90a142439a
* Add matrix-registration-bot This adds an install and uninstall task plus helpers. The bot is disabled by default. This commit does not include documentation, yet. In short, the bot can be enabled by adding matrix_bot_matrix_registration_bot_enabled: true matrix_bot_matrix_registration_bot_matrix_user_password: "verysecret" matrix_bot_matrix_registration_bot_matrix_admin_token: "supersecret" to the host_vars * Change bot username to bot.matrix-registration-bot following convention * Address smaller remarks, fix local docker build * Switch to an env file * Add environment variables extension for additional config * Add documentation for the matrix-registration-bot * Add screenshot on how to obtain admin access token * Use bot as admin to only have one access token (bot and admin api) * Use cleaner setting of matrix_synapse_registration_requires_token * Use config file for cleaner more secure usage * Delete unneeded env * Rename vars to make usage clear * Fix typos/wording and add notice about logging out * Convert configuration to use |to_json * Reorder role includes Nothing should be after `matrix-common-after`. `matrix-bot-matrix-registration-bot` can probably be anywhere, but it makes sense to put it next to the other `matrix-bot-*` roles. * Minor group_vars/matrix_servers touchups Co-authored-by: Slavi Pantaleev <slavi@devture.com> |
||
---|---|---|
.github | ||
collections | ||
docs | ||
examples | ||
group_vars | ||
inventory | ||
roles | ||
.editorconfig | ||
.gitignore | ||
.yamllint | ||
ansible.cfg | ||
CHANGELOG.md | ||
LICENSE | ||
README.md | ||
setup.yml |
Matrix (An open network for secure, decentralized communication) server setup using Ansible and Docker
Purpose
This Ansible playbook is meant to help you run your own Matrix homeserver, along with the various services related to that.
That is, it lets you join the Matrix network using your own @<username>:<your-domain>
identifier, all hosted on your own server (see prerequisites).
We run all services in Docker containers (see the container images we use), which lets us have a predictable and up-to-date setup, across multiple supported distros (see prerequisites) and architectures (x86/amd64 being recommended).
Installation (upgrades) and some maintenance tasks are automated using Ansible (see our Ansible guide).
Supported services
Using this playbook, you can get the following services configured on your server:
-
(optional, default) a Synapse homeserver - storing your data and managing your presence in the Matrix network
-
(optional) a Dendrite homeserver - storing your data and managing your presence in the Matrix network. Dendrite is a second-generation Matrix homeserver written in Go, an alternative to Synapse.
-
(optional) Amazon S3 storage for Synapse's content repository (
media_store
) files using Goofys -
(optional, default) PostgreSQL database for Synapse. Using an external PostgreSQL server is also possible.
-
(optional, default) a coturn STUN/TURN server for WebRTC audio/video calls
-
(optional, default) free Let's Encrypt SSL certificate, which secures the connection to the Synapse server and the Element web UI
-
(optional, default) an Element (formerly Riot) web UI, which is configured to connect to your own Synapse server by default
-
(optional) a ma1sd Matrix Identity server
-
(optional, default) an Exim mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server)
-
(optional, default) an nginx web server, listening on ports 80 and 443 - standing in front of all the other services. Using your own webserver is possible
-
(optional, advanced) the matrix-synapse-rest-auth REST authentication password provider module
-
(optional, advanced) the matrix-synapse-shared-secret-auth password provider module
-
(optional, advanced) the matrix-synapse-ldap3 LDAP Auth password provider module
-
(optional, advanced) the synapse-simple-antispam spam checker module
-
(optional, advanced) the Matrix Corporal reconciliator and gateway for a managed Matrix server
-
(optional) the mautrix-telegram bridge for bridging your Matrix server to Telegram
-
(optional) the mautrix-whatsapp bridge for bridging your Matrix server to WhatsApp
-
(optional) the mautrix-facebook bridge for bridging your Matrix server to Facebook
-
(optional) the mautrix-twitter bridge for bridging your Matrix server to Twitter
-
(optional) the mautrix-hangouts bridge for bridging your Matrix server to Google Hangouts
-
(optional) the mautrix-googlechat bridge for bridging your Matrix server to Google Chat
-
(optional) the mautrix-instagram bridge for bridging your Matrix server to Instagram
-
(optional) the mautrix-signal bridge for bridging your Matrix server to Signal
-
(optional) the beeper-linkedin bridge for bridging your Matrix server to LinkedIn
-
(optional) the matrix-appservice-irc bridge for bridging your Matrix server to IRC
-
(optional) the matrix-appservice-discord bridge for bridging your Matrix server to Discord
-
(optional) the matrix-appservice-slack bridge for bridging your Matrix server to Slack
-
(optional) the matrix-appservice-webhooks bridge for slack compatible webhooks (ConcourseCI, Slack etc. pp.)
