Compare commits
63 Commits
113b3c6b8a
...
master
Author | SHA1 | Date | |
---|---|---|---|
aa406a910e
|
|||
43244d7daa
|
|||
|
9b3d2637ad | ||
|
cffda7277b | ||
|
eff5dd0527 | ||
|
05202d0032 | ||
|
49d32b15c6 | ||
|
f0f1d6ca67 | ||
|
bc55e358bf | ||
|
9e205d50ac | ||
|
348324d347 | ||
|
63a3915d86 | ||
|
a770681b18 | ||
|
7fcb253c23 | ||
|
56e01ad456 | ||
|
bd6be256b7 | ||
|
fb0ccc391e | ||
|
e6413534be | ||
|
2d1b1cfdde | ||
|
54ef63e0c2 | ||
|
06e14a6b70 | ||
|
9726cb24be | ||
|
a41ec6e8de | ||
|
c399c6ff10 | ||
|
9e31a254d8 | ||
|
1ccb6c822a | ||
|
1813c856e6 | ||
|
f4306be183 | ||
|
78a3bf42f3 | ||
|
5142b2ee90 | ||
|
f08bc17273 | ||
|
3997244190 | ||
|
c04dfe2384 | ||
|
d1796978ca | ||
|
1b2b6ddaa3 | ||
|
e813309311 | ||
|
8eb5bbf2c1 | ||
|
4632628b74 | ||
|
bdec7c646d | ||
|
25498851a0 | ||
|
613f685f54 | ||
|
5987bc5b5e | ||
|
d2164d7a48 | ||
|
9adfd8fc0d | ||
|
24d1875d38 | ||
|
c0269b71b8 | ||
|
4e8aa53e27 | ||
|
31a7f4367c | ||
|
1a6a75bdab | ||
|
29607f442d | ||
|
f8142a0c37 | ||
|
b13ba5b909 | ||
|
018f3f4408 | ||
|
39d13a826a | ||
|
34878abd67 | ||
|
acf244ea26 | ||
|
133ba64375 | ||
|
bebaac886e | ||
|
b8ebe57558 | ||
|
93fffee6a4 | ||
|
3be0449c35 | ||
|
91817e8335 | ||
|
772c248733 |
.github
ansible.cfgdocs
gpg
i18n
inventory
requirements.txtrequirements.ymlroles
custom
matrix-alertmanager-receiver
defaults
matrix-appservice-draupnir-for-all
defaults
matrix-authentication-service
defaults
matrix-base
matrix-bot-baibot
defaults
matrix-bot-draupnir
defaults
matrix-bridge-mautrix-bluesky
matrix-bridge-mautrix-signal
matrix-bridge-mautrix-slack
matrix-bridge-mautrix-telegram
defaults
matrix-bridge-mautrix-twitter
matrix-bridge-mautrix-whatsapp
matrix-bridge-mx-puppet-discord
templates
matrix-client-element
matrix-client-fluffychat
matrix-conduit
defaults
matrix-continuwuity
matrix-element-call
defaults
matrix-synapse-reverse-proxy-companion
defaults
matrix-synapse
defaults
matrix-client-element
matrix-riot-web
templates
1
.github/renovate.json
vendored
1
.github/renovate.json
vendored
@@ -20,6 +20,7 @@
|
|||||||
"packageRules": [
|
"packageRules": [
|
||||||
{
|
{
|
||||||
"ignoreUnstable": false,
|
"ignoreUnstable": false,
|
||||||
|
"versioning": "loose",
|
||||||
"matchSourceUrls": [
|
"matchSourceUrls": [
|
||||||
"https://github.com/devture/com.devture.ansible.role{/,}**",
|
"https://github.com/devture/com.devture.ansible.role{/,}**",
|
||||||
"https://github.com/mother-of-all-self-hosting{/,}**"
|
"https://github.com/mother-of-all-self-hosting{/,}**"
|
||||||
|
8
.github/workflows/matrix.yml
vendored
8
.github/workflows/matrix.yml
vendored
@@ -24,10 +24,14 @@ jobs:
|
|||||||
steps:
|
steps:
|
||||||
- name: Check out
|
- name: Check out
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
- name: Run ansible-lint
|
- name: Run ansible-lint
|
||||||
uses: ansible-community/ansible-lint-action@v6.17.0
|
uses: ansible/ansible-lint@v25.6.1
|
||||||
with:
|
with:
|
||||||
path: roles/custom
|
args: "roles/custom"
|
||||||
|
setup_python: "true"
|
||||||
|
working_directory: ""
|
||||||
|
requirements_file: requirements.yml
|
||||||
precommit:
|
precommit:
|
||||||
name: Run pre-commit
|
name: Run pre-commit
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
@@ -1,6 +1,11 @@
|
|||||||
[defaults]
|
[defaults]
|
||||||
|
|
||||||
|
vault_password_file = gpg/open_vault.sh
|
||||||
|
|
||||||
retry_files_enabled = False
|
retry_files_enabled = False
|
||||||
result_format = yaml
|
result_format = yaml
|
||||||
|
|
||||||
|
inventory = inventory/hosts
|
||||||
|
|
||||||
[connection]
|
[connection]
|
||||||
pipelining = True
|
pipelining = True
|
||||||
|
@@ -50,8 +50,8 @@ If a specific setting you'd like to change does not have a dedicated Ansible var
|
|||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
matrix_continuwuity_environment_variables_extension: |
|
matrix_continuwuity_environment_variables_extension: |
|
||||||
continuwuity_MAX_REQUEST_SIZE=50000000
|
CONTINUWUITY_MAX_REQUEST_SIZE=50000000
|
||||||
continuwuity_REQUEST_TIMEOUT=60
|
CONTINUWUITY_REQUEST_TIMEOUT=60
|
||||||
```
|
```
|
||||||
|
|
||||||
## Creating the first user account
|
## Creating the first user account
|
||||||
|
@@ -70,7 +70,7 @@ By default the Jitsi Meet instance **does not require for anyone to log in, and
|
|||||||
|
|
||||||
If you would like to control who is allowed to start meetings on your instance, you'd need to enable Jitsi's authentication and optionally guests mode.
|
If you would like to control who is allowed to start meetings on your instance, you'd need to enable Jitsi's authentication and optionally guests mode.
|
||||||
|
|
||||||
See [this section](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/blob/main/docs/configuring-jitsi.md#configure-jitsi-authentication-and-guests-mode-optional) on the role's documentation for details about how to configure the authentication and guests mode. The recommended authentication method is `internal` as it also works in federated rooms. If you want to enable authentication with Matrix OpenID making use of [Matrix User Verification Service (UVS)](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-playbook-user-verification-service.md), see [here](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/blob/main/docs/configuring-jitsi.md#authenticate-using-matrix-openid-auth-type-matrix) for details about how to set it up.
|
See [this section](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/blob/main/docs/configuring-jitsi.md#configure-jitsi-authentication-and-guests-mode-optional) on the role's documentation for details about how to configure the authentication and guests mode. The recommended authentication method is `internal` as it also works in federated rooms. If you want to enable authentication with Matrix OpenID making use of [Matrix User Verification Service (UVS)](configuring-playbook-user-verification-service.md), see [here](https://github.com/mother-of-all-self-hosting/ansible-role-jitsi/blob/main/docs/configuring-jitsi.md#authenticate-using-matrix-openid-auth-type-matrix) for details about how to set it up.
|
||||||
|
|
||||||
### Enable Gravatar (optional)
|
### Enable Gravatar (optional)
|
||||||
|
|
||||||
|
5
gpg/open_vault.sh
Executable file
5
gpg/open_vault.sh
Executable file
@@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e -u
|
||||||
|
|
||||||
|
gpg2 --batch --use-agent --decrypt $(dirname $0)/vault_passphrase.gpg 2>/dev/null
|
18
gpg/vault_passphrase.gpg
Normal file
18
gpg/vault_passphrase.gpg
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQIMAxEs7W/4x4lxARAAssinIzR2rGs+Qkm0Q2tRdSXSXRx3OhH+2T5p0Rz3YkqU
|
||||||
|
iyiUtyT/Ll7RMUAlAEDZITvirXe4ZZImDcxQegEzFgO7BowQYJDRdhaRmLKZpiuQ
|
||||||
|
foRnJAAR12sf49arjJjaBQb91ViOp5MkxAtXiiqWyXwSSII+cV88flMq143cFmfC
|
||||||
|
C5OdIQd3SqrbFhGRTjUzoIMqnJH8xksjwph9GS811dY14rQv5X1Ybt5zehMJ7/m/
|
||||||
|
luLNg2zgQgYOUxcovddCVMI54ThXyDubDox/5xLvVjyVOFHgwC/VLn+QXHuPY/r5
|
||||||
|
+rVzz/30eq0uOLKD3LnDBQskCWRVWGC2ulKaZtlylBq6KRzIM6c6+VPSHCjoFyES
|
||||||
|
RRpRHeIXGLs31eLkr8dc+VNbPKpMsjm/E/4ZVE2JBpy7S/kh1XYVQxT6ahDKT1tD
|
||||||
|
4YN9O0JyNXzjiyNaTTLwNGh5+ICEd3ZCfa4O/og2LySGPOw6mX8ukgP029LHVp6+
|
||||||
|
0tRwSWiIM3US/NIVGA+o9e9I/I5Bp/cnzJgd7faUIlzcVPP+euCbo4GsYWpX3Nca
|
||||||
|
eRcr7AVY3wwuZtl7/s8KbQKk0ulLxS4Lo2XmdpQl8CPGwASdbMf/H8B256+xiUQ3
|
||||||
|
ml400ZaCC7Loeduwl1ez1H/dFFzmpUziaxxtWW4aFtOUYhGeSCTu6ZIgxVq3eBnS
|
||||||
|
jAGv8bt+0Xnrpih3mZWM92cw2VKfzYD9WG+dCB4DtZMKhl1ub2bkeTC/B9F+QuP6
|
||||||
|
anlonYHs2wmPXzjcx8ajonbYrYXanoNRHDId6OqVAbjYqbua6TG6H9LUFweIj1RV
|
||||||
|
yhUPejzhA8xEB0nUcKJZKLvuqvwPbr06GODnAKY5TQ4yILMAnBx0pNzfQNzo
|
||||||
|
=Cecg
|
||||||
|
-----END PGP MESSAGE-----
|
@@ -1,6 +1,6 @@
|
|||||||
alabaster==1.0.0
|
alabaster==1.0.0
|
||||||
babel==2.17.0
|
babel==2.17.0
|
||||||
certifi==2025.6.15
|
certifi==2025.7.9
|
||||||
charset-normalizer==3.4.2
|
charset-normalizer==3.4.2
|
||||||
click==8.2.1
|
click==8.2.1
|
||||||
docutils==0.21.2
|
docutils==0.21.2
|
||||||
@@ -14,7 +14,7 @@ mdit-py-plugins==0.4.2
|
|||||||
mdurl==0.1.2
|
mdurl==0.1.2
|
||||||
myst-parser==4.0.1
|
myst-parser==4.0.1
|
||||||
packaging==25.0
|
packaging==25.0
|
||||||
Pygments==2.19.1
|
Pygments==2.19.2
|
||||||
PyYAML==6.0.2
|
PyYAML==6.0.2
|
||||||
requests==2.32.4
|
requests==2.32.4
|
||||||
setuptools==80.9.0
|
setuptools==80.9.0
|
||||||
|
17
inventory/host_vars/matrix.finallycoffee.eu/postgresql.yml
Normal file
17
inventory/host_vars/matrix.finallycoffee.eu/postgresql.yml
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
postgres_max_connections: 400
|
||||||
|
postgres_shared_buffers: 3145728 # (3072 MiB)
|
||||||
|
postgres_effective_cache_size: 8388608 # (8192 MiB)
|
||||||
|
postgres_container_shm_size: 1G
|
||||||
|
postgres_maintenance_work_mem: 786432 # (768 MiB)
|
||||||
|
postgres_wal_buffers: 16384 # (16 MiB)
|
||||||
|
postgres_random_page_cost: 1.3
|
||||||
|
postgres_work_mem: 4096
|
||||||
|
postgres_huge_pages: try
|
||||||
|
postgres_min_wal_size: 524288 # (512 MiB)
|
||||||
|
postgres_max_wal_size: 4194304 # (4GiB)
|
||||||
|
postgres_max_worker_processes: 8
|
||||||
|
postgres_max_parallel_workers: 8
|
||||||
|
postgres_max_parallel_workers_per_gather: 4
|
||||||
|
postgres_max_parallel_maintenance_workers: 4
|
||||||
|
|
386
inventory/host_vars/matrix.finallycoffee.eu/vars.yml
Normal file
386
inventory/host_vars/matrix.finallycoffee.eu/vars.yml
Normal file
@@ -0,0 +1,386 @@
|
|||||||
|
#
|
||||||
|
# General config
|
||||||
|
# Domain of the matrix server and SSL config
|
||||||
|
#
|
||||||
|
matrix_domain: finallycoffee.eu
|
||||||
|
|
||||||
|
matrix_playbook_reverse_proxy_type: playbook-managed-traefik
|
||||||
|
matrix_playbook_ssl_enabled: true
|
||||||
|
traefik_config_entrypoint_web_secure_enabled: false
|
||||||
|
traefik_container_web_host_bind_port: '127.0.10.1:8080'
|
||||||
|
traefik_config_entrypoint_web_forwardedHeaders_insecure: true
|
||||||
|
matrix_playbook_public_matrix_federation_api_traefik_entrypoint_host_bind_port: '127.0.10.2:8448'
|
||||||
|
matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_custom:
|
||||||
|
forwardedHeaders:
|
||||||
|
insecure: true
|
||||||
|
|
||||||
|
matrix_synapse_metrics_proxying_enabled: true
|
||||||
|
matrix_sliding_sync_enabled: true
|
||||||
|
|
||||||
|
matrix_base_data_path: "{{ vault_matrix_base_data_path }}"
|
||||||
|
matrix_server_fqn_element: "chat.{{ matrix_domain }}"
|
||||||
|
matrix_playbook_docker_installation_enabled: false
|
||||||
|
|
||||||
|
#matrix_dimension_scheme: https
|
||||||
|
|
||||||
|
devture_timesync_installation_enabled: false
|
||||||
|
matrix_homeserver_generic_secret_key: "{{ vault_homeserver_generic_secret_key }}"
|
||||||
|
devture_systemd_service_manager_up_verification_delay_seconds: 300
|
||||||
|
|
||||||
|
web_user: "web"
|
||||||
|
revproxy_autoload_dir: "/vault/services/web/sites.d"
|
||||||
|
postgres_dump_dir: /vault/temp
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# General Synapse config
|
||||||
|
#
|
||||||
|
postgres_connection_password: "{{ vault_matrix_postgres_connection_password }}"
|
||||||
|
# A secret used to protect access keys issued by the server.
|
||||||
|
# matrix_homeserver_generic_secret_key: "{{ vault_homeserver_generic_secret_key }}"
|
||||||
|
# Make synapse accept larger media aswell
|
||||||
|
matrix_synapse_max_upload_size_mb: 200
|
||||||
|
# Enable metrics at (default) :9100/_synapse/metrics
|
||||||
|
matrix_synapse_metrics_enabled: true
|
||||||
|
matrix_synapse_turn_shared_secret: "{{ vault_matrix_coturn_turn_static_auth_secret }}"
|
||||||
|
matrix_synapse_turn_uris:
|
||||||
|
- "turn:voip.matrix.finallycoffee.eu?transport=udp"
|
||||||
|
- "turn:voip.matrix.finallycoffee.eu?transport=tcp"
|
||||||
|
# Auto-join all users into those rooms
|
||||||
|
matrix_synapse_auto_join_rooms:
|
||||||
|
- "#welcome:finallycoffee.eu"
|
||||||
|
- "#announcements:finallycoffee.eu"
|
||||||
|
|
||||||
|
## Synapse rate limits
|
||||||
|
#matrix_synapse_rc_federation:
|
||||||
|
# window_size: 1000
|
||||||
|
# sleep_limit: 50
|
||||||
|
# sleep_delay: 500
|
||||||
|
# reject_limit: 50
|
||||||
|
# concurrent: 10
|
||||||
|
#matrix_synapse_rc_message:
|
||||||
|
# per_second: 0.5
|
||||||
|
# burst_count: 25
|
||||||
|
#matrix_synapse_rc_joins:
|
||||||
|
# local:
|
||||||
|
# per_second: 0.5
|
||||||
|
# burst_count: 20
|
||||||
|
# remote:
|
||||||
|
# per_second: 0.05
|
||||||
|
# burst_count: 20
|
||||||
|
#matrix_synapse_rc_joins_per_room:
|
||||||
|
# per_second: 1
|
||||||
|
# burst_count: 10
|
||||||
|
#matrix_synapse_rc_invites:
|
||||||
|
# per_room:
|
||||||
|
# per_second: 0.5
|
||||||
|
# burst_count: 10
|
||||||
|
# per_user:
|
||||||
|
# per_second: 0.006
|
||||||
|
# burst_count: 10
|
||||||
|
# per_issuer:
|
||||||
|
# per_second: 2
|
||||||
|
# burst_count: 20
|
||||||
|
|
||||||
|
## Synapse cache tuning
|
||||||
|
#matrix_synapse_caches_global_factor: 1.5
|
||||||
|
#matrix_synapse_event_cache_size: "300K"
|
||||||
|
|
||||||
|
## Synapse workers
|
||||||
|
matrix_synapse_workers_enabled: true
|
||||||
|
matrix_synapse_workers_preset: "little-federation-helper"
|
||||||
|
matrix_synapse_workers_generic_workers_count: 1
|
||||||
|
matrix_synapse_workers_media_repository_workers_count: 1
|
||||||
|
matrix_synapse_workers_federation_sender_workers_count: 1
|
||||||
|
matrix_synapse_workers_pusher_workers_count: 0
|
||||||
|
matrix_synapse_workers_appservice_workers_count: 1
|
||||||
|
|
||||||
|
# Static secret auth for matrix-synapse-shared-secret-auth
|
||||||
|
#matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true
|
||||||
|
#matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: "{{ vault_matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
|
||||||
|
#matrix_synapse_ext_password_provider_rest_auth_enabled: true
|
||||||
|
#matrix_synapse_ext_password_provider_rest_auth_endpoint: "http://matrix-ma1sd:8090"
|
||||||
|
#matrix_synapse_ext_password_provider_rest_auth_registration_enforce_lowercase: false
|
||||||
|
#matrix_synapse_ext_password_provider_rest_auth_registration_profile_name_autofill: true
|
||||||
|
#matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: false
|
||||||
|
|
||||||
|
matrix_synapse_configuration_extension_yaml: |
|
||||||
|
database:
|
||||||
|
args:
