iartamonov/matrix-docker-ansible-deploy
1
0
Fork 0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2026-01-27 15:13:17 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: iartamonov:096b85bd966931c6ddca8196829c4b99f2fb664f
Branches Tags
iartamonov:master iartamonov:renovate/matrixdotorg-sygnal-0.x iartamonov:stabilize-mas iartamonov:element-call-stack iartamonov:element-call-integration iartamonov:synapse-cache-tuning iartamonov:HarHarLinks/hookshot-encryption
...
compare: iartamonov:master
Branches Tags
iartamonov:master iartamonov:renovate/matrixdotorg-sygnal-0.x iartamonov:stabilize-mas iartamonov:element-call-stack iartamonov:element-call-integration iartamonov:synapse-cache-tuning iartamonov:HarHarLinks/hookshot-encryption

191 Commits
096b85bd96 ... master

Author SHA1 Message Date
renovate[bot]
b6bf91c150 chore(deps): update dependency etherpad to v2.6.1-0 2026-01-27 12:53:38 +02:00
renovate[bot]
b0e70f419f chore(deps): update dependency setuptools to v80.10.2 2026-01-26 08:15:49 +02:00
renovate[bot]
692c34ad9b chore(deps): update halfshot/matrix-hookshot docker tag to v7.3.1 2026-01-24 20:07:34 +02:00
Slavi Pantaleev
97c2915034 Upgrade baibot (v1.12.0 -> v1.13.0) 2026-01-23 00:52:36 +02:00
renovate[bot]
292397234a chore(deps): update dependency packaging to v26 2026-01-22 07:52:37 +02:00
renovate[bot]
82d6f3de2c chore(deps): update dependency setuptools to v80.10.1 2026-01-21 15:49:57 +02:00
renovate[bot]
cc9234d3ba chore(deps): update ghcr.io/etkecc/fluffychat-web docker tag to v2.4.0 2026-01-21 15:49:48 +02:00
renovate[bot]
47322a8d52 chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2026.1.21 2026-01-21 08:35:31 +02:00
Slavi Pantaleev
911031e2cf Add support for Hookshot static connections (new in v7.3.0) 
This adds the matrix_hookshot_connections variable for configuring
static webhook connections via the config file.

See: https://github.com/matrix-org/matrix-hookshot/pull/1102
 2026-01-20 16:10:30 +02:00
renovate[bot]
e01a79865c chore(deps): update halfshot/matrix-hookshot docker tag to v7.3.0 2026-01-20 15:38:23 +02:00
renovate[bot]
ab97b94245 chore(deps): update dependency ntfy to v2.16.0-0 2026-01-20 11:56:58 +02:00
renovate[bot]
c8fc504470 chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.2601.0 2026-01-16 22:28:12 +02:00
renovate[bot]
a6c447ade3 chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.2601.0 2026-01-16 22:26:58 +02:00
renovate[bot]
aa69069627 chore(deps): update dock.mau.dev/mautrix/signal docker tag to v0.2601.0 2026-01-16 22:26:48 +02:00
renovate[bot]
fa22053bf1 chore(deps): update ansible/ansible-lint action to v26.1.1 2026-01-16 14:32:56 +02:00
renovate[bot]
a3ef7109b6 chore(deps): update dependency docker to v8 2026-01-15 21:29:26 +02:00
renovate[bot]
7c8a28d590 chore(deps): update ghcr.io/element-hq/lk-jwt-service docker tag to v0.4.1 2026-01-15 20:30:02 +02:00
renovate[bot]
28af19a1a7 chore(deps): update dependency myst-parser to v5 2026-01-15 14:44:50 +02:00
renovate[bot]
ea4b467cd3 chore(deps): update dependency livekit_server to v1.9.11-0 2026-01-15 14:43:30 +02:00
Slavi Pantaleev
bd6202eb65 Upgrade Traefik (v3.6.6-0 -> v3.6.7-1) and remove all (now-unnecessary) encodedCharacters_* setting overrides 
All these `encodedCharacters_*` settings default to `true` in Traefik v3.6.7,
so we don't need to override their values.

Ref: https://doc.traefik.io/traefik/v3.6/migrate/v3/#v367

Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4835
 2026-01-15 14:40:38 +02:00
Aine
4d0cf32151 grafana: add /tmp tmpfs 2026-01-15 09:12:17 +00:00
renovate[bot]
1890f3a01a chore(deps): update dependency jitsi to v10710 2026-01-14 16:52:49 +02:00
Slavi Pantaleev
ac5dc5d44f Pull in some additional Synapse workers routing configuration 
Provoked by https://github.com/element-hq/synapse/pull/19281
which landed in Synapse v1.145.0, but we pull in a few other routes
that I noticed to be missing.
 2026-01-14 12:07:09 +02:00
renovate[bot]
a050107e0f chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.145.0 2026-01-14 12:06:41 +02:00
renovate[bot]
41108b57e3 chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2026 2026-01-14 11:55:53 +02:00
renovate[bot]
78c7b61af8 chore(deps): update ghcr.io/element-hq/matrix-authentication-service docker tag to v1.9.0 2026-01-13 19:47:45 +02:00
renovate[bot]
b5c5f34ca4 chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.8 2026-01-13 19:46:26 +02:00
Slavi Pantaleev
e1bf0aebd2 Upgrade LiveKit (v1.9.10-0 -> v1.9.10-1) 2026-01-12 10:10:14 +02:00
Slavi Pantaleev
8a02d791ea Add missing : to matrix_media_repo_redis_shards entry 
Ref: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4851#issuecomment-3732696383
 2026-01-10 15:10:09 +02:00
akdk7
dd54691137 Automatically integate matrix-media-repo with Valkey (if enabled) (#4851) 
* This push request is about handling Traefik ipallowlist to synapse-admin application.

It's my first push request. If I forgot something please let me know. :-)

* Changed position of variable and naming for better expandebility of traefik options

* Remove useless `noqa var-naming` comment and too many blank lines at the end of the file

* If redis ist enabled for matrix media repo it failes to connect to valkey due to inproper configuration.

* Updated solution for fixing MMR redis connection

* Clean up

* Update valkey_container_network condition

---------

Co-authored-by: AkDk7 <joerg@pannbacker.email>
Co-authored-by: Slavi Pantaleev <slavi@devture.com>
 2026-01-10 15:07:12 +02:00
renovate[bot]
a3a2c568d0 chore(deps): update dependency prometheus_node_exporter to v1.9.1-13 2026-01-09 15:12:53 +02:00
renovate[bot]
0bc84a7129 chore(deps): update dependency prometheus_postgres_exporter to v0.18.1-2 2026-01-09 15:12:45 +02:00
Aine
afe5b06771 Synapse Admin v0.11.1-etke52 2026-01-09 08:43:28 +00:00
renovate[bot]
e4d0d42f04 chore(deps): update dependency traefik_certs_dumper to v2.10.0-4 2026-01-09 08:50:29 +02:00
dependabot[bot]
91711669c6 Bump ansible/ansible-lint from 25.12.2 to 26.1.0 
Bumps [ansible/ansible-lint](https://github.com/ansible/ansible-lint) from 25.12.2 to 26.1.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases)
- [Commits](https://github.com/ansible/ansible-lint/compare/v25.12.2...v26.1.0)

---
updated-dependencies:
- dependency-name: ansible/ansible-lint
  dependency-version: 26.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-08 18:43:23 +02:00
renovate[bot]
5fe789cd96 chore(deps): update dependency etherpad to v2.6.0-1 2026-01-08 18:43:00 +02:00
renovate[bot]
e4abe50daf chore(deps): update dependency grafana to v11.6.5-5 2026-01-08 18:42:38 +02:00
renovate[bot]
e70d0d7673 chore(deps): update dependency auxiliary to v1.0.0-6 2026-01-08 15:12:39 +02:00
renovate[bot]
ae88c51dd7 chore(deps): update dependency container_socket_proxy to v0.4.2-1 2026-01-08 15:12:21 +02:00
renovate[bot]
9d7c224021 chore(deps): update dependency prometheus to v3.9.1-0 2026-01-08 12:07:41 +02:00
renovate[bot]
65213ff497 chore(deps): update ghcr.io/jasonlaguidice/matrix-steam-bridge docker tag to v1.1.0 2026-01-08 06:56:55 +02:00
renovate[bot]
13727bc0a2 chore(deps): update dependency urllib3 to v2.6.3 2026-01-07 21:23:23 +02:00
renovate[bot]
ed87ef7e50 chore(deps): update dependency prometheus to v3.9.0-0 2026-01-07 11:09:11 +02:00
Aine
858a4ab555 Synapse Admin v0.11.1-etke51 2026-01-06 09:47:01 +00:00
Slavi Pantaleev
5f3f57197e Revert "Remove outdated warning about Postmoogle not working well with Matrix Authentication Service" 
This reverts commit 81b371e690.

