chore(deps): update dependency etherpad to v2.6.1-0

chore(deps): update dependency setuptools to v80.10.2
chore(deps): update halfshot/matrix-hookshot docker tag to v7.3.1
2026-01-27 15:13:17 +03:00 · 2026-01-27 12:53:38 +02:00 · 2026-01-26 08:15:49 +02:00 · 2026-01-24 20:07:34 +02:00 · 2026-01-23 00:52:36 +02:00 · 2026-01-22 07:52:37 +02:00
73 changed files with 272 additions and 167 deletions
--- a/.github/workflows/lock-threads.yml
+++ b/.github/workflows/lock-threads.yml
@@ -23,7 +23,7 @@ jobs:
    if: github.repository == 'spantaleev/matrix-docker-ansible-deploy'
    runs-on: ubuntu-latest
    steps:
-      - uses: dessant/lock-threads@v5
+      - uses: dessant/lock-threads@v6
        with:
          add-issue-labels: 'outdated'
          process-only: 'issues, prs'
--- a/.github/workflows/matrix.yml
+++ b/.github/workflows/matrix.yml
@@ -26,7 +26,7 @@ jobs:
        uses: actions/checkout@v6
      - name: Run ansible-lint
-        uses: ansible/ansible-lint@v25.11.1
+        uses: ansible/ansible-lint@v26.1.1
        with:
          args: "roles/custom"
          setup_python: "true"
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,11 @@
 # 2025-12-09
 ## Traefik Cert Dumper upgrade
 The variable `traefik_certs_dumper_ssl_dir_path` was renamed to `traefik_certs_dumper_ssl_path`. Users who use [their own webserver with Traefik](docs/configuring-playbook-own-webserver.md) may need to adjust their configuration.
 The variable `traefik_certs_dumper_dumped_certificates_dir_path` was renamed to `traefik_certs_dumper_dumped_certificates_path`. Users who use [SRV Server Delegation](docs/howto-srv-server-delegation.md) may need to adjust their configuration.
 # 2025-11-23
 ## Matrix.to support
--- a/docs/configuring-playbook-matrix-authentication-service.md
+++ b/docs/configuring-playbook-matrix-authentication-service.md
@@ -57,6 +57,10 @@ This section details what you can expect when switching to the Matrix Authentica
  - [Reminder bot](configuring-playbook-bot-matrix-reminder-bot.md) seems to be losing some of its state on each restart and may reschedule old reminders once again
  - [Postmoogle](./configuring-playbook-bridge-postmoogle.md) works the first time around, but it consistently fails after restarting:
    > cannot initialize matrix bot error="olm account is marked as shared, keys seem to have disappeared from the server"
 - ❌ **Encrypted appservices** do not work yet (related to [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) and [PR 17705 for Synapse](https://github.com/element-hq/synapse/pull/17705)), so all bridges/bots that rely on encryption will fail to start (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3658) for Hookshot). You can use these bridges/bots only if you **keep end-to-bridge encryption disabled** (which is the default setting).
 - ⚠️ [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) is **possible**, but requires **some playbook-assisted manual work**. Migration is **reversible with no or minor issues if done quickly enough**, but as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break.
--- a/docs/configuring-playbook-own-webserver.md
+++ b/docs/configuring-playbook-own-webserver.md
@@ -51,7 +51,7 @@ matrix_playbook_reverse_proxy_type: other-traefik-container
 # Adjust to point to your Traefik container
 matrix_playbook_reverse_proxy_hostname: name-of-your-traefik-container
-traefik_certs_dumper_ssl_dir_path: "/path/to/your/traefiks/acme.json/directory"
+traefik_certs_dumper_ssl_path: "/path/to/your/traefiks/acme.json/directory"
 # Uncomment and adjust the variable below if the name of your federation entrypoint is different
 # than the default value (matrix-federation).
--- a/docs/configuring-playbook-turn.md
+++ b/docs/configuring-playbook-turn.md
@@ -49,6 +49,23 @@ Regardless of the selected authentication method, the playbook generates secrets
 If [Jitsi](configuring-playbook-jitsi.md) is installed, note that switching to `lt-cred-mech` will disable the integration between Jitsi and your coturn server, as Jitsi seems to support the `auth-secret` authentication method only.
 ### Customize the Coturn hostname (optional)
 By default, Coturn uses the same hostname as your Matrix homeserver (the value of `matrix_server_fqn_matrix`, which is typically `matrix.example.com`).
 If you'd like to use a custom subdomain for Coturn (e.g., `turn.example.com` or `t.matrix.example.com`), add the following configuration to your `vars.yml` file:
 ```yaml
 matrix_coturn_hostname: turn.example.com
 ```
 The playbook will automatically:
 - Configure Coturn to use this hostname
 - Obtain an SSL certificate for the custom domain via Traefik
 - Update all TURN URIs to point to the custom domain
 **Note**: Make sure the custom hostname resolves to your server's IP address via DNS before running the playbook.
 ### Use your own external coturn server (optional)
 If you'd like to use another TURN server (be it coturn or some other one), add the following configuration to your `vars.yml` file. Make sure to replace `HOSTNAME_OR_IP` with your own.
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -440,6 +440,19 @@ To prevent double-logging, Docker logging is disabled by explicitly passing `--l
 See [this section](maintenance-and-troubleshooting.md#how-to-see-the-logs) on the page for maintenance and troubleshooting for more details to see the logs.
 ### The server fails to start due to the `Unable to start service matrix-coturn.service` error. Why and how to solve it?
 The error is most likely because Traefik cannot obtain SSL certificates due to certain reasons such as wrong domain name configuration or port 80 being unavailable due to other services.
 If Traefik fails to obtain an SSL certificate for domain names such as `matrix.`, Traefik Certs Dumper cannot extract the SSL certificate out of there, and coturn cannot be started and the error occurs. Refer to these comments for details:
 - <https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3957#issuecomment-2599590441>
 - <https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4570#issuecomment-3364111466>
 If you are not sure what the problem is, at first make sure that you have set the "base domain" (`example.com`, **not `matrix.example.com`**) to `matrix_domain`. You should be able to find it at the top of your `vars.yml`.
 If it is correctly specified, look Traefik's logs (`journalctl -fu matrix-traefik.service`) for errors by Let's Encrypt for troubleshooting.
 ## Miscellaneous
 ### I would like to see this favorite service of mine integrated and become available on my Matrix server. How can I request it?
--- a/docs/howto-srv-server-delegation.md
+++ b/docs/howto-srv-server-delegation.md
@@ -112,12 +112,12 @@ matrix_coturn_container_additional_volumes: |
    (
      [
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/*.' + matrix_domain + '/certificate.crt'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/*.' + matrix_domain + '/certificate.crt'),
         'dst': '/certificate.crt',
         'options': 'ro',
       },
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/*.' + matrix_domain + '/privatekey.key'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/*.' + matrix_domain + '/privatekey.key'),
         'dst': '/privatekey.key',
         'options': 'ro',
       },
@@ -173,12 +173,12 @@ matrix_coturn_container_additional_volumes: |
    (
      [
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/*.' + matrix_domain + '/certificate.crt'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/*.' + matrix_domain + '/certificate.crt'),
         'dst': '/certificate.crt',
         'options': 'ro',
       },
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/*.' + matrix_domain + '/privatekey.key'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/*.' + matrix_domain + '/privatekey.key'),
         'dst': '/privatekey.key',
         'options': 'ro',
       },
--- a/docs/registering-users.md
+++ b/docs/registering-users.md
@@ -161,6 +161,6 @@ You can then proceed to run the query above.
 ### Adding/Removing Administrator privileges to an existing user in Matrix Authentication Service
-Promoting/demoting a user in Matrix Authentication Service cannot currently (2024-10-19) be done via the [`mas-cli` Management tool](./configuring-playbook-matrix-authentication-service.md#management).
+Promoting/demoting a user in Matrix Authentication Service can be done using the [`mas-cli`](./configuring-playbook-matrix-authentication-service.md#management) management tool's [`manage promote-admin`](https://element-hq.github.io/matrix-authentication-service/reference/cli/manage.html#manage-promote-admin) and [`manage demote-admin`](https://element-hq.github.io/matrix-authentication-service/reference/cli/manage.html#manage-demote-admin) commands. For example: `/matrix/matrix-authentication-service/bin/mas-cli manage promote-admin some.username`.
-You can do it via the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html)'s `POST /api/admin/v1/users/{id}/set-admin` endpoint.
+You can also do it via the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html)'s `POST /api/admin/v1/users/{id}/set-admin` endpoint.
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -2242,8 +2242,8 @@ matrix_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['a
 matrix_postmoogle_ssl_path: |-
  {{
    {
-      'playbook-managed-traefik': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''),
+      'playbook-managed-traefik': (traefik_certs_dumper_dumped_certificates_path if traefik_certs_dumper_enabled else ''),
-      'other-traefik-container': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''),
+      'other-traefik-container': (traefik_certs_dumper_dumped_certificates_path if traefik_certs_dumper_enabled else ''),
      'none': '',
    }[matrix_playbook_reverse_proxy_type]
  }}
@@ -3088,6 +3088,8 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
 # We don't enable matrixto by default.
 matrix_matrixto_enabled: false
 matrix_matrixto_base_path: "{{ matrix_base_data_path }}/matrixto"
 # The container image is not provided at https://github.com/matrix-org/matrix.to
 matrix_matrixto_container_image_self_build: true
@@ -3150,6 +3152,8 @@ matrix_rageshake_container_labels_traefik_tls_certResolver: "{{ traefik_certReso
 matrix_coturn_enabled: true
 matrix_coturn_hostname: "{{ matrix_server_fqn_matrix }}"
 matrix_coturn_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_coturn_docker_image_registry_prefix_upstream_default }}"
 matrix_coturn_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
@@ -3189,12 +3193,12 @@ matrix_coturn_container_additional_volumes: |
    (
      [
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/' + matrix_server_fqn_matrix + '/certificate.crt'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/' + matrix_coturn_hostname + '/certificate.crt'),
         'dst': '/certificate.crt',
         'options': 'ro',
       },
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/' + matrix_server_fqn_matrix + '/privatekey.key'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/' + matrix_coturn_hostname + '/privatekey.key'),
         'dst': '/privatekey.key',
         'options': 'ro',
       },
@@ -3204,7 +3208,7 @@ matrix_coturn_container_additional_volumes: |
 matrix_coturn_systemd_required_services_list_auto: |
  {{
-    ([traefik_certs_dumper_identifier + '-wait-for-domain@' + matrix_server_fqn_matrix + '.service'] if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and traefik_certs_dumper_enabled and matrix_coturn_tls_enabled else [])
+    ([traefik_certs_dumper_identifier + '-wait-for-domain@' + matrix_coturn_hostname + '.service'] if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and traefik_certs_dumper_enabled and matrix_coturn_tls_enabled else [])
  }}
 ######################################################################
@@ -3644,6 +3648,8 @@ matrix_media_repo_container_additional_networks: |
      ([postgres_container_network] if (postgres_enabled and matrix_media_repo_database_hostname == postgres_connection_hostname and postgres_container_network != matrix_media_repo_container_network) else [])
      +
      ([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_media_repo_container_labels_traefik_enabled) else [])
      +
      ([valkey_container_network] if valkey_enabled and matrix_media_repo_redis_enabled else [])
    ) | unique
  }}
@@ -3709,6 +3715,21 @@ matrix_media_repo_homeservers_auto:
 matrix_media_repo_homeserver_federation_enabled: "{{ matrix_homeserver_federation_enabled }}"
 matrix_media_repo_redis_enabled: "{{ valkey_enabled }}"