|
||||||
|
cp_min: 10
|
||||||
|
cp_max: 30
|
||||||
|
cp_reconnect: True
|
||||||
|
|
||||||
|
# caches:
|
||||||
|
# per_cache_factors:
|
||||||
|
# device_id_exists: 3
|
||||||
|
# get_users_in_room: 4
|
||||||
|
# _get_joined_users_from_context: 4
|
||||||
|
# _get_joined_profile_from_event_id: 3
|
||||||
|
# "*stateGroupMembersCache*": 2
|
||||||
|
# _matches_user_in_member_list: 3
|
||||||
|
# get_users_who_share_room_with_user: 3
|
||||||
|
# is_interested_in_room: 2
|
||||||
|
# get_user_by_id: 1.5
|
||||||
|
# room_push_rule_cache: 1.5
|
||||||
|
# expire_caches: true
|
||||||
|
# cache_entry_ttl: 45m
|
||||||
|
# sync_response_cache_duration: 2m
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# synapse-admin tool
|
||||||
|
#
|
||||||
|
#matrix_synapse_admin_enabled: true
|
||||||
|
#matrix_synapse_admin_container_http_host_bind_port: 8985
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# VoIP / CoTURN config
|
||||||
|
#
|
||||||
|
# A shared secret (between Synapse and Coturn) used for authentication.
|
||||||
|
matrix_coturn_turn_static_auth_secret: "{{ vault_matrix_coturn_turn_static_auth_secret }}"
|
||||||
|
# Disable coturn, as we use own instance
|
||||||
|
matrix_coturn_enabled: false
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# dimension (integration manager) config
|
||||||
|
#
|
||||||
|
matrix_dimension_enabled: false
|
||||||
|
#matrix_dimension_admins: "{{ vault_matrix_dimension_admins }}"
|
||||||
|
#matrix_server_fqn_dimension: "dimension.matrix.{{ matrix_domain }}"
|
||||||
|
#matrix_dimension_access_token: "{{ vault_matrix_dimension_access_token }}"
|
||||||
|
#matrix_dimension_configuration_extension_yaml: |
|
||||||
|
# telegram:
|
||||||
|
# botToken: "{{ vault_matrix_dimension_configuration_telegram_bot_token }}"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# mautrix-whatsapp config
|
||||||
|
#
|
||||||
|
matrix_mautrix_whatsapp_enabled: true
|
||||||
|
matrix_mautrix_whatsapp_bridge_personal_filtering_spaces: true
|
||||||
|
matrix_mautrix_whatsapp_bridge_enable_status_broadcast: false
|
||||||
|
matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port: 9402
|
||||||
|
matrix_mautrix_whatsapp_container_extra_arguments:
|
||||||
|
- "-p 127.0.0.1:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}"
|
||||||
|
matrix_mautrix_whatsapp_configuration_extension_yaml: |
|
||||||
|
bridge:
|
||||||
|
displayname_template: "{% raw %}{{.Name}} ({{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}}) (via WhatsApp){% endraw %}"
|
||||||
|
max_connection_attempts: 5
|
||||||
|
connection_timeout: 30
|
||||||
|
contact_wait_delay: 5
|
||||||
|
private_chat_portal_meta: true
|
||||||
|
login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
|
||||||
|
logging:
|
||||||
|
print_level: info
|
||||||
|
metrics:
|
||||||
|
enabled: true
|
||||||
|
listen: 0.0.0.0:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}
|
||||||
|
whatsapp:
|
||||||
|
os_name: Linux mautrix-whatsapp
|
||||||
|
browser_name: Chrome
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# mautrix-telegram config
|
||||||
|
#
|
||||||
|
matrix_mautrix_telegram_enabled: true
|
||||||
|
matrix_mautrix_telegram_api_id: "{{ vault_matrix_mautrix_telegram_api_id }}"
|
||||||
|
matrix_mautrix_telegram_api_hash: "{{ vault_matrix_mautrix_telegram_api_hash }}"
|
||||||
|
matrix_mautrix_telegram_public_endpoint: '/bridge/telegram'
|
||||||
|
matrix_mautrix_telegram_container_http_monitoring_host_bind_port: 9401
|
||||||
|
matrix_mautrix_telegram_container_http_host_bind_port_public: 8980
|
||||||
|
matrix_mautrix_telegram_container_extra_arguments:
|
||||||
|
- "-p 127.0.0.1:{{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}"
|
||||||
|
- "-p 127.0.0.1:{{ matrix_mautrix_telegram_container_http_host_bind_port_public }}:80"
|
||||||
|
matrix_mautrix_telegram_configuration_extension_yaml: |
|
||||||
|
bridge:
|
||||||
|
displayname_template: "{displayname} (via Telegram)"
|
||||||
|
parallel_file_transfer: false
|
||||||
|
inline_images: false
|
||||||
|
image_as_file_size: 20
|
||||||
|
delivery_receipts: true
|
||||||
|
login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
|
||||||
|
animated_sticker:
|
||||||
|
target: webm
|
||||||
|
encryption:
|
||||||
|
allow: true
|
||||||
|
default: true
|
||||||
|
permissions:
|
||||||
|
"@transcaffeine:finallycoffee.eu": "admin"
|
||||||
|
"boobies.software": "full"
|
||||||
|
logging:
|
||||||
|
root:
|
||||||
|
level: INFO
|
||||||
|
metrics:
|
||||||
|
enabled: true
|
||||||
|
listen_port: {{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}
|
||||||
|
# permissions: "{{ vault_matrix_mautrix_telegram_permission_map | from_yaml }}"
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# mautrix-signal config
|
||||||
|
#
|
||||||
|
matrix_mautrix_signal_enabled: true
|
||||||
|
matrix_mautrix_signal_container_http_monitoring_host_bind_port: 9408
|
||||||
|
matrix_mautrix_signal_container_extra_arguments:
|
||||||
|
- "-p 127.0.0.1:{{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}"
|
||||||
|
matrix_mautrix_signal_configuration_extension_yaml: |
|
||||||
|
bridge:
|
||||||
|
displayname_template: "{displayname} (via Signal)"
|
||||||
|
community_id: "+signal:finallycoffee.eu"
|
||||||
|
encryption:
|
||||||
|
allow: true
|
||||||
|
default: true
|
||||||
|
key_sharing:
|
||||||
|
allow: true
|
||||||
|
require_verification: false
|
||||||
|
delivery_receipts: true
|
||||||
|
permissions:
|
||||||
|
"@ilosai:fairydust.space": "user"
|
||||||
|
logging:
|
||||||
|
root:
|
||||||
|
level: INFO
|
||||||
|
metrics:
|
||||||
|
enabled: true
|
||||||
|
listen_port: {{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}
|
||||||
|
|
||||||
|
matrix_bridges_encryption_enabled: true
|
||||||
|
matrix_bridges_encryption_default: true
|
||||||
|
matrix_appservice_double_puppet_enabled: true
|
||||||
|
|
||||||
|
matrix_mautrix_slack_enabled: true
|
||||||
|
matrix_mautrix_slack_appservice_bot_username: slack
|
||||||
|
|
||||||
|
#
|
||||||
|
# mx-puppet-instagram configuration
|
||||||
|
#
|
||||||
|
matrix_mx_puppet_instagram_enabled: false
|
||||||
|
#matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port: 9403
|
||||||
|
#matrix_mx_puppet_instagram_container_extra_arguments:
|
||||||
|
# - "-p 127.0.0.1:{{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}"
|
||||||
|
#matrix_mx_puppet_instagram_configuration_extension_yaml: |
|
||||||
|
# bridge:
|
||||||
|
# enableGroupSync: true
|
||||||
|
# avatarUrl: mxc://finallycoffee.eu/acmiSAinuHDOULofFFeolTvr
|
||||||
|
# metrics:
|
||||||
|
# enabled: true
|
||||||
|
# port: {{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}
|
||||||
|
# path: /metrics
|
||||||
|
# presence:
|
||||||
|
# enabled: true
|
||||||
|
# interval: 3000
|
||||||
|
#
|
||||||
|
#
|
||||||
|
##
|
||||||
|
## mx-puppet-discord configuration
|
||||||
|
##
|
||||||
|
matrix_mx_puppet_discord_enabled: false
|
||||||
|
#matrix_mx_puppet_discord_client_id: "{{ vault_matrix_mx_puppet_discord_client_id }}"
|
||||||
|
#matrix_mx_puppet_discord_client_secret: "{{ vault_matrix_mx_puppet_discord_client_secret }}"
|
||||||
|
#matrix_mx_puppet_discord_container_http_monitoring_host_bind_port: 9404
|
||||||
|
#matrix_mx_puppet_discord_container_extra_arguments:
|
||||||
|
# - "-p 127.0.0.1:{{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}"
|
||||||
|
#matrix_mx_puppet_discord_configuration_extension_yaml: |
|
||||||
|
# bridge:
|
||||||
|
# enableGroupSync: true
|
||||||
|
# avatarUrl: mxc://finallycoffee.eu/BxcAAhjXmglMbtthStEHtCzd
|
||||||
|
# metrics:
|
||||||
|
# enabled: true
|
||||||
|
# port: {{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}
|
||||||
|
# path: /metrics
|
||||||
|
# limits:
|
||||||
|
# maxAutojoinUsers: 500
|
||||||
|
# roomUserAutojoinDelay: 50
|
||||||
|
# presence:
|
||||||
|
# enabled: true
|
||||||
|
# interval: 3000
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# mx-puppet-slack configuration
|
||||||
|
#
|
||||||
|
matrix_mx_puppet_slack_enabled: false
|
||||||
|
#matrix_mx_puppet_slack_client_id: "{{ vault_matrix_mx_puppet_slack_client_id }}"
|
||||||
|
#matrix_mx_puppet_slack_client_secret: "{{ vault_matrix_mx_puppet_slack_client_secret }}"
|
||||||
|
#matrix_mx_puppet_slack_oauth_redirect_path: '/bridge/slack/oauth'
|
||||||
|
#matrix_mx_puppet_slack_container_http_auth_host_bind_port: 8981
|
||||||
|
#matrix_mx_puppet_slack_container_http_monitoring_host_bind_port: 9406
|
||||||
|
#matrix_mx_puppet_slack_container_extra_arguments:
|
||||||
|
# - "-p 127.0.0.1:{{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}"
|
||||||
|
# - "-p 127.0.0.1:{{ matrix_mx_puppet_slack_container_http_auth_host_bind_port }}:8008"
|
||||||
|
#matrix_mx_puppet_slack_configuration_extension_yaml: |
|
||||||
|
# bridge:
|
||||||
|
# enableGroupSync: true
|
||||||
|
# metrics:
|
||||||
|
# enabled: true
|
||||||
|
# port: {{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}
|
||||||
|
# path: /metrics
|
||||||
|
# limits:
|
||||||
|
# maxAutojoinUsers: 500
|
||||||
|
# roomUserAutojoinDelay: 50
|
||||||
|
# presence:
|
||||||
|
# enabled: true
|
||||||
|
# interval: 3000
|
||||||
|
|
||||||
|
|
||||||
|
#
|
||||||
|
# Element web configuration
|
||||||
|
#
|
||||||
|
# Branding config
|
||||||
|
matrix_client_element_brand: "Chat"
|
||||||
|
matrix_client_element_default_theme: "dark"
|
||||||
|
matrix_client_element_themes_enabled: true
|
||||||
|
matrix_client_element_welcome_headline: "Welcome to chat.finallycoffee.eu"
|
||||||
|
matrix_client_element_welcome_text: |
|
||||||
|
Decentralised, encrypted chat & collaboration,<br />
|
||||||
|
hosted on finallycoffee.eu, powered by element.io &
|
||||||
|
<a href="https://matrix.org" target="_blank" rel="noreferrer noopener">
|
||||||
|
<img width="79" height="34" alt="[matrix]" style="padding-left: 1px;vertical-align: middle" src="welcome/images/matrix.svg" />
|
||||||
|
</a>
|
||||||
|
matrix_client_element_welcome_logo: "welcome/images/logo.png"
|
||||||
|
matrix_client_element_welcome_logo_link: "https://{{ matrix_domain }}"
|
||||||
|
matrix_client_element_branding_auth_header_logo_url: "welcome/images/logo.png"
|
||||||
|
matrix_client_element_branding_welcome_background_url: "welcome/images/background.jpg"
|
||||||
|
matrix_client_element_container_extra_arguments:
|
||||||
|
- "-v {{ matrix_client_element_data_path }}/background.jpg:/app/{{ matrix_client_element_branding_welcome_background_url }}:ro"
|
||||||
|
- "-v {{ matrix_client_element_data_path }}/logo.png:/app/{{ matrix_client_element_branding_auth_header_logo_url }}:ro"
|
||||||
|
# Integration and capabilites config
|
||||||
|
matrix_client_element_integrations_ui_url: "https://{{ matrix_server_fqn_dimension }}/element"
|
||||||
|
matrix_client_element_integrations_rest_url: "https://{{ matrix_server_fqn_dimension }}/api/v1/scalar"
|
||||||
|
matrix_client_element_integrations_widgets_urls:
|
||||||
|
- "https://{{ matrix_server_fqn_dimension }}/widgets"
|
||||||
|
- "https://scalar.vector.im/api"
|
||||||
|
matrix_client_element_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_dimension }}/widgets/jitsi"
|
||||||
|
matrix_client_element_disable_custom_urls: false
|
||||||
|
matrix_client_element_room_directory_servers:
|
||||||
|
- "matrix.org"
|
||||||
|
- "finallycoffee.eu"
|
||||||
|
matrix_client_element_enable_presence_by_hs_url:
|
||||||
|
https://matrix.org: false
|
||||||
|
|
||||||
|
|
||||||
|
# Matrix ma1sd extended configuration
|
||||||
|
#matrix_ma1sd_configuration_extension_yaml: |
|
||||||
|
# hashing:
|
||||||
|
# enabled: true
|
||||||
|
# pepperLength: 20
|
||||||
|
# rotationPolicy: per_requests
|
||||||
|
# requests: 10
|
||||||
|
# hashStorageType: sql
|
||||||
|
# algorithms:
|
||||||
|
# - none
|
||||||
|
# - sha256
|
||||||
|
|
||||||
|
|
||||||
|
# Matrix mail notification relay setup
|
||||||
|
exim_relay_enabled: true
|
||||||
|
exim_relay_sender_address: "system-matrix@{{ matrix_domain }}"
|
||||||
|
exim_relay_relay_use: true
|
||||||
|
exim_relay_relay_host_name: "{{ vault_matrix_mailer_relay_host_name }}"
|
||||||
|
exim_relay_relay_host_port: 587
|
||||||
|
exim_relay_relay_auth: true
|
||||||
|
exim_relay_relay_auth_username: "{{ vault_matrix_mailer_relay_auth_username }}"
|
||||||
|
exim_relay_relay_auth_password: "{{ vault_matrix_mailer_relay_auth_password }}"
|
105
inventory/host_vars/matrix.finallycoffee.eu/vault.yml
Normal file
105
inventory/host_vars/matrix.finallycoffee.eu/vault.yml
Normal file
@@ -0,0 +1,105 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
61626165616330663863393762663031623164636666346339343636363035663463636135656533
|
||||||
|
3338383762633130346536613334626164306464333835380a353264386431326437616234393165
|
||||||
|
61323266623432353731373634353339393936643130346434346530336563326533386331646533
|
||||||
|
3030663037666664360a346636343966663733663836633736316630663230613137663166336336
|
||||||
|
62383131343934353635633261323036613231646439626162306238313132316664653237653533
|
||||||
|
34376464633335626133376138343139653561613232333133393535393137653964633561313761
|
||||||
|
62653632663432313936336231613832626362343737383863343562636437646439666638383733
|
||||||
|
63313538616430393536356534303164633332653538643264353834393465373538643963343039
|
||||||
|
31366661636263353936363931343938323563626538303133366263363533393564386466666361
|
||||||
|
38666264643931336563633663663538616431313231336364653631383261326537336162313837
|
||||||
|
32373730343538653862326636303264353737353139663161393762383138393531363264633531
|
||||||
|
32383661396537636635666665316630663032333932393131336235663938623932383230343830
|
||||||
|
31613563656663343830353438396535663864306531333239623738653838633331386465353466
|
||||||
|
37366363643334623165373562363465636161396437333966303864663033636665623564613565
|
||||||
|
39643635333636363132633462386536393634303838343835363633626162363236653839376230
|
||||||
|
34666430363933336335323330386339656339356637653931643565303166303436333562333361
|
||||||
|
38633838636337316137343564613338346239663933356130396562306164376430363233373632
|
||||||
|
66303430303034353262343565373139333535636231623062633537653636376136656138623637
|
||||||
|
34396562376233643234643436323433336436393163363935643033643833386631633762343162
|
||||||
|
33633136316635326532343430383437366139333830373731636265386234356164393066333663
|
||||||
|
37663934633437653364356231383934313132343162323436373339393964656336646164333533
|
||||||
|
37626336616565323237633736653433316238366261303465343466643363303131376665346231
|
||||||
|
62623133336561313732393837323330643138663830353662366139373366383436323530333732
|
||||||
|
38623633666537643038636163303164653866343934616236343733386533663936303637326462
|
||||||
|
63633137626632613736313333643363373963306161353431396261646635383930366166363135
|
||||||
|
66353962643638616635376137346439383339303236323761366439306638623762343966623035
|
||||||
|
30323435396533633238313962306366343362393339616131393839653565666666313833313433
|
||||||
|
66386362353061323465666563616230336565663339646162623634643330646239343934373636
|
||||||
|
33363061316637613266373831376133303337616639643239393835636138323266613134633633
|
||||||
|
65356634636562313961643865353334306131333030373566666535373039343337613964306465
|
||||||
|
32393163666232383266363763336132653765316162663961653933633832626533646537376136
|
||||||
|
64613133373135616531343837616264656461313963646565656465656165303534343834663734
|
||||||
|
62313865366634656265613264623234653165633839323030643333643139323531643637393439
|
||||||
|
61656561303732663834336334643765616234373063306236303538646663316131663933323236
|
||||||
|
63396263663034613832653361383061336132663032646133323931386562653661346264363439
|
||||||
|
35636463613635316239363061363836623564303933373964363365626133373039643264666530
|
||||||
|
30343165366365333339366639353033666634613162363164333433633563613461666532323566
|
||||||
|
63303836353331326439646139653738633866356463303264623166306262393766346338373537
|
||||||
|
62373865303264633663666333323135343530323434383835393763363739636135646538336364
|
||||||
|
