.config
.github
LICENSES
bin
collections
docs
assets
README.md
alternative-architectures.md
ansible.md
configuring-captcha.md
configuring-dns.md
configuring-ipv6.md
configuring-playbook-alertmanager-receiver.md
configuring-playbook-appservice-double-puppet.md
configuring-playbook-appservice-draupnir-for-all.md
configuring-playbook-backup-borg.md
configuring-playbook-base-domain-serving.md
configuring-playbook-bot-baibot.md
configuring-playbook-bot-buscarron.md
configuring-playbook-bot-chatgpt.md
configuring-playbook-bot-draupnir.md
configuring-playbook-bot-go-neb.md
configuring-playbook-bot-honoroit.md
configuring-playbook-bot-matrix-registration-bot.md
configuring-playbook-bot-matrix-reminder-bot.md
configuring-playbook-bot-maubot.md
configuring-playbook-bot-mjolnir.md
configuring-playbook-bridge-appservice-discord.md
configuring-playbook-bridge-appservice-irc.md
configuring-playbook-bridge-appservice-kakaotalk.md
configuring-playbook-bridge-appservice-slack.md
configuring-playbook-bridge-appservice-webhooks.md
configuring-playbook-bridge-beeper-linkedin.md
configuring-playbook-bridge-go-skype-bridge.md
configuring-playbook-bridge-heisenbridge.md
configuring-playbook-bridge-hookshot.md
configuring-playbook-bridge-matrix-bridge-sms.md
configuring-playbook-bridge-mautrix-bluesky.md
configuring-playbook-bridge-mautrix-bridges.md
configuring-playbook-bridge-mautrix-discord.md
configuring-playbook-bridge-mautrix-facebook.md
configuring-playbook-bridge-mautrix-gmessages.md
configuring-playbook-bridge-mautrix-googlechat.md
configuring-playbook-bridge-mautrix-hangouts.md
configuring-playbook-bridge-mautrix-instagram.md
configuring-playbook-bridge-mautrix-meta-instagram.md
configuring-playbook-bridge-mautrix-meta-messenger.md
configuring-playbook-bridge-mautrix-signal.md
configuring-playbook-bridge-mautrix-slack.md
configuring-playbook-bridge-mautrix-telegram.md
configuring-playbook-bridge-mautrix-twitter.md
configuring-playbook-bridge-mautrix-whatsapp.md
configuring-playbook-bridge-mautrix-wsproxy.md
configuring-playbook-bridge-mx-puppet-discord.md
configuring-playbook-bridge-mx-puppet-groupme.md
configuring-playbook-bridge-mx-puppet-instagram.md
configuring-playbook-bridge-mx-puppet-skype.md
configuring-playbook-bridge-mx-puppet-slack.md
configuring-playbook-bridge-mx-puppet-steam.md
configuring-playbook-bridge-mx-puppet-twitter.md
configuring-playbook-bridge-postmoogle.md
configuring-playbook-bridge-wechat.md
configuring-playbook-cactus-comments.md
configuring-playbook-client-cinny.md
configuring-playbook-client-element-web.md
configuring-playbook-client-fluffychat-web.md
configuring-playbook-client-hydrogen.md
configuring-playbook-client-schildichat-web.md
configuring-playbook-conduit.md
configuring-playbook-conduwuit.md
configuring-playbook-continuwuity.md
configuring-playbook-dendrite.md
configuring-playbook-dimension.md
configuring-playbook-dynamic-dns.md
configuring-playbook-element-call.md
configuring-playbook-email.md
configuring-playbook-email2matrix.md
configuring-playbook-etherpad.md
configuring-playbook-external-postgres.md
configuring-playbook-federation.md
configuring-playbook-jitsi.md
configuring-playbook-jwt-service.md
configuring-playbook-ldap-auth.md
configuring-playbook-livekit-jwt-service.md
configuring-playbook-livekit-server.md
configuring-playbook-ma1sd.md
configuring-playbook-matrix-authentication-service.md
configuring-playbook-matrix-corporal.md
configuring-playbook-matrix-ldap-registration-proxy.md
configuring-playbook-matrix-media-repo.md
configuring-playbook-matrix-registration.md
configuring-playbook-matrix-rtc.md
configuring-playbook-nginx.md
configuring-playbook-ntfy.md
configuring-playbook-own-webserver.md
configuring-playbook-pantalaimon.md
configuring-playbook-postgres-backup.md
configuring-playbook-prometheus-grafana.md
configuring-playbook-rageshake.md