Ref: 81b371e690 (commitcomment-173871096)
 2026-01-06 09:28:28 +02:00
renovate[bot]
4f00bb4789 chore(deps): update dependency certifi to v2026 2026-01-04 08:58:47 +02:00
renovate[bot]
5e558aab55 chore(deps): update dependency livekit_server to v1.9.10-0 2026-01-01 16:34:15 +02:00
renovate[bot]
e09d10419c chore(deps): update dependency sphinx to v9.1.0 2025-12-31 19:29:23 +02:00
Mark Monteiro
e60ef27bb8 update instructions for user admin management with MAS 
This is now supported via the mas-cli management tool
 2025-12-31 08:51:11 +02:00
Mark Monteiro
be7536390d improve notes about configuring hookshot encryption 
- clarify that Redis is configured automatically
- add note indicating that encryption is not currently supported when using MAS
 2025-12-31 08:50:36 +02:00
renovate[bot]
e7612dc0ce chore(deps): update matrixconduit/matrix-conduit docker tag to v0.10.11 2025-12-31 06:34:57 +02:00
renovate[bot]
6f736653e9 chore(deps): update dependency traefik to v3.6.6-0 2025-12-30 12:39:28 +02:00
Aine
1ca3c91fd7 etherpad v2.6.0 2025-12-28 23:27:56 +00:00
Slavi Pantaleev
edf833627e Add matrix_coturn_hostname to allow for the Coturn domain to be different than matrix_server_fqn_matrix 2025-12-25 10:03:39 +02:00
Slavi Pantaleev
ed20b65912 Upgrade Traefik (v3.6.5-0 -> v3.6.5-1) 2025-12-25 09:57:33 +02:00
renovate[bot]
9cbc9c6b06 chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2025.12.24 2025-12-24 11:13:33 +02:00
Aine
484e94d493 add matrix_synapse_ext_s3_storage_provider_container_arguments var 2025-12-23 15:34:32 +00:00
renovate[bot]
b0f73f7966 chore(deps): update matrixconduit/matrix-conduit docker tag to v0.10.10 2025-12-23 05:38:22 +02:00
renovate[bot]
3c64fe6eb5 chore(deps): update ansible/ansible-lint action to v25.12.2 2025-12-23 05:36:44 +02:00
Aine
048ce7503d borg v1.4.3 2025-12-22 12:37:51 +00:00
Aine
2161500e60 Merge pull request #4823 from spantaleev/renovate/backup_borg-1.x 
chore(deps): update dependency backup_borg to v1.4.2-2.0.13-0
 2025-12-22 08:23:38 +00:00
renovate[bot]
927f6fa2e3 chore(deps): update dependency backup_borg to v1.4.2-2.0.13-0 2025-12-22 08:23:04 +00:00
Slavi Pantaleev
66c85f63e6 Update default OpenAI image generation model for baibot (gpt-image-1 -> gpt-image-1.5) 2025-12-21 23:28:36 +02:00
Slavi Pantaleev
9ea18d6f2d Upgrade baibot (v1.11.0 -> v1.12.0) 2025-12-21 23:28:12 +02:00
Aine
a073f21a8f Postmoogle v0.9.28 2025-12-21 17:07:14 +00:00
Suguru Hirahara
68337b6f45 Remove the tasks to retrieve a nonexistent container image for Matrix.to 
Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-12-19 19:17:18 +02:00
QEDeD
a8ef76735d Narrow var-naming noqa to pattern 2025-12-19 15:01:39 +02:00
QEDeD
df6ac15324 Fix var-naming for encodedCharacters vars 2025-12-19 15:01:39 +02:00
renovate[bot]
ce14e60a02 chore(deps): update dependency docutils to v0.22.4 2025-12-18 23:17:22 +02:00
renovate[bot]
16bec7bfbb chore(deps): update gnuxie/draupnir docker tag to v2.9.0 2025-12-18 16:48:46 +02:00
renovate[bot]
91e9d0b227 chore(deps): update dependency livekit_server to v1.9.9-0 2025-12-18 10:32:41 +02:00
renovate[bot]
c05849920d chore(deps): update dependency traefik to v3.6.5-0 2025-12-17 08:00:51 +02:00
renovate[bot]
2e313f6c38 chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.2512.0 2025-12-17 05:47:06 +02:00
renovate[bot]
6d202a30fc chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.7 2025-12-16 17:58:36 +02:00
renovate[bot]
42cfbc06cc chore(deps): update dependency prometheus to v3.8.1-0 2025-12-16 17:03:19 +02:00
renovate[bot]
17898f6be2 chore(deps): update dock.mau.dev/mautrix/meta docker tag to v0.2512.0 2025-12-16 17:01:19 +02:00
renovate[bot]
a1df76f9d4 chore(deps): update dock.mau.dev/mautrix/signal docker tag to v0.2512.0 2025-12-16 17:00:44 +02:00
renovate[bot]
f2242246ec chore(deps): update dependency container_socket_proxy to v0.4.2-0 2025-12-16 13:09:57 +02:00
Slavi Pantaleev
12bee503e0 Configure encodedCharacters for the web Traefik entrypoint (if matrix_playbook_ssl_enabled is false) to fix Traefik 3.6.3+ regression in those cases 
Continuation of e7cb9eee79

Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4798
 2025-12-15 17:00:49 +02:00
Slavi Pantaleev
e7cb9eee79 Configure encodedCharacters for various Traefik entrypoints to fix Traefik 3.6.3+ regression 
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4798

Ref: https://doc.traefik.io/traefik/migrate/v3/#v364
 2025-12-15 13:00:53 +02:00
Slavi Pantaleev
e813932240 Upgrade Traefik (v3.6.4-0 -> v3.6.4-1) 2025-12-15 12:34:43 +02:00
Slavi Pantaleev
98331ae970 Upgrade baibot (v1.10.0 -> v1.11.0) and add support for configuring a custom avatar 2025-12-15 10:27:44 +02:00
Aine
5612af92e8 FluffyChat v2.3.0 2025-12-14 12:30:14 +00:00
renovate[bot]
1f31975aef chore(deps): update dessant/lock-threads action to v6 2025-12-12 18:54:31 +02:00
Slavi Pantaleev
fa3d05ea81 Bump OpenAI text-generation model for baibot (gpt-5.1 -> gpt-5.2) 2025-12-12 16:03:40 +02:00
renovate[bot]
5c0c03893f chore(deps): update dependency urllib3 to v2.6.2 2025-12-12 05:29:55 +02:00
renovate[bot]
f7a3bde4a7 chore(deps): update oci.element.io/element-admin docker tag to v0.1.10 2025-12-10 21:59:48 +02:00
renovate[bot]
52278a8108 chore(deps): update dependency livekit_server to v1.9.8-0 2025-12-10 21:59:17 +02:00
renovate[bot]
3a12aa7682 chore(deps): update ansible/ansible-lint action to v25.12.1 2025-12-10 16:39:34 +02:00
renovate[bot]
6a8a1dfa24 chore(deps): update dependency valkey to v9.0.1-0 2025-12-10 13:05:33 +02:00
renovate[bot]
aec4185135 chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.144.0 2025-12-10 06:47:15 +02:00
renovate[bot]
fd612f99fd chore(deps): update nginx docker tag to v1.29.4 2025-12-10 06:42:59 +02:00
renovate[bot]
ddc5e094a3 chore(deps): update ghcr.io/element-hq/matrix-authentication-service docker tag to v1.8.0 2025-12-10 06:42:37 +02:00
renovate[bot]
c14d1bd1f4 chore(deps): update dependency sphinx to v9.0.4 2025-12-09 09:31:34 +02:00
The one with the braid
fe9f70517e fix: migrate Traefik Cert Dumper configuration 
Relates to 904a98d56c.

Signed-off-by: The one with the braid <info@braid.business>
 2025-12-09 09:30:53 +02:00
renovate[bot]
59ab28cab2 chore(deps): update dependency urllib3 to v2.6.1 2025-12-09 01:17:49 +02:00
renovate[bot]
904a98d56c chore(deps): update dependency traefik_certs_dumper to v2.10.0-3 2025-12-08 20:33:46 +02:00
renovate[bot]
f36983bfdb chore(deps): update joseluisq/static-web-server docker tag to v2.40.1 2025-12-08 11:25:51 +02:00
Slavi Pantaleev
88dcfbdaa7 Override matrix_matrixto_base_path in terms of matrix_base_data_path in group_vars/matrix_servers 
Closes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4787
 2025-12-08 05:39:14 +02:00
renovate[bot]
d5580ea322 chore(deps): update dependency sphinx-markdown-builder to v0.6.9 2025-12-07 21:29:59 +02:00
Slavi Pantaleev
95884479c3 Fix tag name typo (setup-jwt-service -> setup-livekit-jwt-service) for the livekit-jwt-service role 2025-12-06 08:35:33 +02:00
Slavi Pantaleev
64fc64921c Upgrade livekit-jwt-service (v0.3.0 -> v0.4.0) and adapt configuration 
Ref: https://github.com/element-hq/lk-jwt-service/releases/tag/v0.4.0

Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4784
 2025-12-06 08:34:33 +02:00
Slavi Pantaleev
4238ec6e86 Upgrade baibot (v1.9.0 -> v1.10.0) 2025-12-06 07:12:48 +02:00
renovate[bot]
940dcb0162 chore(deps): update dependency traefik to v3.6.4-0 2025-12-06 07:04:50 +02:00
renovate[bot]
98663a8386 chore(deps): update dependency urllib3 to v2.6.0 2025-12-05 18:28:01 +02:00
Suguru Hirahara
bbfe345758 Update faq.md: add the section about coturn errors 
Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-12-05 17:37:50 +02:00
renovate[bot]
c7ed2deb22 chore(deps): update dependency livekit_server to v1.9.7-0 2025-12-05 14:56:06 +02:00
Aine
1bc70935a0 Synapse Admin v0.11.1-etke50 2025-12-04 18:55:40 +00:00
renovate[bot]
472bf1c58c chore(deps): update dependency sphinx to v9.0.3 2025-12-04 06:29:36 +02:00
renovate[bot]
717c9bfd7d chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.6 2025-12-03 21:15:42 +02:00
Slavi Pantaleev
325b22a302 Stop using deprecated vars variable in all other custom roles 
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4776

Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4777
 2025-12-02 21:32:15 +02:00
Kim Brose
f8f7406c51 Stop using deprecated vars variable for matrix-element-call 2025-12-02 20:10:35 +02:00
Kim Brose
caa2e338bc Stop using deprecated vars variable for matrix-dimension 2025-12-02 20:10:35 +02:00
renovate[bot]
585d606856 chore(deps): update dependency prometheus to v3.8.0-0 2025-12-02 18:07:36 +02:00
dependabot[bot]
cf97144ed8 Bump ansible/ansible-lint from 25.11.1 to 25.12.0 
Bumps [ansible/ansible-lint](https://github.com/ansible/ansible-lint) from 25.11.1 to 25.12.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases)
- [Commits](https://github.com/ansible/ansible-lint/compare/v25.11.1...v25.12.0)

---
updated-dependencies:
- dependency-name: ansible/ansible-lint
  dependency-version: 25.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-02 18:07:25 +02:00
renovate[bot]
d5709e4596 chore(deps): update ghcr.io/element-hq/element-call docker tag to v0.16.3 2025-12-02 18:07:14 +02:00
renovate[bot]
1838840f65 chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.5 2025-12-02 18:06:41 +02:00
Slavi Pantaleev
0041bd01c3 Upgrade Postgres (v18.1-2 -> v18.1-3) 2025-12-02 07:38:38 +02:00
renovate[bot]
aea799260f chore(deps): update dependency docker to v7.9.0 2025-12-02 06:31:45 +02:00
renovate[bot]
1ee83861c3 chore(deps): update dependency sphinx to v9.0.1 2025-12-01 20:10:45 +02:00
renovate[bot]
db793428a1 chore(deps): update dependency livekit_server to v1.9.6-0 2025-12-01 16:57:40 +02:00
Slavi Pantaleev
f31be1a725 Adapt to static-webserver v2.40.0 changes to the public directory 
Ref:

- https://github.com/static-web-server/static-web-server/releases/tag/v2.40.0
- https://github.com/static-web-server/static-web-server/pull/567
- https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4767