33376438636264393635383163353431336463396263333239626566653262373434316532343633
|
||||||
|
61363061623430636462393135316564636536633963393338383334643134366232396564316635
|
||||||
|
31373963633164653235643665653863303831663065383433363036633962633462393839363235
|
||||||
|
36323562323634643639643561636261643136313633656236656566353539343063386162383234
|
||||||
|
38653461633561353639336531353333393262633065386539353031386332343739656261653238
|
||||||
|
31326434386130336465613233663563323035666631303137313665336566363134306638663265
|
||||||
|
62353430353934633965316636643566653235366230323139656539646539626236616138313362
|
||||||
|
31643437366563383164306331303662356562616366366237613633666534623765323034396534
|
||||||
|
38326537376265343065313738316433353266633539313134323735383864623663323662633662
|
||||||
|
65613862623766343736343031636238356161343036363566646635643334373030386434646135
|
||||||
|
64336263356663376564333935623135396231623165326437393563333361356435346634616665
|
||||||
|
66376231666633643936323264323565346637343538366138616631383964376632613437323163
|
||||||
|
30366537326533363939643237376538366230313263623139323662396633343239343066313564
|
||||||
|
63356533373338653030313038653137666434323737323763623136666530313035356634666633
|
||||||
|
35643530333632633664643361633964666432336631636561343739646266653634353963323534
|
||||||
|
35663731616539646332393837633566393734643033623937316661653839663937303666376339
|
||||||
|
65653036373565323435636637373231316265393231333734356462356635346531366530316262
|
||||||
|
37643632346164366561353236373633623464643536373361666263303739356335333934313537
|
||||||
|
31373035633333313065613162346133663736313265376230393135353431343765306539633032
|
||||||
|
63353338656231376666613138353235613362643334653537353237653139396533363630303033
|
||||||
|
36363039613232666266333535343466336263663762623865376532326262666332303361356266
|
||||||
|
65646337323037383564666639363636333135323265633932333264346363326466343234653936
|
||||||
|
65656535343663356562613064323138656338633064633462313864616665653230626638373939
|
||||||
|
61623862386364396335323836396664653731633365623936383435383330643038386665653238
|
||||||
|
62643961626464313666343431303064303338396135643432383730613161336435306262653132
|
||||||
|
38373432393564333562363761386239343366343465386638643737663561633837303734333835
|
||||||
|
66366465633164346365356637313534376136303630666432613664363030323336316639393339
|
||||||
|
61383565316432383633383832363439316366373536336639643961333663303631633464633238
|
||||||
|
31396331386163386261393565346266636436386465326639326363663930666665306637393263
|
||||||
|
65363763336561316566363164626466643637343731666530386432343431653634353336376461
|
||||||
|
33366233366533656334666138346661323463633133303933626163343666623761613961346231
|
||||||
|
35383232306336386665313264393933646631656333613138353532666133366339656564353865
|
||||||
|
35353330393131366137663466333363653866323936353734306361633163626537363561346332
|
||||||
|
65363231623766666638383661323964633034366261633035303861383135383235656465373738
|
||||||
|
66373762626130356633626436366533626633353836346239666333353262656665636330626561
|
||||||
|
66613165313137373766623464646330643662393033396266643662653136393233336265353430
|
||||||
|
38376130663634333133353763383264623133373230323938316638323864643430386633376564
|
||||||
|
65356264623766666637353866326638613435663830623063343439373030663663623432393863
|
||||||
|
33343134626465313230646239646537653938613938633736346235323438393237363639373932
|
||||||
|
61376231386265366132333965333133343737623066383534666633396635356537623432623132
|
||||||
|
62656431323033633265626265613736383435376132613532333037613834313130626361373533
|
||||||
|
39653361323366636335343865343737346264636433386332666332376662343634356630316135
|
||||||
|
30366163333561353338663666363738313732303031333637636266623530623261306335616233
|
||||||
|
31346436346663643464626134313338346439323838343663613135663834666632653866346431
|
||||||
|
64376566343963346664366363353636636231386530363961333131383133323163396265313563
|
||||||
|
35393534343664336237336231313831333739633662306636373338663434613231306538343865
|
||||||
|
61613063306432623932616534363865333639396232383562396161383539363336303463323731
|
||||||
|
63313239666538306239663864653839616132363662336331636262353061663136386331306131
|
||||||
|
66336361396239383638623463663635613364366433343739356331633330633561653038633530
|
||||||
|
38303832363663656432396636613134613965373639353731366138323435326135626339353263
|
||||||
|
39313032333966376135653664623666626233613530646534636362646237303465653931666563
|
||||||
|
65343936623462633162343334643335623834323364646362633232346237306337303430616363
|
||||||
|
61633930343132303962653432636230343331343332616434323035633963623138653737306566
|
||||||
|
34353135623134626237653165663738633435656439393234643432353535646439313638653664
|
||||||
|
39326437393166633937663261336330656266303431383437626163623163303133323139313563
|
||||||
|
39383664633739373664653131326665306533633162373535396464663637653662336237656161
|
||||||
|
39633138383166316437313237303733336365343066366462643165643865653039343037633263
|
||||||
|
61613730393666636530633231396165363033313161663463323861663262383234643236643038
|
||||||
|
61633138323664613061663538383333323566393262303633623136613166636361306562356163
|
||||||
|
66363033373262396461316438643238396633353962616362623363303035353765393164616230
|
||||||
|
35303664616539363639373830623337396239626539613761613839363638326664306465313762
|
||||||
|
34646634326338306430653065343231366430666534306331336532346535663737633639363834
|
||||||
|
34623539616339363535633365306230663264626234363637366436353833663136303032623338
|
||||||
|
32633761333165393231303165393234643363313839373339666433666130313035643836626531
|
||||||
|
63356638666264333163
|
24
inventory/hosts
Normal file
24
inventory/hosts
Normal file
@@ -0,0 +1,24 @@
|
|||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
37366366376266633033656235333633346134336666323465356666353363323130366365393534
|
||||||
|
3365373534643965613139656465323663393862336163640a623663366631323035346632353030
|
||||||
|
37396264356137336535363663323935646464333138653035623562346438643139323439366132
|
||||||
|
3364356364353738660a616638393635333938373838316631396536386134333831613831343732
|
||||||
|
39333066363566643864343661646633326134633039316636306332303063366665373638353735
|
||||||
|
34386339633566663038613538316233306238383734623363623666346261336562663039373264
|
||||||
|
31313061616432643761633139643039636164613136643264663131666166646531366335346164
|
||||||
|
34303339393334616434633736383763653035386333363137336431363034653263306261646661
|
||||||
|
37323563373436333736633836666563646162303232393932346430373039346431356166393930
|
||||||
|
37616639333038653936633163323139396666303638663039623633633832333737633764643863
|
||||||
|
61383763613865323061636662663837656339373335643066333964393362303766366533303332
|
||||||
|
63646335356639366130393530373936636330633132356639626531303839656166346263613733
|
||||||
|
31333362316537323934306434393630656161353465636434303538643835396361613563663437
|
||||||
|
34383765626235356530396433643037306233663263623664636163326132316237386231323165
|
||||||
|
65643235356434626161396136303563633836313961343664653339623862633338313963333237
|
||||||
|
63663961636661383634343532356234626531373938313164373561386139366338393066623036
|
||||||
|
36633137623361626161313961386630623635323336353036623165316632353333383162623531
|
||||||
|
61353138613030343636326166303762656264643834396330313563616439323265333039323566
|
||||||
|
64356538346662613836356462613536656636373065643734346166353466363266353939393535
|
||||||
|
66333739623735656463373530646663303535643562363534306438323135353763303363376135
|
||||||
|
37653566306461396563333135633235626130313231636165383438376237383663373939353637
|
||||||
|
30366661303131333438376363366131613361326635366264363064633034376230353137663030
|
||||||
|
346238306532363635623732396366633538
|
11
requirements.txt
Normal file
11
requirements.txt
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
ansible==11.3.0
|
||||||
|
ansible-core==2.18.3
|
||||||
|
cffi==1.17.1
|
||||||
|
cryptography==44.0.2
|
||||||
|
Jinja2==3.1.6
|
||||||
|
MarkupSafe==3.0.2
|
||||||
|
packaging==24.2
|
||||||
|
passlib==1.7.4
|
||||||
|
pycparser==2.22
|
||||||
|
PyYAML==6.0.2
|
||||||
|
resolvelib==1.0.1
|
@@ -7,7 +7,7 @@
|
|||||||
version: v1.4.1-1.9.14-0
|
version: v1.4.1-1.9.14-0
|
||||||
name: backup_borg
|
name: backup_borg
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
|
||||||
version: v0.3.0-4
|
version: v0.3.0-6
|
||||||
name: container_socket_proxy
|
name: container_socket_proxy
|
||||||
- src: git+https://github.com/geerlingguy/ansible-role-docker
|
- src: git+https://github.com/geerlingguy/ansible-role-docker
|
||||||
version: 7.4.7
|
version: 7.4.7
|
||||||
@@ -16,22 +16,22 @@
|
|||||||
version: 129c8590e106b83e6f4c259649a613c6279e937a
|
version: 129c8590e106b83e6f4c259649a613c6279e937a
|
||||||
name: docker_sdk_for_python
|
name: docker_sdk_for_python
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
|
||||||
version: v2.3.0-0
|
version: v2.3.2-0
|
||||||
name: etherpad
|
name: etherpad
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
|
||||||
version: v4.98.1-r0-2-0
|
version: v4.98.1-r0-2-0
|
||||||
name: exim_relay
|
name: exim_relay
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git
|
||||||
version: v11.6.3-0
|
version: v11.6.3-1
|
||||||
name: grafana
|
name: grafana
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
|
||||||
version: v10314-0
|
version: v10314-1
|
||||||
name: jitsi
|
name: jitsi
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
|
||||||
version: v1.9.0-0
|
version: v1.9.0-2
|
||||||
name: livekit_server
|
name: livekit_server
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
|
||||||
version: v2.11.0-5
|
version: v2.13.0-0
|
||||||
name: ntfy
|
name: ntfy
|
||||||
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
|
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
|
||||||
version: 201c939eed363de269a83ba29784fc3244846048
|
version: 201c939eed363de269a83ba29784fc3244846048
|
||||||
@@ -43,19 +43,19 @@
|
|||||||
version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
|
version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
|
||||||
name: playbook_state_preserver
|
name: playbook_state_preserver
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git
|
||||||
version: v17.4-0
|
version: v17.5-0
|
||||||
name: postgres
|
name: postgres
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git
|
||||||
version: v17-3
|
version: v17-5
|
||||||
name: postgres_backup
|
name: postgres_backup
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
|
||||||
version: v3.4.1-0
|
version: v3.4.2-1
|
||||||
name: prometheus
|
name: prometheus
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
|
||||||
version: v1.9.1-3
|
version: v1.9.1-9
|
||||||
name: prometheus_node_exporter
|
name: prometheus_node_exporter
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
|
||||||
version: v0.17.1-1
|
version: v0.17.1-6
|
||||||
name: prometheus_postgres_exporter
|
name: prometheus_postgres_exporter
|
||||||
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
|
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
|
||||||
version: v1.4.0-0
|
version: v1.4.0-0
|
||||||
@@ -67,11 +67,11 @@
|
|||||||
version: v1.0.0-0
|
version: v1.0.0-0
|
||||||
name: timesync
|
name: timesync
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
|
||||||
version: v3.4.1-1
|
version: v3.4.4-1
|
||||||
name: traefik
|
name: traefik
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
|
||||||
version: v2.10.0-0
|
version: v2.10.0-1
|
||||||
name: traefik_certs_dumper
|
name: traefik_certs_dumper
|
||||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-valkey.git
|
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-valkey.git
|
||||||
version: v8.1.2-0
|
version: v8.1.3-0
|
||||||
name: valkey
|
name: valkey
|
||||||
|
@@ -11,7 +11,7 @@
|
|||||||
matrix_alertmanager_receiver_enabled: true
|
matrix_alertmanager_receiver_enabled: true
|
||||||
|
|
||||||
# renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
|
# renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
|
||||||
matrix_alertmanager_receiver_version: 2025.5.21
|
matrix_alertmanager_receiver_version: 2025.7.2
|
||||||
|
|
||||||
matrix_alertmanager_receiver_scheme: https
|
matrix_alertmanager_receiver_scheme: https
|
||||||
|
|
||||||
|
@@ -12,7 +12,7 @@
|
|||||||
matrix_appservice_draupnir_for_all_enabled: true
|
matrix_appservice_draupnir_for_all_enabled: true
|
||||||
|
|
||||||
# renovate: datasource=docker depName=gnuxie/draupnir
|
# renovate: datasource=docker depName=gnuxie/draupnir
|
||||||
matrix_appservice_draupnir_for_all_version: "v2.3.1"
|
matrix_appservice_draupnir_for_all_version: "v2.5.0"
|
||||||
|
|
||||||
matrix_appservice_draupnir_for_all_container_image_self_build: false
|
matrix_appservice_draupnir_for_all_container_image_self_build: false
|
||||||
matrix_appservice_draupnir_for_all_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"
|
matrix_appservice_draupnir_for_all_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"
|
||||||
|
@@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
|
|||||||
matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
|
matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
|
||||||
|
|
||||||
# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
|
# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
|
||||||
matrix_authentication_service_version: 0.17.1
|
matrix_authentication_service_version: 0.18.0
|
||||||
matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
|
matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
|
||||||
matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
|
matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
|
||||||
matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
|
matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
|
||||||
|
@@ -5,6 +5,6 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- name: Ensure fuse installed (RedHat)
|
- name: Ensure fuse installed (RedHat)
|
||||||
ansible.builtin.yum:
|
ansible.builtin.package:
|
||||||
name: fuse
|
name: fuse
|
||||||
state: present
|
state: present
|
||||||
|
@@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
|
|||||||
matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
|
matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
|
||||||
|
|
||||||
# renovate: datasource=docker depName=ghcr.io/etkecc/baibot
|
# renovate: datasource=docker depName=ghcr.io/etkecc/baibot
|
||||||
matrix_bot_baibot_version: v1.7.4
|
matrix_bot_baibot_version: v1.7.6
|
||||||
matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
|
matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
|
||||||
matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
|
matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
|
||||||
matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
|
matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
|
||||||
|
@@ -12,7 +12,7 @@
|
|||||||
matrix_bot_draupnir_enabled: true
|
matrix_bot_draupnir_enabled: true
|
||||||
|
|
||||||
# renovate: datasource=docker depName=gnuxie/draupnir
|
# renovate: datasource=docker depName=gnuxie/draupnir
|
||||||
matrix_bot_draupnir_version: "v2.3.1"
|
matrix_bot_draupnir_version: "v2.5.0"
|
||||||
|
|
||||||
matrix_bot_draupnir_container_image_self_build: false
|
matrix_bot_draupnir_container_image_self_build: false
|
||||||
matrix_bot_draupnir_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"
|
matrix_bot_draupnir_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"
|
||||||
@@ -148,17 +148,14 @@ matrix_bot_draupnir_synapse_http_antispam_config_base_url: "{{ matrix_bot_draupn
|
|||||||
# Therefore the module is configured from Draupnir because the consumer of the module determines what settings are relevant.
|
# Therefore the module is configured from Draupnir because the consumer of the module determines what settings are relevant.