configuring-playbook-rest-auth.md
configuring-playbook-riot-web.md
configuring-playbook-s3-goofys.md
configuring-playbook-s3.md
configuring-playbook-shared-secret-auth.md
configuring-playbook-sliding-sync-proxy.md
configuring-playbook-ssl-certificates.md
configuring-playbook-sygnal.md
configuring-playbook-synapse-admin.md
configuring-playbook-synapse-auto-accept-invite.md
configuring-playbook-synapse-auto-compressor.md
configuring-playbook-synapse-s3-storage-provider.md
configuring-playbook-synapse-simple-antispam.md
configuring-playbook-synapse-usage-exporter.md
configuring-playbook-synapse.md
configuring-playbook-telemetry.md
configuring-playbook-traefik.md
configuring-playbook-turn.md
configuring-playbook-user-verification-service.md
configuring-playbook.md
configuring-well-known.md
container-images.md
faq.md
getting-the-playbook.md
howto-server-delegation.md
howto-srv-server-delegation.md
importing-postgres.md
importing-synapse-media-store.md
importing-synapse-sqlite.md
installing.md
just.md
maintenance-and-troubleshooting.md
maintenance-migrating.md
maintenance-postgres.md
maintenance-synapse.md
maintenance-upgrading-services.md
obtaining-access-tokens.md
playbook-tags.md
prerequisites.md
quick-start.md
registering-users.md
self-building.md
uninstalling.md
updating-users-passwords.md
examples
group_vars
i18n
roles
.editorconfig
.envrc
.gitattributes
.gitignore
.yamllint
CHANGELOG.md
CHANGELOG.md.license
LICENSE
Makefile
README.md
README.md.license
REUSE.toml
YEAR-IN-REVIEW.md
ansible.cfg
conf.py
flake.lock
flake.nix
jitsi_jvb.yml
justfile
requirements.yml
setup.yml
setup.yml.license
55 lines
2.7 KiB
Markdown
55 lines
2.7 KiB
Markdown
<!--
|
|
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
|
|
SPDX-FileCopyrightText: 2024 Slavi Pantaleev
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-or-later
|
|
-->
|
|
|
|
# Setting up Pantalaimon (E2EE aware proxy daemon) (optional)
|
|
|
|
The playbook can install and configure the [pantalaimon](https://github.com/matrix-org/pantalaimon) E2EE aware proxy daemon for you.
|
|
|
|
See the project's [documentation](https://github.com/matrix-org/pantalaimon/blob/master/README.md) to learn what it does and why it might be useful to you.
|
|
|
|
This role exposes Pantalaimon's API only within the container network, so bots and clients installed on the same machine can use it. In particular the [Draupnir](configuring-playbook-bot-draupnir.md) and [Mjolnir](configuring-playbook-bot-mjolnir.md) roles (and possibly others) can use it.
|
|
|
|
## Adjusting the playbook configuration
|
|
|
|
Add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file (adapt to your needs):
|
|
|
|
```yaml
|
|
matrix_pantalaimon_enabled: true
|
|
```
|
|
|
|
### Extending the configuration
|
|
|
|
There are some additional things you may wish to configure about the component.
|
|
|
|
Take a look at:
|
|
|
|
- `roles/custom/matrix-pantalaimon/defaults/main.yml` for some variables that you can customize via your `vars.yml` file. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_pantalaimon_configuration` variable
|
|
|
|
## Installing
|
|
|
|
After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:
|
|
|
|
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
|
|
```sh
|
|
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
|
|
```
|
|
|
|
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
|
|
|
|
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
|
|
|
|
## Troubleshooting
|
|
|
|
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-pantalaimon`.
|
|
|
|
The default logging level for this component is `Warning`. If you want to increase the verbosity, add the following configuration to your `vars.yml` file and re-run the playbook:
|
|
|
|
```yaml
|
|
# Valid values: Error, Warning, Info, Debug
|
|
matrix_pantalaimon_log_level: Debug
|
|
```
|