooms_raw_header = {'Authorization': 'Bearer ' + janitor_token}
rooms_raw = requests.get(rooms_raw_url, headers=rooms_raw_header)
rooms_raw_python = json.loads(rooms_raw.text)
@ -19,7 +20,7 @@ total_rooms = rooms_raw_python["total_rooms"]
room_list_file = open("/tmp/room_list_complete.json", "w")
for i in range(0, total_rooms, 100):
rooms_inc_url = 'http://' + synapse_container_ip + ':8008/_synapse/admin/v1/rooms?from=' + str(i)
rooms_inc_url = 'http://' + synapse_container_ip + ':' + synapse_container_port + '/_synapse/admin/v1/rooms?from=' + str(i)
rooms_inc = requests.get(rooms_inc_url, headers=rooms_raw_header)
room_list_file.write(rooms_inc.text)

66
roles/matrix-awx/surveys/bridge_discord_appservice.json.j2 Normal file
View File

@ -0,0 +1,66 @@
{
"name": "Bridge Discord Appservice",
"description": "Enables a private bridge you can use to connect Matrix rooms to Discord.",
"spec": [
{
"question_name": "Enable Discord AppService Bridge",
"question_description": "Enables a private bridge you can use to connect Matrix rooms to Discord.",
"required": true,
"min": null,
"max": null,
"default": "{{ matrix_appservice_discord_enabled | string | lower }}",
"choices": "true\nfalse",
"new_question": true,
"variable": "matrix_appservice_discord_enabled",
"type": "multiplechoice"
},
{
"question_name": "Discord OAuth2 Client ID",
"question_description": "The OAuth2 'CLIENT ID' which can be found in the 'OAuth2' tab of your new discord application: https://discord.com/developers/applications",
"required": true,
"min": 0,
"max": 128,
"default": "{{ matrix_appservice_discord_client_id | trim }}",
"choices": "",
"new_question": true,
"variable": "matrix_appservice_discord_client_id",
"type": "text"
},
{
"question_name": "Discord Bot Token",
"question_description": "The Bot 'TOKEN' which can be found in the 'Bot' tab of your new discord application: https://discord.com/developers/applications",
"required": true,
"min": 0,
"max": 256,
"default": "{{ matrix_appservice_discord_bot_token | trim }}",
"choices": "",
"new_question": true,
"variable": "matrix_appservice_discord_bot_token",
"type": "password"
},
{
"question_name": "Auto-Admin Matrix User",
"question_description": "The username you would like to be automatically joined and promoted to administrator (PL100) in bridged rooms. Exclude the '@' and server name postfix. So to create @stevo:example.org just enter 'stevo'.",
"required": false,
"min": 0,
"max": 1024,
"default": "",
"choices": "",
"new_question": true,
"variable": "awx_appservice_discord_admin_user",
"type": "text"
},
{
"question_name": "Auto-Admin Rooms",
"question_description": "A list of rooms you want the user to be automatically joined and promoted to administrator (PL100) in. These should be the internal IDs (for example '!axfBUsKhfAjSMBdjKX:example.org') separated by newlines.",
"required": false,
"min": 0,
"max": 4096,
"default": "",
"choices": "",
"new_question": true,
"variable": "awx_appservice_discord_admin_rooms",
"type": "textarea"
}
]
}

6
roles/matrix-awx/surveys/configure_corporal.json.j2
View File

@ -66,10 +66,10 @@
"required": false,
"min": 0,
"max": 256,
"default": "{{ awx_corporal_http_api_auth_token }}",
"default": "{{ matrix_corporal_http_api_auth_token }}",
"choices": "",
"new_question": true,
"variable": "awx_corporal_http_api_auth_token",
"variable": "matrix_corporal_http_api_auth_token",
"type": "password"
},
{
@ -81,7 +81,7 @@
"default": "{{ awx_corporal_raise_ratelimits }}",
"choices": "Normal\nRaised",
"new_question": true,
"variable": "matrix_corporal_raise_ratelimits",
"variable": "awx_corporal_raise_ratelimits",
"type": "multiplechoice"
}
]

57
roles/matrix-awx/tasks/bridge_discord_appservice.yml Normal file
View File

@ -0,0 +1,57 @@
- name: Record Bridge Discord AppService variables locally on AWX
delegate_to: 127.0.0.1
lineinfile:
path: '{{ awx_cached_matrix_vars }}'
regexp: "^#? *{{ item.key | regex_escape() }}:"
line: "{{ item.key }}: {{ item.value }}"
insertafter: '# Bridge Discord AppService Start'
with_dict:
'matrix_appservice_discord_enabled': '{{ matrix_appservice_discord_enabled }}'
'matrix_appservice_discord_client_id': '{{ matrix_appservice_discord_client_id }}'
'matrix_appservice_discord_bot_token': '{{ matrix_appservice_discord_bot_token }}'
- name: If the raw inputs is not empty start constructing parsed awx_appservice_discord_admin_rooms list
set_fact:
awx_appservice_discord_admin_rooms_array: |-
{{ awx_appservice_discord_admin_rooms.splitlines() | to_json }}
when: awx_appservice_discord_admin_rooms | trim | length > 0
- name: Promote user to administer (PL100) of each room
command: |
docker exec -i matrix-appservice-discord /bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "{{ item.1 }}" -u "@{{ awx_appservice_discord_admin_user }}:{{ matrix_domain }}" -p 100'
with_indexed_items:
- "{{ awx_appservice_discord_admin_rooms_array }}"
when: ( awx_appservice_discord_admin_rooms | trim | length > 0 ) and ( awx_appservice_discord_admin_user is defined )
- name: Save new 'Bridge Discord Appservice' survey.json to the AWX tower, template
delegate_to: 127.0.0.1
template:
src: 'roles/matrix-awx/surveys/bridge_discord_appservice.json.j2'
dest: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}//bridge_discord_appservice.json'
- name: Copy new 'Bridge Discord Appservice' survey.json to target machine
copy:
src: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json'
dest: '/matrix/awx/bridge_discord_appservice.json'
mode: '0660'
- name: Recreate 'Bridge Discord Appservice' job template
delegate_to: 127.0.0.1
awx.awx.tower_job_template:
name: "{{ matrix_domain }} - 3 - Bridge Discord AppService"
description: "Enables a private bridge you can use to connect Matrix rooms to Discord."
extra_vars: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/extra_vars.json') }}"
job_type: run
job_tags: "start,setup-all,bridge-discord-appservice"
inventory: "{{ member_id }}"
project: "{{ member_id }} - Matrix Docker Ansible Deploy"
playbook: setup.yml
credential: "{{ member_id }} - AWX SSH Key"
survey_enabled: true
survey_spec: "{{ lookup('file', '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/bridge_discord_appservice.json') }}"
state: present
verbosity: 1
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes

9
roles/matrix-awx/tasks/main.yml
View File

@ -197,6 +197,15 @@
tags:
- setup-synapse-admin
# Additional playbook to set the variable file during Discord Appservice Bridge configuration
- include_tasks:
file: "bridge_discord_appservice.yml"
apply:
tags: bridge-discord-appservice
when: run_setup|bool and matrix_awx_enabled|bool
tags:
- bridge-discord-appservice
# Delete AWX session token
- include_tasks:
file: "delete_session_token.yml"

11
roles/matrix-awx/tasks/purge_database_build_list.yml
View File

@ -1,11 +0,0 @@
---
- name: Collect entire room list into stdout
shell: |
curl -X GET --header "Authorization: Bearer {{ janitors_token.stdout[1:-1] }}" '{{ synapse_container_ip.stdout }}:8008/_synapse/admin/v1/rooms?from={{ item }}'
register: awx_rooms_output
- name: Print stdout to file
delegate_to: 127.0.0.1
shell: |
echo '{{ awx_rooms_output.stdout }}' >> /tmp/{{ subscription_id }}_room_list_complete.json

4
roles/matrix-awx/tasks/purge_database_events.yml
View File

@ -2,11 +2,11 @@
- name: Purge all rooms with more then N events
shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

20
roles/matrix-awx/tasks/purge_database_main.yml
View File

@ -29,9 +29,9 @@
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_synapse_container_ip
- name: Collect access token for janitor user
- name: Collect access token for @_janitor user
shell: |
curl -X POST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:8008/_matrix/client/r0/login" | jq '.access_token'
curl -X POST -d '{"type":"m.login.password", "user":"_janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
register: awx_janitors_token
no_log: True
@ -47,7 +47,7 @@
- name: Run build_room_list.py script
shell: |
runuser -u matrix -- python3 /usr/local/bin/matrix_build_room_list.py {{ awx_janitors_token.stdout[1:-1] }} {{ awx_synapse_container_ip.stdout }}
runuser -u matrix -- python3 /usr/local/bin/matrix_build_room_list.py {{ awx_janitors_token.stdout[1:-1] }} {{ awx_synapse_container_ip.stdout }} {{ matrix_synapse_container_client_api_port.stdout }}
register: awx_rooms_total
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
@ -69,7 +69,7 @@
shell: |
jq 'try .rooms[] | select(.joined_local_members == 0) | .room_id' < /tmp/{{ subscription_id }}_room_list_complete.json > /tmp/{{ subscription_id }}_room_list_no_local_users.txt
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Count number of rooms with no local users
delegate_to: 127.0.0.1
shell: |
@ -84,7 +84,7 @@
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
- name: Purge all rooms with no local users
include_tasks: awx_purge_database_no_local.yml
include_tasks: purge_database_no_local.yml
loop: "{{ awx_room_list_no_local_users.splitlines() | flatten(levels=1) }}"
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)
@ -116,7 +116,7 @@
no_log: True
- name: Purge all rooms with more then N users
include_tasks: awx_purge_database_users.yml
include_tasks: purge_database_users.yml
loop: "{{ awx_room_list_joined_members.splitlines() | flatten(levels=1) }}"
when: awx_purge_mode.find("Number of users [slower]") != -1
@ -141,7 +141,7 @@
no_log: True
- name: Purge all rooms with more then N events
include_tasks: awx_purge_database_events.yml
include_tasks: purge_database_events.yml
loop: "{{ awx_room_list_state_events.splitlines() | flatten(levels=1) }}"
when: awx_purge_mode.find("Number of events [slower]") != -1
@ -171,7 +171,7 @@
wait: yes
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: yes
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1) or (awx_purge_mode.find("Skip purging rooms [faster]") != -1)
- name: Revert 'Deploy/Update a Server' job template
@ -237,7 +237,7 @@
wait: yes
tower_host: "https://{{ awx_host }}"
tower_oauthtoken: "{{ awx_session_token.ansible_facts.tower_token.token }}"
validate_certs: yes
validate_certs: yes
when: (awx_purge_mode.find("Perform final shrink") != -1)
- name: Revert 'Deploy/Update a Server' job template
@ -272,7 +272,7 @@
when: (awx_purge_mode.find("Perform final shrink") != -1)
no_log: True
- name: Print total number of rooms processed
- name: Print total number of rooms processed
debug:
msg: '{{ awx_rooms_total.stdout }}'
when: (awx_purge_mode.find("No local users [recommended]") != -1) or (awx_purge_mode.find("Number of users [slower]") != -1) or (awx_purge_mode.find("Number of events [slower]") != -1)

6
roles/matrix-awx/tasks/purge_database_no_local.yml
View File

@ -2,11 +2,11 @@
- name: Purge all rooms with no local users
shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "room_id": {{ item }} }' '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_room'
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "room_id": {{ item }} }' '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_room'
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