|
||||||
|
|
||||||
matrix_bot_draupnir_synapse_http_antispam_config_enabled_callbacks:
|
matrix_bot_draupnir_synapse_http_antispam_config_enabled_callbacks:
|
||||||
- check_event_for_spam
|
|
||||||
- user_may_invite
|
- user_may_invite
|
||||||
- user_may_join_room
|
- user_may_join_room
|
||||||
|
|
||||||
matrix_bot_draupnir_synapse_http_antispam_config_fail_open:
|
matrix_bot_draupnir_synapse_http_antispam_config_fail_open:
|
||||||
check_event_for_spam: true
|
|
||||||
user_may_invite: true
|
user_may_invite: true
|
||||||
user_may_join_room: true
|
user_may_join_room: true
|
||||||
|
|
||||||
matrix_bot_draupnir_synapse_http_antispam_config_async:
|
matrix_bot_draupnir_synapse_http_antispam_config_async: {}
|
||||||
check_event_for_spam: true
|
|
||||||
|
|
||||||
# Default configuration template which covers the generic use case.
|
# Default configuration template which covers the generic use case.
|
||||||
# You can customize it by controlling the various variables inside it.
|
# You can customize it by controlling the various variables inside it.
|
||||||
|
@@ -36,6 +36,11 @@ matrix_mautrix_bluesky_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
|
|||||||
# A public address that external services can use to reach this appservice.
|
# A public address that external services can use to reach this appservice.
|
||||||
matrix_mautrix_bluesky_appservice_public_address: ''
|
matrix_mautrix_bluesky_appservice_public_address: ''
|
||||||
|
|
||||||
|
# Displayname template for Bluesky users.
|
||||||
|
# {{ .DisplayName }} is replaced with the display name of the Bluesky user.
|
||||||
|
# {{ .Username }} is replaced with the username of the Bluesky user.
|
||||||
|
matrix_mautrix_bluesky_network_displayname_template: "{% raw %}{{ .DisplayName }}{% endraw %} (Bluesky)"
|
||||||
|
|
||||||
matrix_mautrix_bluesky_bridge_command_prefix: "!bs"
|
matrix_mautrix_bluesky_bridge_command_prefix: "!bs"
|
||||||
|
|
||||||
matrix_mautrix_bluesky_bridge_permissions: |
|
matrix_mautrix_bluesky_bridge_permissions: |
|
||||||
|
@@ -11,7 +11,7 @@ network:
|
|||||||
# {{ .DisplayName }} is replaced with the display name of the Bluesky user.
|
# {{ .DisplayName }} is replaced with the display name of the Bluesky user.
|
||||||
# {{ .Username }} is replaced with the username of the Bluesky user.
|
# {{ .Username }} is replaced with the username of the Bluesky user.
|
||||||
# {% endraw %}
|
# {% endraw %}
|
||||||
displayname_template: "{% raw %}{{ .DisplayName }}{% endraw %} (Bluesky)"
|
displayname_template: {{ matrix_mautrix_bluesky_network_displayname_template | to_json }}
|
||||||
|
|
||||||
# Maximum number of conversations to sync on startup
|
# Maximum number of conversations to sync on startup
|
||||||
conversation_sync_limit: 20
|
conversation_sync_limit: 20
|
||||||
|
@@ -48,6 +48,14 @@ matrix_mautrix_signal_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
|
|||||||
|
|
||||||
matrix_mautrix_signal_command_prefix: "!signal"
|
matrix_mautrix_signal_command_prefix: "!signal"
|
||||||
|
|
||||||
|
# Displayname template for Signal users.
|
||||||
|
# {{.ProfileName}} - The Signal profile name set by the user.
|
||||||
|
# {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances.
|
||||||
|
# {{.PhoneNumber}} - The phone number of the user.
|
||||||
|
# {{.UUID}} - The UUID of the Signal user.
|
||||||
|
# {{.AboutEmoji}} - The emoji set by the user in their profile.
|
||||||
|
matrix_mautrix_signal_network_displayname_template: "{% raw %}{{or .ProfileName .PhoneNumber 'Unknown user'}} (Signal){% endraw %}"
|
||||||
|
|
||||||
matrix_mautrix_signal_bridge_permissions: |
|
matrix_mautrix_signal_bridge_permissions: |
|
||||||
{{
|
{{
|
||||||
{'*': 'relay', matrix_mautrix_signal_homeserver_domain: 'user'}
|
{'*': 'relay', matrix_mautrix_signal_homeserver_domain: 'user'}
|
||||||
|
@@ -9,7 +9,7 @@ network:
|
|||||||
# {{.UUID}} - The UUID of the Signal user.
|
# {{.UUID}} - The UUID of the Signal user.
|
||||||
# {{.AboutEmoji}} - The emoji set by the user in their profile.
|
# {{.AboutEmoji}} - The emoji set by the user in their profile.
|
||||||
# {% endraw %}
|
# {% endraw %}
|
||||||
displayname_template: "{% raw %}{{or .ProfileName .PhoneNumber 'Unknown user'}} (Signal){% endraw %}"
|
displayname_template: {{ matrix_mautrix_signal_network_displayname_template | to_json }}
|
||||||
# Should avatars from the user's contact list be used? This is not safe on multi-user instances.
|
# Should avatars from the user's contact list be used? This is not safe on multi-user instances.
|
||||||
use_contact_avatars: false
|
use_contact_avatars: false
|
||||||
# Should the bridge request the user's contact list from the phone on startup?
|
# Should the bridge request the user's contact list from the phone on startup?
|
||||||
|
@@ -36,6 +36,27 @@ matrix_mautrix_slack_appservice_address: "http://matrix-mautrix-slack:8080"
|
|||||||
|
|
||||||
matrix_mautrix_slack_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
|
matrix_mautrix_slack_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
|
||||||
|
|
||||||
|
# Displayname template for Slack users. Available variables:
|
||||||
|
# .Name - The username of the user
|
||||||
|
# .Team.Name - The name of the team the channel is in
|
||||||
|
# .Team.Domain - The Slack subdomain of the team the channel is in
|
||||||
|
# .ID - The internal ID of the user
|
||||||
|
# .IsBot - Whether the user is a bot
|
||||||
|
# .Profile.DisplayName - The username or real name of the user (depending on settings)
|
||||||
|
# Variables only available for users (not bots):
|
||||||
|
# .TeamID - The internal ID of the workspace the user is in
|
||||||
|
# .TZ - The timezone region of the user (e.g. Europe/London)
|
||||||
|
# .TZLabel - The label of the timezone of the user (e.g. Greenwich Mean Time)
|
||||||
|
# .TZOffset - The UTC offset of the timezone of the user (e.g. 0)
|
||||||
|
# .Profile.RealName - The real name of the user
|
||||||
|
# .Profile.FirstName - The first name of the user
|
||||||
|
# .Profile.LastName - The last name of the user
|
||||||
|
# .Profile.Title - The job title of the user
|
||||||
|
# .Profile.Pronouns - The pronouns of the user
|
||||||
|
# .Profile.Email - The email address of the user
|
||||||
|
# .Profile.Phone - The formatted phone number of the user
|
||||||
|
matrix_mautrix_slack_network_displayname_template: '{% raw %}{{or .Profile.DisplayName .Profile.RealName .Name}}{{if .IsBot}} (bot){{end}}{% endraw %}'
|
||||||
|
|
||||||
matrix_mautrix_slack_command_prefix: "!slack"
|
matrix_mautrix_slack_command_prefix: "!slack"
|
||||||
|
|
||||||
matrix_mautrix_slack_bridge_permissions: |
|
matrix_mautrix_slack_bridge_permissions: |
|
||||||
@@ -168,3 +189,12 @@ matrix_mautrix_slack_bridge_encryption_pickle_key: maunium.net/go/mautrix-whatsa
|
|||||||
|
|
||||||
matrix_mautrix_slack_provisioning_shared_secret: ''
|
matrix_mautrix_slack_provisioning_shared_secret: ''
|
||||||
matrix_mautrix_slack_public_media_signing_key: ''
|
matrix_mautrix_slack_public_media_signing_key: ''
|
||||||
|
|
||||||
|
# Controls whether relay mode is enabled
|
||||||
|
matrix_mautrix_slack_bridge_relay_enabled: false
|
||||||
|
|
||||||
|
# Controls whether only admins can set themselves as relay users
|
||||||
|
matrix_mautrix_slack_bridge_relay_admin_only: true
|
||||||
|
|
||||||
|
# List of user login IDs which anyone can set as a relay, as long as the relay user is in the room
|
||||||
|
matrix_mautrix_slack_bridge_relay_default_relays: []
|
||||||
|
@@ -20,7 +20,7 @@ network:
|
|||||||
# .Profile.Pronouns - The pronouns of the user
|
# .Profile.Pronouns - The pronouns of the user
|
||||||
# .Profile.Email - The email address of the user
|
# .Profile.Email - The email address of the user
|
||||||
# .Profile.Phone - The formatted phone number of the user
|
# .Profile.Phone - The formatted phone number of the user
|
||||||
displayname_template: '{% raw %}{{or .Profile.DisplayName .Profile.RealName .Name}}{{if .IsBot}} (bot){{end}}{% endraw %}'
|
displayname_template: {{ matrix_mautrix_slack_network_displayname_template | to_json }}
|
||||||
# Channel name template for Slack channels (all types). Available variables:
|
# Channel name template for Slack channels (all types). Available variables:
|
||||||
# .Name - The name of the channel
|
# .Name - The name of the channel
|
||||||
# .Team.Name - The name of the team the channel is in
|
# .Team.Name - The name of the team the channel is in
|
||||||
@@ -113,12 +113,12 @@ bridge:
|
|||||||
relay:
|
relay:
|
||||||
# Whether relay mode should be allowed. If allowed, the set-relay command can be used to turn any
|
# Whether relay mode should be allowed. If allowed, the set-relay command can be used to turn any
|
||||||
# authenticated user into a relaybot for that chat.
|
# authenticated user into a relaybot for that chat.
|
||||||
enabled: false
|
enabled: {{ matrix_mautrix_slack_bridge_relay_enabled | to_json }}
|
||||||
# Should only admins be allowed to set themselves as relay users?
|
# Should only admins be allowed to set themselves as relay users?
|
||||||
# If true, non-admins can only set users listed in default_relays as relays in a room.
|
# If true, non-admins can only set users listed in default_relays as relays in a room.
|
||||||
admin_only: true
|
admin_only: {{ matrix_mautrix_slack_bridge_relay_admin_only | to_json }}
|
||||||
# List of user login IDs which anyone can set as a relay, as long as the relay user is in the room.
|
# List of user login IDs which anyone can set as a relay, as long as the relay user is in the room.
|
||||||
default_relays: []
|
default_relays: {{ matrix_mautrix_slack_bridge_relay_default_relays | to_json }}
|
||||||
# The formats to use when sending messages via the relaybot.
|
# The formats to use when sending messages via the relaybot.
|
||||||
# Available variables:
|
# Available variables:
|
||||||
# .Sender.UserID - The Matrix user ID of the sender.
|
# .Sender.UserID - The Matrix user ID of the sender.
|
||||||
|
@@ -223,6 +223,8 @@ matrix_mautrix_telegram_configuration_extension: "{{ matrix_mautrix_telegram_con
|
|||||||
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_telegram_configuration_yaml`.
|
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_telegram_configuration_yaml`.
|
||||||
matrix_mautrix_telegram_configuration: "{{ matrix_mautrix_telegram_configuration_yaml | from_yaml | combine(matrix_mautrix_telegram_configuration_extension, recursive=True) }}"
|
matrix_mautrix_telegram_configuration: "{{ matrix_mautrix_telegram_configuration_yaml | from_yaml | combine(matrix_mautrix_telegram_configuration_extension, recursive=True) }}"
|
||||||
|
|
||||||
|
matrix_mautrix_telegram_sender_localpart: "telegrambot"
|
||||||
|
|
||||||
matrix_mautrix_telegram_registration_yaml: |
|
matrix_mautrix_telegram_registration_yaml: |
|
||||||
id: telegram
|
id: telegram
|
||||||
as_token: "{{ matrix_mautrix_telegram_appservice_token }}"
|
as_token: "{{ matrix_mautrix_telegram_appservice_token }}"
|
||||||
|
@@ -44,6 +44,11 @@ matrix_mautrix_twitter_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
|
|||||||
# A public address that external services can use to reach this appservice.
|
# A public address that external services can use to reach this appservice.
|
||||||
matrix_mautrix_twitter_appservice_public_address: ''
|
matrix_mautrix_twitter_appservice_public_address: ''
|
||||||
|
|
||||||
|
# Displayname template for Twitter users.
|
||||||
|
# {{ .DisplayName }} is replaced with the display name of the Twitter user.
|
||||||
|
# {{ .Username }} is replaced with the username of the Twitter user.
|
||||||
|
matrix_mautrix_twitter_network_displayname_template: "{% raw %}{{ .DisplayName }}{% endraw %} (Twitter)"
|
||||||
|
|
||||||
matrix_mautrix_twitter_bridge_command_prefix: "!tw"
|
matrix_mautrix_twitter_bridge_command_prefix: "!tw"
|
||||||
|
|
||||||
matrix_mautrix_twitter_bridge_permissions: |
|
matrix_mautrix_twitter_bridge_permissions: |
|
||||||
|
@@ -11,7 +11,7 @@ network:
|
|||||||
# {{ .DisplayName }} is replaced with the display name of the Twitter user.
|
# {{ .DisplayName }} is replaced with the display name of the Twitter user.
|
||||||
# {{ .Username }} is replaced with the username of the Twitter user.
|
# {{ .Username }} is replaced with the username of the Twitter user.
|
||||||
# {% endraw %}
|
# {% endraw %}
|
||||||
displayname_template: "{% raw %}{{ .DisplayName }}{% endraw %} (Twitter)"
|
displayname_template: {{ matrix_mautrix_twitter_network_displayname_template | to_json }}
|
||||||
|
|
||||||
# Maximum number of conversations to sync on startup
|
# Maximum number of conversations to sync on startup
|
||||||
conversation_sync_limit: 20
|
conversation_sync_limit: 20
|
||||||
|
@@ -161,6 +161,13 @@ matrix_mautrix_whatsapp_double_puppet_secrets: "{{ matrix_mautrix_whatsapp_doubl
|
|||||||
matrix_mautrix_whatsapp_double_puppet_secrets_auto: {}
|
matrix_mautrix_whatsapp_double_puppet_secrets_auto: {}
|
||||||
matrix_mautrix_whatsapp_double_puppet_secrets_custom: {}
|
matrix_mautrix_whatsapp_double_puppet_secrets_custom: {}
|
||||||
|
|
||||||
|
# Displayname template for WhatsApp users.
|
||||||
|
# {{.PushName}} - nickname set by the WhatsApp user
|
||||||
|
# {{.BusinessName}} - validated WhatsApp business name
|
||||||
|
# {{.Phone}} - phone number (international format)
|
||||||
|
# {{.FullName}} - Name you set in the contacts list
|
||||||
|
matrix_mautrix_whatsapp_network_displayname_template: '{% raw %}{{or .BusinessName .PushName .Phone}} (WA){% endraw %}'
|
||||||
|
|
||||||
# Enable End-to-bridge encryption
|
# Enable End-to-bridge encryption
|
||||||
matrix_mautrix_whatsapp_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
matrix_mautrix_whatsapp_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
|
||||||
matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}"
|
matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}"
|
||||||
|
@@ -22,7 +22,7 @@ network:
|
|||||||
# {{.Phone}} - phone number (international format)
|
# {{.Phone}} - phone number (international format)
|
||||||
# {{.FullName}} - Name you set in the contacts list
|
# {{.FullName}} - Name you set in the contacts list
|
||||||
# {% endraw %}
|
# {% endraw %}
|
||||||
displayname_template: "{% raw %}{{or .BusinessName .PushName .Phone}} (WA){% endraw %}"
|
displayname_template: {{ matrix_mautrix_whatsapp_network_displayname_template | to_json }}
