finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: finallycoffee:5a14307ec35d6630dced558e2d6e1fab8aa718c0
Branches Tags
finallycoffee:master finallycoffee:transcaffeine/patch-dumb-design-choices finallycoffee:feat-mx-puppet-instagram
..
compare: finallycoffee:ec22fb8497266febc642b4fa43f04a5dce93a537
Branches Tags
finallycoffee:master finallycoffee:transcaffeine/patch-dumb-design-choices finallycoffee:feat-mx-puppet-instagram

2 Commits
5a14307ec3 ... ec22fb8497

Author SHA1 Message Date
transcaffeine
ec22fb8497 meta: move inventory structure to be more usable 2025-04-08 21:10:16 +02:00
jdreichmann
3690db8fe6 meta: add own inventory, add vault-unlock with GPG 2025-04-08 21:10:15 +02:00
86 changed files with 93 additions and 3024 deletions
Expand all files Collapse all files

42
CHANGELOG.md
View File

@ -1,45 +1,3 @@
# 2025-04-26
## Continuwuity support
Thanks to [Virkkunen](https://github.com/Virkkunen), we now have optional experimental [Continuwuity](./docs/configuring-playbook-continuwuity.md) homeserver support.
Continuwuity is a fork of [conduwuit](./docs/configuring-playbook-conduwuit.md), which the playbook also supports. It appears that conduwuit has been abandoned and various forks (like Continuwuity, [Tuwunel](https://github.com/matrix-construct/tuwunel) and possibly others) are continuing in its path.
Existing installations do **not** need to be updated. **Synapse is still the default homeserver implementation** installed by the playbook.
People that used to run conduwuit, may wish to:
- either [migrate from conduwuit to Continuwuity](./docs/configuring-playbook-continuwuity.md#migrating-from-conduwuit)
- or wait for some of the other forks to progress and for support for them to get added to the playbook
**The homeserver implementation of an existing server cannot be changed** (e.g. from Synapse/Conduit/Dendrite to Continuwuity) without data loss.
# 2025-04-09
## Element Call frontend installation is now optional
Because all Element clients (Element Web and Element X mobile) now embed and use their own Element Call frontend application (and not the one hosted via the playbook), it makes little sense for the playbook to self-host the Element Call frontend for you. Setting up the frontend requires an additional hostname (DNS setup) and it won't be used by Element clients anyway, so **we now recommend not installing the Element Call frontend**.
💡 A reason you may wish to continue installing the Element Call frontend (despite Matrix clients not making use of it), is if you need to use it standalone - directly via a browser (without a Matrix client).
The playbook now lets you [Decide between Element Call vs just the Matrix RTC stack](./docs/configuring-playbook-element-call.md#decide-between-element-call-vs-just-the-matrix-rtc-stack).
If you've already installed Element Call (via `matrix_element_call_enabled: true`), you can switch to installing just the [Matrix RTC (Real-Time Communication) stack](./docs/configuring-playbook-matrix-rtc.md) (all supporting services **without the Element Call frontend**) by:
1. Adjusting your `vars.yml` configuration like this:
```diff
-matrix_element_call_enabled: true
+matrix_rtc_enabled: true
```
2. [Re-running the playbook](./docs/installing.md) with the `setup-all` Ansible tag (e.g. `just setup-all`)
3. Getting rid of the `call.element.example.com` DNS record
# 2025-03-15
## Element Call support

1
README.md
View File

@ -53,7 +53,6 @@ The homeserver is the backbone of your Matrix system. Choose one from the follow
| [Synapse](https://github.com/element-hq/synapse) | ✅ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network | [Link](docs/configuring-playbook-synapse.md) |
| [Conduit](https://conduit.rs) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements | [Link](docs/configuring-playbook-conduit.md) |
| [conduwuit](https://conduwuit.puppyirl.gay/) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. conduwuit is a fork of Conduit. | [Link](docs/configuring-playbook-conduwuit.md) |
| [continuwuity](https://continuwuity.org) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. continuwuity is a continuation of conduwuit. | [Link](docs/configuring-playbook-continuwuity.md) |
| [Dendrite](https://github.com/element-hq/dendrite) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. | [Link](docs/configuring-playbook-dendrite.md) |
### Clients

1
docs/configuring-playbook-conduit.md
View File

@ -65,7 +65,6 @@ Find the `registration.yaml` in the `/matrix` directory, for example `/matrix/ma
```
as_token: <token>
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
hs_token: <token>
id: signal
namespaces:

2
docs/configuring-playbook-conduwuit.md
View File

@ -18,7 +18,6 @@ By default, the playbook installs [Synapse](https://github.com/element-hq/synaps
> [!WARNING]
> - **You can't switch an existing Matrix server's implementation** (e.g. Synapse -> conduwuit). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet.
> - **Homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding
> - **the Conduwuit project appears to have been abandoned**. You may wish to install [Conduit](./configuring-playbook-conduit.md), or one of the Conduwuit successors (like [Continuwuity](configuring-playbook-continuwuity.md))
## Adjusting the playbook configuration
@ -84,7 +83,6 @@ Then, send its content to the existing admin room:
```
as_token: <token>
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
hs_token: <token>
id: signal
namespaces:

117
docs/configuring-playbook-continuwuity.md
View File

@ -1,117 +0,0 @@
<!--
SPDX-FileCopyrightText: 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Configuring Continuwuity (optional)
The playbook can install and configure the [Continuwuity](https://continuwuity.org) Matrix server for you.
See the project's [documentation](https://continuwuity.org) to learn what it does and why it might be useful to you.
By default, the playbook installs [Synapse](https://github.com/element-hq/synapse) as it's the only full-featured Matrix server at the moment. If that's okay, you can skip this document.
💡 **Note**: continuwuity is a fork of [conduwuit](./configuring-playbook-conduwuit.md), which the playbook also supports.
> [!WARNING]
> - **You can't switch an existing Matrix server's implementation** (e.g. Synapse -> Continuwuity). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet.
> - **Homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding
## Adjusting the playbook configuration
To use Continuwuity, you **generally** need to adjust the `matrix_homeserver_implementation: synapse` configuration on your `inventory/host_vars/matrix.example.com/vars.yml` file as below:
```yaml
matrix_homeserver_implementation: continuwuity
# Registering users can only happen via the API,
# so it makes sense to enable it, at least initially.
matrix_continuwuity_config_allow_registration: true
# Generate a strong registration token to protect the registration endpoint from abuse.
# You can create one with a command like `pwgen -s 64 1`.
matrix_continuwuity_config_registration_token: ''
```
### Extending the configuration
There are some additional things you may wish to configure about the server.
Take a look at:
- `roles/custom/matrix-continuwuity/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
- `roles/custom/matrix-continuwuity/templates/continuwuity.toml.j2` for the server's default configuration
There are various Ansible variables that control settings in the `continuwuity.toml` file.
If a specific setting you'd like to change does not have a dedicated Ansible variable, you can either submit a PR to us to add it, or you can [override the setting using an environment variable](https://continuwuity.org/configuration#environment-variables) using `matrix_continuwuity_environment_variables_extension`. For example:
```yaml
matrix_continuwuity_environment_variables_extension: |
continuwuity_MAX_REQUEST_SIZE=50000000
continuwuity_REQUEST_TIMEOUT=60
```
## Creating the first user account
Unlike other homeserver implementations (like Synapse and Dendrite), continuwuity does not support creating users via the command line or via the playbook.
If you followed the instructions above (see [Adjusting the playbook configuration](#adjusting-the-playbook-configuration)), you should have registration enabled and protected by a registration token.
This should allow you to create the first user account via any client (like [Element Web](./configuring-playbook-client-element-web.md)) which supports creating users.
The **first user account that you create will be marked as an admin** and **will be automatically invited to an admin room**.
## Configuring bridges / appservices
For other homeserver implementations (like Synapse and Dendrite), the playbook automatically registers appservices (for bridges, bots, etc.) with the homeserver.
For continuwuity, you will have to manually register appservices using the [`!admin appservices register` command](https://continuwuity.org/appservices.html#set-up-the-appservice---general-instructions) sent to the server bot account.
The server's bot account has a Matrix ID of `@conduit:example.com` (not `@continuwuity:example.com`!) due to continuwuity's historical legacy.
Your first user account would already have been invited to an admin room with this bot.
Find the appservice file you'd like to register. This can be any `registration.yaml` file found in the `/matrix` directory, for example `/matrix/mautrix-signal/bridge/registration.yaml`.
Then, send its content to the existing admin room:
!admin appservices register
```
as_token: <token>
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
hs_token: <token>
id: signal
namespaces:
aliases:
- exclusive: true
regex: ^#signal_.+:example\.org$
users:
- exclusive: true
regex: ^@signal_.+:example\.org$
- exclusive: true
regex: ^@signalbot:example\.org$
rate_limited: false
sender_localpart: _bot_signalbot
url: http://matrix-mautrix-signal:29328
```
## Migrating from conduwuit
Since Continuwuity is a drop-in replacement for [conduwuit](configuring-playbook-conduwuit.md), migration is possible.
1. Make sure that Continuwuity is properly set up on your `vars.yml` as described above
2. Make sure that Conduwuit references are removed from your `vars.yml` file
3. Run the installation in a way that installs new services and uninstalls old ones (e.g. `just setup-all`)
4. Run the playbook with the `continuwuity-migrate-from-conduwuit` tag (e.g. `just run-tags continuwuity-migrate-from-conduwuit`). This migrates data from `/matrix/conduwuit` to `/matrix/continuwuity`
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-continuwuity`.