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4768

Regression since a451f1fcb1
 2025-12-01 13:50:06 +02:00
renovate[bot]
a451f1fcb1 chore(deps): update joseluisq/static-web-server docker tag to v2.40.0 2025-12-01 08:31:47 +02:00
Slavi Pantaleev
64d890300b Upgrade docker-sdk-for-python (c38854e4c8451520e20163af1dd5f657790332da -> 542a2d68db4e9a8e9bb4b508052760b900c7dce6) 2025-11-30 17:50:05 +02:00
renovate[bot]
7e0815c5ea chore(deps): update dependency sphinx to v9 2025-11-30 16:12:43 +02:00
Slavi Pantaleev
fb0a1bd489 Upgrade baibot (v1.8.3 -> v1.9.0) 2025-11-30 12:37:57 +02:00
Aine
bab3a47c50 fix zulip bridge service name on removal 2025-11-28 18:48:24 +00:00
renovate[bot]
a88c394ae0 chore(deps): update ghcr.io/matrix-org/rageshake docker tag to v1.17.1 2025-11-28 17:54:12 +02:00
Slavi Pantaleev
eda41e89c1 Upgrade baibot (v1.8.2 -> v1.8.3) 2025-11-28 14:53:31 +02:00
renovate[bot]
d1b480de65 chore(deps): update dependency backup_borg to v1.4.2-2.0.12-0
Some checks failed
Matrix CI / yamllint (push) Successful in 9s
Matrix CI / Run pre-commit (push) Failing after 58s
Matrix CI / ansible-lint (push) Successful in 11m4s
 2025-11-28 05:23:51 +02:00
renovate[bot]
2821774fca chore(deps): update ghcr.io/element-hq/matrix-authentication-service docker tag to v1.7.0
Some checks failed
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been skipped
Lock Threads / action (push) Has been skipped
 2025-11-27 03:22:44 +02:00
renovate[bot]
77a173f8b2 chore(deps): update oci.element.io/element-admin docker tag to v0.1.9
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-26 18:03:26 +02:00
Slavi Pantaleev
ebdb2cc827 Use a proper (bool) value for the matrix_bot_draupnir_login_native variable
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Otherwise Ansible casts the "" string to a bool.
This works, but it's deprecated and a bad idea anyway.
 2025-11-26 13:20:20 +02:00
Slavi Pantaleev
9b7767f451 Upgrade Postgres (v18.1-1 -> v18.1-2) 2025-11-26 13:17:04 +02:00
Slavi Pantaleev
201d3ea087 Upgrade Postgres (v18.1-0 -> v18.1-1) 2025-11-26 12:02:48 +02:00
Slavi Pantaleev
bf3f4a9059 Upgrade timesync (v1.1.0-0 -> v1.1.0-1) 2025-11-26 12:01:47 +02:00
Slavi Pantaleev
cbf8a2e7e9 Upgrade docker-sdk-for-python (129c8590e106b83e6f4c259649a613c6279e937a -> c38854e4c8451520e20163af1dd5f657790332da) 2025-11-26 11:59:38 +02:00
Slavi Pantaleev
ddf0fe7167 Fix Ansible inject_facts_as_vars deprecation warning 2025-11-26 11:56:57 +02:00
Slavi Pantaleev
07423d3dd4 Upgrade playbook-help (7663e3114513e56f28d3ed762059b445c678a71a -> 8630e4f1749bcb659c412820f754473f09055052) 2025-11-26 11:35:28 +02:00
Slavi Pantaleev
430f350733 Stop using deprecated vars variable 2025-11-26 11:35:09 +02:00
renovate[bot]
889970314a chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2025.11.26 2025-11-26 09:22:30 +02:00
renovate[bot]
1f2f7e468e chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.143.0
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
 2025-11-26 06:12:17 +02:00
Michael Hoang
6865a59e88 Document using Signal nicknames
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-25 05:51:43 +02:00
renovate[bot]
e128c761ba chore(deps): update dependency jitsi to v10655 2025-11-25 05:02:56 +02:00
renovate[bot]
4caf38e682 chore(deps): update ansible/ansible-lint action to v25.11.1 2025-11-25 05:02:30 +02:00
renovate[bot]
2eadddcde9 chore(deps): update gnuxie/draupnir docker tag to v2.8.0
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-23 15:57:05 +02:00
Suguru Hirahara
6cc837600a Add Matrix.to (#4750)
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
 2025-11-23 06:53:37 +02:00
renovate[bot]
7181131967 chore(deps): update actions/checkout action to v6
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-20 21:41:59 +02:00
Suguru Hirahara
a116620238 Update the link to the FluffyChat website
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-20 17:16:05 +09:00
Slavi Pantaleev
b464f3cc55 Upgrade baibot (v1.8.1 -> v1.8.2)
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
 2025-11-20 06:14:56 +02:00
Slavi Pantaleev
fb2d7481dc Upgrade playbook-state-preserver (ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16 -> dd6e15246b7a9a2d921e0b3f9cd8a4a917a1bb2f)
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-19 06:50:55 +02:00
renovate[bot]
388e79ea5a chore(deps): update dependency traefik to v3.6.2-0 2025-11-19 06:16:35 +02:00
Richard Meyer
0ab40bbd9c Update synapse to v1.142.1 2025-11-19 06:15:06 +02:00
renovate[bot]
9582f6a565 chore(deps): update ghcr.io/element-hq/element-web docker tag to v1.12.4
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-18 17:08:43 +02:00
Slavi Pantaleev
4b2919b538 Bump OpenAI text-generation model for baibot (gpt-5 -> gpt-5.1)
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
 2025-11-18 06:24:08 +02:00
Slavi Pantaleev
d05c83d0d5 Bump Anthropic text-generation model for baibot (claude-3-7-sonnet-20250219 -> claude-sonnet-4-5-20250929) 2025-11-18 06:23:47 +02:00
renovate[bot]
97a1562942 chore(deps): update dock.mau.dev/maubot/maubot docker tag to v0.6.0
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-17 18:24:25 +02:00
Benjamin Blacher
346dfbbc07 Add support for signal polls 2025-11-17 18:18:16 +02:00
renovate[bot]
7520469644 chore(deps): update dependency ntfy to v2.15.0-0
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
 2025-11-17 07:09:53 +02:00
renovate[bot]
8405bbdb94 chore(deps): update dock.mau.dev/mautrix/whatsapp docker tag to v0.2511.0
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-16 15:09:38 +02:00
renovate[bot]
dfa38bec2c chore(deps): update dock.mau.dev/mautrix/twitter docker tag to v0.2511.0 2025-11-16 15:09:30 +02:00
renovate[bot]
4e3dd04b17 chore(deps): update dock.mau.dev/mautrix/slack docker tag to v0.2511.0 2025-11-16 15:09:15 +02:00
renovate[bot]
ff884f5b4b chore(deps): update dock.mau.dev/mautrix/signal docker tag to v0.2511.0 2025-11-16 15:09:08 +02:00
renovate[bot]
4b93bbde98 chore(deps): update dock.mau.dev/mautrix/meta docker tag to v0.2511.0 2025-11-16 15:08:59 +02:00
renovate[bot]
46f00c89cc chore(deps): update dependency etherpad to v2.5.2-2 2025-11-16 15:07:35 +02:00
renovate[bot]
f3020a8ce6 chore(deps): update dock.mau.dev/mautrix/gmessages docker tag to v0.2511.0 2025-11-16 15:07:26 +02:00
renovate[bot]
1e3e722f8f chore(deps): update dependency livekit_server to v1.9.4-0
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
 2025-11-16 06:16:43 +02:00
renovate[bot]
f276b204a7 chore(deps): update dependency click to v8.3.1 2025-11-16 06:16:30 +02:00
Slavi Pantaleev
45ed9cc226 Upgrade Postgres (v18.0-1 -> v18.1-0)
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-14 07:01:48 +02:00
renovate[bot]
99d68c4e51 chore(deps): update ghcr.io/matrix-org/rageshake docker tag to v1.17.0 2025-11-14 06:55:33 +02:00
Slavi Pantaleev
fe34e6c61d Upgrade Traefik (v3.6.0-0 -> v3.6.1-0) 2025-11-14 06:54:31 +02:00
renovate[bot]
42e6c8d989 chore(deps): update dependency certifi to v2025.11.12
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
 2025-11-12 10:57:34 +02:00
renovate[bot]
86f9cdfe2c chore(deps): update docker.io/metio/matrix-alertmanager-receiver docker tag to v2025.11.12 2025-11-12 10:57:27 +02:00
Slavi Pantaleev
56629103c6 Revert "chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.142.0"
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
This reverts commit c8c6a83ecc.

Synapse v1.142.0 is broken for Matrix Authentication Service deployments
that use a path-prefix (e.g. `/auth`) such as ours.

For such deployments, Synapse fails to contact MAS at the correct
introspection endpoint (it keeps hitting `/oauth2/introspect`, instead of `/auth/oauth2/introspect`)
and is not usable.

Related to 3595ff921f
 2025-11-11 16:18:28 +02:00
renovate[bot]
4b19196a75 chore(deps): update ghcr.io/element-hq/matrix-authentication-service docker tag to v1.6.0 2025-11-11 15:30:52 +02:00
renovate[bot]
c8c6a83ecc chore(deps): update ghcr.io/element-hq/synapse docker tag to v1.142.0 2025-11-11 15:25:02 +02:00
Aine
272c03892c borgbackup: postgres v18 support 2025-11-11 11:02:02 +00:00
dependabot[bot]
7f6c23f91d Bump ansible/ansible-lint from 25.9.2 to 25.11.0
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
Bumps [ansible/ansible-lint](https://github.com/ansible/ansible-lint) from 25.9.2 to 25.11.0.
- [Release notes](https://github.com/ansible/ansible-lint/releases)
- [Commits](https://github.com/ansible/ansible-lint/compare/v25.9.2...v25.11.0)

---
updated-dependencies:
- dependency-name: ansible/ansible-lint
  dependency-version: 25.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-10 19:23:21 +02:00
Suguru Hirahara
934e560b0d Remove mautrix-instagram
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
Reuse:
- 1861faf31d/docs/configuring-playbook-bridge-mx-puppet-twitter.md
- 2b7a0453eb

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-09 16:08:19 +02:00
Suguru Hirahara
77d2b43fb5 Fix configurations to avoid using matrix_mautrix_facebook_* 
matrix-sms-bridge does not seem to use Postgres in the first place.

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-09 16:08:19 +02:00
Suguru Hirahara
20104ad5a9 Remove mautrix-facebook 
Reuse:
- 1861faf31d/docs/configuring-playbook-bridge-mx-puppet-twitter.md
- 2b7a0453eb

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-09 16:08:19 +02:00
renovate[bot]
cb769f0939 chore(deps): update dependency traefik to v3.6.0-0 2025-11-09 11:24:10 +02:00
Suguru Hirahara
1ccdbfd2b5 Update CHANGELOG.md 
Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-09 18:17:36 +09:00
Suguru Hirahara
386d94a8f6 Remove matrix-bridge-appservice-webhooks 
Reuse:
- 1861faf31d/docs/configuring-playbook-bridge-mx-puppet-twitter.md
- 2b7a0453eb

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-09 10:34:23 +02:00
Aine
fb1824e66d fix zulip bridge bot MXID (@zulipbot); fix Zulip bridge config
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
 2025-11-08 23:36:18 +00:00
Slavi Pantaleev
8979fdef79 Announce Zulip bridge
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
Ref: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4695
 2025-11-08 09:12:39 +02:00
Suguru Hirahara
ee976242e5 Add MatrixZulipBridge (#4695)
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
* Add links to MatrixZulipBridge

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Add MatrixZulipBridge: copy matrix-bridge-heisenbridge

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Rename matrix-heisenbridge.service.j2 to matrix-matrixzulipbridge.service.j2

- Add the license header to matrix-matrixzulipbridge.service.j2

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Replace "Heisenbridge" to "MatrixZulipBridge" to "heisenbridge" to "matrixzulipbridge", respectively

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Replace variables related to container image and version

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Update comments and copyright headers

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Update matrix-bridge-matrixzulipbridge/tasks/main.yml: add names to tasks

Reuse aa0591f8b0/tasks/main.yml

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Remove configuration for identd

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Add `matrix_matrixzulipbridge_container_http_port`

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Run ansible-lint for files in tasks/

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Update `matrix_matrixzulipbridge_registration_yaml`

Run `pip install matrixzulipbridge && python3 -m matrixzulipbridge --config config.yaml --generate` to generate config.yaml

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Add MatrixZulipBridge to files in group_vars

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Add configuring-playbook-bridge-matrixzulipbridge.md

Reuse b108c8a151/docs/configuring-playbook-bridge-heisenbridge.md

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Fix `matrix_matrixzulipbridge_config_media_path`

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>

* Remove space characters

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Replace "matrixzulipbridge" with "zulip", etc.

