one var to control encryption across all bridges (#2629)
* one var to control encryption across all bridges * move var to matrix-base
This commit is contained in:
parent
6132c444da
commit
7399496d33
@ -33,6 +33,13 @@ matrix_mautrix_SERVICENAME_configuration_extension_yaml: |
|
||||
```
|
||||
|
||||
Encryption support is off by default. If you would like to enable encryption, add the following to your `vars.yml` file:
|
||||
|
||||
**for all bridges with encryption support**:
|
||||
```yaml
|
||||
matrix_bridges_encryption_enabled: true
|
||||
```
|
||||
|
||||
**Alternatively**, for a specific bridge:
|
||||
```yaml
|
||||
matrix_mautrix_SERVICENAME_configuration_extension_yaml: |
|
||||
bridge:
|
||||
|
@ -13,6 +13,9 @@ matrix_domain: ~
|
||||
# Example value: "@someone:{{ matrix_domain }}"
|
||||
matrix_admin: ''
|
||||
|
||||
# Global var to enable/disable encryption across all bridges with encryption support
|
||||
matrix_bridges_encryption_enabled: false
|
||||
|
||||
# matrix_homeserver_enabled controls whether to enable the homeserver systemd service, etc.
|
||||
#
|
||||
# Unless you're wrapping this playbook in another one
|
||||
|
@ -120,7 +120,7 @@ matrix_appservice_kakaotalk_appservice_bot_username: kakaotalkbot
|
||||
matrix_appservice_kakaotalk_user_prefix: 'kakaotalk_'
|
||||
|
||||
# End-to-bridge encryption configuration
|
||||
matrix_appservice_kakaotalk_bridge_encryption_allow: false
|
||||
matrix_appservice_kakaotalk_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_appservice_kakaotalk_bridge_encryption_default: "{{ matrix_appservice_kakaotalk_bridge_encryption_allow }}"
|
||||
|
||||
# Specifies the default log level for all bridge loggers.
|
||||
|
@ -83,6 +83,11 @@ matrix_beeper_linkedin_login_shared_secret: ''
|
||||
# Specifies the default log level for all bridge loggers.
|
||||
matrix_beeper_linkedin_logging_level: WARNING
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_beeper_linkedin_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_beeper_linkedin_bridge_encryption_default: "{{ matrix_beeper_linkedin_bridge_encryption_allow }}"
|
||||
matrix_beeper_linkedin_bridge_encryption_key_sharing_allow: "{{ matrix_beeper_linkedin_bridge_encryption_allow }}"
|
||||
|
||||
# Default beeper-linkedin configuration template which covers the generic use case.
|
||||
# You can customize it by controlling the various variables inside it.
|
||||
#
|
||||
|
@ -156,15 +156,15 @@ bridge:
|
||||
# application service.
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: false
|
||||
allow: {{ matrix_beeper_linkedin_bridge_encryption_allow|to_json }}
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: false
|
||||
default: {{ matrix_beeper_linkedin_bridge_encryption_default|to_json }}
|
||||
# Options for automatic key sharing.
|
||||
key_sharing:
|
||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
||||
# You must use a client that supports requesting keys from other users to use this feature.
|
||||
allow: false
|
||||
allow: {{ matrix_beeper_linkedin_bridge_encryption_key_sharing_allow|to_json }}
|
||||
# Require the requesting device to have a valid cross-signing signature?
|
||||
# This doesn't require that the bridge has verified the device, only that the user has verified it.
|
||||
# Not yet implemented.
|
||||
|
@ -86,7 +86,7 @@ matrix_go_skype_bridge_bridge_double_puppet_server_map:
|
||||
"{{ matrix_go_skype_bridge_homeserver_domain : matrix_go_skype_bridge_homeserver_address }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_go_skype_bridge_bridge_encryption_allow: false
|
||||
matrix_go_skype_bridge_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_go_skype_bridge_bridge_encryption_default: "{{ matrix_go_skype_bridge_bridge_encryption_allow }}"
