Commit Graph

1520 Commits

Author SHA1 Message Date
Slavi Pantaleev
999f2bf8dd Switch mautrix-signal double-puppeting method (shared secret auth -> appservice-double-puppet)
Since upgrading mautrix-signal (v0.6.3 -> v0.7.0) in 76fec0b863,
we expect double-puppeting to require the new appservice double-puppeting method.

This commit switches the mautrix-signal bridge to it.
2024-08-17 19:01:43 +03:00
Slavi Pantaleev
111fa65e44 Add appservice-double-puppet service for better bridge double-puppeting
Bridges will be switched to this new method in future patches.
2024-08-17 19:00:20 +03:00
Slavi Pantaleev
e4b54c37fe Upgrade mautrix-slack, pin to v0.1.0 and adapt configuration
Related to:
- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3479
- https://github.com/mautrix/slack/releases/tag/v0.1.0
- https://mau.fi/blog/2024-08-mautrix-release/
2024-08-17 16:43:35 +03:00
Slavi Pantaleev
76fec0b863 Upgrade mautrix-signal (v0.6.3 -> v0.7.0) and adapt configuration
Related to:
- https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3479
- https://github.com/mautrix/signal/releases/tag/v0.7.0
- https://mau.fi/blog/2024-08-mautrix-release/

It seems like the new version does not support a `/metrics` endpoint.
We skip keep the Ansible variables, but they're not doing anything.

Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3481
2024-08-17 15:58:38 +03:00
renovate[bot]
e3d489c5fe
chore(deps): update nginx docker tag to v1.27.1 2024-08-15 23:04:44 +00:00
Aine
70cbf3d5ae
add synapse-auto-compressor workaround, fixes #3397 (#3473)
* add synapse-auto-compressor workaround, fixes #3397

* Clarify what the PG-prefixed variables are for

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-08-15 11:36:48 +03:00
Slavi Pantaleev
48e021e446
Merge pull request #3469 from Michael-Hollister/michael/mmr-signing-key
Automated MMR signing key generation process
2024-08-15 09:26:55 +03:00
Slavi Pantaleev
05e813a846
Default matrix_media_repo_generate_signing_key to false in the matrix-media-repo role
No need to duplicate the same logic as in `group_vars/matrix_servers`.

Having it disabled by default in the role itself and overriding it at the playbook level (based on the selected homeserver implementation) makes more sense.
2024-08-15 09:25:08 +03:00
renovate[bot]
8a2bd345fd
chore(deps): update joseluisq/static-web-server docker tag to v2.32.2 2024-08-14 00:43:39 +00:00
Michael Hollister
56b0a72000 Apply PR feedback 2024-08-13 14:22:14 -05:00
Slavi Pantaleev
1691eaa7e5
Merge pull request #3475 from spantaleev/renovate/vectorim-element-web-1.x
chore(deps): update vectorim/element-web docker tag to v1.11.74
2024-08-13 22:19:24 +03:00
renovate[bot]
b022004adf
chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.113.0 2024-08-13 17:13:32 +00:00
renovate[bot]
e1354d505f
chore(deps): update vectorim/element-web docker tag to v1.11.74 2024-08-13 17:13:29 +00:00
Slavi Pantaleev
6bef71ebb8 Make ansible-lint happy 2024-08-10 06:37:48 +03:00
Slavi Pantaleev
9d11271d59 Initial (not yet enabled) work on Heisenbridge handling media requests at matrix.DOMAIN/heisenbridge/*
Related to:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3470
- https://github.com/hifi/heisenbridge/releases/tag/v1.15.0

During testing, it appears that Heisenbridge generated media URLs
that look like this: `{media_url}/_matrix/media/v3/download/DOMAIN/FILE_ID/FILE_NAME`.

This seems off. We were expecting `{media_url}/_heisenbridge/media/something`
(e.g. `https://matrix.DOMAIN/heisenbridge/_heisenbridge/media/something`, leading to its own media proxy),
but Heisenbridge still seems to be generating URLs destined for the homeserver's Media API.