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Remove irrelevant instruction

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* MatrixZulipBridge → Zulip bridge

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Rename `@matrixzulipbridge` to `@zulipbot`

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Replace `matrix_bridge_zulip` with `matrix_zulip_bridge` for now

Refer to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4695#discussion_r2485317210

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Set `{{ matrix_admin if matrix_admin else '' }}` to `matrix_zulip_bridge_owner`

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Apply the review

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Reuse the section about adjusting the playbook configuration on configuring-playbook-bridge-postmoogle.md

Reuse 7862fd7cdd/docs/configuring-playbook-bridge-postmoogle.md

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

* Update configuring-playbook.md: sort list items

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>

---------

Signed-off-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
Co-authored-by: Suguru Hirahara <acioustick@noreply.codeberg.org>
Co-authored-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-08 09:09:12 +02:00
Slavi Pantaleev
1861faf31d Adjust matrix_steam_bridge_network_displayname_template 
Ref: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/4714
 2025-11-08 08:02:46 +02:00
renovate[bot]
26f15e0803 chore(deps): update ghcr.io/jasonlaguidice/matrix-steam-bridge docker tag to v1.0.8 2025-11-08 08:00:32 +02:00
Slavi Pantaleev
bf99fa9bb2 Fix docs/ansible.md --mount typo
Some checks failed
Lock Threads / action (push) Has been cancelled
Matrix CI / yamllint (push) Has been cancelled
Matrix CI / ansible-lint (push) Has been cancelled
Matrix CI / Run pre-commit (push) Has been cancelled
Close stale issues and PRs / stale (push) Has been cancelled
Ref: https://github.com/mother-of-all-self-hosting/mash-playbook/pull/1260
 2025-11-07 14:23:39 +02:00
Suguru Hirahara
3eced43292 Remove matrix-chatgpt-bot 
Reuse:
- 096b85bd96/docs/configuring-playbook-email2matrix.md
- 096b85bd96/docs/configuring-playbook-bridge-appservice-webhooks.md

Signed-off-by: Suguru Hirahara <did:key:z6MkvVZk1A3KBApWJXv2Ju4H14ErDfRGxh8zxdXSZ4vACDg5>
 2025-11-07 14:06:41 +02:00
161 changed files with 1545 additions and 3329 deletions
Expand all files Collapse all files

2
.codespellrc
View File

@@ -1,2 +1,2 @@
[codespell]
ignore-words-list = aNULL,brose,doub,Udo,re-use,re-used,registr
ignore-words-list = aNULL,brose,doub,Udo,re-use,re-used,registr,shema

3
.github/renovate.json vendored
View File

@@ -27,9 +27,6 @@
]
}
],
"ignoreDeps": [
"ghcr.io/matrixgpt/matrix-chatgpt-bot"
],
"pre-commit": {
"enabled": true
}

2
.github/workflows/lock-threads.yml vendored
View File

@@ -23,7 +23,7 @@ jobs:
if: github.repository == 'spantaleev/matrix-docker-ansible-deploy'
runs-on: ubuntu-latest
steps:
- uses: dessant/lock-threads@v5
- uses: dessant/lock-threads@v6
with:
add-issue-labels: 'outdated'
process-only: 'issues, prs'

8
.github/workflows/matrix.yml vendored
View File

@@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: Run yamllint
uses: frenck/action-yamllint@v1.5.0
ansible-lint:
@@ -23,10 +23,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: Run ansible-lint
uses: ansible/ansible-lint@v25.9.2
uses: ansible/ansible-lint@v26.1.1
with:
args: "roles/custom"
setup_python: "true"
@@ -37,6 +37,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v5
uses: actions/checkout@v6
- name: Run pre-commit
uses: pre-commit/action@v3.0.1

54
CHANGELOG.md
View File

@@ -1,3 +1,57 @@
# 2025-12-09
## Traefik Cert Dumper upgrade
The variable `traefik_certs_dumper_ssl_dir_path` was renamed to `traefik_certs_dumper_ssl_path`. Users who use [their own webserver with Traefik](docs/configuring-playbook-own-webserver.md) may need to adjust their configuration.
The variable `traefik_certs_dumper_dumped_certificates_dir_path` was renamed to `traefik_certs_dumper_dumped_certificates_path`. Users who use [SRV Server Delegation](docs/howto-srv-server-delegation.md) may need to adjust their configuration.
# 2025-11-23
## Matrix.to support
The playbook now supports [Matrix.to](https://github.com/matrix-org/matrix.to) — a simple URL redirection service which powers [matrix.to](https://matrix.to).
To learn more, see our [Setting up Matrix.to](docs/configuring-playbook-matrixto.md) documentation page.
# 2025-11-09
## matrix-appservice-webhooks has been removed from the playbook
[matrix-appservice-webhooks](./docs/configuring-playbook-bridge-appservice-webhooks.md) has been removed from the playbook, as it has been deprecated since more than several years.
The playbook will let you know if you're using any `matrix_appservice_webhooks_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the bridge manually](./docs/configuring-playbook-bridge-appservice-webhooks.md#uninstalling-the-bridge-manually).
## mautrix-facebook and mautrix-instagram have been removed from the playbook
[mautrix-facebook](./docs/configuring-playbook-bridge-mautrix-facebook.md) and [mautrix-instagram](./docs/configuring-playbook-bridge-mautrix-instagram.md) have been removed from the playbook, as they have been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge, integrated to the playbook at [2024-02-19](#2024-02-19).
The playbook will let you know if you're using any variables for those bridges:
- `matrix_mautrix_facebook_*`
- `matrix_mautrix_instagram_*`
You'll need to remove them from `vars.yml` and potentially uninstall them manually. Consult pages below for details:
- [Instruction for mautrix-facebook](./docs/configuring-playbook-bridge-mautrix-facebook.md#uninstalling-the-bridge-manually)
- [Instruction for mautrix-instagram](./docs/configuring-playbook-bridge-mautrix-instagram.md#uninstalling-the-bridge-manually)
# 2025-11-08
## MatrixZulipBridge support
Thanks to [Suguru Hirahara](https://github.com/luixxiul), the playbook now supports the [GearKite/MatrixZulipBridge](https://github.com/GearKite/MatrixZulipBridg) bridge for bridging Matrix to [Zulip](https://zulip.com/).
To learn more, see our [Setting up Zulip bridging](docs/configuring-playbook-bridge-zulip.md) documentation page.
# 2025-11-07
## The matrix-chatgpt-bot has been removed from the playbook
The [matrix-bot-chatgpt](./docs/configuring-playbook-bot-chatgpt.md) has been removed from the playbook, as it has been deprecated since September 2024.
The playbook will let you know if you're using any `matrix_bot_chatgpt_*` variables. You'll need to remove them from `vars.yml` and potentially [uninstall the bot manually](./docs/configuring-playbook-bot-chatgpt.md#uninstalling-matrix-chatgpt-bot-manually).
# 2025-11-05
## The MX Puppet bridges for Discord, Instagram, Slack, and Twitter have been removed from the playbook

2
README.md
View File

@@ -134,6 +134,7 @@ Bridges can be used to connect your Matrix installation with third-party communi
| [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) | ❌ | Bridge to SMS | [Link](docs/configuring-playbook-bridge-matrix-bridge-sms.md) |
| [matrix-steam-bridge](https://github.com/jasonlaguidice/matrix-steam-bridge) | ❌ | Bridge to [Steam](https://steampowered.com/) | [Link](docs/configuring-playbook-bridge-steam.md) |
| [matrix-wechat](https://github.com/duo/matrix-wechat) | ❌ | Bridge to [WeChat](https://www.wechat.com/) | [Link](docs/configuring-playbook-bridge-wechat.md) |
| [MatrixZulipBridge](https://github.com/GearKite/MatrixZulipBridge) | ❌ | Puppeting appservice bridge for [Zulip](https://zulip.com/) | [Link](docs/configuring-playbook-bridge-zulip.md) |
| [Heisenbridge](https://github.com/hifi/heisenbridge) | ❌ | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) | [Link](docs/configuring-playbook-bridge-heisenbridge.md) |
| [mx-puppet-groupme](https://gitlab.com/xangelix-pub/matrix/mx-puppet-groupme) | ❌ | Bridge to [GroupMe](https://groupme.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-groupme.md) |
| [mx-puppet-steam](https://codeberg.org/icewind/mx-puppet-steam) | ❌ | Bridge to [Steam](https://steamapp.com/) | [Link](docs/configuring-playbook-bridge-mx-puppet-steam.md) |
@@ -178,6 +179,7 @@ Various services that don't fit any other categories.
| [synapse_auto_accept_invite](https://github.com/matrix-org/synapse-auto-accept-invite) | ❌ | Synapse module to automatically accept invites | [Link](docs/configuring-playbook-synapse-auto-accept-invite.md) |
| [synapse_auto_compressor](https://github.com/matrix-org/rust-synapse-compress-state/#automated-tool-synapse_auto_compressor) | ❌ | Cli tool that automatically compresses `state_groups` database table in background | [Link](docs/configuring-playbook-synapse-auto-compressor.md) |
| [Matrix Corporal](https://github.com/devture/matrix-corporal) (advanced) | ❌ | Reconciliator and gateway for a managed Matrix server | [Link](docs/configuring-playbook-matrix-corporal.md) |
| [Matrix.to](https://github.com/matrix-org/matrix.to) | ❌ | Simple URL redirection service for the Matrix ecosystem | [Link](docs/configuring-playbook-matrixto.md) |
| [Etherpad](https://etherpad.org) | ❌ | Open source collaborative text editor | [Link](docs/configuring-playbook-etherpad.md) |
| [Jitsi](https://jitsi.org/) | ❌ | Open source video-conferencing platform | [Link](docs/configuring-playbook-jitsi.md) |
| [Cactus Comments](https://cactus.chat) | ❌ | Federated comment system built on Matrix | [Link](docs/configuring-playbook-cactus-comments.md) |