52
docs/configuring-playbook-element-call.md
View File

@ -7,7 +7,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
# Setting up Element Call (optional)
The playbook can install and configure [Element Call](https://github.com/element-hq/element-call) and its supporting components that are part of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md).
The playbook can install and configure [Element Call](https://github.com/element-hq/element-call) for you.
Element Call is a native Matrix video conferencing application developed by [Element](https://element.io), designed for secure, scalable, privacy-respecting, and decentralized video and voice calls over the Matrix protocol. Built on MatrixRTC ([MSC4143](https://github.com/matrix-org/matrix-spec-proposals/pull/4143)), it utilizes [MSC4195](https://github.com/hughns/matrix-spec-proposals/blob/hughns/matrixrtc-livekit/proposals/4195-matrixrtc-livekit.md) with [LiveKit Server](configuring-playbook-livekit-server.md) as its backend.
@ -16,34 +16,18 @@ See the project's [documentation](https://github.com/element-hq/element-call) to
## Prerequisites
- A [Synapse](configuring-playbook-synapse.md) homeserver (see the warning below)
- The [Matrix RTC (Real-Time Communication) stack](configuring-playbook-matrix-rtc.md) (automatically done when Element Call is enabled)
- [Federation](configuring-playbook-federation.md) being enabled for your Matrix homeserver (federation is enabled by default, unless you've explicitly disabled it), because [LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) currently [requires it](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3562#issuecomment-2725250554) ([relevant source code](https://github.com/element-hq/lk-jwt-service/blob/f5f5374c4bdcc00a4fb13d27c0b28e20e4c62334/main.go#L135-L146))
- Various experimental features for the Synapse homeserver which Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) (automatically done when Element Call is enabled)
- A [LiveKit Server](configuring-playbook-livekit-server.md) (automatically installed when Element Call is enabled)
- The [LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) (automatically installed when Element Call is enabled)
- A client compatible with Element Call. As of 2025-03-15, that's just [Element Web](configuring-playbook-client-element-web.md) and the Element X mobile clients (iOS and Android).
- (Optional) Guest accounts being enabled for your Matrix server, if you'd like guests to be able to use Element Call. See [Allowing guests to use Element Call](#allowing-guests-to-use-element-call-optional)
> [!WARNING]
> Because Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) a few experimental features in the Matrix protocol, it's **very likely that it only works with the Synapse homeserver**.
## Decide between Element Call vs just the Matrix RTC stack
All clients that can currently use Element Call (Element Web and Element X on mobile) already embed the Element Call frontend within them.
These **clients will use their own embedded Element Call frontend**, so **self-hosting the Element Call frontend by the playbook is largely unnecessary**.
💡 A reason you may wish to continue installing the Element Call frontend (despite Matrix clients not making use of it), is if you need to use it standalone - directly via a browser (without a Matrix client). Note that unless you [allow guest accounts to use Element Call](#allowing-guests-to-use-element-call-optional), you will still need a Matrix user account **on the same homeserver** to be able to use Element Call.
The playbook makes a distiction between enabling Element Call (`matrix_element_call_enabled`) and enabling the Matrix RTC Stack (`matrix_rtc_enabled`). Enabling Element Call automatically enables the Matrix RTC stack. Because installing the Element Call frontend is now unnecessary, **we recommend only installing the Matrix RTC stack, without the Element Call frontend**.
| Description / Variable | Element Call frontend | [LiveKit Server](configuring-playbook-livekit-server.md) | [LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) |
|------------------------|-----------------------|----------------|---------------------|
| Description | Static website that provides the Element Call UI (but often embedded by clients) | Scalable, multi-user conferencing solution based on WebRTC | A helper component that allows Element Call to integrate with LiveKit Server |
| Required for Element Call to function | No | Yes | Yes |
| `matrix_element_call_enabled` | ✅ Installed | ✅ Installed | ✅ Installed |
| `matrix_rtc_enabled` | ❌ Not Installed, but usually unnecessary | ✅ Installed | ✅ Installed |
All documentation below assumes that you've decided to install Element Call and not just the Matrix RTC stack.
## Decide on a domain and path
By default, the Element Call frontend is configured to be served on the `call.element.example.com` domain.
By default, Element Call is configured to be served on the `call.element.example.com` domain.
If you'd like to run Element Call on another hostname, see the [Adjusting the Element Call URL](#adjusting-the-element-call-url-optional) section below.
@ -64,8 +48,6 @@ In addition to the HTTP/HTTPS ports (which you've already exposed as per the [pr
Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
# Enable the Element Call frontend UI to allow standalone use of Element Call.
# Enabling this also auto-enables the Matrix RTC stack.
matrix_element_call_enabled: true
```
@ -82,28 +64,6 @@ matrix_element_call_hostname: element-call.example.com
> [!WARNING]
> A `matrix_element_call_path_prefix` variable is also available and mean to let you configure a path prefix for the Element Call service, but [Element Call does not support running under a sub-path yet](https://github.com/element-hq/element-call/issues/3084).
### Allowing guests to use Element Call (optional)
By default, Element Call can only be used by people having accounts on your Matrix server.
If you'd like guests to be able to use Element Call as well, you need to enable guest accounts support for your homeserver.
> [!WARNING]
> Enabling guest accounts means that your homeserver's user database may get polluted with guest account signups (potentially made by bots).
> Guest accounts should be limited in what (damage) they can do to your server and the rest of the Matrix ecosystem, but it's better to not enable them unless necessary.
For [Synapse](configuring-playbook-synapse.md) (the default homeserver implementation), the configuration is like this:
```yml
matrix_synapse_allow_guest_access: true
```
For [Dendrite](configuring-playbook-dendrite.md), the configuration is like this:
```yml
matrix_dendrite_guests_disabled: false
```
## Installing
After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records) and [adjusting firewall rules](#adjusting-firewall-rules), run the playbook with [playbook tags](playbook-tags.md) as below:

4
docs/configuring-playbook-livekit-jwt-service.md
View File

@ -8,9 +8,9 @@ SPDX-License-Identifier: AGPL-3.0-or-later
The playbook can install and configure [LiveKit JWT Service](https://github.com/element-hq/lk-jwt-service/) for you.
This is a helper component which is part of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) that allows [Element Call](configuring-playbook-element-call.md) to integrate with [LiveKit Server](configuring-playbook-livekit-server.md).
This is a helper component that allows [Element Call](configuring-playbook-element-call.md) to integrate with [LiveKit Server](configuring-playbook-livekit-server.md).
💡 LiveKit JWT Service is automatically installed and configured when either [Element Call](configuring-playbook-element-call.md) or the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) is enabled, so you don't need to do anything extra.
💡 LiveKit JWT Service is automatically installed and configured when [Element Call](configuring-playbook-element-call.md) is enabled, so you don't need to do anything extra.
Take a look at:

2
docs/configuring-playbook-livekit-server.md
View File

@ -11,7 +11,7 @@ The playbook can install and configure [LiveKit Server](https://github.com/livek
LiveKit Server is an open source project that provides scalable, multi-user conferencing based on WebRTC. It's designed to provide everything you need to build real-time video audio data capabilities in your applications.
💡 LiveKit Server is automatically installed and configured when either [Element Call](configuring-playbook-element-call.md) or the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) is enabled, so you don't need to do anything extra.
💡 LiveKit Server is automatically installed and configured when [Element Call](configuring-playbook-element-call.md) is enabled, so you don't need to do anything extra.
The [Ansible role for LiveKit Server](https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server) is developed and maintained by [the MASH (mother-of-all-self-hosting) project](https://github.com/mother-of-all-self-hosting). For details about configuring LiveKit Server, you can check them via:
- 🌐 [the role's documentation at the MASH project](https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server/blob/main/docs/configuring-livekit-server.md) online

59
docs/configuring-playbook-matrix-rtc.md
View File

@ -1,59 +0,0 @@
<!--
SPDX-FileCopyrightText: 2024 wjbeckett
SPDX-FileCopyrightText: 2024 - 2025 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up the Matrix RTC stack (optional)
The playbook can install and configure the Matrix RTC (Real-Time Communication) stack.
The Matrix RTC stack is a set of supporting components ([LiveKit Server](configuring-playbook-livekit-server.md) and [LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md)) that allow the new [Element Call](configuring-playbook-element-call.md) audio/video calls to function.
💡 If you only plan on doing audio/video calls via Matrix client (which typically embed the Element Call frontend UI within them), you only need to install the Matrix RTC stack and don't necessarily need to install [Element Call](configuring-playbook-element-call.md). See the [Decide between Element Call vs just the Matrix RTC stack](configuring-playbook-element-call.md#decide-between-element-call-vs-just-the-matrix-rtc-stack) section of the [Element Call documentation](configuring-playbook-element-call.md) for more details.
## Prerequisites
- A [Synapse](configuring-playbook-synapse.md) homeserver (see the warning below)
- [Federation](configuring-playbook-federation.md) being enabled for your Matrix homeserver (federation is enabled by default, unless you've explicitly disabled it), because [LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) currently [requires it](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3562#issuecomment-2725250554) ([relevant source code](https://github.com/element-hq/lk-jwt-service/blob/f5f5374c4bdcc00a4fb13d27c0b28e20e4c62334/main.go#L135-L146))
- Various experimental features for the Synapse homeserver which Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) (automatically done when Element Call is enabled)
- A [LiveKit Server](configuring-playbook-livekit-server.md) (automatically installed when [Element Call or the Matrix RTC stack is enabled](#decide-between-element-call-vs-just-the-matrix-rtc-stack))
- The [LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) (automatically installed when [Element Call or the Matrix RTC stack is enabled](#decide-between-element-call-vs-just-the-matrix-rtc-stack))
- A client compatible with Element Call. As of 2025-03-15, that's just [Element Web](configuring-playbook-client-element-web.md) and the Element X mobile clients (iOS and Android).
> [!WARNING]
> Because Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) a few experimental features in the Matrix protocol, it's **very likely that it only works with the Synapse homeserver**.
## Adjusting the playbook configuration
Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
# Enable the Matrix RTC stack.
# This provides all supporting services for Element Call, without the Element Call frontend.
matrix_rtc_enabled: true
```
## Adjusting firewall rules
In addition to the HTTP/HTTPS ports (which you've already exposed as per the [prerequisites](prerequisites.md) document), you'll also need to open ports required by [LiveKit Server](configuring-playbook-livekit-server.md) as described in its own [Adjusting firewall rules](configuring-playbook-livekit-server.md#adjusting-firewall-rules) section.
## Installing
After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records) and [adjusting firewall rules](#adjusting-firewall-rules), run the playbook with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
## Usage
Once installed, Matrix clients which support Element Call (like [Element Web](configuring-playbook-client-element-web.md) and Element X on mobile (iOS and Android)) will automatically use the Matrix RTC stack.
These clients typically embed the Element Call frontend UI within them, so installing [Element Call](configuring-playbook-element-call.md) is only necessary if you'd like to use it standalone - directly via a browser.

10
docs/configuring-playbook.md
View File

@ -53,8 +53,6 @@ For a more custom setup, see the [Other configuration options](#other-configurat
- [Configuring conduwuit](configuring-playbook-conduwuit.md), if you've switched to the [conduwuit](https://conduwuit.puppyirl.gay/) homeserver implementation
- [Configuring continuwuity](configuring-playbook-continuwuity.md), if you've switched to the [continuwuity](https://continuwuity.org) homeserver implementation
- [Configuring Dendrite](configuring-playbook-dendrite.md), if you've switched to the [Dendrite](https://matrix-org.github.io/dendrite) homeserver implementation
- Server components:
@ -239,13 +237,11 @@ Services that help you in administrating and monitoring your Matrix installation
Various services that don't fit any other categories.
- [Setting up Element Call](configuring-playbook-element-call.md) — a native Matrix video conferencing application, built on top of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) (optional)
- [Setting up Element Call](configuring-playbook-element-call.md) — a native Matrix video conferencing application (optional)
- [Setting up LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) - a component of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) (optional)
- [Setting up LiveKit JWT Service](configuring-playbook-livekit-jwt-service.md) (optional)
- [Setting up LiveKit Server](configuring-playbook-livekit-server.md) - a component of the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) (optional)
- [Setting up Matrix RTC](configuring-playbook-matrix-rtc.md) (optional)
- [Setting up LiveKit Server](configuring-playbook-livekit-server.md) (optional)
- [Setting up Synapse Auto Invite Accept](configuring-playbook-synapse-auto-accept-invite.md)

1
docs/container-images.md
View File

@ -28,7 +28,6 @@ We try to stick to official images (provided by their respective projects) as mu
| [Synapse](configuring-playbook-synapse.md) | [element-hq/synapse](https://ghcr.io/element-hq/synapse) | ✅ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network |
| [Conduit](configuring-playbook-conduit.md) | [matrixconduit/matrix-conduit](https://hub.docker.com/r/matrixconduit/matrix-conduit) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Conduit is a lightweight open-source server implementation of the Matrix Specification with a focus on easy setup and low system requirements |
| [conduwuit](configuring-playbook-conduwuit.md) | [girlbossceo/conduwuit](https://ghcr.io/girlbossceo/conduwuit) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. conduwuit is a fork of Conduit. |
| [continuwuity](configuring-playbook-continuwuity.md) | [continuwuation/continuwuity](https://forgejo.ellis.link/continuwuation/continuwuity) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. continuwuity is a continuation of conduwuit. |
| [Dendrite](configuring-playbook-dendrite.md) | [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) | ❌ | Storing your data and managing your presence in the [Matrix](http://matrix.org/) network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse. |
## Clients

4
docs/howto-srv-server-delegation.md
View File

@ -26,7 +26,7 @@ The up-to-date list can be accessed on [traefik's documentation](https://doc.tra
**Note**: the changes below instruct you how to do this for a basic Synapse installation. You will need to adapt the variable name and the content of the labels:
- if you're using another homeserver implementation (e.g. [Conduit](./configuring-playbook-conduit.md), [conduwuit](./configuring-playbook-conduwuit.md), [continuwuity](./configuring-playbook-continuwuity.md) or [Dendrite](./configuring-playbook-dendrite.md))
- if you're using another homeserver implementation (e.g. [Conduit](./configuring-playbook-conduit.md), [conduwuit](./configuring-playbook-conduwuit.md) or [Dendrite](./configuring-playbook-dendrite.md))
- if you're using [Synapse with workers enabled](./configuring-playbook-synapse.md#load-balancing-with-workers) (`matrix_synapse_workers_enabled: true`). In that case, it's actually the `matrix-synapse-reverse-proxy-companion` service which has Traefik labels attached
Also, all instructions below are from an older version of the playbook and may not work anymore.
@ -79,7 +79,7 @@ traefik_configuration_extension_yaml: |
- "8.8.8.8:53"
storage: {{ traefik_config_certificatesResolvers_acme_storage | to_json }}
# 2. Configure the environment variables needed by Traefik to automate the ACME DNS Challenge (example for Cloudflare)
# 2. Configure the environment variables needed by Rraefik to automate the ACME DNS Challenge (example for Cloudflare)
traefik_environment_variables: |
CF_API_EMAIL=redacted
CF_ZONE_API_TOKEN=redacted