Until we figure out why that is, `media_url` remains pointed to the homeserver URL (just like before),
so that the bot can continue operating like before.
2024-08-10 06:22:59 +03:00
renovate[bot]
5323bcc906
chore(deps): update hif1/heisenbridge docker tag to v1.15.0 2024-08-10 02:41:18 +00:00
Michael Hollister
c3fd33566d Automated MMR signing key generation process 2024-08-09 13:43:26 -05:00
Slavi Pantaleev
1184b3df02 Upgrade matrix-corporal (2.8.0 -> 3.0.0) 2024-08-08 11:59:07 +03:00
Chasethechicken
4d46b625ff
Draupnir proxy (#3313)
* Allow redircting abuse-reports to draupnir

* Document redirecting abuse-reports to draupnir via traefik

* Apply suggestions from code review

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Rename variable

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-08-08 06:41:45 +03:00
renovate[bot]
9967165722
chore(deps): update vectorim/element-web docker tag to v1.11.73 2024-08-06 15:13:31 +00:00
renovate[bot]
95e400b571
chore(deps): update ajbura/cinny docker tag to v4.1.0 2024-08-04 12:48:06 +00:00
renovate[bot]
b5473b3bd0
chore(deps): update ghcr.io/t2bot/matrix-media-repo docker tag to v1.3.7 2024-07-31 00:06:21 +00:00
Slavi Pantaleev
5f121a9fdb Upgrade Synapse (v1.111.1 -> v1.112.0) 2024-07-30 20:39:51 +03:00
Slavi Pantaleev
69ec437f82
Merge pull request #3457 from spantaleev/renovate/vectorim-element-web-1.x
chore(deps): update vectorim/element-web docker tag to v1.11.72
2024-07-30 19:50:13 +03:00
renovate[bot]
aee6101f95
chore(deps): update vectorim/element-web docker tag to v1.11.72 2024-07-30 16:26:26 +00:00
renovate[bot]
9c3c25419e
chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.111.1 2024-07-30 16:26:21 +00:00
Slavi Pantaleev
ba04bace6d
Merge pull request #3453 from spantaleev/renovate/registry.gitlab.com-etke.cc-postmoogle-0.x
chore(deps): update registry.gitlab.com/etke.cc/postmoogle docker tag to v0.9.20
2024-07-27 22:11:45 +03:00
renovate[bot]
af089b89d1
chore(deps): update registry.gitlab.com/etke.cc/postmoogle docker tag to v0.9.20 2024-07-27 18:46:39 +00:00
renovate[bot]
880daf55af
chore(deps): update registry.gitlab.com/etke.cc/honoroit docker tag to v0.9.24 2024-07-27 18:46:34 +00:00
Slavi Pantaleev
035b1c3c04 Upgrade Coturn (4.6.2-r10 -> 4.6.2-r11) 2024-07-26 15:15:51 +03:00
Slavi Pantaleev
4d9de7d58a Add matrix_synapse_usage_exporter_hostname and matrix_synapse_usage_exporter_path_prefix
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3442
2024-07-25 20:24:40 +03:00
Michael Hollister
55f869254b
Created role for synapse-usage-exporter (#3442)
* Created role for synapse-usage-exporter

* Apply suggestions from code review

Co-authored-by: Slavi Pantaleev <slavi@devture.com>

* Renaming docker variables and moving synapse stats config location

* Respect devture_systemd_docker_base_docker_service_name

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-07-25 20:19:08 +03:00
renovate[bot]
e29b5323df
chore(deps): update ajbura/cinny docker tag to v4.0.3 2024-07-25 11:31:33 +00:00
Slavi Pantaleev
57eeb1be33 Upgrade Cinny (v3.2.0 -> v4.0.0) and adapt our custom nginx configuration with the new URL rewrites
Cinny includes nginx configuration which does URL rewrites now, as seen
here: https://raw.githubusercontent.com/cinnyapp/cinny/dev/docker-nginx.conf

That said, we have our own nginx configuration for Cinny, because we'd
like to run ngin as non-root and on a non-privileged port (80 -> 8080).

For this reason, we override `/etc/nginx/nginx.conf` and need to
duplicate what we see in `/etc/nginx/conf.d/default.conf` with our own
`server` block (which listens on port 8080).
2024-07-24 21:54:06 +03:00
Michael Hollister
f1dbbd3106 Added new fields to MMR config template 2024-07-23 11:29:19 -05:00
Slavi Pantaleev
18f4b8a0b6
Merge pull request #3440 from spantaleev/renovate/registry.gitlab.com-etke.cc-honoroit-0.x
chore(deps): update registry.gitlab.com/etke.cc/honoroit docker tag to v0.9.23
2024-07-23 14:25:19 +03:00
Aine
91f5731287
buscarron v1.4.2 (#3437)
* buscarron v1.4.2