|
||||||
|
|
||||||
# Should incoming calls send a message to the Matrix room?
|
# Should incoming calls send a message to the Matrix room?
|
||||||
call_start_notices: true
|
call_start_notices: true
|
||||||
|
@@ -70,7 +70,7 @@ namePatterns:
|
|||||||
#
|
#
|
||||||
# name: username of the user
|
# name: username of the user
|
||||||
# discriminator: hashtag of the user (ex. #1234)
|
# discriminator: hashtag of the user (ex. #1234)
|
||||||
user: :name
|
user: ":name (#:discriminator) (via Discord)"
|
||||||
|
|
||||||
# A user's guild-specific displayname - if they've set a custom nick in
|
# A user's guild-specific displayname - if they've set a custom nick in
|
||||||
# a guild
|
# a guild
|
||||||
@@ -82,7 +82,7 @@ namePatterns:
|
|||||||
# displayname: the user's custom group-specific nick
|
# displayname: the user's custom group-specific nick
|
||||||
# channel: the name of the channel
|
# channel: the name of the channel
|
||||||
# guild: the name of the guild
|
# guild: the name of the guild
|
||||||
userOverride: :name
|
userOverride: ":displayname (:name#:discriminator) (via Discord)"
|
||||||
|
|
||||||
# Room names for bridged Discord channels
|
# Room names for bridged Discord channels
|
||||||
#
|
#
|
||||||
@@ -90,7 +90,7 @@ namePatterns:
|
|||||||
#
|
#
|
||||||
# name: name of the channel
|
# name: name of the channel
|
||||||
# guild: name of the guild
|
# guild: name of the guild
|
||||||
room: :name
|
room: "#:name (:guild on Discord)"
|
||||||
|
|
||||||
# Group names for bridged Discord servers
|
# Group names for bridged Discord servers
|
||||||
#
|
#
|
||||||
|
@@ -29,7 +29,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme
|
|||||||
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
|
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
|
||||||
|
|
||||||
# renovate: datasource=docker depName=ghcr.io/element-hq/element-web
|
# renovate: datasource=docker depName=ghcr.io/element-hq/element-web
|
||||||
matrix_client_element_version: v1.11.104
|
matrix_client_element_version: v1.11.105
|
||||||
|
|
||||||
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_registry_prefix }}element-hq/element-web:{{ matrix_client_element_version }}"
|
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_registry_prefix }}element-hq/element-web:{{ matrix_client_element_version }}"
|
||||||
matrix_client_element_docker_image_registry_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_client_element_docker_image_registry_prefix_upstream }}"
|
matrix_client_element_docker_image_registry_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_client_element_docker_image_registry_prefix_upstream }}"
|
||||||
|
@@ -101,6 +101,19 @@
|
|||||||
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
|
- {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
|
||||||
when: "item.src is not none"
|
when: "item.src is not none"
|
||||||
|
|
||||||
|
- name: Copy Element costum files
|
||||||
|
copy:
|
||||||
|
src: "{{ item.src }}"
|
||||||
|
dest: "{{ matrix_client_element_data_path }}/{{ item.name }}"
|
||||||
|
mode: 0644
|
||||||
|
owner: "{{ matrix_user_username }}"
|
||||||
|
group: "{{ matrix_user_groupname }}"
|
||||||
|
with_items:
|
||||||
|
- {src: "{{ role_path }}/files/background.jpg", name: "background.jpg"}
|
||||||
|
- {src: "{{ role_path }}/files/antifa_coffee_cups.png", name: "logo.png"}
|
||||||
|
when: false
|
||||||
|
#when: "matrix_client_element_enabled|bool and item.src is not none"
|
||||||
|
|
||||||
- name: Ensure Element Web nginx.conf file is removed
|
- name: Ensure Element Web nginx.conf file is removed
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ matrix_client_element_data_path }}/nginx.conf"
|
path: "{{ matrix_client_element_data_path }}/nginx.conf"
|
||||||
|
@@ -33,7 +33,7 @@ h1::after {
|
|||||||
}
|
}
|
||||||
|
|
||||||
.mx_Logo {
|
.mx_Logo {
|
||||||
height: 54px;
|
height: 92px;
|
||||||
margin-top: 2px;
|
margin-top: 2px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@@ -33,9 +33,14 @@ matrix_client_fluffychat_container_additional_networks: "{{ matrix_client_fluffy
|
|||||||
matrix_client_fluffychat_container_additional_networks_auto: []
|
matrix_client_fluffychat_container_additional_networks_auto: []
|
||||||
matrix_client_fluffychat_container_additional_networks_custom: []
|
matrix_client_fluffychat_container_additional_networks_custom: []
|
||||||
|
|
||||||
|
# Configures the port number used inside the container image.
|
||||||
|
matrix_client_fluffychat_container_http_port: 8080
|
||||||
|
|
||||||
# Controls whether the matrix-client-fluffychat container exposes its HTTP port (tcp/8080 in the container).
|
# Controls whether the matrix-client-fluffychat container exposes its HTTP port (tcp/8080 in the container).
|
||||||
#
|
#
|
||||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8765"), or empty string to not expose.
|
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8080"), or empty string to not expose.
|
||||||
|
#
|
||||||
|
# Also see: `matrix_client_fluffychat_container_http_port`
|
||||||
matrix_client_fluffychat_container_http_host_bind_port: ''
|
matrix_client_fluffychat_container_http_host_bind_port: ''
|
||||||
|
|
||||||
# matrix_client_fluffychat_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
|
# matrix_client_fluffychat_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
|
||||||
@@ -44,6 +49,7 @@ matrix_client_fluffychat_container_http_host_bind_port: ''
|
|||||||
# To inject your own other container labels, see `matrix_client_fluffychat_container_labels_additional_labels`.
|
# To inject your own other container labels, see `matrix_client_fluffychat_container_labels_additional_labels`.
|
||||||
matrix_client_fluffychat_container_labels_traefik_enabled: true
|
matrix_client_fluffychat_container_labels_traefik_enabled: true
|
||||||
matrix_client_fluffychat_container_labels_traefik_docker_network: "{{ matrix_client_fluffychat_container_network }}"
|
matrix_client_fluffychat_container_labels_traefik_docker_network: "{{ matrix_client_fluffychat_container_network }}"
|
||||||
|
matrix_client_fluffychat_container_labels_traefik_http_service_load_balancer_port: "{{ matrix_client_fluffychat_container_http_port }}"
|
||||||
matrix_client_fluffychat_container_labels_traefik_hostname: "{{ matrix_client_fluffychat_hostname }}"
|
matrix_client_fluffychat_container_labels_traefik_hostname: "{{ matrix_client_fluffychat_hostname }}"
|
||||||
# The path prefix must either be `/` or not end with a slash (e.g. `/fluffychat`).
|
# The path prefix must either be `/` or not end with a slash (e.g. `/fluffychat`).
|
||||||
matrix_client_fluffychat_container_labels_traefik_path_prefix: "{{ matrix_client_fluffychat_path_prefix }}"
|
matrix_client_fluffychat_container_labels_traefik_path_prefix: "{{ matrix_client_fluffychat_path_prefix }}"
|
||||||
|
@@ -11,7 +11,7 @@ traefik.enable=true
|
|||||||
traefik.docker.network={{ matrix_client_fluffychat_container_labels_traefik_docker_network }}
|
traefik.docker.network={{ matrix_client_fluffychat_container_labels_traefik_docker_network }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
traefik.http.services.matrix-client-fluffychat.loadbalancer.server.port=8080
|
traefik.http.services.matrix-client-fluffychat.loadbalancer.server.port={{ matrix_client_fluffychat_container_labels_traefik_http_service_load_balancer_port }}
|
||||||
|
|
||||||
{% set middlewares = [] %}
|
{% set middlewares = [] %}
|
||||||
|
|
||||||
|
@@ -22,7 +22,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
|
|||||||
--read-only \
|
--read-only \
|
||||||
--network={{ matrix_client_fluffychat_container_network }} \
|
--network={{ matrix_client_fluffychat_container_network }} \
|
||||||
{% if matrix_client_fluffychat_container_http_host_bind_port %}
|
{% if matrix_client_fluffychat_container_http_host_bind_port %}
|
||||||
-p {{ matrix_client_fluffychat_container_http_host_bind_port }}:8080 \
|
-p {{ matrix_client_fluffychat_container_http_host_bind_port }}:{{ matrix_client_fluffychat_container_http_port }} \
|
||||||
{% endif %}
|
{% endif %}
|
||||||
--label-file={{ matrix_client_fluffychat_data_path }}/labels \
|
--label-file={{ matrix_client_fluffychat_data_path }}/labels \
|
||||||
--tmpfs=/tmp:rw,noexec,nosuid,size=10m \
|
--tmpfs=/tmp:rw,noexec,nosuid,size=10m \
|
||||||
|
@@ -19,7 +19,7 @@ matrix_conduit_docker_image_registry_prefix: "{{ matrix_conduit_docker_image_reg
|
|||||||
matrix_conduit_docker_image_registry_prefix_upstream: "{{ matrix_conduit_docker_image_registry_prefix_upstream_default }}"
|
matrix_conduit_docker_image_registry_prefix_upstream: "{{ matrix_conduit_docker_image_registry_prefix_upstream_default }}"
|
||||||
matrix_conduit_docker_image_registry_prefix_upstream_default: docker.io/
|
matrix_conduit_docker_image_registry_prefix_upstream_default: docker.io/
|
||||||
# renovate: datasource=docker depName=matrixconduit/matrix-conduit
|
# renovate: datasource=docker depName=matrixconduit/matrix-conduit
|
||||||
matrix_conduit_docker_image_tag: "v0.10.4"
|
matrix_conduit_docker_image_tag: "v0.10.6"
|
||||||
matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}"
|
matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}"
|
||||||
|
|
||||||
matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit"
|
matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit"
|
||||||
|
@@ -143,6 +143,9 @@ matrix_continuwuity_config_max_request_size: 20_000_000
|
|||||||
# Enables registration. If set to false, no users can register on this server.
|
# Enables registration. If set to false, no users can register on this server.
|
||||||
matrix_continuwuity_config_allow_registration: false
|
matrix_continuwuity_config_allow_registration: false
|
||||||
|
|
||||||
|
# Controls if newly registered users are automatically suspended, requiring admin approval.
|
||||||
|
matrix_continuwuity_config_suspend_on_register: false
|
||||||
|
|
||||||
# Controls the `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse` setting.
|
# Controls the `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse` setting.
|
||||||
# This is only used when `matrix_continuwuity_config_allow_registration` is set to true and no registration token is configured.
|
# This is only used when `matrix_continuwuity_config_allow_registration` is set to true and no registration token is configured.
|
||||||
matrix_continuwuity_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse: false
|
matrix_continuwuity_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse: false
|
||||||
@@ -166,12 +169,11 @@ matrix_continuwuity_config_allow_check_for_updates: false
|
|||||||
# Controls the `emergency_password` setting.
|
# Controls the `emergency_password` setting.
|
||||||
matrix_continuwuity_config_emergency_password: ''
|
matrix_continuwuity_config_emergency_password: ''
|
||||||
|
|
||||||
# Controls the `allow_federation` setting.
|
# Controls the `matrix_continuwuity_trusted_servers`` setting.
|
||||||
matrix_continuwuity_config_allow_federation: true
|
matrix_continuwuity_config_trusted_servers:
|
||||||
|
|
||||||
matrix_continuwuity_trusted_servers:
|
|
||||||
- "matrix.org"
|
- "matrix.org"
|
||||||
|
|
||||||
|
# Controls the `matrix_continuwuity_config_log` setting.
|
||||||
matrix_continuwuity_config_log: "info,state_res=warn,rocket=off,_=off,sled=off"
|
matrix_continuwuity_config_log: "info,state_res=warn,rocket=off,_=off,sled=off"
|
||||||
|
|
||||||
# TURN integration.
|
# TURN integration.
|
||||||
@@ -184,15 +186,23 @@ matrix_continuwuity_config_turn_password: ''
|
|||||||
# Controls whether the self-check feature should validate SSL certificates.
|
# Controls whether the self-check feature should validate SSL certificates.
|
||||||
matrix_continuwuity_self_check_validate_certificates: true
|
matrix_continuwuity_self_check_validate_certificates: true
|
||||||
|
|
||||||
|
# Controls server (de)federation settings.
|
||||||
|
matrix_continuwuity_config_allow_federation: true
|
||||||
|
matrix_continuwuity_config_allowed_remote_server_names: []
|
||||||
|
matrix_continuwuity_config_forbidden_remote_server_names: []
|
||||||
|
matrix_continuwuity_config_forbidden_remote_room_directory_server_names: []
|
||||||
|
matrix_continuwuity_config_prevent_media_downloads_from: []
|
||||||
|
matrix_continuwuity_config_ignore_messages_from_server_names: []
|
||||||
|
|
||||||
|
# Controls the `url_preview_domain_contains_allowlist` setting.
|
||||||
|
matrix_continuwuity_config_url_preview_domain_contains_allowlist: []
|
||||||
|
|
||||||
# Additional environment variables to pass to the container.
|
# Additional environment variables to pass to the container.
|
||||||
#
|
#
|
||||||
# Environment variables take priority over settings in the configuration file.
|
# Environment variables take priority over settings in the configuration file.
|
||||||
#
|
#
|
||||||
# Example:
|
# Example:
|
||||||
# matrix_continuwuity_environment_variables_extension: |
|
# matrix_continuwuity_environment_variables_extension: |
|
||||||
# continuwuity_MAX_REQUEST_SIZE=50000000
|
# CONTINUWUITY_MAX_REQUEST_SIZE=50000000
|
||||||
# continuwuity_REQUEST_TIMEOUT=60
|
# CONTINUWUITY_REQUEST_TIMEOUT=60
|
||||||
matrix_continuwuity_environment_variables_extension: ''
|
matrix_continuwuity_environment_variables_extension: ''
|
||||||
|
|
||||||
matrix_continuwuity_forbidden_remote_server_names: []
|
|
||||||
matrix_continuwuity_forbidden_remote_room_directory_server_names: []
|
|
||||||
|
@@ -13,3 +13,18 @@
|
|||||||
- {'name': 'matrix_continuwuity_hostname', when: true}
|
- {'name': 'matrix_continuwuity_hostname', when: true}
|
||||||
- {'name': 'matrix_continuwuity_container_network', when: true}
|
- {'name': 'matrix_continuwuity_container_network', when: true}
|
||||||
- {'name': 'matrix_continuwuity_container_labels_internal_client_api_traefik_entrypoints', when: "{{ matrix_continuwuity_container_labels_internal_client_api_enabled }}"}
|
- {'name': 'matrix_continuwuity_container_labels_internal_client_api_traefik_entrypoints', when: "{{ matrix_continuwuity_container_labels_internal_client_api_enabled }}"}
|
||||||
|
|
||||||
|
- name: (Deprecation) Catch and report renamed Continuwuity settings
|
||||||
|
ansible.builtin.fail:
|
||||||
|
msg: >-
|
||||||
|
Your configuration contains a variable, which now has a different name.
|
||||||
|
Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml).
|
||||||
|
when: "item.old in vars"
|
||||||
|
with_items:
|
||||||
|
- {'old': 'matrix_continuwuity_allowed_remote_server_names', 'new': 'matrix_continuwuity_config_allowed_remote_server_names'}
|
||||||
|
- {'old': 'matrix_continuwuity_forbidden_remote_room_directory_server_names', 'new': 'matrix_continuwuity_config_forbidden_remote_room_directory_server_names'}
|
||||||
|
- {'old': 'matrix_continuwuity_forbidden_remote_server_names', 'new': 'matrix_continuwuity_config_forbidden_remote_server_names'}
|
||||||
|
- {'old': 'matrix_continuwuity_ignore_messages_from_server_names', 'new': 'matrix_continuwuity_config_ignore_messages_from_server_names'}
|
||||||
|
- {'old': 'matrix_continuwuity_prevent_media_downloads_from', 'new': 'matrix_continuwuity_config_prevent_media_downloads_from'}
|
||||||
|
- {'old': 'matrix_continuwuity_trusted_servers', 'new': 'matrix_continuwuity_config_trusted_servers'}
|
||||||
|
- {'old': 'matrix_continuwuity_url_preview_domain_contains_allowlist', 'new': 'matrix_continuwuity_config_url_preview_domain_contains_allowlist'}
|
||||||
|
@@ -7,8 +7,8 @@ SPDX-License-Identifier: AGPL-3.0-or-later
|
|||||||
#}
|
#}
|
||||||
|
|
||||||
### continuwuity Configuration
|
### continuwuity Configuration
|
||||||
### See:
|
### For more information, see:
|
||||||
### https://continuwuity.org/configuration
|
### https://continuwuity.org/configuration.html
|
||||||
|
|
||||||
[global]
|
[global]
|
||||||
|
|
||||||
@@ -16,7 +16,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
|
|||||||
# suffix for user and room IDs/aliases.
|
# suffix for user and room IDs/aliases.
|
||||||
#
|
#
|
||||||
# See the docs for reverse proxying and delegation:
|
# See the docs for reverse proxying and delegation:
|
||||||
# https://continuwuity.org/deploying/generic#setting-up-the-reverse-proxy
|
# https://continuwuity.org/deploying/generic.html#setting-up-the-reverse-proxy
|
||||||
#
|
#
|
||||||
# Also see the `[global.well_known]` config section at the very bottom.
|
# Also see the `[global.well_known]` config section at the very bottom.
|
||||||
#
|
#
|
||||||
@@ -27,7 +27,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
|
|||||||
# YOU NEED TO EDIT THIS. THIS CANNOT BE CHANGED AFTER WITHOUT A DATABASE
|
# YOU NEED TO EDIT THIS. THIS CANNOT BE CHANGED AFTER WITHOUT A DATABASE
|
||||||
# WIPE.
|
# WIPE.
|
||||||
#
|
#
|
||||||
# example: "continuwuity.woof"
|
# example: "continuwuity.org"
|
||||||
#
|
#
|
||||||
server_name = {{ matrix_continuwuity_config_server_name | to_json }}
|
server_name = {{ matrix_continuwuity_config_server_name | to_json }}
|
||||||
|
|
||||||
@@ -44,7 +44,7 @@ address = "0.0.0.0"