 # Use next redis index since Synapse is on 0. You can chose between index 0 and 15.
 matrix_media_repo_redis_database_number: 1
 matrix_media_repo_redis_shards: |
  {{
    ([{
          'name': 'valkey',
          'addr': (valkey_identifier + ':' + valkey_container_http_port | string),
    }])
    if valkey_enabled and matrix_media_repo_redis_enabled
    else []
  }}
 ######################################################################
 #
 # /matrix-media-repo
@@ -5857,6 +5878,11 @@ traefik_systemd_required_services_list: |
    ([container_socket_proxy_identifier + '.service'] if container_socket_proxy_enabled else [])
  }}
 traefik_additional_domains_to_obtain_certificates_for_auto: |
  {{
    ([matrix_coturn_hostname] if (matrix_coturn_enabled and matrix_coturn_tls_enabled and matrix_coturn_hostname != matrix_server_fqn_matrix) else [])
  }}
 ########################################################################
 #                                                                      #
 # /traefik                                                             #
@@ -5879,7 +5905,7 @@ traefik_certs_dumper_base_path: "{{ matrix_base_data_path }}/traefik-certs-dumpe
 traefik_certs_dumper_uid: "{{ matrix_user_uid }}"
 traefik_certs_dumper_gid: "{{ matrix_user_gid }}"
-traefik_certs_dumper_ssl_dir_path: "{{ traefik_ssl_dir_path if traefik_enabled else '' }}"
+traefik_certs_dumper_ssl_path: "{{ traefik_ssl_dir_path if traefik_enabled else '' }}"
 traefik_certs_dumper_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else traefik_certs_dumper_container_image_registry_prefix_upstream_default }}"
@@ -5988,12 +6014,12 @@ livekit_server_container_additional_volumes_auto: |
    (
      [
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/' + livekit_server_config_turn_domain + '/certificate.crt'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/' + livekit_server_config_turn_domain + '/certificate.crt'),
         'dst': livekit_server_config_turn_cert_file,
         'options': 'ro',
       },
       {
-         'src': (traefik_certs_dumper_dumped_certificates_dir_path +  '/' + livekit_server_config_turn_domain + '/privatekey.key'),
+         'src': (traefik_certs_dumper_dumped_certificates_path +  '/' + livekit_server_config_turn_domain + '/privatekey.key'),
         'dst': livekit_server_config_turn_key_file,
         'options': 'ro',
       },
--- a/i18n/requirements.txt
+++ b/i18n/requirements.txt
@@ -1,9 +1,9 @@
 alabaster==1.0.0
 babel==2.17.0
-certifi==2025.11.12
+certifi==2026.1.4
 charset-normalizer==3.4.4
 click==8.3.1
-docutils==0.22.3
+docutils==0.22.4
 idna==3.11
 imagesize==1.4.1
 Jinja2==3.1.6
@@ -12,16 +12,16 @@ markdown-it-py==4.0.0
 MarkupSafe==3.0.3
 mdit-py-plugins==0.5.0
 mdurl==0.1.2
-myst-parser==4.0.1
+myst-parser==5.0.0
-packaging==25.0
+packaging==26.0
 Pygments==2.19.2
 PyYAML==6.0.3
 requests==2.32.5
-setuptools==80.9.0
+setuptools==80.10.2
 snowballstemmer==3.0.1
-Sphinx==9.0.1
+Sphinx==9.1.0
 sphinx-intl==2.3.2
-sphinx-markdown-builder==0.6.8
+sphinx-markdown-builder==0.6.9
 sphinxcontrib-applehelp==2.0.0
 sphinxcontrib-devhelp==2.0.0
 sphinxcontrib-htmlhelp==2.1.0
@@ -30,4 +30,4 @@ sphinxcontrib-qthelp==2.0.0
 sphinxcontrib-serializinghtml==2.0.0
 tabulate==0.9.0
 uc-micro-py==1.0.3
-urllib3==2.5.0
+urllib3==2.6.3
--- a/requirements.yml
+++ b/requirements.yml
@@ -1,37 +1,37 @@
 ---
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git
-  version: v1.0.0-5
+  version: v1.0.0-6
  name: auxiliary
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git
-  version: v1.4.2-2.0.12-0
+  version: v1.4.3-2.0.13-0
  name: backup_borg
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
-  version: v0.4.1-2
+  version: v0.4.2-1
  name: container_socket_proxy
 - src: git+https://github.com/geerlingguy/ansible-role-docker
-  version: 7.9.0
+  version: 8.0.0
  name: docker
 - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git
  version: 542a2d68db4e9a8e9bb4b508052760b900c7dce6
  name: docker_sdk_for_python
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
-  version: v2.5.2-2
+  version: v2.6.1-0
  name: etherpad
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
  version: v4.98.1-r0-2-2
  name: exim_relay
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git
-  version: v11.6.5-4
+  version: v11.6.5-6
  name: grafana
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
-  version: v10655-0
+  version: v10710-0
  name: jitsi
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
-  version: v1.9.6-0
+  version: v1.9.11-0
  name: livekit_server
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
-  version: v2.15.0-0
+  version: v2.16.0-0
  name: ntfy
 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
  version: 8630e4f1749bcb659c412820f754473f09055052
@@ -49,13 +49,13 @@
  version: v18-0
  name: postgres_backup
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
-  version: v3.7.3-1
+  version: v3.9.1-0
  name: prometheus
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
-  version: v1.9.1-12
+  version: v1.9.1-13
  name: prometheus_node_exporter
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
-  version: v0.18.1-1
+  version: v0.18.1-2
  name: prometheus_postgres_exporter
 - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
  version: v1.4.1-0
@@ -67,11 +67,11 @@
  version: v1.1.0-1
  name: timesync
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
-  version: v3.6.2-0
+  version: v3.6.7-1
  name: traefik
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
-  version: v2.10.0-2
+  version: v2.10.0-4
  name: traefik_certs_dumper
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-valkey.git
-  version: v9-0
+  version: v9.0.1-0
  name: valkey
--- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml
+++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml
@@ -11,7 +11,7 @@
 matrix_alertmanager_receiver_enabled: true
 # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
-matrix_alertmanager_receiver_version: 2025.11.26
+matrix_alertmanager_receiver_version: 2026.1.21
 matrix_alertmanager_receiver_scheme: https
--- a/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml
+++ b/roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml
@@ -12,7 +12,7 @@
 matrix_appservice_draupnir_for_all_enabled: true
 # renovate: datasource=docker depName=gnuxie/draupnir
-matrix_appservice_draupnir_for_all_version: "v2.8.0"
+matrix_appservice_draupnir_for_all_version: "v2.9.0"
 matrix_appservice_draupnir_for_all_container_image_self_build: false
 matrix_appservice_draupnir_for_all_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"
--- a/roles/custom/matrix-appservice-draupnir-for-all/tasks/validate_config.yml
+++ b/roles/custom/matrix-appservice-draupnir-for-all/tasks/validate_config.yml
@@ -13,7 +13,7 @@
  with_items:
    - "matrix_appservice_draupnir_for_all_config_adminRoom"
    - "matrix_bot_draupnir_container_network"
-  when: "vars[item] == '' or vars[item] is none"
+  when: "lookup('vars', item, default='') == '' or lookup('vars', item, default='') is none"
 - name: (Deprecation) Catch and report renamed matrix-appservice-draupnir-for-all settings
  ansible.builtin.fail:
--- a/roles/custom/matrix-authentication-service/defaults/main.yml
+++ b/roles/custom/matrix-authentication-service/defaults/main.yml
@@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
 matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
 # renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
-matrix_authentication_service_version: 1.7.0
+matrix_authentication_service_version: 1.9.0
 matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
 matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
 matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"
--- a/roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml
+++ b/roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml
@@ -19,7 +19,7 @@
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item.name }}`).
-  when: "item.when | bool and vars[item.name] | string | length == 0"
+  when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
  with_items:
    - {'name': 'matrix_authentication_service_syn2mas_synapse_homeserver_config_path', when: true}
--- a/roles/custom/matrix-base/defaults/main.yml
+++ b/roles/custom/matrix-base/defaults/main.yml
@@ -273,7 +273,7 @@ matrix_metrics_exposure_http_basic_auth_users: ''
 #     - nevertheless, the playbook expects that you would install Traefik yourself via other means
 #     - you should make sure your Traefik configuration is compatible with what the playbook would have configured (web, web-secure, matrix-federation entrypoints, etc.)