6
roles/matrix-awx/tasks/purge_database_users.yml
View File

@ -2,11 +2,11 @@
- name: Purge all rooms with more then N users
shell: |
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
curl --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" -X POST -H "Content-Type: application/json" -d '{ "delete_local_events": false, "purge_up_to_ts": {{ awx_purge_epoche_time.stdout }}000 }' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_history/{{ item[1:-1] }}"
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

6
roles/matrix-awx/tasks/purge_media_local.yml
View File

@ -7,11 +7,11 @@
- name: Purge local media to specific date
shell: |
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/media/matrix.{{ matrix_domain }}/delete?before_ts={{ awx_epoche_time.stdout }}000'
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/media/matrix.{{ matrix_domain }}/delete?before_ts={{ awx_epoche_time.stdout }}000'
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

16
roles/matrix-awx/tasks/purge_media_main.yml
View File

@ -9,7 +9,7 @@
include_vars:
file: '/var/lib/awx/projects/clients/{{ member_id }}/{{ subscription_id }}/matrix_vars.yml'
no_log: True
- name: Ensure curl and jq intalled on target machine
apt:
pkg:
@ -21,21 +21,22 @@
shell: "/usr/bin/docker inspect --format '{''{range.NetworkSettings.Networks}''}{''{.IPAddress}''}{''{end}''}' matrix-synapse"
register: awx_synapse_container_ip
- name: Collect access token for janitor user
- name: Collect access token for @_janitor user
shell: |
curl -XPOST -d '{"type":"m.login.password", "user":"janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:8008/_matrix/client/r0/login" | jq '.access_token'
curl -XPOST -d '{"type":"m.login.password", "user":"_janitor", "password":"{{ awx_janitor_user_password }}"}' "{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_matrix/client/r0/login" | jq '.access_token'
register: awx_janitors_token
no_log: True
- name: Generate list of dates to purge to
delegate_to: 127.0.0.1
shell: "dateseq {{ matrix_purge_from_date }} {{ matrix_purge_to_date }}"
shell: "dateseq {{ awx_purge_from_date }} {{ awx_purge_to_date }}"
register: awx_purge_dates
- name: Calculate initial size of local media repository
shell: du -sh /matrix/synapse/storage/media-store/local*
register: awx_local_media_size_before
when: awx_purge_media_type == "Local Media"
async: 600
ignore_errors: yes
no_log: True
@ -43,16 +44,17 @@
shell: du -sh /matrix/synapse/storage/media-store/remote*
register: awx_remote_media_size_before
when: awx_purge_media_type == "Remote Media"
async: 600
ignore_errors: yes
no_log: True
- name: Purge local media with loop
include_tasks: purge_media_local.yml
include_tasks: purge_media_local.yml
loop: "{{ awx_purge_dates.stdout_lines | flatten(levels=1) }}"
when: awx_purge_media_type == "Local Media"
- name: Purge remote media with loop
include_tasks: purge_media_remote.yml
include_tasks: purge_media_remote.yml
loop: "{{ awx_purge_dates.stdout_lines | flatten(levels=1) }}"
when: awx_purge_media_type == "Remote Media"

6
roles/matrix-awx/tasks/purge_media_remote.yml
View File

@ -7,11 +7,11 @@
- name: Purge remote media to specific date
shell: |
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:8008/_synapse/admin/v1/purge_media_cache?before_ts={{ awx_epoche_time.stdout }}000'
curl -X POST --header "Authorization: Bearer {{ awx_janitors_token.stdout[1:-1] }}" '{{ awx_synapse_container_ip.stdout }}:{{ matrix_synapse_container_client_api_port }}/_synapse/admin/v1/purge_media_cache?before_ts={{ awx_epoche_time.stdout }}000'
register: awx_purge_command
- name: Print output of purge command
debug:
debug:
msg: "{{ awx_purge_command.stdout }}"
- name: Pause for 5 seconds to let Synapse breathe

8
roles/matrix-awx/tasks/set_variables_corporal.yml
View File

@ -84,14 +84,16 @@
line: "{{ item.key }}: {{ item.value }}"
insertafter: '# Corporal Settings Start'
with_dict:
'awx_corporal_http_api_auth_token': '{{ awx_corporal_http_api_auth_token }}'
when: awx_corporal_http_api_auth_token|length > 0
'matrix_corporal_http_api_auth_token': '{{ matrix_corporal_http_api_auth_token }}'
when: ( matrix_corporal_http_api_auth_token|length > 0 ) and ( awx_corporal_policy_provider_mode != "Simple Static File" )
- name: Record 'Simple Static File' configuration variables in matrix_vars.yml
delegate_to: 127.0.0.1
blockinfile:
path: '{{ awx_cached_matrix_vars }}'
insertafter: "# Corporal Policy Provider Settings Start"
insertbefore: "# Corporal Policy Provider Settings End"
marker_begin: "Corporal"
marker_end: "Corporal"
block: |
matrix_corporal_policy_provider_config: |
{

4
roles/matrix-awx/tasks/set_variables_dimension.yml
View File

@ -12,9 +12,9 @@
- curl
state: present
- name: Collect access token of Dimension user
- name: Collect access token of @_dimension user
shell: |
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
curl -X POST --header 'Content-Type: application/json' -d '{ "identifier": { "type": "m.id.user","user": "_dimension" }, "password": "{{ awx_dimension_user_password }}", "type": "m.login.password"}' 'https://matrix.{{ matrix_domain }}/_matrix/client/r0/login' | jq -c '. | {access_token}' | sed 's/.*\":\"//' | sed 's/\"}//'
register: awx_dimension_user_access_token
- name: Record Synapse variables locally on AWX

2
roles/matrix-awx/tasks/set_variables_ma1sd.yml
View File

@ -30,7 +30,7 @@
insertafter: '# Synapse Extension Start'
with_dict:
'matrix_synapse_awx_password_provider_rest_auth_enabled': 'true'
'matrix_synapse_awx_password_provider_rest_auth_endpoint': '"http://matrix-ma1sd:8090"'
'matrix_synapse_awx_password_provider_rest_auth_endpoint': '"http://matrix-ma1sd:{{ matrix_ma1sd_container_port }}"'
when: awx_matrix_ma1sd_auth_store == 'LDAP/AD'
- name: Remove entire ma1sd configuration extension

4
roles/matrix-awx/tasks/set_variables_synapse.yml
View File

@ -38,7 +38,7 @@
set_fact:
awx_synapse_auto_join_rooms_array: |-
{{ awx_synapse_auto_join_rooms.splitlines() | to_json }}
when: awx_synapse_auto_join_rooms|length > 0
when: awx_synapse_auto_join_rooms | length > 0
- name: Record Synapse variable 'matrix_synapse_auto_join_rooms' locally on AWX, if it's not blank
delegate_to: 127.0.0.1
@ -49,7 +49,7 @@
insertafter: '# Synapse Settings Start'
with_dict:
"matrix_synapse_auto_join_rooms": "{{ awx_synapse_auto_join_rooms_array }}"
when: awx_synapse_auto_join_rooms|length > 0
when: awx_synapse_auto_join_rooms | length > 0
- name: Record Synapse Shared Secret if it's defined
delegate_to: 127.0.0.1

72
roles/matrix-base/defaults/main.yml
View File

@ -83,15 +83,15 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
matrix_host_command_systemctl: "/usr/bin/env systemctl"
matrix_host_command_sh: "/usr/bin/env sh"
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else 'ntp' }}"
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_distribution == 'CentOS' and ansible_distribution_major_version > '7') or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version > '18') or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
# Specifies where the homeserver is on the container network.
# Where this is depends on whether there's a reverse-proxy in front of it, etc.
# This likely gets overriden elsewhere.
matrix_homeserver_container_url: "http://matrix-synapse:8008"
matrix_homeserver_container_url: ""
matrix_identity_server_url: ~
@ -118,6 +118,72 @@ matrix_client_element_e2ee_secure_backup_required: false
# See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md
matrix_client_element_e2ee_secure_backup_setup_methods: []
# Default `/.well-known/matrix/client` configuration - it covers the generic use case.
# You can customize it by controlling the various variables inside the template file that it references.
#
# For a more advanced customization, you can extend the default (see `matrix_well_known_matrix_client_configuration_extension_json`)
# or completely replace this variable with your own template.
#
# The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict.
# This is unlike what it does when looking up YAML template files (no automatic parsing there).
matrix_well_known_matrix_client_configuration_default: "{{ lookup('template', 'templates/static-files/well-known/matrix-client.j2') }}"
# Your custom JSON configuration for `/.well-known/matrix/client` should go to `matrix_well_known_matrix_client_configuration_extension_json`.
# This configuration extends the default starting configuration (`matrix_well_known_matrix_client_configuration_default`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_well_known_matrix_client_configuration`.
#
# Example configuration extension follows:
#
# matrix_well_known_matrix_client_configuration_extension_json: |
# {
# "io.element.call_behaviour": {
# "widget_build_url": "https://dimension.example.com/api/v1/dimension/bigbluebutton/widget_state"
# }
# }
matrix_well_known_matrix_client_configuration_extension_json: '{}'
matrix_well_known_matrix_client_configuration_extension: "{{ matrix_well_known_matrix_client_configuration_extension_json|from_json if matrix_well_known_matrix_client_configuration_extension_json|from_json is mapping else {} }}"
# Holds the final `/.well-known/matrix/client` configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_well_known_matrix_client_configuration_default` and `matrix_well_known_matrix_client_configuration_extension_json`.
matrix_well_known_matrix_client_configuration: "{{ matrix_well_known_matrix_client_configuration_default|combine(matrix_well_known_matrix_client_configuration_extension, recursive=True) }}"
# Default `/.well-known/matrix/server` configuration - it covers the generic use case.
# You can customize it by controlling the various variables inside the template file that it references.
#
# For a more advanced customization, you can extend the default (see `matrix_well_known_matrix_server_configuration_extension_json`)
# or completely replace this variable with your own template.
#
# The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict.
# This is unlike what it does when looking up YAML template files (no automatic parsing there).
matrix_well_known_matrix_server_configuration_default: "{{ lookup('template', 'templates/static-files/well-known/matrix-server.j2') }}"
# Your custom JSON configuration for `/.well-known/matrix/server` should go to `matrix_well_known_matrix_server_configuration_extension_json`.
# This configuration extends the default starting configuration (`matrix_well_known_matrix_server_configuration_default`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_well_known_matrix_server_configuration`.
#
# Example configuration extension follows:
#
# matrix_well_known_matrix_server_configuration_extension_json: |
# {
# "something": "another"
# }
matrix_well_known_matrix_server_configuration_extension_json: '{}'
matrix_well_known_matrix_server_configuration_extension: "{{ matrix_well_known_matrix_server_configuration_extension_json|from_json if matrix_well_known_matrix_server_configuration_extension_json|from_json is mapping else {} }}"
# Holds the final `/.well-known/matrix/server` configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_well_known_matrix_server_configuration_default` and `matrix_well_known_matrix_server_configuration_extension_json`.
matrix_well_known_matrix_server_configuration: "{{ matrix_well_known_matrix_server_configuration_default|combine(matrix_well_known_matrix_server_configuration_extension, recursive=True) }}"
# The Docker network that all services would be put into
matrix_docker_network: "matrix"

