From 835c34927589e40fbbf268ee0c57a35d8ad0d192 Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Sun, 3 Mar 2019 18:22:52 +0100 Subject: [PATCH 1/9] Add matrix-appservice-discord bridge Bridge is setup to work on the matrix side with this, but the discord invite link is not automatically generated. --- README.md | 4 + ...ring-playbook-bridge-appservice-discord.md | 5 + docs/configuring-playbook.md | 2 + group_vars/matrix-servers | 12 + matrix-servers | 352 ++++++++++++++++++ roles/matrix-synapse/defaults/main.yml | 126 ++++++- .../tasks/ext/appservice-discord/init.yml | 3 + .../tasks/ext/appservice-discord/setup.yml | 65 ++++ roles/matrix-synapse/tasks/ext/init.yml | 2 + roles/matrix-synapse/tasks/ext/setup.yml | 2 + .../matrix-appservice-discord.service.j2 | 29 ++ 11 files changed, 601 insertions(+), 1 deletion(-) create mode 100644 docs/configuring-playbook-bridge-appservice-discord.md create mode 100644 matrix-servers create mode 100644 roles/matrix-synapse/tasks/ext/appservice-discord/init.yml create mode 100644 roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml create mode 100644 roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 diff --git a/README.md b/README.md index 6e9885ce4..67c1373ec 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,8 @@ Using this playbook, you can get the following services configured on your serve - (optional) the [matrix-appservice-irc](https://github.com/TeDomum/matrix-appservice-irc) bridge for bridging your Matrix server to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) +- (optional) the [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) bridge for bridging your Matrix server to [Discord](https://discordapp.com/) + Basically, this playbook aims to get you up-and-running with all the basic necessities around Matrix, without you having to do anything else. **Note**: the list above is exhaustive. It includes optional or even some advanced components that you will most likely not need. @@ -114,6 +116,8 @@ This playbook sets up your server using the following Docker images: - [tedomum/matrix-appservice-irc](https://hub.docker.com/r/tedomum/matrix-appservice-irc/) - the [matrix-appservice-irc](https://github.com/TeDomum/matrix-appservice-irc) bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) (optional) +- [tedomum/matrix-appservice-discord](https://hub.docker.com/r/halfshot/matrix-appservice-discord) - the [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) bridge to [Discord](https://discordapp.com/) + ## Deficiencies diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md new file mode 100644 index 000000000..2a7ad0281 --- /dev/null +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -0,0 +1,5 @@ +# Setting up Appservice Discord (optional) + +The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. + +See the project's [documentation](https://github.com/Half-Shot/matrix-appservice-discord/blob/master/README.md) to learn what it does and why it might be useful to you. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 9a61c153b..6285d4d17 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -52,3 +52,5 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Mautrix Whatsapp bridging](configuring-playbook-bridge-mautrix-whatsapp.md) (optional) - [Setting up Appservice IRC bridging](configuring-playbook-bridge-appservice-irc.md) (optional) + +- [Setting up Appservice Discord bridging](configuring-playbook-bridge-appservice-discord.md) (optional) diff --git a/group_vars/matrix-servers b/group_vars/matrix-servers index 49183e373..8c98d6112 100644 --- a/group_vars/matrix-servers +++ b/group_vars/matrix-servers @@ -20,6 +20,18 @@ # matrix-appservice-irc's client-server port to the local host (`127.0.0.1:9999`). matrix_appservice_irc_container_expose_client_server_api_port: "{{ not matrix_nginx_proxy_enabled }}" + +###################################################################### +# +# matrix-appservice-discord +# +###################################################################### + +# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-discord over the container network. +# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose +# matrix-appservice-discord's client-server port to the local host (`127.0.0.1:9005`). +matrix_appservice_discord_container_expose_client_server_api_port: "{{ not matrix_nginx_proxy_enabled }}" + ###################################################################### # # matrix-base diff --git a/matrix-servers b/matrix-servers new file mode 100644 index 000000000..e3337bf2b --- /dev/null +++ b/matrix-servers @@ -0,0 +1,352 @@ +--- + +# This variables file wires together the various components (roles) used by the playbook. +# +# Roles used by playbook are pretty minimal and kept independent of one another as much as possible. +# To deliver a turnkey fully-featured Matrix server, this playbook needs +# to connect them all together. It does so by overriding role variables. +# +# You can also override ANY variable (seen here or in any given role), +# by re-defining it in your own configuration file (`inventory/host_vars/matrix.`). + +###################################################################### +# +# matrix-appservice-irc +# +###################################################################### + +# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-irc over the container network. +# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose +# matrix-appservice-irc's client-server port to the local host (`127.0.0.1:9999`). +matrix_appservice_irc_container_expose_client_server_api_port: "{{ not matrix_nginx_proxy_enabled }}" + +###################################################################### +# +# matrix-appservice-discord +# +###################################################################### + +# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-discord over the container network. +# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose +# matrix-appservice-discord's client-server port to the local host (`127.0.0.1:9005`). +matrix_appservice_discord_container_expose_client_server_api_port: "{{ not matrix_nginx_proxy_enabled }}" + + +###################################################################### +# +# matrix-base +# +###################################################################### + +matrix_identity_server_url: "{{ 'https://' + matrix_synapse_trusted_third_party_id_servers[0] if matrix_synapse_trusted_third_party_id_servers|length > 0 else None }}" + + +###################################################################### +# +# /matrix-base +# +###################################################################### + + + +###################################################################### +# +# matrix-corporal +# +###################################################################### + +matrix_corporal_enabled: false + +# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-corporal over the container network. +# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose +# matrix-corporal's web-server ports to the local host (`127.0.0.1:41080` and `127.0.0.1:41081`). +matrix_corporal_container_expose_ports: "{{ not matrix_nginx_proxy_enabled }}" + +matrix_corporal_systemd_required_services_list: | + {{ + (['docker.service']) + + + (['matrix-synapse.service']) + }} + +matrix_corporal_matrix_homeserver_api_endpoint: "http://matrix-synapse:8008" + +matrix_corporal_matrix_auth_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}" + +matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registration_shared_secret }}" + +###################################################################### +# +# /matrix-corporal +# +###################################################################### + + + +###################################################################### +# +# matrix-coturn +# +###################################################################### + +matrix_coturn_enabled: true + +###################################################################### +# +# /matrix-coturn +# +###################################################################### + + + +###################################################################### +# +# matrix-mailer +# +###################################################################### + +# By default, this playbook sets up a postfix mailer server (running in a container). +# This is so that Synapse can send email reminders for unread messages. +# Other services (like mxisd), also use the mailer. +matrix_mailer_enabled: true + +###################################################################### +# +# /matrix-mailer +# +###################################################################### + + + +###################################################################### +# +# matrix-mxisd +# +###################################################################### + +# By default, this playbook installs the mxisd identity server on the same domain as Synapse (`matrix_server_fqn_matrix`). +# If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this. +matrix_mxisd_enabled: true + +# Normally, matrix-nginx-proxy is enabled and nginx can reach mxisd over the container network. +# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose +# mxisd's web-server port to the local host (`127.0.0.1:8090`). +matrix_mxisd_container_expose_port: "{{ not matrix_nginx_proxy_enabled }}" + +# We enable Synapse integration via its Postgres database by default. +# When using another Identity store, you might wish to disable this and define +# your own configuration in `matrix_mxisd_configuration_extension_yaml`. +matrix_mxisd_synapsesql_enabled: true +matrix_mxisd_synapsesql_type: postgresql +matrix_mxisd_synapsesql_connection: //{{ matrix_synapse_database_host }}/{{ matrix_synapse_database_database }}?user={{ matrix_synapse_database_user }}&password={{ matrix_synapse_database_password }} + +matrix_mxisd_dns_overwrite_enabled: true +matrix_mxisd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix }}" +matrix_mxisd_dns_overwrite_homeserver_client_value: "http://{{ 'matrix-corporal:41080' if matrix_corporal_enabled else 'matrix-synapse:8008' }}" + +# By default, we send mail through the `matrix-mailer` service. +matrix_mxisd_threepid_medium_email_identity_from: "{{ matrix_mailer_sender_address }}" +matrix_mxisd_threepid_medium_email_connectors_smtp_host: "matrix-mailer" +matrix_mxisd_threepid_medium_email_connectors_smtp_port: 8025 +matrix_mxisd_threepid_medium_email_connectors_smtp_tls: 0 + +matrix_mxisd_systemd_wanted_services_list: | + {{ + (['matrix-corporal.service'] if matrix_corporal_enabled else ['matrix-synapse.service']) + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + + (['matrix-mailer.service'] if matrix_mailer_enabled else []) + }} + +###################################################################### +# +# /matrix-mxisd +# +###################################################################### + + + +###################################################################### +# +# matrix-nginx-proxy +# +###################################################################### + +# By default, this playbook sets up a reverse-proxy nginx proxy server on TCP ports 80, 443 and 8448. +# This is fine if you're dedicating the whole server to Matrix. +# If that's not the case, you may wish to disable this and take care of proxying yourself. +matrix_nginx_proxy_enabled: true + +matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container: "{{ 'matrix-corporal:41080' if matrix_corporal_enabled else 'matrix-synapse:8008' }}" +matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container: "{{ '127.0.0.1:41080' if matrix_corporal_enabled else '127.0.0.1:8008' }}" +matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: "{{ matrix_synapse_max_upload_size_mb }}" + +matrix_nginx_proxy_proxy_matrix_enabled: true +matrix_nginx_proxy_proxy_riot_enabled: "{{ matrix_riot_web_enabled }}" + +matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}" +matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081" +matrix_nginx_proxy_proxy_matrix_corporal_api_addr_sans_container: "127.0.0.1:41081" + +matrix_nginx_proxy_proxy_matrix_identity_api_enabled: "{{ matrix_mxisd_enabled }}" +matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container: "matrix-mxisd:8090" +matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container: "127.0.0.1:8090" + +# By default, we do TLS termination for the Matrix Federation API (port 8448) at matrix-nginx-proxy. +matrix_nginx_proxy_proxy_matrix_federation_api_enabled: true +matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container: "matrix-synapse:8048" +matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:8048" + +matrix_nginx_proxy_proxy_synapse_metrics: "{{ matrix_synapse_metrics_enabled }}" +matrix_nginx_proxy_proxy_synapse_metrics_addr_with_container: "matrix-synapse:{{ matrix_synapse_metrics_port }}" +matrix_nginx_proxy_proxy_synapse_metrics_addr_sans_container: "127.0.0.1:{{ matrix_synapse_metrics_port }}" + +matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: "{{ matrix_mxisd_enabled }}" +matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}" +matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}" + +matrix_nginx_proxy_systemd_wanted_services_list: | + {{ + (['matrix-synapse.service']) + + + (['matrix-corporal.service'] if matrix_corporal_enabled else []) + + + (['matrix-mxisd.service'] if