|
|||||||
# The port(s) continuwuity will listen on.
|
# The port(s) continuwuity will listen on.
|
||||||
#
|
#
|
||||||
# For reverse proxying, see:
|
# For reverse proxying, see:
|
||||||
# https://continuwuity.org/deploying/generic#setting-up-the-reverse-proxy
|
# https://continuwuity.org/deploying/generic.html#setting-up-the-reverse-proxy
|
||||||
#
|
#
|
||||||
# If you are using Docker, don't change this, you'll need to map an
|
# If you are using Docker, don't change this, you'll need to map an
|
||||||
# external port to this.
|
# external port to this.
|
||||||
@@ -59,8 +59,9 @@ port = {{ matrix_continuwuity_config_port_number }}
|
|||||||
# listening on a UNIX socket, you MUST remove/comment the `address` key.
|
# listening on a UNIX socket, you MUST remove/comment the `address` key.
|
||||||
#
|
#
|
||||||
# Remember to make sure that your reverse proxy has access to this socket
|
# Remember to make sure that your reverse proxy has access to this socket
|
||||||
# file, either by adding your reverse proxy to the 'continuwuity' group or
|
# file, either by adding your reverse proxy to the appropriate user group
|
||||||
# granting world R/W permissions with `unix_socket_perms` (666 minimum).
|
# or granting world R/W permissions with `unix_socket_perms` (666
|
||||||
|
# minimum).
|
||||||
#
|
#
|
||||||
# example: "/run/continuwuity/continuwuity.sock"
|
# example: "/run/continuwuity/continuwuity.sock"
|
||||||
#
|
#
|
||||||
@@ -70,8 +71,8 @@ port = {{ matrix_continuwuity_config_port_number }}
|
|||||||
#
|
#
|
||||||
#unix_socket_perms = 660
|
#unix_socket_perms = 660
|
||||||
|
|
||||||
# This is the only directory where continuwuity will save its data, including
|
# This is the only directory where continuwuity will save its data,
|
||||||
# media. Note: this was previously "/var/lib/matrix-conduit".
|
# including media. Note: this was previously "/var/lib/matrix-conduit".
|
||||||
#
|
#
|
||||||
# YOU NEED TO EDIT THIS.
|
# YOU NEED TO EDIT THIS.
|
||||||
#
|
#
|
||||||
@@ -79,9 +80,9 @@ port = {{ matrix_continuwuity_config_port_number }}
|
|||||||
#
|
#
|
||||||
database_path = "/var/lib/continuwuity"
|
database_path = "/var/lib/continuwuity"
|
||||||
|
|
||||||
# continuwuity supports online database backups using RocksDB's Backup engine
|
# continuwuity supports online database backups using RocksDB's Backup
|
||||||
# API. To use this, set a database backup path that continuwuity can write
|
# engine API. To use this, set a database backup path that continuwuity
|
||||||
# to.
|
# can write to.
|
||||||
#
|
#
|
||||||
# For more information, see:
|
# For more information, see:
|
||||||
# https://continuwuity.org/maintenance.html#backups
|
# https://continuwuity.org/maintenance.html#backups
|
||||||
@@ -108,17 +109,13 @@ database_path = "/var/lib/continuwuity"
|
|||||||
new_user_displayname_suffix = {{ matrix_continuwuity_config_new_user_displayname_suffix | to_json }}
|
new_user_displayname_suffix = {{ matrix_continuwuity_config_new_user_displayname_suffix | to_json }}
|
||||||
|
|
||||||
# If enabled, continuwuity will send a simple GET request periodically to
|
# If enabled, continuwuity will send a simple GET request periodically to
|
||||||
# `https://pupbrain.dev/check-for-updates/stable` for any new
|
# `https://continuwuity.org/.well-known/continuwuity/announcements` for any new
|
||||||
# announcements made. Despite the name, this is not an update check
|
# announcements or major updates. This is not an update check endpoint.
|
||||||
# endpoint, it is simply an announcement check endpoint.
|
|
||||||
#
|
|
||||||
# This is disabled by default as this is rarely used except for security
|
|
||||||
# updates or major updates.
|
|
||||||
#
|
#
|
||||||
allow_check_for_updates = {{ matrix_continuwuity_config_allow_check_for_updates | to_json }}
|
allow_check_for_updates = {{ matrix_continuwuity_config_allow_check_for_updates | to_json }}
|
||||||
|
|
||||||
# Set this to any float value to multiply continuwuity's in-memory LRU caches
|
# Set this to any float value to multiply continuwuity's in-memory LRU
|
||||||
# with such as "auth_chain_cache_capacity".
|
# caches with such as "auth_chain_cache_capacity".
|
||||||
#
|
#
|
||||||
# May be useful if you have significant memory to spare to increase
|
# May be useful if you have significant memory to spare to increase
|
||||||
# performance.
|
# performance.
|
||||||
@@ -190,14 +187,6 @@ allow_check_for_updates = {{ matrix_continuwuity_config_allow_check_for_updates
|
|||||||
#
|
#
|
||||||
#servernameevent_data_cache_capacity = varies by system
|
#servernameevent_data_cache_capacity = varies by system
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
|
||||||
#
|
|
||||||
#server_visibility_cache_capacity = varies by system
|
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
|
||||||
#
|
|
||||||
#user_visibility_cache_capacity = varies by system
|
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# This item is undocumented. Please contribute documentation for it.
|
||||||
#
|
#
|
||||||
#stateinfo_cache_capacity = varies by system
|
#stateinfo_cache_capacity = varies by system
|
||||||
@@ -259,7 +248,7 @@ allow_check_for_updates = {{ matrix_continuwuity_config_allow_check_for_updates
|
|||||||
#
|
#
|
||||||
# If you are running continuwuity in a container environment, this config
|
# If you are running continuwuity in a container environment, this config
|
||||||
# option may need to be enabled. For more details, see:
|
# option may need to be enabled. For more details, see:
|
||||||
# https://continuwuity.org/troubleshooting#potential-dns-issues-when-using-docker
|
# https://continuwuity.org/troubleshooting.html#potential-dns-issues-when-using-docker
|
||||||
#
|
#
|
||||||
#query_over_tcp_only = false
|
#query_over_tcp_only = false
|
||||||
|
|
||||||
@@ -372,6 +361,26 @@ max_request_size = {{ matrix_continuwuity_config_max_request_size }}
|
|||||||
#
|
#
|
||||||
#pusher_idle_timeout = 15
|
#pusher_idle_timeout = 15
|
||||||
|
|
||||||
|
# Maximum time to receive a request from a client (seconds).
|
||||||
|
#
|
||||||
|
#client_receive_timeout = 75
|
||||||
|
|
||||||
|
# Maximum time to process a request received from a client (seconds).
|
||||||
|
#
|
||||||
|
#client_request_timeout = 180
|
||||||
|
|
||||||
|
# Maximum time to transmit a response to a client (seconds)
|
||||||
|
#
|
||||||
|
#client_response_timeout = 120
|
||||||
|
|
||||||
|
# Grace period for clean shutdown of client requests (seconds).
|
||||||
|
#
|
||||||
|
#client_shutdown_timeout = 10
|
||||||
|
|
||||||
|
# Grace period for clean shutdown of federation requests (seconds).
|
||||||
|
#
|
||||||
|
#sender_shutdown_timeout = 5
|
||||||
|
|
||||||
# Enables registration. If set to false, no users can register on this
|
# Enables registration. If set to false, no users can register on this
|
||||||
# server.
|
# server.
|
||||||
#
|
#
|
||||||
@@ -384,17 +393,27 @@ max_request_size = {{ matrix_continuwuity_config_max_request_size }}
|
|||||||
#
|
#
|
||||||
allow_registration = {{ matrix_continuwuity_config_allow_registration | to_json }}
|
allow_registration = {{ matrix_continuwuity_config_allow_registration | to_json }}
|
||||||
|
|
||||||
yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse = {{ matrix_continuwuity_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse | to_json }}
|
# If registration is enabled, and this setting is true, new users
|
||||||
|
# registered after the first admin user will be automatically suspended
|
||||||
allow_federation = {{ matrix_continuwuity_config_allow_federation | to_json }}
|
# and will require an admin to run `!admin users unsuspend <user_id>`.
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
|
||||||
#
|
#
|
||||||
#yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse = false
|
# Suspended users are still able to read messages, make profile updates,
|
||||||
|
# leave rooms, and deactivate their account, however cannot send messages,
|
||||||
|
# invites, or create/join or otherwise modify rooms.
|
||||||
|
# They are effectively read-only.
|
||||||
|
#
|
||||||
|
suspend_on_register = {{ matrix_continuwuity_config_suspend_on_register | to_json }}
|
||||||
|
|
||||||
|
# Enabling this setting opens registration to anyone without restrictions.
|
||||||
|
# This makes your server vulnerable to abuse
|
||||||
|
#
|
||||||
|
yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse = {{ matrix_continuwuity_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse | to_json }}
|
||||||
|
|
||||||
# A static registration token that new users will have to provide when
|
# A static registration token that new users will have to provide when
|
||||||
# creating an account. If unset and `allow_registration` is true,
|
# creating an account. If unset and `allow_registration` is true,
|
||||||
# registration is open without any condition.
|
# you must set
|
||||||
|
# `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`
|
||||||
|
# to true to allow open registration without any conditions.
|
||||||
#
|
#
|
||||||
# YOU NEED TO EDIT THIS OR USE registration_token_file.
|
# YOU NEED TO EDIT THIS OR USE registration_token_file.
|
||||||
#
|
#
|
||||||
@@ -402,8 +421,9 @@ allow_federation = {{ matrix_continuwuity_config_allow_federation | to_json }}
|
|||||||
#
|
#
|
||||||
registration_token = {{ matrix_continuwuity_config_registration_token | to_json }}
|
registration_token = {{ matrix_continuwuity_config_registration_token | to_json }}
|
||||||
|
|
||||||
# Path to a file on the system that gets read for the registration token.
|
# Path to a file on the system that gets read for additional registration
|
||||||
# this config option takes precedence/priority over "registration_token".
|
# tokens. Multiple tokens can be added if you separate them with
|
||||||
|
# whitespace
|
||||||
#
|
#
|
||||||
# continuwuity must be able to access the file, and it must not be empty
|
# continuwuity must be able to access the file, and it must not be empty
|
||||||
#
|
#
|
||||||
@@ -418,12 +438,21 @@ registration_token = {{ matrix_continuwuity_config_registration_token | to_json
|
|||||||
# Controls whether federation is allowed or not. It is not recommended to
|
# Controls whether federation is allowed or not. It is not recommended to
|
||||||
# disable this after the fact due to potential federation breakage.
|
# disable this after the fact due to potential federation breakage.
|
||||||
#
|
#
|
||||||
#allow_federation = true
|
allow_federation = {{ matrix_continuwuity_config_allow_federation | to_json }}
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# Allows federation requests to be made to itself
|
||||||
|
#
|
||||||
|
# This isn't intended and is very likely a bug if federation requests are
|
||||||
|
# being sent to yourself. This currently mainly exists for development
|
||||||
|
# purposes.
|
||||||
#
|
#
|
||||||
#federation_loopback = false
|
#federation_loopback = false
|
||||||
|
|
||||||
|
# Always calls /forget on behalf of the user if leaving a room. This is a
|
||||||
|
# part of MSC4267 "Automatically forgetting rooms on leave"
|
||||||
|
#
|
||||||
|
#forget_forced_upon_leave = false
|
||||||
|
|
||||||
# Set this to true to require authentication on the normally
|
# Set this to true to require authentication on the normally
|
||||||
# unauthenticated profile retrieval endpoints (GET)
|
# unauthenticated profile retrieval endpoints (GET)
|
||||||
# "/_matrix/client/v3/profile/{userId}".
|
# "/_matrix/client/v3/profile/{userId}".
|
||||||
@@ -501,9 +530,9 @@ registration_token = {{ matrix_continuwuity_config_registration_token | to_json
|
|||||||
|
|
||||||
# Default room version continuwuity will create rooms with.
|
# Default room version continuwuity will create rooms with.
|
||||||
#
|
#
|
||||||
# Per spec, room version 10 is the default.
|
# Per spec, room version 11 is the default.
|
||||||
#
|
#
|
||||||
#default_room_version = 10
|
#default_room_version = 11
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# This item is undocumented. Please contribute documentation for it.
|
||||||
#
|
#
|
||||||
@@ -568,9 +597,9 @@ registration_token = {{ matrix_continuwuity_config_registration_token | to_json
|
|||||||
# Currently, continuwuity doesn't support inbound batched key requests, so
|
# Currently, continuwuity doesn't support inbound batched key requests, so
|
||||||
# this list should only contain other Synapse servers.
|
# this list should only contain other Synapse servers.
|
||||||
#
|
#
|
||||||
# example: ["matrix.org", "envs.net", "constellatory.net", "tchncs.de"]
|
# example: ["matrix.org", "tchncs.de"]
|
||||||
#
|
#
|
||||||
trusted_servers = {{ matrix_continuwuity_trusted_servers | to_json }}
|
trusted_servers = {{ matrix_continuwuity_config_trusted_servers | to_json }}
|
||||||
|
|
||||||
# Whether to query the servers listed in trusted_servers first or query
|
# Whether to query the servers listed in trusted_servers first or query
|
||||||
# the origin server first. For best security, querying the origin server
|
# the origin server first. For best security, querying the origin server
|
||||||
@@ -627,8 +656,9 @@ log = {{ matrix_continuwuity_config_log | to_json }}
|
|||||||
#
|
#
|
||||||
#log_span_events = "none"
|
#log_span_events = "none"
|
||||||
|
|
||||||
# Configures whether continuwuity_LOG EnvFilter matches values using regular
|
# Configures whether CONTINUWUITY_LOG EnvFilter matches values using
|
||||||
# expressions. See the tracing_subscriber documentation on Directives.
|
# regular expressions. See the tracing_subscriber documentation on
|
||||||
|
# Directives.
|
||||||
#
|
#
|
||||||
#log_filter_regex = true
|
#log_filter_regex = true
|
||||||
|
|
||||||
@@ -664,13 +694,17 @@ log = {{ matrix_continuwuity_config_log | to_json }}
|
|||||||
# ("turn_secret"), It is recommended to use a shared secret over static
|
# ("turn_secret"), It is recommended to use a shared secret over static
|
||||||
# credentials.
|
# credentials.
|
||||||
#
|
#
|
||||||
#turn_username = false
|
{% if matrix_continuwuity_config_turn_username != '' %}
|
||||||
|
turn_username = {{ matrix_continuwuity_config_turn_username | to_json }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# Static TURN password to provide the client if not using a shared secret
|
# Static TURN password to provide the client if not using a shared secret
|
||||||
# ("turn_secret"). It is recommended to use a shared secret over static
|
# ("turn_secret"). It is recommended to use a shared secret over static
|
||||||
# credentials.
|
# credentials.
|
||||||
#
|
#
|
||||||
#turn_password = false
|
{% if matrix_continuwuity_config_turn_password != '' %}
|
||||||
|
turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# Vector list of TURN URIs/servers to use.
|
# Vector list of TURN URIs/servers to use.
|
||||||
#
|
#
|
||||||
@@ -689,18 +723,10 @@ turn_uris = {{ matrix_continuwuity_config_turn_uris | to_json }}
|
|||||||
# This is more secure, but if needed you can use traditional static
|
# This is more secure, but if needed you can use traditional static
|
||||||
# username/password credentials.
|
# username/password credentials.
|
||||||
#
|
#
|
||||||
#turn_secret = false
|
|
||||||
{% if matrix_continuwuity_config_turn_secret != '' %}
|
{% if matrix_continuwuity_config_turn_secret != '' %}
|
||||||
turn_secret = {{ matrix_continuwuity_config_turn_secret | to_json }}
|
turn_secret = {{ matrix_continuwuity_config_turn_secret | to_json }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
# If you have your TURN server configured to use a username and password
|
|
||||||
# you can provide these information too. In this case comment out `turn_secret above`!
|
|
||||||
{% if matrix_continuwuity_config_turn_username != '' or matrix_continuwuity_config_turn_password != '' %}
|
|
||||||
turn_username = {{ matrix_continuwuity_config_turn_username | to_json }}
|
|
||||||
turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|
||||||
{% endif %}
|
|
||||||
|
|
||||||
# TURN secret to use that's read from the file path specified.
|
# TURN secret to use that's read from the file path specified.
|
||||||
#
|
#
|
||||||
# This takes priority over "turn_secret" first, and falls back to
|
# This takes priority over "turn_secret" first, and falls back to
|
||||||
@@ -714,12 +740,12 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
#
|
#
|
||||||
#turn_ttl = 86400
|
#turn_ttl = 86400
|
||||||
|
|
||||||
# List/vector of room IDs or room aliases that continuwuity will make newly
|
# List/vector of room IDs or room aliases that continuwuity will make
|
||||||
# registered users join. The rooms specified must be rooms that you have
|
# newly registered users join. The rooms specified must be rooms that you
|
||||||
# joined at least once on the server, and must be public.
|
# have joined at least once on the server, and must be public.
|
||||||
#
|
#
|
||||||
# example: ["#continuwuity:puppygock.gay",
|
# example: ["#continuwuity:continuwuity.org",
|
||||||
# "!eoIzvAvVwY23LPDay8:puppygock.gay"]
|
# "!main-1:continuwuity.org"]
|
||||||
#
|
#
|
||||||
#auto_join_rooms = []
|
#auto_join_rooms = []
|
||||||
|
|
||||||
@@ -742,10 +768,10 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
#
|
#
|
||||||
#auto_deactivate_banned_room_attempts = false
|
#auto_deactivate_banned_room_attempts = false
|
||||||
|
|
||||||
# RocksDB log level. This is not the same as continuwuity's log level. This
|
# RocksDB log level. This is not the same as continuwuity's log level.
|
||||||
# is the log level for the RocksDB engine/library which show up in your
|
# This is the log level for the RocksDB engine/library which show up in
|
||||||
# database folder/path as `LOG` files. continuwuity will log RocksDB errors
|
# your database folder/path as `LOG` files. continuwuity will log RocksDB
|
||||||
# as normal through tracing or panics if severe for safety.
|
# errors as normal through tracing or panics if severe for safety.
|
||||||
#
|
#
|
||||||
#rocksdb_log_level = "error"
|
#rocksdb_log_level = "error"