82
group_vars/matrix_servers
View File

@ -243,7 +243,7 @@ matrix_addons_homeserver_client_api_url: "{{ ('http://' + matrix_playbook_revers
matrix_addons_homeserver_systemd_services_list: "{{ ([traefik_identifier + '.service'] if matrix_playbook_reverse_proxy_type == 'playbook-managed-traefik' else []) if matrix_playbook_internal_matrix_client_api_traefik_entrypoint_enabled else matrix_homeserver_systemd_services_list }}"
# Starting from version `0.6.0` Conduit natively supports some sync v3 (sliding-sync) features.
matrix_homeserver_sliding_sync_url: "{{ matrix_sliding_sync_base_url if matrix_sliding_sync_enabled else (matrix_homeserver_url if matrix_homeserver_implementation in ['conduit', 'conduwuit', 'continuwuity'] else '') }}"
matrix_homeserver_sliding_sync_url: "{{ matrix_sliding_sync_base_url if matrix_sliding_sync_enabled else (matrix_homeserver_url if matrix_homeserver_implementation in ['conduit', 'conduwuit'] else '') }}"
########################################################################
# #
@ -567,7 +567,6 @@ matrix_homeserver_container_client_api_endpoint: |-
'dendrite': ('matrix-dendrite:' + matrix_dendrite_http_bind_port | default('8008') | string),
'conduit': ('matrix-conduit:' + matrix_conduit_port_number | default('8008') | string),
'conduwuit': ('matrix-conduwuit:' + matrix_conduwuit_config_port_number | default('8008') | string),
'continuwuity': ('matrix-continuwuity:' + matrix_continuwuity_config_port_number | default('8008') | string),
}[matrix_homeserver_implementation]
}}
@ -578,7 +577,6 @@ matrix_homeserver_container_federation_api_endpoint: |-
'dendrite': ('matrix-dendrite:' + matrix_dendrite_http_bind_port | default('8008') | string),
'conduit': ('matrix-conduit:' + matrix_conduit_port_number | default('8008') | string),
'conduwuit': ('matrix-conduwuit:' + matrix_conduwuit_config_port_number | default('8008') | string),
'continuwuity': ('matrix-continuwuity:' + matrix_continuwuity_config_port_number | default('8008') | string),
}[matrix_homeserver_implementation]
}}
@ -3201,8 +3199,8 @@ matrix_bot_draupnir_config_rawHomeserverUrl: "{{ matrix_addons_homeserver_client
matrix_bot_draupnir_container_labels_traefik_enabled: "{{ matrix_bot_draupnir_config_web_enabled and matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
matrix_bot_draupnir_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_bot_draupnir_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_bot_draupnir_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
######################################################################
#
@ -4539,7 +4537,7 @@ ntfy_visitor_request_limit_exempt_hosts_hostnames_auto: |
#
######################################################################
valkey_enabled: "{{ matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_encryption_enabled) }}"
valkey_enabled: "{{ matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_encryption_enabled) or matrix_element_call_enabled }}"
valkey_identifier: matrix-valkey
@ -4611,9 +4609,9 @@ matrix_client_element_enable_presence_by_hs_url: |-
matrix_client_element_jitsi_preferred_domain: "{{ matrix_server_fqn_jitsi if jitsi_enabled else '' }}"
matrix_client_element_features_feature_video_rooms: "{{ matrix_rtc_enabled }}"
matrix_client_element_features_feature_group_calls: "{{ matrix_rtc_enabled }}"
matrix_client_element_features_feature_element_call_video_rooms: "{{ matrix_rtc_enabled }}"
matrix_client_element_features_feature_video_rooms: "{{ matrix_element_call_enabled }}"
matrix_client_element_features_feature_group_calls: "{{ matrix_element_call_enabled }}"
matrix_client_element_features_feature_element_call_video_rooms: "{{ matrix_element_call_enabled }}"
matrix_client_element_features_feature_oidc_native_flow: "{{ matrix_authentication_service_enabled }}"
matrix_client_element_element_call_enabled: "{{ matrix_element_call_enabled }}"
@ -4936,7 +4934,7 @@ matrix_synapse_ext_media_repo_enabled: "{{ matrix_media_repo_enabled }}"
matrix_synapse_report_stats: "{{ matrix_synapse_usage_exporter_enabled }}"
matrix_synapse_report_stats_endpoint: "{{ (('http://' + matrix_synapse_usage_exporter_identifier + ':' + matrix_synapse_usage_exporter_container_port | string + '/report-usage-stats/push') if matrix_synapse_usage_exporter_enabled else '') }}"
matrix_synapse_experimental_features_msc3266_enabled: "{{ matrix_rtc_enabled }}"
matrix_synapse_experimental_features_msc3266_enabled: "{{ matrix_element_call_enabled }}"
matrix_synapse_experimental_features_msc3861_enabled: "{{ matrix_authentication_service_enabled and not matrix_authentication_service_migration_in_progress }}"
matrix_synapse_experimental_features_msc3861_issuer: "{{ matrix_authentication_service_http_base_container_url if matrix_authentication_service_enabled else '' }}"
@ -4946,9 +4944,9 @@ matrix_synapse_experimental_features_msc3861_account_management_url: "{{ matrix_
matrix_synapse_experimental_features_msc4108_enabled: "{{ matrix_authentication_service_enabled and not matrix_authentication_service_migration_in_progress }}"
matrix_synapse_experimental_features_msc4140_enabled: "{{ matrix_rtc_enabled }}"
matrix_synapse_experimental_features_msc4140_enabled: "{{ matrix_element_call_enabled }}"
matrix_synapse_experimental_features_msc4222_enabled: "{{ matrix_rtc_enabled }}"
matrix_synapse_experimental_features_msc4222_enabled: "{{ matrix_element_call_enabled }}"
# Disable password authentication when delegating authentication to Matrix Authentication Service.
# Unless this is done, Synapse fails on startup with:
@ -5642,7 +5640,6 @@ grafana_default_home_dashboard_path: |-
'dendrite': ('/etc/grafana/dashboards/node-exporter-full.json' if prometheus_node_exporter_enabled else ''),
'conduit': ('/etc/grafana/dashboards/node-exporter-full.json' if prometheus_node_exporter_enabled else ''),
'conduwuit': ('/etc/grafana/dashboards/node-exporter-full.json' if prometheus_node_exporter_enabled else ''),
'continuwuity': ('/etc/grafana/dashboards/node-exporter-full.json' if prometheus_node_exporter_enabled else ''),
}[matrix_homeserver_implementation]
}}
@ -5703,7 +5700,6 @@ matrix_registration_shared_secret: |-
'dendrite': matrix_dendrite_client_api_registration_shared_secret | default (''),
'conduit': '',
'conduwuit': '',
'continuwuity': '',
}[matrix_homeserver_implementation]
}}
@ -5981,58 +5977,6 @@ matrix_conduwuit_self_check_validate_certificates: "{{ matrix_playbook_ssl_enabl
######################################################################
######################################################################
#
# matrix-continuwuity
#
######################################################################
matrix_continuwuity_enabled: "{{ matrix_homeserver_implementation == 'continuwuity' }}"
matrix_continuwuity_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_continuwuity_config_allow_federation: "{{ matrix_homeserver_federation_enabled }}"
matrix_continuwuity_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_continuwuity_docker_image_registry_prefix_upstream_default }}"
matrix_continuwuity_container_network: "{{ matrix_homeserver_container_network }}"
matrix_continuwuity_container_additional_networks_auto: |
{{
(
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_continuwuity_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network else [])
) | unique
}}
matrix_continuwuity_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and not matrix_synapse_workers_enabled }}"
matrix_continuwuity_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_continuwuity_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_continuwuity_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_continuwuity_container_labels_public_client_root_redirection_enabled: "{{ matrix_continuwuity_container_labels_public_client_root_redirection_url != '' }}"
matrix_continuwuity_container_labels_public_client_root_redirection_url: "{{ (('https://' if matrix_playbook_ssl_enabled else 'http://') + matrix_server_fqn_element) if matrix_client_element_enabled else '' }}"
matrix_continuwuity_container_labels_public_federation_api_traefik_hostname: "{{ matrix_server_fqn_matrix_federation }}"
matrix_continuwuity_container_labels_public_federation_api_traefik_entrypoints: "{{ matrix_federation_traefik_entrypoint_name }}"
matrix_continuwuity_container_labels_public_federation_api_traefik_tls: "{{ matrix_federation_traefik_entrypoint_tls }}"
matrix_continuwuity_container_labels_internal_client_api_enabled: "{{ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_enabled }}"
matrix_continuwuity_container_labels_internal_client_api_traefik_entrypoints: "{{ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_name }}"
matrix_continuwuity_config_turn_uris: "{{ matrix_coturn_turn_uris if matrix_coturn_enabled else [] }}"
matrix_continuwuity_config_turn_secret: "{{ matrix_coturn_turn_static_auth_secret if (matrix_coturn_enabled and matrix_coturn_authentication_method == 'auth-secret') else '' }}"
matrix_continuwuity_config_turn_username: "{{ matrix_coturn_lt_cred_mech_username if (matrix_coturn_enabled and matrix_coturn_authentication_method == 'lt-cred-mech') else '' }}"
matrix_continuwuity_config_turn_password: "{{ matrix_coturn_lt_cred_mech_password if (matrix_coturn_enabled and matrix_coturn_authentication_method == 'lt-cred-mech') else '' }}"
matrix_continuwuity_self_check_validate_certificates: "{{ matrix_playbook_ssl_enabled }}"
######################################################################
#
# /matrix-continuwuity
#
######################################################################
######################################################################
#
# matrix-user-creator
@ -6196,7 +6140,7 @@ matrix_static_files_file_matrix_client_property_m_tile_server_map_style_url: "{{
# See: https://github.com/etkecc/synapse-admin/pull/126
matrix_static_files_file_matrix_client_property_cc_etke_synapse_admin_auto: "{{ matrix_synapse_admin_configuration if matrix_homeserver_implementation == 'synapse' else {} }}"
matrix_static_files_file_matrix_client_property_org_matrix_msc4143_rtc_foci_enabled: "{{ matrix_livekit_jwt_service_enabled }}"
matrix_static_files_file_matrix_client_property_org_matrix_msc4143_rtc_foci_enabled: "{{ matrix_element_call_enabled }}"
matrix_static_files_file_matrix_client_property_org_matrix_msc4143_rtc_foci_auto: |-
{{
(
@ -6353,7 +6297,7 @@ matrix_element_call_config_livekit_livekit_service_url: "{{ matrix_livekit_jwt_s
# #
########################################################################
livekit_server_enabled: "{{ matrix_rtc_enabled }}"
livekit_server_enabled: "{{ matrix_element_call_enabled }}"
livekit_server_identifier: matrix-livekit-server
@ -6461,7 +6405,7 @@ livekit_server_systemd_required_services_list_auto: |
# #
########################################################################
matrix_livekit_jwt_service_enabled: "{{ matrix_rtc_enabled and livekit_server_enabled }}"
matrix_livekit_jwt_service_enabled: "{{ matrix_element_call_enabled and livekit_server_enabled }}"
matrix_livekit_jwt_service_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"

134
i18n/locales/bg/LC_MESSAGES/docs/configuring-playbook-continuwuity.po
View File

@ -1,134 +0,0 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2018-2025, Slavi Pantaleev, Aine Etke, MDAD community
# members
# This file is distributed under the same license as the
# matrix-docker-ansible-deploy package.
# FIRST AUTHOR <EMAIL@ADDRESS>, 2025.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: matrix-docker-ansible-deploy \n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2025-01-27 09:54+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language: bg\n"
"Language-Team: bg <LL@li.org>\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Generated-By: Babel 2.16.0\n"
#: ../../../docs/configuring-playbook-continuwuity.md:1
msgid "Configuring continuwuity (optional)"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:3
msgid "The playbook can install and configure the [continuwuity](https://continuwuity.org/) Matrix server for you."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:5
msgid "See the project's [documentation](https://continuwuity.org/) to learn what it does and why it might be useful to you."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:7
msgid "By default, the playbook installs [Synapse](https://github.com/element-hq/synapse) as it's the only full-featured Matrix server at the moment. If that's okay, you can skip this document."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:9
msgid "💡 **Note**: continuwuity is a fork of [conduwuit](./configuring-playbook-conduwuit.md), which the playbook also supports."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:11
msgid "⚠️ **Warnings**:"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:13
msgid "**You can't switch an existing Matrix server's implementation** (e.g. Synapse -> continuwuity). Proceed below only if you're OK with losing data or you're dealing with a server on a new domain name, which hasn't participated in the Matrix federation yet."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:15
msgid "**Homeserver implementations other than Synapse may not be fully functional**. The playbook may also not assist you in an optimal way (like it does with Synapse). Make yourself familiar with the downsides before proceeding"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:17
msgid "Adjusting the playbook configuration"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:19
msgid "To use continuwuity, you **generally** need to adjust the `matrix_homeserver_implementation: synapse` configuration on your `inventory/host_vars/matrix.example.com/vars.yml` file as below:"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:33
msgid "Extending the configuration"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:35
msgid "There are some additional things you may wish to configure about the server."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:37
msgid "Take a look at:"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:39
msgid "`roles/custom/matrix-continuwuity/defaults/main.yml` for some variables that you can customize via your `vars.yml` file"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:40
msgid "`roles/custom/matrix-continuwuity/templates/continuwuity.toml.j2` for the server's default configuration"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:42
msgid "There are various Ansible variables that control settings in the `continuwuity.toml` file."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:44
msgid "If a specific setting you'd like to change does not have a dedicated Ansible variable, you can either submit a PR to us to add it, or you can [override the setting using an environment variable](https://continuwuity.org/configuration#environment-variables) using `matrix_continuwuity_environment_variables_extension`. For example:"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:52
msgid "Creating the first user account"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:54
msgid "Unlike other homeserver implementations (like Synapse and Dendrite), continuwuity does not support creating users via the command line or via the playbook."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:56
msgid "If you followed the instructions above (see [Adjusting the playbook configuration](#adjusting-the-playbook-configuration)), you should have registration enabled and protected by a registration token."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:58
msgid "This should allow you to create the first user account via any client (like [Element Web](./configuring-playbook-client-element-web.md)) which supports creating users."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:60
msgid "The **first user account that you create will be marked as an admin** and **will be automatically invited to an admin room**."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:63
msgid "Configuring bridges / appservices"
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:65
msgid "For other homeserver implementations (like Synapse and Dendrite), the playbook automatically registers appservices (for bridges, bots, etc.) with the homeserver."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:67
msgid "For continuwuity, you will have to manually register appservices using the [`!admin appservices register` command](https://continuwuity.org/appservices#set-up-the-appservice---general-instructions) sent to the server bot account."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:69
msgid "The server's bot account has a Matrix ID of `@conduit:example.com` (not `@continuwuity:example.com`!) due to continuwuity's historical legacy. Your first user account would already have been invited to an admin room with this bot."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:72
msgid "Find the appservice file you'd like to register. This can be any `registration.yaml` file found in the `/matrix` directory, for example `/matrix/mautrix-signal/bridge/registration.yaml`."
msgstr ""
#: ../../../docs/configuring-playbook-continuwuity.md:74
msgid "Then, send its content to the existing admin room:"
msgstr ""

8
i18n/requirements.txt
View File

@ -1,6 +1,6 @@
alabaster==1.0.0
babel==2.17.0
certifi==2025.4.26
certifi==2025.1.31
charset-normalizer==3.4.1
click==8.1.8
docutils==0.21.2
@ -13,11 +13,11 @@ MarkupSafe==3.0.2
mdit-py-plugins==0.4.2
mdurl==0.1.2
myst-parser==4.0.1
packaging==25.0
packaging==24.2
Pygments==2.19.1
PyYAML==6.0.2
requests==2.32.3
setuptools==79.0.1
setuptools==78.1.0
snowballstemmer==2.2.0
Sphinx==8.2.3
sphinx-intl==2.3.1
@ -30,4 +30,4 @@ sphinxcontrib-qthelp==2.0.0
sphinxcontrib-serializinghtml==2.0.0
tabulate==0.9.0
uc-micro-py==1.0.3
urllib3==2.4.0
urllib3==2.3.0

8
requirements.yml
View File

@ -4,7 +4,7 @@
version: v1.0.0-5
name: auxiliary
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git
version: v1.4.1-1.9.14-0
version: v1.4.0-1.9.13-1
name: backup_borg
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
version: v0.3.0-4
@ -22,10 +22,10 @@
version: v4.98.1-r0-2-0
name: exim_relay
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git
version: v11.6.0-security-01-0
version: v11.6.0-0
name: grafana
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
version: v10184-0
version: v10169-0
name: jitsi
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
version: v1.8.4-5
@ -67,7 +67,7 @@
version: v1.0.0-0
name: timesync
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
version: v3.3.6-0
version: v3.3.5-0
name: traefik
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
version: v2.10.0-0