matrix_mxisd_enabled else []) + + + (['matrix-riot-web.service'] if matrix_riot_web_enabled else []) + }} + +matrix_ssl_domains_to_obtain_certificates_for: | + {{ + ([matrix_server_fqn_matrix]) + + + ([matrix_server_fqn_riot] if matrix_riot_web_enabled else []) + }} + +###################################################################### +# +# /matrix-nginx-proxy +# +###################################################################### + + + +###################################################################### +# +# matrix-postgres +# +###################################################################### + +matrix_postgres_enabled: true + +matrix_postgres_connection_hostname: "matrix-postgres" +matrix_postgres_connection_username: "synapse" +matrix_postgres_connection_password: "synapse-password" +matrix_postgres_db_name: "homeserver" + +###################################################################### +# +# /matrix-postgres +# +###################################################################### + + + +###################################################################### +# +# matrix-riot-web +# +###################################################################### + +# By default, this playbook installs the Riot.IM web UI on the `matrix_server_fqn_riot` domain. +# If you wish to connect to your Matrix server by other means, you may wish to disable this. +matrix_riot_web_enabled: true + +# Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network. +# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose +# the riot-web HTTP port to the local host (`127.0.0.1:80`). +matrix_riot_web_container_expose_port: "{{ not matrix_nginx_proxy_enabled }}" + +matrix_riot_web_default_hs_url: "{{ matrix_homeserver_url }}" +matrix_riot_web_default_is_url: "{{ matrix_identity_server_url }}" + +###################################################################### +# +# /matrix-riot-web +# +###################################################################### + + + +###################################################################### +# +# matrix-synapse +# +###################################################################### + +# When mxisd is enabled, we can use it instead of the default public Identity servers. +matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_mxisd_enabled else matrix_synapse_id_servers_public }}" + +# Normally, matrix-nginx-proxy is enabled and nginx can reach Synapse over the container network. +# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose its ports +# to the local host. +# +# For exposing the Matrix Client API's port (plain HTTP) to the local host (`127.0.0.1:8008`). +matrix_synapse_container_expose_client_api_port: "{{ not matrix_nginx_proxy_enabled }}" +# For exposing the Matrix Federation API's port (plain HTTP) to the local host (`127.0.0.1:8048`). +matrix_synapse_container_expose_federation_api_port: "{{ not matrix_nginx_proxy_enabled }}" + +matrix_synapse_container_expose_metrics_port: "{{ not matrix_nginx_proxy_enabled }}" + +matrix_synapse_database_host: "{{ matrix_postgres_connection_hostname }}" +matrix_synapse_database_user: "{{ matrix_postgres_connection_username }}" +matrix_synapse_database_password: "{{ matrix_postgres_connection_password }}" +matrix_synapse_database_database: "{{ matrix_postgres_db_name }}" + +# We do not enable TLS in Synapse by default. +# TLS is handled by the matrix-nginx-proxy, which proxies the requests to Synapse. +matrix_synapse_tls_federation_listener_enabled: false +matrix_synapse_tls_certificate_path: ~ +matrix_synapse_tls_private_key_path: ~ + +matrix_synapse_email_enabled: "{{ matrix_mailer_enabled }}" +matrix_synapse_email_smtp_host: "matrix-mailer" +matrix_synapse_email_smtp_port: 8025 +matrix_synapse_email_smtp_require_transport_security: false +matrix_synapse_email_notif_from: "Matrix <{{ matrix_mailer_sender_address }}>" +matrix_synapse_email_riot_base_url: "https://{{ matrix_server_fqn_riot }}" + +matrix_synapse_turn_uris: | + {{ + [ + 'turn:' + matrix_server_fqn_matrix + ':3478?transport=udp', + 'turn:' + matrix_server_fqn_matrix + ':3478?transport=tcp', + ] + if matrix_coturn_enabled + else [] + }} + +matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}" + +matrix_synapse_systemd_required_services_list: | + {{ + (['docker.service']) + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + + (['matrix-goofys'] if matrix_s3_media_store_enabled else []) + }} + +matrix_synapse_systemd_wanted_services_list: | + {{ + (['matrix-coturn.service'] if matrix_coturn_enabled else []) + + + (['matrix-mailer.service'] if matrix_mailer_enabled else []) + }} + +###################################################################### +# +# /matrix-synapse +# +###################################################################### diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index cbabaa6db..1ef52de3b 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -1,4 +1,4 @@ -matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.2-py3" +matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.1.1-py3" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" @@ -18,6 +18,9 @@ matrix_synapse_container_expose_federation_api_port: false # Controls whether the Appservice IRC container exposes the Client/Server API port (tcp/9999). matrix_appservice_irc_container_expose_client_server_api_port: false +# Controls whether the Appservice Discord container exposes the Client/Server API port (tcp/9005). +matrix_appservice_discord_container_expose_client_server_api_port: false + # Controls whether the matrix-synapse container exposes the metrics port (tcp/9100). matrix_synapse_container_expose_metrics_port: false @@ -641,3 +644,124 @@ matrix_appservice_irc_configuration_extension_yaml: | matrix_appservice_irc_configuration_extension: "{{ matrix_appservice_irc_configuration_extension_yaml|from_yaml if matrix_appservice_irc_configuration_extension_yaml|from_yaml else {} }}" matrix_appservice_irc_configuration: "{{ matrix_appservice_irc_configuration_yaml|from_yaml|combine(matrix_appservice_irc_configuration_extension, recursive=True) }}" + + +# Matrix Appservice Discord is a Matrix <-> Discord bridge +# Enable Discord bridge +matrix_appservice_discord_enabled: false + +matrix_appservice_discord_docker_image: "halfshot/matrix-appservice-discord:latest" + +matrix_appservice_discord_base_path: "{{ matrix_base_data_path }}/appservice-discord" + +matrix_appservice_discord_client_ID: "YOUR DISCORD APP CLIENT ID" +matrix_appservice_discord_bot_token: "YOUR DISCORD APP BOT TOKEN" + +matrix_appservice_discord_configuration_yaml: | + bridge: + domain: "{{ matrix_domain }}" + homeserverUrl: "{{ matrix_homeserver_url }}" + auth: + clientID: "{{matrix_appservice_discord_client_ID}}" + botToken: "{{matrix_appservice_discord_bot_token}}" + database: + filename: "/data/discord.db" + userStorePath: "/data/user-store.db" + roomStorePath: "/data/room-store.db" + +matrix_appservice_discord_configuration_extension_yaml: | + # This is a sample of the config file showing all avaliable options. + # Where possible we have documented what they do, and all values are the + # default values. + # + #bridge: + # # Domain part of the bridge, e.g. matrix.org + # domain: "localhost" + # # This should be your publically facing URL because Discord may use it to + # # fetch media from the media store. + # homeserverUrl: "http://localhost:8008" + # # Interval at which to process users in the 'presence queue'. If you have + # # 5 users, one user will be processed every 500 milliseconds according to the + # # value below. This has a minimum value of 250. + # # WARNING: This has a high chance of spamming the homeserver with presence + # # updates since it will send one each time somebody changes state or is online. + # presenceInterval: 500 + # # Disable setting presence for 'ghost users' which means Discord users on Matrix + # # will not be shown as away or online. + # disablePresence: false + # # Disable sending typing notifications when somebody on Discord types. + # disableTypingNotifications: false + # # Disable deleting messages on Discord if a message is redacted on Matrix. + # disableDeletionForwarding: false + # # Enable users to bridge rooms using !discord commands. See + # # https://t2bot.io/discord for instructions. + # enableSelfServiceBridging: false + # # Disable sending of read receipts for Matrix events which have been + # # successfully bridged to Discord. + # disableReadReceipts: false + # Authentication configuration for the discord bot. + #auth: + # clientID: "12345" + # botToken: "foobar" + #logging: + # # What level should the logger output to the console at. + # console: "warn" #silly, verbose, info, http, warn, error, silent + # lineDateFormat: "MMM-D HH:mm:ss.SSS" # This is in moment.js format + # files: + # - file: "debug.log" + # disable: + # - "PresenceHandler" # Will not capture presence logging + # - file: "warn.log" # Will capture warnings + # level: "warn" + # - file: "botlogs.log" # Will capture logs from DiscordBot + # level: "info" + # enable: + # - "DiscordBot" + #database: + # userStorePath: "user-store.db" + # roomStorePath: "room-store.db" + # # You may either use SQLite or Postgresql for the bridge database, which contains + # # important mappings for events and user puppeting configurations. + # # Use the filename option for SQLite, or connString for Postgresql. + # # If you are migrating, see https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#migrate-to-postgres-from-sqlite + # # WARNING: You will almost certainly be fine with sqlite unless your bridge + # # is in heavy demand and you suffer from IO slowness. + # filename: "discord.db" + # # connString: "postgresql://user:password@localhost/database_name" + #room: + # # Set the default visibility of alias rooms, defaults to "public". + # # One of: "public", "private" + # defaultVisibility: "public" + #channel: + # # Pattern of the name given to bridged rooms. + # # Can use :guild for the guild name and :name for the channel name. + # namePattern: "[Discord] :guild :name" + # # Changes made to rooms when a channel is deleted. + # deleteOptions: + # # Prefix the room name with a string. + # #namePrefix: "[Deleted]" + # # Prefix the room topic with a string. + # #topicPrefix: "This room has been deleted" + # # Disable people from talking in the room by raising the event PL to 50 + # disableMessaging: false + # # Remove the discord alias from the room. + # unsetRoomAlias: true + # # Remove the room from the directory. + # unlistFromDirectory: true + # # Set the room to be unavaliable for joining without an invite. + # setInviteOnly: true + # # Make all the discord users leave the room. + # ghostsLeave: true + #limits: + # # Delay in milliseconds between discord users joining a room. + # roomGhostJoinDelay: 6000 + # # Delay in milliseconds before sending messages to discord to avoid echos. + # # (Copies of a sent message may arrive from discord before we've + # # fininished handling it, causing us to echo it back to the room) + # discordSendDelay: 750 + +matrix_appservice_discord_configuration_extension: "{{ matrix_appservice_irc_configuration_extension_yaml|from_yaml if matrix_appservice_irc_configuration_extension_yaml|from_yaml else {} }}" + +matrix_appservice_discord_configuration: "{{ matrix_appservice_discord_configuration_yaml|from_yaml|combine(matrix_appservice_discord_configuration_extension, recursive=True) }}" + + diff --git a/roles/matrix-synapse/tasks/ext/appservice-discord/init.yml b/roles/matrix-synapse/tasks/ext/appservice-discord/init.yml new file mode 100644 index 000000000..ee6fe1ffa --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/appservice-discord/init.yml @@ -0,0 +1,3 @@ +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord'] }}" + when: matrix_appservice_discord_enabled diff --git a/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml b/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml new file mode 100644 index 000000000..7d0ba3591 --- /dev/null +++ b/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml @@ -0,0 +1,65 @@ +--- +- name: Ensure Appservice Discord image is pulled + docker_image: + name: "{{ matrix_appservice_discord_docker_image }}" + when: "matrix_appservice_discord_enabled" + +- name: Ensure Appservice Discord configuration path exists + file: + path: "{{ matrix_appservice_discord_base_path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + when: "matrix_appservice_discord_enabled" + +- name: Ensure Matrix Appservice Discord config installed + copy: + content: "{{ matrix_appservice_discord_configuration|to_nice_yaml }}" + dest: "{{ matrix_appservice_discord_base_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + when: "matrix_appservice_discord_enabled" + +- name: Ensure matrix-appservice-discord.service installed + template: + src: "{{ role_path }}/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2" + dest: "/etc/systemd/system/matrix-appservice-discord.service" + mode: 0644 + when: "matrix_appservice_discord_enabled" + +- stat: + path: "{{ matrix_appservice_discord_base_path }}/discord-registration.yaml" + register: appservice_discord_registration_file + +- name: Generate matrix-appservice-discord discord-registration.yaml if it doesn't exist + shell: /usr/bin/docker run --rm --name matrix-appservice-discord-gen -v {{ matrix_appservice_discord_base_path }}:/data:z {{ matrix_appservice_discord_docker_image }} node