2
docs/ansible.md
View File

@@ -93,7 +93,7 @@ docker run \
--rm \
-w /work \
--mount type=bind,src=`pwd`,dst=/work \
--mount type=bind,src$HOME/.ssh/id_ed25519,dst=/root/.ssh/id_ed25519,ro \
--mount type=bind,src=$HOME/.ssh/id_ed25519,dst=/root/.ssh/id_ed25519,ro \
--entrypoint=/bin/sh \
ghcr.io/devture/ansible:11.6.0-r0-0
```

97
docs/configuring-playbook-bot-chatgpt.md
View File

@@ -1,98 +1,25 @@
<!--
SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2023 MDAD project contributors
SPDX-FileCopyrightText: 2019 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2022 Dennis Ciba
SPDX-FileCopyrightText: 2022 Nikita Chernyi
SPDX-FileCopyrightText: 2023 - 2024 MDAD project contributors
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up matrix-bot-chatgpt (optional, unmaintained)
# Setting up matrix-chatgpt-bot (optional, removed)
**Note**: [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) is now an archived (**unmaintained**) project. Talking to ChatGPT (and many other LLM providers) can happen via the much more featureful [baibot](https://github.com/etkecc/baibot), which can be [installed using this playbook](configuring-playbook-bot-baibot.md). Consider using that bot instead of this one.
🪦 The playbook used to be able to install and configure [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot), but no longer includes this component.
The playbook can install and configure [matrix-chatgpt-bot](https://github.com/matrixgpt/matrix-chatgpt-bot) for you.
While not a 1:1 replacement, the bot's author suggests taking a look at [baibot](https://github.com/etkecc/baibot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bot-baibot.md).
Talk to [ChatGPT](https://openai.com/blog/chatgpt/) via your favourite Matrix client!
## Uninstalling matrix-chatgpt-bot manually
See the project's [documentation](https://github.com/matrixgpt/matrix-chatgpt-bot/blob/main/README.md) to learn what it does and why it might be useful to you.
## Prerequisites
### Obtain an OpenAI API key
To use the bot, you'd need to obtain an API key from [https://platform.openai.com/account/api-keys](https://platform.openai.com/account/api-keys).
### Register the bot account
The playbook does not automatically create users for you. You **need to register the bot user manually** before setting up the bot.
Generate a strong password for the bot. You can create one with a command like `pwgen -s 64 1`.
You can use the playbook to [register a new user](registering-users.md):
If you still have the matrix-chatgpt-bot component installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
```sh
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.chatgpt password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
systemctl disable --now matrix-bot-chatgpt.service
rm -rf /matrix/chatgpt
```
### Obtain an access token and create encryption keys
The bot requires an access token to be able to connect to your homeserver. Refer to the documentation on [how to obtain an access token](obtaining-access-tokens.md).
> [!WARNING]
> Access tokens are sensitive information. Do not include them in any bug reports, messages, or logs. Do not share the access token with anyone.
To make sure the bot can read encrypted messages, it will need an encryption key, just like any other new user. While obtaining the access token, follow the prompts to setup a backup key. More information can be found in the [Element documentation](https://element.io/help#encryption6).
## Adjusting the playbook configuration
To enable the bot, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file. Make sure to replace `API_KEY_HERE` with the API key retrieved [here](#obtain-an-openai-api-key) and `ACCESS_TOKEN_HERE` with the access token created [here](#obtain-an-access-token-and-create-encryption-keys), respectively.
```yaml
matrix_bot_chatgpt_enabled: true
matrix_bot_chatgpt_openai_api_key: 'API_KEY_HERE'
# Uncomment and adjust this part if you'd like to use a username different than the default
# matrix_bot_chatgpt_matrix_bot_username_localpart: 'bot.chatgpt'
matrix_bot_chatgpt_matrix_access_token: 'ACCESS_TOKEN_HERE'
# Configuring the system prompt used, needed if the bot is used for special tasks.
# More information: https://github.com/mustvlad/ChatGPT-System-Prompts
matrix_bot_chatgpt_matrix_bot_prompt_prefix: 'Instructions:\nYou are ChatGPT, a large language model trained by OpenAI.'
```
### Extending the configuration
There are some additional things you may wish to configure about the bot.
Take a look at:
- `roles/custom/matrix-bot-chatgpt/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
## Installing
After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,ensure-matrix-users-created,start
```
**Notes**:
- The `ensure-matrix-users-created` playbook tag makes the playbook automatically create the bot's user account.
- The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed.
## Usage
To use the bot, invite it to the room you specified on your `vars.yml` file (`/invite @bot.chatgpt:example.com` where `example.com` is your base domain, not the `matrix.` domain).
After the bot joins the room, you can send a message to it. When you do so, use the prefix if you configured it or mention the bot.
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-bot-chatgpt`.

109
docs/configuring-playbook-bridge-appservice-webhooks.md
View File

@@ -1,113 +1,30 @@
<!--
SPDX-FileCopyrightText: 2019 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 Eduardo Beltrame
SPDX-FileCopyrightText: 2020 - 2023 MDAD project contributors
SPDX-FileCopyrightText: 2020 Björn Marten
SPDX-FileCopyrightText: 2020 Slavi Pantaleev
SPDX-FileCopyrightText: 2020 iLyas Bakouch
SPDX-FileCopyrightText: 2020 Tulir Asokan
SPDX-FileCopyrightText: 2022 Dennis Ciba
SPDX-FileCopyrightText: 2022 Kim Brose
SPDX-FileCopyrightText: 2022 Vladimir Panteleev
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up Appservice Webhooks bridging (optional, deprecated)
# Setting up Appservice Webhooks bridging (optional, removed)
**Note**: This bridge has been deprecated. We recommend not bothering with installing it. While not a 1:1 replacement, the bridge's author suggests taking a look at [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) as a replacement, which can also be [installed using this playbook](configuring-playbook-bridge-hookshot.md). Consider using that bridge instead of this one.
🪦 The playbook used to be able to install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks), but no longer includes this component, as it has been deprecated since more than several years.
The playbook can install and configure [matrix-appservice-webhooks](https://github.com/turt2live/matrix-appservice-webhooks) for you. This bridge provides support for Slack-compatible webhooks.
You may wish to use [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) instead.
See the project's [documentation](https://github.com/turt2live/matrix-appservice-webhooks/blob/master/README.md) to learn what it does and why it might be useful to you.
## Uninstalling the bridge manually
## Adjusting the playbook configuration
To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_appservice_webhooks_enabled: true
matrix_appservice_webhooks_api_secret: '<your_secret>'
# As of Synapse 1.90.0, uncomment to enable the backwards compatibility (https://matrix-org.github.io/synapse/latest/upgrade#upgrading-to-v1900) that this bridge needs.
# Note: This deprecated method is considered insecure.
#
# matrix_synapse_configuration_extension_yaml: |
# use_appservice_legacy_authorization: true
```
### Extending the configuration
There are some additional things you may wish to configure about the bridge.
Take a look at:
- `roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
- `roles/custom/matrix-bridge-appservice-webhooks/templates/config.yaml.j2` for the bridge's default configuration. You can override settings (even those that don't have dedicated playbook variables) using the `matrix_appservice_webhooks_configuration_extension_yaml` variable
## Installing
After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
## Usage
To use the bridge, you need to invite the bridge bot user to your room in either way.
- Send `/invite @_webhook:example.com` (**Note**: Make sure you have administration permissions in your room)
- Add the bridge bot to a private channel (personal channels imply you being an administrator)
You then need to send a message to the bridge bot to receive a private message including the webhook link:
```
!webhook
```
The JSON body for posting messages will have to look like this:
```json
{
"text": "Hello world!",
"format": "plain",
"displayName": "My Cool Webhook",
"avatar_url": "http://i.imgur.com/IDOBtEJ.png"
}
```
You can test this via curl like so:
If you still have matrix-appservice-webhooks installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
```sh
curl --header "Content-Type: application/json" \
--data '{
"text": "Hello world!",
"format": "plain",
"displayName": "My Cool Webhook",
"avatar_url": "http://i.imgur.com/IDOBtEJ.png"
}' \
<the webhook link you've gotten from the bridge bot>
```
### Setting Webhooks with Dimension integration manager
If you're using the [Dimension integration manager](configuring-playbook-dimension.md), you can configure the Webhooks bridge with it.
To configure it, open the Dimension integration manager, and go to "Settings" and "Bridges", then select edit action for "Webhook Bridge".
On the UI, press "Add self-hosted Bridge" button and populate "Provisioning URL" and "Shared Secret" values from `/matrix/appservice-webhooks/config/config.yaml` file's homeserver URL value and provisioning secret value, respectively.
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-appservice-webhooks`.
### Increase logging verbosity
The default logging level for this component is `info`. If you want to increase the verbosity, add the following configuration to your `vars.yml` file and re-run the playbook:
```yaml
# Valid values: info, verbose
matrix_appservice_webhooks_log_level: 'verbose'
systemctl disable --now matrix-appservice-webhooks.service
rm -rf /matrix/appservice-webhooks
```

6
docs/configuring-playbook-bridge-hookshot.md
View File

@@ -16,8 +16,6 @@ Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from softw
See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/latest/hookshot.html) to learn what it does and why it might be useful to you.
**Note**: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however was deprecated by its author.
## Prerequisites
### Download GitHub app private key (optional)
@@ -131,10 +129,6 @@ aux_file_definitions:
For more information, see the documentation in the [default configuration of the aux role](https://github.com/mother-of-all-self-hosting/ansible-role-aux/blob/main/defaults/main.yml).
### Collision with matrix-appservice-webhooks
If you are also running [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), it reserves its namespace by the default setting `matrix_appservice_webhooks_user_prefix: '_webhook_'`. You should take care if you modify its or hookshot's prefix that they do not collide with each other's namespace (default `matrix_hookshot_generic_userIdPrefix: '_webhooks_'`).
### Enable metrics
The playbook can enable and configure the metrics of the service for you.

2
docs/configuring-playbook-bridge-mautrix-bridges.md
View File

@@ -24,7 +24,7 @@ To enable the bridge, add the following configuration to your `inventory/host_va
matrix_mautrix_SERVICENAME_enabled: true
```
**Note**: for bridging to Meta's Messenger or Instagram, you would need to add `meta` with an underscore symbol (`_`) or hyphen (`-`) based on the context as prefix to each `SERVICENAME`; add `_` to variables (as in `matrix_mautrix_meta_messenger_configuration_extension_yaml` for example) and `-` to paths of the configuration files (as in `roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2`), respectively. **`matrix_mautrix_facebook_*` and `matrix_mautrix_instagram_*` variables belong to the deprecated components and do not control the new bridge** ([mautrix-meta](https://github.com/mautrix/meta)), which can be [installed using this playbook](configuring-playbook-bridge-mautrix-meta-messenger.md).
**Note**: for bridging to Meta's Messenger or Instagram, you would need to add `meta` with an underscore symbol (`_`) or hyphen (`-`) based on the context as prefix to each `SERVICENAME`; add `_` to variables (as in `matrix_mautrix_meta_messenger_configuration_extension_yaml` for example) and `-` to paths of the configuration files (as in `roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2`), respectively.
There are some additional things you may wish to configure about the bridge before you continue. Each bridge may have additional requirements besides `_enabled: true`. For example, the mautrix-telegram bridge (our documentation page about it is [here](configuring-playbook-bridge-mautrix-telegram.md)) requires the `matrix_mautrix_telegram_api_id` and `matrix_mautrix_telegram_api_hash` variables to be defined. Refer to each bridge's individual documentation page for details about enabling bridges.