 #     - you need to set `matrix_playbook_reverse_proxyable_services_additional_network` to the name of your Traefik network
-#     - Traefik certs dumper will be enabled by default (`traefik_certs_dumper_enabled`). You need to point it to your Traefik's SSL certificates (`traefik_certs_dumper_ssl_dir_path`)
+#     - Traefik certs dumper will be enabled by default (`traefik_certs_dumper_enabled`). You need to point it to your Traefik's SSL certificates (`traefik_certs_dumper_ssl_path`)
 #
 # - `none`
 #     - no reverse-proxy will be installed
@@ -391,7 +391,8 @@ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_enabled: "{{ matri
 matrix_playbook_internal_matrix_client_api_traefik_entrypoint_name: matrix-internal-matrix-client-api
 matrix_playbook_internal_matrix_client_api_traefik_entrypoint_port: 8008
 matrix_playbook_internal_matrix_client_api_traefik_entrypoint_host_bind_port: ''
-matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config: "{{ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_auto | combine(matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_custom, recursive=True) }}"
+matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config: "{{ (matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_default | combine(matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_auto)) | combine(matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_custom, recursive=True) }}"
 matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_default: {}
 matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_auto: {}
 matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_custom: {}
--- a/roles/custom/matrix-base/tasks/validate_config.yml
+++ b/roles/custom/matrix-base/tasks/validate_config.yml
@@ -36,6 +36,11 @@
    - {'old': 'matrix_container_global_registry_prefix', 'new': '<no global variable anymore; you need to override the `_registry_prefix` variable in each component separately>'}
    - {'old': 'matrix_user_username', 'new': 'matrix_user_name'}
    - {'old': 'matrix_user_groupname', 'new': 'matrix_group_name'}
    - {'old': 'matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedSlash', 'new': '<removed>'}
    - {'old': 'matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedHash', 'new': '<removed>'}
    - {'old': 'matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedSlash', 'new': '<removed>'}
    - {'old': 'matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedHash', 'new': '<removed>'}
 # We have a dedicated check for this variable, because we'd like to have a custom (friendlier) message.
 - name: Fail if matrix_homeserver_generic_secret_key is undefined
--- a/roles/custom/matrix-bot-baibot/defaults/main.yml
+++ b/roles/custom/matrix-bot-baibot/defaults/main.yml
@@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
 matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
 # renovate: datasource=docker depName=ghcr.io/etkecc/baibot
-matrix_bot_baibot_version: v1.9.0
+matrix_bot_baibot_version: v1.13.0
 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
 matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
 matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
@@ -70,6 +70,23 @@ matrix_bot_baibot_config_user_password: ''
 # Also see: `matrix_bot_baibot_config_user_mxid_localpart`
 matrix_bot_baibot_config_user_name: baibot
 # Controls the `user.avatar` configuration setting.
 #
 # An optional path to an image file to be used as a custom avatar image.
 # This path should be an in-container path (e.g., `/data/avatar.png`).
 # Any type of content type is supported, but stick to common image formats (PNG, JPG, ..) for better compatibility with various Matrix clients.
 #
 # To use a custom avatar:
 # - Use the auxiliary role (`aux_` variables) to upload your avatar file to the server (e.g. to {{ matrix_bot_baibot_data_path }}/avatar.png on the host),
 #   or do it any other way (without Ansible) you prefer
 # - Set this variable to something like `/data/avatar.png` (the in-container path)
 #
 # Possible values:
 # - null or empty string: use the default baibot avatar
 # - "keep": don't touch the avatar, keep whatever is already set (useful if you manage the avatar via other means)
 # - any other value: path to a custom avatar image file (must be an in-container path like `/data/avatar.png`)
 matrix_bot_baibot_config_user_avatar: null
 # Controls the `user.encryption.recovery_passphrase` configuration setting.
 #
 # An optional passphrase to use for backing up and recovering the bot's encryption keys.
@@ -368,7 +385,7 @@ matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key: ""
 matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_enabled: true
 # For valid model choices, see: https://platform.openai.com/docs/models
-matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-5.1
+matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-5.2
 # The prompt text to use (can be null or empty to not use a prompt).
 # See: https://huggingface.co/docs/transformers/en/tasks/prompting
 matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}"
@@ -389,7 +406,7 @@ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_
 matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_response_format: opus
 matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_enabled: true
-matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_model_id: gpt-image-1
+matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_model_id: gpt-image-1.5
 matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_style: null
 matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_size: null
 matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_quality: null
--- a/roles/custom/matrix-bot-baibot/templates/config.yaml.j2
+++ b/roles/custom/matrix-bot-baibot/templates/config.yaml.j2
@@ -21,6 +21,12 @@ user:
  # Leave empty to use the default (baibot).
  name: {{ matrix_bot_baibot_config_user_name | to_json }}
  # An optional path to an image file to be used as a custom avatar image.
  # - null or empty string: use the default avatar
  # - "keep": don't touch the avatar, keep whatever is already set
  # - any other value: path to a custom avatar image file
  avatar: {{ matrix_bot_baibot_config_user_avatar | to_json }}
  encryption:
    # An optional passphrase to use for backing up and recovering the bot's encryption keys.
    # You can use any string here.
--- a/roles/custom/matrix-bot-draupnir/defaults/main.yml
+++ b/roles/custom/matrix-bot-draupnir/defaults/main.yml
@@ -12,7 +12,7 @@
 matrix_bot_draupnir_enabled: true
 # renovate: datasource=docker depName=gnuxie/draupnir
-matrix_bot_draupnir_version: "v2.8.0"
+matrix_bot_draupnir_version: "v2.9.0"
 matrix_bot_draupnir_container_image_self_build: false
 matrix_bot_draupnir_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"
--- a/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml
+++ b/roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml
@@ -10,7 +10,7 @@
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - "matrix_bot_matrix_registration_bot_bot_password"
    - "matrix_bot_matrix_registration_bot_api_base_url"
--- a/roles/custom/matrix-bot-mjolnir/tasks/validate_config.yml
+++ b/roles/custom/matrix-bot-mjolnir/tasks/validate_config.yml
@@ -18,14 +18,14 @@
    - {'name': 'matrix_bot_mjolnir_raw_homeserver_url', when: true}
    - {'name': 'matrix_bot_mjolnir_pantalaimon_username', when: "{{ matrix_bot_mjolnir_pantalaimon_use }}"}
    - {'name': 'matrix_bot_mjolnir_pantalaimon_password', when: "{{ matrix_bot_mjolnir_pantalaimon_use }}"}
-  when: "item.when | bool and (vars[item.name] == '' or vars[item.name] is none)"
+  when: "item.when | bool and (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
 - name: Fail if inappropriate variables are defined
  ansible.builtin.fail:
    msg: "The `{{ item.name }}` variable must be undefined or have a null value."
  with_items:
    - {'name': 'matrix_bot_mjolnir_access_token', when: "{{ matrix_bot_mjolnir_pantalaimon_use }}"}
-  when: "item.when | bool and not (vars[item.name] == '' or vars[item.name] is none)"
+  when: "item.when | bool and not (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
 - name: (Deprecation) Catch and report renamed Mjolnir settings
  ansible.builtin.fail:
--- a/roles/custom/matrix-bridge-hookshot/defaults/main.yml
+++ b/roles/custom/matrix-bridge-hookshot/defaults/main.yml
@@ -29,7 +29,7 @@ matrix_hookshot_container_additional_networks_auto: []
 matrix_hookshot_container_additional_networks_custom: []
 # renovate: datasource=docker depName=halfshot/matrix-hookshot
-matrix_hookshot_version: 7.2.0
+matrix_hookshot_version: 7.3.1
 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_registry_prefix }}matrix-org/matrix-hookshot:{{ matrix_hookshot_version }}"
 matrix_hookshot_docker_image_registry_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_hookshot_docker_image_registry_prefix_upstream }}"
@@ -72,8 +72,9 @@ matrix_hookshot_cache_redisUri: "{{ ('redis://' + matrix_hookshot_cache_redis_ho
 # Controls whether the end-to-bridge encryption support is enabled.
 # This requires that:
 # - support to also be enabled in the homeserver, see the documentation of Hookshot.
-# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables.
+# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables. Note that this is configured automatically by the playbook when encryption is enabled.
 # See: https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html
 # NOTE: Encryption is not currently (2025-12-30) supported when using MAS (https://github.com/matrix-org/matrix-hookshot/issues/1084)
 matrix_hookshot_encryption_enabled: "{{ matrix_bridges_encryption_enabled }}"
 # Controls whether metrics are enabled in the bridge configuration.
@@ -241,6 +242,18 @@ matrix_hookshot_widgets_branding_widgetTitle: "Hookshot Configuration"   # noqa
 #         level: admin
 matrix_hookshot_permissions: []
 # Static connections that can be configured by an administrator, as documented here:
 # https://matrix-org.github.io/matrix-hookshot/latest/usage/static_connections.html
 # Currently only generic webhooks are supported.
 # Example:
 # matrix_hookshot_connections:
 #   - connectionType: uk.half-shot.matrix-hookshot.generic.hook
 #     stateKey: my-unique-webhook-id
 #     roomId: "!room-id"
 #     state:
 #       name: My Static Webhook
 matrix_hookshot_connections: []
 matrix_hookshot_bot_displayname: Hookshot Bot
 matrix_hookshot_bot_avatar: 'mxc://half-shot.uk/2876e89ccade4cb615e210c458e2a7a6883fe17d'
--- a/roles/custom/matrix-bridge-hookshot/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-hookshot/templates/config.yaml.j2
@@ -137,6 +137,7 @@ widgets:
 {% if matrix_hookshot_permissions %}
 permissions: {{ matrix_hookshot_permissions | to_json }}
 {% endif %}
 connections: {{ matrix_hookshot_connections | to_json }}
 listeners:
  # (Optional) HTTP Listener configuration.
  # Bind resource endpoints to ports and addresses.
--- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
@@ -18,7 +18,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma
 matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages
-matrix_mautrix_gmessages_version: v0.2511.0
+matrix_mautrix_gmessages_version: v0.2601.0
 # See: https://mau.dev/mautrix/gmessages/container_registry
 matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_registry_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}"
--- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
@@ -20,7 +20,7 @@ matrix_mautrix_meta_instagram_enabled: true
 matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
-matrix_mautrix_meta_instagram_version: v0.2511.0
+matrix_mautrix_meta_instagram_version: v0.2512.0
 matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram"
 matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config"
--- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
@@ -20,7 +20,7 @@ matrix_mautrix_meta_messenger_enabled: true
 matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
-matrix_mautrix_meta_messenger_version: v0.2511.0
+matrix_mautrix_meta_messenger_version: v0.2512.0
 matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger"
 matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config"
--- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
@@ -25,7 +25,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/
 matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
-matrix_mautrix_signal_version: v0.2511.0
+matrix_mautrix_signal_version: v0.2601.0
 # See: https://mau.dev/mautrix/signal/container_registry
 matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_registry_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}"
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
@@ -28,7 +28,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri
 matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp
-matrix_mautrix_whatsapp_version: v0.2511.0
+matrix_mautrix_whatsapp_version: v0.2601.0
 # See: https://mau.dev/mautrix/whatsapp/container_registry
 matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_registry_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
--- a/roles/custom/matrix-bridge-mautrix-wsproxy/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-wsproxy/tasks/validate_config.yml
@@ -9,7 +9,7 @@
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - "matrix_mautrix_androidsms_appservice_token"
    - "matrix_mautrix_androidsms_homeserver_token"
--- a/roles/custom/matrix-bridge-postmoogle/defaults/main.yml
+++ b/roles/custom/matrix-bridge-postmoogle/defaults/main.yml
@@ -18,7 +18,7 @@ matrix_postmoogle_docker_repo_version: "{{ 'main' if matrix_postmoogle_version =
 matrix_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src"
 # renovate: datasource=docker depName=ghcr.io/etkecc/postmoogle
-matrix_postmoogle_version: v0.9.27
+matrix_postmoogle_version: v0.9.28
 matrix_postmoogle_docker_image: "{{ matrix_postmoogle_docker_image_registry_prefix }}etkecc/postmoogle:{{ matrix_postmoogle_version }}"
 matrix_postmoogle_docker_image_registry_prefix: "{{ 'localhost/' if matrix_postmoogle_container_image_self_build else matrix_postmoogle_docker_image_registry_prefix_upstream }}"
 matrix_postmoogle_docker_image_registry_prefix_upstream: "{{ matrix_postmoogle_docker_image_registry_prefix_upstream_default }}"
--- a/roles/custom/matrix-bridge-sms/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-sms/tasks/validate_config.yml
@@ -11,7 +11,7 @@
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - "matrix_sms_bridge_appservice_token"
    - "matrix_sms_bridge_homeserver_hostname"
--- a/roles/custom/matrix-bridge-steam/defaults/main.yml
+++ b/roles/custom/matrix-bridge-steam/defaults/main.yml
@@ -13,7 +13,7 @@ matrix_steam_bridge_container_image_self_build_repo: "https://github.com/jasonla
 matrix_steam_bridge_container_image_self_build_repo_version: "{{ 'main' if matrix_steam_bridge_version == 'latest' else matrix_steam_bridge_version }}"
 # renovate: datasource=docker depName=ghcr.io/jasonlaguidice/matrix-steam-bridge
-matrix_steam_bridge_version: 1.0.8
+matrix_steam_bridge_version: 1.1.0
 matrix_steam_bridge_docker_image: "{{ matrix_steam_bridge_docker_image_registry_prefix }}jasonlaguidice/matrix-steam-bridge:{{ matrix_steam_bridge_version }}"
 matrix_steam_bridge_docker_image_registry_prefix: "{{ 'localhost/' if matrix_steam_bridge_container_image_self_build else matrix_steam_bridge_docker_image_registry_prefix_upstream }}"
 matrix_steam_bridge_docker_image_registry_prefix_upstream: "{{ matrix_steam_bridge_docker_image_registry_prefix_upstream_default }}"
--- a/roles/custom/matrix-cactus-comments-client/defaults/main.yml
+++ b/roles/custom/matrix-cactus-comments-client/defaults/main.yml
@@ -18,7 +18,7 @@ matrix_cactus_comments_client_public_path: "{{ matrix_cactus_comments_client_bas
 matrix_cactus_comments_client_public_path_file_permissions: "0644"
 # renovate: datasource=docker depName=joseluisq/static-web-server
-matrix_cactus_comments_client_version: 2.40.0
+matrix_cactus_comments_client_version: 2.40.1
 matrix_cactus_comments_client_container_image: "{{ matrix_cactus_comments_client_container_image_registry_prefix }}joseluisq/static-web-server:{{ matrix_cactus_comments_client_container_image_tag }}"
 matrix_cactus_comments_client_container_image_registry_prefix: "{{ matrix_cactus_comments_client_container_image_registry_prefix_upstream }}"
--- a/roles/custom/matrix-cactus-comments-client/tasks/validate_config.yml
+++ b/roles/custom/matrix-cactus-comments-client/tasks/validate_config.yml
@@ -8,7 +8,7 @@
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - matrix_cactus_comments_client_hostname
    - matrix_cactus_comments_client_path_prefix
--- a/roles/custom/matrix-cactus-comments/tasks/validate_config.yml
+++ b/roles/custom/matrix-cactus-comments/tasks/validate_config.yml
@@ -24,7 +24,7 @@
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - "matrix_cactus_comments_as_token"
    - "matrix_cactus_comments_hs_token"
--- a/roles/custom/matrix-client-element/defaults/main.yml
+++ b/roles/custom/matrix-client-element/defaults/main.yml
@@ -29,7 +29,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme
 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_facts['memtotal_mb'] < 4096 }}"
 # renovate: datasource=docker depName=ghcr.io/element-hq/element-web
-matrix_client_element_version: v1.12.4
+matrix_client_element_version: v1.12.8
 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_registry_prefix }}element-hq/element-web:{{ matrix_client_element_version }}"
 matrix_client_element_docker_image_registry_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_client_element_docker_image_registry_prefix_upstream }}"
--- a/roles/custom/matrix-client-fluffychat/defaults/main.yml
+++ b/roles/custom/matrix-client-fluffychat/defaults/main.yml
@@ -13,7 +13,7 @@ matrix_client_fluffychat_container_image_self_build_repo: "https://github.com/et
 matrix_client_fluffychat_container_image_self_build_version: "{{ 'main' if matrix_client_fluffychat_version == 'latest' else matrix_client_fluffychat_version }}"
 # renovate: datasource=docker depName=ghcr.io/etkecc/fluffychat-web
-matrix_client_fluffychat_version: v2.2.0
+matrix_client_fluffychat_version: v2.4.0
 matrix_client_fluffychat_docker_image: "{{ matrix_client_fluffychat_docker_image_registry_prefix }}etkecc/fluffychat-web:{{ matrix_client_fluffychat_version }}"
 matrix_client_fluffychat_docker_image_registry_prefix: "{{ 'localhost/' if matrix_client_fluffychat_container_image_self_build else matrix_client_fluffychat_docker_image_registry_prefix_upstream }}"
 matrix_client_fluffychat_docker_image_registry_prefix_upstream: "{{ matrix_client_fluffychat_docker_image_registry_prefix_upstream_default }}"
--- a/roles/custom/matrix-client-fluffychat/tasks/validate_config.yml
+++ b/roles/custom/matrix-client-fluffychat/tasks/validate_config.yml
@@ -9,7 +9,7 @@
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item }}`) for using FluffyChat Web.
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - matrix_client_fluffychat_container_network
@@ -27,7 +27,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`).
-      when: "vars[item] == ''"
+      when: "lookup('vars', item, default='') == ''"
      with_items:
        - matrix_client_fluffychat_container_labels_traefik_hostname
        - matrix_client_fluffychat_container_labels_traefik_path_prefix
--- a/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml
+++ b/roles/custom/matrix-client-hydrogen/tasks/validate_config.yml
@@ -30,7 +30,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`).
-      when: "vars[item] == ''"
+      when: "lookup('vars', item, default='') == ''"
      with_items:
        - matrix_client_hydrogen_container_labels_traefik_hostname
        - matrix_client_hydrogen_container_labels_traefik_path_prefix
--- a/roles/custom/matrix-client-schildichat/tasks/validate_config.yml
+++ b/roles/custom/matrix-client-schildichat/tasks/validate_config.yml
@@ -20,7 +20,7 @@
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item }}`) for using SchildiChat Web.
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - matrix_client_schildichat_default_hs_url
    - matrix_client_schildichat_container_network
@@ -39,7 +39,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`).
-      when: "vars[item] == ''"
+      when: "lookup('vars', item, default='') == ''"
      with_items:
        - matrix_client_schildichat_container_labels_traefik_hostname
        - matrix_client_schildichat_container_labels_traefik_path_prefix
--- a/roles/custom/matrix-conduit/defaults/main.yml
+++ b/roles/custom/matrix-conduit/defaults/main.yml
@@ -19,7 +19,7 @@ matrix_conduit_docker_image_registry_prefix: "{{ matrix_conduit_docker_image_reg
 matrix_conduit_docker_image_registry_prefix_upstream: "{{ matrix_conduit_docker_image_registry_prefix_upstream_default }}"
 matrix_conduit_docker_image_registry_prefix_upstream_default: docker.io/
 # renovate: datasource=docker depName=matrixconduit/matrix-conduit
-matrix_conduit_docker_image_tag: "v0.10.9"
+matrix_conduit_docker_image_tag: "v0.10.11"
 matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}"
 matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit"
--- a/roles/custom/matrix-coturn/defaults/main.yml
+++ b/roles/custom/matrix-coturn/defaults/main.yml
@@ -18,6 +18,8 @@
 matrix_coturn_enabled: true
 matrix_coturn_hostname: ''
 matrix_coturn_container_image_self_build: false
 matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn"
 matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}"
@@ -111,6 +113,9 @@ matrix_coturn_container_turn_range_listen_interface: "{{ '' if matrix_coturn_con
 matrix_coturn_turn_udp_min_port: 49152
 matrix_coturn_turn_udp_max_port: 49172
 # Controls the `realm` configuration option
 matrix_coturn_realm: "turn.{{ matrix_coturn_hostname }}"
 # Controls which authentication method to enable.
 #
 # lt-cred-mech likely provides better compatibility,
--- a/roles/custom/matrix-coturn/tasks/validate_config.yml
+++ b/roles/custom/matrix-coturn/tasks/validate_config.yml
@@ -29,6 +29,7 @@
      You need to define a required configuration setting (`{{ item.name }}`).
  when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
  with_items:
    - {'name': 'matrix_coturn_hostname', when: true}
    - {'name': 'matrix_coturn_turn_static_auth_secret', when: "{{ matrix_coturn_authentication_method == 'auth-secret' }}"}
    - {'name': 'matrix_coturn_lt_cred_mech_username', when: "{{ matrix_coturn_authentication_method == 'lt-cred-mech' }}"}
    - {'name': 'matrix_coturn_lt_cred_mech_password', when: "{{ matrix_coturn_authentication_method == 'lt-cred-mech' }}"}
--- a/roles/custom/matrix-coturn/templates/turnserver.conf.j2
+++ b/roles/custom/matrix-coturn/templates/turnserver.conf.j2
@@ -11,7 +11,7 @@ lt-cred-mech
 user={{ matrix_coturn_lt_cred_mech_username }}:{{ matrix_coturn_lt_cred_mech_password }}
 {% endif %}
-realm=turn.{{ matrix_server_fqn_matrix }}
+realm={{ matrix_coturn_realm }}
 min-port={{ matrix_coturn_turn_udp_min_port }}
 max-port={{ matrix_coturn_turn_udp_max_port }}
--- a/roles/custom/matrix-coturn/vars/main.yml
+++ b/roles/custom/matrix-coturn/vars/main.yml
@@ -7,15 +7,15 @@
 matrix_coturn_turn_uris: |-
  {{
    ([
-      'turns:' + matrix_server_fqn_matrix + '?transport=udp',
+      'turns:' + matrix_coturn_hostname + '?transport=udp',
-      'turns:' + matrix_server_fqn_matrix + '?transport=tcp',
+      'turns:' + matrix_coturn_hostname + '?transport=tcp',
    ] if matrix_coturn_tls_enabled else [])
    +
    ([
-      'turn:' + matrix_server_fqn_matrix + '?transport=udp',
+      'turn:' + matrix_coturn_hostname + '?transport=udp',
    ] if (matrix_coturn_container_stun_plain_host_bind_port_udp != '' or matrix_coturn_container_network == 'host')  else [])
    +
    ([
-      'turn:' + matrix_server_fqn_matrix + '?transport=tcp',
+      'turn:' + matrix_coturn_hostname + '?transport=tcp',
    ] if (matrix_coturn_container_stun_plain_host_bind_port_tcp != '' or matrix_coturn_container_network == 'host')  else [])
  }}
--- a/roles/custom/matrix-dimension/tasks/validate_config.yml
+++ b/roles/custom/matrix-dimension/tasks/validate_config.yml
@@ -39,7 +39,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`).