2
roles/custom/matrix-alertmanager-receiver/defaults/main.yml
View File

@ -11,7 +11,7 @@
matrix_alertmanager_receiver_enabled: true
# renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
matrix_alertmanager_receiver_version: 2025.4.23
matrix_alertmanager_receiver_version: 2025.3.26
matrix_alertmanager_receiver_scheme: https

4
roles/custom/matrix-authentication-service/defaults/main.yml
View File

@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
matrix_authentication_service_version: 0.15.0
matrix_authentication_service_version: 0.14.1
matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
@ -562,7 +562,7 @@ matrix_authentication_service_syn2mas_start_wait_time_seconds: 5
matrix_authentication_service_syn2mas_dry_run: false
# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service/syn2mas
matrix_authentication_service_syn2mas_version: 0.15.0
matrix_authentication_service_syn2mas_version: 0.14.1
matrix_authentication_service_syn2mas_container_image: "{{ matrix_authentication_service_syn2mas_container_image_registry_prefix }}element-hq/matrix-authentication-service/syn2mas:{{ matrix_authentication_service_syn2mas_version }}"
matrix_authentication_service_syn2mas_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream }}"
matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_syn2mas_container_image_registry_prefix_upstream_default }}"

5
roles/custom/matrix-base/defaults/main.yml
View File

@ -48,9 +48,6 @@ matrix_bridges_encryption_enabled: false
# Global var to make encryption default/optional across all bridges with encryption support
matrix_bridges_encryption_default: "{{ matrix_bridges_encryption_enabled }}"
# Global var for enabling msc4190 ( On supported bridges)
matrix_bridges_msc4190_enabled: "{{ matrix_authentication_service_enabled and matrix_bridges_encryption_enabled and matrix_synapse_experimental_features_msc3202_device_masquerading_enabled }}"
# Global var to enable/disable relay mode across all bridges with relay mode support
matrix_bridges_relay_enabled: false
@ -81,7 +78,7 @@ matrix_monitoring_container_network: matrix-monitoring
matrix_homeserver_enabled: true
# This will contain the homeserver implementation that is in use.
# Valid values: synapse, dendrite, conduit, conduwuit, continuwuity
# Valid values: synapse, dendrite, conduit, conduwuit
#
# By default, we use Synapse, because it's the only full-featured Matrix server at the moment.
#

2
roles/custom/matrix-base/tasks/validate_config.yml
View File

@ -13,7 +13,7 @@
- name: Fail if invalid homeserver implementation
ansible.builtin.fail:
msg: "You need to set a valid homeserver implementation in `matrix_homeserver_implementation`"
when: "matrix_homeserver_implementation not in ['synapse', 'dendrite', 'conduit', 'conduwuit', 'continuwuity']"
when: "matrix_homeserver_implementation not in ['synapse', 'dendrite', 'conduit', 'conduwuit']"
- name: (Deprecation) Catch and report renamed settings
ansible.builtin.fail:

4
roles/custom/matrix-bot-baibot/defaults/main.yml
View File

@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
# renovate: datasource=docker depName=ghcr.io/etkecc/baibot
matrix_bot_baibot_version: v1.6.0
matrix_bot_baibot_version: v1.5.1
matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
@ -368,7 +368,7 @@ matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key: ""
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_enabled: true
# For valid model choices, see: https://platform.openai.com/docs/models
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4.1
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-4o
# The prompt text to use (can be null or empty to not use a prompt).
# See: https://huggingface.co/docs/transformers/en/tasks/prompting
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}"

14
roles/custom/matrix-bot-draupnir/defaults/main.yml
View File

@ -157,13 +157,13 @@ matrix_bot_draupnir_configuration: "{{ matrix_bot_draupnir_configuration_yaml |
# See `matrix_synapse_container_labels_traefik_enabled` or `matrix_synapse_container_labels_matrix_related_labels_enabled`
matrix_bot_draupnir_container_labels_traefik_enabled: false
matrix_bot_draupnir_container_labels_traefik_docker_network: "{{ matrix_draupnir_bot_container_network }}"
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_hostname: "{{ matrix_synapse_container_labels_traefik_hostname }}" # noqa var-naming
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_path_regexp: "^/_matrix/client/(r0|v3)/rooms/([^/]*)/report/(.*)$" # noqa var-naming
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_rule: "Host(`{{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_hostname }}`) && PathRegexp(`{{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_path_regexp }}`)" # noqa var-naming
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_priority: 0 # noqa var-naming
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_entrypoints: "{{ matrix_synapse_container_labels_traefik_entrypoints }}" # noqa var-naming
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls: "{{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_entrypoints != 'web' }}" # noqa var-naming
matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_bot_draupnir_container_labels_traefik_hostname: "{{ matrix_synapse_container_labels_traefik_hostname }}"
matrix_bot_draupnir_container_labels_traefik_path_regexp: "^/_matrix/client/(r0|v3)/rooms/([^/]*)/report/"
matrix_bot_draupnir_container_labels_traefik_rule: "Host(`{{ matrix_bot_draupnir_container_labels_traefik_hostname }}`) && PathRegexp(`{{ matrix_bot_draupnir_container_labels_traefik_path_regexp }}`)"
matrix_bot_draupnir_container_labels_traefik_priority: 0
matrix_bot_draupnir_container_labels_traefik_entrypoints: "{{ matrix_synapse_container_labels_traefik_entrypoints }}"
matrix_bot_draupnir_container_labels_traefik_tls: "{{ matrix_bot_draupnir_container_labels_traefik_entrypoints != 'web' }}"
matrix_bot_draupnir_container_labels_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# matrix_bot_draupnir_container_labels_traefik_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#

7
roles/custom/matrix-bot-draupnir/tasks/validate_config.yml
View File

@ -24,13 +24,6 @@
- {'old': 'matrix_bot_draupnir_web_enabled', 'new': 'matrix_bot_draupnir_config_web_enabled'}
- {'old': 'matrix_bot_draupnir_abuse_reporting_enabled', 'new': 'matrix_bot_draupnir_config_web_abuseReporting'}
- {'old': 'matrix_bot_draupnir_display_reports', 'new': 'matrix_bot_draupnir_config_displayReports'}
- {'old': 'matrix_bot_draupnir_container_labels_traefik_hostname', 'new': 'matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_hostname'}
- {'old': 'matrix_bot_draupnir_container_labels_traefik_path_regexp', 'new': 'matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_path_regexp'}
- {'old': 'matrix_bot_draupnir_container_labels_traefik_rule', 'new': 'matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_rule'}
- {'old': 'matrix_bot_draupnir_container_labels_traefik_priority', 'new': 'matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_priority'}
- {'old': 'matrix_bot_draupnir_container_labels_traefik_entrypoints', 'new': 'matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_entrypoints'}
- {'old': 'matrix_bot_draupnir_container_labels_traefik_tls', 'new': 'matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls'}
- {'old': 'matrix_bot_draupnir_container_labels_traefik_tls_certResolver', 'new': 'matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls_certResolver'}
- name: Fail if required matrix-bot-draupnir variables are undefined
ansible.builtin.fail:

35
roles/custom/matrix-bot-draupnir/templates/labels.j2
View File

@ -1,6 +1,5 @@
{#
SPDX-FileCopyrightText: 2024 MDAD project contributors
SPDX-FileCopyrightText: 2025 Catalan Lover <catalanlover@protonmail.com>
SPDX-License-Identifier: AGPL-3.0-or-later
#}
@ -14,7 +13,6 @@ traefik.docker.network={{ matrix_bot_draupnir_container_labels_traefik_docker_ne
traefik.http.services.matrix-bot-draupnir.loadbalancer.server.port=8080
{% if matrix_bot_draupnir_config_web_abuseReporting %}
############################################################
# #
# Abuse Reports (/_matrix/client/../rooms/../report) #
@ -23,32 +21,32 @@ traefik.http.services.matrix-bot-draupnir.loadbalancer.server.port=8080
{% set middlewares = [] %}
traefik.http.middlewares.matrix-bot-draupnir-web-abuseReporting-redirect.replacepathregex.regex={{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_path_regexp }}
traefik.http.middlewares.matrix-bot-draupnir-web-abuseReporting-redirect.replacepathregex.replacement=/api/1/report/$2/$3
traefik.http.middlewares.matrix-bot-draupnir-redirect.replacepathregex.regex=^/_matrix/client/(r0|v3)/rooms/([^/]*)/report/(.*)$
traefik.http.middlewares.matrix-bot-draupnir-redirect.replacepathregex.replacement=/api/1/report/$2/$3
{% set middlewares = middlewares + ['matrix-bot-draupnir-web-abuseReporting-redirect'] %}
{% set middlewares = middlewares + ['matrix-bot-draupnir-redirect'] %}
traefik.http.middlewares.matrix-bot-draupnir-web-abuseReporting-cors.headers.accesscontrolalloworiginlist=*
traefik.http.middlewares.matrix-bot-draupnir-web-abuseReporting-cors.headers.accesscontrolallowheaders=Content-Type,Authorization
traefik.http.middlewares.matrix-bot-draupnir-web-abuseReporting-cors.headers.accesscontrolallowmethods=POST,OPTIONS
traefik.http.middlewares.matrix-bot-draupnir-cors.headers.accesscontrolalloworiginlist=*
traefik.http.middlewares.matrix-bot-draupnir-cors.headers.accesscontrolallowheaders=Content-Type,Authorization
traefik.http.middlewares.matrix-bot-draupnir-cors.headers.accesscontrolallowmethods=POST,OPTIONS
{% set middlewares = middlewares + ['matrix-bot-draupnir-web-abuseReporting-cors'] %}
{% set middlewares = middlewares + ['matrix-bot-draupnir-cors'] %}
traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.rule={{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_rule }}
traefik.http.routers.matrix-bot-draupnir.rule={{ matrix_bot_draupnir_container_labels_traefik_rule }}
{% if matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_priority | int > 0 %}
traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.priority={{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_priority }}
{% if matrix_bot_draupnir_container_labels_traefik_priority | int > 0 %}
traefik.http.routers.matrix-bot-draupnir.priority={{ matrix_bot_draupnir_container_labels_traefik_priority }}
{% endif %}
{% if middlewares | length > 0 %}
traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.middlewares={{ middlewares | join(',') }}
traefik.http.routers.matrix-bot-draupnir.middlewares={{ middlewares | join(',') }}
{% endif %}
traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.service=matrix-bot-draupnir
traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.entrypoints={{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_entrypoints }}
traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.tls={{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls | to_json }}
traefik.http.routers.matrix-bot-draupnir.service=matrix-bot-draupnir
traefik.http.routers.matrix-bot-draupnir.entrypoints={{ matrix_bot_draupnir_container_labels_traefik_entrypoints }}
traefik.http.routers.matrix-bot-draupnir.tls={{ matrix_bot_draupnir_container_labels_traefik_tls | to_json }}
{% if matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls %}
traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.tls.certResolver={{ matrix_bot_draupnir_container_labels_web_abuseReporting_traefik_tls_certResolver }}
{% if matrix_bot_draupnir_container_labels_traefik_tls %}
traefik.http.routers.matrix-bot-draupnir.tls.certResolver={{ matrix_bot_draupnir_container_labels_traefik_tls_certResolver }}
{% endif %}
############################################################
@ -57,6 +55,5 @@ traefik.http.routers.matrix-bot-draupnir-web-abuseReporting.tls.certResolver={{
# #
############################################################
{% endif %}
{% endif %}
{{ matrix_bot_draupnir_container_labels_traefik_labels_additional_labels }}

2
roles/custom/matrix-bot-honoroit/defaults/main.yml
View File

@ -30,7 +30,7 @@ matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}"
matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
# renovate: datasource=docker depName=ghcr.io/etkecc/honoroit
matrix_bot_honoroit_version: v0.9.28
matrix_bot_honoroit_version: v0.9.27
matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_registry_prefix }}etkecc/honoroit:{{ matrix_bot_honoroit_version }}"
matrix_bot_honoroit_docker_image_registry_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else matrix_bot_honoroit_docker_image_registry_prefix_upstream }}"
matrix_bot_honoroit_docker_image_registry_prefix_upstream: "{{ matrix_bot_honoroit_docker_image_registry_prefix_upstream_default }}"

1
roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml
View File

@ -167,6 +167,5 @@ matrix_beeper_linkedin_registration_yaml: |
- exclusive: true
regex: '^@{{ matrix_beeper_linkedin_appservice_bot_username | regex_escape }}:{{ matrix_beeper_linkedin_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_beeper_linkedin_registration: "{{ matrix_beeper_linkedin_registration_yaml | from_yaml }}"

2
roles/custom/matrix-bridge-beeper-linkedin/templates/config.yaml.j2
View File

@ -67,7 +67,7 @@ appservice:
bot_username: {{ matrix_beeper_linkedin_appservice_bot_username | to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: {{ matrix_beeper_linkedin_appservice_bot_displayname | to_json(ensure_ascii=False) }}
bot_displayname: {{ matrix_beeper_linkedin_appservice_bot_displayname | to_json }}
bot_avatar: {{ matrix_beeper_linkedin_appservice_bot_avatar | to_json }}
# Whether or not to receive ephemeral events via appservice transactions.