|
||||
|
||||
# Minimum severity of journal log messages.
|
||||
|
@ -137,7 +137,7 @@ matrix_mautrix_discord_registration_yaml: |
|
||||
matrix_mautrix_discord_registration: "{{ matrix_mautrix_discord_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_discord_bridge_encryption_allow: false
|
||||
matrix_mautrix_discord_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_discord_bridge_encryption_default: "{{ matrix_mautrix_discord_bridge_encryption_allow }}"
|
||||
matrix_mautrix_discord_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_discord_bridge_encryption_allow }}"
|
||||
|
||||
|
@ -149,3 +149,8 @@ matrix_mautrix_facebook_registration_yaml: |
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
|
||||
matrix_mautrix_facebook_registration: "{{ matrix_mautrix_facebook_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_facebook_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_facebook_bridge_encryption_default: "{{ matrix_mautrix_facebook_bridge_encryption_allow }}"
|
||||
matrix_mautrix_facebook_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_facebook_bridge_encryption_allow }}"
|
||||
|
@ -126,15 +126,15 @@ bridge:
|
||||
# application service.
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: false
|
||||
allow: {{ matrix_mautrix_facebook_bridge_encryption_allow|to_json }}
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: false
|
||||
default: {{ matrix_mautrix_facebook_bridge_encryption_default|to_json }}
|
||||
# Options for automatic key sharing.
|
||||
key_sharing:
|
||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
||||
# You must use a client that supports requesting keys from other users to use this feature.
|
||||
allow: false
|
||||
allow_key_sharing: {{ matrix_mautrix_facebook_bridge_encryption_key_sharing_allow|to_json }}
|
||||
# Require the requesting device to have a valid cross-signing signature?
|
||||
# This doesn't require that the bridge has verified the device, only that the user has verified it.
|
||||
# Not yet implemented.
|
||||
|
@ -129,3 +129,7 @@ matrix_mautrix_googlechat_registration_yaml: |
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
|
||||
matrix_mautrix_googlechat_registration: "{{ matrix_mautrix_googlechat_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_googlechat_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_googlechat_bridge_encryption_default: "{{ matrix_mautrix_googlechat_bridge_encryption_allow }}"
|
||||
|
@ -88,10 +88,10 @@ bridge:
|
||||
# application service.
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: false
|
||||
allow: {{ matrix_mautrix_googlechat_bridge_encryption_allow|to_json }}
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: false
|
||||
default: {{ matrix_mautrix_googlechat_bridge_encryption_default|to_json }}
|
||||
|
||||
# Whether or not created rooms should have federation enabled.
|
||||
# If false, created portal rooms will never be federated.
|
||||
|
@ -126,3 +126,7 @@ matrix_mautrix_hangouts_registration_yaml: |
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
|
||||
matrix_mautrix_hangouts_registration: "{{ matrix_mautrix_hangouts_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_hangouts_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_hangouts_bridge_encryption_default: "{{ matrix_mautrix_hangouts_bridge_encryption_allow }}"
|
||||
|
@ -88,10 +88,10 @@ bridge:
|
||||
# application service.
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: false
|
||||
allow: {{ matrix_mautrix_hangouts_bridge_encryption_allow|to_json }}
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: false
|
||||
default: {{ matrix_mautrix_hangouts_bridge_encryption_default|to_json }}
|
||||
|
||||
# Public website and API configs
|
||||
web:
|
||||
|
@ -129,3 +129,8 @@ matrix_mautrix_instagram_registration_yaml: |
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
|
||||
matrix_mautrix_instagram_registration: "{{ matrix_mautrix_instagram_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_instagram_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_instagram_bridge_encryption_default: "{{ matrix_mautrix_instagram_bridge_encryption_allow }}"
|
||||
matrix_mautrix_instagram_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_instagram_bridge_encryption_allow }}"
|
||||
|
@ -143,15 +143,15 @@ bridge:
|
||||
# application service.
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: false
|
||||
allow: {{ matrix_mautrix_discord_bridge_encryption_allow|to_json }}
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: false
|
||||
default: {{ matrix_mautrix_discord_bridge_encryption_default|to_json }}
|
||||
# Options for automatic key sharing.
|
||||
key_sharing:
|
||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
||||
# You must use a client that supports requesting keys from other users to use this feature.
|
||||
allow: false
|
||||
allow: {{ matrix_mautrix_discord_bridge_encryption_key_sharing_allow|to_json }}
|
||||
# Require the requesting device to have a valid cross-signing signature?
|
||||
# This doesn't require that the bridge has verified the device, only that the user has verified it.
|
||||
# Not yet implemented.
|
||||
|
@ -152,7 +152,7 @@ matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml
|
||||
|
||||
matrix_mautrix_signal_log_level: 'DEBUG'
|
||||
|
||||
matrix_mautrix_signal_bridge_encryption_allow: false
|
||||
matrix_mautrix_signal_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
||||
matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}"
|
||||
|
||||
|
@ -133,6 +133,6 @@ matrix_mautrix_slack_registration_yaml: |
|
||||
matrix_mautrix_slack_registration: "{{ matrix_mautrix_slack_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_slack_bridge_encryption_allow: false
|
||||
matrix_mautrix_slack_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_slack_bridge_encryption_default: "{{ matrix_mautrix_slack_bridge_encryption_allow }}"
|
||||
matrix_mautrix_slack_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_slack_bridge_encryption_allow }}"
|
||||
|
@ -163,6 +163,6 @@ matrix_mautrix_telegram_alias_template: 'telegram_{groupname}'
|
||||
matrix_mautrix_telegram_displayname_template: '{displayname} (Telegram)'
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_telegram_bridge_encryption_allow: false
|
||||
matrix_mautrix_telegram_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_telegram_bridge_encryption_default: "{{ matrix_mautrix_telegram_bridge_encryption_allow }}"
|
||||
matrix_mautrix_telegram_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_telegram_bridge_encryption_allow }}"
|
||||
|
@ -127,3 +127,8 @@ matrix_mautrix_twitter_registration_yaml: |
|
||||
de.sorunome.msc2409.push_ephemeral: true
|
||||
|
||||
matrix_mautrix_twitter_registration: "{{ matrix_mautrix_twitter_registration_yaml | from_yaml }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_twitter_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_twitter_bridge_encryption_default: "{{ matrix_mautrix_twitter_bridge_encryption_allow }}"
|
||||
matrix_mautrix_twitter_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_twitter_bridge_encryption_allow }}"
|
||||
|
@ -126,15 +126,15 @@ bridge:
|
||||
# this to work. See https://github.com/tulir/mautrix-telegram/wiki/End‐to‐bridge-encryption
|
||||
encryption:
|
||||
# Allow encryption, work in group chat rooms with e2ee enabled
|
||||
allow: false
|
||||
allow: {{ matrix_mautrix_twitter_bridge_encryption_allow|to_json }}
|
||||
# Default to encryption, force-enable encryption in all portals the bridge creates
|
||||
# This will cause the bridge bot to be in private chats for the encryption to work properly.
|
||||
default: false
|
||||
default: {{ matrix_mautrix_twitter_bridge_encryption_default|to_json }}
|
||||
# Options for automatic key sharing.
|
||||
key_sharing:
|
||||
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
|
||||
# You must use a client that supports requesting keys from other users to use this feature.
|
||||
allow: false
|
||||
allow: {{ matrix_mautrix_twitter_bridge_encryption_key_sharing_allow|to_json }}
|
||||
# Require the requesting device to have a valid cross-signing signature?
|
||||
# This doesn't require that the bridge has verified the device, only that the user has verified it.
|
||||
# Not yet implemented.
|
||||
|
@ -97,7 +97,7 @@ matrix_mautrix_whatsapp_bridge_login_shared_secret_map:
|
||||
"{{ {matrix_mautrix_whatsapp_homeserver_domain: matrix_mautrix_whatsapp_login_shared_secret} if matrix_mautrix_whatsapp_login_shared_secret else {} }}"
|
||||
|
||||
# Enable End-to-bridge encryption
|
||||
matrix_mautrix_whatsapp_bridge_encryption_allow: false
|
||||
matrix_mautrix_whatsapp_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||
matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}"
|
||||
matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}"
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user