-
(optional) the matrix-hookshot bridge for bridging Matrix to generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular
-
(optional) the matrix-sms-bridge for bridging your Matrix server to SMS - see docs/configuring-playbook-bridge-matrix-bridge-sms.md for setup documentation
-
(optional) the Heisenbridge for bridging your Matrix server to IRC bouncer-style - see docs/configuring-playbook-bridge-heisenbridge.md for setup documentation
-
(optional) the mx-puppet-skype for bridging your Matrix server to Skype - see docs/configuring-playbook-bridge-mx-puppet-skype.md for setup documentation
-
(optional) the mx-puppet-slack for bridging your Matrix server to Slack - see docs/configuring-playbook-bridge-mx-puppet-slack.md for setup documentation
-
(optional) the mx-puppet-instagram bridge for Instagram-DMs (Instagram) - see docs/configuring-playbook-bridge-mx-puppet-instagram.md for setup documentation
-
(optional) the mx-puppet-twitter bridge for Twitter-DMs (Twitter) - see docs/configuring-playbook-bridge-mx-puppet-twitter.md for setup documentation
-
(optional) the mx-puppet-discord bridge for Discord - see docs/configuring-playbook-bridge-mx-puppet-discord.md for setup documentation
-
(optional) the mx-puppet-groupme bridge for GroupMe - see docs/configuring-playbook-bridge-mx-puppet-groupme.md for setup documentation
-
(optional) the mx-puppet-steam bridge for Steam - see docs/configuring-playbook-bridge-mx-puppet-steam.md for setup documentation
-
(optional) Email2Matrix for relaying email messages to Matrix rooms - see docs/configuring-playbook-email2matrix.md for setup documentation
-
(optional) Dimension, an open source integrations manager for matrix clients - see docs/configuring-playbook-dimension.md for setup documentation
-
(optional) Etherpad, an open source collaborative text editor - see docs/configuring-playbook-etherpad.md for setup documentation
-
(optional) Jitsi, an open source video-conferencing platform - see docs/configuring-playbook-jitsi.md for setup documentation
-
(optional) matrix-reminder-bot for scheduling one-off & recurring reminders and alarms - see docs/configuring-playbook-bot-matrix-reminder-bot.md for setup documentation
-
(optional) honoroit helpdesk bot - see docs/configuring-playbook-bot-honoroit.md for setup documentation
-
(optional) Go-NEB multi functional bot written in Go - see docs/configuring-playbook-bot-go-neb.md for setup documentation
-
(optional) Mjolnir, a moderation tool for Matrix - see docs/configuring-playbook-bot-mjolnir.md for setup documentation
-
(optional) synapse-admin, a web UI tool for administrating users and rooms on your Matrix server - see docs/configuring-playbook-synapse-admin.md for setup documentation
-
(optional) matrix-registration, a simple python application to have a token based matrix registration - see docs/configuring-playbook-matrix-registration.md for setup documentation
-
(optional) the Prometheus time-series database server, the Prometheus node-exporter host metrics exporter, and the Grafana web UI - see Enabling metrics and graphs (Prometheus, Grafana) for your Matrix server for setup documentation
-
(optional) the Sygnal push gateway - see Setting up the Sygnal push gateway for setup documentation
-
(optional) the Hydrogen web client - see docs/configuring-playbook-client-hydrogen.md for setup documentation
-
(optional) the Cinny web client - see docs/configuring-playbook-client-cinny.md for setup documentation
-
(optional) the Borg backup - see docs/configuring-playbook-backup-borg.md for setup documentation
Basically, this playbook aims to get you up-and-running with all the necessities around Matrix, without you having to do anything else.
Note: the list above is exhaustive. It includes optional or even some advanced components that you will most likely not need. Sticking with the defaults (which install a subset of the above components) is the best choice, especially for a new installation. You can always re-run the playbook later to add or remove components.
Installation
To configure and install Matrix on your own server, follow the README in the docs/ directory.
Changes
This playbook evolves over time, sometimes with backward-incompatible changes.
When updating the playbook, refer to the changelog to catch up with what's new.
Support
-
Matrix room: #matrix-docker-ansible-deploy:devture.com
-
IRC channel:
#matrix-docker-ansible-deploy
on the Libera Chat IRC network (irc.libera.chat:6697) -
GitHub issues: spantaleev/matrix-docker-ansible-deploy/issues
Services by the community
- etke.cc - matrix-docker-ansible-deploy and system stuff "as a service". That service will create your matrix homeserver on your domain and server (doesn't matter if it's cloud provider or on an old laptop in the corner of your room), (optional) maintains it (server's system updates, cleanup, security adjustments, tuning, etc.; matrix homeserver updates & maintenance) and (optional) provide full-featured email service for your domain