1
roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml
View File

@ -159,6 +159,5 @@ matrix_go_skype_bridge_registration_yaml: |
- exclusive: true
regex: '^@{{ matrix_go_skype_bridge_appservice_bot_username | regex_escape }}:{{ matrix_go_skype_bridge_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_go_skype_bridge_registration: "{{ matrix_go_skype_bridge_registration_yaml | from_yaml }}"

2
roles/custom/matrix-bridge-heisenbridge/defaults/main.yml
View File

@ -19,7 +19,7 @@ matrix_heisenbridge_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_heisenbridge_path_prefix: "/heisenbridge"
# renovate: datasource=docker depName=hif1/heisenbridge
matrix_heisenbridge_version: 1.15.3
matrix_heisenbridge_version: 1.15.2
matrix_heisenbridge_docker_image: "{{ matrix_heisenbridge_docker_image_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
matrix_heisenbridge_docker_image_registry_prefix: "{{ matrix_heisenbridge_docker_image_registry_prefix_upstream }}"
matrix_heisenbridge_docker_image_registry_prefix_upstream: "{{ matrix_heisenbridge_docker_image_registry_prefix_upstream_default }}"

2
roles/custom/matrix-bridge-hookshot/templates/config.yaml.j2
View File

@ -103,7 +103,7 @@ passFile:
bot:
# (Optional) Define profile information for the bot user
#
displayname: {{ matrix_hookshot_bot_displayname | to_json(ensure_ascii=False) }}
displayname: {{ matrix_hookshot_bot_displayname | to_json }}
avatar: {{ matrix_hookshot_bot_avatar | to_json }}
metrics:
# (Optional) Prometheus metrics support

1
roles/custom/matrix-bridge-hookshot/templates/registration.yml.j2
View File

@ -32,6 +32,5 @@ rate_limited: false
{% if matrix_hookshot_encryption_enabled %}
de.sorunome.msc2409.push_ephemeral: true
push_ephemeral: true
receive_ephemeral: true
org.matrix.msc3202: true
{% endif %}

3
roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml
View File

@ -31,8 +31,6 @@ matrix_mautrix_bluesky_homeserver_address: ""
matrix_mautrix_bluesky_homeserver_domain: '{{ matrix_domain }}'
matrix_mautrix_bluesky_appservice_address: 'http://matrix-mautrix-bluesky:29340'
matrix_mautrix_bluesky_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
# A public address that external services can use to reach this appservice.
matrix_mautrix_bluesky_appservice_public_address: ''
@ -189,7 +187,6 @@ matrix_mautrix_bluesky_registration_yaml: |
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_bluesky_msc4190_enabled | to_json }}
matrix_mautrix_bluesky_registration: "{{ matrix_mautrix_bluesky_registration_yaml | from_yaml }}"

11
roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2
View File

@ -199,7 +199,7 @@ appservice:
username: {{ matrix_mautrix_bluesky_appservice_bot_username | to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: {{ matrix_mautrix_bluesky_appservice_bot_displayname | to_json(ensure_ascii=False) }}
displayname: {{ matrix_mautrix_bluesky_appservice_bot_displayname | to_json }}
avatar: {{ matrix_mautrix_bluesky_appservice_bot_avatar | to_json }}
# Whether to receive ephemeral events via appservice transactions.
@ -209,6 +209,10 @@ appservice:
# However, messages will not be guaranteed to be bridged in the same order they were sent in.
# This value doesn't affect the registration file.
async_transactions: false
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
msc4190: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: {{ matrix_mautrix_bluesky_appservice_token | to_json }}
@ -354,11 +358,6 @@ encryption:
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: {{ matrix_mautrix_bluesky_bridge_encryption_appservice | to_json }}
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_bluesky_msc4190_enabled | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_bluesky_bridge_encryption_key_sharing_allow | to_json }}

3
roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml
View File

@ -21,7 +21,7 @@ matrix_mautrix_discord_container_image_self_build_repo: "https://mau.dev/mautrix
matrix_mautrix_discord_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_discord_version == 'latest' else matrix_mautrix_discord_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/discord
matrix_mautrix_discord_version: v0.7.3
matrix_mautrix_discord_version: v0.7.2
# See: https://mau.dev/mautrix/discord/container_registry
matrix_mautrix_discord_docker_image: "{{ matrix_mautrix_discord_docker_image_registry_prefix }}mautrix/discord:{{ matrix_mautrix_discord_version }}"
@ -224,7 +224,6 @@ matrix_mautrix_discord_registration_yaml: |
- exclusive: true
regex: '^@{{ matrix_mautrix_discord_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_discord_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mautrix_discord_registration: "{{ matrix_mautrix_discord_registration_yaml | from_yaml }}"

2
roles/custom/matrix-bridge-mautrix-discord/templates/config.yaml.j2
View File

@ -61,7 +61,7 @@ appservice:
username: {{ matrix_mautrix_discord_appservice_bot_username | to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: {{ matrix_mautrix_discord_appservice_bot_displayname | to_json(ensure_ascii=False) }}
displayname: {{ matrix_mautrix_discord_appservice_bot_displayname | to_json }}
avatar: {{ matrix_mautrix_discord_appservice_bot_avatar | to_json }}
# Whether or not to receive ephemeral events via appservice transactions.

1
roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml
View File

@ -214,7 +214,6 @@ matrix_mautrix_facebook_registration_yaml: |
sender_localpart: _bot_{{ matrix_mautrix_facebook_appservice_bot_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mautrix_facebook_registration: "{{ matrix_mautrix_facebook_registration_yaml | from_yaml }}"

4
roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
View File

@ -36,8 +36,6 @@ matrix_mautrix_gmessages_homeserver_address: ""
matrix_mautrix_gmessages_homeserver_domain: "{{ matrix_domain }}"
matrix_mautrix_gmessages_appservice_address: "http://matrix-mautrix-gmessages:8080"
matrix_mautrix_gmessages_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
matrix_mautrix_gmessages_backfill_enabled: true
matrix_mautrix_gmessages_backfill_max_initial_messages: 50
matrix_mautrix_gmessages_backfill_max_catchup_messages: 500
@ -214,7 +212,5 @@ matrix_mautrix_gmessages_registration_yaml: |
- exclusive: true
regex: '^@{{ matrix_mautrix_gmessages_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_gmessages_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_gmessages_msc4190_enabled | to_json }}
matrix_mautrix_gmessages_registration: "{{ matrix_mautrix_gmessages_registration_yaml | from_yaml }}"

5
roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2
View File

@ -354,11 +354,6 @@ encryption:
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: {{ matrix_mautrix_gmessages_bridge_encryption_appservice | to_json }}
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_gmessages_msc4190_enabled | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow | to_json }}

1
roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml
View File

@ -199,7 +199,6 @@ matrix_mautrix_googlechat_registration_yaml: |
sender_localpart: _bot_{{ matrix_mautrix_googlechat_appservice_bot_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mautrix_googlechat_registration: "{{ matrix_mautrix_googlechat_registration_yaml | from_yaml }}"

1
roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml
View File

@ -183,7 +183,6 @@ matrix_mautrix_instagram_registration_yaml: |
sender_localpart: _bot_{{ matrix_mautrix_instagram_appservice_bot_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mautrix_instagram_registration: "{{ matrix_mautrix_instagram_registration_yaml | from_yaml }}"

6
roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
View File

@ -20,7 +20,7 @@ matrix_mautrix_meta_instagram_enabled: true
matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_instagram_version: v0.4.6
matrix_mautrix_meta_instagram_version: v0.4.5
matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram"
matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config"
@ -123,8 +123,6 @@ matrix_mautrix_meta_instagram_appservice_address: "http://{{ matrix_mautrix_meta
matrix_mautrix_meta_instagram_appservice_id: "{{ matrix_mautrix_meta_instagram_meta_mode }}"
matrix_mautrix_meta_instagram_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
# For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons:
# - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger
# - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com`
@ -299,7 +297,5 @@ matrix_mautrix_meta_instagram_registration_yaml: |
sender_localpart: _bot_{{ matrix_mautrix_meta_instagram_appservice_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_meta_instagram_msc4190_enabled | to_json }}
matrix_mautrix_meta_instagram_registration: "{{ matrix_mautrix_meta_instagram_registration_yaml | from_yaml }}"

7
roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2
View File

@ -212,7 +212,7 @@ appservice:
username: {{ matrix_mautrix_meta_instagram_appservice_username | to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: {{ matrix_mautrix_meta_instagram_appservice_displayname | to_json(ensure_ascii=False) }}
displayname: {{ matrix_mautrix_meta_instagram_appservice_displayname | to_json }}
avatar: {{ matrix_mautrix_meta_instagram_appservice_avatar | to_json }}
# Whether to receive ephemeral events via appservice transactions.
@ -367,11 +367,6 @@ encryption:
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: {{ matrix_mautrix_meta_instagram_bridge_encryption_appservice | to_json }}
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_meta_instagram_msc4190_enabled | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_meta_instagram_bridge_encryption_allow_key_sharing | to_json }}

6
roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
View File

@ -20,7 +20,7 @@ matrix_mautrix_meta_messenger_enabled: true
matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_messenger_version: v0.4.6
matrix_mautrix_meta_messenger_version: v0.4.5
matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger"
matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config"
@ -123,8 +123,6 @@ matrix_mautrix_meta_messenger_appservice_address: "http://{{ matrix_mautrix_meta
matrix_mautrix_meta_messenger_appservice_id: "{{ matrix_mautrix_meta_messenger_meta_mode }}"
matrix_mautrix_meta_messenger_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
# For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons:
# - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger
# - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com`
@ -299,7 +297,5 @@ matrix_mautrix_meta_messenger_registration_yaml: |
sender_localpart: _bot_{{ matrix_mautrix_meta_messenger_appservice_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_meta_messenger_msc4190_enabled | to_json }}
matrix_mautrix_meta_messenger_registration: "{{ matrix_mautrix_meta_messenger_registration_yaml | from_yaml }}"

7
roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2
View File

@ -212,7 +212,7 @@ appservice:
username: {{ matrix_mautrix_meta_messenger_appservice_username | to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: {{ matrix_mautrix_meta_messenger_appservice_displayname | to_json(ensure_ascii=False) }}
displayname: {{ matrix_mautrix_meta_messenger_appservice_displayname | to_json }}
avatar: {{ matrix_mautrix_meta_messenger_appservice_avatar | to_json }}
# Whether to receive ephemeral events via appservice transactions.
@ -367,11 +367,6 @@ encryption:
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: {{ matrix_mautrix_meta_messenger_bridge_encryption_appservice | to_json }}
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_meta_messenger_msc4190_enabled | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_meta_messenger_bridge_encryption_allow_key_sharing | to_json }}

6
roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
View File

@ -25,7 +25,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/
matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
matrix_mautrix_signal_version: v0.8.2
matrix_mautrix_signal_version: v0.8.1
# See: https://mau.dev/mautrix/signal/container_registry
matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_registry_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}"
@ -44,8 +44,6 @@ matrix_mautrix_signal_homeserver_address: ""
matrix_mautrix_signal_homeserver_domain: "{{ matrix_domain }}"
matrix_mautrix_signal_appservice_address: "http://matrix-mautrix-signal:8080"
matrix_mautrix_signal_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
matrix_mautrix_signal_command_prefix: "!signal"
matrix_mautrix_signal_bridge_permissions: |
@ -212,8 +210,6 @@ matrix_mautrix_signal_registration_yaml: |
- exclusive: true
regex: '^@{{ matrix_mautrix_signal_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_signal_msc4190_enabled | to_json }}
matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml | from_yaml }}"

5
roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2
View File

@ -334,11 +334,6 @@ encryption:
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: false
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_signal_msc4190_enabled | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_signal_bridge_encryption_key_sharing_allow | to_json }}

6
roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml
View File

@ -17,7 +17,7 @@ matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/s
matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/slack
matrix_mautrix_slack_version: v0.2.1
matrix_mautrix_slack_version: v0.2.0
# See: https://mau.dev/mautrix/slack/container_registry
matrix_mautrix_slack_docker_image: "{{ matrix_mautrix_slack_docker_image_registry_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}"
matrix_mautrix_slack_docker_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_slack_container_image_self_build else matrix_mautrix_slack_docker_image_registry_prefix_upstream }}"
@ -34,8 +34,6 @@ matrix_mautrix_slack_homeserver_address: ""
matrix_mautrix_slack_homeserver_domain: "{{ matrix_domain }}"
matrix_mautrix_slack_appservice_address: "http://matrix-mautrix-slack:8080"
matrix_mautrix_slack_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
matrix_mautrix_slack_command_prefix: "!slack"
matrix_mautrix_slack_bridge_permissions: |
@ -153,8 +151,6 @@ matrix_mautrix_slack_registration_yaml: |
- exclusive: true
regex: '^@{{ matrix_mautrix_slack_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_slack_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_slack_msc4190_enabled | to_json }}
matrix_mautrix_slack_registration: "{{ matrix_mautrix_slack_registration_yaml | from_yaml }}"

5
roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2
View File

@ -371,11 +371,6 @@ encryption:
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: false
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_slack_msc4190_enabled | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_slack_bridge_encryption_key_sharing_allow | to_json }}

5
roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
View File

@ -84,8 +84,6 @@ matrix_mautrix_telegram_appservice_public_external: '{{ matrix_mautrix_telegram_
matrix_mautrix_telegram_appservice_bot_username: telegrambot
matrix_mautrix_telegram_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
# Specifies the default log level for all bridge loggers.
matrix_mautrix_telegram_logging_level: WARNING
@ -243,8 +241,7 @@ matrix_mautrix_telegram_registration_yaml: |
url: {{ matrix_mautrix_telegram_appservice_address }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_telegram_msc4190_enabled | to_json }}
# sender_localpart: "bridges_{{ matrix_mautrix_telegram_sender_localpart }}"
matrix_mautrix_telegram_registration: "{{ matrix_mautrix_telegram_registration_yaml | from_yaml }}"

5
roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2
View File

@ -269,11 +269,6 @@ bridge:
default: {{ matrix_mautrix_telegram_bridge_encryption_default|to_json }}
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
appservice: false
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_telegram_msc4190_enabled | to_json }}
# Require encryption, drop any unencrypted messages.
require: false
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.