98
docs/configuring-playbook-bridge-mautrix-facebook.md
View File

@@ -1,100 +1,32 @@
<!--
SPDX-FileCopyrightText: 2019 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 Eduardo Beltrame
SPDX-FileCopyrightText: 2019 Hugues Morisset
SPDX-FileCopyrightText: 2020 Tulir Asokan
SPDX-FileCopyrightText: 2021 - 2022 MDAD project contributors
SPDX-FileCopyrightText: 2021 Aaron Raimist
SPDX-FileCopyrightText: 2022 Dennis Ciba
SPDX-FileCopyrightText: 2022 László Várady
SPDX-FileCopyrightText: 2024 Suguru Hirahara
SPDX-FileCopyrightText: 2022 Vladimir Panteleev
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up Mautrix Facebook bridging (optional, deprecated)
# Setting up Mautrix Facebook bridging (optional, removed)
<sup>Refer the common guide for configuring mautrix bridges: [Setting up a Generic Mautrix Bridge](configuring-playbook-bridge-mautrix-bridges.md)</sup>
🪦 The playbook used to be able to install and configure [mautrix-facebook](https://github.com/mautrix/facebook), but no longer includes this component, as it has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge.
**Note**: This bridge has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge, which can be [installed using this playbook](configuring-playbook-bridge-mautrix-meta-messenger.md). Consider using that bridge instead of this one.
The mautrix-meta bridge can be [installed using this playbook](configuring-playbook-bridge-mautrix-meta-messenger.md).
The playbook can install and configure [mautrix-facebook](https://github.com/mautrix/facebook) for you.
## Uninstalling the bridge manually
See the project's [documentation](https://github.com/mautrix/facebook/blob/master/README.md) to learn what it does and why it might be useful to you.
## Prerequisite (optional)
### Enable Shared Secret Auth
If you want to set up [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html) (hint: you most likely do) for this bridge automatically, you need to have enabled [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook.
See [this section](configuring-playbook-bridge-mautrix-bridges.md#set-up-double-puppeting-optional) on the [common guide for configuring mautrix bridges](configuring-playbook-bridge-mautrix-bridges.md) for details about setting up Double Puppeting.
**Note**: double puppeting with the Shared Secret Auth works at the time of writing, but is deprecated and will stop working in the future.
## Adjusting the playbook configuration
To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_mautrix_facebook_enabled: true
```
### Extending the configuration
There are some additional things you may wish to configure about the bridge.
See [this section](configuring-playbook-bridge-mautrix-bridges.md#extending-the-configuration) on the [common guide for configuring mautrix bridges](configuring-playbook-bridge-mautrix-bridges.md) for details about variables that you can customize and the bridge's default configuration, including [bridge permissions](configuring-playbook-bridge-mautrix-bridges.md#configure-bridge-permissions-optional), [encryption support](configuring-playbook-bridge-mautrix-bridges.md#enable-encryption-optional), [relay mode](configuring-playbook-bridge-mautrix-bridges.md#enable-relay-mode-optional), [bot's username](configuring-playbook-bridge-mautrix-bridges.md#set-the-bots-username-optional), etc.
## Installing
After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
## Usage
To use the bridge, you need to start a chat with `@facebookbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain).
You then need to send `login YOUR_FACEBOOK_EMAIL_ADDRESS` to the bridge bot to enable bridging for your Facebook Messenger account.
If you run into trouble, check the [Troubleshooting](#troubleshooting) section below.
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-mautrix-facebook`.
### Increase logging verbosity
The default logging level for this component is `WARNING`. If you want to increase the verbosity, add the following configuration to your `vars.yml` file and re-run the playbook:
```yaml
matrix_mautrix_facebook_logging_level: DEBUG
```
### Facebook rejecting login attempts and forcing you to change password
If your Matrix server is in a wildly different location than where you usually use your Facebook account from, the bridge's login attempts may be outright rejected by Facebook. Along with that, Facebook may even force you to change the account's password.
If you happen to run into this problem while [setting up bridging](#usage), try to first get a successful session up by logging in to Facebook through the Matrix server's IP address.
The easiest way to do this may be to use [sshuttle](https://sshuttle.readthedocs.io/) to proxy your traffic through the Matrix server.
Example command for proxying your traffic through the Matrix server:
If you still have the bridge installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
```sh
sshuttle -r root@matrix.example.com:22 0/0
systemctl disable --now matrix-mautrix-facebook.service
rm -rf /matrix/mautrix-facebook
/matrix/postgres/bin/cli-non-interactive 'DROP DATABASE matrix_mautrix_facebook;'
```
Once connected, you should be able to verify that you're browsing the web through the Matrix server's IP by checking [icanhazip](https://icanhazip.com/).
Then proceed to log in to [Facebook/Messenger](https://www.facebook.com/).
Once logged in, proceed to [set up bridging](#usage).
If that doesn't work, enable 2FA (see: [Facebook help page on enabling 2FA](https://www.facebook.com/help/148233965247823)) and try to login again with a new password, and entering the 2FA code when prompted, it may take more then one try, in between attempts, check facebook.com to see if they are requiring another password change

66
docs/configuring-playbook-bridge-mautrix-instagram.md
View File

@@ -1,63 +1,33 @@
<!--
SPDX-FileCopyrightText: 2019 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 Eduardo Beltrame
SPDX-FileCopyrightText: 2019 Hugues Morisset
SPDX-FileCopyrightText: 2020 Tulir Asokan
SPDX-FileCopyrightText: 2021 - 2022 MDAD project contributors
SPDX-FileCopyrightText: 2021 Aaron Raimist
SPDX-FileCopyrightText: 2021 Marcus Proest
SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2022 Dennis Ciba
SPDX-FileCopyrightText: 2022 László Várady
SPDX-FileCopyrightText: 2022 Vladimir Panteleev
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up Mautrix Instagram bridging (optional, deprecated)
# Setting up Mautrix Instagram bridging (optional, removed)
<sup>Refer the common guide for configuring mautrix bridges: [Setting up a Generic Mautrix Bridge](configuring-playbook-bridge-mautrix-bridges.md)</sup>
🪦 The playbook used to be able to install and configure [mautrix-instagram](https://github.com/mautrix/instagram), but no longer includes this component, as it has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge.
**Note**: This bridge has been deprecated in favor of the [mautrix-meta](https://github.com/mautrix/meta) Messenger/Instagram bridge, which can be [installed using this playbook](configuring-playbook-bridge-mautrix-meta-instagram.md). Consider using that bridge instead of this one.
The mautrix-meta bridge can be [installed using this playbook](configuring-playbook-bridge-mautrix-meta-messenger.md).
The playbook can install and configure [mautrix-instagram](https://github.com/mautrix/instagram) for you.
## Uninstalling the bridge manually
See the project's [documentation](https://github.com/mautrix/instagram/blob/master/README.md) to learn what it does and why it might be useful to you.
If you still have the bridge installed on your Matrix server, the playbook can no longer help you uninstall it and you will need to do it manually. To uninstall manually, run these commands on the server:
## Adjusting the playbook configuration
To enable the bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_mautrix_instagram_enabled: true
```
### Extending the configuration
There are some additional things you may wish to configure about the bridge.
See [this section](configuring-playbook-bridge-mautrix-bridges.md#extending-the-configuration) on the [common guide for configuring mautrix bridges](configuring-playbook-bridge-mautrix-bridges.md) for details about variables that you can customize and the bridge's default configuration, including [bridge permissions](configuring-playbook-bridge-mautrix-bridges.md#configure-bridge-permissions-optional), [encryption support](configuring-playbook-bridge-mautrix-bridges.md#enable-encryption-optional), [relay mode](configuring-playbook-bridge-mautrix-bridges.md#enable-relay-mode-optional), [bot's username](configuring-playbook-bridge-mautrix-bridges.md#set-the-bots-username-optional), etc.
## Installing
After configuring the playbook, run it with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
## Usage
To use the bridge, you need to start a chat with `@instagrambot:example.com` (where `example.com` is your base domain, not the `matrix.` domain).
You then need to send `login YOUR_INSTAGRAM_EMAIL_ADDRESS YOUR_INSTAGRAM_PASSWORD` to the bridge bot to enable bridging for your instagram/Messenger account.
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-mautrix-instagram`.
### Increase logging verbosity
The default logging level for this component is `WARNING`. If you want to increase the verbosity, add the following configuration to your `vars.yml` file and re-run the playbook:
```yaml
matrix_mautrix_instagram_logging_level: DEBUG
systemctl disable --now matrix-mautrix-instagram.service
rm -rf /matrix/mautrix-instagram
/matrix/postgres/bin/cli-non-interactive 'DROP DATABASE matrix_mautrix_instagram;'
```

