meta: move inventory structure to be more usable

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4297

Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4300

README.md

@@ -1,4 +1,4 @@
-[![Support room on Matrix](https://img.shields.io/matrix/matrix-docker-ansible-deploy:devture.com.svg?label=%23matrix-docker-ansible-deploy%3Adevture.com&logo=matrix&style=for-the-badge&server_fqdn=matrix.devture.com)](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com) [![donate](https://liberapay.com/assets/widgets/donate.svg)](https://liberapay.com/s.pantaleev/donate) [![REUSE status](https://api.reuse.software/badge/github.com/spantaleev/matrix-docker-ansible-deploy)](https://api.reuse.software/info/github.com/spantaleev/matrix-docker-ansible-deploy)
+[![Support room on Matrix](https://img.shields.io/matrix/matrix-docker-ansible-deploy:devture.com.svg?label=%23matrix-docker-ansible-deploy%3Adevture.com&logo=matrix&style=for-the-badge&server_fqdn=matrix.devture.com&fetchMode=summary)](https://matrix.to/#/#matrix-docker-ansible-deploy:devture.com) [![donate](https://liberapay.com/assets/widgets/donate.svg)](https://liberapay.com/s.pantaleev/donate) [![REUSE status](https://api.reuse.software/badge/github.com/spantaleev/matrix-docker-ansible-deploy)](https://api.reuse.software/info/github.com/spantaleev/matrix-docker-ansible-deploy)
 
 # Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
 

ansible.cfg

@@ -1,6 +1,11 @@
 [defaults]
+
+vault_password_file = gpg/open_vault.sh
+
 retry_files_enabled = False
 result_format = yaml
 
+inventory = inventory/hosts
+
 [connection]
 pipelining = True

docs/configuring-playbook-bridge-hookshot.md

@@ -126,8 +126,8 @@ aux_file_definitions:
   - dest: "{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}"
     content: "{{ lookup('file', '/path/to/your-github-private-key.pem') }}"
     mode: '0400'
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 ```
 
 For more information, see the documentation in the [default configuration of the aux role](https://github.com/mother-of-all-self-hosting/ansible-role-aux/blob/main/defaults/main.yml).

docs/configuring-playbook-matrix-authentication-service.md

@@ -55,9 +55,7 @@ This section details what you can expect when switching to the Matrix Authentica
 
 - ❌ **Some services experience issues when authenticating via MAS**:
 
-  - [Postmoogle](./configuring-playbook-bridge-postmoogle.md) works the first time around, but it consistently fails after restarting:
-
-    > cannot initialize matrix bot error="olm account is marked as shared, keys seem to have disappeared from the server"
+  - [Reminder bot](configuring-playbook-bot-matrix-reminder-bot.md) seems to be losing some of its state on each restart and may reschedule old reminders once again
 
 - ❌ **Encrypted appservices** do not work yet (related to [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) and [PR 17705 for Synapse](https://github.com/element-hq/synapse/pull/17705)), so all bridges/bots that rely on encryption will fail to start (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3658) for Hookshot). You can use these bridges/bots only if you **keep end-to-bridge encryption disabled** (which is the default setting).
 
@@ -159,6 +157,10 @@ matrix_authentication_service_config_upstream_oauth2_providers:
   - # A unique identifier for the provider
     # Must be a valid ULID
     id: 01HFVBY12TMNTYTBV8W921M5FA
+    # This can be set if you're migrating an existing (legacy) Synapse OIDC configuration.
+    # The value used here would most likely be "oidc" or "oidc-provider".
+    # See: https://element-hq.github.io/matrix-authentication-service/setup/migration.html#map-any-upstream-sso-providers
+    synapse_idp_id: null
     # The issuer URL, which will be used to discover the provider's configuration.
     # If discovery is enabled, this *must* exactly match the `issuer` field
     # advertised in `<issuer>/.well-known/openid-configuration`.
@@ -306,7 +308,7 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
 
 Our migration guide is loosely based on the upstream [Migrating an existing homeserver](https://element-hq.github.io/matrix-authentication-service/setup/migration.html) guide.
 
-Migration is done via a tool called `syn2mas`, which the playbook could run for you (in a container).
+Migration is done via a sub-command called `syn2mas`, which the playbook could run for you (in a container).
 
 The installation + migration steps are like this:
 
@@ -322,7 +324,7 @@ The installation + migration steps are like this:
 
     - The `matrix-user-creator` role would be suppressed, so that it doesn't automatically attempt to create users (for bots, etc.) in the MAS database. These user accounts likely already exist in Synapse's user database and could be migrated over (via syn2mas, as per the steps below), so creating them in the MAS database would have been unnecessary and potentially problematic (conflicts during the syn2mas migration).
 
-3. Consider taking a full [backup of your Postgres database](./maintenance-postgres.md#backing-up-postgresql). This is done just in case. The **syn2mas migration tool does not delete any data**, so it should be possible to revert to your previous setup by merely disabling MAS and re-running the playbook (no need to restore a Postgres backup). However, do note that as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break.
+3. Consider taking a full [backup of your Postgres database](./maintenance-postgres.md#backing-up-postgresql). This is done just in case. The **syn2mas migration command does not delete any data**, so it should be possible to revert to your previous setup by merely disabling MAS and re-running the playbook (no need to restore a Postgres backup). However, do note that as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break.
 
 4. [Migrate your data from Synapse to Matrix Authentication Service using syn2mas](#migrate-your-data-from-synapse-to-matrix-authentication-service-using-syn2mas)
 
@@ -342,9 +344,7 @@ The installation + migration steps are like this:
 
 ### Migrate your data from Synapse to Matrix Authentication Service using syn2mas
 
-We **don't** ask you to [run the `syn2mas` migration advisor command](https://element-hq.github.io/matrix-authentication-service/setup/migration.html#run-the-migration-advisor), because it only gives you the green light if your Synapse configuration (`homeserver.yaml`) is configured in a way that's compatible with MAS (delegating authentication to MAS; disabling Synapse's password config; etc.). Until we migrate your data with the `syn2mas` tool, we intentionally avoid doing these changes to allow existing user sessions to work.
-
-You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration).
+You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-mas-cli-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration).
 
 #### Configuring syn2mas
 
@@ -356,26 +356,9 @@ When you're done with potentially configuring `syn2mas`, proceed to doing a [dry
 
 ##### Configuring upstream OIDC provider mapping for syn2mas
 
-If you have existing OIDC users in your Synapse user database (which will be the case if when using [OIDC with Synapse](./configuring-playbook-synapse.md#synapse--openid-connect-for-single-sign-on)), you may need to pass an additional `--upstreamProviderMapping` argument to the `syn2mas` tool to tell it which provider (on the Synapse side) maps to which other provider on the MAS side.
+Since Matrix Authentication Service v0.16.0 (which replaced the standalone `syn2mas` tool with a `mas-cli syn2mas` sub-command), OIDC configuration (mapping from your old OIDC configuration to your new one, etc) is meant to be configured in the Matrix Authentication Service configuration (via `matrix_authentication_service_config_upstream_oauth2_providers`) as a `synapse_idp_id` property for each provider.
 
-If you don't do this, `syn2mas` would report errors like this one:
-
-> [FATAL] migrate - [Failed to import external id 4264b0f0-4f11-4ddd-aedb-b500e4d07c25 with oidc-keycloak for user @alice:example.com: Error: Unknown upstream provider oidc-keycloak]
-
-Below is an example situation and a guide for how to solve it.
-
-If in `matrix_synapse_oidc_providers` your provider `idp_id` is (was) named `keycloak`, in the Synapse database users would be associated with the `oidc-keycloak` provider (note the `oidc-` prefix that was added automatically by Synapse to your `idp_id` value).
-
-The same OIDC provider may have an `id` of `01HFVBY12TMNTYTBV8W921M5FA` on the MAS side, as defined in `matrix_authentication_service_config_upstream_oauth2_providers` (see the [Upstream OAuth2 configuration](#upstream-oauth2-configuration) section above).
-
-To tell `syn2mas` how the Synapse-configured OIDC provider maps to the new MAS-configured OIDC provider, add this additional configuration to your `vars.yml` file:
-
-```yaml
-# Adjust the mapping below to match your provider IDs on the Synapse side and the MAS side.
-# Don't forget that Synapse automatically adds an `oidc-` prefix to provider ids defined in its configuration.
-matrix_authentication_service_syn2mas_process_extra_arguments:
-  - "--upstreamProviderMapping oidc-keycloak:01HFVBY12TMNTYTBV8W921M5FA"
-```
+You can refer to the [Map any upstream SSO providers](https://element-hq.github.io/matrix-authentication-service/setup/migration.html#map-any-upstream-sso-providers) section of the MAS documentation for figuring out how to set the `synapse_idp_id` value in `matrix_authentication_service_config_upstream_oauth2_providers` correctly.
 
 #### Performing a syn2mas dry-run
 
@@ -386,7 +369,7 @@ A dry-run would not cause downtime, because it avoids stopping Synapse.
 To perform a dry-run, run:
 
 ```sh
-just run-tags matrix-authentication-service-syn2mas -e matrix_authentication_service_syn2mas_dry_run=true
+just run-tags matrix-authentication-service-mas-cli-syn2mas -e matrix_authentication_service_syn2mas_migrate_dry_run=true
 ```
 
 Observe the command output (especially the last line of the the syn2mas output). If you are confident that the migration will work out as expected, you can proceed with a [real migration](#performing-a-real-syn2mas-migration).
@@ -405,13 +388,13 @@ Before performing a real migration make sure:
 
 - you've performed a [syn2mas dry-run](#performing-a-syn2mas-dry-run) and don't see any issues in its output
 
-To perform a real migration, run the `matrix-authentication-service-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_dry_run` variable:
+To perform a real migration, run the `matrix-authentication-service-mas-cli-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_migrate_dry_run` variable:
 
 ```sh
-just run-tags matrix-authentication-service-syn2mas
+just run-tags matrix-authentication-service-mas-cli-syn2mas
 ```
 
-Having performed a `syn2mas` migration once, trying to do it again will report errors for users that were already migrated (e.g. "Error: Unknown upstream provider oauth-delegated").
+Having performed a `syn2mas` migration once, trying to do it again will report errors (e.g. "Error: The MAS database is not empty: rows found in at least `users`. Please drop and recreate the database, then try again.").
 
 ## Verify that Matrix Authentication Service is installed correctly
 

docs/configuring-playbook-sygnal.md

@@ -49,8 +49,8 @@ aux_file_definitions:
       content
       here
     mode: '0600'
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 ```
 
 Configuring [GCM/FCM](https://firebase.google.com/docs/cloud-messaging/) is easier, as it only requires that you provide some config values.

docs/installing.md

@@ -157,6 +157,8 @@ The upstream projects, which this playbook makes use of, occasionally if not oft
 
 Since it is unsafe to keep outdated services running on the server connected to the internet, please consider to update the playbook and re-run it periodically, in order to keep the services up-to-date.
 
+Also, do not forget to update your system regularly. While this playbook may install basic services, such as Docker, it will not interfere further with system maintenance. Keeping the system itself up-to-date is out of scope for this playbook.
+
 For more information about upgrading or maintaining services with the playbook, take a look at this page: [Upgrading the Matrix services](maintenance-upgrading-services.md)
 
 Feel free to **re-run the setup command any time** you think something is wrong with the server configuration. Ansible will take your configuration and update your server to match.

docs/prerequisites.md

@@ -60,7 +60,7 @@ We will be using `example.com` as the domain in the following instruction. Pleas
   - `80/tcp`: HTTP webserver
   - `443/tcp` and `443/udp`: HTTPS webserver
   - `3478/tcp`: STUN/TURN over TCP (used by [coturn](./configuring-playbook-turn.md))
-  - `3478/udp`: STUN/TURN over TCP (used by [coturn](./configuring-playbook-turn.md))
+  - `3478/udp`: STUN/TURN over UDP (used by [coturn](./configuring-playbook-turn.md))
   - `5349/tcp`: TURN over TCP (used by [coturn](./configuring-playbook-turn.md))
   - `5349/udp`: TURN over UDP (used by [coturn](./configuring-playbook-turn.md))
   - `8448/tcp` and `8448/udp`: Matrix Federation API HTTPS webserver. Some components like [Matrix User Verification Service](configuring-playbook-user-verification-service.md#open-matrix-federation-port) require this port to be opened **even with federation disabled**.

gpg/open_vault.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -e -u
+
+gpg2 --batch --use-agent --decrypt $(dirname $0)/vault_passphrase.gpg 2>/dev/null

gpg/vault_passphrase.gpg

@@ -0,0 +1,18 @@
+-----BEGIN PGP MESSAGE-----
+
+hQIMAxEs7W/4x4lxARAAssinIzR2rGs+Qkm0Q2tRdSXSXRx3OhH+2T5p0Rz3YkqU
+iyiUtyT/Ll7RMUAlAEDZITvirXe4ZZImDcxQegEzFgO7BowQYJDRdhaRmLKZpiuQ
+foRnJAAR12sf49arjJjaBQb91ViOp5MkxAtXiiqWyXwSSII+cV88flMq143cFmfC
+C5OdIQd3SqrbFhGRTjUzoIMqnJH8xksjwph9GS811dY14rQv5X1Ybt5zehMJ7/m/
+luLNg2zgQgYOUxcovddCVMI54ThXyDubDox/5xLvVjyVOFHgwC/VLn+QXHuPY/r5
++rVzz/30eq0uOLKD3LnDBQskCWRVWGC2ulKaZtlylBq6KRzIM6c6+VPSHCjoFyES
+RRpRHeIXGLs31eLkr8dc+VNbPKpMsjm/E/4ZVE2JBpy7S/kh1XYVQxT6ahDKT1tD
+4YN9O0JyNXzjiyNaTTLwNGh5+ICEd3ZCfa4O/og2LySGPOw6mX8ukgP029LHVp6+
+0tRwSWiIM3US/NIVGA+o9e9I/I5Bp/cnzJgd7faUIlzcVPP+euCbo4GsYWpX3Nca
+eRcr7AVY3wwuZtl7/s8KbQKk0ulLxS4Lo2XmdpQl8CPGwASdbMf/H8B256+xiUQ3
+ml400ZaCC7Loeduwl1ez1H/dFFzmpUziaxxtWW4aFtOUYhGeSCTu6ZIgxVq3eBnS
+jAGv8bt+0Xnrpih3mZWM92cw2VKfzYD9WG+dCB4DtZMKhl1ub2bkeTC/B9F+QuP6
+anlonYHs2wmPXzjcx8ajonbYrYXanoNRHDId6OqVAbjYqbua6TG6H9LUFweIj1RV
+yhUPejzhA8xEB0nUcKJZKLvuqvwPbr06GODnAKY5TQ4yILMAnBx0pNzfQNzo
+=Cecg
+-----END PGP MESSAGE-----

group_vars/matrix_servers

@@ -73,11 +73,11 @@ matrix_federation_traefik_entrypoint_tls: "{{ traefik_config_entrypoint_web_secu
 #                                                                      #
 ########################################################################
 
-aux_directory_default_owner: "{{ matrix_user_username }}"
-aux_directory_default_group: "{{ matrix_user_groupname }}"
+aux_directory_default_owner: "{{ matrix_user_name }}"
+aux_directory_default_group: "{{ matrix_group_name }}"
 