8
roles/matrix-base/tasks/setup_well_known.yml
View File

@ -13,16 +13,16 @@
- "{{ matrix_static_files_base_path }}/.well-known/matrix"
- name: Ensure Matrix /.well-known/matrix/client file configured
template:
src: "{{ role_path }}/templates/static-files/well-known/matrix-client.j2"
copy:
content: "{{ matrix_well_known_matrix_client_configuration|to_nice_json }}"
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/client"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure Matrix /.well-known/matrix/server file configured
template:
src: "{{ role_path }}/templates/static-files/well-known/matrix-server.j2"
copy:
content: "{{ matrix_well_known_matrix_server_configuration|to_nice_json }}"
dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
mode: 0644
owner: "{{ matrix_user_username }}"

9
roles/matrix-base/tasks/validate_config.yml Normal file
View File

@ -0,0 +1,9 @@
---
- name: Fail if required Matrix Base settings not defined
fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`) for using this playbook.
when: "vars[item] == ''"
with_items:
- "matrix_homeserver_container_url"

1
roles/matrix-bot-go-neb/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-bot-go-neb
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_bot_go_neb_service_stat.stat.exists|bool"

1
roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-bot-matrix-reminder-bot
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"

3
roles/matrix-bot-mjolnir/defaults/main.yml
View File

@ -3,14 +3,13 @@
matrix_bot_mjolnir_enabled: true
matrix_bot_mjolnir_version: "v1.1.20"
matrix_bot_mjolnir_version: "v1.2.1"
matrix_bot_mjolnir_container_image_self_build: false
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
matrix_bot_mjolnir_docker_image: "{{ matrix_bot_mjolnir_docker_image_name_prefix }}matrixdotorg/mjolnir:{{ matrix_bot_mjolnir_version }}"
matrix_bot_mjolnir_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_mjolnir_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_bot_mjolnir_docker_image_force_pull: "{{ matrix_bot_mjolnir_docker_image.endswith(':latest') }}"
matrix_bot_mjolnir_base_path: "{{ matrix_base_data_path }}/mjolnir"

1
roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-bot-mjolnir
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"

2
roles/matrix-bridge-appservice-discord/defaults/main.yml
View File

@ -48,7 +48,7 @@ matrix_appservice_discord_bridge_enableSelfServiceBridging: false
#
# To use Postgres:
# - change the engine (`matrix_appservice_discord_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_appservice_discord_postgres_*` variables
# - adjust your database credentials via the `matrix_appservice_discord_database_*` variables
matrix_appservice_discord_database_engine: 'sqlite'
matrix_appservice_discord_sqlite_database_path_local: "{{ matrix_appservice_discord_data_path }}/discord.db"

1
roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
View File

@ -54,6 +54,7 @@
service:
name: matrix-appservice-discord
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_appservice_discord_stat_db.stat.exists"

1
roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-discord
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_discord_service_stat.stat.exists"

2
roles/matrix-bridge-appservice-irc/defaults/main.yml
View File

@ -7,7 +7,7 @@ matrix_appservice_irc_container_self_build: false
matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git"
matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src"
matrix_appservice_irc_version: release-0.31.0
matrix_appservice_irc_version: release-0.32.1
matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}"
matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"

1
roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-irc
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_irc_service_stat.stat.exists"

4
roles/matrix-bridge-appservice-slack/defaults/main.yml
View File

@ -33,7 +33,7 @@ matrix_appservice_slack_slack_port: 9003
matrix_appservice_slack_container_http_host_bind_port: ''
matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_slack_homeserver_url: "http://matrix-synapse:8008"
matrix_appservice_slack_homeserver_url: ""
matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack'
@ -82,7 +82,7 @@ matrix_appservice_slack_configuration_extension_yaml: |
# Optional
#matrix_admin_room: "!aBcDeF:matrix.org"
#homeserver:
# url: http://localhost:8008
# url: http://localhost:{{ matrix_synapse_container_client_api_port }}
# server_name: my.server
# Optional
#tls:

1
roles/matrix-bridge-appservice-slack/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-slack
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_slack_service_stat.stat.exists"

1
roles/matrix-bridge-appservice-slack/tasks/validate_config.yml
View File

@ -8,5 +8,6 @@
with_items:
- "matrix_appservice_slack_control_room_id"
- "matrix_appservice_slack_appservice_token"
- "matrix_appservice_slack_homeserver_url"
- "matrix_appservice_slack_homeserver_token"
- "matrix_appservice_slack_id_token"

4
roles/matrix-bridge-appservice-webhooks/defaults/main.yml
View File

@ -22,8 +22,6 @@ matrix_appservice_webhooks_docker_src_files_path: "{{ matrix_appservice_webhooks
matrix_appservice_webhooks_public_endpoint: /appservice-webhooks
matrix_appservice_webhooks_inbound_uri_prefix: "{{ matrix_homeserver_url }}{{ matrix_appservice_webhooks_public_endpoint }}"
# Once you make a control room in Matrix, you can get its ID by typing any message and checking its source
matrix_appservice_webhooks_control_room_id: ''
matrix_appservice_webhooks_bot_name: 'webhookbot'
matrix_appservice_webhooks_user_prefix: '_webhook'
@ -36,7 +34,7 @@ matrix_appservice_webhooks_matrix_port: 6789
matrix_appservice_webhooks_container_http_host_bind_port: ''
matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_webhooks_homeserver_url: "http://matrix-synapse:8008"
matrix_appservice_webhooks_homeserver_url: ""
matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks'

1
roles/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-appservice-webhooks
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_appservice_webhooks_service_stat.stat.exists"

1
roles/matrix-bridge-appservice-webhooks/tasks/validate_config.yml
View File

@ -7,6 +7,7 @@
when: "vars[item] == ''"
with_items:
- "matrix_appservice_webhooks_appservice_token"
- "matrix_appservice_webhooks_homeserver_url"
- "matrix_appservice_webhooks_homeserver_token"
- "matrix_appservice_webhooks_id_token"
- "matrix_appservice_webhooks_api_secret"

1
roles/matrix-bridge-beeper-linkedin/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-beeper-linkedin
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_beeper_linkedin_service_stat.stat.exists"

2
roles/matrix-bridge-heisenbridge/defaults/main.yml
View File

@ -3,7 +3,7 @@
matrix_heisenbridge_enabled: true
matrix_heisenbridge_version: 1.2.1
matrix_heisenbridge_version: 1.7.1
matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}"

1
roles/matrix-bridge-heisenbridge/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-heisenbridge
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_heisenbridge_service_stat.stat.exists"

4
roles/matrix-bridge-mautrix-facebook/defaults/main.yml
View File

@ -6,7 +6,7 @@ matrix_mautrix_facebook_enabled: true
matrix_mautrix_facebook_container_image_self_build: false
matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git"
matrix_mautrix_facebook_version: v0.3.1
matrix_mautrix_facebook_version: v0.3.2
matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}"
matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}"
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
@ -42,7 +42,7 @@ matrix_mautrix_facebook_homeserver_token: ''
# - plan your migration to Postgres, as this bridge does not support SQLite anymore (and neither will the playbook in the future).
#
# To use Postgres:
# - adjust your database credentials via the `matrix_mautrix_facebook_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_facebook_database_*` variables
matrix_mautrix_facebook_database_engine: 'postgres'
matrix_mautrix_facebook_sqlite_database_path_local: "{{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db"

1
roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
View File

@ -86,6 +86,7 @@
service:
name: matrix-mautrix-facebook
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_facebook_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-facebook
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_facebook_service_stat.stat.exists"

14
roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml
View File

@ -10,22 +10,14 @@
- "matrix_mautrix_facebook_homeserver_token"
- block:
- name: Fail if on SQLite, unless on the last version supporting SQLite
fail:
msg: >-
You're trying to use the mautrix-facebook bridge with an SQLite database.
Going forward, this bridge only supports Postgres.
To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database
when: "not matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
- name: Inject warning if still on SQLite
- name: Inject warning if on an old SQLite-supporting version
set_fact:
matrix_playbook_runtime_results: |
{{
matrix_playbook_runtime_results|default([])
+
[
"NOTE: Your mautrix-facebook bridge setup is still on SQLite. Your bridge is not getting any updates and will likely stop working at some point. To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database"
"NOTE: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)"
]
}}
when: "matrix_mautrix_facebook_database_engine == 'sqlite'"
when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"

115
roles/matrix-bridge-mautrix-googlechat/defaults/main.yml Normal file
View File

@ -0,0 +1,115 @@
# mautrix-googlechat is a Matrix <-> googlechat bridge
# See: https://github.com/mautrix/googlechat
matrix_mautrix_googlechat_enabled: true
matrix_mautrix_googlechat_container_image_self_build: false
matrix_mautrix_googlechat_container_image_self_build_repo: "https://github.com/mautrix/googlechat.git"
matrix_mautrix_googlechat_version: latest
# See: https://mau.dev/mautrix/googlechat/container_registry
matrix_mautrix_googlechat_docker_image: "{{ matrix_mautrix_googlechat_docker_image_name_prefix }}mautrix/googlechat:{{ matrix_mautrix_googlechat_version }}"
matrix_mautrix_googlechat_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_googlechat_container_image_self_build else 'dock.mau.dev/' }}"
matrix_mautrix_googlechat_docker_image_force_pull: "{{ matrix_mautrix_googlechat_docker_image.endswith(':latest') }}"
matrix_mautrix_googlechat_base_path: "{{ matrix_base_data_path }}/mautrix-googlechat"
matrix_mautrix_googlechat_config_path: "{{ matrix_mautrix_googlechat_base_path }}/config"
matrix_mautrix_googlechat_data_path: "{{ matrix_mautrix_googlechat_base_path }}/data"
matrix_mautrix_googlechat_docker_src_files_path: "{{ matrix_mautrix_googlechat_base_path }}/docker-src"
matrix_mautrix_googlechat_public_endpoint: '/mautrix-googlechat'
matrix_mautrix_googlechat_homeserver_address: "{{ matrix_homeserver_container_url }}"
matrix_mautrix_googlechat_homeserver_domain: '{{ matrix_domain }}'
matrix_mautrix_googlechat_appservice_address: 'http://matrix-mautrix-googlechat:8080'
# Controls whether the matrix-mautrix-googlechat container exposes its HTTP port (tcp/8080 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9007"), or empty string to not expose.
matrix_mautrix_googlechat_container_http_host_bind_port: ''
# A list of extra arguments to pass to the container
matrix_mautrix_googlechat_container_extra_arguments: []
# List of systemd services that matrix-mautrix-googlechat.service depends on.
matrix_mautrix_googlechat_systemd_required_services_list: ['docker.service']
# List of systemd services that matrix-mautrix-googlechat.service wants
matrix_mautrix_googlechat_systemd_wanted_services_list: []
matrix_mautrix_googlechat_appservice_token: ''
matrix_mautrix_googlechat_homeserver_token: ''
# Database-related configuration fields.
#
# To use SQLite, stick to these defaults.
#
# To use Postgres:
# - change the engine (`matrix_mautrix_googlechat_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_googlechat_database_*` variables
matrix_mautrix_googlechat_database_engine: 'sqlite'
matrix_mautrix_googlechat_sqlite_database_path_local: "{{ matrix_mautrix_googlechat_data_path }}/mautrix-googlechat.db"
matrix_mautrix_googlechat_sqlite_database_path_in_container: "/data/mautrix-googlechat.db"
matrix_mautrix_googlechat_database_username: 'matrix_mautrix_googlechat'
matrix_mautrix_googlechat_database_password: 'some-password'
matrix_mautrix_googlechat_database_hostname: 'matrix-postgres'
matrix_mautrix_googlechat_database_port: 5432
matrix_mautrix_googlechat_database_name: 'matrix_mautrix_googlechat'
matrix_mautrix_googlechat_database_connection_string: 'postgres://{{ matrix_mautrix_googlechat_database_username }}:{{ matrix_mautrix_googlechat_database_password }}@{{ matrix_mautrix_googlechat_database_hostname }}:{{ matrix_mautrix_googlechat_database_port }}/{{ matrix_mautrix_googlechat_database_name }}'
matrix_mautrix_googlechat_appservice_database: "{{
{
'sqlite': ('sqlite:///' + matrix_mautrix_googlechat_sqlite_database_path_in_container),
'postgres': matrix_mautrix_googlechat_database_connection_string,
}[matrix_mautrix_googlechat_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_googlechat_login_shared_secret: ''
matrix_mautrix_googlechat_appservice_bot_username: googlechatbot
# Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_mautrix_googlechat_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_mautrix_googlechat_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_mautrix_googlechat_configuration_extension_yaml: |
# Your custom YAML configuration goes here.
# This configuration extends the default starting configuration (`matrix_mautrix_googlechat_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_mautrix_googlechat_configuration_yaml`.
matrix_mautrix_googlechat_configuration_extension: "{{ matrix_mautrix_googlechat_configuration_extension_yaml|from_yaml if matrix_mautrix_googlechat_configuration_extension_yaml|from_yaml is mapping else {} }}"
# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_googlechat_configuration_yaml`.
matrix_mautrix_googlechat_configuration: "{{ matrix_mautrix_googlechat_configuration_yaml|from_yaml|combine(matrix_mautrix_googlechat_configuration_extension, recursive=True) }}"
matrix_mautrix_googlechat_registration_yaml: |
id: googlechat
as_token: "{{ matrix_mautrix_googlechat_appservice_token }}"
hs_token: "{{ matrix_mautrix_googlechat_homeserver_token }}"
namespaces:
users:
- exclusive: true
regex: '^@googlechat_.+:{{ matrix_mautrix_googlechat_homeserver_domain|regex_escape }}$'
- exclusive: true
regex: '^@{{ matrix_mautrix_googlechat_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_googlechat_homeserver_domain|regex_escape }}$'
url: {{ matrix_mautrix_googlechat_appservice_address }}
# See https://github.com/mautrix/signal/issues/43
sender_localpart: _bot_{{ matrix_mautrix_googlechat_appservice_bot_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
matrix_mautrix_googlechat_registration: "{{ matrix_mautrix_googlechat_registration_yaml|from_yaml }}"