* Add more spaces before comments

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-07-23 14:21:32 +03:00
renovate[bot]
98f5f1c200
chore(deps): update registry.gitlab.com/etke.cc/honoroit docker tag to v0.9.23 2024-07-23 11:21:13 +00:00
renovate[bot]
98a2810fa2
chore(deps): update registry.gitlab.com/etke.cc/postmoogle docker tag to v0.9.19 2024-07-23 10:22:47 +00:00
Michael Hollister
2c360a99fe Added MMR metrics proxying support 2024-07-22 17:38:34 -05:00
renovate[bot]
bf6e9a2bfa
chore(deps): update joseluisq/static-web-server docker tag to v2.32.1 2024-07-21 00:06:35 +00:00
Slavi Pantaleev
36ef25669b
Merge pull request #3433 from spantaleev/renovate/awesometechnologies-synapse-admin-0.x
chore(deps): update awesometechnologies/synapse-admin docker tag to v0.10.3
2024-07-19 07:46:23 +03:00
Slavi Pantaleev
dce0f64f6d Use simple matching for ma1sd deprecated vars validation
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3432
2024-07-19 07:31:33 +03:00
renovate[bot]
469a0ebbf7
chore(deps): update awesometechnologies/synapse-admin docker tag to v0.10.3 2024-07-18 21:29:56 +00:00
Slavi Pantaleev
b09555f764 Use Go-style regexp and PathRegexp (not Path) for some ma1sd routes
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3430
2024-07-18 18:16:49 +03:00
Slavi Pantaleev
34b91957f0 Update comment 2024-07-17 17:54:10 +03:00
Slavi Pantaleev
a213164cb1 Enable client & federation listeners for media repository workers
Related to c6d8a68e77

Related to https://github.com/element-hq/synapse/pull/17421

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3427
2024-07-17 17:52:21 +03:00
Slavi Pantaleev
1bc34e2237
Merge pull request #3426 from spantaleev/renovate/dock.mau.dev-mautrix-discord-0.x
chore(deps): update dock.mau.dev/mautrix/discord docker tag to v0.7.0
2024-07-16 18:14:42 +03:00
renovate[bot]
e8181b92ad
chore(deps): update dock.mau.dev/mautrix/discord docker tag to v0.7.0 2024-07-16 15:13:15 +00:00
renovate[bot]
5cb12ca2fb
chore(deps): update dock.mau.dev/mautrix/telegram docker tag to v0.15.2 2024-07-16 15:13:07 +00:00
Slavi Pantaleev
e3c02dd722
Merge pull request #3421 from spantaleev/renovate/dock.mau.dev-mautrix-meta-0.x
chore(deps): update dock.mau.dev/mautrix/meta docker tag to v0.3.2
2024-07-16 18:11:20 +03:00
Slavi Pantaleev
62ebb733c0
Merge pull request #3423 from etkecc/patch-334
element v1.11.71
2024-07-16 18:11:11 +03:00
Slavi Pantaleev
615952cbaf Upgrade Synapse (v1.110.0 -> v1.111.0) 2024-07-16 18:10:27 +03:00
Slavi Pantaleev
c6d8a68e77 Add additional media repository prefix paths to matrix_synapse_workers_media_repository_endpoints
Related to https://github.com/element-hq/synapse/pull/17421
2024-07-16 18:10:27 +03:00
Slavi Pantaleev
6db03724ab
Merge pull request #3419 from etkecc/patch-332
mautrix-meta-instagram v0.3.2
2024-07-16 18:08:01 +03:00
Slavi Pantaleev
7c5b2563da
Merge pull request #3418 from etkecc/patch-331
mautrix-twitter v0.1.8
2024-07-16 18:07:48 +03:00
Aine
a89d19e88a
element v1.11.71 2024-07-16 18:07:39 +03:00
renovate[bot]
bf8e9a64d0
chore(deps): update dock.mau.dev/mautrix/meta docker tag to v0.3.2 2024-07-16 15:07:33 +00:00
Slavi Pantaleev
e3e8e7216f
Merge pull request #3417 from etkecc/patch-330
mautrix-signal v0.6.3
2024-07-16 18:07:26 +03:00
Aine
2ca7df9e75
mautrix-meta-instagram v0.3.2 2024-07-16 18:06:14 +03:00
Aine
7af6c74734
mautrix-twitter v0.1.8 2024-07-16 18:05:21 +03:00
Aine
b003a711c9
mautrix-signal v0.6.3 2024-07-16 18:04:37 +03:00
Aine
90e70530cc
mautrix-whatsapp v0.10.9 2024-07-16 18:03:57 +03:00
Slavi Pantaleev
2737d7673e
Merge pull request #3415 from spantaleev/renovate/dock.mau.dev-mautrix-googlechat-0.x
chore(deps): update dock.mau.dev/mautrix/googlechat docker tag to v0.5.2
2024-07-16 16:21:49 +03:00
renovate[bot]
2ffadc1b4c
chore(deps): update dock.mau.dev/mautrix/googlechat docker tag to v0.5.2 2024-07-16 13:13:33 +00:00
renovate[bot]
c08ed10f3c
chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.4.3 2024-07-16 13:13:29 +00:00
Slavi Pantaleev
f794aa2005 Add support for enabling/disabling all the other matrix-media-repo Traefik labels
This is provoked by de91fe933d,
where I've added a few new labels and made it possible for people to
disable them.