-aux_file_default_owner: "{{ matrix_user_username }}"
-aux_file_default_group: "{{ matrix_user_groupname }}"
+aux_file_default_owner: "{{ matrix_user_name }}"
+aux_file_default_group: "{{ matrix_group_name }}"
 
 ########################################################################
 #                                                                      #
@@ -688,8 +688,6 @@ matrix_authentication_service_config_email_from_address: "{{ exim_relay_sender_a
 
 matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
 
-matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream_default }}"
-
 matrix_authentication_service_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
 
 matrix_authentication_service_container_network: "{{ matrix_homeserver_container_network }}"
@@ -3314,7 +3312,7 @@ backup_borg_storage_archive_name_format: matrix-{now:%Y-%m-%d-%H%M%S}
 
 backup_borg_base_path: "{{ matrix_base_data_path }}/backup-borg"
 
-backup_borg_username: "{{ matrix_user_username }}"
+backup_borg_username: "{{ matrix_user_name }}"
 backup_borg_uid: "{{ matrix_user_uid }}"
 backup_borg_gid: "{{ matrix_user_gid }}"
 
@@ -3743,7 +3741,7 @@ jitsi_base_path: "{{ matrix_base_data_path }}/jitsi"
 jitsi_uid: "{{ matrix_user_uid }}"
 jitsi_gid: "{{ matrix_user_gid }}"
 
-jitsi_user_username: "{{ matrix_user_username }}"
+jitsi_user_username: "{{ matrix_user_name }}"
 
 jitsi_web_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else jitsi_web_container_image_registry_prefix_upstream_default }}"
 
@@ -4795,7 +4793,7 @@ matrix_client_fluffychat_self_check_validate_certificates: "{{ matrix_playbook_s
 
 matrix_synapse_enabled: "{{ matrix_homeserver_implementation == 'synapse' }}"
 
-matrix_synapse_username: "{{ matrix_user_username }}"
+matrix_synapse_username: "{{ matrix_user_name }}"
 matrix_synapse_uid: "{{ matrix_user_uid }}"
 matrix_synapse_gid: "{{ matrix_user_gid }}"
 
@@ -5338,7 +5336,7 @@ prometheus_node_exporter_gid: "{{ matrix_user_gid }}"
 
 prometheus_node_exporter_hostname: "{{ matrix_server_fqn_matrix }}"
 
-prometheus_node_exporter_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else prometheus_node_exporter_docker_image_registry_prefix_upstream_default }}"
+prometheus_node_exporter_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else prometheus_node_exporter_container_image_registry_prefix_upstream_default }}"
 
 prometheus_node_exporter_container_network: "{{ matrix_monitoring_container_network }}"
 
@@ -5376,7 +5374,7 @@ prometheus_postgres_exporter_gid: "{{ matrix_user_gid }}"
 
 prometheus_postgres_exporter_hostname: "{{ matrix_server_fqn_matrix }}"
 
-prometheus_postgres_exporter_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else prometheus_postgres_exporter_docker_image_registry_prefix_upstream_default }}"
+prometheus_postgres_exporter_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else prometheus_postgres_exporter_container_image_registry_prefix_upstream_default }}"
 
 prometheus_postgres_exporter_container_network: "{{ matrix_monitoring_container_network }}"
 
@@ -6332,6 +6330,8 @@ matrix_element_call_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'htt
 
 matrix_element_call_container_network: "{{ matrix_addons_container_network }}"
 
+matrix_element_call_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_element_call_container_image_registry_prefix_upstream_default }}"
+
 matrix_element_call_container_additional_networks_auto: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_element_call_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network) else [] }}"
 
 matrix_element_call_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
@@ -6367,6 +6367,8 @@ livekit_server_path_prefix: "/livekit-server"
 
 livekit_server_container_image_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
 
+livekit_server_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else livekit_server_container_image_registry_prefix_upstream_default }}"
+
 livekit_server_container_network: "{{ matrix_addons_container_network }}"
 livekit_server_container_additional_networks_auto: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if (livekit_server_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network) else [] }}"
 
@@ -6470,6 +6472,8 @@ matrix_livekit_jwt_service_path_prefix: "/livekit-jwt-service"
 
 matrix_livekit_jwt_service_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
 
+matrix_livekit_jwt_service_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_livekit_jwt_service_container_image_registry_prefix_upstream_default }}"
+
 matrix_livekit_jwt_service_container_network: "{{ matrix_addons_container_network }}"
 
 matrix_livekit_jwt_service_container_additional_networks_auto: |

i18n/locales/bg/LC_MESSAGES/docs/configuring-playbook-matrix-authentication-service.po

@@ -435,7 +435,7 @@ msgid "We **don't** ask you to [run the `syn2mas` migration advisor command](htt
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:340
-msgid "You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration)."
+msgid "You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-mas-cli-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration)."
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:342
@@ -535,7 +535,7 @@ msgid "you've performed a [syn2mas dry-run](#performing-a-syn2mas-dry-run) and d
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:401
-msgid "To perform a real migration, run the `matrix-authentication-service-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_dry_run` variable:"
+msgid "To perform a real migration, run the `matrix-authentication-service-mas-cli-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_migrate_dry_run` variable:"
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:407

i18n/locales/jp/LC_MESSAGES/docs/configuring-playbook-matrix-authentication-service.po

@@ -434,7 +434,7 @@ msgid "We **don't** ask you to [run the `syn2mas` migration advisor command](htt
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:340
-msgid "You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration)."
+msgid "You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-mas-cli-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration)."
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:342
@@ -534,7 +534,7 @@ msgid "you've performed a [syn2mas dry-run](#performing-a-syn2mas-dry-run) and d
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:401
-msgid "To perform a real migration, run the `matrix-authentication-service-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_dry_run` variable:"
+msgid "To perform a real migration, run the `matrix-authentication-service-mas-cli-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_migrate_dry_run` variable:"
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:407

i18n/requirements.txt

@@ -1,7 +1,7 @@
 alabaster==1.0.0
 babel==2.17.0
 certifi==2025.4.26
-charset-normalizer==3.4.1
+charset-normalizer==3.4.2
 click==8.1.8
 docutils==0.21.2
 idna==3.10
@@ -17,7 +17,7 @@ packaging==25.0
 Pygments==2.19.1
 PyYAML==6.0.2
 requests==2.32.3
-setuptools==79.0.1
+setuptools==80.3.1
 snowballstemmer==2.2.0
 Sphinx==8.2.3
 sphinx-intl==2.3.1

i18n/translation-templates/docs/configuring-playbook-matrix-authentication-service.pot

@@ -430,7 +430,7 @@ msgid "We **don't** ask you to [run the `syn2mas` migration advisor command](htt
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:340
-msgid "You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration)."
+msgid "You can invoke the `syn2mas` tool via the playbook by running the playbook's `matrix-authentication-service-mas-cli-syn2mas` tag. We recommend first doing a [dry-run](#performing-a-syn2mas-dry-run) and then a [real migration](#performing-a-real-syn2mas-migration)."
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:342
@@ -530,7 +530,7 @@ msgid "you've performed a [syn2mas dry-run](#performing-a-syn2mas-dry-run) and d
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:401
-msgid "To perform a real migration, run the `matrix-authentication-service-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_dry_run` variable:"
+msgid "To perform a real migration, run the `matrix-authentication-service-mas-cli-syn2mas` tag **without** the `matrix_authentication_service_syn2mas_migrate_dry_run` variable:"
 msgstr ""
 
 #: ../../../docs/configuring-playbook-matrix-authentication-service.md:407

inventory/host_vars/matrix.finallycoffee.eu/postgresql.yml

@@ -0,0 +1,16 @@
+---
+postgres_max_connections: 400
+postgres_shared_buffers: 3145728 # (3072 MiB)
+postgres_effective_cache_size: 8388608 # (8192 MiB)
+postgres_maintenance_work_mem: 786432 # (768 MiB)
+postgres_wal_buffers: 16384 # (16 MiB)
+postgres_random_page_cost: 1.3
+postgres_work_mem: 4096
+postgres_huge_pages: try
+postgres_min_wal_size: 524288 # (512 MiB)
+postgres_max_wal_size: 4194304 # (4GiB)
+postgres_max_worker_processes: 8
+postgres_max_parallel_workers: 8
+postgres_max_parallel_workers_per_gather: 4
+postgres_max_parallel_maintenance_workers: 4
+