5
roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml
View File

@ -22,7 +22,7 @@ matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/maut
matrix_mautrix_twitter_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_twitter_version == 'latest' else matrix_mautrix_twitter_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/twitter
matrix_mautrix_twitter_version: v0.4.0
matrix_mautrix_twitter_version: v0.3.0
# See: https://mau.dev/tulir/mautrix-twitter/container_registry
matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_registry_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}"
matrix_mautrix_twitter_docker_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else matrix_mautrix_twitter_docker_image_registry_prefix_upstream }}"
@ -39,8 +39,6 @@ matrix_mautrix_twitter_homeserver_address: ""
matrix_mautrix_twitter_homeserver_domain: '{{ matrix_domain }}'
matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29327'
matrix_mautrix_twitter_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
# A public address that external services can use to reach this appservice.
matrix_mautrix_twitter_appservice_public_address: ''
@ -198,7 +196,6 @@ matrix_mautrix_twitter_registration_yaml: |
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_twitter_msc4190_enabled | to_json }}
matrix_mautrix_twitter_registration: "{{ matrix_mautrix_twitter_registration_yaml | from_yaml }}"

5
roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2
View File

@ -199,7 +199,7 @@ appservice:
username: {{ matrix_mautrix_twitter_appservice_bot_username | to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
displayname: {{ matrix_mautrix_twitter_appservice_bot_displayname | to_json(ensure_ascii=False) }}
displayname: {{ matrix_mautrix_twitter_appservice_bot_displayname | to_json }}
avatar: {{ matrix_mautrix_twitter_appservice_bot_avatar | to_json }}
# Whether to receive ephemeral events via appservice transactions.
@ -212,8 +212,7 @@ appservice:
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_twitter_msc4190_enabled | to_json }}
msc4190: false
# Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
as_token: {{ matrix_mautrix_twitter_appservice_token | to_json }}

8
roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
View File

@ -28,7 +28,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp
matrix_mautrix_whatsapp_version: v0.12.0
matrix_mautrix_whatsapp_version: v0.11.4
# See: https://mau.dev/mautrix/whatsapp/container_registry
matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_registry_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
@ -46,8 +46,6 @@ matrix_mautrix_whatsapp_homeserver_address: ""
matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}"
matrix_mautrix_whatsapp_appservice_address: "http://matrix-mautrix-whatsapp:8080"
matrix_mautrix_whatsapp_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
matrix_mautrix_whatsapp_extev_polls: false
matrix_mautrix_whatsapp_command_prefix: "!wa"
@ -226,12 +224,10 @@ matrix_mautrix_whatsapp_registration_yaml: |
rate_limited: false
namespaces:
users:
- regex: '^@whatsapp_.*:{{ matrix_mautrix_whatsapp_homeserver_domain | regex_escape }}$'
- regex: '^@whatsapp_[0-9]+:{{ matrix_mautrix_whatsapp_homeserver_domain | regex_escape }}$'
exclusive: true
- exclusive: true
regex: '^@{{ matrix_mautrix_whatsapp_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_whatsapp_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
io.element.msc4190: {{ matrix_mautrix_whatsapp_msc4190_enabled | to_json }}
matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml | from_yaml }}"

5
roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2
View File

@ -445,11 +445,6 @@ encryption:
# Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
# This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
appservice: false
# Whether to use MSC4190 instead of appservice login to create the bridge bot device.
# Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
# Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
# Changing this option requires updating the appservice registration file.
msc4190: {{ matrix_mautrix_whatsapp_msc4190_enabled | to_json }}
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow | to_json }}

1
roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml
View File

@ -139,6 +139,5 @@ matrix_mx_puppet_discord_registration_yaml: |
sender_localpart: _discordpuppet_bot
url: {{ matrix_mx_puppet_discord_appservice_address }}
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mx_puppet_discord_registration: "{{ matrix_mx_puppet_discord_registration_yaml | from_yaml }}"

1
roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml
View File

@ -133,6 +133,5 @@ matrix_mx_puppet_groupme_registration_yaml: |
sender_localpart: _groupmepuppet_bot
url: {{ matrix_mx_puppet_groupme_appservice_address }}
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mx_puppet_groupme_registration: "{{ matrix_mx_puppet_groupme_registration_yaml | from_yaml }}"

1
roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml
View File

@ -127,6 +127,5 @@ matrix_mx_puppet_instagram_registration_yaml: |
sender_localpart: _instagrampuppet_bot
url: {{ matrix_mx_puppet_instagram_appservice_address }}
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mx_puppet_instagram_registration: "{{ matrix_mx_puppet_instagram_registration_yaml | from_yaml }}"

1
roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml
View File

@ -179,6 +179,5 @@ matrix_mx_puppet_slack_registration_yaml: |
sender_localpart: _slackpuppet_bot
url: {{ matrix_mx_puppet_slack_appservice_address }}
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mx_puppet_slack_registration: "{{ matrix_mx_puppet_slack_registration_yaml | from_yaml }}"

1
roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml
View File

@ -134,6 +134,5 @@ matrix_mx_puppet_steam_registration_yaml: |
sender_localpart: _steampuppet_bot
url: {{ matrix_mx_puppet_steam_appservice_address }}
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mx_puppet_steam_registration: "{{ matrix_mx_puppet_steam_registration_yaml | from_yaml }}"

1
roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml
View File

@ -179,6 +179,5 @@ matrix_mx_puppet_twitter_registration_yaml: |
sender_localpart: "{{ matrix_mx_puppet_twitter_bot_localpart }}"
url: {{ matrix_mx_puppet_twitter_appservice_address }}
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mx_puppet_twitter_registration: "{{ matrix_mx_puppet_twitter_registration_yaml | from_yaml }}"

1
roles/custom/matrix-bridge-wechat/defaults/main.yml
View File

@ -150,7 +150,6 @@ matrix_wechat_registration_yaml: |
- exclusive: true
regex: '^@{{ matrix_wechat_appservice_bot_username | regex_escape }}:{{ matrix_wechat_homeserver_domain | regex_escape }}$'
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_wechat_registration: "{{ matrix_wechat_registration_yaml | from_yaml }}"

2
roles/custom/matrix-client-element/defaults/main.yml
View File

@ -29,7 +29,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
# renovate: datasource=docker depName=ghcr.io/element-hq/element-web
matrix_client_element_version: v1.11.99
matrix_client_element_version: v1.11.97
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_registry_prefix }}element-hq/element-web:{{ matrix_client_element_version }}"
matrix_client_element_docker_image_registry_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_client_element_docker_image_registry_prefix_upstream }}"

195
roles/custom/matrix-continuwuity/defaults/main.yml
View File

@ -1,195 +0,0 @@
# SPDX-FileCopyrightText: 2025 MDAD project contributors
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# continuwuity is a continuation of conduwuit (https://conduwuit.puppyirl.gay/).
# Project source code URL: https://forgejo.ellis.link/continuwuation/continuwuity/
# See: https://continuwuity.org/
matrix_continuwuity_enabled: true
matrix_continuwuity_hostname: ''
matrix_continuwuity_docker_image: "{{ matrix_continuwuity_docker_image_registry_prefix }}/continuwuation/continuwuity:{{ matrix_continuwuity_docker_image_tag }}"
# renovate: datasource=docker depName=forgejo.ellis.link/continuwuation/-/packages/container/continuwuity/
matrix_continuwuity_docker_image_tag: main
matrix_continuwuity_docker_image_force_pull: "{{ matrix_continuwuity_docker_image.endswith(':latest') }}"
matrix_continuwuity_docker_image_registry_prefix: "{{ matrix_continuwuity_docker_image_registry_prefix_upstream }}"
matrix_continuwuity_docker_image_registry_prefix_upstream: "{{ matrix_continuwuity_docker_image_registry_prefix_upstream_default }}"
matrix_continuwuity_docker_image_registry_prefix_upstream_default: forgejo.ellis.link
matrix_continuwuity_base_path: "{{ matrix_base_data_path }}/continuwuity"
matrix_continuwuity_config_path: "{{ matrix_continuwuity_base_path }}/config"
matrix_continuwuity_data_path: "{{ matrix_continuwuity_base_path }}/data"
matrix_continuwuity_config_port_number: 6167
matrix_continuwuity_tmp_directory_size_mb: 500
# List of systemd services that matrix-continuwuity.service depends on
matrix_continuwuity_systemd_required_services_list: "{{ matrix_continuwuity_systemd_required_services_list_default + matrix_continuwuity_systemd_required_services_list_auto + matrix_continuwuity_systemd_required_services_list_custom }}"
matrix_continuwuity_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_continuwuity_systemd_required_services_list_auto: []
matrix_continuwuity_systemd_required_services_list_custom: []
# List of systemd services that matrix-continuwuity.service wants
matrix_continuwuity_systemd_wanted_services_list: []
# Controls how long to sleep for after starting the matrix-synapse container.
#
# Delaying, so that the homeserver can manage to fully start and various services
# that depend on it (`matrix_continuwuity_systemd_required_services_list` and `matrix_continuwuity_systemd_wanted_services_list`)
# may only start after the homeserver is up and running.
#
# This can be set to 0 to remove the delay.
matrix_continuwuity_systemd_service_post_start_delay_seconds: 3
# The base container network. It will be auto-created by this role if it doesn't exist already.
matrix_continuwuity_container_network: ""
# A list of additional container networks that the container would be connected to.
# The role does not create these networks, so make sure they already exist.
# Use this to expose this container to another reverse proxy, which runs in a different container network.
matrix_continuwuity_container_additional_networks: "{{ matrix_continuwuity_container_additional_networks_auto + matrix_continuwuity_container_additional_networks_custom }}"
matrix_continuwuity_container_additional_networks_auto: []
matrix_continuwuity_container_additional_networks_custom: []
# matrix_continuwuity_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_continuwuity_container_labels_additional_labels`.
matrix_continuwuity_container_labels_traefik_enabled: true
matrix_continuwuity_container_labels_traefik_docker_network: "{{ matrix_continuwuity_container_network }}"
matrix_continuwuity_container_labels_traefik_entrypoints: web-secure
matrix_continuwuity_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls whether labels will be added for handling the root (/) path on a public Traefik entrypoint.
matrix_continuwuity_container_labels_public_client_root_enabled: true
matrix_continuwuity_container_labels_public_client_root_traefik_hostname: "{{ matrix_continuwuity_hostname }}"
matrix_continuwuity_container_labels_public_client_root_traefik_rule: "Host(`{{ matrix_continuwuity_container_labels_public_client_root_traefik_hostname }}`) && Path(`/`)"
matrix_continuwuity_container_labels_public_client_root_traefik_priority: 0
matrix_continuwuity_container_labels_public_client_root_traefik_entrypoints: "{{ matrix_continuwuity_container_labels_traefik_entrypoints }}"
matrix_continuwuity_container_labels_public_client_root_traefik_tls: "{{ matrix_continuwuity_container_labels_public_client_root_traefik_entrypoints != 'web' }}"
matrix_continuwuity_container_labels_public_client_root_traefik_tls_certResolver: "{{ matrix_continuwuity_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_continuwuity_container_labels_public_client_root_redirection_enabled: false
matrix_continuwuity_container_labels_public_client_root_redirection_url: ""
# Controls whether labels will be added that expose the Client-Server API on a public Traefik entrypoint.
matrix_continuwuity_container_labels_public_client_api_enabled: true
matrix_continuwuity_container_labels_public_client_api_traefik_hostname: "{{ matrix_continuwuity_hostname }}"
matrix_continuwuity_container_labels_public_client_api_traefik_path_prefix: /_matrix
matrix_continuwuity_container_labels_public_client_api_traefik_rule: "Host(`{{ matrix_continuwuity_container_labels_public_client_api_traefik_hostname }}`) && PathPrefix(`{{ matrix_continuwuity_container_labels_public_client_api_traefik_path_prefix }}`)"
matrix_continuwuity_container_labels_public_client_api_traefik_priority: 0
matrix_continuwuity_container_labels_public_client_api_traefik_entrypoints: "{{ matrix_continuwuity_container_labels_traefik_entrypoints }}"
matrix_continuwuity_container_labels_public_client_api_traefik_tls: "{{ matrix_continuwuity_container_labels_public_client_api_traefik_entrypoints != 'web' }}"
matrix_continuwuity_container_labels_public_client_api_traefik_tls_certResolver: "{{ matrix_continuwuity_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# Controls whether labels will be added that expose the Client-Server API on the internal Traefik entrypoint.
# This is similar to `matrix_continuwuity_container_labels_public_client_api_enabled`, but the entrypoint and intent is different.
matrix_continuwuity_container_labels_internal_client_api_enabled: false
matrix_continuwuity_container_labels_internal_client_api_traefik_path_prefix: "{{ matrix_continuwuity_container_labels_public_client_api_traefik_path_prefix }}"
matrix_continuwuity_container_labels_internal_client_api_traefik_rule: "PathPrefix(`{{ matrix_continuwuity_container_labels_internal_client_api_traefik_path_prefix }}`)"
matrix_continuwuity_container_labels_internal_client_api_traefik_priority: "{{ matrix_continuwuity_container_labels_public_client_api_traefik_priority }}"
matrix_continuwuity_container_labels_internal_client_api_traefik_entrypoints: ""
# Controls whether labels will be added that expose the Server-Server API (Federation API) on a public Traefik entrypoint.
matrix_continuwuity_container_labels_public_federation_api_enabled: "{{ matrix_continuwuity_config_allow_federation }}"
matrix_continuwuity_container_labels_public_federation_api_traefik_hostname: "{{ matrix_continuwuity_hostname }}"
matrix_continuwuity_container_labels_public_federation_api_traefik_path_prefix: /_matrix
matrix_continuwuity_container_labels_public_federation_api_traefik_rule: "Host(`{{ matrix_continuwuity_container_labels_public_federation_api_traefik_hostname }}`) && PathPrefix(`{{ matrix_continuwuity_container_labels_public_federation_api_traefik_path_prefix }}`)"
matrix_continuwuity_container_labels_public_federation_api_traefik_priority: 0
matrix_continuwuity_container_labels_public_federation_api_traefik_entrypoints: ''
# TLS is force-enabled here, because the spec (https://spec.matrix.org/v1.9/server-server-api/#tls) says that the federation API must use HTTPS.
matrix_continuwuity_container_labels_public_federation_api_traefik_tls: true
matrix_continuwuity_container_labels_public_federation_api_traefik_tls_certResolver: "{{ matrix_continuwuity_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# Controls whether labels will be added that expose the `/_continuwuity` path prefix on a public Traefik entrypoint.
matrix_continuwuity_container_labels_public_continuwuity_api_enabled: true
matrix_continuwuity_container_labels_public_continuwuity_api_traefik_hostname: "{{ matrix_continuwuity_hostname }}"
matrix_continuwuity_container_labels_public_continuwuity_api_traefik_path_prefix: /_continuwuity
matrix_continuwuity_container_labels_public_continuwuity_api_traefik_rule: "Host(`{{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_hostname }}`) && PathPrefix(`{{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_path_prefix }}`)"
matrix_continuwuity_container_labels_public_continuwuity_api_traefik_priority: 0
matrix_continuwuity_container_labels_public_continuwuity_api_traefik_entrypoints: "{{ matrix_continuwuity_container_labels_traefik_entrypoints }}"
matrix_continuwuity_container_labels_public_continuwuity_api_traefik_tls: "{{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_entrypoints != 'web' }}"
matrix_continuwuity_container_labels_public_continuwuity_api_traefik_tls_certResolver: "{{ matrix_continuwuity_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# matrix_continuwuity_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_continuwuity_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_continuwuity_container_labels_additional_labels: ''
# Extra arguments for the Docker container
matrix_continuwuity_container_extra_arguments: []
# Specifies which template files to use when configuring continuwuity.
# If you'd like to have your own different configuration, feel free to copy and paste
# the original files into your inventory (e.g. in `inventory/host_vars/matrix.example.com/`)
# and then change the specific host's `vars.yml` file like this:
# matrix_continuwuity_template_continuwuity_config: "{{ playbook_dir }}/inventory/host_vars/matrix.example.com/continuwuity.toml.j2"
matrix_continuwuity_template_continuwuity_config: "{{ role_path }}/templates/continuwuity.toml.j2"
# Max size for uploads, in bytes
matrix_continuwuity_config_server_name: "{{ matrix_domain }}"
# Max size for uploads, in bytes
matrix_continuwuity_config_max_request_size: 20_000_000
# Enables registration. If set to false, no users can register on this server.
matrix_continuwuity_config_allow_registration: false
# Controls the `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse` setting.
# This is only used when `matrix_continuwuity_config_allow_registration` is set to true and no registration token is configured.
matrix_continuwuity_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse: false
# Controls the `registration_token` setting.
# When registration is enabled (`matrix_continuwuity_config_allow_registration`) you:
# - either need to set a token to protect registration from abuse
# - or you need to enable the `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse` setting
# (see `matrix_continuwuity_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`),
# to allow registration without any form of 2nd-step.
matrix_continuwuity_config_registration_token: ''
# Controls the `new_user_displayname_suffix` setting.
# This is the suffix that will be added to the displayname of new users.
# Upstream defaults this to "🏳️‍⚧️", but we keep this consistent across all homeserver implementations and do not enable a suffix.
matrix_continuwuity_config_new_user_displayname_suffix: ""
# Controls the `allow_check_for_updates` setting.
matrix_continuwuity_config_allow_check_for_updates: false
# Controls the `emergency_password` setting.
matrix_continuwuity_config_emergency_password: ''
# Controls the `allow_federation` setting.
matrix_continuwuity_config_allow_federation: true
matrix_continuwuity_trusted_servers:
- "matrix.org"
matrix_continuwuity_config_log: "info,state_res=warn,rocket=off,_=off,sled=off"
# TURN integration.
# See: https://continuwuity.org/turn
matrix_continuwuity_config_turn_uris: []
matrix_continuwuity_config_turn_secret: ''
matrix_continuwuity_config_turn_username: ''
matrix_continuwuity_config_turn_password: ''
# Controls whether the self-check feature should validate SSL certificates.
matrix_continuwuity_self_check_validate_certificates: true
# Additional environment variables to pass to the container.
#
# Environment variables take priority over settings in the configuration file.
#
# Example:
# matrix_continuwuity_environment_variables_extension: |
# continuwuity_MAX_REQUEST_SIZE=50000000
# continuwuity_REQUEST_TIMEOUT=60
matrix_continuwuity_environment_variables_extension: ''