In this patch, I'm making it possible to disable any of the old Traefik
labels in a similar way.
2024-07-11 07:10:33 +03:00
Slavi Pantaleev
de91fe933d Add Traefik labels for handling authenticated media (MSC3916) in matrix-media-repo
Related to:

- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3409
- https://github.com/t2bot/matrix-media-repo/releases/tag/v1.3.5
- https://github.com/matrix-org/matrix-spec-proposals/pull/3916

Support for authenticated media routes is enabled by default, but
variables are in place to disable it if necessary.

This change has not been tested.
2024-07-11 07:03:20 +03:00
renovate[bot]
386d98886d
Update ghcr.io/t2bot/matrix-media-repo Docker tag to v1.3.6 2024-07-10 18:26:43 +00:00
Slavi Pantaleev
c044c815bc Fix fixing-template for matrix-alertmanager-receiver to also consider the alertname annotation
My alerts seem to contain `annotations.alertname` in the payload, so the
default configuration (coming from the matrix-alertmanager-receiver README)
seems to be outdated or something.
2024-07-10 06:45:26 +03:00
renovate[bot]
b71b59dd8e
Update awesometechnologies/synapse-admin Docker tag to v0.10.2 2024-07-09 10:46:03 +00:00
Samuel S
7d5e430ee9
Autocreate webhook in Gitlab instance with Hookshot bot (#3405)
* Add public url for gitlab hookshot to autocreate webhook on gitlab instance

* Add `noqa var-naming` comment to variable

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-07-08 18:12:03 +03:00
renovate[bot]
8e7ab4e23f
Update vectorim/element-web Docker tag to v1.11.70 2024-07-08 14:38:08 +00:00
Aine
a3200523b5
honoroit v0.9.22 (#3398)
* honoroit v0.9.22

* Add more spaces before comments to make yamllint happy

* Add more spaces before comment to make yamllint happy

---------

Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-07-07 07:40:55 +03:00
Slavi Pantaleev
f5a088b820 Remove useless quote 2024-07-06 22:10:23 +03:00
Slavi Pantaleev
2617d00e75 Adjust indentation for matrix-alertmanager-receiver 2024-07-06 21:53:08 +03:00
Slavi Pantaleev
032b76bd62 Add support for matrix-alertmanager-receiver 2024-07-06 21:48:41 +03:00
Slavi Pantaleev
c87bb206da Fix ansible-lint-reported error 2024-07-06 11:15:38 +03:00
Slavi Pantaleev
9b5be6825d Enable HTTP/3 by default for web-secure and matrix-federation
HTTP/3 is no longer considered experimental in Traefik v3,
so it's a good time to enable it.
2024-07-06 11:05:19 +03:00
Slavi Pantaleev
329796f4d4 Upgrade Traefik to v3 and adapt matrix-media-repo role
`matrix-media-repo` is the only role that seems incompatible with the
changes introduced by Traefik v3, due to its use of `PathPrefix` with
regular expressions in a few places.

Regular expressions should now be used with `PathRegexp`, not
`PathPrefix`. Furthermore, they should follow the Golang regexp syntax,
as described in the migration guide:
https://doc.traefik.io/traefik/migration/v2-to-v3-details/#dynamic-configuration-changes
2024-07-06 11:05:19 +03:00
Slavi Pantaleev
3e3ce659fe Upgrade matrix-corporal (2.7.0 -> 2.8.0) 2024-07-04 22:05:25 +03:00
Slavi Pantaleev
74bb812739 Revert "Make use of the new --exists-ok flag for register_new_matrix_user"
This reverts commit 752de4406e.

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3393

When running the playbook against an existing server, it invokes `register_new_matrix_user`
as part of the `matrix-user-creator` role, which runs before the
`systemd_service_manager`. At that time, `matrix-user-creator` detects
that Synapse is up (from before), but it's the old version. Services have not yet been
restarted, so it's actually the older Synapse version that is up, not
the new one. The old version does not support the `--exists-ok` flag yet.