build/src/discordas.js -r -u "http://matrix-appservice-discord:9005" -c /data/config.yaml -f /data/discord-registration.yaml -l discord_bot + when: "matrix_appservice_discord_enabled and appservice_discord_registration_file.stat.exists == False" + +- set_fact: + matrix_synapse_app_service_config_file_appservice_discord: '{{ matrix_appservice_discord_base_path }}/discord-registration.yml' + +- set_fact: + matrix_synapse_container_additional_volumes: > + {{ matrix_synapse_container_additional_volumes }} + + + {{ [{'src': '{{ matrix_appservice_discord_base_path }}/discord-registration.yaml', 'dst': '{{ matrix_synapse_app_service_config_file_appservice_discord }}', 'options': 'ro'}] }} + when: "matrix_appservice_discord_enabled" + +- set_fact: + matrix_synapse_app_service_config_files: > + {{ matrix_synapse_app_service_config_files }} + + + {{ ["{{ matrix_synapse_app_service_config_file_appservice_discord }}"] | to_nice_json }} + when: "matrix_appservice_discord_enabled" + +# +# Tasks related to getting rid of matrix-appservice-discord (if it was previously enabled) +# + +- name: Ensure matrix-appservice-discord.service doesn't exist + file: + path: "/etc/systemd/system/matrix-appservice-discord.service" + state: absent + when: "not matrix_appservice_discord_enabled" diff --git a/roles/matrix-synapse/tasks/ext/init.yml b/roles/matrix-synapse/tasks/ext/init.yml index 6023116fc..aa19ef6e3 100644 --- a/roles/matrix-synapse/tasks/ext/init.yml +++ b/roles/matrix-synapse/tasks/ext/init.yml @@ -5,3 +5,5 @@ - import_tasks: "{{ role_path }}/tasks/ext/mautrix-whatsapp/init.yml" - import_tasks: "{{ role_path }}/tasks/ext/appservice-irc/init.yml" + +- import_tasks: "{{ role_path }}/tasks/ext/appservice-discord/init.yml" diff --git a/roles/matrix-synapse/tasks/ext/setup.yml b/roles/matrix-synapse/tasks/ext/setup.yml index 609269e77..fe113281b 100644 --- a/roles/matrix-synapse/tasks/ext/setup.yml +++ b/roles/matrix-synapse/tasks/ext/setup.yml @@ -11,3 +11,5 @@ - import_tasks: "{{ role_path }}/tasks/ext/mautrix-whatsapp/setup.yml" - import_tasks: "{{ role_path }}/tasks/ext/appservice-irc/setup.yml" + +- import_tasks: "{{ role_path }}/tasks/ext/appservice-discord/setup.yml" diff --git a/roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 b/roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 new file mode 100644 index 000000000..4d4b3f396 --- /dev/null +++ b/roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 @@ -0,0 +1,29 @@ +[Unit] +Description=Matrix Appservice Discord server +After=docker.service +Requires=docker.service +Requires=matrix-synapse.service +After=matrix-synapse.service + +[Service] +Type=simple +ExecStartPre=-/usr/bin/docker kill matrix-appservice-discord +ExecStartPre=-/usr/bin/docker rm matrix-appservice-discord +ExecStart=/usr/bin/docker run --rm --name matrix-appservice-discord \ + --log-driver=none \ + -e "UID={{ matrix_user_uid }}" -e "GID={{ matrix_user_gid }}" \ + --network={{ matrix_docker_network }} \ + {% if matrix_appservice_discord_container_expose_client_server_api_port %} + -p 127.0.0.1:9005:9005 \ + {% endif %} + -v {{ matrix_appservice_discord_base_path }}:/data \ + {{ matrix_appservice_discord_docker_image }} + + +ExecStop=-/usr/bin/docker kill matrix-appservice-discord +ExecStop=-/usr/bin/docker rm matrix-appservice-discord +Restart=always +RestartSec=30 + + [Install] +WantedBy=multi-user.target From 4aeeb5cf316145d740862286d1e4b29dff74156b Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Sun, 3 Mar 2019 19:33:16 +0100 Subject: [PATCH 2/9] Autogenerate Discord invite link Generates the link required to add the Bridge to a Discord server. --- .../matrix-synapse/tasks/ext/appservice-discord/setup.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml b/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml index 7d0ba3591..baf4845c1 100644 --- a/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml +++ b/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml @@ -40,6 +40,14 @@ - set_fact: matrix_synapse_app_service_config_file_appservice_discord: '{{ matrix_appservice_discord_base_path }}/discord-registration.yml' +- stat: + path: "{{ matrix_appservice_discord_base_path }}/invite_link" + register: appservice_discord_link_generated + +- name: Generate your discord invite link invite link + shell: /usr/bin/docker run --rm --name matrix-appservice-discord-link-gen -v {{ matrix_appservice_discord_base_path }}:/data -w /data {{ matrix_appservice_discord_docker_image }} /bin/sh -c "node .././build/tools/addbot.js > invite_link" + when: "matrix_appservice_discord_enabled and appservice_discord_link_generated.stat.exists == False" + - set_fact: matrix_synapse_container_additional_volumes: > {{ matrix_synapse_container_additional_volumes }} From faa16617da4b8b693d6aa249f758af9c3bce6f6d Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Sun, 3 Mar 2019 19:34:30 +0100 Subject: [PATCH 3/9] add documentation --- ...figuring-playbook-bridge-appservice-discord.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 2a7ad0281..72cf7e0d0 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -3,3 +3,18 @@ The playbook can install and configure [matrix-appservice-discord](https://github.com/Half-Shot/matrix-appservice-discord) for you. See the project's [documentation](https://github.com/Half-Shot/matrix-appservice-discord/blob/master/README.md) to learn what it does and why it might be useful to you. + +Setup Instructions: + +loosely based on [this](https://github.com/Half-Shot/matrix-appservice-discord#setting-up) + +1. Create a Discord Application [here](https://discordapp.com/developers/applications/me/create). +2. Retrieve Client ID and Bot token from this Application. +3. Enable the bridge with "matrix_appservice_discord_enabled: true" in your vars.yml and provide id and token. +4. Rerun playbook with "setup-all" tag. Restart with tag "start" afterwards. +5. Retrieve Discord invitelink from {{ matrix_appservice_discord_base_path }}/invite_link (this defaults to /matrix/appservice-discord/invite_link) +6. Invite the Bot to Discord servers you wish to bridge. Administrator permission is recommended. +7. Join the rooms by following this syntax "#_discord_guildid_channelid" + - can be easily retrieved by logging into Discord in a browser and opening the desired channel. URL will have this format: discordapp.com/channels/guild_id/channel_id + +Other configuration options are available via the "matrix_appservice_discord_configuration_extension_yaml" variable. \ No newline at end of file From 7aadd8bbe977fbf2bb43e0d1378fd9b8c204529a Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Sun, 3 Mar 2019 19:55:56 +0100 Subject: [PATCH 4/9] undo changed synapse version --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 