inventory/host_vars/matrix.finallycoffee.eu/vars.yml

@@ -0,0 +1,386 @@
+#
+# General config
+# Domain of the matrix server and SSL config
+#
+matrix_domain: finallycoffee.eu
+
+matrix_playbook_reverse_proxy_type: playbook-managed-traefik
+matrix_playbook_ssl_enabled: true
+traefik_config_entrypoint_web_secure_enabled: false
+traefik_container_web_host_bind_port: '127.0.10.1:8080'
+traefik_config_entrypoint_web_forwardedHeaders_insecure: true
+matrix_playbook_public_matrix_federation_api_traefik_entrypoint_host_bind_port: '127.0.10.2:8448'
+matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_custom:
+  forwardedHeaders:
+    insecure: true
+
+matrix_synapse_metrics_proxying_enabled: true
+matrix_sliding_sync_enabled: true
+
+matrix_base_data_path: "{{ vault_matrix_base_data_path }}"
+matrix_server_fqn_element: "chat.{{ matrix_domain }}"
+matrix_playbook_docker_installation_enabled: false
+
+#matrix_dimension_scheme: https
+
+devture_timesync_installation_enabled: false
+matrix_homeserver_generic_secret_key: "{{ vault_homeserver_generic_secret_key }}"
+devture_systemd_service_manager_up_verification_delay_seconds: 300
+
+web_user: "web"
+revproxy_autoload_dir: "/vault/services/web/sites.d"
+postgres_dump_dir: /vault/temp
+
+
+#
+# General Synapse config
+#
+postgres_connection_password: "{{ vault_matrix_postgres_connection_password }}"
+# A secret used to protect access keys issued by the server.
+# matrix_homeserver_generic_secret_key: "{{ vault_homeserver_generic_secret_key }}"
+# Make synapse accept larger media aswell
+matrix_synapse_max_upload_size_mb: 200
+# Enable metrics at (default) :9100/_synapse/metrics
+matrix_synapse_metrics_enabled: true
+matrix_synapse_turn_shared_secret: "{{ vault_matrix_coturn_turn_static_auth_secret }}"
+matrix_synapse_turn_uris:
+  - "turn:voip.matrix.finallycoffee.eu?transport=udp"
+  - "turn:voip.matrix.finallycoffee.eu?transport=tcp"
+# Auto-join all users into those rooms
+matrix_synapse_auto_join_rooms:
+  - "#welcome:finallycoffee.eu"
+  - "#announcements:finallycoffee.eu"
+
+## Synapse rate limits
+#matrix_synapse_rc_federation:
+#  window_size: 1000
+#  sleep_limit: 50
+#  sleep_delay: 500
+#  reject_limit: 50
+#  concurrent: 10
+#matrix_synapse_rc_message:
+#  per_second: 0.5
+#  burst_count: 25
+#matrix_synapse_rc_joins:
+#  local:
+#    per_second: 0.5
+#    burst_count: 20
+#  remote:
+#    per_second: 0.05
+#    burst_count: 20
+#matrix_synapse_rc_joins_per_room:
+#  per_second: 1
+#  burst_count: 10
+#matrix_synapse_rc_invites:
+#  per_room:
+#    per_second: 0.5
+#    burst_count: 10
+#  per_user:
+#    per_second: 0.006
+#    burst_count: 10
+#  per_issuer:
+#    per_second: 2
+#    burst_count: 20
+
+## Synapse cache tuning
+#matrix_synapse_caches_global_factor: 1.5
+#matrix_synapse_event_cache_size: "300K"
+
+## Synapse workers
+matrix_synapse_workers_enabled: true
+matrix_synapse_workers_preset: "little-federation-helper"
+matrix_synapse_workers_generic_workers_count: 1
+matrix_synapse_workers_media_repository_workers_count: 1
+matrix_synapse_workers_federation_sender_workers_count: 1
+matrix_synapse_workers_pusher_workers_count: 0
+matrix_synapse_workers_appservice_workers_count: 1
+
+# Static secret auth for matrix-synapse-shared-secret-auth
+#matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true
+#matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: "{{ vault_matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
+#matrix_synapse_ext_password_provider_rest_auth_enabled: true
+#matrix_synapse_ext_password_provider_rest_auth_endpoint: "http://matrix-ma1sd:8090"
+#matrix_synapse_ext_password_provider_rest_auth_registration_enforce_lowercase: false
+#matrix_synapse_ext_password_provider_rest_auth_registration_profile_name_autofill: true
+#matrix_synapse_ext_password_provider_rest_auth_login_profile_name_autofill: false
+
+matrix_synapse_configuration_extension_yaml: |
+  database:
+    args:
+      cp_min: 10
+      cp_max: 30
+      cp_reconnect: True
+
+#  caches:
+#    per_cache_factors:
+#      device_id_exists: 3
+#      get_users_in_room: 4
+#      _get_joined_users_from_context: 4
+#      _get_joined_profile_from_event_id: 3
+#      "*stateGroupMembersCache*": 2
+#      _matches_user_in_member_list: 3
+#      get_users_who_share_room_with_user: 3
+#      is_interested_in_room: 2
+#      get_user_by_id: 1.5
+#      room_push_rule_cache: 1.5
+#    expire_caches: true
+#    cache_entry_ttl: 45m
+#    sync_response_cache_duration: 2m
+  
+
+#
+# synapse-admin tool
+#
+#matrix_synapse_admin_enabled: true
+#matrix_synapse_admin_container_http_host_bind_port: 8985
+
+
+#
+# VoIP / CoTURN config
+#
+# A shared secret (between Synapse and Coturn) used for authentication.
+matrix_coturn_turn_static_auth_secret: "{{ vault_matrix_coturn_turn_static_auth_secret }}"
+# Disable coturn, as we use own instance
+matrix_coturn_enabled: false
+
+
+#
+# dimension (integration manager) config
+#
+matrix_dimension_enabled: false
+#matrix_dimension_admins: "{{ vault_matrix_dimension_admins }}"
+#matrix_server_fqn_dimension: "dimension.matrix.{{ matrix_domain }}"
+#matrix_dimension_access_token: "{{ vault_matrix_dimension_access_token }}"
+#matrix_dimension_configuration_extension_yaml: |
+#    telegram:
+#        botToken: "{{ vault_matrix_dimension_configuration_telegram_bot_token }}"
+
+
+#
+# mautrix-whatsapp config
+#
+matrix_mautrix_whatsapp_enabled: true
+matrix_mautrix_whatsapp_bridge_personal_filtering_spaces: true
+matrix_mautrix_whatsapp_bridge_enable_status_broadcast: false
+matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port: 9402
+matrix_mautrix_whatsapp_container_extra_arguments:
+  - "-p 127.0.0.1:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}"
+matrix_mautrix_whatsapp_configuration_extension_yaml: |
+    bridge:
+        displayname_template: "{% raw %}{{.Name}} ({{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}}) (via WhatsApp){% endraw %}"
+        max_connection_attempts: 5
+        connection_timeout: 30
+        contact_wait_delay: 5
+        private_chat_portal_meta: true
+        login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
+    logging:
+        print_level: info
+    metrics:
+        enabled: true
+        listen: 0.0.0.0:{{ matrix_mautrix_whatsapp_container_http_monitoring_host_bind_port }}
+    whatsapp:
+        os_name: Linux mautrix-whatsapp
+        browser_name: Chrome
+
+
+#
+# mautrix-telegram config
+#
+matrix_mautrix_telegram_enabled: true
+matrix_mautrix_telegram_api_id: "{{ vault_matrix_mautrix_telegram_api_id }}"
+matrix_mautrix_telegram_api_hash: "{{ vault_matrix_mautrix_telegram_api_hash }}"
+matrix_mautrix_telegram_public_endpoint: '/bridge/telegram'
+matrix_mautrix_telegram_container_http_monitoring_host_bind_port: 9401
+matrix_mautrix_telegram_container_http_host_bind_port_public: 8980
+matrix_mautrix_telegram_container_extra_arguments:
+  - "-p 127.0.0.1:{{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}"
+  - "-p 127.0.0.1:{{ matrix_mautrix_telegram_container_http_host_bind_port_public }}:80"
+matrix_mautrix_telegram_configuration_extension_yaml: |
+    bridge:
+        displayname_template: "{displayname} (via Telegram)"
+        parallel_file_transfer: false
+        inline_images: false
+        image_as_file_size: 20
+        delivery_receipts: true
+        login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret }}"
+        animated_sticker:
+            target: webm
+        encryption:
+            allow: true
+            default: true
+        permissions:
+            "@transcaffeine:finallycoffee.eu": "admin"
+            "boobies.software": "full"
+    logging:
+        root:
+            level: INFO
+    metrics:
+        enabled: true
+        listen_port: {{ matrix_mautrix_telegram_container_http_monitoring_host_bind_port }}
+#        permissions: "{{ vault_matrix_mautrix_telegram_permission_map | from_yaml }}"
+
+
+#
+# mautrix-signal config
+#
+matrix_mautrix_signal_enabled: true
+matrix_mautrix_signal_container_http_monitoring_host_bind_port: 9408
+matrix_mautrix_signal_container_extra_arguments:
+    - "-p 127.0.0.1:{{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}:{{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}"
+matrix_mautrix_signal_configuration_extension_yaml: |
+    bridge:
+        displayname_template: "{displayname} (via Signal)"
+        community_id: "+signal:finallycoffee.eu"
+        encryption:
+            allow: true
+            default: true
+            key_sharing:
+                allow: true
+                require_verification: false
+        delivery_receipts: true
+        permissions:
+          "@ilosai:fairydust.space": "user"
+    logging:
+        root:
+            level: INFO
+    metrics:
+        enabled: true
+        listen_port: {{ matrix_mautrix_signal_container_http_monitoring_host_bind_port }}
+
+matrix_bridges_encryption_enabled: true
+matrix_bridges_encryption_default: true
+matrix_appservice_double_puppet_enabled: true
+
+matrix_mautrix_slack_enabled: true
+matrix_mautrix_slack_appservice_bot_username: slack
+
+#
+# mx-puppet-instagram configuration
+#
+matrix_mx_puppet_instagram_enabled: false
+#matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port: 9403
+#matrix_mx_puppet_instagram_container_extra_arguments:
+#  - "-p 127.0.0.1:{{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}"
+#matrix_mx_puppet_instagram_configuration_extension_yaml: |
+#    bridge:
+#        enableGroupSync: true
+#        avatarUrl: mxc://finallycoffee.eu/acmiSAinuHDOULofFFeolTvr
+#    metrics:
+#        enabled: true
+#        port: {{ matrix_mx_puppet_instagram_container_http_monitoring_host_bind_port }}
+#        path: /metrics
+#    presence:
+#        enabled: true
+#        interval: 3000
+#
+#
+##
+## mx-puppet-discord configuration
+##
+matrix_mx_puppet_discord_enabled: false
+#matrix_mx_puppet_discord_client_id: "{{ vault_matrix_mx_puppet_discord_client_id }}"
+#matrix_mx_puppet_discord_client_secret: "{{ vault_matrix_mx_puppet_discord_client_secret }}"
+#matrix_mx_puppet_discord_container_http_monitoring_host_bind_port: 9404
+#matrix_mx_puppet_discord_container_extra_arguments:
+#  - "-p 127.0.0.1:{{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}"
+#matrix_mx_puppet_discord_configuration_extension_yaml: |
+#    bridge:
+#        enableGroupSync: true
+#        avatarUrl: mxc://finallycoffee.eu/BxcAAhjXmglMbtthStEHtCzd
+#    metrics:
+#        enabled: true
+#        port: {{ matrix_mx_puppet_discord_container_http_monitoring_host_bind_port }}
+#        path: /metrics
+#    limits:
+#        maxAutojoinUsers: 500
+#        roomUserAutojoinDelay: 50
+#    presence:
+#        enabled: true
+#        interval: 3000
+
+
+#
+# mx-puppet-slack configuration
+#
+matrix_mx_puppet_slack_enabled: false
+#matrix_mx_puppet_slack_client_id: "{{ vault_matrix_mx_puppet_slack_client_id }}"
+#matrix_mx_puppet_slack_client_secret: "{{ vault_matrix_mx_puppet_slack_client_secret }}"
+#matrix_mx_puppet_slack_oauth_redirect_path: '/bridge/slack/oauth'
+#matrix_mx_puppet_slack_container_http_auth_host_bind_port: 8981
+#matrix_mx_puppet_slack_container_http_monitoring_host_bind_port: 9406
+#matrix_mx_puppet_slack_container_extra_arguments:
+#  - "-p 127.0.0.1:{{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}:{{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}"
+#  - "-p 127.0.0.1:{{ matrix_mx_puppet_slack_container_http_auth_host_bind_port }}:8008"
+#matrix_mx_puppet_slack_configuration_extension_yaml: |
+#    bridge:
+#        enableGroupSync: true
+#    metrics:
+#        enabled: true
+#        port: {{ matrix_mx_puppet_slack_container_http_monitoring_host_bind_port }}
+#        path: /metrics
+#    limits:
+#        maxAutojoinUsers: 500
+#        roomUserAutojoinDelay: 50
+#    presence:
+#        enabled: true
+#        interval: 3000
+
+
+#
+# Element web configuration
+#
+# Branding config
+matrix_client_element_brand: "Chat"
+matrix_client_element_default_theme: "dark"
+matrix_client_element_themes_enabled: true
+matrix_client_element_welcome_headline: "Welcome to chat.finallycoffee.eu"
+matrix_client_element_welcome_text: |
+    Decentralised, encrypted chat &amp; collaboration,<br />
+    hosted on finallycoffee.eu, powered by element.io &amp;
+    <a href="https://matrix.org" target="_blank" rel="noreferrer noopener">
+      <img width="79" height="34" alt="[matrix]" style="padding-left: 1px;vertical-align: middle" src="welcome/images/matrix.svg" />
+    </a>
+matrix_client_element_welcome_logo: "welcome/images/logo.png"
+matrix_client_element_welcome_logo_link: "https://{{ matrix_domain }}"
+matrix_client_element_branding_auth_header_logo_url: "welcome/images/logo.png"
+matrix_client_element_branding_welcome_background_url: "welcome/images/background.jpg"
+matrix_client_element_container_extra_arguments:
+  - "-v {{ matrix_client_element_data_path }}/background.jpg:/app/{{ matrix_client_element_branding_welcome_background_url }}:ro"
+  - "-v {{ matrix_client_element_data_path }}/logo.png:/app/{{ matrix_client_element_branding_auth_header_logo_url }}:ro"
+# Integration and capabilites config
+matrix_client_element_integrations_ui_url: "https://{{ matrix_server_fqn_dimension }}/element"
+matrix_client_element_integrations_rest_url: "https://{{ matrix_server_fqn_dimension }}/api/v1/scalar"
+matrix_client_element_integrations_widgets_urls:
+  - "https://{{ matrix_server_fqn_dimension }}/widgets"
+  - "https://scalar.vector.im/api"
+matrix_client_element_integrations_jitsi_widget_url: "https://{{ matrix_server_fqn_dimension }}/widgets/jitsi"
+matrix_client_element_disable_custom_urls: false
+matrix_client_element_room_directory_servers:
+  - "matrix.org"
+  - "finallycoffee.eu"
+matrix_client_element_enable_presence_by_hs_url:
+  https://matrix.org: false
+
+
+# Matrix ma1sd extended configuration
+#matrix_ma1sd_configuration_extension_yaml: |
+#    hashing:
+#      enabled: true
+#      pepperLength: 20
+#      rotationPolicy: per_requests
+#      requests: 10
+#      hashStorageType: sql
+#      algorithms:
+#          - none
+#          - sha256
+
+
+# Matrix mail notification relay setup
+exim_relay_enabled: true
+exim_relay_sender_address: "system-matrix@{{ matrix_domain }}"
+exim_relay_relay_use: true
+exim_relay_relay_host_name: "{{ vault_matrix_mailer_relay_host_name }}"
+exim_relay_relay_host_port: 587
+exim_relay_relay_auth: true
+exim_relay_relay_auth_username: "{{ vault_matrix_mailer_relay_auth_username }}"
+exim_relay_relay_auth_password: "{{ vault_matrix_mailer_relay_auth_password }}"

inventory/host_vars/matrix.finallycoffee.eu/vault.yml

@@ -0,0 +1,105 @@
+$ANSIBLE_VAULT;1.1;AES256
+61626165616330663863393762663031623164636666346339343636363035663463636135656533
+3338383762633130346536613334626164306464333835380a353264386431326437616234393165
+61323266623432353731373634353339393936643130346434346530336563326533386331646533
+3030663037666664360a346636343966663733663836633736316630663230613137663166336336
+62383131343934353635633261323036613231646439626162306238313132316664653237653533
+34376464633335626133376138343139653561613232333133393535393137653964633561313761
+62653632663432313936336231613832626362343737383863343562636437646439666638383733
+63313538616430393536356534303164633332653538643264353834393465373538643963343039
+31366661636263353936363931343938323563626538303133366263363533393564386466666361
+38666264643931336563633663663538616431313231336364653631383261326537336162313837
+32373730343538653862326636303264353737353139663161393762383138393531363264633531
+32383661396537636635666665316630663032333932393131336235663938623932383230343830
+31613563656663343830353438396535663864306531333239623738653838633331386465353466
+37366363643334623165373562363465636161396437333966303864663033636665623564613565
+39643635333636363132633462386536393634303838343835363633626162363236653839376230
+34666430363933336335323330386339656339356637653931643565303166303436333562333361
+38633838636337316137343564613338346239663933356130396562306164376430363233373632
+66303430303034353262343565373139333535636231623062633537653636376136656138623637
+34396562376233643234643436323433336436393163363935643033643833386631633762343162
+33633136316635326532343430383437366139333830373731636265386234356164393066333663
+37663934633437653364356231383934313132343162323436373339393964656336646164333533
+37626336616565323237633736653433316238366261303465343466643363303131376665346231
+62623133336561313732393837323330643138663830353662366139373366383436323530333732
+38623633666537643038636163303164653866343934616236343733386533663936303637326462
+63633137626632613736313333643363373963306161353431396261646635383930366166363135
+66353962643638616635376137346439383339303236323761366439306638623762343966623035
+30323435396533633238313962306366343362393339616131393839653565666666313833313433
+66386362353061323465666563616230336565663339646162623634643330646239343934373636
+33363061316637613266373831376133303337616639643239393835636138323266613134633633
+65356634636562313961643865353334306131333030373566666535373039343337613964306465
+32393163666232383266363763336132653765316162663961653933633832626533646537376136
+64613133373135616531343837616264656461313963646565656465656165303534343834663734
+62313865366634656265613264623234653165633839323030643333643139323531643637393439
+61656561303732663834336334643765616234373063306236303538646663316131663933323236
+63396263663034613832653361383061336132663032646133323931386562653661346264363439
+35636463613635316239363061363836623564303933373964363365626133373039643264666530
+30343165366365333339366639353033666634613162363164333433633563613461666532323566
+63303836353331326439646139653738633866356463303264623166306262393766346338373537
+62373865303264633663666333323135343530323434383835393763363739636135646538336364
+33376438636264393635383163353431336463396263333239626566653262373434316532343633
+61363061623430636462393135316564636536633963393338383334643134366232396564316635
+31373963633164653235643665653863303831663065383433363036633962633462393839363235
+36323562323634643639643561636261643136313633656236656566353539343063386162383234
+38653461633561353639336531353333393262633065386539353031386332343739656261653238
+31326434386130336465613233663563323035666631303137313665336566363134306638663265
+62353430353934633965316636643566653235366230323139656539646539626236616138313362
+31643437366563383164306331303662356562616366366237613633666534623765323034396534
+38326537376265343065313738316433353266633539313134323735383864623663323662633662
+65613862623766343736343031636238356161343036363566646635643334373030386434646135
+64336263356663376564333935623135396231623165326437393563333361356435346634616665
+66376231666633643936323264323565346637343538366138616631383964376632613437323163
+30366537326533363939643237376538366230313263623139323662396633343239343066313564
+63356533373338653030313038653137666434323737323763623136666530313035356634666633
+35643530333632633664643361633964666432336631636561343739646266653634353963323534
+35663731616539646332393837633566393734643033623937316661653839663937303666376339
+65653036373565323435636637373231316265393231333734356462356635346531366530316262
+37643632346164366561353236373633623464643536373361666263303739356335333934313537
+31373035633333313065613162346133663736313265376230393135353431343765306539633032
+63353338656231376666613138353235613362643334653537353237653139396533363630303033
+36363039613232666266333535343466336263663762623865376532326262666332303361356266
+65646337323037383564666639363636333135323265633932333264346363326466343234653936
+65656535343663356562613064323138656338633064633462313864616665653230626638373939
+61623862386364396335323836396664653731633365623936383435383330643038386665653238
+62643961626464313666343431303064303338396135643432383730613161336435306262653132
+38373432393564333562363761386239343366343465386638643737663561633837303734333835
+66366465633164346365356637313534376136303630666432613664363030323336316639393339
+61383565316432383633383832363439316366373536336639643961333663303631633464633238
+31396331386163386261393565346266636436386465326639326363663930666665306637393263
+65363763336561316566363164626466643637343731666530386432343431653634353336376461
+33366233366533656334666138346661323463633133303933626163343666623761613961346231
+35383232306336386665313264393933646631656333613138353532666133366339656564353865
+35353330393131366137663466333363653866323936353734306361633163626537363561346332
+65363231623766666638383661323964633034366261633035303861383135383235656465373738
+66373762626130356633626436366533626633353836346239666333353262656665636330626561
+66613165313137373766623464646330643662393033396266643662653136393233336265353430
+38376130663634333133353763383264623133373230323938316638323864643430386633376564
+65356264623766666637353866326638613435663830623063343439373030663663623432393863
+33343134626465313230646239646537653938613938633736346235323438393237363639373932
+61376231386265366132333965333133343737623066383534666633396635356537623432623132
+62656431323033633265626265613736383435376132613532333037613834313130626361373533
+39653361323366636335343865343737346264636433386332666332376662343634356630316135
+30366163333561353338663666363738313732303031333637636266623530623261306335616233
+31346436346663643464626134313338346439323838343663613135663834666632653866346431
+64376566343963346664366363353636636231386530363961333131383133323163396265313563
+35393534343664336237336231313831333739633662306636373338663434613231306538343865
+61613063306432623932616534363865333639396232383562396161383539363336303463323731
+63313239666538306239663864653839616132363662336331636262353061663136386331306131
+66336361396239383638623463663635613364366433343739356331633330633561653038633530
+38303832363663656432396636613134613965373639353731366138323435326135626339353263
+39313032333966376135653664623666626233613530646534636362646237303465653931666563
+65343936623462633162343334643335623834323364646362633232346237306337303430616363
+61633930343132303962653432636230343331343332616434323035633963623138653737306566
+34353135623134626237653165663738633435656439393234643432353535646439313638653664
+39326437393166633937663261336330656266303431383437626163623163303133323139313563
+39383664633739373664653131326665306533633162373535396464663637653662336237656161
+39633138383166316437313237303733336365343066366462643165643865653039343037633263
+61613730393666636530633231396165363033313161663463323861663262383234643236643038
+61633138323664613061663538383333323566393262303633623136613166636361306562356163
+66363033373262396461316438643238396633353962616362623363303035353765393164616230
+35303664616539363639373830623337396239626539613761613839363638326664306465313762
+34646634326338306430653065343231366430666534306331336532346535663737633639363834
+34623539616339363535633365306230663264626234363637366436353833663136303032623338
+32633761333165393231303165393234643363313839373339666433666130313035643836626531
+63356638666264333163