83
docs/configuring-playbook-bridge-zulip.md Normal file
View File

@@ -0,0 +1,83 @@
<!--
SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2021 Toni Spets
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up a Zulip bridge (optional)
The playbook can install and configure [MatrixZulipBridge](https://github.com/GearKite/MatrixZulipBridge) for you.
See the project's [documentation](https://github.com/GearKite/MatrixZulipBridge/blob/main/README.md) to learn what it does and why it might be useful to you.
## Adjusting DNS records (optional)
By default, this playbook installs the Zulip bridge on the `matrix.` subdomain, at the `/zulip` path (https://matrix.example.com/zulip). This makes it easy to install it, because it **doesn't require additional DNS records to be set up**. If that's okay, you can skip this section.
If you wish to adjust it, see the section [below](#adjusting-the-zulip-bridge-url-optional) for details about DNS configuration.
## Adjusting the playbook configuration
To enable the Zulip bridge, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_zulip_bridge_enabled: true
# Uncomment to add one or more admins to this bridge:
#
# matrix_zulip_bridge_owner:
# - '@yourAdminAccount:{{ matrix_domain }}'
#
# … unless you've made yourself an admin of all bots/bridges like this:
#
# matrix_admin: '@yourAdminAccount:{{ matrix_domain }}'
```
### Adjusting the Zulip bridge URL (optional)
By tweaking the `matrix_zulip_bridge_hostname` and `matrix_zulip_bridge_path_prefix` variables, you can easily make the service available at a **different hostname and/or path** than the default one.
Example additional configuration for your `vars.yml` file:
```yaml
# Change the default hostname and path prefix
matrix_zulip_bridge_hostname: zulip.example.com
matrix_zulip_bridge_path_prefix: /
```
If you've changed the default hostname, you may need to create a CNAME record for the Zulip bridge domain (`zulip.example.com`), which targets `matrix.example.com`.
When setting, replace `example.com` with your own.
### Extending the configuration
There are some additional things you may wish to configure about the bridge.
Take a look at:
- `roles/custom/matrix-bridge-zulip/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
## Installing
After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
## Usage
To use the bridge, you need to start a chat with `@zulipbot:example.com` (where `example.com` is your base domain, not the `matrix.` domain). If the bridge ignores you and a DM is not accepted then the owner setting may be wrong.
If you encounter issues or feel lost you can join the project room at [#matrixzulipbridge:shema.lv](https://matrix.to/#/#matrixzulipbridge:shema.lv) for help.
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-bridge-zulip`.

2
docs/configuring-playbook-client-fluffychat-web.md
View File

@@ -13,7 +13,7 @@ FluffyChat Web is a cute cross-platform (web, iOS, Android) messenger for Matrix
💡 **Note**: the latest version of FluffyChat Web is also available on the web, hosted by 3rd parties. If you trust giving your credentials to the following 3rd party Single Page Application, you can consider using it from there:
- [fluffychat.im](https://fluffychat.im/web), hosted by the [FluffyChat](https://fluffychat.im/) developers
- [fluffychat.im](https://fluffychat.im/web), hosted by the [FluffyChat](https://fluffy.chat/) developers
## Adjusting DNS records

4
docs/configuring-playbook-matrix-authentication-service.md
View File

@@ -57,6 +57,10 @@ This section details what you can expect when switching to the Matrix Authentica
- [Reminder bot](configuring-playbook-bot-matrix-reminder-bot.md) seems to be losing some of its state on each restart and may reschedule old reminders once again
- [Postmoogle](./configuring-playbook-bridge-postmoogle.md) works the first time around, but it consistently fails after restarting:
> cannot initialize matrix bot error="olm account is marked as shared, keys seem to have disappeared from the server"
-**Encrypted appservices** do not work yet (related to [MSC4190](https://github.com/matrix-org/matrix-spec-proposals/pull/4190) and [PR 17705 for Synapse](https://github.com/element-hq/synapse/pull/17705)), so all bridges/bots that rely on encryption will fail to start (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3658) for Hookshot). You can use these bridges/bots only if you **keep end-to-bridge encryption disabled** (which is the default setting).
- ⚠️ [Migrating an existing Synapse homeserver to Matrix Authentication Service](#migrating-an-existing-synapse-homeserver-to-matrix-authentication-service) is **possible**, but requires **some playbook-assisted manual work**. Migration is **reversible with no or minor issues if done quickly enough**, but as users start logging in (creating new login sessions) via the new MAS setup, disabling MAS and reverting back to the Synapse user database will cause these new sessions to break.

68
docs/configuring-playbook-matrixto.md Normal file
View File

@@ -0,0 +1,68 @@
<!--
SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
-->
# Setting up Matrix.to (optional)
The playbook can install and configure the [Matrix.to](https://github.com/matrix-org/matrix.to) URL redirection service for you.
See the project's [documentation](https://github.com/matrix-org/matrix.to/blob/main/README.md) to learn what it does and why it might be useful to you.
## Adjusting DNS records
By default, this playbook installs Matrix.to on the `mt.` subdomain (`mt.example.com`) and requires you to create a CNAME record for `mt`, which targets `matrix.example.com`.
When setting, replace `example.com` with your own.
## Adjusting the playbook configuration
To enable Matrix.to, add the following configuration to your `inventory/host_vars/matrix.example.com/vars.yml` file:
```yaml
matrix_matrixto_enabled: true
```
### Adjusting the Matrix.to URL (optional)
By tweaking the `matrix_matrixto_hostname` variable, you can easily make the service available at a **different hostname** than the default one.
Example additional configuration for your `vars.yml` file:
```yaml
# Change the default hostname
matrix_matrixto_hostname: t.example.com
```
After changing the domain, **you may need to adjust your DNS** records to point the Matrix.to domain to the Matrix server.
### Extending the configuration
There are some additional things you may wish to configure about the server.
Take a look at:
- `roles/custom/matrix-matrixto/defaults/main.yml` for some variables that you can customize via your `vars.yml` file
## Installing
After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records), run the playbook with [playbook tags](playbook-tags.md) as below:
<!-- NOTE: let this conservative command run (instead of install-all) to make it clear that failure of the command means something is clearly broken. -->
```sh
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
The shortcut commands with the [`just` program](just.md) are also available: `just install-all` or `just setup-all`
`just install-all` is useful for maintaining your setup quickly ([2x-5x faster](../CHANGELOG.md#2x-5x-performance-improvements-in-playbook-runtime) than `just setup-all`) when its components remain unchanged. If you adjust your `vars.yml` to remove other components, you'd need to run `just setup-all`, or these components will still remain installed. Note these shortcuts run the `ensure-matrix-users-created` tag too.
## Usage
Refer to the project's [documentation](https://github.com/matrix-org/matrix.to/blob/main/README.md) for available parameters, etc.
## Troubleshooting
As with all other services, you can find the logs in [systemd-journald](https://www.freedesktop.org/software/systemd/man/systemd-journald.service.html) by logging in to the server with SSH and running `journalctl -fu matrix-matrixto`.

2
docs/configuring-playbook-own-webserver.md
View File

@@ -51,7 +51,7 @@ matrix_playbook_reverse_proxy_type: other-traefik-container
# Adjust to point to your Traefik container
matrix_playbook_reverse_proxy_hostname: name-of-your-traefik-container
traefik_certs_dumper_ssl_dir_path: "/path/to/your/traefiks/acme.json/directory"
traefik_certs_dumper_ssl_path: "/path/to/your/traefiks/acme.json/directory"
# Uncomment and adjust the variable below if the name of your federation entrypoint is different
# than the default value (matrix-federation).

17
docs/configuring-playbook-turn.md
View File

@@ -49,6 +49,23 @@ Regardless of the selected authentication method, the playbook generates secrets
If [Jitsi](configuring-playbook-jitsi.md) is installed, note that switching to `lt-cred-mech` will disable the integration between Jitsi and your coturn server, as Jitsi seems to support the `auth-secret` authentication method only.
### Customize the Coturn hostname (optional)
By default, Coturn uses the same hostname as your Matrix homeserver (the value of `matrix_server_fqn_matrix`, which is typically `matrix.example.com`).
If you'd like to use a custom subdomain for Coturn (e.g., `turn.example.com` or `t.matrix.example.com`), add the following configuration to your `vars.yml` file:
```yaml
matrix_coturn_hostname: turn.example.com
```
The playbook will automatically:
- Configure Coturn to use this hostname
- Obtain an SSL certificate for the custom domain via Traefik
- Update all TURN URIs to point to the custom domain
**Note**: Make sure the custom hostname resolves to your server's IP address via DNS before running the playbook.
### Use your own external coturn server (optional)
If you'd like to use another TURN server (be it coturn or some other one), add the following configuration to your `vars.yml` file. Make sure to replace `HOSTNAME_OR_IP` with your own.

4
docs/configuring-playbook.md
View File

@@ -188,6 +188,8 @@ Bridges can be used to connect your Matrix installation with third-party communi
- [Setting up WeChat bridging](configuring-playbook-bridge-wechat.md)
- [Setting up Zulip bridging](configuring-playbook-bridge-zulip.md)
### Bots
Bots provide various additional functionality to your installation.
@@ -245,6 +247,8 @@ Various services that don't fit any other categories.
- [Setting up Matrix Corporal](configuring-playbook-matrix-corporal.md) (advanced)
- [Setting up Matrix.to](configuring-playbook-matrixto.md)
- [Setting up Etherpad](configuring-playbook-etherpad.md)
- [Setting up the Jitsi video-conferencing platform](configuring-playbook-jitsi.md)

3
docs/container-images.md
View File

@@ -107,6 +107,7 @@ Bridges can be used to connect your Matrix installation with third-party communi
| [matrix-hookshot](configuring-playbook-bridge-hookshot.md) | [halfshot/matrix-hookshot](https://hub.docker.com/r/halfshot/matrix-hookshot) | ❌ | Bridge for generic webhooks and multiple project management services, such as GitHub, GitLab, Figma, and Jira in particular |
| [matrix-sms-bridge](configuring-playbook-bridge-matrix-bridge-sms.md) | [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) | ❌ | Bridge to SMS |
| [matrix-wechat](configuring-playbook-bridge-wechat.md) | [lxduo/matrix-wechat](https://hub.docker.com/r/lxduo/matrix-wechat) | ❌ | Bridge to [WeChat](https://www.wechat.com/) |
| [MatrixZulipBridge](configuring-playbook-bridge-zulip.md) | [GearKite/MatrixZulipBridge](https://ghcr.io/gearkite/matrixzulipbridge) | ❌ | Puppeting appservice bridge for [Zulip](https://zulip.com/) |
| [Heisenbridge](configuring-playbook-bridge-heisenbridge.md) | [hif1/heisenbridge](https://hub.docker.com/r/hif1/heisenbridge) | ❌ | Bouncer-style bridge to [IRC](https://wikipedia.org/wiki/Internet_Relay_Chat) |
| [mx-puppet-groupme](configuring-playbook-bridge-mx-puppet-groupme.md) | [xangelix/mx-puppet-groupme](https://hub.docker.com/r/xangelix/mx-puppet-groupme) | ❌ | Bridge to [GroupMe](https://groupme.com/) |
| [matrix-steam-bridge](configuring-playbook-bridge-steam.md) | [jasonlaguidice/matrix-steam-bridge](https://github.com/jasonlaguidice/matrix-steam-bridge/pkgs/container/matrix-steam-bridge) | ❌ | Bridge to [Steam](https://steampowered.com/) |
@@ -174,10 +175,10 @@ The list of the deprecated or unmaintained services is available [here](configur
| Service | Container image | Default? | Description |
| ------- | --------------- | -------- | ----------- |
| [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | ❌ | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) |
| [Dimension](configuring-playbook-dimension.md) | [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) | ❌ | Open source integration manager for Matrix clients |
| [Email2Matrix](configuring-playbook-email2matrix.md) | [devture/email2matrix](https://hub.docker.com/r/devture/email2matrix/) | ❌ | Bridge for relaying emails to Matrix rooms |
| [Go-NEB](configuring-playbook-bot-go-neb.md) | [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) | ❌ | Multi functional bot written in Go |
| [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md) | [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) | ❌ | Bridge for slack compatible webhooks ([ConcourseCI](https://concourse-ci.org/), [Slack](https://slack.com/) etc. pp.) |
| [matrix-chatgpt-bot](configuring-playbook-bot-chatgpt.md) | [matrixgpt/matrix-chatgpt-bot](https://ghcr.io/matrixgpt/matrix-chatgpt-bot) | ❌ | Accessing ChatGPT via your favourite Matrix client |
| [mautrix-facebook](configuring-playbook-bridge-mautrix-facebook.md) | [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) | ❌ | Bridge to [Facebook](https://facebook.com/) |
| [mautrix-instagram](configuring-playbook-bridge-mautrix-instagram.md) | [mautrix/instagram](https://mau.dev/mautrix/instagram/container_registry) | ❌ | Bridge to [Instagram](https://instagram.com/) |

13
docs/faq.md
View File

@@ -440,6 +440,19 @@ To prevent double-logging, Docker logging is disabled by explicitly passing `--l
See [this section](maintenance-and-troubleshooting.md#how-to-see-the-logs) on the page for maintenance and troubleshooting for more details to see the logs.
### The server fails to start due to the `Unable to start service matrix-coturn.service` error. Why and how to solve it?
The error is most likely because Traefik cannot obtain SSL certificates due to certain reasons such as wrong domain name configuration or port 80 being unavailable due to other services.
If Traefik fails to obtain an SSL certificate for domain names such as `matrix.`, Traefik Certs Dumper cannot extract the SSL certificate out of there, and coturn cannot be started and the error occurs. Refer to these comments for details:
- <https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3957#issuecomment-2599590441>
- <https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/4570#issuecomment-3364111466>
If you are not sure what the problem is, at first make sure that you have set the "base domain" (`example.com`, **not `matrix.example.com`**) to `matrix_domain`. You should be able to find it at the top of your `vars.yml`.
If it is correctly specified, look Traefik's logs (`journalctl -fu matrix-traefik.service`) for errors by Let's Encrypt for troubleshooting.
## Miscellaneous
### I would like to see this favorite service of mine integrated and become available on my Matrix server. How can I request it?