1ef52de3b..410380450 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -1,4 +1,4 @@ -matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.1.1-py3" +matrix_synapse_docker_image: "matrixdotorg/synapse:v0.99.2-py3" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" matrix_synapse_config_dir_path: "{{ matrix_synapse_base_path }}/config" From e54f3889663a53f0721e5760d3ee853230e0ac1b Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Mon, 4 Mar 2019 14:16:30 +0100 Subject: [PATCH 5/9] removed /group_vars/matrix-servers as it not needed --- group_vars/matrix-servers | 352 -------------------------------------- 1 file changed, 352 deletions(-) delete mode 100644 group_vars/matrix-servers diff --git a/group_vars/matrix-servers b/group_vars/matrix-servers deleted file mode 100644 index 8c98d6112..000000000 --- a/group_vars/matrix-servers +++ /dev/null @@ -1,352 +0,0 @@ ---- - -# This variables file wires together the various components (roles) used by the playbook. -# -# Roles used by playbook are pretty minimal and kept independent of one another as much as possible. -# To deliver a turnkey fully-featured Matrix server, this playbook needs -# to connect them all together. It does so by overriding role variables. -# -# You can also override ANY variable (seen here or in any given role), -# by re-defining it in your own configuration file (`inventory/host_vars/matrix.`). - -###################################################################### -# -# matrix-appservice-irc -# -###################################################################### - -# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-irc over the container network. -# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose -# matrix-appservice-irc's client-server port to the local host (`127.0.0.1:9999`). -matrix_appservice_irc_container_expose_client_server_api_port: "{{ not matrix_nginx_proxy_enabled }}" - - -###################################################################### -# -# matrix-appservice-discord -# -###################################################################### - -# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-appservice-discord over the container network. -# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose -# matrix-appservice-discord's client-server port to the local host (`127.0.0.1:9005`). -matrix_appservice_discord_container_expose_client_server_api_port: "{{ not matrix_nginx_proxy_enabled }}" - -###################################################################### -# -# matrix-base -# -###################################################################### - -matrix_identity_server_url: "{{ 'https://' + matrix_synapse_trusted_third_party_id_servers[0] if matrix_synapse_trusted_third_party_id_servers|length > 0 else None }}" - - -###################################################################### -# -# /matrix-base -# -###################################################################### - - - -###################################################################### -# -# matrix-corporal -# -###################################################################### - -matrix_corporal_enabled: false - -# Normally, matrix-nginx-proxy is enabled and nginx can reach matrix-corporal over the container network. -# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose -# matrix-corporal's web-server ports to the local host (`127.0.0.1:41080` and `127.0.0.1:41081`). -matrix_corporal_container_expose_ports: "{{ not matrix_nginx_proxy_enabled }}" - -matrix_corporal_systemd_required_services_list: | - {{ - (['docker.service']) - + - (['matrix-synapse.service']) - }} - -matrix_corporal_matrix_homeserver_api_endpoint: "http://matrix-synapse:8008" - -matrix_corporal_matrix_auth_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}" - -matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registration_shared_secret }}" - -###################################################################### -# -# /matrix-corporal -# -###################################################################### - - - -###################################################################### -# -# matrix-coturn -# -###################################################################### - -matrix_coturn_enabled: true - -###################################################################### -# -# /matrix-coturn -# -###################################################################### - - - -###################################################################### -# -# matrix-mailer -# -###################################################################### - -# By default, this playbook sets up a postfix mailer server (running in a container). -# This is so that Synapse can send email reminders for unread messages. -# Other services (like mxisd), also use the mailer. -matrix_mailer_enabled: true - -###################################################################### -# -# /matrix-mailer -# -###################################################################### - - - -###################################################################### -# -# matrix-mxisd -# -###################################################################### - -# By default, this playbook installs the mxisd identity server on the same domain as Synapse (`matrix_server_fqn_matrix`). -# If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this. -matrix_mxisd_enabled: true - -# Normally, matrix-nginx-proxy is enabled and nginx can reach mxisd over the container network. -# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose -# mxisd's web-server port to the local host (`127.0.0.1:8090`). -matrix_mxisd_container_expose_port: "{{ not matrix_nginx_proxy_enabled }}" - -# We enable Synapse integration via its Postgres database by default. -# When using another Identity store, you might wish to disable this and define -# your own configuration in `matrix_mxisd_configuration_extension_yaml`. -matrix_mxisd_synapsesql_enabled: true -matrix_mxisd_synapsesql_type: postgresql -matrix_mxisd_synapsesql_connection: //{{ matrix_synapse_database_host }}/{{ matrix_synapse_database_database }}?user={{ matrix_synapse_database_user }}&password={{ matrix_synapse_database_password }} - -matrix_mxisd_dns_overwrite_enabled: true -matrix_mxisd_dns_overwrite_homeserver_client_name: "{{ matrix_server_fqn_matrix }}" -matrix_mxisd_dns_overwrite_homeserver_client_value: "http://{{ 'matrix-corporal:41080' if matrix_corporal_enabled else 'matrix-synapse:8008' }}" - -# By default, we send mail through the `matrix-mailer` service. -matrix_mxisd_threepid_medium_email_identity_from: "{{ matrix_mailer_sender_address }}" -matrix_mxisd_threepid_medium_email_connectors_smtp_host: "matrix-mailer" -matrix_mxisd_threepid_medium_email_connectors_smtp_port: 8025 -matrix_mxisd_threepid_medium_email_connectors_smtp_tls: 0 - -matrix_mxisd_systemd_wanted_services_list: | - {{ - (['matrix-corporal.service'] if matrix_corporal_enabled else ['matrix-synapse.service']) - + - (['matrix-postgres.service'] if matrix_postgres_enabled else []) - + - (['matrix-mailer.service'] if matrix_mailer_enabled else []) - }} - -###################################################################### -# -# /matrix-mxisd -# -###################################################################### - - - -###################################################################### -# -# matrix-nginx-proxy -# -###################################################################### - -# By default, this playbook sets up a reverse-proxy nginx proxy server on TCP ports 80, 443 and 8448. -# This is fine if you're dedicating the whole server to Matrix. -# If that's not the case, you may wish to disable this and take care of proxying yourself. -matrix_nginx_proxy_enabled: true - -matrix_nginx_proxy_proxy_matrix_client_api_addr_with_container: "{{ 'matrix-corporal:41080' if matrix_corporal_enabled else 'matrix-synapse:8008' }}" -matrix_nginx_proxy_proxy_matrix_client_api_addr_sans_container: "{{ '127.0.0.1:41080' if matrix_corporal_enabled else '127.0.0.1:8008' }}" -matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: "{{ matrix_synapse_max_upload_size_mb }}" - -matrix_nginx_proxy_proxy_matrix_enabled: true -matrix_nginx_proxy_proxy_riot_enabled: "{{ matrix_riot_web_enabled }}" - -matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}" -matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081" -matrix_nginx_proxy_proxy_matrix_corporal_api_addr_sans_container: "127.0.0.1:41081" - -matrix_nginx_proxy_proxy_matrix_identity_api_enabled: "{{ matrix_mxisd_enabled }}" -matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container: "matrix-mxisd:8090" -matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container: "127.0.0.1:8090" - -# By default, we do TLS termination for the Matrix Federation API (port 8448) at matrix-nginx-proxy. -matrix_nginx_proxy_proxy_matrix_federation_api_enabled: true -matrix_nginx_proxy_proxy_matrix_federation_api_addr_with_container: "matrix-synapse:8048" -matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:8048" - -matrix_nginx_proxy_proxy_synapse_metrics: "{{ matrix_synapse_metrics_enabled }}" -matrix_nginx_proxy_proxy_synapse_metrics_addr_with_container: "matrix-synapse:{{ matrix_synapse_metrics_port }}" -matrix_nginx_proxy_proxy_synapse_metrics_addr_sans_container: "127.0.0.1:{{ matrix_synapse_metrics_port }}" - -matrix_nginx_proxy_proxy_matrix_user_directory_search_enabled: "{{ matrix_mxisd_enabled }}" -matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_with_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_with_container }}" -matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ matrix_nginx_proxy_proxy_matrix_identity_api_addr_sans_container }}" - -matrix_nginx_proxy_systemd_wanted_services_list: | - {{ - (['matrix-synapse.service']) - + - (['matrix-corporal.service'] if matrix_corporal_enabled else []) - + - (['matrix-mxisd.service'] if matrix_mxisd_enabled else []) - + - (['matrix-riot-web.service'] if matrix_riot_web_enabled else []) - }} - -matrix_ssl_domains_to_obtain_certificates_for: | - {{ - ([matrix_server_fqn_matrix]) - + - ([matrix_server_fqn_riot] if matrix_riot_web_enabled else []) - }} - -###################################################################### -# -# /matrix-nginx-proxy -# -###################################################################### - - - -###################################################################### -# -# matrix-postgres -# -###################################################################### - -matrix_postgres_enabled: true - -matrix_postgres_connection_hostname: "matrix-postgres" -matrix_postgres_connection_username: "synapse" -matrix_postgres_connection_password: "synapse-password" -matrix_postgres_db_name: "homeserver" - -###################################################################### -# -# /matrix-postgres -# -###################################################################### - - - -###################################################################### -# -# matrix-riot-web -# -###################################################################### - -# By default, this playbook installs the Riot.IM web UI on the `matrix_server_fqn_riot` domain. -# If you wish to connect to your Matrix server by other means, you may wish to disable this. -matrix_riot_web_enabled: true - -# Normally, matrix-nginx-proxy is enabled and nginx can reach riot-web over the container network. -# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose -# the riot-web HTTP port to the local host (`127.0.0.1:80`). -matrix_riot_web_container_expose_port: "{{ not matrix_nginx_proxy_enabled }}" - -matrix_riot_web_default_hs_url: "{{ matrix_homeserver_url }}" -matrix_riot_web_default_is_url: "{{ matrix_identity_server_url }}" - -###################################################################### -# -# /matrix-riot-web -# -###################################################################### - - - -###################################################################### -# -# matrix-synapse -# -###################################################################### - -# When mxisd is enabled, we can use it instead of the default public Identity servers. -matrix_synapse_trusted_third_party_id_servers: "{{ [matrix_server_fqn_matrix] if matrix_mxisd_enabled else matrix_synapse_id_servers_public }}" - -# Normally, matrix-nginx-proxy is enabled and nginx can reach Synapse over the container network. -# If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose its ports -# to the local host. -# -# For exposing the Matrix Client API's port (plain HTTP) to the local host (`127.0.0.1:8008`). -matrix_synapse_container_expose_client_api_port: "{{ not matrix_nginx_proxy_enabled }}" -# For exposing the Matrix Federation API's port (plain HTTP) to the local host (`127.0.0.1:8048`). -matrix_synapse_container_expose_federation_api_port: "{{ not matrix_nginx_proxy_enabled }}" - -matrix_synapse_container_expose_metrics_port: "{{ not matrix_nginx_proxy_enabled }}" - -matrix_synapse_database_host: "{{ matrix_postgres_connection_hostname }}" -matrix_synapse_database_user: "{{ matrix_postgres_connection_username }}" -matrix_synapse_database_password: "{{ matrix_postgres_connection_password }}" -matrix_synapse_database_database: "{{ matrix_postgres_db_name }}" - -# We do not enable TLS in Synapse by default. -# TLS is handled by the matrix-nginx-proxy, which proxies the requests