inventory/hosts

@@ -0,0 +1,24 @@
+$ANSIBLE_VAULT;1.1;AES256
+37366366376266633033656235333633346134336666323465356666353363323130366365393534
+3365373534643965613139656465323663393862336163640a623663366631323035346632353030
+37396264356137336535363663323935646464333138653035623562346438643139323439366132
+3364356364353738660a616638393635333938373838316631396536386134333831613831343732
+39333066363566643864343661646633326134633039316636306332303063366665373638353735
+34386339633566663038613538316233306238383734623363623666346261336562663039373264
+31313061616432643761633139643039636164613136643264663131666166646531366335346164
+34303339393334616434633736383763653035386333363137336431363034653263306261646661
+37323563373436333736633836666563646162303232393932346430373039346431356166393930
+37616639333038653936633163323139396666303638663039623633633832333737633764643863
+61383763613865323061636662663837656339373335643066333964393362303766366533303332
+63646335356639366130393530373936636330633132356639626531303839656166346263613733
+31333362316537323934306434393630656161353465636434303538643835396361613563663437
+34383765626235356530396433643037306233663263623664636163326132316237386231323165
+65643235356434626161396136303563633836313961343664653339623862633338313963333237
+63663961636661383634343532356234626531373938313164373561386139366338393066623036
+36633137623361626161313961386630623635323336353036623165316632353333383162623531
+61353138613030343636326166303762656264643834396330313563616439323265333039323566
+64356538346662613836356462613536656636373065643734346166353466363266353939393535
+66333739623735656463373530646663303535643562363534306438323135353763303363376135
+37653566306461396563333135633235626130313231636165383438376237383663373939353637
+30366661303131333438376363366131613361326635366264363064633034376230353137663030
+346238306532363635623732396366633538

requirements.txt

@@ -0,0 +1,11 @@
+ansible==11.3.0
+ansible-core==2.18.3
+cffi==1.17.1
+cryptography==44.0.2
+Jinja2==3.1.6
+MarkupSafe==3.0.2
+packaging==24.2
+passlib==1.7.4
+pycparser==2.22
+PyYAML==6.0.2
+resolvelib==1.0.1

requirements.yml

@@ -22,7 +22,7 @@
   version: v4.98.1-r0-2-0
   name: exim_relay
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git
-  version: v11.6.0-security-01-0
+  version: v11.6.1-2
   name: grafana
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
   version: v10184-0
@@ -49,13 +49,13 @@
   version: v17-3
   name: postgres_backup
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
-  version: v2.55.1-3
+  version: v3.3.1-0
   name: prometheus
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
-  version: v1.9.1-0
+  version: v1.9.1-3
   name: prometheus_node_exporter
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
-  version: v0.14.0-9
+  version: v0.17.1-1
   name: prometheus_postgres_exporter
 - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
   version: v1.4.0-0
@@ -67,11 +67,11 @@
   version: v1.0.0-0
   name: timesync
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
-  version: v3.3.6-0
+  version: v3.4.0-0
   name: traefik
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
   version: v2.10.0-0
   name: traefik_certs_dumper
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-valkey.git
-  version: v8.0.1-3
+  version: v8.1.1-0
   name: valkey

roles/custom/matrix-alertmanager-receiver/tasks/install.yml

@@ -10,8 +10,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - path: "{{ matrix_alertmanager_receiver_base_path }}"
       when: true
@@ -26,16 +26,16 @@
     content: "{{ matrix_alertmanager_receiver_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_alertmanager_receiver_config_path }}/config.yml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-alertmanager-receiver support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_alertmanager_receiver_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 
@@ -60,7 +60,7 @@
         dest: "{{ matrix_alertmanager_receiver_container_src_path }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_alertmanager_receiver_git_pull_results
 
     - name: Ensure matrix-alertmanager-receiver container image is built

roles/custom/matrix-appservice-double-puppet/tasks/install.yml

@@ -9,8 +9,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - path: "{{ matrix_appservice_double_puppet_base_path }}"
       when: true
@@ -23,5 +23,5 @@
     content: "{{ matrix_appservice_double_puppet_registration_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_double_puppet_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"

roles/custom/matrix-appservice-draupnir-for-all/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_appservice_draupnir_for_all_base_path }}", when: true}
     - {path: "{{ matrix_appservice_draupnir_for_all_config_path }}", when: true}
@@ -44,7 +44,7 @@
     version: "{{ matrix_appservice_draupnir_for_all_docker_image.split(':')[1] }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_appservice_draupnir_for_all_git_pull_results
   when: "matrix_appservice_draupnir_for_all_container_image_self_build | bool"
 
@@ -64,24 +64,24 @@
     content: "{{ matrix_appservice_draupnir_for_all_configuration_appservice | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_draupnir_for_all_config_path }}/production-appservice.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-draupnir-for-all bot config installed
   ansible.builtin.copy:
     content: "{{ matrix_appservice_draupnir_for_all_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_draupnir_for_all_config_path }}/production-bots.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-draupnir-for-all registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_appservice_draupnir_for_all_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_draupnir_for_all_config_path }}/draupnir-for-all-registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-draupnir-for-all container network is created
   community.general.docker_network:

roles/custom/matrix-authentication-service/defaults/main.yml

@@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
 matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
 
 # renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
-matrix_authentication_service_version: 0.15.0
+matrix_authentication_service_version: 0.16.0
 matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
 matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
 matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
@@ -559,29 +559,34 @@ matrix_authentication_service_container_labels_additional_labels: ''
 
 matrix_authentication_service_syn2mas_start_wait_time_seconds: 5
 
-matrix_authentication_service_syn2mas_dry_run: false
+# The syn2mas sub-command to run.
+# Valid values: migrate, check
+matrix_authentication_service_syn2mas_subcommand: migrate
 
-# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service/syn2mas
-matrix_authentication_service_syn2mas_version: 0.15.0
-matrix_authentication_service_syn2mas_container_image: "{{ matrix_authentication_service_syn2mas_container_image_registry_prefix }}element-hq/matrix-authentication-service/syn2mas:{{ matrix_authentication_service_syn2mas_version }}"
-matrix_authentication_service_syn2mas_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream }}"
-matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream_default }}"
-matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream_default: ghcr.io/
-matrix_authentication_service_syn2mas_container_image_force_pull: "{{ matrix_authentication_service_syn2mas_container_image.endswith(':latest') }}"
-
-matrix_authentication_service_syn2mas_container_image_self_build: "{{ matrix_authentication_service_container_image_self_build }}"
-
-matrix_authentication_service_syn2mas_container_network: "{{ matrix_authentication_service_container_network }}"
+# Whether to pass a `--dry-run` flag to the 'migrate' sub-command.
+# See `matrix_authentication_service_syn2mas_subcommand`
+matrix_authentication_service_syn2mas_migrate_dry_run: false
 
 # Path to Synapse's homeserver.yaml configuration file.
 matrix_authentication_service_syn2mas_synapse_homeserver_config_path: ""
 
-# Additional arguments passed to the syn2mas process.
+matrix_authentication_service_syn2mas_container_network: "{{ matrix_authentication_service_container_network }}"
+
+# Additional options passed to the syn2mas sub-command (e.g. `mas-cli syn2mas [OPTIONS] migrate|check`).
+# Also see: `matrix_authentication_service_syn2mas_subcommand_extra_options`
 #
 # Example:
-# matrix_authentication_service_syn2mas_process_extra_arguments:
-#   - "--upstreamProviderMapping oidc-keycloak:01H8PKNWKKRPCBW4YGH1RWV279"
-matrix_authentication_service_syn2mas_process_extra_arguments: []
+# matrix_authentication_service_syn2mas_command_extra_options:
+#   - "--something"
+matrix_authentication_service_syn2mas_command_extra_options: []
+
+# Additional options passed to the syn2mas sub-command (e.g. `mas-cli syn2mas migrate|check [OPTIONS]`).
+# Also see: `matrix_authentication_service_syn2mas_command_extra_options`
+#
+# Example:
+# matrix_authentication_service_syn2mas_subcommand_extra_options:
+#   - "--dry-run"
+matrix_authentication_service_syn2mas_subcommand_extra_options: []
 
 ########################################################################################
 #                                                                                      #

roles/custom/matrix-authentication-service/tasks/install.yml

@@ -9,8 +9,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_authentication_service_base_path }}", when: true}
     - {path: "{{ matrix_authentication_service_bin_path }}", when: true}
@@ -38,16 +38,16 @@
     content: "{{ matrix_authentication_service_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_authentication_service_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Matrix Authentication Service support files created
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     mode: "{{ item.mode }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - src: "{{ role_path }}/templates/env.j2"
       dest: "{{ matrix_authentication_service_config_path }}/env"
@@ -83,7 +83,7 @@
         dest: "{{ matrix_authentication_service_container_src_files_path }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
 
     - name: Ensure Matrix Authentication Service container image is built
       ansible.builtin.command:

roles/custom/matrix-authentication-service/tasks/main.yml

@@ -9,18 +9,33 @@
     - setup-matrix-authentication-service
     - install-all
     - install-matrix-authentication-service
+    - matrix-authentication-service-mas-cli-syn2mas
   block:
     - when: matrix_authentication_service_enabled | bool
       ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
 
+- tags:
+    - setup-all
+    - setup-matrix-authentication-service
+    - install-all
+    - install-matrix-authentication-service
+  block:
     - when: matrix_authentication_service_enabled | bool
       ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
 
+# The tag 'matrix-authentication-service-syn2mas' has been replaced by the tag 'matrix-authentication-service-mas-cli-syn2mas'.
 - tags:
     - matrix-authentication-service-syn2mas
+  block:
+    - name: Warn about deprecated tag
+      ansible.builtin.fail:
+        msg: "WARNING: The 'matrix-authentication-service-syn2mas' tag has been replaced by 'matrix-authentication-service-mas-cli-syn2mas'. Please update your command."
+
+- tags:
+    - matrix-authentication-service-mas-cli-syn2mas
   block:
     - when: matrix_authentication_service_enabled | bool
-      ansible.builtin.include_tasks: "{{ role_path }}/tasks/syn2mas.yml"
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/mas_cli_syn2mas.yml"
 
 - tags:
     - matrix-authentication-service-mas-cli-doctor

roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml

@@ -6,7 +6,7 @@
 ---
 
 - ansible.builtin.set_fact:
-    matrix_authentication_service_syn2mas_dry_run: "{{ matrix_authentication_service_syn2mas_dry_run | bool }}"
+    matrix_authentication_service_syn2mas_migrate_dry_run: "{{ matrix_authentication_service_syn2mas_migrate_dry_run | bool }}"
 
 - name: Abort, if not using Synapse
   when: not matrix_synapse_enabled | bool
@@ -33,41 +33,8 @@
     msg: "The Synapse homeserver config file does not exist at the specified path: {{ matrix_authentication_service_syn2mas_synapse_homeserver_config_path }}"
   when: not matrix_authentication_service_syn2mas_synapse_config_stat.stat.exists
 
-- name: Ensure Matrix Authentication Service syn2mas container image is pulled
-  community.docker.docker_image:
-    name: "{{ matrix_authentication_service_syn2mas_container_image }}"
-    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
-    force_source: "{{ matrix_authentication_service_syn2mas_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_authentication_service_syn2mas_container_image_force_pull }}"
-  when: "not matrix_authentication_service_syn2mas_container_image_self_build | bool"
-  register: result
-  retries: "{{ devture_playbook_help_container_retries_count }}"
-  delay: "{{ devture_playbook_help_container_retries_delay }}"
-  until: result is not failed
-
-- when: "matrix_authentication_service_syn2mas_container_image_self_build | bool"
-  block:
-    - name: Ensure Matrix Authentication Service repository is present on self-build
-      ansible.builtin.git:
-        repo: "{{ matrix_authentication_service_container_repo }}"
-        version: "{{ matrix_authentication_service_container_repo_version }}"
-        dest: "{{ matrix_authentication_service_container_src_files_path }}"
-        force: "yes"
-      become: true
-      become_user: "{{ matrix_user_username }}"
-      register: matrix_authentication_service_git_pull_results
-
-    - name: Ensure Matrix Authentication Service syn2mas container image is built
-      ansible.builtin.command:
-        cmd: |-
-          {{ devture_systemd_docker_base_host_command_docker }} buildx build
-          --tag={{ matrix_authentication_service_syn2mas_container_image }}
-          --file={{ matrix_authentication_service_container_src_files_path }}/tools/syn2mas/Dockerfile
-          {{ matrix_authentication_service_container_src_files_path }}/tools/syn2mas
-      changed_when: true
-
 - name: Ensure Synapse is stopped
-  when: not matrix_authentication_service_syn2mas_dry_run | bool
+  when: not matrix_authentication_service_syn2mas_migrate_dry_run | bool
   ansible.builtin.service:
     name: matrix-synapse
     state: stopped
@@ -81,14 +48,19 @@
 #
 # Still, it's probably safer to stop it anyway.
 - name: Ensure Matrix Authentication Service is stopped
+  when: not matrix_authentication_service_syn2mas_migrate_dry_run | bool
   ansible.builtin.service:
     name: matrix-authentication-service
     state: stopped
   register: matrix_authentication_service_mas_ensure_stopped_result
 