69
roles/matrix-bridge-mautrix-googlechat/tasks/init.yml Normal file
View File

@ -0,0 +1,69 @@
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
- name: Fail if trying to self-build on Ansible < 2.8
fail:
msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md"
when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_googlechat_container_image_self_build and matrix_mautrix_googlechat_enabled"
- set_fact:
matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-googlechat.service'] }}"
when: matrix_mautrix_googlechat_enabled|bool
# If the matrix-synapse role is not used, these variables may not exist.
- set_fact:
matrix_synapse_container_extra_arguments: >
{{ matrix_synapse_container_extra_arguments|default([]) }}
+
["--mount type=bind,src={{ matrix_mautrix_googlechat_config_path }}/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro"]
matrix_synapse_app_service_config_files: >
{{ matrix_synapse_app_service_config_files|default([]) }}
+
{{ ["/matrix-mautrix-googlechat-registration.yaml"] }}
when: matrix_mautrix_googlechat_enabled|bool
- block:
- name: Fail if matrix-nginx-proxy role already executed
fail:
msg: >-
Trying to append Mautrix googlechat's reverse-proxying configuration to matrix-nginx-proxy,
but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your plabook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-googlechat role.
when: matrix_nginx_proxy_role_executed|default(False)|bool
- name: Generate Mautrix googlechat proxying configuration for matrix-nginx-proxy
set_fact:
matrix_mautrix_googlechat_matrix_nginx_proxy_configuration: |
location {{ matrix_mautrix_googlechat_public_endpoint }} {
{% if matrix_nginx_proxy_enabled|default(False) %}
{# Use the embedded DNS resolver in Docker containers to discover the service #}
resolver 127.0.0.11 valid=5s;
set $backend "matrix-mautrix-googlechat:8080";
proxy_pass http://$backend;
{% else %}
{# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:9007;
{% endif %}
}
- name: Register Mautrix googlechat proxying configuration with matrix-nginx-proxy
set_fact:
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
{{
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+
[matrix_mautrix_googlechat_matrix_nginx_proxy_configuration]
}}
tags:
- always
when: matrix_mautrix_googlechat_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
debug:
msg: >-
NOTE: You've enabled the Mautrix googlechat bridge but are not using the matrix-nginx-proxy
reverse proxy.
Please make sure that you're proxying the `{{ matrix_mautrix_googlechat_public_endpoint }}`
URL endpoint to the matrix-mautrix-googlechat container.
You can expose the container's port using the `matrix_mautrix_googlechat_container_http_host_bind_port` variable.
when: "matrix_mautrix_googlechat_enabled|bool and (matrix_nginx_proxy_enabled is not defined or matrix_nginx_proxy_enabled|bool == false)"

21
roles/matrix-bridge-mautrix-googlechat/tasks/main.yml Normal file
View File

@ -0,0 +1,21 @@
- import_tasks: "{{ role_path }}/tasks/init.yml"
tags:
- always
- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
when: "run_setup|bool and matrix_mautrix_googlechat_enabled|bool"
tags:
- setup-all
- setup-mautrix-googlechat
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup|bool and matrix_mautrix_googlechat_enabled|bool"
tags:
- setup-all
- setup-mautrix-googlechat
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup|bool and not matrix_mautrix_googlechat_enabled|bool"
tags:
- setup-all
- setup-mautrix-googlechat

129
roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml Normal file
View File

@ -0,0 +1,129 @@
---
# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
# We don't want to fail in such cases.
- name: Fail if matrix-synapse role already executed
fail:
msg: >-
The matrix-bridge-mautrix-googlechat role needs to execute before the matrix-synapse role.
when: "matrix_synapse_role_executed|default(False)"
- set_fact:
matrix_mautrix_googlechat_requires_restart: false
- block:
- name: Check if an SQLite database already exists
stat:
path: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
register: matrix_mautrix_googlechat_sqlite_database_path_local_stat_result
- block:
- set_fact:
matrix_postgres_db_migration_request:
src: "{{ matrix_mautrix_googlechat_sqlite_database_path_local }}"
dst: "{{ matrix_mautrix_googlechat_database_connection_string }}"
caller: "{{ role_path|basename }}"
engine_variable_name: 'matrix_mautrix_googlechat_database_engine'
engine_old: 'sqlite'
systemd_services_to_stop: ['matrix-mautrix-googlechat.service']
- import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
- set_fact:
matrix_mautrix_googlechat_requires_restart: true
when: "matrix_mautrix_googlechat_sqlite_database_path_local_stat_result.stat.exists|bool"
when: "matrix_mautrix_googlechat_database_engine == 'postgres'"
- name: Ensure Mautrix googlechat image is pulled
docker_image:
name: "{{ matrix_mautrix_googlechat_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_mautrix_googlechat_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_googlechat_docker_image_force_pull }}"
when: not matrix_mautrix_googlechat_container_image_self_build
- name: Ensure Mautrix googlechat paths exist
file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- { path: "{{ matrix_mautrix_googlechat_base_path }}", when: true }
- { path: "{{ matrix_mautrix_googlechat_config_path }}", when: true }
- { path: "{{ matrix_mautrix_googlechat_data_path }}", when: true }
- { path: "{{ matrix_mautrix_googlechat_docker_src_files_path }}", when: "{{ matrix_mautrix_googlechat_container_image_self_build }}" }
when: "item.when|bool"
- name: Ensure Mautrix Hangots repository is present on self build
git:
repo: "{{ matrix_mautrix_googlechat_container_image_self_build_repo }}"
dest: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
force: "yes"
register: matrix_mautrix_googlechat_git_pull_results
when: "matrix_mautrix_googlechat_container_image_self_build|bool"
- name: Ensure Mautrix googlechat Docker image is built
docker_image:
name: "{{ matrix_mautrix_googlechat_docker_image }}"
source: build
force_source: "{{ matrix_mautrix_googlechat_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_googlechat_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
pull: yes
when: "matrix_mautrix_googlechat_container_image_self_build|bool"
- name: Check if an old database file already exists
stat:
path: "{{ matrix_mautrix_googlechat_base_path }}/mautrix-googlechat.db"
register: matrix_mautrix_googlechat_stat_database
- name: (Data relocation) Ensure matrix-mautrix-googlechat.service is stopped
service:
name: matrix-mautrix-googlechat
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_googlechat_stat_database.stat.exists"
- name: (Data relocation) Move mautrix-googlechat database file to ./data directory
command: "mv {{ matrix_mautrix_googlechat_base_path }}/mautrix-googlechat.db {{ matrix_mautrix_googlechat_data_path }}/mautrix-googlechat.db"
when: "matrix_mautrix_googlechat_stat_database.stat.exists"
- name: Ensure mautrix-googlechat config.yaml installed
copy:
content: "{{ matrix_mautrix_googlechat_configuration|to_nice_yaml }}"
dest: "{{ matrix_mautrix_googlechat_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure mautrix-googlechat registration.yaml installed
copy:
content: "{{ matrix_mautrix_googlechat_registration|to_nice_yaml }}"
dest: "{{ matrix_mautrix_googlechat_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure matrix-mautrix-googlechat.service installed
template:
src: "{{ role_path }}/templates/systemd/matrix-mautrix-googlechat.service.j2"
dest: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service"
mode: 0644
register: matrix_mautrix_googlechat_systemd_service_result
- name: Ensure systemd reloaded after matrix-mautrix-googlechat.service installation
service:
daemon_reload: yes
when: "matrix_mautrix_googlechat_systemd_service_result.changed"
- name: Ensure matrix-mautrix-googlechat.service restarted, if necessary
service:
name: "matrix-mautrix-googlechat.service"
state: restarted
when: "matrix_mautrix_googlechat_requires_restart|bool"

25
roles/matrix-bridge-mautrix-googlechat/tasks/setup_uninstall.yml Normal file
View File

@ -0,0 +1,25 @@
---
- name: Check existence of matrix-mautrix-googlechat service
stat:
path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service"
register: matrix_mautrix_googlechat_service_stat
- name: Ensure matrix-mautrix-googlechat is stopped
service:
name: matrix-mautrix-googlechat
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_googlechat_service_stat.stat.exists"
- name: Ensure matrix-mautrix-googlechat.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-mautrix-googlechat.service"
state: absent
when: "matrix_mautrix_googlechat_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-mautrix-googlechat.service removal
service:
daemon_reload: yes
when: "matrix_mautrix_googlechat_service_stat.stat.exists"

14
roles/matrix-bridge-mautrix-googlechat/tasks/validate_config.yml Normal file
View File

@ -0,0 +1,14 @@
---
- name: Fail if required settings not defined
fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
with_items:
- "matrix_mautrix_googlechat_public_endpoint"
- "matrix_mautrix_googlechat_appservice_token"
- "matrix_mautrix_googlechat_homeserver_token"
- debug:
msg:
- '`matrix_mautrix_googlechat_homeserver_domain` == {{ matrix_mautrix_googlechat_homeserver_domain }}'

145
roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2 Normal file
View File