-      when: "vars[item] == ''"
+      when: "lookup('vars', item, default='') == ''"
      with_items:
        - matrix_dimension_container_labels_traefik_hostname
        - matrix_dimension_container_labels_traefik_path_prefix
--- a/roles/custom/matrix-element-admin/defaults/main.yml
+++ b/roles/custom/matrix-element-admin/defaults/main.yml
@@ -11,7 +11,7 @@
 matrix_element_admin_enabled: true
 # renovate: datasource=docker depName=oci.element.io/element-admin
-matrix_element_admin_version: 0.1.9
+matrix_element_admin_version: 0.1.10
 matrix_element_admin_scheme: https
--- a/roles/custom/matrix-element-call/defaults/main.yml
+++ b/roles/custom/matrix-element-call/defaults/main.yml
@@ -21,7 +21,7 @@ matrix_element_call_enabled: false
 matrix_rtc_enabled: "{{ matrix_element_call_enabled }}"
 # renovate: datasource=docker depName=ghcr.io/element-hq/element-call
-matrix_element_call_version: v0.16.1
+matrix_element_call_version: v0.16.3
 matrix_element_call_scheme: https
--- a/roles/custom/matrix-element-call/tasks/validate_config.yml
+++ b/roles/custom/matrix-element-call/tasks/validate_config.yml
@@ -17,7 +17,7 @@
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item.name }}`).
-  when: "item.when | bool and vars[item.name] | string | length == 0"
+  when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
  with_items:
    - {'name': 'matrix_element_call_container_network', when: true}
    - {'name': 'matrix_element_call_hostname', when: true}
--- a/roles/custom/matrix-ldap-registration-proxy/tasks/validate_config.yml
+++ b/roles/custom/matrix-ldap-registration-proxy/tasks/validate_config.yml
@@ -11,7 +11,7 @@
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - "matrix_ldap_registration_proxy_hostname"
    - "matrix_ldap_registration_proxy_ldap_uri"
--- a/roles/custom/matrix-livekit-jwt-service/defaults/main.yml
+++ b/roles/custom/matrix-livekit-jwt-service/defaults/main.yml
@@ -25,7 +25,7 @@ matrix_livekit_jwt_service_container_additional_networks_auto: []
 matrix_livekit_jwt_service_container_additional_networks_custom: []
 # renovate: datasource=docker depName=ghcr.io/element-hq/lk-jwt-service
-matrix_livekit_jwt_service_version: 0.3.0
+matrix_livekit_jwt_service_version: 0.4.1
 matrix_livekit_jwt_service_container_image_self_build: false
 matrix_livekit_jwt_service_container_repo: "https://github.com/element-hq/lk-jwt-service.git"
@@ -68,8 +68,15 @@ matrix_livekit_jwt_service_container_labels_additional_labels: ''
 # A list of extra arguments to pass to the container
 matrix_livekit_jwt_service_container_extra_arguments: []
-# Controls the LK_JWT_PORT environment variable
+# Controls the port that the service listens on internally in the container.
-matrix_livekit_jwt_service_environment_variable_livekit_jwt_port: 8080
+# This is still used for Traefik configuration and container port binding.
 matrix_livekit_jwt_service_container_port: 8080
 # Controls the LIVEKIT_JWT_BIND environment variable.
 # This is the preferred method in v0.4.0+, replacing the deprecated LIVEKIT_JWT_PORT.
 # Format: "host:port" or ":port" (to bind to all interfaces).
 # The default ":8080" binds to all interfaces on port 8080.
 matrix_livekit_jwt_service_environment_variable_livekit_jwt_bind: ":{{ matrix_livekit_jwt_service_container_port }}"
 # Controls the LIVEKIT_KEY environment variable
 matrix_livekit_jwt_service_environment_variable_livekit_key: ""
--- a/roles/custom/matrix-livekit-jwt-service/tasks/main.yml
+++ b/roles/custom/matrix-livekit-jwt-service/tasks/main.yml
@@ -8,7 +8,7 @@
 - tags:
    - setup-all
-    - setup-jwt-service
+    - setup-livekit-jwt-service
    - install-all
    - install-livekit-jwt-service
  block:
--- a/roles/custom/matrix-livekit-jwt-service/tasks/validate_config.yml
+++ b/roles/custom/matrix-livekit-jwt-service/tasks/validate_config.yml
@@ -6,6 +6,15 @@
 ---
 - name: (Deprecation) Catch and report renamed LiveKit JWT Service settings
  ansible.builtin.fail:
    msg: >-
      Your configuration contains a variable, which now has a different name.
      Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml).
  when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
  with_items:
    - {'old': 'matrix_livekit_jwt_service_environment_variable_livekit_jwt_port', 'new': 'matrix_livekit_jwt_service_container_port'}
 - name: Fail if required LiveKit JWT Service settings are not defined
  ansible.builtin.fail:
    msg: >
--- a/roles/custom/matrix-livekit-jwt-service/templates/env.j2
+++ b/roles/custom/matrix-livekit-jwt-service/templates/env.j2
@@ -5,7 +5,7 @@ SPDX-FileCopyrightText: 2024 - 2025 Slavi Pantaleev
 SPDX-License-Identifier: AGPL-3.0-or-later
 #}
-LIVEKIT_JWT_PORT={{ matrix_livekit_jwt_service_environment_variable_livekit_jwt_port | int | to_json }}
+LIVEKIT_JWT_BIND={{ matrix_livekit_jwt_service_environment_variable_livekit_jwt_bind }}
 LIVEKIT_KEY={{ matrix_livekit_jwt_service_environment_variable_livekit_key }}
 LIVEKIT_URL={{ matrix_livekit_jwt_service_environment_variable_livekit_url }}
--- a/roles/custom/matrix-livekit-jwt-service/templates/labels.j2
+++ b/roles/custom/matrix-livekit-jwt-service/templates/labels.j2
@@ -10,7 +10,7 @@ traefik.enable=true
 traefik.docker.network={{ matrix_livekit_jwt_service_container_labels_traefik_docker_network }}
-traefik.http.services.matrix-livekit-jwt-service.loadbalancer.server.port={{ matrix_livekit_jwt_service_environment_variable_livekit_jwt_port }}
+traefik.http.services.matrix-livekit-jwt-service.loadbalancer.server.port={{ matrix_livekit_jwt_service_container_port }}
 {% set middlewares = [] %}
--- a/roles/custom/matrix-livekit-jwt-service/templates/systemd/matrix-livekit-jwt-service.service.j2
+++ b/roles/custom/matrix-livekit-jwt-service/templates/systemd/matrix-livekit-jwt-service.service.j2
@@ -20,7 +20,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
    --cap-drop=ALL \
    --network={{ matrix_livekit_jwt_service_container_network }} \
    {% if matrix_livekit_jwt_service_container_http_host_bind_port %}
-    -p {{ matrix_livekit_jwt_service_container_http_host_bind_port }}:{{ matrix_livekit_jwt_service_environment_variable_livekit_jwt_port }} \
+    -p {{ matrix_livekit_jwt_service_container_http_host_bind_port }}:{{ matrix_livekit_jwt_service_container_port }} \
    {% endif %}
    --env-file={{ matrix_livekit_jwt_service_base_path }}/env \
    --label-file={{ matrix_livekit_jwt_service_base_path }}/labels \
--- a/roles/custom/matrix-matrixto/defaults/main.yml
+++ b/roles/custom/matrix-matrixto/defaults/main.yml
@@ -28,13 +28,7 @@ matrix_matrixto_hostname: ""
 # technical limitations.
 matrix_matrixto_path_prefix: /
-matrix_matrixto_container_image: "{{ matrix_matrixto_container_image_registry_prefix }}shirahara/matrixto:{{ matrix_matrixto_container_image_tag }}"
+# There does not exist a known pre-built container image. It needs to be built locally.