+# This is similar to the command found in the systemd service file.
+#
+# We cannot use `docker exec` with the existing Matrix Authentication Service container here,
+# because we need an additional mount (the Synapse homeserver config).
 - name: Generate syn2mas migration command
   ansible.builtin.set_fact:
-    matrix_authentication_service_syn2mas_migration_command: >-
+    matrix_authentication_service_mas_cli_syn2mas_command: >-
       {{ devture_systemd_docker_base_host_command_docker }} run
       --rm
       --name=matrix-authentication-service-syn2mas
@@ -96,14 +68,16 @@
       --user={{ matrix_authentication_service_uid }}:{{ matrix_authentication_service_gid }}
       --cap-drop=ALL
       --network={{ matrix_authentication_service_syn2mas_container_network }}
+      --mount type=bind,src={{ matrix_authentication_service_config_path }}/config.yaml,dst=/config.yaml,ro
+      --mount type=bind,src={{ matrix_authentication_service_data_keys_path }},dst=/keys,ro
       --mount type=bind,src={{ matrix_authentication_service_syn2mas_synapse_homeserver_config_path }},dst=/homeserver.yaml,ro
-      --mount type=bind,src={{ matrix_authentication_service_config_path }}/config.yaml,dst=/mas-config.yaml,ro
-      {{ matrix_authentication_service_syn2mas_container_image }}
-      --command=migrate
-      --synapseConfigFile=/homeserver.yaml
-      --masConfigFile=/mas-config.yaml
-      {{ matrix_authentication_service_syn2mas_process_extra_arguments | join(' ') }}
-      {% if matrix_authentication_service_syn2mas_dry_run | bool %}--dryRun{% endif %}
+      {{ matrix_authentication_service_container_image }}
+      syn2mas
+      --synapse-config=/homeserver.yaml
+      {{ matrix_authentication_service_syn2mas_command_extra_options | join(' ') }}
+      {{ matrix_authentication_service_syn2mas_subcommand }}
+      {{ '--dry-run' if matrix_authentication_service_syn2mas_migrate_dry_run and matrix_authentication_service_syn2mas_subcommand == 'migrate' else '' }}
+      {{ matrix_authentication_service_syn2mas_subcommand_extra_options | join(' ') }}
   tags:
     - skip_ansible_lint
 
@@ -111,33 +85,33 @@
 # See: https://ansibledaily.com/print-to-standard-output-without-escaping/
 #
 # We want to run `debug: msg=".."`, but that dumps it as JSON and escapes double quotes within it,
-# which ruins the command (`matrix_authentication_service_syn2mas_migration_command`).
+# which ruins the command (`matrix_authentication_service_mas_cli_syn2mas_command`).
 - name: Note about syn2mas migration
   ansible.builtin.set_fact:
     dummy: true
   with_items:
     - >-
-        Running syn2mas migration using the following command: `{{ matrix_authentication_service_syn2mas_migration_command }}`.
-        If this crashes, you can stop Synapse (`systemctl stop matrix-synapse`) and run the command manually.
+        Running syn2mas migration using the following command: `{{ matrix_authentication_service_mas_cli_syn2mas_command }}`.
+        If this crashes, you can stop Synapse (`systemctl stop matrix-synapse`), start Matrix Authentication Service (`systemctl start matrix-authentication-service`) and run the command manually.
 
 - name: Perform syn2mas migration
   ansible.builtin.command:
-    cmd: "{{ matrix_authentication_service_syn2mas_migration_command }}"
-  register: matrix_authentication_service_syn2mas_migration_command_result
-  changed_when: matrix_authentication_service_syn2mas_migration_command_result.rc == 0
+    cmd: "{{ matrix_authentication_service_mas_cli_syn2mas_command }}"
+  register: matrix_authentication_service_mas_cli_syn2mas_command_result
+  changed_when: matrix_authentication_service_mas_cli_syn2mas_command_result.rc == 0
 
 - name: Print syn2mas migration command result
   ansible.builtin.debug:
-    var: matrix_authentication_service_syn2mas_migration_command_result
+    var: matrix_authentication_service_mas_cli_syn2mas_command_result
 
 - name: Ensure Synapse is started (if it previously was)
-  when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_synapse_ensure_stopped_result.changed"
+  when: "not matrix_authentication_service_syn2mas_migrate_dry_run and matrix_authentication_service_mas_cli_syn2mas_command_result.changed"
   ansible.builtin.service:
     name: matrix-synapse
     state: started
 
 - name: Ensure Matrix Authentication Service is started (if it previously was)
-  when: "not matrix_authentication_service_syn2mas_dry_run and matrix_authentication_service_mas_ensure_stopped_result.changed"
+  when: "not matrix_authentication_service_syn2mas_migrate_dry_run and matrix_authentication_service_mas_ensure_stopped_result.changed"
   ansible.builtin.service:
     name: matrix-authentication-service
     state: started

roles/custom/matrix-authentication-service/tasks/util/prepare_key.yml

@@ -13,4 +13,4 @@
     cmd: "{{ private_key_definition.generation_command | replace('__KEY_FILE_PATH__', matrix_authentication_service_private_key_file_path) }}"
     creates: "{{ matrix_authentication_service_private_key_file_path }}"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"

roles/custom/matrix-authentication-service/tasks/validate_config.yml

@@ -44,3 +44,11 @@
   with_items:
     - {'old': 'matrix_authentication_service_container_image_name_prefix', 'new': 'matrix_authentication_service_container_image_registry_prefix'}
     - {'old': 'matrix_authentication_service_syn2mas_container_image_name_prefix', 'new': 'matrix_authentication_service_syn2mas_container_image_registry_prefix'}
+    - {'old': 'matrix_authentication_service_syn2mas_container_image', 'new': '<removed>'}
+    - {'old': 'matrix_authentication_service_syn2mas_container_image_registry_prefix', 'new': '<removed>'}
+    - {'old': 'matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream', 'new': '<removed>'}
+    - {'old': 'matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream_default', 'new': '<removed>'}
+    - {'old': 'matrix_authentication_service_syn2mas_container_image_force_pull', 'new': '<removed>'}
+    - {'old': 'matrix_authentication_service_syn2mas_container_image_self_build', 'new': '<removed>'}
+    - {'old': 'matrix_authentication_service_syn2mas_process_extra_arguments', 'new': 'matrix_authentication_service_syn2mas_command_extra_options or matrix_authentication_service_syn2mas_subcommand_extra_options'}
+    - {'old': 'matrix_authentication_service_syn2mas_dry_run', 'new': 'matrix_authentication_service_syn2mas_migrate_dry_run'}

roles/custom/matrix-base/defaults/main.yml

@@ -175,11 +175,15 @@ matrix_debian_arch: "{{ 'armhf' if matrix_architecture == 'arm32' else matrix_ar
 # Example value: "registry.example.com/" (note the trailing `/`).
 matrix_container_global_registry_prefix_override: ""
 
-matrix_user_username: "matrix"
-matrix_user_groupname: "matrix"
+matrix_user_name: "matrix"
+matrix_user_system: true
+matrix_user_shell: /sbin/nologin
 
-# By default, the playbook creates the user (`matrix_user_username`)
-# and group (`matrix_user_groupname`) with a random ID.
+matrix_group_name: "matrix"
+matrix_group_system: true
+
+# By default, the playbook creates the user (`matrix_user_name`)
+# and group (`matrix_group_name`) with a random ID.
 # To use a specific user/group ID, override these variables.
 matrix_user_uid: ~
 matrix_user_gid: ~

roles/custom/matrix-base/tasks/setup_matrix_base.yml

@@ -17,8 +17,8 @@
     path: "{{ item }}"
     state: directory
     mode: "{{ matrix_base_data_path_mode }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - "{{ matrix_base_data_path }}"
     - "{{ matrix_bin_path }}"

roles/custom/matrix-base/tasks/setup_matrix_user.yml

@@ -7,20 +7,22 @@
 
 - name: Ensure Matrix group is created
   ansible.builtin.group:
-    name: "{{ matrix_user_groupname }}"
+    name: "{{ matrix_group_name }}"
     gid: "{{ omit if matrix_user_gid is none else matrix_user_gid }}"
     state: present
+    system: "{{ matrix_group_system }}"
   register: matrix_group
 
 - name: Ensure Matrix user is created
   ansible.builtin.user:
-    name: "{{ matrix_user_username }}"
+    name: "{{ matrix_user_name }}"
     uid: "{{ omit if matrix_user_uid is none else matrix_user_uid }}"
     state: present
-    group: "{{ matrix_user_groupname }}"
+    group: "{{ matrix_group_name }}"
     home: "{{ matrix_base_data_path }}"
     create_home: false
-    system: true
+    system: "{{ matrix_user_system }}"
+    shell: "{{ matrix_user_shell }}"
   register: matrix_user
 
 - name: Initialize matrix_user_uid and matrix_user_gid

roles/custom/matrix-base/tasks/validate_config.yml

@@ -32,6 +32,8 @@
     - {'old': 'matrix_client_element_e2ee_secure_backup_required', 'new': 'matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_required'}
     - {'old': 'matrix_client_element_e2ee_secure_backup_setup_methods', 'new': 'matrix_static_files_file_matrix_client_property_io_element_e2ee_secure_backup_setup_methods'}
     - {'old': 'matrix_container_global_registry_prefix', 'new': '<no global variable anymore; you need to override the `_registry_prefix` variable in each component separately>'}
+    - {'old': 'matrix_user_username', 'new': 'matrix_user_name'}
+    - {'old': 'matrix_user_groupname', 'new': 'matrix_group_name'}
 
 # We have a dedicated check for this variable, because we'd like to have a custom (friendlier) message.
 - name: Fail if matrix_homeserver_generic_secret_key is undefined

roles/custom/matrix-bot-baibot/tasks/install.yml

@@ -10,8 +10,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_baibot_base_path }}", when: true}
     - {path: "{{ matrix_bot_baibot_config_path }}", when: true}
@@ -24,15 +24,15 @@
     content: "{{ matrix_bot_baibot_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_bot_baibot_config_path }}/config.yml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure baibot environment variables file created
   ansible.builtin.template:
     src: "{{ role_path }}/templates/env.j2"
     dest: "{{ matrix_bot_baibot_config_path }}/env"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
 
 - name: Ensure baibot container image is pulled
@@ -56,7 +56,7 @@
         dest: "{{ matrix_bot_baibot_container_src_files_path }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_bot_baibot_git_pull_results
 
     - name: Ensure baibot container image is built

roles/custom/matrix-bot-buscarron/tasks/setup_install.yml

@@ -39,8 +39,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_buscarron_config_path }}", when: true}
     - {path: "{{ matrix_bot_buscarron_data_path }}", when: true}
@@ -52,8 +52,8 @@
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_bot_buscarron_config_path }}/{{ item }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
   with_items:
     - env
@@ -78,7 +78,7 @@
     dest: "{{ matrix_bot_buscarron_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_bot_buscarron_git_pull_results
   when: "matrix_bot_buscarron_container_image_self_build | bool"
 

roles/custom/matrix-bot-chatgpt/tasks/install.yml

@@ -10,8 +10,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_chatgpt_config_path }}", when: true}
     - {path: "{{ matrix_bot_chatgpt_data_path }}", when: true}
@@ -22,8 +22,8 @@
   ansible.builtin.template:
     src: "{{ role_path }}/templates/env.j2"
     dest: "{{ matrix_bot_chatgpt_config_path }}/env"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
 
 - name: Ensure chatgpt container image is pulled
@@ -47,7 +47,7 @@
         dest: "{{ matrix_bot_chatgpt_container_src_path }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_bot_chatgpt_git_pull_results
 
     - name: Ensure chatgpt container image is built

roles/custom/matrix-bot-draupnir/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_draupnir_base_path }}", when: true}
     - {path: "{{ matrix_bot_draupnir_config_path }}", when: true}
@@ -29,8 +29,8 @@
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0644
   with_items:
     - src: "{{ role_path }}/templates/labels.j2"
@@ -55,7 +55,7 @@
     version: "{{ matrix_bot_draupnir_docker_image.split(':')[1] }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_bot_draupnir_git_pull_results
   when: "matrix_bot_draupnir_container_image_self_build | bool"
 
@@ -75,8 +75,8 @@
     content: "{{ matrix_bot_draupnir_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_bot_draupnir_config_path }}/production.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-bot-draupnir container network is created
   community.general.docker_network:

roles/custom/matrix-bot-go-neb/tasks/install.yml

@@ -15,8 +15,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
     - {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
@@ -28,16 +28,16 @@
     content: "{{ matrix_bot_go_neb_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_bot_go_neb_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure go-neb support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_bot_go_neb_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - env
     - labels

roles/custom/matrix-bot-honoroit/tasks/setup_install.yml

@@ -41,8 +41,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_honoroit_config_path }}", when: true}
     - {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
@@ -54,8 +54,8 @@
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_bot_honoroit_config_path }}/{{ item }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
   with_items:
     - env
@@ -80,7 +80,7 @@
     dest: "{{ matrix_bot_honoroit_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_bot_honoroit_git_pull_results
   when: "matrix_bot_honoroit_container_image_self_build | bool"
 

roles/custom/matrix-bot-matrix-registration-bot/tasks/clean_cache.yml

@@ -9,8 +9,8 @@
     state: "{{ item }}"
     path: "{{ matrix_bot_matrix_registration_bot_data_path }}"
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - absent
     - directory

roles/custom/matrix-bot-matrix-registration-bot/tasks/setup_install.yml

@@ -13,8 +13,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_matrix_registration_bot_config_path }}", when: true}
     - {path: "{{ matrix_bot_matrix_registration_bot_data_path }}", when: true}
@@ -25,8 +25,8 @@
   ansible.builtin.template:
     src: "{{ role_path }}/templates/config.yaml.j2"
     dest: "{{ matrix_bot_matrix_registration_bot_config_path }}/config.yaml"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
 
 - name: Ensure matrix-registration-bot image is pulled
@@ -50,7 +50,7 @@
         dest: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_bot_matrix_registration_bot_git_pull_results
 
     - name: Ensure matrix-registration-bot image is built

roles/custom/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml

@@ -43,8 +43,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_matrix_reminder_bot_config_path }}", when: true}
     - {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
@@ -71,7 +71,7 @@
     dest: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_bot_matrix_reminder_bot_git_pull_results
   when: "matrix_bot_matrix_reminder_bot_container_image_self_build | bool"
 
@@ -92,8 +92,8 @@
     content: "{{ matrix_bot_matrix_reminder_bot_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-reminder-bot container network is created
   community.general.docker_network:

roles/custom/matrix-bot-maubot/defaults/main.yml

@@ -30,7 +30,7 @@ matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git"
 matrix_bot_maubot_docker_repo_version: "{{ 'master' if matrix_bot_maubot_version == 'latest' else matrix_bot_maubot_version }}"
 
 # renovate: datasource=docker depName=dock.mau.dev/maubot/maubot
-matrix_bot_maubot_version: v0.5.1
+matrix_bot_maubot_version: v0.5.2
 matrix_bot_maubot_docker_image: "{{ matrix_bot_maubot_docker_image_registry_prefix }}maubot/maubot:{{ matrix_bot_maubot_version }}"
 matrix_bot_maubot_docker_image_registry_prefix: "{{ 'localhost/' if matrix_bot_maubot_container_image_self_build else matrix_bot_maubot_docker_image_registry_prefix_upstream }}"
 matrix_bot_maubot_docker_image_registry_prefix_upstream: "{{ matrix_bot_maubot_docker_image_registry_prefix_upstream_default }}"

roles/custom/matrix-bot-maubot/tasks/setup_install.yml

@@ -14,8 +14,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0755
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_maubot_base_path }}", when: true}
     - {path: "{{ matrix_bot_maubot_config_path }}", when: true}
@@ -31,8 +31,8 @@
   ansible.builtin.template:
     src: "{{ role_path }}/templates/config.yaml.j2"
     dest: "{{ matrix_bot_maubot_config_path }}/config.yaml"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: "u=rwx"
 