@ -0,0 +1,145 @@
#jinja2: lstrip_blocks: "True"
# Homeserver details
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: {{ matrix_mautrix_googlechat_homeserver_address }}
# The domain of the homeserver (for MXIDs, etc).
domain: {{ matrix_mautrix_googlechat_homeserver_domain }}
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_googlechat_appservice_address }}
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 8080
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. SQLite and Postgres are fully supported.
# Other DBMSes supported by SQLAlchemy may or may not work.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: {{ matrix_mautrix_googlechat_appservice_database|to_json }}
# The unique ID of this appservice.
id: googlechat
# Username of the appservice bot.
bot_username: {{ matrix_mautrix_googlechat_appservice_bot_username|to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: googlechat bridge bot
bot_avatar: mxc://maunium.net/FBXZnpfORkBEruORbikmleAy
# Authentication tokens for AS <-> HS communication.
as_token: "{{ matrix_mautrix_googlechat_appservice_token }}"
hs_token: "{{ matrix_mautrix_googlechat_homeserver_token }}"
# Bridge config
bridge:
# Localpart template of MXIDs for googlechat users.
# {userid} is replaced with the user ID of the googlechat user.
username_template: "googlechat_{userid}"
# Displayname template for googlechat users.
# {displayname} is replaced with the display name of the googlechat user
# as defined below in displayname_preference.
# Keys available for displayname_preference are also available here.
displayname_template: '{full_name} (googlechat)'
# Available keys:
# "name" (full name)
# "first_name"
# "last_name"
# "nickname"
# "own_nickname" (user-specific!)
displayname_preference:
- name
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!HO"
# Number of chats to sync (and create portals for) on startup/login.
# Maximum 20, set 0 to disable automatic syncing.
initial_chat_sync: 20
# Whether or not the googlechat users of logged in Matrix users should be
# invited to private chats when the user sends a message from another client.
invite_own_puppet_to_pm: false
# Whether or not to use /sync to get presence, read receipts and typing notifications when using
# your own Matrix account as the Matrix puppet for your googlechat account.
sync_with_custom_puppets: true
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret: {{ matrix_mautrix_googlechat_login_shared_secret|to_json }}
# Whether or not to update avatars when syncing all contacts at startup.
update_avatar_initial_sync: true
# End-to-bridge encryption support options. These require matrix-nio to be installed with pip
# and login_shared_secret to be configured in order to get a device for the bridge bot.
#
# Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
# application service.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: false
# Public website and API configs
web:
# Auth server config
auth:
# Publicly accessible base URL for the login endpoints.
# The prefix below is not implicitly added. This URL and all subpaths should be proxied
# or otherwise pointed to the appservice's webserver to the path specified below (prefix).
# This path should usually include a trailing slash.
# Internal prefix in the appservice web server for the login endpoints.
public: "{{ matrix_homeserver_url }}{{ matrix_mautrix_googlechat_public_endpoint }}/login"
prefix: "{{ matrix_mautrix_googlechat_public_endpoint }}/login"
# Permissions for using the bridge.
# Permitted values:
# user - Use the bridge with puppeting.
# admin - Use and administrate the bridge.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions:
'{{ matrix_mautrix_googlechat_homeserver_domain }}': user
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging:
version: 1
formatters:
colored:
(): mautrix_googlechat.util.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: DEBUG
hangups:
level: DEBUG
aiohttp:
level: INFO
root:
level: DEBUG
handlers: [console]

43
roles/matrix-bridge-mautrix-googlechat/templates/systemd/matrix-mautrix-googlechat.service.j2 Normal file
View File

@ -0,0 +1,43 @@
#jinja2: lstrip_blocks: "True"
[Unit]
Description=Matrix Mautrix googlechat bridge
{% for service in matrix_mautrix_googlechat_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_mautrix_googlechat_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ matrix_systemd_unit_home_path }}"
# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
ExecStartPre={{ matrix_host_command_sleep }} 5
ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-googlechat \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_docker_network }} \
{% if matrix_mautrix_googlechat_container_http_host_bind_port %}
-p {{ matrix_mautrix_googlechat_container_http_host_bind_port }}:8080 \
{% endif %}
-v {{ matrix_mautrix_googlechat_config_path }}:/config:z \
-v {{ matrix_mautrix_googlechat_data_path }}:/data:z \
{% for arg in matrix_mautrix_googlechat_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_mautrix_googlechat_docker_image }} \
python3 -m mautrix_googlechat -c /config/config.yaml --no-update
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-googlechat 2>/dev/null'
ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-googlechat 2>/dev/null'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-googlechat
[Install]
WantedBy=multi-user.target

2
roles/matrix-bridge-mautrix-hangouts/defaults/main.yml
View File

@ -47,7 +47,7 @@ matrix_mautrix_hangouts_homeserver_token: ''
#
# To use Postgres:
# - change the engine (`matrix_mautrix_hangouts_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_hangouts_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_hangouts_database_*` variables
matrix_mautrix_hangouts_database_engine: 'sqlite'
matrix_mautrix_hangouts_sqlite_database_path_local: "{{ matrix_mautrix_hangouts_data_path }}/mautrix-hangouts.db"

1
roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml
View File

@ -85,6 +85,7 @@
service:
name: matrix-mautrix-hangouts
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_hangouts_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-hangouts/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-hangouts
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_hangouts_service_stat.stat.exists"

2
roles/matrix-bridge-mautrix-instagram/defaults/main.yml
View File

@ -37,7 +37,7 @@ matrix_mautrix_instagram_homeserver_token: ''
# Database-related configuration fields.
#
# To use Postgres:
# - adjust your database credentials via the `matrix_mautrix_instagram_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_instagram_database_*` variables
matrix_mautrix_instagram_database_engine: 'postgres'
matrix_mautrix_instagram_database_username: 'matrix_mautrix_instagram'

1
roles/matrix-bridge-mautrix-instagram/tasks/setup_uninstall.yml
View File

@ -8,6 +8,7 @@
service:
name: matrix-mautrix-instagram
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_instagram_service_stat.stat.exists"

2
roles/matrix-bridge-mautrix-signal/defaults/main.yml
View File

@ -17,7 +17,7 @@ matrix_mautrix_signal_daemon_container_self_build: false
matrix_mautrix_signal_daemon_docker_repo: "https://mau.dev/maunium/signald.git"
matrix_mautrix_signal_daemon_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signald/docker-src"
matrix_mautrix_signal_daemon_docker_image: "dock.mau.dev/maunium/signald:{{ matrix_mautrix_signal_daemon_version }}"
matrix_mautrix_signal_daemon_docker_image: "docker.io/signald/signald:{{ matrix_mautrix_signal_daemon_version }}"
matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image.endswith(':latest') }}"
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"

2
roles/matrix-bridge-mautrix-signal/tasks/setup_uninstall.yml
View File

@ -10,6 +10,7 @@
service:
name: matrix-mautrix-signal-daemon
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_signal_daemon_service_stat.stat.exists"
@ -29,6 +30,7 @@
service:
name: matrix-mautrix-signal
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_signal_service_stat.stat.exists"

73
roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
View File

@ -15,6 +15,8 @@ homeserver:
# If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: null
# Endpoint for reporting per-message status.
message_send_checkpoint_endpoint: null
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
@ -32,25 +34,19 @@ appservice:
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. Only Postgres is currently supported.
# The full URI to the database. SQLite and Postgres are supported.
# Format examples:
# SQLite: sqlite:///filename.db
# Postgres: postgres://username:password@hostname/dbname
database: {{ matrix_mautrix_signal_database_connection_string }}
# Additional arguments for asyncpg.create_pool()
# Additional arguments for asyncpg.create_pool() or sqlite3.connect()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
# For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
database_opts:
min_size: 5
max_size: 10
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
provisioning:
# Whether or not the provisioning API should be enabled.
enabled: true
# The prefix to use in the provisioning API endpoints.
prefix: /_matrix/provision/v1
# The shared secret to authorize users of the API.
# Set to "generate" to generate and save a new token.
shared_secret: generate
# The unique ID of this appservice.
id: signal
# Username of the appservice bot.
@ -66,7 +62,12 @@ appservice:
# Example: "+signal:example.com". Set to false to disable.
community_id: false
# Authentication tokens for AS <-> HS communication.
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
ephemeral_events: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "{{ matrix_mautrix_signal_appservice_token }}"
hs_token: "{{ matrix_mautrix_signal_homeserver_token }}"
@ -75,6 +76,17 @@ metrics:
enabled: false
listen_port: 8000
# Manhole config.
manhole:
# Whether or not opening the manhole is allowed.
enabled: false
# The path for the unix socket.
path: /var/tmp/mautrix-signal.manhole
# The list of UIDs who can be added to the whitelist.
# If empty, any UIDs can be specified in the open-manhole command.
whitelist:
- 0
signal:
# Path to signald unix socket
socket_path: /signald/signald.sock
@ -91,6 +103,8 @@ signal:
delete_unknown_accounts_on_start: false
# Whether or not message attachments should be removed from disk after they're bridged.
remove_file_after_handling: true
# Whether or not users can register a primary device
registration_enabled: true
# Bridge config
bridge:
@ -102,6 +116,7 @@ bridge:
# available variable in displayname_preference. The variables in displayname_preference
# can also be used here directly.
displayname_template: "{displayname} (Signal)"
# Whether or not contact list displaynames should be used.
# Possible values: disallow, allow, prefer
#
# Multi-user instances are recommended to disallow contact list names, as otherwise there can
@ -140,7 +155,7 @@ bridge:
# If false, created portal rooms will never be federated.
federate_rooms: true
# End-to-bridge encryption support options. You must install the e2be optional dependency for
# this to work. See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html
# this to work. See https://github.com/tulir/mautrix-telegram/wiki/Endtobridge-encryption
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
@ -173,12 +188,38 @@ bridge:
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# Interval at which to resync contacts.
# Interval at which to resync contacts (in seconds).
periodic_sync: 0
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
provisioning:
# Whether or not the provisioning API should be enabled.
enabled: true
# The prefix to use in the provisioning API endpoints.
prefix: /_matrix/provision/v1
# The shared secret to authorize users of the API.
# Set to "generate" to generate and save a new token.
shared_secret: generate
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!signal"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a Signal bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `register` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# Send each message separately (for readability in some clients)
management_room_multiple_messages: false
# Permissions for using the bridge.
# Permitted values:
# relay - Allowed to be relayed through the bridge, no access to commands.

