Add support for synapse-http-antispam and integrate it with Draupnir
Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4284
This commit is contained in:
Slavi Pantaleev
@ -28,8 +28,18 @@ matrix_bot_draupnir_config_path: "{{ matrix_bot_draupnir_base_path }}/config"
|
||||
matrix_bot_draupnir_data_path: "{{ matrix_bot_draupnir_base_path }}/data"
|
||||
matrix_bot_draupnir_docker_src_files_path: "{{ matrix_bot_draupnir_base_path }}/docker-src"
|
||||
|
||||
matrix_bot_draupnir_config_web_enabled: "{{ matrix_bot_draupnir_config_web_abuseReporting or matrix_bot_draupnir_config_web_synapseHTTPAntispam_enabled }}" # noqa var-naming
|
||||
|
||||
matrix_bot_draupnir_config_web_abuseReporting: false # noqa var-naming
|
||||
matrix_bot_draupnir_config_web_enabled: "{{ matrix_bot_draupnir_config_web_abuseReporting }}" # noqa var-naming
|
||||
|
||||
matrix_bot_draupnir_config_web_port: 8080
|
||||
|
||||
# These variables are used for turning on the integration between the synapseHTTPAntispam module and Draupnir.
|
||||
# Authorisation is a shared secret between Draupnir and the module just like is used by Appservices and the homeserver
|
||||
# therefore the same creation mechanism is used here too.
|
||||
matrix_bot_draupnir_config_web_synapseHTTPAntispam_enabled: false # noqa var-naming
|
||||
matrix_bot_draupnir_config_web_synapseHTTPAntispam_authorization: '' # noqa var-naming
|
||||
|
||||
matrix_bot_draupnir_config_displayReports: "{{ matrix_bot_draupnir_config_web_abuseReporting }}" # noqa var-naming
|
||||
|
||||
matrix_bot_draupnir_container_network: ""
|
||||
@ -129,6 +139,27 @@ matrix_bot_draupnir_config_admin_enableMakeRoomAdminCommand: false # noqa var-n
|
||||
# This config option has diminished improvements for bots on extremely fast homeservers or very very small bots on fast homeservers.
|
||||
matrix_bot_draupnir_config_roomStateBackingStore_enabled: true # noqa var-naming
|
||||
|
||||
matrix_bot_draupnir_web_url: 'http://matrix-bot-draupnir'
|
||||
|
||||
# This controls the URL that the module targets in Draupnir.
|
||||
matrix_bot_draupnir_synapse_http_antispam_config_base_url: "{{ matrix_bot_draupnir_web_url }}:{{ matrix_bot_draupnir_config_web_port }}/api/1/spam_check"
|
||||
|
||||
# These variables control the configuration of the Synapse module as the configuration is highly consumer dependent.
|
||||
# Therefore the module is configured from Draupnir because the consumer of the module determines what settings are relevant.
|
||||
|
||||
matrix_bot_draupnir_synapse_http_antispam_config_enabled_callbacks:
|
||||
- check_event_for_spam: true
|
||||
- user_may_invite: true
|
||||
- user_may_join_room: true
|
||||
|
||||
matrix_bot_draupnir_synapse_http_antispam_config_fail_open:
|
||||
check_event_for_spam: true
|
||||
user_may_invite: true
|
||||
user_may_join_room: true
|
||||
|
||||
matrix_bot_draupnir_synapse_http_antispam_config_async:
|
||||
check_event_for_spam: true
|
||||
|
||||
# Default configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
|
||||
@ -12,7 +12,7 @@ traefik.enable=true
|
||||
traefik.docker.network={{ matrix_bot_draupnir_container_labels_traefik_docker_network }}
|
||||
{% endif %}
|
||||
|
||||
traefik.http.services.matrix-bot-draupnir.loadbalancer.server.port=8080
|
||||
traefik.http.services.matrix-bot-draupnir.loadbalancer.server.port={{ matrix_bot_draupnir_config_web_port }}
|
||||
|
||||
{% if matrix_bot_draupnir_config_web_abuseReporting %}
|
||||
############################################################
|
||||
|
||||
@ -266,7 +266,7 @@ web:
|
||||
enabled: true
|
||||
|
||||
# The port to expose the webserver on. Defaults to 8080.
|
||||
port: 8080
|
||||
port: {{ matrix_bot_draupnir_config_web_port | to_json }}
|
||||
|
||||
# The address to listen for requests on. Defaults to only the current
|
||||
# computer.
|
||||
@ -286,6 +286,18 @@ web:
|
||||
abuseReporting:
|
||||
# Whether to enable this feature.
|
||||
enabled: {{ matrix_bot_draupnir_config_web_abuseReporting | to_json }}
|
||||
# Whether to setup a endpoints for synapse-http-antispam
|
||||
# https://github.com/maunium/synapse-http-antispam
|
||||
# this is required for some features of Draupnir,
|
||||
# such as support for room takedown policies.
|
||||
#
|
||||
# Please FOLLOW the instructions here:
|
||||
# https://the-draupnir-project.github.io/draupnir-documentation/bot/synapse-http-antispam
|
||||
synapseHTTPAntispam:
|
||||
enabled: {{ matrix_bot_draupnir_config_web_synapseHTTPAntispam_enabled | to_json }}
|
||||
# This is a secret that you must place into your synapse module config
|
||||
# https://github.com/maunium/synapse-http-antispam?tab=readme-ov-file#configuration
|
||||
authorization: {{ matrix_bot_draupnir_config_web_synapseHTTPAntispam_authorization | to_json }}
|
||||
{% endif %}
|
||||
|
||||
# FIXME: This configuration option is currently broken in the playbook as admin APIs cannot
|
||||
|
||||
@ -25,7 +25,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
|
||||
--read-only \
|
||||
--network={{ matrix_bot_draupnir_container_network }} \
|
||||
{% if matrix_bot_draupnir_container_http_host_bind_port %}
|
||||
-p {{ matrix_bot_draupnir_container_http_host_bind_port }}:8080 \
|
||||
-p {{ matrix_bot_draupnir_container_http_host_bind_port }}:{{ matrix_bot_draupnir_config_web_port }} \
|
||||
{% endif %}
|
||||
--label-file={{ matrix_bot_draupnir_base_path }}/labels \
|
||||
--mount type=bind,src={{ matrix_bot_draupnir_config_path }},dst=/data/config,ro \
|
||||
|
||||
Reference in New Issue
Block a user