 - name: Ensure maubot image is pulled
@@ -56,7 +56,7 @@
         dest: "{{ matrix_bot_maubot_docker_src_files_path }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_bot_maubot_git_pull_results
 
     - name: Ensure maubot image is built
@@ -76,8 +76,8 @@
       ansible.builtin.template:
         src: "{{ role_path }}/templates/customizations/Dockerfile.j2"
         dest: "{{ matrix_bot_maubot_customized_docker_src_files_path }}/Dockerfile"
-        owner: "{{ matrix_user_username }}"
-        group: "{{ matrix_user_groupname }}"
+        owner: "{{ matrix_user_name }}"
+        group: "{{ matrix_group_name }}"
         mode: 0640
       register: matrix_bot_maubot_container_image_customizations_dockerfile_result
 
@@ -96,8 +96,8 @@
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_bot_maubot_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bot-mjolnir/tasks/setup_install.yml

@@ -18,8 +18,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_bot_mjolnir_base_path }}", when: true}
     - {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
@@ -46,7 +46,7 @@
     version: "{{ matrix_bot_mjolnir_docker_image.split(':')[1] }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_bot_mjolnir_git_pull_results
   when: "matrix_bot_mjolnir_container_image_self_build | bool"
 
@@ -66,8 +66,8 @@
     content: "{{ matrix_bot_mjolnir_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_bot_mjolnir_config_path }}/production.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-bot-mjolnir container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-appservice-discord/tasks/setup_install.yml

@@ -56,8 +56,8 @@
     path: "{{ item }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - "{{ matrix_appservice_discord_base_path }}"
     - "{{ matrix_appservice_discord_config_path }}"
@@ -93,16 +93,16 @@
     content: "{{ matrix_appservice_discord_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_discord_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure AppService Discord registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_appservice_discord_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_discord_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 # If `matrix_appservice_discord_client_id` hasn't changed, the same invite link would be generated.
 # We intentionally suppress Ansible changes.

roles/custom/matrix-bridge-appservice-irc/tasks/setup_install.yml

@@ -22,8 +22,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_appservice_irc_base_path }}", when: true}
     - {path: "{{ matrix_appservice_irc_config_path }}", when: true}
@@ -97,7 +97,7 @@
     dest: "{{ matrix_appservice_irc_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_appservice_irc_git_pull_results
   when: "matrix_appservice_irc_enabled | bool and matrix_appservice_irc_container_image_self_build | bool"
 
@@ -118,15 +118,15 @@
     content: "{{ matrix_appservice_irc_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_irc_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Generate Appservice IRC passkey if it doesn't exist
   ansible.builtin.shell:
     cmd: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048"
     creates: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
 
 # In the past, we used to generate the passkey.pem file with root, so permissions may not be okay.
 # Fix it.
@@ -134,8 +134,8 @@
   ansible.builtin.file:
     path: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 # Ideally, we'd like to generate the final registration.yaml file by ourselves.
 #
@@ -198,8 +198,8 @@
     content: "{{ matrix_appservice_irc_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_irc_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-irc container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml

@@ -35,8 +35,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_appservice_kakaotalk_base_path }}", when: true}
     - {path: "{{ matrix_appservice_kakaotalk_config_path }}", when: true}
@@ -51,7 +51,7 @@
     version: "{{ matrix_appservice_kakaotalk_container_image_self_build_repo_version }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_appservice_kakaotalk_git_pull_results
   when: "matrix_appservice_kakaotalk_container_image_self_build | bool"
 
@@ -84,24 +84,24 @@
     content: "{{ matrix_appservice_kakaotalk_node_configuration | to_nice_json }}"
     dest: "{{ matrix_appservice_kakaotalk_config_path }}/node-config.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-kakaotalk config.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_appservice_kakaotalk_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_kakaotalk_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-kakaotalk registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_appservice_kakaotalk_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_kakaotalk_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-kakaotalk container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-appservice-slack/tasks/setup_install.yml

@@ -17,8 +17,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_appservice_slack_base_path }}", when: true}
     - {path: "{{ matrix_appservice_slack_config_path }}", when: true}
@@ -62,7 +62,7 @@
     dest: "{{ matrix_appservice_slack_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_appservice_slack_git_pull_results
   when: "matrix_appservice_slack_container_image_self_build | bool"
 
@@ -83,16 +83,16 @@
     content: "{{ matrix_appservice_slack_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_slack_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure appservice-slack registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_appservice_slack_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_slack_config_path }}/slack-registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-slack container network is created
   community.general.docker_network:
@@ -106,8 +106,8 @@
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_appservice_slack_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml

@@ -17,8 +17,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_appservice_webhooks_base_path }}", when: true}
     - {path: "{{ matrix_appservice_webhooks_config_path }}", when: true}
@@ -47,7 +47,7 @@
         version: "{{ matrix_appservice_webhooks_container_image_self_build_repo_version }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_appservice_webhooks_git_pull_results
 
     - name: Ensure matrix-appservice-webhooks container image is built
@@ -66,32 +66,32 @@
     content: "{{ matrix_appservice_webhooks_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_webhooks_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-webhooks schema.yml template exists
   ansible.builtin.template:
     src: "{{ role_path }}/templates/schema.yml.j2"
     dest: "{{ matrix_appservice_webhooks_config_path }}/schema.yml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-webhooks database.json template exists
   ansible.builtin.template:
     src: "{{ role_path }}/templates/database.json.j2"
     dest: "{{ matrix_appservice_webhooks_data_path }}/database.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure appservice-webhooks registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_appservice_webhooks_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-appservice-webhooks container network is created
   community.general.docker_network:
@@ -105,8 +105,8 @@
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_appservice_webhooks_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-beeper-linkedin/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_beeper_linkedin_base_path }}", when: true}
     - {path: "{{ matrix_beeper_linkedin_config_path }}", when: true}
@@ -30,16 +30,16 @@
     content: "{{ matrix_beeper_linkedin_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_beeper_linkedin_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure beeper-linkedin registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_beeper_linkedin_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_beeper_linkedin_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Beeper LinkedIn container image is pulled
   community.docker.docker_image:
@@ -62,7 +62,7 @@
         version: "{{ matrix_beeper_linkedin_container_image_self_build_branch }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_beeper_linkedin_git_pull_results
 
     # Building the container image (using the default Dockerfile) requires that a docker-requirements.txt file be generated.

roles/custom/matrix-bridge-go-skype-bridge/tasks/setup_install.yml

@@ -40,8 +40,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_go_skype_bridge_base_path }}", when: true}
     - {path: "{{ matrix_go_skype_bridge_config_path }}", when: true}
@@ -68,7 +68,7 @@
     version: "{{ matrix_go_skype_bridge_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_go_skype_bridge_git_pull_results
   when: "matrix_go_skype_bridge_container_image_self_build | bool"
 
@@ -122,16 +122,16 @@
     content: "{{ matrix_go_skype_bridge_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_go_skype_bridge_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure go-skype-bridge registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_go_skype_bridge_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_go_skype_bridge_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-go-skype-bridge container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-heisenbridge/tasks/setup_install.yml

@@ -26,8 +26,8 @@
     path: "{{ item }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - "{{ matrix_heisenbridge_base_path }}"
 
@@ -36,16 +36,16 @@
     content: "{{ matrix_heisenbridge_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_heisenbridge_base_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Heisenbridge support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_heisenbridge_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-hookshot/tasks/setup_install.yml

@@ -21,8 +21,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_hookshot_base_path }}", when: true}
     - {path: "{{ matrix_hookshot_docker_src_files_path }}", when: "{{ matrix_hookshot_container_image_self_build }}"}
@@ -47,7 +47,7 @@
     version: "{{ matrix_hookshot_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_hookshot_git_pull_results
   when: "matrix_hookshot_container_image_self_build | bool"
 
@@ -73,7 +73,7 @@
     cmd: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_hookshot_base_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:4096"
     creates: "{{ matrix_hookshot_base_path }}/passkey.pem"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   when: "not hookshot_passkey_file.stat.exists"
 
 - name: Ensure hookshot config.yml installed if provided
@@ -81,8 +81,8 @@
     content: "{{ matrix_hookshot_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_hookshot_base_path }}/config.yml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Validate hookshot config.yml
   ansible.builtin.command:
@@ -107,16 +107,16 @@
     content: "{{ matrix_hookshot_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_hookshot_base_path }}/registration.yml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure hookshot github private key file installed if github is enabled
   ansible.builtin.copy:
     content: "{{ matrix_hookshot_github_private_key }}"
     dest: "{{ matrix_hookshot_base_path }}/{{ matrix_hookshot_github_private_key_file }}"
     mode: 0400
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   when: matrix_hookshot_github_enabled | bool and matrix_hookshot_github_private_key|length > 0
 
 - name: Ensure matrix-hookshot container network is created
@@ -131,8 +131,8 @@
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_hookshot_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-bluesky/tasks/setup_install.yml

@@ -24,8 +24,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_bluesky_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_bluesky_config_path }}", when: true}
@@ -40,7 +40,7 @@
     dest: "{{ matrix_mautrix_bluesky_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_bluesky_git_pull_results
   when: "matrix_mautrix_bluesky_enabled | bool and matrix_mautrix_bluesky_container_image_self_build"
 
@@ -60,24 +60,24 @@
     content: "{{ matrix_mautrix_bluesky_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_bluesky_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-bluesky registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_bluesky_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_bluesky_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-bluesky support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_bluesky_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-discord/tasks/setup_install.yml

@@ -40,8 +40,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_discord_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_discord_config_path }}", when: true}
@@ -68,7 +68,7 @@
     version: "{{ matrix_mautrix_discord_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_discord_git_pull_results
   when: "matrix_mautrix_discord_container_image_self_build | bool"
 
@@ -89,24 +89,24 @@
     content: "{{ matrix_mautrix_discord_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_discord_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-discord registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_discord_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_discord_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-discord support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_discord_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml

@@ -59,8 +59,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_facebook_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_facebook_config_path }}", when: true}
@@ -75,7 +75,7 @@
     version: "{{ matrix_mautrix_facebook_docker_image.split(':')[1] }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_facebook_git_pull_results
   when: "matrix_mautrix_facebook_container_image_self_build | bool"
 
@@ -117,24 +117,24 @@
     content: "{{ matrix_mautrix_facebook_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_facebook_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-facebook registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_facebook_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_facebook_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-facebook support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_facebook_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-gmessages/tasks/setup_install.yml

@@ -40,8 +40,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_gmessages_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_gmessages_config_path }}", when: true}
@@ -68,7 +68,7 @@
     version: "{{ matrix_mautrix_gmessages_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_gmessages_git_pull_results
   when: "matrix_mautrix_gmessages_container_image_self_build | bool"
 
@@ -122,16 +122,16 @@
     content: "{{ matrix_mautrix_gmessages_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_gmessages_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-gmessages registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_gmessages_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_gmessages_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-mautrix-gmessages.service installed
   ansible.builtin.template:
@@ -144,8 +144,8 @@
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_gmessages_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml

@@ -54,8 +54,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_googlechat_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_googlechat_config_path }}", when: true}
@@ -70,7 +70,7 @@
     dest: "{{ matrix_mautrix_googlechat_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_googlechat_git_pull_results
   when: "matrix_mautrix_googlechat_container_image_self_build | bool"
 
@@ -112,24 +112,24 @@
     content: "{{ matrix_mautrix_googlechat_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_googlechat_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-googlechat registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_googlechat_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_googlechat_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-googlechat support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_googlechat_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml

@@ -27,8 +27,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_instagram_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_instagram_config_path }}", when: true}
@@ -43,7 +43,7 @@
     dest: "{{ matrix_mautrix_instagram_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_instagram_git_pull_results
   when: "matrix_mautrix_instagram_container_image_self_build | bool"
 
@@ -64,24 +64,24 @@
     content: "{{ matrix_mautrix_instagram_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_instagram_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-instagram registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_instagram_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_instagram_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-instagram support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_instagram_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-meta-instagram/tasks/install.yml

@@ -49,8 +49,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_meta_instagram_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_meta_instagram_config_path }}", when: true}
@@ -67,7 +67,7 @@
         version: "{{ matrix_mautrix_meta_instagram_container_image.split(':')[1] }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_mautrix_meta_instagram_git_pull_results
 
     - name: Ensure mautrix-meta-instagram container image is built
@@ -86,24 +86,24 @@
     content: "{{ matrix_mautrix_meta_instagram_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_meta_instagram_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-meta-instagram registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_meta_instagram_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_meta_instagram_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-meta-instagram support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_meta_instagram_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-meta-messenger/tasks/install.yml

@@ -49,8 +49,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_meta_messenger_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_meta_messenger_config_path }}", when: true}
@@ -67,7 +67,7 @@
         version: "{{ matrix_mautrix_meta_messenger_container_image.split(':')[1] }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_mautrix_meta_messenger_git_pull_results
 
     - name: Ensure mautrix-meta-messenger container image is built
@@ -86,24 +86,24 @@
     content: "{{ matrix_mautrix_meta_messenger_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_meta_messenger_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-meta-messenger registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_meta_messenger_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_meta_messenger_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-meta-messenger support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_meta_messenger_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-signal/tasks/setup_install.yml

@@ -45,8 +45,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_signal_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_signal_config_path }}", when: true}
@@ -73,7 +73,7 @@
     version: "{{ matrix_mautrix_signal_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_signal_git_pull_results
   when: "matrix_mautrix_signal_container_image_self_build | bool"
 
@@ -127,24 +127,24 @@
     content: "{{ matrix_mautrix_signal_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_signal_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-signal registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_signal_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_signal_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-signal support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_signal_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-slack/tasks/setup_install.yml

@@ -39,8 +39,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_slack_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_slack_config_path }}", when: true}
@@ -67,7 +67,7 @@
     version: "{{ matrix_mautrix_slack_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_slack_git_pull_results
   when: "matrix_mautrix_slack_container_image_self_build | bool"
 
@@ -88,16 +88,16 @@
     content: "{{ matrix_mautrix_slack_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_slack_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-slack registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_slack_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_slack_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-mautrix-slack container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml

@@ -223,6 +223,8 @@ matrix_mautrix_telegram_configuration_extension: "{{ matrix_mautrix_telegram_con
 # You most likely don't need to touch this variable. Instead, see `matrix_mautrix_telegram_configuration_yaml`.
 matrix_mautrix_telegram_configuration: "{{ matrix_mautrix_telegram_configuration_yaml | from_yaml | combine(matrix_mautrix_telegram_configuration_extension, recursive=True) }}"
 