 matrix_matrixto_container_image_tag: "{{ matrix_matrixto_version }}"
 matrix_matrixto_container_image_registry_prefix: "{{ matrix_matrixto_container_image_registry_prefix_upstream }}"
 matrix_matrixto_container_image_registry_prefix_upstream: "{{ matrix_matrixto_container_image_registry_prefix_upstream_default }}"
 matrix_matrixto_container_image_registry_prefix_upstream_default: ""
 matrix_matrixto_container_image_force_pull: "{{ matrix_matrixto_container_image.endswith(':latest') }}"
 matrix_matrixto_container_image_self_build: true
 matrix_matrixto_container_image_self_build_name: "shirahara/matrixto:{{ matrix_matrixto_container_image_self_build_repo_version }}"
 matrix_matrixto_container_image_self_build_repo: "https://seed.radicle.garden/z3Re1EQbd186vUQDwHByYiLadsVWY.git"
--- a/roles/custom/matrix-matrixto/tasks/install.yml
+++ b/roles/custom/matrix-matrixto/tasks/install.yml
@@ -25,35 +25,7 @@
    - env
    - labels
- name: Run if self-building of Matrix.to container image is not enabled
+- name: Ensure Matrix.to repository is present on self-build
  when: "not matrix_matrixto_container_image_self_build | bool"
  block:
    - name: Ensure Matrix.to container image is pulled via community.docker.docker_image
      when: devture_systemd_docker_base_container_image_pull_method == 'ansible-module'
      community.docker.docker_image:
        name: "{{ matrix_matrixto_container_image }}"
        source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
        force_source: "{{ matrix_matrixto_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
        force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_matrixto_container_image_force_pull }}"
      register: result
      retries: "{{ devture_playbook_help_container_retries_count }}"
      delay: "{{ devture_playbook_help_container_retries_delay }}"
      until: result is not failed
    - name: Ensure Matrix.to container image is pulled via ansible.builtin.command
      when: devture_systemd_docker_base_container_image_pull_method == 'command'
      ansible.builtin.command:
        cmd: "{{ devture_systemd_docker_base_host_command_docker }} pull {{ matrix_matrixto_container_image }}"
      register: result
      retries: "{{ devture_playbook_help_container_retries_count }}"
      delay: "{{ devture_playbook_help_container_retries_delay }}"
      until: result is not failed
      changed_when: "'Downloaded newer image' in result.stdout"
 - name: Run if self-building of Matrix.to container image is enabled
  when: "matrix_matrixto_container_image_self_build | bool"
  block:
    - name: Ensure Matrix.to repository is present on self-build
  ansible.builtin.git:
    repo: "{{ matrix_matrixto_container_image_self_build_repo }}"
    version: "{{ matrix_matrixto_container_image_self_build_repo_version }}"
@@ -61,7 +33,7 @@
    force: "yes"
  register: matrix_matrixto_git_pull_results
-    - name: Ensure Matrix.to container image is built
+- name: Ensure Matrix.to container image is built
  community.docker.docker_image:
    name: "{{ matrix_matrixto_container_image_self_build_name }}"
    source: build
--- a/roles/custom/matrix-matrixto/templates/systemd/matrix-matrixto.service.j2
+++ b/roles/custom/matrix-matrixto/templates/systemd/matrix-matrixto.service.j2
@@ -40,7 +40,7 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
      {% for arg in matrix_matrixto_container_extra_arguments %}
      {{ arg }} \
      {% endfor %}
-      {{ matrix_matrixto_container_image_self_build_name if matrix_matrixto_container_image_self_build else matrix_matrixto_container_image }}
+      {{ matrix_matrixto_container_image_self_build_name }}
 {% for network in matrix_matrixto_container_additional_networks %}
 ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} {{ matrix_matrixto_identifier }}
--- a/roles/custom/matrix-media-repo/defaults/main.yml
+++ b/roles/custom/matrix-media-repo/defaults/main.yml
@@ -895,13 +895,7 @@ matrix_media_repo_redis_database_number: 0
 # The Redis shards that should be used by the media repo in the ring. The names of the
 # shards are for your reference and have no bearing on the connection, but must be unique.
-matrix_media_repo_redis_shards:
+matrix_media_repo_redis_shards: []
  - name: "server1"
    addr: ":7000"
  - name: "server2"
    addr: ":7001"
  - name: "server3"
    addr: ":7002"
 # Optional sentry (https://sentry.io/) configuration for the media repo
--- a/roles/custom/matrix-pantalaimon/tasks/validate_config.yml
+++ b/roles/custom/matrix-pantalaimon/tasks/validate_config.yml
@@ -9,7 +9,7 @@
    msg: "The `{{ item }}` variable must be defined and have a non-null value."
  with_items:
    - "matrix_pantalaimon_homeserver_url"
-  when: "vars[item] == '' or vars[item] is none"
+  when: "lookup('vars', item, default='') == '' or lookup('vars', item, default='') is none"
 - name: (Deprecation) Catch and report renamed Pantalaimon variables
  ansible.builtin.fail:
--- a/roles/custom/matrix-rageshake/tasks/validate_config.yml
+++ b/roles/custom/matrix-rageshake/tasks/validate_config.yml
@@ -9,7 +9,7 @@
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - matrix_rageshake_hostname
    - matrix_rageshake_path_prefix
@@ -29,7 +29,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`).
-      when: "vars[item] == ''"
+      when: "lookup('vars', item, default='') == ''"
      with_items:
        - matrix_rageshake_container_labels_traefik_hostname
        - matrix_rageshake_container_labels_traefik_path_prefix
--- a/roles/custom/matrix-static-files/defaults/main.yml
+++ b/roles/custom/matrix-static-files/defaults/main.yml
@@ -13,7 +13,7 @@ matrix_static_files_enabled: true
 matrix_static_files_identifier: matrix-static-files
 # renovate: datasource=docker depName=joseluisq/static-web-server
-matrix_static_files_version: 2.40.0
+matrix_static_files_version: 2.40.1
 matrix_static_files_base_path: "{{ matrix_base_data_path }}/{{ 'static-files' if matrix_static_files_identifier == 'matrix-static-files' else matrix_static_files_identifier }}"
 matrix_static_files_config_path: "{{ matrix_static_files_base_path }}/config"
--- a/roles/custom/matrix-sygnal/tasks/validate_config.yml
+++ b/roles/custom/matrix-sygnal/tasks/validate_config.yml
@@ -9,7 +9,7 @@
  ansible.builtin.fail:
    msg: >
      You need to define a required configuration setting (`{{ item }}`).
-  when: "vars[item] == ''"
+  when: "lookup('vars', item, default='') == ''"
  with_items:
    - matrix_sygnal_hostname
    - matrix_sygnal_path_prefix
@@ -21,7 +21,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`).
-      when: "vars[item] == ''"
+      when: "lookup('vars', item, default='') == ''"
      with_items:
        - matrix_sygnal_container_labels_traefik_hostname
        - matrix_sygnal_container_labels_traefik_path_prefix
--- a/roles/custom/matrix-synapse-admin/defaults/main.yml
+++ b/roles/custom/matrix-synapse-admin/defaults/main.yml
@@ -25,7 +25,7 @@ matrix_synapse_admin_container_image_self_build: false
 matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git"
 # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin
-matrix_synapse_admin_version: v0.11.1-etke49
+matrix_synapse_admin_version: v0.11.1-etke52
 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_registry_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}"
 matrix_synapse_admin_docker_image_registry_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else matrix_synapse_admin_docker_image_registry_prefix_upstream }}"
 matrix_synapse_admin_docker_image_registry_prefix_upstream: "{{ matrix_synapse_admin_docker_image_registry_prefix_upstream_default }}"
--- a/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml
+++ b/roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml
@@ -24,7 +24,7 @@
 matrix_synapse_reverse_proxy_companion_enabled: true
 # renovate: datasource=docker depName=nginx
-matrix_synapse_reverse_proxy_companion_version: 1.29.3-alpine
+matrix_synapse_reverse_proxy_companion_version: 1.29.4-alpine
 matrix_synapse_reverse_proxy_companion_base_path: "{{ matrix_synapse_base_path }}/reverse-proxy-companion"
 matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_proxy_companion_base_path }}/conf.d"
--- a/roles/custom/matrix-synapse/defaults/main.yml
+++ b/roles/custom/matrix-synapse/defaults/main.yml
@@ -16,7 +16,7 @@ matrix_synapse_enabled: true
 matrix_synapse_github_org_and_repo: element-hq/synapse
 # renovate: datasource=docker depName=ghcr.io/element-hq/synapse
-matrix_synapse_version: v1.143.0
+matrix_synapse_version: v1.145.0
 matrix_synapse_username: ''
 matrix_synapse_uid: ''
@@ -128,6 +128,8 @@ matrix_synapse_ext_path: "{{ matrix_synapse_base_path }}/ext"
 matrix_synapse_ext_s3_storage_provider_base_path: "{{ matrix_synapse_base_path }}/ext/s3-storage-provider"
 matrix_synapse_ext_s3_storage_provider_bin_path: "{{ matrix_synapse_ext_s3_storage_provider_base_path }}/bin"
 matrix_synapse_ext_s3_storage_provider_data_path: "{{ matrix_synapse_ext_s3_storage_provider_base_path }}/data"
 # extra arguments to pass to s3-storage-provider script when starting Synapse container
 matrix_synapse_ext_s3_storage_provider_container_arguments: []
 matrix_synapse_container_client_api_port: 8008
--- a/roles/custom/matrix-synapse/tasks/validate_config.yml
+++ b/roles/custom/matrix-synapse/tasks/validate_config.yml
@@ -138,7 +138,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`) when enabling `matrix_synapse_container_image_customizations_templates_enabled`.
-      when: "vars[item] == ''"
+      when: "lookup('vars', item, default='') == ''"
      with_items:
        - matrix_synapse_container_image_customizations_templates_git_repository_url
        - matrix_synapse_container_image_customizations_templates_git_repository_branch
@@ -147,7 +147,7 @@
      ansible.builtin.fail:
        msg: >-
          You need to define a required configuration setting (`{{ item }}`) when enabling `matrix_synapse_container_image_customizations_templates_git_repository_keyscan`.
-      when: "matrix_synapse_container_image_customizations_templates_git_repository_keyscan_enabled | bool and vars[item] == ''"
+      when: "matrix_synapse_container_image_customizations_templates_git_repository_keyscan_enabled | bool and lookup('vars', item, default='') == ''"
      with_items:
        - matrix_synapse_container_image_customizations_templates_git_repository_keyscan_hostname
--- a/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/migrate.j2
+++ b/roles/custom/matrix-synapse/templates/synapse/ext/s3-storage-provider/bin/migrate.j2
@@ -11,6 +11,9 @@ container_id=$(\
 	--workdir=/data \
 	--network={{ matrix_synapse_container_network }} \
 	--entrypoint=/bin/bash \
 	{% for arg in matrix_synapse_ext_s3_storage_provider_container_arguments %}
 	{{ arg }} \
 	{% endfor %}
 	{{ matrix_synapse_docker_image_final }} \
 	-c 's3_media_upload update-db $UPDATE_DB_DURATION && s3_media_upload --no-progress check-deleted $MEDIA_PATH && s3_media_upload --no-progress upload $MEDIA_PATH $BUCKET --delete --storage-class $STORAGE_CLASS --endpoint-url $ENDPOINT {% if matrix_synapse_ext_synapse_s3_storage_provider_config_sse_customer_enabled %}--sse-customer-algo $SSE_CUSTOMER_ALGO --sse-customer-key $SSE_CUSTOMER_KEY{% endif %}' \
 )
--- a/roles/custom/matrix-synapse/vars/main.yml
+++ b/roles/custom/matrix-synapse/vars/main.yml
@@ -200,12 +200,13 @@ matrix_synapse_workers_generic_worker_endpoints:
  - ^/_matrix/client/(r0|v3|unstable)/notifications$
  # Encryption requests
  # Note that ^/_matrix/client/(r0|v3|unstable)/keys/upload/ requires `worker_main_http_uri`
  - ^/_matrix/client/(r0|v3|unstable)/keys/query$
  - ^/_matrix/client/(r0|v3|unstable)/keys/changes$
  - ^/_matrix/client/(r0|v3|unstable)/keys/claim$
  - ^/_matrix/client/(r0|v3|unstable)/room_keys/
-  - ^/_matrix/client/(r0|v3|unstable)/keys/upload/
+  - ^/_matrix/client/(r0|v3|unstable)/keys/upload$
  - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/device_signing/upload$
  - ^/_matrix/client/(api/v1|r0|v3|unstable)/keys/signatures/upload$
  # Registration/login requests
  - ^/_matrix/client/(api/v1|r0|v3|unstable)/login$
@@ -223,6 +224,12 @@ matrix_synapse_workers_generic_worker_endpoints:
  - ^/_matrix/client/(api/v1|r0|v3|unstable)/knock/
  - ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/
  # Unstable MSC4140 support
  - ^/_matrix/client/unstable/org.matrix.msc4140/delayed_events(/.*/restart)?$
  # Admin API requests
  - ^/_synapse/admin/v2/users/[^/]+$
  # Start of intentionally-ignored-endpoints
  #
  # We ignore these below, because they're better sent to dedicated workers (various stream writers).
Author	SHA1	Message	Date
renovate[bot]	b6bf91c150	chore(deps): update dependency etherpad to v2.6.1-0	2026-01-27 12:53:38 +02:00
renovate[bot]	b0e70f419f	chore(deps): update dependency setuptools to v80.10.2	2026-01-26 08:15:49 +02:00
renovate[bot]	692c34ad9b	chore(deps): update halfshot/matrix-hookshot docker tag to v7.3.1	2026-01-24 20:07:34 +02:00
Slavi Pantaleev	97c2915034	Upgrade baibot (v1.12.0 -> v1.13.0)	2026-01-23 00:52:36 +02:00
renovate[bot]	292397234a	chore(deps): update dependency packaging to v26	2026-01-22 07:52:37 +02:00
renovate[bot]	82d6f3de2c	chore(deps): update dependency setuptools to v80.10.1	2026-01-21 15:49:57 +02:00
renovate[bot]	cc9234d3ba	chore(deps): update ghcr.io/etkecc/fluffychat-web docker tag to v2.4.0	2026-01-21 15:49:48 +02:00
renovate[bot]	47322a8d52	chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2026.1.21	2026-01-21 08:35:31 +02:00
Slavi Pantaleev	911031e2cf	Add support for Hookshot static connections (new in v7.3.0) This adds the matrix_hookshot_connections variable for configuring static webhook connections via the config file. See: https://github.com/matrix-org/matrix-hookshot/pull/1102	2026-01-20 16:10:30 +02:00
renovate[bot]	e01a79865c	chore(deps): update halfshot/matrix-hookshot docker tag to v7.3.0	2026-01-20 15:38:23 +02:00
renovate[bot]	ab97b94245	chore(deps): update dependency ntfy to v2.16.0-0	2026-01-20 11:56:58 +02:00
renovate[bot]	c8fc504470	chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.2601.0	2026-01-16 22:28:12 +02:00
renovate[bot]	a6c447ade3	chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.2601.0	2026-01-16 22:26:58 +02:00
renovate[bot]	aa69069627	chore(deps): update dock.mau.dev/mautrix/signal docker tag to v0.2601.0	2026-01-16 22:26:48 +02:00
renovate[bot]	fa22053bf1	chore(deps): update ansible/ansible-lint action to v26.1.1	2026-01-16 14:32:56 +02:00
renovate[bot]	a3ef7109b6	chore(deps): update dependency docker to v8	2026-01-15 21:29:26 +02:00
renovate[bot]	7c8a28d590	chore(deps): update ghcr.io/element-hq/lk-jwt-service docker tag to v0.4.1	2026-01-15 20:30:02 +02:00
renovate[bot]	28af19a1a7	chore(deps): update dependency myst-parser to v5	2026-01-15 14:44:50 +02:00
renovate[bot]	ea4b467cd3	chore(deps): update dependency livekit_server to v1.9.11-0	2026-01-15 14:43:30 +02:00
Slavi Pantaleev	bd6202eb65	Upgrade Traefik (v3.6.6-0 -> v3.6.7-1) and remove all (now-unnecessary) `encodedCharacters_` setting overrides All these `encodedCharacters_` settings default to `true` in Traefik v3.6.7, so we don't need to override their values. Ref: https://doc.traefik.io/traefik/v3.6/migrate/v3/#v367 Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4835	2026-01-15 14:40:38 +02:00
Aine	4d0cf32151	grafana: add /tmp tmpfs	2026-01-15 09:12:17 +00:00
renovate[bot]	1890f3a01a	chore(deps): update dependency jitsi to v10710	2026-01-14 16:52:49 +02:00
Slavi Pantaleev	ac5dc5d44f	Pull in some additional Synapse workers routing configuration Provoked by https://github.com/element-hq/synapse/pull/19281 which landed in Synapse v1.145.0, but we pull in a few other routes that I noticed to be missing.	2026-01-14 12:07:09 +02:00
renovate[bot]	a050107e0f	chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.145.0	2026-01-14 12:06:41 +02:00
renovate[bot]	41108b57e3	chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2026	2026-01-14 11:55:53 +02:00
renovate[bot]	78c7b61af8	chore(deps): update ghcr.io/element-hq/matrix-authentication-service docker tag to v1.9.0	2026-01-13 19:47:45 +02:00
renovate[bot]	b5c5f34ca4	chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.8	2026-01-13 19:46:26 +02:00
Slavi Pantaleev	e1bf0aebd2	Upgrade LiveKit (v1.9.10-0 -> v1.9.10-1)	2026-01-12 10:10:14 +02:00
Slavi Pantaleev	8a02d791ea	Add missing `:` to `matrix_media_repo_redis_shards` entry Ref: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4851#issuecomment-3732696383	2026-01-10 15:10:09 +02:00
akdk7	dd54691137	Automatically integate matrix-media-repo with Valkey (if enabled) (#4851 ) * This push request is about handling Traefik ipallowlist to synapse-admin application. It's my first push request. If I forgot something please let me know. :-) * Changed position of variable and naming for better expandebility of traefik options * Remove useless `noqa var-naming` comment and too many blank lines at the end of the file * If redis ist enabled for matrix media repo it failes to connect to valkey due to inproper configuration. * Updated solution for fixing MMR redis connection * Clean up * Update valkey_container_network condition --------- Co-authored-by: AkDk7 <joerg@pannbacker.email> Co-authored-by: Slavi Pantaleev <slavi@devture.com>	2026-01-10 15:07:12 +02:00
renovate[bot]	a3a2c568d0	chore(deps): update dependency prometheus_node_exporter to v1.9.1-13	2026-01-09 15:12:53 +02:00
renovate[bot]	0bc84a7129	chore(deps): update dependency prometheus_postgres_exporter to v0.18.1-2	2026-01-09 15:12:45 +02:00
Aine	afe5b06771	Synapse Admin v0.11.1-etke52	2026-01-09 08:43:28 +00:00
renovate[bot]	e4d0d42f04	chore(deps): update dependency traefik_certs_dumper to v2.10.0-4	2026-01-09 08:50:29 +02:00
dependabot[bot]	91711669c6	Bump ansible/ansible-lint from 25.12.2 to 26.1.0 Bumps [ansible/ansible-lint](https://github.com/ansible/ansible-lint) from 25.12.2 to 26.1.0. - [Release notes](https://github.com/ansible/ansible-lint/releases) - [Commits](https://github.com/ansible/ansible-lint/compare/v25.12.2...v26.1.0) --- updated-dependencies: - dependency-name: ansible/ansible-lint dependency-version: 26.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-01-08 18:43:23 +02:00
renovate[bot]	5fe789cd96	chore(deps): update dependency etherpad to v2.6.0-1	2026-01-08 18:43:00 +02:00
renovate[bot]	e4abe50daf	chore(deps): update dependency grafana to v11.6.5-5	2026-01-08 18:42:38 +02:00
renovate[bot]	e70d0d7673	chore(deps): update dependency auxiliary to v1.0.0-6	2026-01-08 15:12:39 +02:00
renovate[bot]	ae88c51dd7	chore(deps): update dependency container_socket_proxy to v0.4.2-1	2026-01-08 15:12:21 +02:00
renovate[bot]	9d7c224021	chore(deps): update dependency prometheus to v3.9.1-0	2026-01-08 12:07:41 +02:00
renovate[bot]	65213ff497	chore(deps): update ghcr.io/jasonlaguidice/matrix-steam-bridge docker tag to v1.1.0	2026-01-08 06:56:55 +02:00
renovate[bot]	13727bc0a2	chore(deps): update dependency urllib3 to v2.6.3	2026-01-07 21:23:23 +02:00
renovate[bot]	ed87ef7e50	chore(deps): update dependency prometheus to v3.9.0-0	2026-01-07 11:09:11 +02:00
Aine	858a4ab555	Synapse Admin v0.11.1-etke51	2026-01-06 09:47:01 +00:00
Slavi Pantaleev	5f3f57197e	Revert "Remove outdated warning about Postmoogle not working well with Matrix Authentication Service" This reverts commit `81b371e690`. Ref: `81b371e690 (commitcomment-173871096)`	2026-01-06 09:28:28 +02:00
renovate[bot]	4f00bb4789	chore(deps): update dependency certifi to v2026	2026-01-04 08:58:47 +02:00
renovate[bot]	5e558aab55	chore(deps): update dependency livekit_server to v1.9.10-0	2026-01-01 16:34:15 +02:00
renovate[bot]	e09d10419c	chore(deps): update dependency sphinx to v9.1.0	2025-12-31 19:29:23 +02:00
Mark Monteiro	e60ef27bb8	update instructions for user admin management with MAS This is now supported via the mas-cli management tool	2025-12-31 08:51:11 +02:00
Mark Monteiro	be7536390d	improve notes about configuring hookshot encryption - clarify that Redis is configured automatically - add note indicating that encryption is not currently supported when using MAS	2025-12-31 08:50:36 +02:00
renovate[bot]	e7612dc0ce	chore(deps): update matrixconduit/matrix-conduit docker tag to v0.10.11	2025-12-31 06:34:57 +02:00
renovate[bot]	6f736653e9	chore(deps): update dependency traefik to v3.6.6-0	2025-12-30 12:39:28 +02:00
Aine	1ca3c91fd7	etherpad v2.6.0	2025-12-28 23:27:56 +00:00