|
||||||
|
|
||||||
@@ -806,7 +832,7 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
|
|
||||||
# Type of RocksDB database compression to use.
|
# Type of RocksDB database compression to use.
|
||||||
#
|
#
|
||||||
# Available options are "zstd", "zlib", "bz2", "lz4", or "none".
|
# Available options are "zstd", "bz2", "lz4", or "none".
|
||||||
#
|
#
|
||||||
# It is best to use ZSTD as an overall good balance between
|
# It is best to use ZSTD as an overall good balance between
|
||||||
# speed/performance, storage, IO amplification, and CPU usage. For more
|
# speed/performance, storage, IO amplification, and CPU usage. For more
|
||||||
@@ -827,6 +853,9 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
# magic number and translated to the library's default compression level
|
# magic number and translated to the library's default compression level
|
||||||
# as they all differ. See their `kDefaultCompressionLevel`.
|
# as they all differ. See their `kDefaultCompressionLevel`.
|
||||||
#
|
#
|
||||||
|
# Note when using the default value we may override it with a setting
|
||||||
|
# tailored specifically for continuwuity.
|
||||||
|
#
|
||||||
#rocksdb_compression_level = 32767
|
#rocksdb_compression_level = 32767
|
||||||
|
|
||||||
# Level of compression the specified compression algorithm for the
|
# Level of compression the specified compression algorithm for the
|
||||||
@@ -840,6 +869,9 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
# less likely for this data to be used. Research your chosen compression
|
# less likely for this data to be used. Research your chosen compression
|
||||||
# algorithm.
|
# algorithm.
|
||||||
#
|
#
|
||||||
|
# Note when using the default value we may override it with a setting
|
||||||
|
# tailored specifically for continuwuity.
|
||||||
|
#
|
||||||
#rocksdb_bottommost_compression_level = 32767
|
#rocksdb_bottommost_compression_level = 32767
|
||||||
|
|
||||||
# Whether to enable RocksDB's "bottommost_compression".
|
# Whether to enable RocksDB's "bottommost_compression".
|
||||||
@@ -851,7 +883,7 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
#
|
#
|
||||||
# See https://github.com/facebook/rocksdb/wiki/Compression for more details.
|
# See https://github.com/facebook/rocksdb/wiki/Compression for more details.
|
||||||
#
|
#
|
||||||
#rocksdb_bottommost_compression = false
|
#rocksdb_bottommost_compression = true
|
||||||
|
|
||||||
# Database recovery mode (for RocksDB WAL corruption).
|
# Database recovery mode (for RocksDB WAL corruption).
|
||||||
#
|
#
|
||||||
@@ -878,7 +910,7 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
# 0 = AbsoluteConsistency
|
# 0 = AbsoluteConsistency
|
||||||
# 1 = TolerateCorruptedTailRecords (default)
|
# 1 = TolerateCorruptedTailRecords (default)
|
||||||
# 2 = PointInTime (use me if trying to recover)
|
# 2 = PointInTime (use me if trying to recover)
|
||||||
# 3 = SkipAnyCorruptedRecord (you now voided your continuwuity warranty)
|
# 3 = SkipAnyCorruptedRecord (you now voided your Continuwuity warranty)
|
||||||
#
|
#
|
||||||
# For more information on these modes, see:
|
# For more information on these modes, see:
|
||||||
# https://github.com/facebook/rocksdb/wiki/WAL-Recovery-Modes
|
# https://github.com/facebook/rocksdb/wiki/WAL-Recovery-Modes
|
||||||
@@ -897,6 +929,20 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
#
|
#
|
||||||
#rocksdb_paranoid_file_checks = false
|
#rocksdb_paranoid_file_checks = false
|
||||||
|
|
||||||
|
# Enables or disables checksum verification in rocksdb at runtime.
|
||||||
|
# Checksums are usually hardware accelerated with low overhead; they are
|
||||||
|
# enabled in rocksdb by default. Older or slower platforms may see gains
|
||||||
|
# from disabling.
|
||||||
|
#
|
||||||
|
#rocksdb_checksums = true
|
||||||
|
|
||||||
|
# Enables the "atomic flush" mode in rocksdb. This option is not intended
|
||||||
|
# for users. It may be removed or ignored in future versions. Atomic flush
|
||||||
|
# may be enabled by the paranoid to possibly improve database integrity at
|
||||||
|
# the cost of performance.
|
||||||
|
#
|
||||||
|
#rocksdb_atomic_flush = false
|
||||||
|
|
||||||
# Database repair mode (for RocksDB SST corruption).
|
# Database repair mode (for RocksDB SST corruption).
|
||||||
#
|
#
|
||||||
# Use this option when the server reports corruption while running or
|
# Use this option when the server reports corruption while running or
|
||||||
@@ -934,10 +980,10 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
#
|
#
|
||||||
#rocksdb_compaction_ioprio_idle = true
|
#rocksdb_compaction_ioprio_idle = true
|
||||||
|
|
||||||
# Disables RocksDB compaction. You should never ever have to set this
|
# Enables RocksDB compaction. You should never ever have to set this
|
||||||
# option to true. If you for some reason find yourself needing to use this
|
# option to false. If you for some reason find yourself needing to use
|
||||||
# option as part of troubleshooting or a bug, please reach out to us in
|
# this option as part of troubleshooting or a bug, please reach out to us
|
||||||
# the continuwuity Matrix room with information and details.
|
# in the continuwuity Matrix room with information and details.
|
||||||
#
|
#
|
||||||
# Disabling compaction will lead to a significantly bloated and
|
# Disabling compaction will lead to a significantly bloated and
|
||||||
# explosively large database, gradually poor performance, unnecessarily
|
# explosively large database, gradually poor performance, unnecessarily
|
||||||
@@ -970,7 +1016,9 @@ turn_password = {{ matrix_continuwuity_config_turn_password | to_json }}
|
|||||||
#
|
#
|
||||||
# example: "F670$2CP@Hw8mG7RY1$%!#Ic7YA"
|
# example: "F670$2CP@Hw8mG7RY1$%!#Ic7YA"
|
||||||
#
|
#
|
||||||
|
{% if matrix_continuwuity_config_emergency_password != '' %}
|
||||||
emergency_password = {{ matrix_continuwuity_config_emergency_password | to_json }}
|
emergency_password = {{ matrix_continuwuity_config_emergency_password | to_json }}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# This item is undocumented. Please contribute documentation for it.
|
||||||
#
|
#
|
||||||
@@ -978,8 +1026,8 @@ emergency_password = {{ matrix_continuwuity_config_emergency_password | to_json
|
|||||||
|
|
||||||
# Allow local (your server only) presence updates/requests.
|
# Allow local (your server only) presence updates/requests.
|
||||||
#
|
#
|
||||||
# Note that presence on continuwuity is very fast unlike Synapse's. If using
|
# Note that presence on continuwuity is very fast unlike Synapse's. If
|
||||||
# outgoing presence, this MUST be enabled.
|
# using outgoing presence, this MUST be enabled.
|
||||||
#
|
#
|
||||||
#allow_local_presence = true
|
#allow_local_presence = true
|
||||||
|
|
||||||
@@ -995,8 +1043,8 @@ emergency_password = {{ matrix_continuwuity_config_emergency_password | to_json
|
|||||||
#
|
#
|
||||||
# This option sends presence updates to other servers, but does not
|
# This option sends presence updates to other servers, but does not
|
||||||
# receive any unless `allow_incoming_presence` is true. Note that presence
|
# receive any unless `allow_incoming_presence` is true. Note that presence
|
||||||
# on continuwuity is very fast unlike Synapse's. If using outgoing presence,
|
# on continuwuity is very fast unlike Synapse's. If using outgoing
|
||||||
# you MUST enable `allow_local_presence` as well.
|
# presence, you MUST enable `allow_local_presence` as well.
|
||||||
#
|
#
|
||||||
#allow_outgoing_presence = true
|
#allow_outgoing_presence = true
|
||||||
|
|
||||||
@@ -1115,7 +1163,7 @@ emergency_password = {{ matrix_continuwuity_config_emergency_password | to_json
|
|||||||
|
|
||||||
# Check consistency of the media directory at startup:
|
# Check consistency of the media directory at startup:
|
||||||
# 1. When `media_compat_file_link` is enabled, this check will upgrade
|
# 1. When `media_compat_file_link` is enabled, this check will upgrade
|
||||||
# media when switching back and forth between Conduit and continuwuity.
|
# media when switching back and forth between Conduit and conduwuit.
|
||||||
# Both options must be enabled to handle this.
|
# Both options must be enabled to handle this.
|
||||||
# 2. When media is deleted from the directory, this check will also delete
|
# 2. When media is deleted from the directory, this check will also delete
|
||||||
# its database entry.
|
# its database entry.
|
||||||
@@ -1150,27 +1198,71 @@ emergency_password = {{ matrix_continuwuity_config_emergency_password | to_json
|
|||||||
#
|
#
|
||||||
#prune_missing_media = false
|
#prune_missing_media = false
|
||||||
|
|
||||||
# Vector list of servers that continuwuity will refuse to download remote
|
# List of forbidden server names via regex patterns that we will block
|
||||||
# media from.
|
# incoming AND outgoing federation with, and block client room joins /
|
||||||
|
# remote user invites.
|
||||||
#
|
#
|
||||||
#prevent_media_downloads_from = []
|
# Note that your messages can still make it to forbidden servers through
|
||||||
|
# backfilling. Events we receive from forbidden servers via backfill
|
||||||
# List of forbidden server names that we will block incoming AND outgoing
|
# from servers we *do* federate with will be stored in the database.
|
||||||
# federation with, and block client room joins / remote user invites.
|
|
||||||
#
|
#
|
||||||
# This check is applied on the room ID, room alias, sender server name,
|
# This check is applied on the room ID, room alias, sender server name,
|
||||||
# sender user's server name, inbound federation X-Matrix origin, and
|
# sender user's server name, inbound federation X-Matrix origin, and
|
||||||
# outbound federation handler.
|
# outbound federation handler.
|
||||||
#
|
#
|
||||||
# Basically "global" ACLs.
|
# You can set this to ["*"] to block all servers by default, and then
|
||||||
|
# use `allowed_remote_server_names` to allow only specific servers.
|
||||||
#
|
#
|
||||||
forbidden_remote_server_names = {{ matrix_continuwuity_forbidden_remote_server_names | to_json }}
|
# example: ["badserver\\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||||
|
#
|
||||||
|
forbidden_remote_server_names = {{ matrix_continuwuity_config_forbidden_remote_server_names | to_json }}
|
||||||
|
|
||||||
# List of forbidden server names that we will block all outgoing federated
|
# List of allowed server names via regex patterns that we will allow,
|
||||||
# room directory requests for. Useful for preventing our users from
|
# regardless of if they match `forbidden_remote_server_names`.
|
||||||
# wandering into bad servers or spaces.
|
|
||||||
#
|
#
|
||||||
forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_remote_room_directory_server_names | to_json }}
|
# This option has no effect if `forbidden_remote_server_names` is empty.
|
||||||
|
#
|
||||||
|
# example: ["goodserver\\.tld$", "goodphrase"]
|
||||||
|
#
|
||||||
|
allowed_remote_server_names = {{ matrix_continuwuity_config_allowed_remote_server_names | to_json }}
|
||||||
|
|
||||||
|
# Vector list of regex patterns of server names that continuwuity will
|
||||||
|
# refuse to download remote media from.
|
||||||
|
#
|
||||||
|
# example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||||
|
#
|
||||||
|
prevent_media_downloads_from = {{ matrix_continuwuity_config_prevent_media_downloads_from | to_json }}
|
||||||
|
|
||||||
|
# List of forbidden server names via regex patterns that we will block all
|
||||||
|
# outgoing federated room directory requests for. Useful for preventing
|
||||||
|
# our users from wandering into bad servers or spaces.
|
||||||
|
#
|
||||||
|
# example: ["badserver\.tld$", "badphrase", "19dollarfortnitecards"]
|
||||||
|
#
|
||||||
|
forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_config_forbidden_remote_room_directory_server_names | to_json }}
|
||||||
|
|
||||||
|
# Vector list of regex patterns of server names that continuwuity will not
|
||||||
|
# send messages to the client from.
|
||||||
|
#
|
||||||
|
# Note that there is no way for clients to receive messages once a server
|
||||||
|
# has become unignored without doing a full sync. This is a protocol
|
||||||
|
# limitation with the current sync protocols. This means this is somewhat
|
||||||
|
# of a nuclear option.
|
||||||
|
#
|
||||||
|
# example: ["reallybadserver\.tld$", "reallybadphrase",
|
||||||
|
# "69dollarfortnitecards"]
|
||||||
|
#
|
||||||
|
ignore_messages_from_server_names = {{ matrix_continuwuity_config_ignore_messages_from_server_names | to_json }}
|
||||||
|
|
||||||
|
# Send messages from users that the user has ignored to the client.
|
||||||
|
#
|
||||||
|
# There is no way for clients to receive messages sent while a user was
|
||||||
|
# ignored without doing a full sync. This is a protocol limitation with
|
||||||
|
# the current sync protocols. Disabling this option will move
|
||||||
|
# responsibility of ignoring messages to the client, which can avoid this
|
||||||
|
# limitation.
|
||||||
|
#
|
||||||
|
#send_messages_from_ignored_users_to_client = false
|
||||||
|
|
||||||
# Vector list of IPv4 and IPv6 CIDR ranges / subnets *in quotes* that you
|
# Vector list of IPv4 and IPv6 CIDR ranges / subnets *in quotes* that you
|
||||||
# do not want continuwuity to send outbound requests to. Defaults to
|
# do not want continuwuity to send outbound requests to. Defaults to
|
||||||
@@ -1215,7 +1307,7 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
# attack surface to your server, you are expected to be aware of the risks
|
# attack surface to your server, you are expected to be aware of the risks
|
||||||
# by doing so.
|
# by doing so.
|
||||||
#
|
#
|
||||||
#url_preview_domain_contains_allowlist = []
|
url_preview_domain_contains_allowlist = {{ matrix_continuwuity_config_url_preview_domain_contains_allowlist | to_json }}
|
||||||
|
|
||||||
# Vector list of explicit domains allowed to send requests to for URL
|
# Vector list of explicit domains allowed to send requests to for URL
|
||||||
# previews.
|
# previews.
|
||||||
@@ -1279,7 +1371,7 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
# used, and startup as warnings if any room aliases in your database have
|
# used, and startup as warnings if any room aliases in your database have
|
||||||
# a forbidden room alias/ID.
|
# a forbidden room alias/ID.
|
||||||
#
|
#
|
||||||
# example: ["19dollarfortnitecards", "b[4a]droom"]
|
# example: ["19dollarfortnitecards", "b[4a]droom", "badphrase"]
|
||||||
#
|
#
|
||||||
#forbidden_alias_names = []
|
#forbidden_alias_names = []
|
||||||
|
|
||||||
@@ -1292,7 +1384,7 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
# startup as warnings if any local users in your database have a forbidden
|
# startup as warnings if any local users in your database have a forbidden
|
||||||
# username.
|
# username.
|
||||||
#
|
#
|
||||||
# example: ["administrator", "b[a4]dusernam[3e]"]
|
# example: ["administrator", "b[a4]dusernam[3e]", "badphrase"]
|
||||||
#
|
#
|
||||||
#forbidden_usernames = []
|
#forbidden_usernames = []
|
||||||
|
|
||||||
@@ -1323,8 +1415,8 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
|
|
||||||
# Allow admins to enter commands in rooms other than "#admins" (admin
|
# Allow admins to enter commands in rooms other than "#admins" (admin
|
||||||
# room) by prefixing your message with "\!admin" or "\\!admin" followed up
|
# room) by prefixing your message with "\!admin" or "\\!admin" followed up
|
||||||
# a normal continuwuity admin command. The reply will be publicly visible to
|
# a normal continuwuity admin command. The reply will be publicly visible
|
||||||
# the room, originating from the sender.
|
# to the room, originating from the sender.
|
||||||
#
|
#
|
||||||
# example: \\!admin debug ping puppygock.gay
|
# example: \\!admin debug ping puppygock.gay
|
||||||
#
|
#
|
||||||
@@ -1341,8 +1433,8 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
# This option can also be configured with the `--execute` continuwuity
|
# This option can also be configured with the `--execute` continuwuity
|
||||||
# argument and can take standard shell commands and environment variables
|
# argument and can take standard shell commands and environment variables
|
||||||
#
|
#
|
||||||
# For example: `./continuwuity --execute "server admin-notice continuwuity has
|
# For example: `./continuwuity --execute "server admin-notice continuwuity
|
||||||
# started up at $(date)"`
|
# has started up at $(date)"`
|
||||||
#
|
#
|
||||||
# example: admin_execute = ["debug ping puppygock.gay", "debug echo hi"]`
|
# example: admin_execute = ["debug ping puppygock.gay", "debug echo hi"]`
|
||||||
#
|
#
|
||||||
@@ -1355,6 +1447,13 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
#
|
#
|
||||||
#admin_execute_errors_ignore = false
|
#admin_execute_errors_ignore = false
|
||||||
|
|
||||||
|
# List of admin commands to execute on SIGUSR2.
|
||||||
|
#
|
||||||
|
# Similar to admin_execute, but these commands are executed when the
|
||||||
|
# server receives SIGUSR2 on supporting platforms.
|
||||||
|
#
|
||||||
|
#admin_signal_execute = []