4
roles/matrix-bridge-mautrix-telegram/defaults/main.yml
View File

@ -13,7 +13,7 @@ matrix_mautrix_telegram_container_self_build: false
matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
matrix_mautrix_telegram_version: v0.10.1
matrix_mautrix_telegram_version: v0.10.2
# See: https://mau.dev/mautrix/telegram/container_registry
matrix_mautrix_telegram_docker_image: "dock.mau.dev/mautrix/telegram:{{ matrix_mautrix_telegram_version }}"
matrix_mautrix_telegram_docker_image_force_pull: "{{ matrix_mautrix_telegram_docker_image.endswith(':latest') }}"
@ -63,7 +63,7 @@ matrix_mautrix_telegram_homeserver_token: ''
#
# To use Postgres:
# - change the engine (`matrix_mautrix_telegram_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_telegram_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_telegram_database_*` variables
matrix_mautrix_telegram_database_engine: 'sqlite'
matrix_mautrix_telegram_sqlite_database_path_local: "{{ matrix_mautrix_telegram_data_path }}/mautrix-telegram.db"

1
roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml
View File

@ -107,6 +107,7 @@
service:
name: matrix-mautrix-telegram
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_telegram_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-telegram/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-telegram
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_telegram_service_stat.stat.exists"

10
roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml
View File

@ -36,14 +36,13 @@ matrix_mautrix_whatsapp_homeserver_token: ''
matrix_mautrix_whatsapp_appservice_bot_username: whatsappbot
# Database-related configuration fields.
#
# To use SQLite, stick to these defaults.
#
# To use Postgres:
# - change the engine (`matrix_mautrix_whatsapp_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_mautrix_whatsapp_postgres_*` variables
# - adjust your database credentials via the `matrix_mautrix_whatsapp_database_*` variables
matrix_mautrix_whatsapp_database_engine: 'sqlite'
matrix_mautrix_whatsapp_sqlite_database_path_local: "{{ matrix_mautrix_whatsapp_data_path }}/mautrix-whatsapp.db"
@ -71,9 +70,14 @@ matrix_mautrix_whatsapp_appservice_database_uri: "{{
}[matrix_mautrix_whatsapp_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_whatsapp_login_shared_secret: ''
matrix_mautrix_whatsapp_bridge_login_shared_secret_map:
"{{ {matrix_mautrix_whatsapp_homeserver_domain: matrix_mautrix_whatsapp_login_shared_secret} if matrix_mautrix_whatsapp_login_shared_secret else {} }}"
# Servers to always allow double puppeting from
matrix_mautrix_whatsapp_bridge_double_puppet_server_map:
"{{ matrix_mautrix_whatsapp_homeserver_domain : matrix_mautrix_whatsapp_homeserver_address }}"
# Default mautrix-whatsapp configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.

1
roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
View File

@ -93,6 +93,7 @@
service:
name: matrix-mautrix-whatsapp
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mautrix_whatsapp_stat_database.stat.exists"

1
roles/matrix-bridge-mautrix-whatsapp/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mautrix-whatsapp
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mautrix_whatsapp_service_stat.stat.exists"

202
roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2
View File

@ -7,15 +7,17 @@ homeserver:
domain: {{ matrix_mautrix_whatsapp_homeserver_domain }}
# Application service host/registration related details.
# Changing these values requires regeneration of the registration.
# The URL to push real-time bridge status to.
# If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes.
# The bridge will use the appservice as_token to authorize requests.
status_endpoint: "null"
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_whatsapp_appservice_address }}
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 8080
# Database config.
database:
# The database type. "sqlite3" and "postgres" are supported.
@ -27,10 +29,6 @@ appservice:
# Maximum number of connections. Mostly relevant for Postgres.
max_open_conns: 20
max_idle_conns: 2
# Path to the Matrix room state store.
state_store_path: ./mx-state.json
# The unique ID of this appservice.
id: whatsapp
# Appservice bot details.
@ -41,7 +39,6 @@ appservice:
# to leave display name/avatar as-is.
displayname: WhatsApp bridge bot
avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}"
hs_token: "{{ matrix_mautrix_whatsapp_homeserver_token }}"
@ -51,79 +48,137 @@ bridge:
# Localpart template of MXIDs for WhatsApp users.
# {{ '{{.}}' }} is replaced with the phone number of the WhatsApp user.
username_template: "{{ 'whatsapp_{{.}}' }}"
# Displayname template for WhatsApp users.
# {{ '{{.Notify'}}' }} - nickname set by the WhatsApp user
# {{ '{{.Jid}}' }} - phone number (international format)
# The following variables are also available, but will cause problems on multi-user instances:
# {{ '{{.Name}}' }} - display name from contact list
# {{ '{{.Short}}' }} - short display name from contact list
displayname_template: "{{ '{{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}} (WA)' }}"
# WhatsApp connection timeout in seconds.
connection_timeout: 20
# Maximum number of times to retry connecting on connection error.
max_connection_attempts: 3
# Number of seconds to wait between connection attempts.
# Negative numbers are exponential backoff: -connection_retry_delay + 1 + 2^attempts
connection_retry_delay: -1
# Whether or not the bridge should send a notice to the user's management room when it retries connecting.
# If false, it will only report when it stops retrying.
report_connection_retry: true
# Maximum number of seconds to wait for chats to be sent at startup.
# If this is too low and you have lots of chats, it could cause backfilling to fail.
chat_list_wait: 30
# Maximum number of seconds to wait to sync portals before force unlocking message processing.
# If this is too low and you have lots of chats, it could cause backfilling to fail.
portal_sync_wait: 600
# Whether or not to send call start/end notices to Matrix.
call_notices:
start: true
end: true
# Number of chats to sync for new users.
initial_chat_sync_count: 10
# Number of old messages to fill when creating new portal rooms.
initial_history_fill_count: 20
# Maximum number of chats to sync when recovering from downtime.
# Set to -1 to sync all new chats during downtime.
recovery_chat_sync_limit: -1
# Whether or not to sync history when recovering from downtime.
recovery_history_backfill: true
# Maximum number of seconds since last message in chat to skip
# syncing the chat in any case. This setting will take priority
# over both recovery_chat_sync_limit and initial_chat_sync_count.
# Default is 3 days = 259200 seconds
sync_max_chat_age: 259200
# Whether or not to sync with custom puppets to receive EDUs that
# are not normally sent to appservices.
displayname_template: "{{ '{{if .PushName}}{{.PushName}}{{else if .BusinessName}}{{.BusinessName}}{{else}}{{.JID}}{{end}} (WA)' }}"
# Should the bridge send a read receipt from the bridge bot when a message has been sent to WhatsApp?
delivery_receipts: false
# Should incoming calls send a message to the Matrix room?
call_start_notices: true
# Should another user's cryptographic identity changing send a message to Matrix?
identity_change_notices: false
# Should a "reactions not yet supported" warning be sent to the Matrix room when a user reacts to a message?
reaction_notices: true
portal_message_buffer: 128
# Settings for handling history sync payloads. These settings only apply right after login,
# because the phone only sends the history sync data once, and there's no way to re-request it
# (other than logging out and back in again).
history_sync:
# Should the bridge create portals for chats in the history sync payload?
create_portals: true
# Maximum age of chats in seconds to create portals for. Set to 0 to create portals for all chats in sync payload.
max_age: 604800
# Enable backfilling history sync payloads from WhatsApp using batch sending?
# This requires a server with MSC2716 support, which is currently an experimental feature in synapse.
# It can be enabled by setting experimental_features -> msc2716_enabled to true in homeserver.yaml.
# Note that as of Synapse 1.46, there are still some bugs with the implementation, especially if using event persistence workers.
backfill: false
# Use double puppets for backfilling?
# In order to use this, the double puppets must be in the appservice's user ID namespace
# (because the bridge can't use the double puppet access token with batch sending).
# This only affects double puppets on the local server, double puppets on other servers will never be used.
# Doesn't work out of box with this playbook
double_puppet_backfill: false
# Should the bridge request a full sync from the phone when logging in?
# This bumps the size of history syncs from 3 months to 1 year.
request_full_sync: false
user_avatar_sync: true
# Should Matrix users leaving groups be bridged to WhatsApp?
bridge_matrix_leave: true
# Should the bridge sync with double puppeting to receive EDUs that aren't normally sent to appservices.
sync_with_custom_puppets: true
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
# Should the bridge update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# When double puppeting is enabled, users can use `!wa toggle` to change whether
# presence and read receipts are bridged. These settings set the default values.
# Existing users won't be affected when these are changed.
default_bridge_receipts: true
default_bridge_presence: true
# Servers to always allow double puppeting from
double_puppet_server_map:
"{{ matrix_mautrix_whatsapp_homeserver_domain }}": {{ matrix_mautrix_whatsapp_homeserver_address }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# If set, double puppeting will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
login_shared_secret: {{ matrix_mautrix_whatsapp_login_shared_secret|to_json }}
# Whether or not to invite own WhatsApp user's Matrix puppet into private
# chat portals when backfilling if needed.
# This always uses the default puppet instead of custom puppets due to
# rate limits and timestamp massaging.
invite_own_puppet_for_backfilling: true
# Whether or not to explicitly set the avatar and room name for private
# chat portal rooms. This can be useful if the previous field works fine,
# but causes room avatar/name bugs.
login_shared_secret_map: {{ matrix_mautrix_whatsapp_bridge_login_shared_secret_map|to_json }}
# Should the bridge explicitly set the avatar and room name for private chat portal rooms?
private_chat_portal_meta: false
# Should Matrix m.notice-type messages be bridged?
bridge_notices: true
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it, except if the config file is not writable.
resend_bridge_info: false
# When using double puppeting, should muted chats be muted in Matrix?
mute_bridging: false
# When using double puppeting, should archived chats be moved to a specific tag in Matrix?
# Note that WhatsApp unarchives chats when a message is received, which will also be mirrored to Matrix.
# This can be set to a tag (e.g. m.lowpriority), or null to disable.
archive_tag: null
# Same as above, but for pinned chats. The favorite tag is called m.favourite
pinned_tag: null
# Should mute status and tags only be bridged when the portal room is created?
tag_only_on_create: true
# Should WhatsApp status messages be bridged into a Matrix room?
# Disabling this won't affect already created status broadcast rooms.
enable_status_broadcast: true
# Should the status broadcast room be muted and moved into low priority by default?
# This is only applied when creating the room, the user can unmute/untag it later.
mute_status_broadcast: true
# Should the bridge use thumbnails from WhatsApp?
# They're disabled by default due to very low resolution.
whatsapp_thumbnail: false
# Allow invite permission for user. User can invite any bots to room with whatsapp
# users (private chat and groups)
allow_user_invite: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!wa"
# Messages sent upon joining a management room.
# Markdown is supported. The defaults are listed below.
management_room_text:
# Sent when joining a room.
welcome: "Hello, I'm a WhatsApp bridge bot."
# Sent when joining a management room and the user is already logged in.
welcome_connected: "Use `help` for help."
# Sent when joining a management room and the user is not logged in.
welcome_unconnected: "Use `help` for help or `login` to log in."
# Optional extra text sent when joining a management room.
additional_help: ""
# End-to-bridge encryption support options.
#
# See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: false
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
# It is recommended to also set private_chat_portal_meta to true when using this.
default: false
# Options for automatic key sharing.
key_sharing:
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow: false
# Require the requesting device to have a valid cross-signing signature?
# This doesn't require that the bridge has verified the device, only that the user has verified it.
# Not yet implemented.
require_cross_signing: false
# Require devices to be verified by the bridge?
# Verification by the bridge is not yet implemented.
require_verification: true
# Permissions for using the bridge.
# Permitted values:
# relay - Talk through the relaybot (if enabled), no access otherwise
# user - Access to use the bridge to chat with a WhatsApp account.
# admin - User level and some additional administration tools
# Permitted keys:
@ -133,15 +188,13 @@ bridge:
permissions:
"{{ matrix_mautrix_whatsapp_homeserver_domain }}": user
relaybot:
# Whether or not relaybot support is enabled.
# Settings for relay mode
relay:
# Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: false
# The management room for the bot. This is where all status notifications are posted and
# in this room, you can use `!wa <command>` instead of `!wa relaybot <command>`. Omitting
# the command prefix completely like in user management rooms is not possible.
management: '!foo:example.com'
# List of users to invite to all created rooms that include the relaybot.
invites: []
# Should only admins be allowed to set themselves as relay users?
admin_only: true
# The formats to use when sending messages to WhatsApp via the relaybot.
message_formats:
m.text: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: {{ '{{ .Message }}' }}"
@ -152,6 +205,7 @@ bridge:
m.audio: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: sent an audio file"
m.video: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: sent a video"
m.location: "<b>{{ '{{ .Sender.Displayname }}' }}</b>: sent a location"
# Logging config.
logging:
# The directory for log files. Will be created if not found.