Basically, this `--exists-ok` patch landed too early and has affected existing playbook
users that have an older version of Synapse in operation.

It will be safer to bring back this patch some time in the future.
However, users upgrading from Synapse <= v1.109.0 even long into the
future will bump into the same issue. As such, it would be better to
either add special handling or to delay bringing back this patch enough
so as to ensure everyone using the playbook is on Synapse >= 1.110.0.
2024-07-04 13:56:47 +03:00
Slavi Pantaleev
752de4406e Make use of the new --exists-ok flag for register_new_matrix_user
Related to https://github.com/element-hq/synapse/pull/17304
2024-07-04 09:48:31 +03:00
renovate[bot]
2c4ac73685
chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.110.0 2024-07-03 19:50:40 +00:00
Slavi Pantaleev
e000cbf0f4 Auto-configure synapse-admin to be restricted to a single homeserver (the one managed by the playbook) 2024-07-01 16:03:52 +03:00
renovate[bot]
d723ac67be
chore(deps): update ghcr.io/matrix-org/sliding-sync docker tag to v0.99.19 2024-06-28 16:18:15 +00:00
Slavi Pantaleev
4aa3345db0
Simplify auto_join_mxid_localpart population 2024-06-27 21:35:56 +03:00
hagene
ef90ee9495
Allow configuring synapse auto_join_mxid_localpart
`auto_join_mxid_localpart` defines the local part of the user id which is used to create auto-join rooms. The variable needs to be set to invite new users to any auto-join rooms which are set to invite-only.
2024-06-27 15:05:46 +02:00
renovate[bot]
659df10799
chore(deps): update matrixdotorg/sygnal docker tag to v0.15.0 2024-06-26 16:20:10 +00:00
Slavi Pantaleev
4704a60718 Use a /webhook path for generic webhooks
By appending `/webhook` to the public URL (becoming `/hookshot/webhooks/webhook`)
and by only stripping the `/hookshot/webhooks` prefix,
we're effectively following what newer Hookshot versions advise
(see https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1681).

This change appears to be backward-compatible (old webhook URLs like `/hookshot/webhooks/:hookId` still work),
until Hookshot behavior changes.
2024-06-25 11:16:30 +03:00
Slavi Pantaleev
aafea6d259 Fix typo in comment for matrix_hookshot_container_labels_appservice_enabled 2024-06-25 11:01:09 +03:00
Slavi Pantaleev
ea22acc899 Fix Hookshot URL path generation regression
Regression since 7891268873,
where I removed the `matrix_hookshot_urlprefix` prefix group
`group_vars/matrix_servers`, thinking the value in `roles/custom/matrix-bridge-hookshot/defaults/main.yml`
was the same.

The value in `defaults/main.yml` incorrectly included `matrix_hookshot_public_endpoint`
in `matrix_hookshot_urlprefix`, which was leading to double-`/hookshot`-prefixing.

We were previously saved by the `matrix_hookshot_urlprefix` override in `group_vars/matrix_servers`.

This fix brings the correct URL prefix value (the one without `matrix_hookshot_public_endpoint`)
to `defaults/main.yml`.
2024-06-25 10:55:08 +03:00
Slavi Pantaleev
e3cbc61804
Merge pull request #3376 from bfabio/maubot-user-creation
Make maubot automatically create its own user.
2024-06-22 14:48:42 +03:00
Slavi Pantaleev
5a40e99d11 Explicitly ask for matrix_bot_maubot_initial_password 2024-06-22 14:43:04 +03:00
renovate[bot]
9c9b2a8d38
chore(deps): update halfshot/matrix-hookshot docker tag to v5.4.1 2024-06-21 19:14:12 +00:00
Slavi Pantaleev
6963d13054
Merge pull request #3377 from spantaleev/renovate/halfshot-matrix-hookshot-5.x
chore(deps): update halfshot/matrix-hookshot docker tag to v5.4.0
2024-06-21 18:11:39 +03:00
Slavi Pantaleev
d6aa98e57d Upgrade Coturn (4.6.2-r9 -> 4.6.2-r10) 2024-06-21 09:17:23 +03:00
renovate[bot]
d00410966f
chore(deps): update halfshot/matrix-hookshot docker tag to v5.4.0 2024-06-20 17:16:11 +00:00
Fabio Bonelli
a508d2a069 Make maubot automatically create its own user. 2024-06-19 13:58:10 +02:00
renovate[bot]
3b15a0100b
chore(deps): update joseluisq/static-web-server docker tag to v2.32.0 2024-06-19 08:26:15 +00:00