diff --git a/roles/custom/matrix-base/defaults/main.yml b/roles/custom/matrix-base/defaults/main.yml index 31ccaad86..ef2a723eb 100644 --- a/roles/custom/matrix-base/defaults/main.yml +++ b/roles/custom/matrix-base/defaults/main.yml @@ -48,6 +48,9 @@ matrix_bridges_encryption_enabled: false # Global var to make encryption default/optional across all bridges with encryption support matrix_bridges_encryption_default: "{{ matrix_bridges_encryption_enabled }}" +# Global var for enabling msc4190 ( On supported bridges) +matrix_bridges_msc4190_enabled: "{{ matrix_authentication_service_enabled && matrix_bridges_encryption_enabled }}" + # Global var to enable/disable relay mode across all bridges with relay mode support matrix_bridges_relay_enabled: false diff --git a/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml index db743b0eb..686860573 100644 --- a/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml @@ -31,6 +31,8 @@ matrix_mautrix_bluesky_homeserver_address: "" matrix_mautrix_bluesky_homeserver_domain: '{{ matrix_domain }}' matrix_mautrix_bluesky_appservice_address: 'http://matrix-mautrix-bluesky:29340' +matrix_mautrix_bluesky_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + # A public address that external services can use to reach this appservice. matrix_mautrix_bluesky_appservice_public_address: '' @@ -187,6 +189,7 @@ matrix_mautrix_bluesky_registration_yaml: | rate_limited: false de.sorunome.msc2409.push_ephemeral: true receive_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_bluesky_msc4190_enabled }} matrix_mautrix_bluesky_registration: "{{ matrix_mautrix_bluesky_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2 index 156c68048..dfe775f0c 100644 --- a/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2 @@ -209,10 +209,6 @@ appservice: # However, messages will not be guaranteed to be bridged in the same order they were sent in. # This value doesn't affect the registration file. async_transactions: false - # Whether to use MSC4190 instead of appservice login to create the bridge bot device. - # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. - # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). - msc4190: false # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: {{ matrix_mautrix_bluesky_appservice_token | to_json }} @@ -358,6 +354,11 @@ encryption: # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. appservice: {{ matrix_mautrix_bluesky_bridge_encryption_appservice | to_json }} + # Whether to use MSC4190 instead of appservice login to create the bridge bot device. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_bluesky_msc4190_enabled }} # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: {{ matrix_mautrix_bluesky_bridge_encryption_key_sharing_allow | to_json }} diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml index 1809f6177..79ed8b976 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml @@ -36,6 +36,8 @@ matrix_mautrix_gmessages_homeserver_address: "" matrix_mautrix_gmessages_homeserver_domain: "{{ matrix_domain }}" matrix_mautrix_gmessages_appservice_address: "http://matrix-mautrix-gmessages:8080" +matrix_mautrix_gmessages_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + matrix_mautrix_gmessages_backfill_enabled: true matrix_mautrix_gmessages_backfill_max_initial_messages: 50 matrix_mautrix_gmessages_backfill_max_catchup_messages: 500 @@ -212,5 +214,6 @@ matrix_mautrix_gmessages_registration_yaml: | - exclusive: true regex: '^@{{ matrix_mautrix_gmessages_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_gmessages_homeserver_domain | regex_escape }}$' de.sorunome.msc2409.push_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_gmessages_msc4190_enabled }} matrix_mautrix_gmessages_registration: "{{ matrix_mautrix_gmessages_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 index 3fd39a78a..098a5673d 100644 --- a/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2 @@ -354,6 +354,11 @@ encryption: # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. appservice: {{ matrix_mautrix_gmessages_bridge_encryption_appservice | to_json }} + # Whether to use MSC4190 instead of appservice login to create the bridge bot device. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_gmessages_msc4190_enabled }} # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: {{ matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow | to_json }} diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml index 85f7034bb..4ecf84acb 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml @@ -123,6 +123,8 @@ matrix_mautrix_meta_instagram_appservice_address: "http://{{ matrix_mautrix_meta matrix_mautrix_meta_instagram_appservice_id: "{{ matrix_mautrix_meta_instagram_meta_mode }}" +matrix_mautrix_meta_instagram_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + # For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons: # - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger # - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com` @@ -297,5 +299,6 @@ matrix_mautrix_meta_instagram_registration_yaml: | sender_localpart: _bot_{{ matrix_mautrix_meta_instagram_appservice_username }} rate_limited: false de.sorunome.msc2409.push_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_meta_instagram_msc4190_enabled }} matrix_mautrix_meta_instagram_registration: "{{ matrix_mautrix_meta_instagram_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 index e905b1771..c8c54d442 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2 @@ -367,6 +367,11 @@ encryption: # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. appservice: {{ matrix_mautrix_meta_instagram_bridge_encryption_appservice | to_json }} + # Whether to use MSC4190 instead of appservice login to create the bridge bot device. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_meta_instagram_msc4190_enabled }} # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: {{ matrix_mautrix_meta_instagram_bridge_encryption_allow_key_sharing | to_json }} diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml index 7a34eb7f2..3c4ee3d66 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml @@ -123,6 +123,8 @@ matrix_mautrix_meta_messenger_appservice_address: "http://{{ matrix_mautrix_meta matrix_mautrix_meta_messenger_appservice_id: "{{ matrix_mautrix_meta_messenger_meta_mode }}" +matrix_mautrix_meta_messenger_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + # For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons: # - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger # - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com` @@ -297,5 +299,6 @@ matrix_mautrix_meta_messenger_registration_yaml: | sender_localpart: _bot_{{ matrix_mautrix_meta_messenger_appservice_username }} rate_limited: false de.sorunome.msc2409.push_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_meta_messenger_msc4190_enabled }} matrix_mautrix_meta_messenger_registration: "{{ matrix_mautrix_meta_messenger_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 index b5f9404b3..1861ad4b0 100644 --- a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2 @@ -367,6 +367,11 @@ encryption: # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. appservice: {{ matrix_mautrix_meta_messenger_bridge_encryption_appservice | to_json }} + # Whether to use MSC4190 instead of appservice login to create the bridge bot device. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_meta_messenger_msc4190_enabled }} # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: {{ matrix_mautrix_meta_messenger_bridge_encryption_allow_key_sharing | to_json }} diff --git a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml index f3f9ce553..04ecceea8 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml @@ -44,6 +44,8 @@ matrix_mautrix_signal_homeserver_address: "" matrix_mautrix_signal_homeserver_domain: "{{ matrix_domain }}" matrix_mautrix_signal_appservice_address: "http://matrix-mautrix-signal:8080" +matrix_mautrix_signal_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + matrix_mautrix_signal_command_prefix: "!signal" matrix_mautrix_signal_bridge_permissions: | @@ -210,6 +212,7 @@ matrix_mautrix_signal_registration_yaml: | - exclusive: true regex: '^@{{ matrix_mautrix_signal_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$' de.sorunome.msc2409.push_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_signal_msc4190_enabled }} matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index e4af6d962..a47adccf4 100644 --- a/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -334,6 +334,11 @@ encryption: # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. appservice: false + # Whether to use MSC4190 instead of appservice login to create the bridge bot device. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_signal_msc4190_enabled }} # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: {{ matrix_mautrix_signal_bridge_encryption_key_sharing_allow | to_json }} diff --git a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml index b0d2406fc..fcc7ca3e1 100644 --- a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml @@ -34,6 +34,8 @@ matrix_mautrix_slack_homeserver_address: "" matrix_mautrix_slack_homeserver_domain: "{{ matrix_domain }}" matrix_mautrix_slack_appservice_address: "http://matrix-mautrix-slack:8080" +matrix_mautrix_slack_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + matrix_mautrix_slack_command_prefix: "!slack" matrix_mautrix_slack_bridge_permissions: | @@ -151,6 +153,7 @@ matrix_mautrix_slack_registration_yaml: | - exclusive: true regex: '^@{{ matrix_mautrix_slack_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_slack_homeserver_domain | regex_escape }}$' de.sorunome.msc2409.push_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_slack_msc4190_enabled }} matrix_mautrix_slack_registration: "{{ matrix_mautrix_slack_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2 index 5c02dd946..06b556e76 100644 --- a/roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2 @@ -371,6 +371,11 @@ encryption: # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. appservice: false + # Whether to use MSC4190 instead of appservice login to create the bridge bot device. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_slack_msc4190_enabled }} # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: {{ matrix_mautrix_slack_bridge_encryption_key_sharing_allow | to_json }} diff --git a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml index 84613f754..118d1b59c 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -39,6 +39,8 @@ matrix_mautrix_twitter_homeserver_address: "" matrix_mautrix_twitter_homeserver_domain: '{{ matrix_domain }}' matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29327' +matrix_mautrix_twitter_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + # A public address that external services can use to reach this appservice. matrix_mautrix_twitter_appservice_public_address: '' @@ -196,6 +198,7 @@ matrix_mautrix_twitter_registration_yaml: | rate_limited: false de.sorunome.msc2409.push_ephemeral: true receive_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_twitter_msc4190_enabled }} matrix_mautrix_twitter_registration: "{{ matrix_mautrix_twitter_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 index 1a0b474f4..5554b1a07 100644 --- a/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -212,7 +212,8 @@ appservice: # Whether to use MSC4190 instead of appservice login to create the bridge bot device. # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). - msc4190: false + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_twitter_msc4190_enabled }} # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: {{ matrix_mautrix_twitter_appservice_token | to_json }} diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml index b461573b6..ebc8388c4 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -46,6 +46,8 @@ matrix_mautrix_whatsapp_homeserver_address: "" matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}" matrix_mautrix_whatsapp_appservice_address: "http://matrix-mautrix-whatsapp:8080" +matrix_mautrix_whatsapp_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}" + matrix_mautrix_whatsapp_extev_polls: false matrix_mautrix_whatsapp_command_prefix: "!wa" @@ -229,5 +231,6 @@ matrix_mautrix_whatsapp_registration_yaml: | - exclusive: true regex: '^@{{ matrix_mautrix_whatsapp_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_whatsapp_homeserver_domain | regex_escape }}$' de.sorunome.msc2409.push_ephemeral: true + io.element.msc4190: {{ matrix_mautrix_whatsapp_msc4190_enabled }} matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml | from_yaml }}" diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 832234832..d6b39cf8b 100644 --- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -445,6 +445,11 @@ encryption: # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. # This option is not yet compatible with standard Matrix servers like Synapse and should not be used. appservice: false + # Whether to use MSC4190 instead of appservice login to create the bridge bot device. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861). + # Changing this option requires updating the appservice registration file. + msc4190: {{ matrix_mautrix_whatsapp_msc4190_enabled }} # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. allow_key_sharing: {{ matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow | to_json }}