64
roles/custom/matrix-continuwuity/tasks/install.yml
View File

@ -1,64 +0,0 @@
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Ensure continuwuity config path exists
ansible.builtin.file:
path: "{{ matrix_continuwuity_config_path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure continuwuity data path exists
ansible.builtin.file:
path: "{{ matrix_continuwuity_data_path }}"
state: directory
mode: 0770
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure continuwuity configuration installed
ansible.builtin.template:
src: "{{ matrix_continuwuity_template_continuwuity_config }}"
dest: "{{ matrix_continuwuity_config_path }}/continuwuity.toml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure continuwuity support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_continuwuity_base_path }}/{{ item }}"
mode: 0640
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- labels
- env
- name: Ensure continuwuity container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_continuwuity_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure continuwuity container image is pulled
community.docker.docker_image:
name: "{{ matrix_continuwuity_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_continuwuity_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_continuwuity_docker_image_force_pull }}"
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- name: Ensure matrix-continuwuity.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-continuwuity.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
mode: 0644

40
roles/custom/matrix-continuwuity/tasks/main.yml
View File

@ -1,40 +0,0 @@
# SPDX-FileCopyrightText: 2025 MDAD project contributors
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- tags:
- setup-all
- setup-continuwuity
- install-all
- install-continuwuity
block:
- when: matrix_continuwuity_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- when: matrix_continuwuity_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
- tags:
- setup-all
- setup-continuwuity
block:
- when: not matrix_continuwuity_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml"
- tags:
- self-check
block:
- when: matrix_continuwuity_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_client_api.yml"
- when: matrix_continuwuity_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/self_check_federation_api.yml"
- tags:
- continuwuity-migrate-from-conduwuit
block:
- when: matrix_continuwuity_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/migrate_from_conduwuit.yml"

83
roles/custom/matrix-continuwuity/tasks/migrate_from_conduwuit.yml
View File

@ -1,83 +0,0 @@
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# This migrates the conduwuit server implementation (`/matrix/conduwuit`) to continuwuity (`/matrix/continuwuity`),
#
# Here, we merely backup the fresh continuwuity folder, relocate conduwuit directory to continuwuity (`/matrix/conduwuit`)
#
# and restore continuwuity labels.
- name: Check existence of conduwuit directory
ansible.builtin.stat:
path: "{{ matrix_base_data_path }}/conduwuit"
register: matrix_conduwuit_directory_stat
- name: Check existence of continuwuity directory
ansible.builtin.stat:
path: "{{ matrix_base_data_path }}/continuwuity"
register: matrix_continuwuity_directory_stat
- when: >
matrix_conduwuit_directory_stat.stat.exists | bool and
matrix_continuwuity_directory_stat.stat.exists | bool
block:
- name: Ensure matrix-continuwuity.service systemd service is stopped
ansible.builtin.systemd:
name: matrix-continuwuity
state: stopped
enabled: false
daemon_reload: true
- name: Ensure continuwuity directory is backed up
ansible.builtin.command:
cmd: "mv {{ matrix_base_data_path }}/continuwuity {{ matrix_base_data_path }}/continuwuity_old"
creates: "{{ matrix_base_data_path }}/continuwuity_old"
removes: "{{ matrix_base_data_path }}/continuwuity"
- name: Ensure conduwuit directory contents are copied to continuwuity
ansible.builtin.copy:
src: "{{ matrix_base_data_path }}/conduwuit/"
dest: "{{ matrix_base_data_path }}/continuwuity"
remote_src: true
mode: preserve
- name: Ensure conduwuit.toml file is renamed
ansible.builtin.command:
cmd: "mv {{ matrix_base_data_path }}/continuwuity/config/conduwuit.toml {{ matrix_base_data_path }}/continuwuity/config/continuwuity.toml"
removes: "{{ matrix_base_data_path }}/continuwuity/config/conduwuit.toml"
- name: Ensure continuwuity labels are restored
ansible.builtin.copy:
src: "{{ matrix_base_data_path }}/continuwuity_old/labels"
dest: "{{ matrix_base_data_path }}/continuwuity/labels"
remote_src: true
force: true
mode: preserve
- name: Ensure directories ownership is set
block:
- name: Set continuwuity ownership
ansible.builtin.file:
path: "{{ matrix_base_data_path }}/continuwuity"
state: directory
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
recurse: true
- name: Set continuwuity_old ownership
ansible.builtin.file:
path: "{{ matrix_base_data_path }}/continuwuity_old"
state: directory
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
recurse: true
- name: Ensure matrix-continuwuity.service systemd service is started
ansible.builtin.systemd:
name: matrix-continuwuity
state: started
enabled: true
daemon_reload: true

28
roles/custom/matrix-continuwuity/tasks/self_check_client_api.yml
View File

@ -1,28 +0,0 @@
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check Matrix Client API
ansible.builtin.uri:
url: "{{ matrix_continuwuity_client_api_url_endpoint_public }}"
follow_redirects: none
validate_certs: "{{ matrix_continuwuity_self_check_validate_certificates }}"
register: result_matrix_continuwuity_client_api
ignore_errors: true
check_mode: false
when: matrix_continuwuity_enabled | bool
delegate_to: 127.0.0.1
become: false
- name: Fail if Matrix Client API not working
ansible.builtin.fail:
msg: "Failed checking Matrix Client API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_continuwuity_client_api_url_endpoint_public }}`). Is continuwuity running? Is port 443 open in your firewall? Full error: {{ result_matrix_continuwuity_client_api }}"
when: "matrix_continuwuity_enabled | bool and (result_matrix_continuwuity_client_api.failed or 'json' not in result_matrix_continuwuity_client_api)"
- name: Report working Matrix Client API
ansible.builtin.debug:
msg: "The Matrix Client API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_continuwuity_client_api_url_endpoint_public }}`) is working"
when: matrix_continuwuity_enabled | bool

32
roles/custom/matrix-continuwuity/tasks/self_check_federation_api.yml
View File

@ -1,32 +0,0 @@
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check Matrix Federation API
ansible.builtin.uri:
url: "{{ matrix_synapse_federation_api_url_endpoint_public }}"
follow_redirects: none
validate_certs: "{{ matrix_synapse_self_check_validate_certificates }}"
register: result_matrix_synapse_federation_api
ignore_errors: true
check_mode: false
when: matrix_synapse_enabled | bool
delegate_to: 127.0.0.1
become: false
- name: Fail if Matrix Federation API not working
ansible.builtin.fail:
msg: "Failed checking Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`). Is Synapse running? Is port {{ matrix_federation_public_port }} open in your firewall? Full error: {{ result_matrix_synapse_federation_api }}"
when: "matrix_synapse_enabled | bool and matrix_synapse_federation_enabled | bool and (result_matrix_synapse_federation_api.failed or 'json' not in result_matrix_synapse_federation_api)"
- name: Fail if Matrix Federation API unexpectedly enabled
ansible.builtin.fail:
msg: "Matrix Federation API is up at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) despite being disabled."
when: "matrix_synapse_enabled | bool and not matrix_synapse_federation_enabled | bool and not result_matrix_synapse_federation_api.failed"
- name: Report working Matrix Federation API
ansible.builtin.debug:
msg: "The Matrix Federation API at `{{ matrix_server_fqn_matrix }}` (checked endpoint: `{{ matrix_synapse_federation_api_url_endpoint_public }}`) is working"
when: "matrix_synapse_enabled | bool and matrix_synapse_federation_enabled | bool"

63
roles/custom/matrix-continuwuity/tasks/setup_install.yml
View File

@ -1,63 +0,0 @@
# SPDX-FileCopyrightText: 2025 MDAD project contributors
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Ensure continuwuity config path exists
ansible.builtin.file:
path: "{{ matrix_continuwuity_config_path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure continuwuity data path exists
ansible.builtin.file:
path: "{{ matrix_continuwuity_data_path }}"
state: directory
mode: 0770
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure continuwuity configuration installed
ansible.builtin.template:
src: "{{ matrix_continuwuity_template_continuwuity_config }}"
dest: "{{ matrix_continuwuity_config_path }}/continuwuity.toml"
mode: 0644
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
- name: Ensure continuwuity support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_continuwuity_base_path }}/{{ item }}"
mode: 0640
owner: "{{ matrix_user_username }}"
group: "{{ matrix_user_groupname }}"
with_items:
- labels
- name: Ensure continuwuity container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_continuwuity_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure continuwuity container image is pulled
community.docker.docker_image:
name: "{{ matrix_continuwuity_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_continuwuity_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_continuwuity_docker_image_force_pull }}"
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- name: Ensure matrix-continuwuity.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-continuwuity.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
mode: 0644

23
roles/custom/matrix-continuwuity/tasks/setup_uninstall.yml
View File

@ -1,23 +0,0 @@
# SPDX-FileCopyrightText: 2025 MDAD project contributors
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check existence of matrix-continuwuity service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
register: matrix_continuwuity_service_stat
- when: matrix_continuwuity_service_stat.stat.exists | bool
block:
- name: Ensure matrix-continuwuity is stopped
ansible.builtin.systemd:
name: matrix-continuwuity
state: stopped
daemon_reload: true
- name: Ensure matrix-continuwuity.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
state: absent

23
roles/custom/matrix-continuwuity/tasks/uninstall.yml
View File

@ -1,23 +0,0 @@
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check existence of matrix-continuwuity service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
register: matrix_continuwuity_service_stat
- when: matrix_continuwuity_service_stat.stat.exists | bool
block:
- name: Ensure matrix-continuwuity is stopped
ansible.builtin.systemd:
name: matrix-continuwuity
state: stopped
daemon_reload: true
- name: Ensure matrix-continuwuity.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-continuwuity.service"
state: absent

