finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add support for matrix_encryption_disabler

Browse Source 
Related to https://github.com/matrix-org/synapse/issues/4401

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1621
This commit is contained in:
Slavi Pantaleev
2022-02-11 20:06:11 +02:00
parent c8d924147c
commit f44ca0c7c2
5 changed files with 65 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
roles/matrix-synapse/defaults/main.yml
View File

@ -542,6 +542,23 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false
matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: []
# Enable this to activate the E2EE disabling Synapse module.
# See: https://github.com/digitalentity/matrix_encryption_disabler
matrix_synapse_ext_encryption_disabler_enabled: false
matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/digitalentity/matrix_encryption_disabler/ee80beedc5084a5fabf3c91d8df6d59457d3a790/matrix_e2ee_filter.py"
# A list of server domain names for which to deny encryption if the event sender's domain matches the domain in the list.
# By default, with the configuration below, we prevent all homeserver users from initiating encryption in ANY room.
matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of: ["{{ matrix_domain }}"]
# A list of server domain names for which to deny encryption if the destination room id's domain matches the domain in the list.
# By default, with the configuration below, we prevent locally-created encryption events by ANY user encrypt rooms on the homeserver.
# Note: foreign users with enough room privileges will still be able to send an encryption event to your rooms and encrypt them.
matrix_synapse_ext_encryption_disabler_deny_encryption_for_rooms_of: ["{{ matrix_domain }}"]
matrix_synapse_ext_encryption_config: "{{ matrix_synapse_ext_encryption_config_yaml|from_yaml }}"
matrix_synapse_ext_encryption_config_yaml: |
deny_encryption_for_users_of: {{ matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of|to_json }}
deny_encryption_for_rooms_of: {{ matrix_synapse_ext_encryption_disabler_deny_encryption_for_rooms_of|to_json }}
matrix_s3_media_store_enabled: false
matrix_s3_media_store_custom_endpoint_enabled: false
matrix_s3_goofys_docker_image: "ewoutp/goofys:latest"