parent
4b1e9a4827
commit
68ed2ebefa
13
CHANGELOG.md
13
CHANGELOG.md
@ -1,3 +1,14 @@
|
|||||||
|
# 2019-09-09
|
||||||
|
|
||||||
|
## Synapse Simple Antispam support
|
||||||
|
|
||||||
|
There have been lots of invite-spam attacks lately and [Travis](https://github.com/t2bot) has created a Synapse module ([synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam)) to let people protect themselves.
|
||||||
|
|
||||||
|
From now on, you can easily install and configure this spam checker module through the playbook.
|
||||||
|
|
||||||
|
Learn more in [Setting up Synapse Simple Antispam](docs/configuring-playbook-synapse-simple-antispam.md).
|
||||||
|
|
||||||
|
|
||||||
# 2019-08-25
|
# 2019-08-25
|
||||||
|
|
||||||
## Extensible Riot-web configuration
|
## Extensible Riot-web configuration
|
||||||
@ -9,7 +20,7 @@ This should be enough for most customization needs.
|
|||||||
|
|
||||||
If you need even more power, you can now also take full control and override `matrix_riot_web_configuration_default` (or `matrix_riot_web_configuration`) directly.
|
If you need even more power, you can now also take full control and override `matrix_riot_web_configuration_default` (or `matrix_riot_web_configuration`) directly.
|
||||||
|
|
||||||
Learn more here in [Configuring Riot-web](docs/configuring-playbook-riot-web.md).
|
Learn more in [Configuring Riot-web](docs/configuring-playbook-riot-web.md).
|
||||||
|
|
||||||
|
|
||||||
# 2019-08-22
|
# 2019-08-22
|
||||||
|
16
docs/configuring-playbook-synapse-simple-antispam.md
Normal file
16
docs/configuring-playbook-synapse-simple-antispam.md
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
# Setting up Synapse Simple Antispam (optional, advanced)
|
||||||
|
|
||||||
|
The playbook can install and configure [synapse-simple-antispam](https://github.com/t2bot/synapse-simple-antispam) for you.
|
||||||
|
|
||||||
|
See that project's documentation to learn what it does and why it might be useful to you.
|
||||||
|
In short, it lets you fight invite-spam by automatically blocking invitiations from a list of servers specified by you (blacklisting).
|
||||||
|
|
||||||
|
If you decide that you'd like to let this playbook install it for you, you need some configuration like this:
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled: true
|
||||||
|
|
||||||
|
matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers:
|
||||||
|
- example.com
|
||||||
|
- another.com
|
||||||
|
```
|
@ -72,6 +72,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
|
|||||||
|
|
||||||
- [Setting up the LDAP password provider module](configuring-playbook-ldap-auth.md) (optional, advanced)
|
- [Setting up the LDAP password provider module](configuring-playbook-ldap-auth.md) (optional, advanced)
|
||||||
|
|
||||||
|
- [Setting up Synapse Simple Antispam](configuring-playbook-synapse-simple-antispam.md) (optional, advanced)
|
||||||
|
|
||||||
- [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (optional, advanced)
|
- [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (optional, advanced)
|
||||||
|
|
||||||
|
|
||||||
|
@ -263,6 +263,12 @@ matrix_synapse_ext_password_provider_ldap_bind_dn: ""
|
|||||||
matrix_synapse_ext_password_provider_ldap_bind_password: ""
|
matrix_synapse_ext_password_provider_ldap_bind_password: ""
|
||||||
matrix_synapse_ext_password_provider_ldap_filter: ""
|
matrix_synapse_ext_password_provider_ldap_filter: ""
|
||||||
|
|
||||||
|
# Enable this to activate the Synapse Antispam spam-checker module.
|
||||||
|
# See: https://github.com/t2bot/synapse-simple-antispam
|
||||||
|
matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled: false
|
||||||
|
matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_repository_url: "https://github.com/t2bot/synapse-simple-antispam"
|
||||||
|
matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_version: "f058d9ce2c7d4195ae461dcdd02df11a2d06a36b"
|
||||||
|
matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers: []
|
||||||
|
|
||||||
matrix_s3_media_store_enabled: false
|
matrix_s3_media_store_enabled: false
|
||||||
matrix_s3_media_store_custom_endpoint_enabled: false
|
matrix_s3_media_store_custom_endpoint_enabled: false
|
||||||
|
@ -5,3 +5,5 @@
|
|||||||
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup.yml"
|
- import_tasks: "{{ role_path }}/tasks/ext/shared-secret-auth/setup.yml"
|
||||||
|
|
||||||
- import_tasks: "{{ role_path }}/tasks/ext/ldap-auth/setup.yml"
|
- import_tasks: "{{ role_path }}/tasks/ext/ldap-auth/setup.yml"
|
||||||
|
|
||||||
|
- import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup.yml"
|
||||||
|
@ -0,0 +1,7 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup_install.yml"
|
||||||
|
when: matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled|bool
|
||||||
|
|
||||||
|
- import_tasks: "{{ role_path }}/tasks/ext/synapse-simple-antispam/setup_uninstall.yml"
|
||||||
|
when: "not matrix_synapse_ext_spam_checker_synapse_simple_antispam_enabled|bool"
|
@ -0,0 +1,41 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Fail if Synapse Simple Antispam blocked homeservers is not set
|
||||||
|
fail:
|
||||||
|
msg: "Synapse Simple Antispam is enabled, but no blocked homeservers have been set in matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers"
|
||||||
|
when: "matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers|length == 0"
|
||||||
|
|
||||||
|
- name: Ensure git installed (RedHat)
|
||||||
|
yum:
|
||||||
|
name:
|
||||||
|
- git
|
||||||
|
state: present
|
||||||
|
update_cache: no
|
||||||
|
when: "ansible_os_family == 'RedHat'"
|
||||||
|
|
||||||
|
- name: Ensure git installed (Debian)
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- openssl
|
||||||
|
state: present
|
||||||
|
update_cache: no
|
||||||
|
when: "ansible_os_family == 'Debian'"
|
||||||
|
|
||||||
|
- name: Clone synapse-simple-antispam git repository
|
||||||
|
git:
|
||||||
|
repo: "{{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_repository_url }}"
|
||||||
|
version: "{{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_git_version }}"
|
||||||
|
dest: "{{ matrix_synapse_ext_path }}/synapse-simple-antispam"
|
||||||
|
become: true
|
||||||
|
become_user: "{{ matrix_user_username }}"
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
matrix_synapse_spam_checker:
|
||||||
|
module: "synapse_simple_antispam.AntiSpamInvites"
|
||||||
|
config:
|
||||||
|
blocked_homeservers: "{{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers }}"
|
||||||
|
|
||||||
|
matrix_synapse_container_extra_arguments: >
|
||||||
|
{{ matrix_synapse_container_extra_arguments|default([]) }}
|
||||||
|
+
|
||||||
|
{{ ["--mount type=bind,src={{ matrix_synapse_ext_path }}/synapse-simple-antispam/synapse_simple_antispam,dst={{ matrix_synapse_in_container_python_packages_path }}/synapse_simple_antispam,ro"] }}
|
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Ensure synapse-simple-antispam doesn't exist
|
||||||
|
file:
|
||||||
|
path: "{{ matrix_synapse_ext_path }}/synapse-simple-antispam"
|
||||||
|
state: absent
|
Loading…
Reference in New Issue
Block a user