15
roles/custom/matrix-continuwuity/tasks/validate_config.yml
View File

@ -1,15 +0,0 @@
# SPDX-FileCopyrightText: 2025 MDAD project contributors
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Fail if required continuwuity settings not defined
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and vars[item.name] == ''"
with_items:
- {'name': 'matrix_continuwuity_hostname', when: true}
- {'name': 'matrix_continuwuity_container_network', when: true}
- {'name': 'matrix_continuwuity_container_labels_internal_client_api_traefik_entrypoints', when: "{{ matrix_continuwuity_container_labels_internal_client_api_enabled }}"}

1546
roles/custom/matrix-continuwuity/templates/continuwuity.toml.j2
View File

File diff suppressed because it is too large Load Diff

1
roles/custom/matrix-continuwuity/templates/env.j2
View File

@ -1 +0,0 @@
{{ matrix_continuwuity_environment_variables_extension }}

3
roles/custom/matrix-continuwuity/templates/env.j2.license
View File

@ -1,3 +0,0 @@
SPDX-FileCopyrightText: 2025 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later

173
roles/custom/matrix-continuwuity/templates/labels.j2
View File

@ -1,173 +0,0 @@
{#
SPDX-FileCopyrightText: 2025 MDAD project contributors
SPDX-FileCopyrightText: 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if matrix_continuwuity_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_continuwuity_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_continuwuity_container_labels_traefik_docker_network }}
{% endif %}
traefik.http.services.matrix-continuwuity.loadbalancer.server.port={{ matrix_continuwuity_config_port_number }}
{% if matrix_continuwuity_container_labels_public_client_root_enabled %}
############################################################
# #
# Public Root path (/) #
# #
############################################################
{% set client_root_middlewares = [] %}
{% if matrix_continuwuity_container_labels_public_client_root_redirection_enabled %}
{% set client_root_middlewares = client_root_middlewares + ['matrix-continuwuity-client-root-redirect'] %}
traefik.http.middlewares.matrix-continuwuity-client-root-redirect.redirectregex.regex=(.*)
traefik.http.middlewares.matrix-continuwuity-client-root-redirect.redirectregex.replacement={{ matrix_continuwuity_container_labels_public_client_root_redirection_url }}
{% endif %}
traefik.http.routers.matrix-continuwuity-public-client-root.rule={{ matrix_continuwuity_container_labels_public_client_root_traefik_rule }}
traefik.http.routers.matrix-continuwuity-public-client-root.middlewares={{ client_root_middlewares | join(',') }}
{% if matrix_continuwuity_container_labels_public_client_root_traefik_priority | int > 0 %}
traefik.http.routers.matrix-continuwuity-public-client-root.priority={{ matrix_continuwuity_container_labels_public_client_root_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-continuwuity-public-client-root.service=matrix-continuwuity
traefik.http.routers.matrix-continuwuity-public-client-root.entrypoints={{ matrix_continuwuity_container_labels_public_client_root_traefik_entrypoints }}
traefik.http.routers.matrix-continuwuity-public-client-root.tls={{ matrix_continuwuity_container_labels_public_client_root_traefik_tls | to_json }}
{% if matrix_continuwuity_container_labels_public_client_root_traefik_tls %}
traefik.http.routers.matrix-continuwuity-public-client-root.tls.certResolver={{ matrix_continuwuity_container_labels_public_client_root_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Public Root path (/) #
# #
############################################################
{% endif %}
{% if matrix_continuwuity_container_labels_public_client_api_enabled %}
############################################################
# #
# Public Client-API (/_matrix) #
# #
############################################################
traefik.http.routers.matrix-continuwuity-public-client-api.rule={{ matrix_continuwuity_container_labels_public_client_api_traefik_rule }}
{% if matrix_continuwuity_container_labels_public_client_api_traefik_priority | int > 0 %}
traefik.http.routers.matrix-continuwuity-public-client-api.priority={{ matrix_continuwuity_container_labels_public_client_api_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-continuwuity-public-client-api.service=matrix-continuwuity
traefik.http.routers.matrix-continuwuity-public-client-api.entrypoints={{ matrix_continuwuity_container_labels_public_client_api_traefik_entrypoints }}
traefik.http.routers.matrix-continuwuity-public-client-api.tls={{ matrix_continuwuity_container_labels_public_client_api_traefik_tls | to_json }}
{% if matrix_continuwuity_container_labels_public_client_api_traefik_tls %}
traefik.http.routers.matrix-continuwuity-public-client-api.tls.certResolver={{ matrix_continuwuity_container_labels_public_client_api_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Public Client-API (/_matrix) #
# #
############################################################
{% endif %}
{% if matrix_continuwuity_container_labels_internal_client_api_enabled %}
############################################################
# #
# Internal Client-API (/_matrix) #
# #
############################################################
traefik.http.routers.matrix-continuwuity-internal-client-api.rule={{ matrix_continuwuity_container_labels_internal_client_api_traefik_rule }}
{% if matrix_continuwuity_container_labels_internal_client_api_traefik_priority | int > 0 %}
traefik.http.routers.matrix-continuwuity-internal-client-api.priority={{ matrix_continuwuity_container_labels_internal_client_api_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-continuwuity-internal-client-api.service=matrix-continuwuity
traefik.http.routers.matrix-continuwuity-internal-client-api.entrypoints={{ matrix_continuwuity_container_labels_internal_client_api_traefik_entrypoints }}
############################################################
# #
# /Internal Client-API (/_matrix) #
# #
############################################################
{% endif %}
{% if matrix_continuwuity_container_labels_public_federation_api_enabled %}
############################################################
# #
# Public Federation-API (/_matrix) #
# #
############################################################
traefik.http.routers.matrix-continuwuity-public-federation-api.rule={{ matrix_continuwuity_container_labels_public_federation_api_traefik_rule }}
{% if matrix_continuwuity_container_labels_public_federation_api_traefik_priority | int > 0 %}
traefik.http.routers.matrix-continuwuity-public-federation-api.priority={{ matrix_continuwuity_container_labels_public_federation_api_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-continuwuity-public-federation-api.service=matrix-continuwuity
traefik.http.routers.matrix-continuwuity-public-federation-api.entrypoints={{ matrix_continuwuity_container_labels_public_federation_api_traefik_entrypoints }}
traefik.http.routers.matrix-continuwuity-public-federation-api.tls={{ matrix_continuwuity_container_labels_public_federation_api_traefik_tls | to_json }}
{% if matrix_continuwuity_container_labels_public_federation_api_traefik_tls %}
traefik.http.routers.matrix-continuwuity-public-federation-api.tls.certResolver={{ matrix_continuwuity_container_labels_public_federation_api_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Public Federation-API (/_matrix) #
# #
############################################################
{% endif %}
{% if matrix_continuwuity_container_labels_public_continuwuity_api_enabled %}
############################################################
# #
# Public continuwuity-API (/_continuwuity) #
# #
############################################################
traefik.http.routers.matrix-continuwuity-public-continuwuity-api.rule={{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_rule }}
{% if matrix_continuwuity_container_labels_public_continuwuity_api_traefik_priority | int > 0 %}
traefik.http.routers.matrix-continuwuity-public-continuwuity-api.priority={{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-continuwuity-public-continuwuity-api.service=matrix-continuwuity
traefik.http.routers.matrix-continuwuity-public-continuwuity-api.entrypoints={{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_entrypoints }}
traefik.http.routers.matrix-continuwuity-public-continuwuity-api.tls={{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_tls | to_json }}
{% if matrix_continuwuity_container_labels_public_continuwuity_api_traefik_tls %}
traefik.http.routers.matrix-continuwuity-public-continuwuity-api.tls.certResolver={{ matrix_continuwuity_container_labels_public_continuwuity_api_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Public continuwuity-API (/_continuwuity) #
# #
############################################################
{% endif %}
{% endif %}
{{ matrix_continuwuity_container_labels_additional_labels }}

52
roles/custom/matrix-continuwuity/templates/systemd/matrix-continuwuity.service.j2
View File

@ -1,52 +0,0 @@
#jinja2: lstrip_blocks: "True"
[Unit]
Description=continuwuity Matrix homeserver
{% for service in matrix_continuwuity_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-continuwuity 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-continuwuity 2>/dev/null || true'
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-continuwuity \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--read-only \
--tmpfs=/tmp:rw,noexec,nosuid,size={{ matrix_continuwuity_tmp_directory_size_mb }}m \
--network={{ matrix_continuwuity_container_network }} \
--env CONDUWUIT_CONFIG=/etc/continuwuity/continuwuity.toml \
--env CONDUWUIT_DATABASE_PATH=/var/lib/continuwuity \
--label-file={{ matrix_continuwuity_base_path }}/labels \
--mount type=bind,src={{ matrix_continuwuity_data_path }},dst=/var/lib/continuwuity \
--mount type=bind,src={{ matrix_continuwuity_config_path }},dst=/etc/continuwuity,ro \
{% for arg in matrix_continuwuity_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_continuwuity_docker_image }}
{% for network in matrix_continuwuity_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-continuwuity
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-continuwuity
{% if matrix_continuwuity_systemd_service_post_start_delay_seconds != 0 %}
ExecStartPost=-{{ matrix_host_command_sleep }} {{ matrix_continuwuity_systemd_service_post_start_delay_seconds }}
{% endif %}
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-continuwuity 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-continuwuity 2>/dev/null || true'
ExecReload={{ devture_systemd_docker_base_host_command_docker }} exec matrix-continuwuity /bin/sh -c 'kill -HUP 1'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-continuwuity
[Install]
WantedBy=multi-user.target

4
roles/custom/matrix-continuwuity/templates/systemd/matrix-continuwuity.service.j2.license
View File

@ -1,4 +0,0 @@
SPDX-FileCopyrightText: 2025 MDAD project contributors
SPDX-FileCopyrightText: 2025 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later

9
roles/custom/matrix-continuwuity/vars/main.yml
View File

@ -1,9 +0,0 @@
# SPDX-FileCopyrightText: 2025 MDAD project contributors
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
matrix_continuwuity_client_api_url_endpoint_public: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}://{{ matrix_continuwuity_hostname }}/_matrix/client/versions"
matrix_continuwuity_federation_api_url_endpoint_public: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}://{{ matrix_continuwuity_hostname }}:{{ matrix_federation_public_port }}/_matrix/federation/v1/version"

3
roles/custom/matrix-dendrite/defaults/main.yml
View File

@ -240,9 +240,6 @@ matrix_dendrite_client_api_rate_limiting_cooloff_ms: 500
# Controls whether people with access to the homeserver can register by themselves.
matrix_dendrite_client_api_registration_disabled: true
# Controls whether guest accounts are disabled
matrix_dendrite_guests_disabled: true
# reCAPTCHA API for validating registration attempts
matrix_dendrite_client_api_enable_registration_captcha: false
matrix_dendrite_client_api_recaptcha_public_key: ""

2
roles/custom/matrix-dendrite/templates/dendrite.yaml.j2
View File

@ -189,7 +189,7 @@ client_api:
# Prevents new guest accounts from being created. Guest registration is also
# disabled implicitly by setting 'registration_disabled' above.
guests_disabled: {{ matrix_dendrite_guests_disabled | to_json }}
guests_disabled: true
# If set, allows registration by anyone who knows the shared secret, regardless of
# whether registration is otherwise disabled.

11
roles/custom/matrix-element-call/defaults/main.yml
View File

@ -11,17 +11,8 @@
matrix_element_call_enabled: false
# Controls whether the Element Call stack (various services around Element Call, without the Element Call frontend itself) are to be installed.
# This affects enablement of other services around Element Call.
#
# By default, we enable the rest of the stack when Element Call itself is enabled,
# but people may wish to enable the stack by itself and avoid installing the Element Call frontend.
# This is useful to do, because self-hosting the Element Call frontend is mostly useless, because
# various clients tend to embed and preferusing their own embedded Element Call frontend, instead of a self-hosted one.
matrix_rtc_enabled: "{{ matrix_element_call_enabled }}"
# renovate: datasource=docker depName=ghcr.io/element-hq/element-call
matrix_element_call_version: v0.10.0
matrix_element_call_version: v0.9.0
matrix_element_call_scheme: https

2
roles/custom/matrix-synapse-admin/defaults/main.yml
View File

@ -25,7 +25,7 @@ matrix_synapse_admin_container_image_self_build: false
matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git"
# renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin
matrix_synapse_admin_version: v0.10.3-etke39
matrix_synapse_admin_version: v0.10.3-etke38
matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_registry_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}"
matrix_synapse_admin_docker_image_registry_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else matrix_synapse_admin_docker_image_registry_prefix_upstream }}"
matrix_synapse_admin_docker_image_registry_prefix_upstream: "{{ matrix_synapse_admin_docker_image_registry_prefix_upstream_default }}"

2
roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml
View File

@ -24,7 +24,7 @@
matrix_synapse_reverse_proxy_companion_enabled: true
# renovate: datasource=docker depName=nginx
matrix_synapse_reverse_proxy_companion_version: 1.28.0-alpine
matrix_synapse_reverse_proxy_companion_version: 1.27.4-alpine
matrix_synapse_reverse_proxy_companion_base_path: "{{ matrix_synapse_base_path }}/reverse-proxy-companion"
matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_proxy_companion_base_path }}/conf.d"

10
roles/custom/matrix-user-creator/tasks/util/ensure_user_registered_continuwuity.yml
View File

@ -1,10 +0,0 @@
# SPDX-FileCopyrightText: 2025 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Ensure continuwuity user registered - {{ user.username | quote }}
ansible.builtin.debug:
msg: "Not registering user. To register continuwuity users, message the continuwuity bot"

1
setup.yml
View File

@ -105,7 +105,6 @@
- custom/matrix-dendrite
- custom/matrix-conduit
- custom/matrix-conduwuit
- custom/matrix-continuwuity
- custom/matrix-synapse-admin
- custom/matrix-synapse-usage-exporter
- galaxy/prometheus_node_exporter