to Synapse. -matrix_synapse_tls_federation_listener_enabled: false -matrix_synapse_tls_certificate_path: ~ -matrix_synapse_tls_private_key_path: ~ - -matrix_synapse_email_enabled: "{{ matrix_mailer_enabled }}" -matrix_synapse_email_smtp_host: "matrix-mailer" -matrix_synapse_email_smtp_port: 8025 -matrix_synapse_email_smtp_require_transport_security: false -matrix_synapse_email_notif_from: "Matrix <{{ matrix_mailer_sender_address }}>" -matrix_synapse_email_riot_base_url: "https://{{ matrix_server_fqn_riot }}" - -matrix_synapse_turn_uris: | - {{ - [ - 'turn:' + matrix_server_fqn_matrix + ':3478?transport=udp', - 'turn:' + matrix_server_fqn_matrix + ':3478?transport=tcp', - ] - if matrix_coturn_enabled - else [] - }} - -matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}" - -matrix_synapse_systemd_required_services_list: | - {{ - (['docker.service']) - + - (['matrix-postgres.service'] if matrix_postgres_enabled else []) - + - (['matrix-goofys'] if matrix_s3_media_store_enabled else []) - }} - -matrix_synapse_systemd_wanted_services_list: | - {{ - (['matrix-coturn.service'] if matrix_coturn_enabled else []) - + - (['matrix-mailer.service'] if matrix_mailer_enabled else []) - }} - -###################################################################### -# -# /matrix-synapse -# -###################################################################### From b5ae0254fd4c8b24106ba9cb61a3fc2846923392 Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Mon, 4 Mar 2019 14:41:58 +0100 Subject: [PATCH 6/9] used ` backticks instead of double quotes --- docs/configuring-playbook-bridge-appservice-discord.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/configuring-playbook-bridge-appservice-discord.md b/docs/configuring-playbook-bridge-appservice-discord.md index 72cf7e0d0..ab47187e6 100644 --- a/docs/configuring-playbook-bridge-appservice-discord.md +++ b/docs/configuring-playbook-bridge-appservice-discord.md @@ -10,11 +10,11 @@ loosely based on [this](https://github.com/Half-Shot/matrix-appservice-discord#s 1. Create a Discord Application [here](https://discordapp.com/developers/applications/me/create). 2. Retrieve Client ID and Bot token from this Application. -3. Enable the bridge with "matrix_appservice_discord_enabled: true" in your vars.yml and provide id and token. +3. Enable the bridge with `matrix_appservice_discord_enabled: true` in your vars.yml and provide id and token. 4. Rerun playbook with "setup-all" tag. Restart with tag "start" afterwards. -5. Retrieve Discord invitelink from {{ matrix_appservice_discord_base_path }}/invite_link (this defaults to /matrix/appservice-discord/invite_link) +5. Retrieve Discord invitelink from `{{ matrix_appservice_discord_base_path }}/invite_link` (this defaults to `/matrix/appservice-discord/invite_link`) 6. Invite the Bot to Discord servers you wish to bridge. Administrator permission is recommended. -7. Join the rooms by following this syntax "#_discord_guildid_channelid" +7. Join the rooms by following this syntax `#_discord_guildid_channelid` - can be easily retrieved by logging into Discord in a browser and opening the desired channel. URL will have this format: discordapp.com/channels/guild_id/channel_id -Other configuration options are available via the "matrix_appservice_discord_configuration_extension_yaml" variable. \ No newline at end of file +Other configuration options are available via the `matrix_appservice_discord_configuration_extension_yaml` variable. \ No newline at end of file From 2d78c5f89d1e20f11e42ed4e6df44a1323b26ceb Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Mon, 4 Mar 2019 14:42:20 +0100 Subject: [PATCH 7/9] made matrix_appservice_discord_client_id lowercase --- roles/matrix-synapse/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 410380450..919f3d6c3 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -654,7 +654,7 @@ matrix_appservice_discord_docker_image: "halfshot/matrix-appservice-discord:late matrix_appservice_discord_base_path: "{{ matrix_base_data_path }}/appservice-discord" -matrix_appservice_discord_client_ID: "YOUR DISCORD APP CLIENT ID" +matrix_appservice_discord_client_id: "YOUR DISCORD APP CLIENT ID" matrix_appservice_discord_bot_token: "YOUR DISCORD APP BOT TOKEN" matrix_appservice_discord_configuration_yaml: | @@ -662,7 +662,7 @@ matrix_appservice_discord_configuration_yaml: | domain: "{{ matrix_domain }}" homeserverUrl: "{{ matrix_homeserver_url }}" auth: - clientID: "{{matrix_appservice_discord_client_ID}}" + clientID: "{{matrix_appservice_discord_client_id}}" botToken: "{{matrix_appservice_discord_bot_token}}" database: filename: "/data/discord.db" From 278484656b75b70e3cac70fc432ffc6b3672ce7f Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Mon, 4 Mar 2019 15:12:37 +0100 Subject: [PATCH 8/9] ensure systemd reloaded after bridge installation --- roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml b/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml index baf4845c1..9efdd4572 100644 --- a/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml +++ b/roles/matrix-synapse/tasks/ext/appservice-discord/setup.yml @@ -27,7 +27,13 @@ src: "{{ role_path }}/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2" dest: "/etc/systemd/system/matrix-appservice-discord.service" mode: 0644 + register: matrix_appservice_discord_systemd_service_result when: "matrix_appservice_discord_enabled" + +- name: Ensure systemd reloaded after matrix-appservice-discord.service installation + service: + daemon_reload: yes + when: "matrix_appservice_discord_enabled and matrix_appservice_discord_systemd_service_result.changed" - stat: path: "{{ matrix_appservice_discord_base_path }}/discord-registration.yaml" From c2834d222611db86ef9b3c1e4725ac07da0f35a3 Mon Sep 17 00:00:00 2001 From: Lionstiger Date: Mon, 4 Mar 2019 15:42:22 +0100 Subject: [PATCH 9/9] running as matrix user from the start --- .../systemd/matrix-appservice-discord.service.j2 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 b/roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 index 4d4b3f396..af91b1855 100644 --- a/roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 +++ b/roles/matrix-synapse/templates/ext/appservice-discord/systemd/matrix-appservice-discord.service.j2 @@ -11,7 +11,8 @@ ExecStartPre=-/usr/bin/docker kill matrix-appservice-discord ExecStartPre=-/usr/bin/docker rm matrix-appservice-discord ExecStart=/usr/bin/docker run --rm --name matrix-appservice-discord \ --log-driver=none \ - -e "UID={{ matrix_user_uid }}" -e "GID={{ matrix_user_gid }}" \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ --network={{ matrix_docker_network }} \ {% if matrix_appservice_discord_container_expose_client_server_api_port %} -p 127.0.0.1:9005:9005 \