+matrix_mautrix_telegram_sender_localpart: "telegrambot"
+
 matrix_mautrix_telegram_registration_yaml: |
   id: telegram
   as_token: "{{ matrix_mautrix_telegram_appservice_token }}"

roles/custom/matrix-bridge-mautrix-telegram/tasks/setup_install.yml

@@ -49,8 +49,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_telegram_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_telegram_config_path }}", when: true}
@@ -77,7 +77,7 @@
     dest: "{{ matrix_mautrix_telegram_lottieconverter_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_telegram_lottieconverter_git_pull_results
   when: "matrix_mautrix_telegram_lottieconverter_container_image_self_build | bool and matrix_mautrix_telegram_container_image_self_build | bool"
 
@@ -100,7 +100,7 @@
     dest: "{{ matrix_mautrix_telegram_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_telegram_git_pull_results
   when: "matrix_mautrix_telegram_container_image_self_build | bool"
 
@@ -144,24 +144,24 @@
     content: "{{ matrix_mautrix_telegram_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_telegram_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-telegram registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_telegram_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_telegram_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-telegram support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_telegram_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-twitter/tasks/setup_install.yml

@@ -30,8 +30,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_twitter_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_twitter_config_path }}", when: true}
@@ -46,7 +46,7 @@
     dest: "{{ matrix_mautrix_twitter_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_twitter_git_pull_results
   when: "matrix_mautrix_twitter_enabled | bool and matrix_mautrix_twitter_container_image_self_build"
 
@@ -66,24 +66,24 @@
     content: "{{ matrix_mautrix_twitter_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_twitter_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-twitter registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_twitter_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_twitter_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-twitter support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_twitter_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml

@@ -50,8 +50,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mautrix_whatsapp_base_path }}", when: true}
     - {path: "{{ matrix_mautrix_whatsapp_config_path }}", when: true}
@@ -78,7 +78,7 @@
     version: "{{ matrix_mautrix_whatsapp_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mautrix_whatsapp_git_pull_results
   when: "matrix_mautrix_whatsapp_container_image_self_build | bool"
 
@@ -132,24 +132,24 @@
     content: "{{ matrix_mautrix_whatsapp_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_whatsapp_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-whatsapp registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_whatsapp_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mautrix_whatsapp_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-whatsapp support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_whatsapp_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml

@@ -26,8 +26,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - path: "{{ matrix_mautrix_wsproxy_base_path }}"
       when: true
@@ -38,8 +38,8 @@
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mautrix_wsproxy_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - syncproxy-env
     - wsproxy-labels
@@ -63,8 +63,8 @@
     path: "{{ item }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - "{{ matrix_mautrix_wsproxy_base_path }}"
     - "{{ matrix_mautrix_wsproxy_config_path }}"
@@ -79,24 +79,24 @@
     content: "{{ matrix_mautrix_wsproxy_configuration | to_nice_yaml }}"
     dest: "{{ matrix_mautrix_wsproxy_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-androidsms registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_androidsms_registration | to_nice_yaml }}"
     dest: "{{ matrix_mautrix_wsproxy_config_path }}/androidsms-registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-imessage registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mautrix_imessage_registration | to_nice_yaml }}"
     dest: "{{ matrix_mautrix_wsproxy_config_path }}/imessage-registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mautrix-wsproxy container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mx_puppet_discord_base_path }}", when: true}
     - {path: "{{ matrix_mx_puppet_discord_config_path }}", when: true}
@@ -91,7 +91,7 @@
     force: "yes"
     version: "{{ matrix_mx_puppet_discord_container_image_self_build_version }}"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mx_puppet_discord_git_pull_results
   when: "matrix_mx_puppet_discord_enabled | bool and matrix_mx_puppet_discord_container_image_self_build"
 
@@ -112,16 +112,16 @@
     content: "{{ matrix_mx_puppet_discord_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_discord_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-discord discord-registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mx_puppet_discord_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_discord_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-discord container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-mx-puppet-discord/templates/config.yaml.j2

@@ -70,7 +70,7 @@ namePatterns:
   #
   # name: username of the user
   # discriminator: hashtag of the user (ex. #1234)
-  user: :name
+  user: ":name (#:discriminator) (via Discord)"
 
   # A user's guild-specific displayname - if they've set a custom nick in
   # a guild
@@ -82,7 +82,7 @@ namePatterns:
   # displayname: the user's custom group-specific nick
   # channel: the name of the channel
   # guild: the name of the guild
-  userOverride: :name
+  userOverride: ":displayname (:name#:discriminator) (via Discord)"
 
   # Room names for bridged Discord channels
   #
@@ -90,7 +90,7 @@ namePatterns:
   #
   # name: name of the channel
   # guild: name of the guild
-  room: :name
+  room: "#:name (:guild on Discord)"
 
   # Group names for bridged Discord servers
   #

roles/custom/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml

@@ -15,8 +15,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mx_puppet_groupme_base_path }}", when: true}
     - {path: "{{ matrix_mx_puppet_groupme_config_path }}", when: true}
@@ -91,7 +91,7 @@
     dest: "{{ matrix_mx_puppet_groupme_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mx_puppet_groupme_git_pull_results
   when: "matrix_mx_puppet_groupme_enabled | bool and matrix_mx_puppet_groupme_container_image_self_build"
 
@@ -112,16 +112,16 @@
     content: "{{ matrix_mx_puppet_groupme_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_groupme_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-groupme groupme-registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mx_puppet_groupme_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_groupme_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-groupme container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml

@@ -55,8 +55,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mx_puppet_instagram_base_path }}", when: true}
     - {path: "{{ matrix_mx_puppet_instagram_config_path }}", when: true}
@@ -71,7 +71,7 @@
     dest: "{{ matrix_mx_puppet_instagram_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mx_puppet_instagram_git_pull_results
   when: "matrix_mx_puppet_instagram_enabled | bool and matrix_mx_puppet_instagram_container_image_self_build | bool"
 
@@ -92,16 +92,16 @@
     content: "{{ matrix_mx_puppet_instagram_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_instagram_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-instagram-registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mx_puppet_instagram_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_instagram_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-instagram container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml

@@ -11,8 +11,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mx_puppet_slack_base_path }}", when: true}
     - {path: "{{ matrix_mx_puppet_slack_config_path }}", when: true}
@@ -80,7 +80,7 @@
     force: "yes"
     version: "{{ matrix_mx_puppet_slack_container_image_self_build_version }}"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mx_puppet_slack_git_pull_results
   when: "matrix_mx_puppet_slack_enabled | bool and matrix_mx_puppet_slack_container_image_self_build"
 
@@ -108,24 +108,24 @@
     content: "{{ matrix_mx_puppet_slack_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_slack_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-slack slack-registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mx_puppet_slack_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_slack_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-slack support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mx_puppet_slack_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml

@@ -17,8 +17,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mx_puppet_steam_base_path }}", when: true}
     - {path: "{{ matrix_mx_puppet_steam_config_path }}", when: true}
@@ -93,7 +93,7 @@
     dest: "{{ matrix_mx_puppet_steam_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mx_puppet_steam_git_pull_results
   when: "matrix_mx_puppet_steam_enabled | bool and matrix_mx_puppet_steam_container_image_self_build"
 
@@ -114,16 +114,16 @@
     content: "{{ matrix_mx_puppet_steam_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_steam_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-steam steam-registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mx_puppet_steam_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_steam_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-steam container network is created
   community.general.docker_network:

roles/custom/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_mx_puppet_twitter_base_path }}", when: true}
     - {path: "{{ matrix_mx_puppet_twitter_config_path }}", when: true}
@@ -92,7 +92,7 @@
     dest: "{{ matrix_mx_puppet_twitter_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_mx_puppet_twitter_git_pull_results
   when: "matrix_mx_puppet_twitter_enabled | bool and matrix_mx_puppet_twitter_container_image_self_build"
 
@@ -113,24 +113,24 @@
     content: "{{ matrix_mx_puppet_twitter_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_twitter_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-twitter twitter-registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_mx_puppet_twitter_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_mx_puppet_twitter_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure mx-puppet-twitter support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_mx_puppet_twitter_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-bridge-postmoogle/tasks/setup_install.yml

@@ -61,8 +61,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_postmoogle_config_path }}", when: true}
     - {path: "{{ matrix_postmoogle_data_path }}", when: true}
@@ -73,8 +73,8 @@
   ansible.builtin.template:
     src: "{{ role_path }}/templates/env.j2"
     dest: "{{ matrix_postmoogle_config_path }}/env"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
 
 - name: Ensure postmoogle image is pulled
@@ -96,7 +96,7 @@
     dest: "{{ matrix_postmoogle_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_postmoogle_git_pull_results
   when: "matrix_postmoogle_container_image_self_build | bool"
 

roles/custom/matrix-bridge-sms/tasks/setup_install.yml

@@ -24,8 +24,8 @@
     path: "{{ item }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - "{{ matrix_sms_bridge_base_path }}"
     - "{{ matrix_sms_bridge_config_path }}"
@@ -36,24 +36,24 @@
     content: "{{ matrix_sms_bridge_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_sms_bridge_config_path }}/application.yml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-sms-bridge registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_sms_bridge_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_sms_bridge_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure android-sms-gateway-server cert installed
   ansible.builtin.copy:
     src: "{{ matrix_sms_bridge_provider_android_truststore_local_path }}"
     dest: "{{ matrix_sms_bridge_config_path }}/matrix-sms-gateway-server.p12"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   when: matrix_sms_bridge_provider_android_truststore_local_path != ""
 
 - name: Ensure matrix-sms-bridge container network is created

roles/custom/matrix-bridge-wechat/tasks/install.yml

@@ -10,8 +10,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_wechat_base_path }}", when: true}
     - {path: "{{ matrix_wechat_config_path }}", when: true}
@@ -41,7 +41,7 @@
         version: "{{ matrix_wechat_container_image_self_build_branch }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_wechat_git_pull_results
 
     - name: Ensure WeChat Bridge container image is built
@@ -76,7 +76,7 @@
         version: "{{ matrix_wechat_agent_container_image_self_build_branch }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_wechat_agent_git_pull_results
 
     - name: Ensure WeChat Agent container image is built
@@ -95,24 +95,24 @@
     content: "{{ matrix_wechat_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_wechat_config_path }}/config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure WeChat registration.yaml installed
   ansible.builtin.copy:
     content: "{{ matrix_wechat_registration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_wechat_config_path }}/registration.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Wechat Agent configuration installed
   ansible.builtin.copy:
     content: "{{ matrix_wechat_agent_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_wechat_config_path }}/agent-config.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-wechat container network is created
   community.general.docker_network:

roles/custom/matrix-cactus-comments-client/tasks/install.yml

@@ -10,8 +10,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_cactus_comments_client_base_path }}", when: true}
     - {path: "{{ matrix_cactus_comments_client_public_path }}", when: true}
@@ -21,8 +21,8 @@
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0644
   with_items:
     - src: "{{ role_path }}/templates/env.j2"
@@ -38,15 +38,15 @@
         url: "{{ matrix_cactus_comments_client_webclient_js_url }}"
         dest: "{{ matrix_cactus_comments_client_public_path }}/cactus.js"
         mode: "{{ matrix_cactus_comments_client_public_path_file_permissions }}"
-        owner: "{{ matrix_user_username }}"
-        group: "{{ matrix_user_groupname }}"
+        owner: "{{ matrix_user_name }}"
+        group: "{{ matrix_group_name }}"
     - name: Download web client css
       ansible.builtin.get_url:
         url: "{{ matrix_cactus_comments_client_webclient_css_url }}"
         dest: "{{ matrix_cactus_comments_client_public_path }}/style.css"
         mode: "{{ matrix_cactus_comments_client_public_path_file_permissions }}"
-        owner: "{{ matrix_user_username }}"
-        group: "{{ matrix_user_groupname }}"
+        owner: "{{ matrix_user_name }}"
+        group: "{{ matrix_group_name }}"
 
 - when: matrix_cactus_comments_client_local_dir | length > 0
   block:
@@ -55,15 +55,15 @@
         src: "{{ matrix_cactus_comments_client_local_dir }}/src/cactus.js"
         dest: "{{ matrix_cactus_comments_client_public_path }}/cactus.js"
         mode: "{{ matrix_cactus_comments_client_public_path_file_permissions }}"
-        owner: "{{ matrix_user_username }}"
-        group: "{{ matrix_user_groupname }}"
+        owner: "{{ matrix_user_name }}"
+        group: "{{ matrix_group_name }}"
     - name: Upload locally distributed client CSS
       ansible.builtin.copy:
         src: "{{ matrix_cactus_comments_client_local_dir }}/src/style.css"
         dest: "{{ matrix_cactus_comments_client_public_path }}/style.css"
         mode: "{{ matrix_cactus_comments_client_public_path_file_permissions }}"
-        owner: "{{ matrix_user_username }}"
-        group: "{{ matrix_user_groupname }}"
+        owner: "{{ matrix_user_name }}"
+        group: "{{ matrix_group_name }}"
 
 - name: Ensure matrix-cactus-comments-client container image is pulled
   community.docker.docker_image:

roles/custom/matrix-cactus-comments/tasks/setup_install.yml

@@ -11,8 +11,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_cactus_comments_base_path }}", when: true}
     - {path: "{{ matrix_cactus_comments_container_tmp_path }}", when: true}
@@ -23,16 +23,16 @@
   ansible.builtin.template:
     src: "{{ role_path }}/templates/env.j2"
     dest: "{{ matrix_cactus_comments_app_service_env_file }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
 
 - name: Ensure matrix-cactus-comments appservice file created
   ansible.builtin.template:
     src: "{{ role_path }}/templates/cactus_appservice.yaml.j2"
     dest: "{{ matrix_cactus_comments_app_service_config_file }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
     mode: 0640
 
 - name: Ensure matrix-cactus-comments image is pulled
@@ -54,7 +54,7 @@
     dest: "{{ matrix_cactus_comments_docker_src_files_path }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_cactus_comments_git_pull_results
   when: "matrix_cactus_comments_container_image_self_build | bool"
 

roles/custom/matrix-client-cinny/tasks/setup_install.yml

@@ -13,8 +13,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_client_cinny_data_path }}", when: true}
     - {path: "{{ matrix_client_cinny_docker_src_files_path }}", when: "{{ matrix_client_cinny_container_image_self_build }}"}
@@ -39,7 +39,7 @@
     version: "{{ matrix_client_cinny_docker_image.split(':')[1] }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_client_cinny_git_pull_results
   when: "matrix_client_cinny_container_image_self_build | bool"
 
@@ -48,16 +48,16 @@
     content: "{{ matrix_client_cinny_configuration | to_nice_json }}"
     dest: "{{ matrix_client_cinny_data_path }}/config.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Cinny additional config files installed
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ matrix_client_cinny_data_path }}/{{ item.name }}"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
     - {src: "{{ role_path }}/templates/labels.j2", name: "labels"}

roles/custom/matrix-client-element/defaults/main.yml

@@ -29,7 +29,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme
 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
 
 # renovate: datasource=docker depName=ghcr.io/element-hq/element-web
-matrix_client_element_version: v1.11.99
+matrix_client_element_version: v1.11.100
 