2
roles/matrix-bridge-mx-puppet-discord/defaults/main.yml
View File

@ -27,6 +27,8 @@ matrix_mx_puppet_discord_homeserver_address: "{{ matrix_homeserver_container_url
matrix_mx_puppet_discord_homeserver_domain: '{{ matrix_domain }}'
matrix_mx_puppet_discord_appservice_address: 'http://matrix-mx-puppet-discord:{{ matrix_mx_puppet_discord_appservice_port }}'
matrix_mx_puppet_discord_bridge_mediaUrl: "https:/{{ matrix_server_fqn_matrix }}"
# "@user:server.com" to allow specific user
# "@.*:yourserver.com" to allow users on a specific homeserver
# "@.*" to allow anyone

1
roles/matrix-bridge-mx-puppet-discord/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-discord
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_discord_service_stat.stat.exists"

10
roles/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2
View File

@ -9,17 +9,17 @@ bridge:
domain: {{ matrix_mx_puppet_discord_homeserver_domain }}
# Reachable URL of the Matrix homeserver
homeserverUrl: {{ matrix_mx_puppet_discord_homeserver_address }}
# Optionally specify a different media URL used for the media store
#
# This is where Discord will download user profile pictures and media
# from
mediaUrl: {{ matrix_mx_puppet_discord_bridge_mediaUrl }}
{% if matrix_mx_puppet_discord_login_shared_secret != '' %}
loginSharedSecretMap:
{{ matrix_domain }}: {{ matrix_mx_puppet_discord_login_shared_secret }}
{% endif %}
# Display name of the bridge bot
displayname: Discord Puppet Bridge
# Optionally specify a different media URL used for the media store
#
# This is where Discord will download user profile pictures and media
# from
#mediaUrl: https://external-url.org
presence:
# Bridge Discord online/offline status

1
roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-groupme
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_groupme_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-groupme/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-groupme
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_groupme_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-instagram/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-instagram
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_instagram_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-skype
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_skype_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-skype
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_skype_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-slack
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_slack_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-slack/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-slack
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_slack_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-steam
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_steam_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-steam/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-steam
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_steam_service_stat.stat.exists"

1
roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml
View File

@ -31,6 +31,7 @@
service:
name: matrix-mx-puppet-twitter
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_mx_puppet_twitter_stat_database.stat.exists"

1
roles/matrix-bridge-mx-puppet-twitter/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-mx-puppet-twitter
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_mx_puppet_twitter_service_stat.stat.exists"

2
roles/matrix-bridge-sms/defaults/main.yml
View File

@ -26,7 +26,7 @@ matrix_sms_bridge_systemd_wanted_services_list: []
matrix_sms_bridge_appservice_url: 'http://matrix-sms-bridge:8080'
matrix_sms_bridge_homeserver_hostname: 'matrix-synapse'
matrix_sms_bridge_homeserver_port: '8008'
matrix_sms_bridge_homeserver_port: ""
matrix_sms_bridge_homserver_domain: "{{ matrix_domain }}"
matrix_sms_bridge_default_room: ''

3
roles/matrix-bridge-sms/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-sms-bridge
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_sms_bridge_service_stat.stat.exists"
@ -16,4 +17,4 @@
file:
path: "{{ matrix_systemd_path }}/matrix-sms-bridge.service"
state: absent
when: "matrix_sms_bridge_service_stat.stat.exists"
when: "matrix_sms_bridge_service_stat.stat.exists"

1
roles/matrix-bridge-sms/tasks/validate_config.yml
View File

@ -7,6 +7,7 @@
when: "vars[item] == ''"
with_items:
- "matrix_sms_bridge_appservice_token"
- "matrix_sms_bridge_homeserver_port"
- "matrix_sms_bridge_homeserver_token"
- "matrix_sms_bridge_default_region"
- "matrix_sms_bridge_default_timezone"

6
roles/matrix-client-element/defaults/main.yml
View File

@ -2,8 +2,12 @@ matrix_client_element_enabled: true
matrix_client_element_container_image_self_build: false
matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git"
# Controls whether to patch webpack.config.js when self-building, so that building can pass on low-memory systems (< 4 GB RAM):
# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
# - https://github.com/vector-im/element-web/issues/19544
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
matrix_client_element_version: v1.9.0
matrix_client_element_version: v1.9.7
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"

10
roles/matrix-client-element/tasks/main.yml
View File

@ -20,8 +20,14 @@
- setup-all
- setup-client-element
- import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_setup|bool
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup|bool and matrix_client_element_enabled|bool"
tags:
- setup-all
- setup-client-element
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup|bool and not matrix_client_element_enabled|bool"
tags:
- setup-all
- setup-client-element

1
roles/matrix-client-element/tasks/migrate_riot_web.yml
View File

@ -10,6 +10,7 @@
service:
name: matrix-riot-web
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_client_element_enabled|bool and matrix_client_riot_web_service_stat.stat.exists"

75
roles/matrix-client-element/tasks/setup.yml → roles/matrix-client-element/tasks/setup_install.yml
View File

@ -1,9 +1,5 @@
---
#
# Tasks related to setting up Element
#
- name: Ensure Element paths exists
file:
path: "{{ item.path }}"
@ -14,7 +10,7 @@
with_items:
- { path: "{{ matrix_client_element_data_path }}", when: true }
- { path: "{{ matrix_client_element_docker_src_files_path }}", when: "{{ matrix_client_element_container_image_self_build }}" }
when: matrix_client_element_enabled|bool and item.when
when: "item.when|bool"
- name: Ensure Element Docker image is pulled
docker_image:
@ -22,7 +18,7 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_client_element_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_element_docker_image_force_pull }}"
when: matrix_client_element_enabled|bool and not matrix_client_element_container_image_self_build
when: "not matrix_client_element_container_image_self_build|bool"
- name: Ensure Element repository is present on self-build
git:
@ -31,7 +27,21 @@
version: "{{ matrix_client_element_docker_image.split(':')[1] }}"
force: "yes"
register: matrix_client_element_git_pull_results
when: "matrix_client_element_enabled|bool and matrix_client_element_container_image_self_build|bool"
when: "matrix_client_element_container_image_self_build|bool"
# See:
# - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357
# - https://github.com/vector-im/element-web/issues/19544
- name: Patch webpack.config.js to support building on low-memory (<4G RAM) devices
lineinfile:
path: "{{ matrix_client_element_docker_src_files_path }}/webpack.config.js"
regexp: '(\s+)splitChunks: \{'
line: '\1splitChunks: { maxSize: 100000,'
backrefs: yes
owner: root
group: root
mode: '0644'
when: "matrix_client_element_container_image_self_build|bool and matrix_client_element_container_image_self_build_low_memory_system_patch_enabled|bool"
- name: Ensure Element Docker image is built
docker_image:
@ -43,7 +53,7 @@
dockerfile: Dockerfile
path: "{{ matrix_client_element_docker_src_files_path }}"
pull: yes
when: "matrix_client_element_enabled|bool and matrix_client_element_container_image_self_build|bool"
when: "matrix_client_element_container_image_self_build|bool"
- name: Ensure Element configuration installed
copy:
@ -52,7 +62,6 @@
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: matrix_client_element_enabled|bool
- name: Ensure Element config files installed
template:
@ -65,7 +74,7 @@
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
- {src: "{{ matrix_client_element_page_template_welcome_path }}", name: "welcome.html"}
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_client_element_enabled|bool and item.src is not none"
when: "item.src is not none"
- name: Ensure Element config files removed
file:
@ -73,7 +82,7 @@
state: absent
with_items:
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
when: "matrix_client_element_enabled|bool and item.src is none"
when: "item.src is none"
- name: Ensure matrix-client-element.service installed
template:
@ -81,50 +90,8 @@
dest: "{{ matrix_systemd_path }}/matrix-client-element.service"
mode: 0644
register: matrix_client_element_systemd_service_result
when: matrix_client_element_enabled|bool
- name: Ensure systemd reloaded after matrix-client-element.service installation
service:
daemon_reload: yes
when: "matrix_client_element_enabled and matrix_client_element_systemd_service_result.changed"
#
# Tasks related to getting rid of Element (if it was previously enabled)
#
- name: Check existence of matrix-client-element.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
register: matrix_client_element_service_stat
when: "not matrix_client_element_enabled|bool"
- name: Ensure matrix-client-element is stopped
service:
name: matrix-client-element
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_client_element_enabled|bool and matrix_client_element_service_stat.stat.exists"
- name: Ensure matrix-client-element.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
state: absent
when: "not matrix_client_element_enabled|bool and matrix_client_element_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-client-element.service removal
service:
daemon_reload: yes
when: "not matrix_client_element_enabled|bool and matrix_client_element_service_stat.stat.exists"
- name: Ensure Element paths doesn't exist
file:
path: "{{ matrix_client_element_data_path }}"
state: absent
when: "not matrix_client_element_enabled|bool"
- name: Ensure Element Docker image doesn't exist
docker_image:
name: "{{ matrix_client_element_docker_image }}"
state: absent
when: "not matrix_client_element_enabled|bool"
when: "matrix_client_element_systemd_service_result.changed|bool"

36
roles/matrix-client-element/tasks/setup_uninstall.yml Normal file
View File

@ -0,0 +1,36 @@
---
- name: Check existence of matrix-client-element.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
register: matrix_client_element_service_stat
- name: Ensure matrix-client-element is stopped
service:
name: matrix-client-element
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_client_element_service_stat.stat.exists|bool"
- name: Ensure matrix-client-element.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-element.service"
state: absent
when: "matrix_client_element_service_stat.stat.exists|bool"
- name: Ensure systemd reloaded after matrix-client-element.service removal
service:
daemon_reload: yes
when: "matrix_client_element_service_stat.stat.exists|bool"
- name: Ensure Element paths doesn't exist
file:
path: "{{ matrix_client_element_data_path }}"
state: absent
- name: Ensure Element Docker image doesn't exist
docker_image:
name: "{{ matrix_client_element_docker_image }}"
state: absent

2
roles/matrix-client-hydrogen/defaults/main.yml
View File

@ -5,7 +5,7 @@ matrix_client_hydrogen_enabled: true
matrix_client_hydrogen_container_image_self_build: true
matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
matrix_client_hydrogen_version: v0.2.7
matrix_client_hydrogen_version: v0.2.19
matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}"
matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"

10
roles/matrix-client-hydrogen/tasks/main.yml
View File

@ -8,8 +8,14 @@
- setup-all
- setup-client-hydrogen
- import_tasks: "{{ role_path }}/tasks/setup.yml"
when: run_setup|bool
- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
when: "run_setup|bool and matrix_client_hydrogen_enabled|bool"
tags:
- setup-all
- setup-client-hydrogen
- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
when: "run_setup|bool and not matrix_client_hydrogen_enabled|bool"
tags:
- setup-all
- setup-client-hydrogen

60
roles/matrix-client-hydrogen/tasks/setup.yml → roles/matrix-client-hydrogen/tasks/setup_install.yml
View File