|
||||||
|
|
||||||
# Controls the max log level for admin command log captures (logs
|
# Controls the max log level for admin command log captures (logs
|
||||||
# generated from running admin commands). Defaults to "info" on release
|
# generated from running admin commands). Defaults to "info" on release
|
||||||
# builds, else "debug" on debug builds.
|
# builds, else "debug" on debug builds.
|
||||||
@@ -1364,21 +1463,20 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
# The default room tag to apply on the admin room.
|
# The default room tag to apply on the admin room.
|
||||||
#
|
#
|
||||||
# On some clients like Element, the room tag "m.server_notice" is a
|
# On some clients like Element, the room tag "m.server_notice" is a
|
||||||
# special pinned room at the very bottom of your room list. The continuwuity
|
# special pinned room at the very bottom of your room list. The
|
||||||
# admin room can be pinned here so you always have an easy-to-access
|
# continuwuity admin room can be pinned here so you always have an
|
||||||
# shortcut dedicated to your admin room.
|
# easy-to-access shortcut dedicated to your admin room.
|
||||||
#
|
#
|
||||||
#admin_room_tag = "m.server_notice"
|
#admin_room_tag = "m.server_notice"
|
||||||
|
|
||||||
# Sentry.io crash/panic reporting, performance monitoring/metrics, etc.
|
# Sentry.io crash/panic reporting, performance monitoring/metrics, etc.
|
||||||
# This is NOT enabled by default. continuwuity's default Sentry reporting
|
# This is NOT enabled by default.
|
||||||
# endpoint domain is `o4506996327251968.ingest.us.sentry.io`.
|
|
||||||
#
|
#
|
||||||
#sentry = false
|
#sentry = false
|
||||||
|
|
||||||
# Sentry reporting URL, if a custom one is desired.
|
# Sentry reporting URL, if a custom one is desired.
|
||||||
#
|
#
|
||||||
#sentry_endpoint = "https://fe2eb4536aa04949e28eff3128d64757@o4506996327251968.ingest.us.sentry.io/4506996334657536"
|
#sentry_endpoint = ""
|
||||||
|
|
||||||
# Report your continuwuity server_name in Sentry.io crash reports and
|
# Report your continuwuity server_name in Sentry.io crash reports and
|
||||||
# metrics.
|
# metrics.
|
||||||
@@ -1512,6 +1610,34 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
#
|
#
|
||||||
#sender_workers = 0
|
#sender_workers = 0
|
||||||
|
|
||||||
|
# Enables listener sockets; can be set to false to disable listening. This
|
||||||
|
# option is intended for developer/diagnostic purposes only.
|
||||||
|
#
|
||||||
|
#listening = true
|
||||||
|
|
||||||
|
# Enables configuration reload when the server receives SIGUSR1 on
|
||||||
|
# supporting platforms.
|
||||||
|
#
|
||||||
|
#config_reload_signal = true
|
||||||
|
|
||||||
|
[global.tls]
|
||||||
|
|
||||||
|
# Path to a valid TLS certificate file.
|
||||||
|
#
|
||||||
|
# example: "/path/to/my/certificate.crt"
|
||||||
|
#
|
||||||
|
#certs =
|
||||||
|
|
||||||
|
# Path to a valid TLS certificate private key.
|
||||||
|
#
|
||||||
|
# example: "/path/to/my/certificate.key"
|
||||||
|
#
|
||||||
|
#key =
|
||||||
|
|
||||||
|
# Whether to listen and allow for HTTP and HTTPS connections (insecure!)
|
||||||
|
#
|
||||||
|
#dual_protocol = false
|
||||||
|
|
||||||
[global.well_known]
|
[global.well_known]
|
||||||
|
|
||||||
# The server URL that the client well-known file will serve. This should
|
# The server URL that the client well-known file will serve. This should
|
||||||
@@ -1529,18 +1655,46 @@ forbidden_remote_room_directory_server_names = {{ matrix_continuwuity_forbidden_
|
|||||||
#
|
#
|
||||||
#server =
|
#server =
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# URL to a support page for the server, which will be served as part of
|
||||||
|
# the MSC1929 server support endpoint at /.well-known/matrix/support.
|
||||||
|
# Will be included alongside any contact information
|
||||||
#
|
#
|
||||||
#support_page =
|
#support_page =
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# Role string for server support contacts, to be served as part of the
|
||||||
|
# MSC1929 server support endpoint at /.well-known/matrix/support.
|
||||||
#
|
#
|
||||||
#support_role =
|
#support_role = "m.role.admin"
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# Email address for server support contacts, to be served as part of the
|
||||||
|
# MSC1929 server support endpoint.
|
||||||
|
# This will be used along with support_mxid if specified.
|
||||||
#
|
#
|
||||||
#support_email =
|
#support_email =
|
||||||
|
|
||||||
# This item is undocumented. Please contribute documentation for it.
|
# Matrix ID for server support contacts, to be served as part of the
|
||||||
|
# MSC1929 server support endpoint.
|
||||||
|
# This will be used along with support_email if specified.
|
||||||
|
#
|
||||||
|
# If no email or mxid is specified, all of the server's admins will be
|
||||||
|
# listed.
|
||||||
#
|
#
|
||||||
#support_mxid =
|
#support_mxid =
|
||||||
|
|
||||||
|
[global.blurhashing]
|
||||||
|
|
||||||
|
# blurhashing x component, 4 is recommended by https://blurha.sh/
|
||||||
|
#
|
||||||
|
#components_x = 4
|
||||||
|
|
||||||
|
# blurhashing y component, 3 is recommended by https://blurha.sh/
|
||||||
|
#
|
||||||
|
#components_y = 3
|
||||||
|
|
||||||
|
# Max raw size that the server will blurhash, this is the size of the
|
||||||
|
# image after converting it to raw data, it should be higher than the
|
||||||
|
# upload limit but not too high. The higher it is the higher the
|
||||||
|
# potential load will be for clients requesting blurhashes. The default
|
||||||
|
# is 33.55MB. Setting it to 0 disables blurhashing.
|
||||||
|
#
|
||||||
|
#blurhash_max_raw_size = 33554432
|
||||||
|
@@ -21,7 +21,7 @@ matrix_element_call_enabled: false
|
|||||||
matrix_rtc_enabled: "{{ matrix_element_call_enabled }}"
|
matrix_rtc_enabled: "{{ matrix_element_call_enabled }}"
|
||||||
|
|
||||||
# renovate: datasource=docker depName=ghcr.io/element-hq/element-call
|
# renovate: datasource=docker depName=ghcr.io/element-hq/element-call
|
||||||
matrix_element_call_version: v0.12.2
|
matrix_element_call_version: v0.13.1
|
||||||
|
|
||||||
matrix_element_call_scheme: https
|
matrix_element_call_scheme: https
|
||||||
|
|
||||||
|
@@ -24,7 +24,7 @@
|
|||||||
matrix_synapse_reverse_proxy_companion_enabled: true
|
matrix_synapse_reverse_proxy_companion_enabled: true
|
||||||
|
|
||||||
# renovate: datasource=docker depName=nginx
|
# renovate: datasource=docker depName=nginx
|
||||||
matrix_synapse_reverse_proxy_companion_version: 1.28.0-alpine
|
matrix_synapse_reverse_proxy_companion_version: 1.29.0-alpine
|
||||||
|
|
||||||
matrix_synapse_reverse_proxy_companion_base_path: "{{ matrix_synapse_base_path }}/reverse-proxy-companion"
|
matrix_synapse_reverse_proxy_companion_base_path: "{{ matrix_synapse_base_path }}/reverse-proxy-companion"
|
||||||
matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_proxy_companion_base_path }}/conf.d"
|
matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_proxy_companion_base_path }}/conf.d"
|
||||||
|
@@ -16,7 +16,7 @@ matrix_synapse_enabled: true
|
|||||||
matrix_synapse_github_org_and_repo: element-hq/synapse
|
matrix_synapse_github_org_and_repo: element-hq/synapse
|
||||||
|
|
||||||
# renovate: datasource=docker depName=ghcr.io/element-hq/synapse
|
# renovate: datasource=docker depName=ghcr.io/element-hq/synapse
|
||||||
matrix_synapse_version: v1.132.0
|
matrix_synapse_version: v1.133.0
|
||||||
|
|
||||||
matrix_synapse_username: ''
|
matrix_synapse_username: ''
|
||||||
matrix_synapse_uid: ''
|
matrix_synapse_uid: ''
|
||||||
@@ -1417,7 +1417,7 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config:
|
|||||||
matrix_synapse_ext_synapse_http_antispam_enabled: false
|
matrix_synapse_ext_synapse_http_antispam_enabled: false
|
||||||
matrix_synapse_ext_synapse_http_antispam_git_repository_url: "https://github.com/maunium/synapse-http-antispam"
|
matrix_synapse_ext_synapse_http_antispam_git_repository_url: "https://github.com/maunium/synapse-http-antispam"
|
||||||
# renovate: datasource=github-releases depName=maunium/synapse-http-antispam
|
# renovate: datasource=github-releases depName=maunium/synapse-http-antispam
|
||||||
matrix_synapse_ext_synapse_http_antispam_git_version: "v0.4.0"
|
matrix_synapse_ext_synapse_http_antispam_git_version: "v0.5.0"
|
||||||
# Where Synapse can locate the consumer of the antispam API. Currently
|
# Where Synapse can locate the consumer of the antispam API. Currently
|
||||||
# Draupnir is the only consumer of this API that is playbook supported.
|
# Draupnir is the only consumer of this API that is playbook supported.
|
||||||
# But https://github.com/maunium/meowlnir also supports the API.
|
# But https://github.com/maunium/meowlnir also supports the API.
|
||||||
@@ -1426,6 +1426,10 @@ matrix_synapse_ext_synapse_http_antispam_config_base_url: ''
|
|||||||
# homeserver a lot like how AS authentication is done. This is fully managed
|
# homeserver a lot like how AS authentication is done. This is fully managed
|
||||||
# the same way AS authentication is by the playbook.
|
# the same way AS authentication is by the playbook.
|
||||||
matrix_synapse_ext_synapse_http_antispam_config_authorization: ''
|
matrix_synapse_ext_synapse_http_antispam_config_authorization: ''
|
||||||
|
# This controls if the module will ping the consumer or not for ease of troubleshooting. This defaults
|
||||||
|
# to enabled to help assure users that the connection is working.
|
||||||
|
# Due to that its only a single log line per worker per startup this default is deemed acceptable.
|
||||||
|
matrix_synapse_ext_synapse_http_antispam_config_do_ping: true
|
||||||
# This controls what callbacks are activated. This list is fully dependent on what consumer is in play.
|
# This controls what callbacks are activated. This list is fully dependent on what consumer is in play.
|
||||||
# And what capabilities said consumer should or shouldn't have. There are also performance implications
|
# And what capabilities said consumer should or shouldn't have. There are also performance implications
|
||||||
# to these choices.
|
# to these choices.
|
||||||
@@ -1440,6 +1444,7 @@ matrix_synapse_ext_synapse_http_antispam_config: "{{ matrix_synapse_ext_synapse_
|
|||||||
matrix_synapse_ext_synapse_http_antispam_config_yaml: |
|
matrix_synapse_ext_synapse_http_antispam_config_yaml: |
|
||||||
base_url: {{ matrix_synapse_ext_synapse_http_antispam_config_base_url | to_json }}
|
base_url: {{ matrix_synapse_ext_synapse_http_antispam_config_base_url | to_json }}
|
||||||
authorization: {{ matrix_synapse_ext_synapse_http_antispam_config_authorization | to_json }}
|
authorization: {{ matrix_synapse_ext_synapse_http_antispam_config_authorization | to_json }}
|
||||||
|
do_ping: {{ matrix_synapse_ext_synapse_http_antispam_config_do_ping | to_json }}
|
||||||
enabled_callbacks: {{ matrix_synapse_ext_synapse_http_antispam_config_enabled_callbacks | to_json }}
|
enabled_callbacks: {{ matrix_synapse_ext_synapse_http_antispam_config_enabled_callbacks | to_json }}
|
||||||
fail_open: {{ matrix_synapse_ext_synapse_http_antispam_config_fail_open | to_json }}
|
fail_open: {{ matrix_synapse_ext_synapse_http_antispam_config_fail_open | to_json }}
|
||||||
async: {{ matrix_synapse_ext_synapse_http_antispam_config_async | to_json }}
|
async: {{ matrix_synapse_ext_synapse_http_antispam_config_async | to_json }}
|
||||||
|
BIN
roles/matrix-client-element/files/antifa_coffee_cups.png
Normal file
BIN
roles/matrix-client-element/files/antifa_coffee_cups.png
Normal file
Binary file not shown.
After ![]() (image error) Size: 188 KiB |
BIN
roles/matrix-client-element/files/background.jpg
Normal file
BIN
roles/matrix-client-element/files/background.jpg
Normal file
Binary file not shown.
After ![]() (image error) Size: 2.1 MiB |
BIN
roles/matrix-client-element/files/background_small.jpg
Normal file
BIN
roles/matrix-client-element/files/background_small.jpg
Normal file
Binary file not shown.
After ![]() (image error) Size: 747 KiB |
BIN
roles/matrix-riot-web/files/antifa_coffee_cups.png
Normal file
BIN
roles/matrix-riot-web/files/antifa_coffee_cups.png
Normal file
Binary file not shown.
After ![]() (image error) Size: 188 KiB |
BIN
roles/matrix-riot-web/files/background.jpg
Normal file
BIN
roles/matrix-riot-web/files/background.jpg
Normal file
Binary file not shown.
After ![]() (image error) Size: 2.1 MiB |
@@ -165,3 +165,4 @@
|
|||||||
- install-all
|
- install-all
|
||||||
|
|
||||||
- role: galaxy/playbook_runtime_messages
|
- role: galaxy/playbook_runtime_messages
|
||||||
|
|
||||||
|
106
templates/Caddyfile.j2
Normal file
106
templates/Caddyfile.j2
Normal file
@@ -0,0 +1,106 @@
|
|||||||
|
https://{{ matrix_server_fqn_matrix }} {
|
||||||
|
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||||
|
encode zstd gzip
|
||||||
|
header {
|
||||||
|
Strict-Transport-Security "max-age=31536000;"
|
||||||
|
X-Frame-Options "DENY"
|
||||||
|
X-XSS-Protection "1; mode=block"
|
||||||
|
}
|
||||||
|
basicauth /metrics/* bcrypt monitoring {
|
||||||
|
monitoring JDJhJDE0JGdQRlNHVFpSQmRiaWlPem9LdXlkS09HN2E3LklZS05YZmtXTEY1NlFXbkMxd3hBUmwwbVZl
|
||||||
|
}
|
||||||
|
route /metrics/synapse {
|
||||||
|
uri replace /metrics/synapse /metrics/synapse/main-process
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/appservice {
|
||||||
|
uri replace /metrics/synapse/worker/appservice /metrics/synapse/worker/appservice-0
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/federation-sender-0 {
|
||||||
|
uri replace /metrics/synapse/worker/federation-sender-0 /metrics/synapse/worker/federation-sender-0
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/federation-sender-1 {
|
||||||
|
uri replace /metrics/synapse/worker/federation-sender-1 /metrics/synapse/worker/federation-sender-1
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/federation-sender-2 {
|
||||||
|
uri replace /metrics/synapse/worker/federation-sender-2 /metrics/synapse/worker/federation-sender-2
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/generic-0 {
|
||||||
|
uri replace /metrics/synapse/worker/generic-0 /metrics/synapse/worker/generic-worker-0
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/generic-1 {
|
||||||
|
uri replace /metrics/synapse/worker/generic-1 /metrics/synapse/worker/generic-worker-1
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/media-0 {
|
||||||
|
uri replace /metrics/synapse/worker/media-0 /metrics/synapse/worker/media-repository-0
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/synapse/worker/media-1 {
|
||||||
|
uri replace /metrics/synapse/worker/media-1 /metrics/synapse/worker/media-repository-1
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /metrics/bridge/* {
|
||||||
|
uri strip_prefix /metrics/bridge
|
||||||
|
route /mautrix-telegram {
|
||||||
|
uri replace /mautrix-telegram /metrics
|
||||||
|
reverse_proxy http://127.0.0.1:{{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /mautrix-whatsapp {
|
||||||
|
uri replace /mautrix-whatsapp /metrics
|
||||||
|
reverse_proxy http://127.0.0.1:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /mautrix-signal {
|
||||||
|
uri replace /mautrix-signal /metrics
|
||||||
|
reverse_proxy http://127.0.0.1:{{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /mx-puppet-instagram {
|
||||||
|
uri replace /mx-puppet-instagram /metrics
|
||||||
|
reverse_proxy http://127.0.0.1:{{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /mx-puppet-discord {
|
||||||
|
uri replace /mx-puppet-discord /metrics
|
||||||
|
reverse_proxy http://127.0.0.1:{{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}
|
||||||
|
}
|
||||||
|
route /mx-puppet-slack {
|
||||||
|
uri replace /mx-puppet-slack /metrics
|
||||||
|
reverse_proxy http://127.0.0.1:{{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
reverse_proxy /_matrix/federation/* http://{{ matrix_playbook_public_matrix_federation_api_traefik_entrypoint_host_bind_port }}
|
||||||
|
reverse_proxy /_matrix/key/* http://{{ matrix_playbook_public_matrix_federation_api_traefik_entrypoint_host_bind_port }}
|
||||||
|
reverse_proxy * http://{{ devture_traefik_container_web_host_bind_port }}
|
||||||
|
}
|
||||||
|
|
||||||
|
https://{{ matrix_server_fqn_dimension }} {
|
||||||
|
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||||
|
encode zstd gzip
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
|
||||||
|
https://{{ matrix_server_fqn_element }} {
|
||||||
|
tls /tls_certs/chat.finallycoffee.eu/fullchain.pem /tls_certs/chat.finallycoffee.eu/privkey.pem
|
||||||
|
encode zstd gzip
|
||||||
|
reverse_proxy * http://{{ matrix_nginx_proxy_container_http_host_bind_port }}
|
||||||
|
}
|
||||||
|
|
||||||
|
https://{{ matrix_domain }}/.well-known/matrix/* {
|
||||||
|
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||||
|
route {
|
||||||
|
uri strip_prefix /.well-known/matrix
|
||||||
|
root * /matrix_static
|
||||||
|
file_server
|
||||||
|
}
|
||||||
|
header {
|
||||||
|
Content-Type "application/json"
|
||||||
|
X-Content-Type-Options "nosniff"
|
||||||
|
Access-Control-Allow-Origin *
|
||||||
|
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
||||||
|
Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
|
||||||
|
}
|
||||||
|
}
|
Reference in New Issue
Block a user