Slavi Pantaleev	edf833627e	Add `matrix_coturn_hostname` to allow for the Coturn domain to be different than `matrix_server_fqn_matrix`	2025-12-25 10:03:39 +02:00
Slavi Pantaleev	ed20b65912	Upgrade Traefik (v3.6.5-0 -> v3.6.5-1)	2025-12-25 09:57:33 +02:00
renovate[bot]	9cbc9c6b06	chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2025.12.24	2025-12-24 11:13:33 +02:00
Aine	484e94d493	add matrix_synapse_ext_s3_storage_provider_container_arguments var	2025-12-23 15:34:32 +00:00
renovate[bot]	b0f73f7966	chore(deps): update matrixconduit/matrix-conduit docker tag to v0.10.10	2025-12-23 05:38:22 +02:00
renovate[bot]	3c64fe6eb5	chore(deps): update ansible/ansible-lint action to v25.12.2	2025-12-23 05:36:44 +02:00
Aine	048ce7503d	borg v1.4.3	2025-12-22 12:37:51 +00:00
Aine	2161500e60	Merge pull request #4823 from spantaleev/renovate/backup_borg-1.x chore(deps): update dependency backup_borg to v1.4.2-2.0.13-0	2025-12-22 08:23:38 +00:00
renovate[bot]	927f6fa2e3	chore(deps): update dependency backup_borg to v1.4.2-2.0.13-0	2025-12-22 08:23:04 +00:00
Slavi Pantaleev	66c85f63e6	Update default OpenAI image generation model for baibot (gpt-image-1 -> gpt-image-1.5)	2025-12-21 23:28:36 +02:00
Slavi Pantaleev	9ea18d6f2d	Upgrade baibot (v1.11.0 -> v1.12.0)	2025-12-21 23:28:12 +02:00
Aine	a073f21a8f	Postmoogle v0.9.28	2025-12-21 17:07:14 +00:00
Suguru Hirahara	68337b6f45	Remove the tasks to retrieve a nonexistent container image for Matrix.to Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2025-12-19 19:17:18 +02:00
QEDeD	a8ef76735d	Narrow var-naming noqa to pattern	2025-12-19 15:01:39 +02:00
QEDeD	df6ac15324	Fix var-naming for encodedCharacters vars	2025-12-19 15:01:39 +02:00
renovate[bot]	ce14e60a02	chore(deps): update dependency docutils to v0.22.4	2025-12-18 23:17:22 +02:00
renovate[bot]	16bec7bfbb	chore(deps): update gnuxie/draupnir docker tag to v2.9.0	2025-12-18 16:48:46 +02:00
renovate[bot]	91e9d0b227	chore(deps): update dependency livekit_server to v1.9.9-0	2025-12-18 10:32:41 +02:00
renovate[bot]	c05849920d	chore(deps): update dependency traefik to v3.6.5-0	2025-12-17 08:00:51 +02:00
renovate[bot]	2e313f6c38	chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.2512.0	2025-12-17 05:47:06 +02:00
renovate[bot]	6d202a30fc	chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.7	2025-12-16 17:58:36 +02:00
renovate[bot]	42cfbc06cc	chore(deps): update dependency prometheus to v3.8.1-0	2025-12-16 17:03:19 +02:00
renovate[bot]	17898f6be2	chore(deps): update dock.mau.dev/mautrix/meta docker tag to v0.2512.0	2025-12-16 17:01:19 +02:00
renovate[bot]	a1df76f9d4	chore(deps): update dock.mau.dev/mautrix/signal docker tag to v0.2512.0	2025-12-16 17:00:44 +02:00
renovate[bot]	f2242246ec	chore(deps): update dependency container_socket_proxy to v0.4.2-0	2025-12-16 13:09:57 +02:00
Slavi Pantaleev	12bee503e0	Configure `encodedCharacters` for the `web` Traefik entrypoint (if `matrix_playbook_ssl_enabled` is `false`) to fix Traefik 3.6.3+ regression in those cases Continuation of `e7cb9eee79` Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4798	2025-12-15 17:00:49 +02:00
Slavi Pantaleev	e7cb9eee79	Configure `encodedCharacters` for various Traefik entrypoints to fix Traefik 3.6.3+ regression Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4798 Ref: https://doc.traefik.io/traefik/migrate/v3/#v364	2025-12-15 13:00:53 +02:00
Slavi Pantaleev	e813932240	Upgrade Traefik (v3.6.4-0 -> v3.6.4-1)	2025-12-15 12:34:43 +02:00
Slavi Pantaleev	98331ae970	Upgrade baibot (v1.10.0 -> v1.11.0) and add support for configuring a custom avatar	2025-12-15 10:27:44 +02:00
Aine	5612af92e8	FluffyChat v2.3.0	2025-12-14 12:30:14 +00:00
renovate[bot]	1f31975aef	chore(deps): update dessant/lock-threads action to v6	2025-12-12 18:54:31 +02:00
Slavi Pantaleev	fa3d05ea81	Bump OpenAI text-generation model for baibot (`gpt-5.1` -> `gpt-5.2`)	2025-12-12 16:03:40 +02:00
renovate[bot]	5c0c03893f	chore(deps): update dependency urllib3 to v2.6.2	2025-12-12 05:29:55 +02:00
renovate[bot]	f7a3bde4a7	chore(deps): update oci.element.io/element-admin docker tag to v0.1.10	2025-12-10 21:59:48 +02:00
renovate[bot]	52278a8108	chore(deps): update dependency livekit_server to v1.9.8-0	2025-12-10 21:59:17 +02:00
renovate[bot]	3a12aa7682	chore(deps): update ansible/ansible-lint action to v25.12.1	2025-12-10 16:39:34 +02:00
renovate[bot]	6a8a1dfa24	chore(deps): update dependency valkey to v9.0.1-0	2025-12-10 13:05:33 +02:00
renovate[bot]	aec4185135	chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.144.0	2025-12-10 06:47:15 +02:00
renovate[bot]	fd612f99fd	chore(deps): update nginx docker tag to v1.29.4	2025-12-10 06:42:59 +02:00
renovate[bot]	ddc5e094a3	chore(deps): update ghcr.io/element-hq/matrix-authentication-service docker tag to v1.8.0	2025-12-10 06:42:37 +02:00
renovate[bot]	c14d1bd1f4	chore(deps): update dependency sphinx to v9.0.4	2025-12-09 09:31:34 +02:00
The one with the braid	fe9f70517e	fix: migrate Traefik Cert Dumper configuration Relates to `904a98d56c`. Signed-off-by: The one with the braid <info@braid.business>	2025-12-09 09:30:53 +02:00
renovate[bot]	59ab28cab2	chore(deps): update dependency urllib3 to v2.6.1	2025-12-09 01:17:49 +02:00
renovate[bot]	904a98d56c	chore(deps): update dependency traefik_certs_dumper to v2.10.0-3	2025-12-08 20:33:46 +02:00
renovate[bot]	f36983bfdb	chore(deps): update joseluisq/static-web-server docker tag to v2.40.1	2025-12-08 11:25:51 +02:00
Slavi Pantaleev	88dcfbdaa7	Override `matrix_matrixto_base_path` in terms of `matrix_base_data_path` in `group_vars/matrix_servers` Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4787	2025-12-08 05:39:14 +02:00
renovate[bot]	d5580ea322	chore(deps): update dependency sphinx-markdown-builder to v0.6.9	2025-12-07 21:29:59 +02:00
Slavi Pantaleev	95884479c3	Fix tag name typo (`setup-jwt-service` -> `setup-livekit-jwt-service`) for the livekit-jwt-service role	2025-12-06 08:35:33 +02:00
Slavi Pantaleev	64fc64921c	Upgrade livekit-jwt-service (v0.3.0 -> v0.4.0) and adapt configuration Ref: https://github.com/element-hq/lk-jwt-service/releases/tag/v0.4.0 Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4784	2025-12-06 08:34:33 +02:00
Slavi Pantaleev	4238ec6e86	Upgrade baibot (v1.9.0 -> v1.10.0)	2025-12-06 07:12:48 +02:00
renovate[bot]	940dcb0162	chore(deps): update dependency traefik to v3.6.4-0	2025-12-06 07:04:50 +02:00
renovate[bot]	98663a8386	chore(deps): update dependency urllib3 to v2.6.0	2025-12-05 18:28:01 +02:00
Suguru Hirahara	bbfe345758	Update faq.md: add the section about coturn errors Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>	2025-12-05 17:37:50 +02:00
renovate[bot]	c7ed2deb22	chore(deps): update dependency livekit_server to v1.9.7-0	2025-12-05 14:56:06 +02:00
Aine	1bc70935a0	Synapse Admin v0.11.1-etke50	2025-12-04 18:55:40 +00:00
renovate[bot]	472bf1c58c	chore(deps): update dependency sphinx to v9.0.3	2025-12-04 06:29:36 +02:00
renovate[bot]	717c9bfd7d	chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.6	2025-12-03 21:15:42 +02:00
Slavi Pantaleev	325b22a302	Stop using deprecated `vars` variable in all other custom roles Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4776 Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4777	2025-12-02 21:32:15 +02:00
Kim Brose	f8f7406c51	Stop using deprecated `vars` variable for matrix-element-call	2025-12-02 20:10:35 +02:00
Kim Brose	caa2e338bc	Stop using deprecated `vars` variable for matrix-dimension	2025-12-02 20:10:35 +02:00
renovate[bot]	585d606856	chore(deps): update dependency prometheus to v3.8.0-0	2025-12-02 18:07:36 +02:00
dependabot[bot]	cf97144ed8	Bump ansible/ansible-lint from 25.11.1 to 25.12.0 Bumps [ansible/ansible-lint](https://github.com/ansible/ansible-lint) from 25.11.1 to 25.12.0. - [Release notes](https://github.com/ansible/ansible-lint/releases) - [Commits](https://github.com/ansible/ansible-lint/compare/v25.11.1...v25.12.0) --- updated-dependencies: - dependency-name: ansible/ansible-lint dependency-version: 25.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-12-02 18:07:25 +02:00
renovate[bot]	d5709e4596	chore(deps): update ghcr.io/element-hq/element-call docker tag to v0.16.3	2025-12-02 18:07:14 +02:00
renovate[bot]	1838840f65	chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.5	2025-12-02 18:06:41 +02:00