 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_registry_prefix }}element-hq/element-web:{{ matrix_client_element_version }}"
 matrix_client_element_docker_image_registry_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_client_element_docker_image_registry_prefix_upstream }}"

roles/custom/matrix-client-element/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_client_element_data_path }}", when: true}
     - {path: "{{ matrix_client_element_docker_src_files_path }}", when: "{{ matrix_client_element_container_image_self_build }}"}
@@ -42,7 +42,7 @@
     version: "{{ matrix_client_element_docker_image.split(':')[1] }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_client_element_git_pull_results
   when: "matrix_client_element_container_image_self_build | bool"
 
@@ -75,8 +75,8 @@
     content: "{{ matrix_client_element_configuration | to_nice_json }}"
     dest: "{{ matrix_client_element_data_path }}/config.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Element location sharing map style installed
   when: matrix_client_element_location_sharing_enabled | bool
@@ -84,16 +84,16 @@
     content: "{{ matrix_client_element_location_sharing_map_style | to_nice_json }}"
     dest: "{{ matrix_client_element_data_path }}/map_style.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Element Web config files installed
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ matrix_client_element_data_path }}/{{ item.name }}"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {src: "{{ role_path }}/templates/labels.j2", name: "labels"}
     - {src: "{{ role_path }}/templates/env.j2", name: "env"}
@@ -101,6 +101,19 @@
     - {src: "{{ matrix_client_element_embedded_pages_home_path }}", name: "home.html"}
   when: "item.src is not none"
 
+- name: Copy Element costum files
+  copy:
+    src: "{{ item.src }}"
+    dest: "{{ matrix_client_element_data_path }}/{{ item.name }}"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - {src: "{{ role_path }}/files/background.jpg", name: "background.jpg"}
+    - {src: "{{ role_path }}/files/antifa_coffee_cups.png", name: "logo.png"}
+  when: false
+    #when: "matrix_client_element_enabled|bool and item.src is not none"
+
 - name: Ensure Element Web nginx.conf file is removed
   ansible.builtin.file:
     path: "{{ matrix_client_element_data_path }}/nginx.conf"

roles/custom/matrix-client-element/templates/systemd/matrix-client-element.service.j2

@@ -34,7 +34,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
 			--tmpfs=/var/cache/nginx:rw,mode=777 \
 			--tmpfs=/var/run:rw,mode=777 \
 			--tmpfs=/tmp/element-web-config:rw,mode=777 \
-			--tmpfs=/etc/nginx/conf.d:rw,mode=777 \
+			--tmpfs=/etc/nginx/conf.d:rw,mode=777,uid={{ matrix_user_uid }} \
 			--mount type=bind,src={{ matrix_client_element_data_path }}/config.json,dst=/app/config.json,ro \
 			--mount type=bind,src={{ matrix_client_element_data_path }}/config.json,dst=/app/config.{{ matrix_server_fqn_element }}.json,ro \
 			{% if matrix_client_element_location_sharing_enabled %}

roles/custom/matrix-client-element/templates/welcome.html.j2

@@ -33,7 +33,7 @@ h1::after {
 }
 
 .mx_Logo {
-    height: 54px;
+    height: 92px;
     margin-top: 2px;
 }
 

roles/custom/matrix-client-fluffychat/defaults/main.yml

@@ -13,7 +13,7 @@ matrix_client_fluffychat_container_image_self_build_repo: "https://github.com/et
 matrix_client_fluffychat_container_image_self_build_version: "{{ 'main' if matrix_client_fluffychat_version == 'latest' else matrix_client_fluffychat_version }}"
 
 # renovate: datasource=docker depName=ghcr.io/etkecc/fluffychat-web
-matrix_client_fluffychat_version: v1.25.1
+matrix_client_fluffychat_version: v1.26.0
 matrix_client_fluffychat_docker_image: "{{ matrix_client_fluffychat_docker_image_registry_prefix }}etkecc/fluffychat-web:{{ matrix_client_fluffychat_version }}"
 matrix_client_fluffychat_docker_image_registry_prefix: "{{ 'localhost/' if matrix_client_fluffychat_container_image_self_build else matrix_client_fluffychat_docker_image_registry_prefix_upstream }}"
 matrix_client_fluffychat_docker_image_registry_prefix_upstream: "{{ matrix_client_fluffychat_docker_image_registry_prefix_upstream_default }}"

roles/custom/matrix-client-fluffychat/tasks/setup_install.yml

@@ -9,8 +9,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_client_fluffychat_data_path }}", when: true}
     - {path: "{{ matrix_client_fluffychat_container_src_files_path }}", when: "{{ matrix_client_fluffychat_container_image_self_build }}"}
@@ -37,7 +37,7 @@
         version: "{{ matrix_client_fluffychat_container_image_self_build_version }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_client_fluffychat_git_pull_results
 
     - name: Ensure FluffyChat Web container image is built
@@ -54,8 +54,8 @@
     src: "{{ item.src }}"
     dest: "{{ matrix_client_fluffychat_data_path }}/{{ item.name }}"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {src: "{{ role_path }}/templates/labels.j2", name: "labels"}
   when: "item.src is not none"

roles/custom/matrix-client-hydrogen/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_client_hydrogen_data_path }}", when: true}
     - {path: "{{ matrix_client_hydrogen_docker_src_files_path }}", when: "{{ matrix_client_hydrogen_container_image_self_build }}"}
@@ -32,7 +32,7 @@
         version: "{{ matrix_client_hydrogen_docker_image.split(':')[1] }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_client_hydrogen_git_pull_results
 
     - name: Check if Hydrogen Docker image exists
@@ -73,16 +73,16 @@
     content: "{{ matrix_client_hydrogen_configuration | to_nice_json }}"
     dest: "{{ matrix_client_hydrogen_data_path }}/config.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Hydrogen additional config files installed
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ matrix_client_hydrogen_data_path }}/{{ item.name }}"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
     - {src: "{{ role_path }}/templates/labels.j2", name: "labels"}

roles/custom/matrix-client-schildichat/tasks/setup_install.yml

@@ -13,8 +13,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_client_schildichat_data_path }}", when: true}
     - {path: "{{ matrix_client_schildichat_container_src_files_path }}", when: "{{ matrix_client_schildichat_container_image_self_build }}"}
@@ -41,7 +41,7 @@
         version: "{{ matrix_client_schildichat_container_image_self_build_version }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_client_schildichat_git_pull_results
 
     # See:
@@ -72,8 +72,8 @@
     content: "{{ matrix_client_schildichat_configuration | to_nice_json }}"
     dest: "{{ matrix_client_schildichat_data_path }}/config.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure SchildiChat location sharing map style installed
   when: matrix_client_schildichat_location_sharing_enabled | bool
@@ -81,16 +81,16 @@
     content: "{{ matrix_client_schildichat_location_sharing_map_style | to_nice_json }}"
     dest: "{{ matrix_client_schildichat_data_path }}/map_style.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure SchildiChat Web config files installed
   ansible.builtin.template:
     src: "{{ item.src }}"
     dest: "{{ matrix_client_schildichat_data_path }}/{{ item.name }}"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {src: "{{ role_path }}/templates/labels.j2", name: "labels"}
     - {src: "{{ matrix_client_schildichat_page_template_welcome_path }}", name: "welcome.html"}

roles/custom/matrix-conduit/tasks/setup_install.yml

@@ -13,32 +13,32 @@
     path: "{{ matrix_conduit_config_path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Conduit data path exists
   ansible.builtin.file:
     path: "{{ matrix_conduit_data_path }}"
     state: directory
     mode: 0770
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Conduit configuration installed
   ansible.builtin.template:
     src: "{{ matrix_conduit_template_conduit_config }}"
     dest: "{{ matrix_conduit_config_path }}/conduit.toml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Conduit support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_conduit_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-conduwuit/tasks/install.yml

@@ -9,32 +9,32 @@
     path: "{{ matrix_conduwuit_config_path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure conduwuit data path exists
   ansible.builtin.file:
     path: "{{ matrix_conduwuit_data_path }}"
     state: directory
     mode: 0770
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure conduwuit configuration installed
   ansible.builtin.template:
     src: "{{ matrix_conduwuit_template_conduwuit_config }}"
     dest: "{{ matrix_conduwuit_config_path }}/conduwuit.toml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure conduwuit support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_conduwuit_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
     - env

roles/custom/matrix-conduwuit/tasks/setup_install.yml

@@ -9,32 +9,32 @@
     path: "{{ matrix_conduwuit_config_path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure conduwuit data path exists
   ansible.builtin.file:
     path: "{{ matrix_conduwuit_data_path }}"
     state: directory
     mode: 0770
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure conduwuit configuration installed
   ansible.builtin.template:
     src: "{{ matrix_conduwuit_template_conduwuit_config }}"
     dest: "{{ matrix_conduwuit_config_path }}/conduwuit.toml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure conduwuit support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_conduwuit_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-continuwuity/tasks/install.yml

@@ -9,32 +9,32 @@
     path: "{{ matrix_continuwuity_config_path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure continuwuity data path exists
   ansible.builtin.file:
     path: "{{ matrix_continuwuity_data_path }}"
     state: directory
     mode: 0770
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure continuwuity configuration installed
   ansible.builtin.template:
     src: "{{ matrix_continuwuity_template_continuwuity_config }}"
     dest: "{{ matrix_continuwuity_config_path }}/continuwuity.toml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure continuwuity support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_continuwuity_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
     - env

roles/custom/matrix-continuwuity/tasks/migrate_from_conduwuit.yml

@@ -63,16 +63,16 @@
           ansible.builtin.file:
             path: "{{ matrix_base_data_path }}/continuwuity"
             state: directory
-            owner: "{{ matrix_user_username }}"
-            group: "{{ matrix_user_groupname }}"
+            owner: "{{ matrix_user_name }}"
+            group: "{{ matrix_group_name }}"
             recurse: true
 
         - name: Set continuwuity_old ownership
           ansible.builtin.file:
             path: "{{ matrix_base_data_path }}/continuwuity_old"
             state: directory
-            owner: "{{ matrix_user_username }}"
-            group: "{{ matrix_user_groupname }}"
+            owner: "{{ matrix_user_name }}"
+            group: "{{ matrix_group_name }}"
             recurse: true
 
     - name: Ensure matrix-continuwuity.service systemd service is started

roles/custom/matrix-continuwuity/tasks/setup_install.yml

@@ -9,32 +9,32 @@
     path: "{{ matrix_continuwuity_config_path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure continuwuity data path exists
   ansible.builtin.file:
     path: "{{ matrix_continuwuity_data_path }}"
     state: directory
     mode: 0770
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure continuwuity configuration installed
   ansible.builtin.template:
     src: "{{ matrix_continuwuity_template_continuwuity_config }}"
     dest: "{{ matrix_continuwuity_config_path }}/continuwuity.toml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure continuwuity support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_continuwuity_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-corporal/tasks/setup_install.yml

@@ -16,8 +16,8 @@
     path: "{{ item }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - "{{ matrix_corporal_base_path }}"
     - "{{ matrix_corporal_config_dir_path }}"
@@ -31,7 +31,7 @@
     version: "{{ matrix_corporal_docker_image.split(':')[1] }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   register: matrix_corporal_git_pull_results
   when: matrix_corporal_container_image_self_build | bool
 
@@ -64,16 +64,16 @@
     content: "{{ matrix_corporal_configuration | to_nice_json }}"
     dest: "{{ matrix_corporal_config_dir_path }}/config.json"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Matrix Corporal support files installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/{{ item }}.j2"
     dest: "{{ matrix_corporal_base_path }}/{{ item }}"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - labels
 

roles/custom/matrix-coturn/tasks/setup_install.yml

@@ -51,8 +51,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - {path: "{{ matrix_coturn_docker_src_files_path }}", when: "{{ matrix_coturn_container_image_self_build }}"}
   when: "item.when | bool"
@@ -78,7 +78,7 @@
         version: "{{ matrix_coturn_container_image_self_build_repo_version }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_coturn_git_pull_results
 
     - name: Ensure coturn Docker image is built
@@ -97,16 +97,16 @@
     path: "{{ matrix_coturn_base_path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure turnserver.conf installed
   ansible.builtin.template:
     src: "{{ role_path }}/templates/turnserver.conf.j2"
     dest: "{{ matrix_coturn_config_path }}"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure coturn network is created in Docker
   when: matrix_coturn_container_network not in ['', 'host']

roles/custom/matrix-dendrite/tasks/setup_install.yml

@@ -15,8 +15,8 @@
     path: "{{ item.path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - path: "{{ matrix_dendrite_config_dir_path }}"
       when: true
@@ -44,8 +44,8 @@
     path: "{{ matrix_dendrite_media_store_path }}"
     state: directory
     mode: 0750
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   when: "not local_path_media_store_stat.failed and not local_path_media_store_stat.stat.exists"
 
 - name: Ensure Dendrite Docker image is pulled
@@ -79,16 +79,16 @@
   ansible.builtin.file:
     path: "{{ matrix_dendrite_config_dir_path }}/{{ matrix_server_fqn_matrix }}.signing.pem"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Dendrite configuration installed
   ansible.builtin.copy:
     content: "{{ matrix_dendrite_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_dendrite_config_dir_path }}/dendrite.yaml"
     mode: 0644
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - when: "matrix_dendrite_container_image_self_build | bool"
   block:
@@ -99,7 +99,7 @@
         version: "{{ matrix_dendrite_docker_image.split(':')[1] }}"
         force: "yes"
       become: true
-      become_user: "{{ matrix_user_username }}"
+      become_user: "{{ matrix_user_name }}"
       register: matrix_dendrite_git_pull_results
 
     - name: Check if Dendrite Docker image exists
@@ -130,8 +130,8 @@
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
     mode: "{{ item.mode }}"
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
   with_items:
     - src: labels.j2
       dest: "{{ matrix_dendrite_base_path }}/labels"

roles/custom/matrix-dimension/tasks/setup_install.yml

@@ -87,7 +87,7 @@
     path: "{{ matrix_dimension_base_path }}"
     state: directory
     mode: 0770
-    owner: "{{ matrix_user_username }}"
+    owner: "{{ matrix_user_name }}"
     group: "{{ matrix_dimension_user_gid }}"
 
 - name: Ensure Dimension config installed
@@ -95,7 +95,7 @@
     content: "{{ matrix_dimension_configuration | to_nice_yaml(indent=2, width=999999) }}"
     dest: "{{ matrix_dimension_base_path }}/config.yaml"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
+    owner: "{{ matrix_user_name }}"
     group: "{{ matrix_dimension_user_gid }}"
 
 - name: Ensure Dimension labels installed
@@ -103,8 +103,8 @@
     src: "{{ role_path }}/templates/labels.j2"
     dest: "{{ matrix_dimension_base_path }}/labels"
     mode: 0640
-    owner: "{{ matrix_user_username }}"
-    group: "{{ matrix_user_groupname }}"
+    owner: "{{ matrix_user_name }}"
+    group: "{{ matrix_group_name }}"
 
 - name: Ensure Dimension image is pulled
   community.docker.docker_image:
@@ -125,7 +125,7 @@
     version: "{{ matrix_dimension_container_image_self_build_branch }}"
     force: "yes"
   become: true
-  become_user: "{{ matrix_user_username }}"
+  become_user: "{{ matrix_user_name }}"
   when: "matrix_dimension_container_image_self_build | bool"
   register: matrix_dimension_git_pull_results