@ -1,9 +1,5 @@
---
#
# Tasks related to setting up Hydrogen
#
- name: Ensure Hydrogen paths exists
file:
path: "{{ item.path }}"
@ -14,7 +10,7 @@
with_items:
- { path: "{{ matrix_client_hydrogen_data_path }}", when: true }
- { path: "{{ matrix_client_hydrogen_docker_src_files_path }}", when: "{{ matrix_client_hydrogen_container_image_self_build }}" }
when: matrix_client_hydrogen_enabled|bool and item.when
when: "item.when|bool"
- name: Ensure Hydrogen Docker image is pulled
docker_image:
@ -22,7 +18,7 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_client_hydrogen_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_hydrogen_docker_image_force_pull }}"
when: matrix_client_hydrogen_enabled|bool and not matrix_client_hydrogen_container_image_self_build
when: "not matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure Hydrogen repository is present on self-build
git:
@ -31,7 +27,7 @@
version: "{{ matrix_client_hydrogen_docker_image.split(':')[1] }}"
force: "yes"
register: matrix_client_hydrogen_git_pull_results
when: "matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_container_image_self_build|bool"
when: "matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure Hydrogen configuration installed
copy:
@ -40,7 +36,7 @@
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
when: "matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_container_image_self_build|bool"
when: "matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure Hydrogen additional config files installed
template:
@ -51,7 +47,7 @@
group: "{{ matrix_user_groupname }}"
with_items:
- {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
when: "matrix_client_hydrogen_enabled|bool and item.src is not none"
when: "item.src is not none"
# This step MUST come after the steps to install the configuration files because the config files
# are currently only read at build time, not at run time like most other components in the playbook
@ -64,7 +60,7 @@
dockerfile: Dockerfile
path: "{{ matrix_client_hydrogen_docker_src_files_path }}"
pull: yes
when: "matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_container_image_self_build|bool"
when: "matrix_client_hydrogen_container_image_self_build|bool"
- name: Ensure matrix-client-hydrogen.service installed
template:
@ -72,50 +68,8 @@
dest: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
mode: 0644
register: matrix_client_hydrogen_systemd_service_result
when: matrix_client_hydrogen_enabled|bool
- name: Ensure systemd reloaded after matrix-client-hydrogen.service installation
service:
daemon_reload: yes
when: "matrix_client_hydrogen_enabled and matrix_client_hydrogen_systemd_service_result.changed"
#
# Tasks related to getting rid of Hydrogen (if it was previously enabled)
#
- name: Check existence of matrix-client-hydrogen.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
register: matrix_client_hydrogen_service_stat
when: "not matrix_client_hydrogen_enabled|bool"
- name: Ensure matrix-client-hydrogen is stopped
service:
name: matrix-client-hydrogen
state: stopped
daemon_reload: yes
register: stopping_result
when: "not matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_service_stat.stat.exists"
- name: Ensure matrix-client-hydrogen.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
state: absent
when: "not matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_service_stat.stat.exists"
- name: Ensure systemd reloaded after matrix-client-hydrogen.service removal
service:
daemon_reload: yes
when: "not matrix_client_hydrogen_enabled|bool and matrix_client_hydrogen_service_stat.stat.exists"
- name: Ensure Hydrogen paths doesn't exist
file:
path: "{{ matrix_client_hydrogen_data_path }}"
state: absent
when: "not matrix_client_hydrogen_enabled|bool"
- name: Ensure Hydrogen Docker image doesn't exist
docker_image:
name: "{{ matrix_client_hydrogen_docker_image }}"
state: absent
when: "not matrix_client_hydrogen_enabled|bool"
when: "matrix_client_hydrogen_systemd_service_result.changed|bool"

36
roles/matrix-client-hydrogen/tasks/setup_uninstall.yml Normal file
View File

@ -0,0 +1,36 @@
---
- name: Check existence of matrix-client-hydrogen.service
stat:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
register: matrix_client_hydrogen_service_stat
- name: Ensure matrix-client-hydrogen is stopped
service:
name: matrix-client-hydrogen
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
- name: Ensure matrix-client-hydrogen.service doesn't exist
file:
path: "{{ matrix_systemd_path }}/matrix-client-hydrogen.service"
state: absent
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
- name: Ensure systemd reloaded after matrix-client-hydrogen.service removal
service:
daemon_reload: yes
when: "matrix_client_hydrogen_service_stat.stat.exists|bool"
- name: Ensure Hydrogen paths doesn't exist
file:
path: "{{ matrix_client_hydrogen_data_path }}"
state: absent
- name: Ensure Hydrogen Docker image doesn't exist
docker_image:
name: "{{ matrix_client_hydrogen_docker_image }}"
state: absent

25
roles/matrix-common-after/tasks/awx_post.yml
View File

@ -1,8 +1,8 @@
---
- name: Create user account @janitor
- name: Create user account @_janitor
command: |
/usr/local/bin/matrix-synapse-register-user janitor {{ awx_janitor_user_password | quote }} 1
/usr/local/bin/matrix-synapse-register-user _janitor {{ awx_janitor_user_password | quote }} 1
register: cmd
when: not awx_janitor_user_created|bool
no_log: True
@ -18,9 +18,9 @@
'awx_janitor_user_created': 'true'
when: not awx_janitor_user_created|bool
- name: Create user account @dimension
- name: Create user account @_dimension
command: |
/usr/local/bin/matrix-synapse-register-user dimension {{ awx_dimension_user_password | quote }} 0
/usr/local/bin/matrix-synapse-register-user _dimension {{ awx_dimension_user_password | quote }} 0
register: cmd
when: not awx_dimension_user_created|bool
no_log: True
@ -36,9 +36,9 @@
'awx_dimension_user_created': 'true'
when: not awx_dimension_user_created|bool
- name: Create user account @mjolnir
- name: Create user account @_mjolnir
command: |
/usr/local/bin/matrix-synapse-register-user mjolnir {{ awx_mjolnir_user_password | quote }} 0
/usr/local/bin/matrix-synapse-register-user _mjolnir {{ awx_mjolnir_user_password | quote }} 0
register: cmd
when: not awx_mjolnir_user_created|bool
no_log: True
@ -62,3 +62,16 @@
group: matrix
mode: '0770'
when: awx_customise_base_domain_website is defined
- name: Collect Discord AppService bot invite link if file exists
command:
cat /matrix/appservice-discord/config/invite_link
register: awx_discord_appservice_link
when: awx_appservice_discord_admin_user is defined
args:
removes: /matrix/appservice-discord/config/invite_link
- name: Print Discord AppService bot link for user
debug:
msg: "{{ awx_discord_appservice_link.stdout }}"
when: awx_discord_appservice_link.stdout is defined

4
roles/matrix-corporal/defaults/main.yml
View File

@ -22,7 +22,7 @@ matrix_corporal_container_extra_arguments: []
# List of systemd services that matrix-corporal.service depends on
matrix_corporal_systemd_required_services_list: ['docker.service']
matrix_corporal_version: 2.1.2
matrix_corporal_version: 2.2.2
matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}"
matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}" # for backward-compatibility
@ -36,7 +36,7 @@ matrix_corporal_var_dir_path: "{{ matrix_corporal_base_path }}/var"
matrix_corporal_matrix_homeserver_domain_name: "{{ matrix_domain }}"
# Controls where matrix-corporal can reach your Synapse server (e.g. "http://matrix-synapse:8008").
# Controls where matrix-corporal can reach your Synapse server (e.g. "http://matrix-synapse:{{ matrix_synapse_container_client_api_port }}").
# If Synapse runs on the same machine, you may need to add its service to `matrix_corporal_systemd_required_services_list`.
matrix_corporal_matrix_homeserver_api_endpoint: ""

1
roles/matrix-corporal/tasks/setup_corporal.yml
View File

@ -83,6 +83,7 @@
service:
name: matrix-corporal
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "not matrix_corporal_enabled|bool and matrix_corporal_service_stat.stat.exists"

2
roles/matrix-coturn/tasks/setup_uninstall.yml
View File

@ -10,6 +10,7 @@
service:
name: matrix-coturn
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_coturn_service_stat.stat.exists|bool"
@ -17,6 +18,7 @@
service:
name: matrix-coturn
state: stopped
enabled: no
daemon_reload: yes
failed_when: false
when: "matrix_coturn_service_stat.stat.exists|bool"

12
roles/matrix-dimension/defaults/main.yml
View File

@ -10,10 +10,16 @@ matrix_dimension_admins: []
# Whether to allow Dimension widgets serve websites with invalid or self signed SSL certificates
matrix_dimension_widgets_allow_self_signed_ssl_certificates: false
matrix_dimension_container_image_self_build: false
matrix_dimension_container_image_self_build_repo: "https://github.com/turt2live/matrix-dimension.git"
matrix_dimension_container_image_self_build_branch: master
matrix_dimension_base_path: "{{ matrix_base_data_path }}/dimension"
matrix_dimension_docker_src_files_path: "{{ matrix_base_data_path }}/docker-src/dimension"
matrix_dimension_version: latest
matrix_dimension_docker_image: "{{ matrix_container_global_registry_prefix }}turt2live/matrix-dimension:{{ matrix_dimension_version }}"
matrix_dimension_docker_image: "{{ matrix_dimension_docker_image_name_prefix }}turt2live/matrix-dimension:{{ matrix_dimension_version }}"
matrix_dimension_docker_image_name_prefix: "{{ 'localhost/' if matrix_dimension_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_dimension_docker_image_force_pull: "{{ matrix_dimension_docker_image.endswith(':latest') }}"
# List of systemd services that matrix-dimension.service depends on.
@ -39,7 +45,7 @@ matrix_dimension_integrations_rest_url: "https://{{ matrix_server_fqn_dimension
matrix_dimension_integrations_widgets_urls: ["https://{{ matrix_server_fqn_dimension }}/widgets"]
matrix_dimension_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_dimension }}/widgets/jitsi"
matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:8048"
matrix_dimension_homeserver_federationUrl: ""
# Database-related configuration fields.
@ -48,7 +54,7 @@ matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:8048"
#
# To use Postgres:
# - change the engine (`matrix_dimension_database_engine: 'postgres'`)
# - adjust your database credentials via the `matrix_dimension_postgres_*` variables
# - adjust your database credentials via the `matrix_dimension_database_*` variables
matrix_dimension_database_engine: 'sqlite'
matrix_dimension_sqlite_database_path_local: "{{ matrix_dimension_base_path }}/dimension.db"

23
roles/matrix-dimension/tasks/setup_install.yml
View File

@ -90,6 +90,29 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_dimension_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_docker_image_force_pull }}"
when: "not matrix_dimension_container_image_self_build|bool"
register: matrix_dimension_pull_results
- name: Ensure dimension repository is present on self-build
git:
repo: "{{ matrix_dimension_container_image_self_build_repo }}"
dest: "{{ matrix_dimension_docker_src_files_path }}"
version: "{{ matrix_dimension_container_image_self_build_branch }}"
force: "yes"
when: "matrix_dimension_container_image_self_build|bool"
register: matrix_dimension_git_pull_results
- name: Ensure Dimension Docker image is built
docker_image:
name: "{{ matrix_dimension_docker_image }}"
source: build
force_source: "{{ matrix_dimension_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_dimension_docker_src_files_path }}"
pull: yes
when: "matrix_dimension_container_image_self_build|bool"
- name: Ensure matrix-dimension.service installed
template:

1
roles/matrix-dimension/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-dimension
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_dimension_service_stat.stat.exists|bool"

1
roles/matrix-dynamic-dns/tasks/uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-dynamic-dns
state: stopped
enabled: no
daemon_reload: yes
when: "matrix_dynamic_dns_service_stat.stat.exists"

1
roles/matrix-email2matrix/tasks/setup_uninstall.yml
View File

@ -9,6 +9,7 @@
service:
name: matrix-email2matrix
state: stopped
enabled: no
daemon_reload: yes
register: stopping_result
when: "matrix_email2matrix_service_stat.stat.exists|bool"

Some files were not shown because too many files have changed in this diff Show More