8
docs/howto-srv-server-delegation.md
View File

@@ -112,12 +112,12 @@ matrix_coturn_container_additional_volumes: |
(
[
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/*.' + matrix_domain + '/certificate.crt'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/*.' + matrix_domain + '/certificate.crt'),
'dst': '/certificate.crt',
'options': 'ro',
},
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/*.' + matrix_domain + '/privatekey.key'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/*.' + matrix_domain + '/privatekey.key'),
'dst': '/privatekey.key',
'options': 'ro',
},
@@ -173,12 +173,12 @@ matrix_coturn_container_additional_volumes: |
(
[
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/*.' + matrix_domain + '/certificate.crt'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/*.' + matrix_domain + '/certificate.crt'),
'dst': '/certificate.crt',
'options': 'ro',
},
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/*.' + matrix_domain + '/privatekey.key'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/*.' + matrix_domain + '/privatekey.key'),
'dst': '/privatekey.key',
'options': 'ro',
},

4
docs/registering-users.md
View File

@@ -161,6 +161,6 @@ You can then proceed to run the query above.
### Adding/Removing Administrator privileges to an existing user in Matrix Authentication Service
Promoting/demoting a user in Matrix Authentication Service cannot currently (2024-10-19) be done via the [`mas-cli` Management tool](./configuring-playbook-matrix-authentication-service.md#management).
Promoting/demoting a user in Matrix Authentication Service can be done using the [`mas-cli`](./configuring-playbook-matrix-authentication-service.md#management) management tool's [`manage promote-admin`](https://element-hq.github.io/matrix-authentication-service/reference/cli/manage.html#manage-promote-admin) and [`manage demote-admin`](https://element-hq.github.io/matrix-authentication-service/reference/cli/manage.html#manage-demote-admin) commands. For example: `/matrix/matrix-authentication-service/bin/mas-cli manage promote-admin some.username`.
You can do it via the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html)'s `POST /api/admin/v1/users/{id}/set-admin` endpoint.
You can also do it via the [MAS Admin API](https://element-hq.github.io/matrix-authentication-service/api/index.html)'s `POST /api/admin/v1/users/{id}/set-admin` endpoint.

2
docs/self-building.md
View File

@@ -39,9 +39,7 @@ Possibly outdated list of roles where self-building the Docker image is currentl
- `matrix-bridge-hookshot`
- `matrix-bridge-appservice-irc`
- `matrix-bridge-appservice-slack`
- `matrix-bridge-appservice-webhooks`
- `matrix-bridge-beeper-linkedin`
- `matrix-bridge-mautrix-facebook`
- `matrix-bridge-mautrix-googlechat`
- `matrix-bridge-mautrix-telegram`
- `matrix-bridge-mautrix-signal`

428
group_vars/matrix_servers
View File

@@ -106,8 +106,6 @@ matrix_homeserver_container_extra_arguments_auto: |
+
(['--mount type=bind,src=' + matrix_appservice_slack_config_path + '/slack-registration.yaml,dst=/matrix-appservice-slack-registration.yaml,ro'] if matrix_appservice_slack_enabled else [])
+
(['--mount type=bind,src=' + matrix_appservice_webhooks_config_path + '/webhooks-registration.yaml,dst=/matrix-appservice-webhooks-registration.yaml,ro'] if matrix_appservice_webhooks_enabled else [])
+
(['--mount type=bind,src=' + matrix_beeper_linkedin_config_path + '/registration.yaml,dst=/matrix-beeper-linkedin-registration.yaml,ro'] if matrix_beeper_linkedin_enabled else [])
+
(['--mount type=bind,src=' + matrix_wechat_config_path + '/registration.yaml,dst=/matrix-wechat-registration.yaml,ro'] if matrix_wechat_enabled else [])
@@ -116,18 +114,16 @@ matrix_homeserver_container_extra_arguments_auto: |
+
(['--mount type=bind,src=' + matrix_hookshot_base_path + '/registration.yml,dst=/hookshot-registration.yml,ro'] if matrix_hookshot_enabled else [])
+
(['--mount type=bind,src=' + matrix_zulip_bridge_base_path + '/registration.yaml,dst=/matrixzulipbridge-registration.yaml,ro'] if matrix_zulip_bridge_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_bluesky_config_path + '/registration.yaml,dst=/matrix-mautrix-bluesky-registration.yaml,ro'] if matrix_mautrix_bluesky_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_discord_config_path + '/registration.yaml,dst=/matrix-mautrix-discord-registration.yaml,ro'] if matrix_mautrix_discord_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_slack_config_path + '/registration.yaml,dst=/matrix-mautrix-slack-registration.yaml,ro'] if matrix_mautrix_slack_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_facebook_config_path + '/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro'] if matrix_mautrix_facebook_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_googlechat_config_path + '/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro'] if matrix_mautrix_googlechat_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_instagram_config_path + '/registration.yaml,dst=/matrix-mautrix-instagram-registration.yaml,ro'] if matrix_mautrix_instagram_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_signal_config_path + '/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro'] if matrix_mautrix_signal_enabled else [])
+
(['--mount type=bind,src=' + matrix_mautrix_meta_messenger_config_path + '/registration.yaml,dst=/matrix-mautrix-meta-messenger-registration.yaml,ro'] if matrix_mautrix_meta_messenger_enabled else [])
@@ -171,8 +167,6 @@ matrix_homeserver_app_service_config_files_auto: |
+
(['/matrix-appservice-slack-registration.yaml'] if matrix_appservice_slack_enabled else [])
+
(['/matrix-appservice-webhooks-registration.yaml'] if matrix_appservice_webhooks_enabled else [])
+
(['/matrix-beeper-linkedin-registration.yaml'] if matrix_beeper_linkedin_enabled else [])
+
(['/matrix-wechat-registration.yaml'] if matrix_wechat_enabled else [])
@@ -181,18 +175,16 @@ matrix_homeserver_app_service_config_files_auto: |
+
(['/hookshot-registration.yml'] if matrix_hookshot_enabled else [])
+
(['/matrixzulipbridge-registration.yaml'] if matrix_zulip_bridge_enabled else [])
+
(['/matrix-mautrix-bluesky-registration.yaml'] if matrix_mautrix_bluesky_enabled else [])
+
(['/matrix-mautrix-discord-registration.yaml'] if matrix_mautrix_discord_enabled else [])
+
(['/matrix-mautrix-slack-registration.yaml'] if matrix_mautrix_slack_enabled else [])
+
(['/matrix-mautrix-facebook-registration.yaml'] if matrix_mautrix_facebook_enabled else [])
+
(['/matrix-mautrix-googlechat-registration.yaml'] if matrix_mautrix_googlechat_enabled else [])
+
(['/matrix-mautrix-instagram-registration.yaml'] if matrix_mautrix_instagram_enabled else [])
+
(['/matrix-mautrix-signal-registration.yaml'] if matrix_mautrix_signal_enabled else [])
+
(['/matrix-mautrix-meta-messenger-registration.yaml'] if matrix_mautrix_meta_messenger_enabled else [])
@@ -291,8 +283,6 @@ devture_systemd_service_manager_services_list_auto: |
+
([{'name': 'matrix-bot-draupnir.service', 'priority': 4000, 'groups': ['matrix', 'bots', 'draupnir', 'bot-draupnir']}] if matrix_bot_draupnir_enabled else [])
+
([{'name': 'matrix-bot-chatgpt.service', 'priority': 2200, 'groups': ['matrix', 'bots', 'chatgpt', 'bot-chatgpt']}] if matrix_bot_chatgpt_enabled else [])
+
([{'name': 'matrix-appservice-discord.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'appservice-discord']}] if matrix_appservice_discord_enabled else [])
+
([{'name': 'matrix-appservice-draupnir-for-all.service', 'priority': 4000, 'groups': ['matrix', 'bridges', 'draupnir-for-all', 'appservice-draupnir-for-all']}] if matrix_appservice_draupnir_for_all_enabled else [])
@@ -305,8 +295,6 @@ devture_systemd_service_manager_services_list_auto: |
+
([{'name': 'matrix-appservice-slack.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'appservice-slack']}] if matrix_appservice_slack_enabled else [])
+
([{'name': 'matrix-appservice-webhooks.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'appservice-webhooks']}] if matrix_appservice_webhooks_enabled else [])
+
([{'name': 'matrix-beeper-linkedin.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'beeper-linkedin']}] if matrix_beeper_linkedin_enabled else [])
+
([{'name': 'matrix-wechat.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'wechat']}] if matrix_wechat_enabled else [])
@@ -317,18 +305,16 @@ devture_systemd_service_manager_services_list_auto: |
+
([{'name': 'matrix-hookshot.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'hookshot', 'bridge-hookshot']}] if matrix_hookshot_enabled else [])
+
([{'name': 'matrix-zulip-bridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'zulip']}] if matrix_zulip_bridge_enabled else [])
+
([{'name': 'matrix-mautrix-bluesky.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-bluesky']}] if matrix_mautrix_bluesky_enabled else [])
+
([{'name': 'matrix-mautrix-discord.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-discord']}] if matrix_mautrix_discord_enabled else [])
+
([{'name': 'matrix-mautrix-slack.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-slack']}] if matrix_mautrix_slack_enabled else [])
+
([{'name': 'matrix-mautrix-facebook.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-facebook']}] if matrix_mautrix_facebook_enabled else [])
+
([{'name': 'matrix-mautrix-googlechat.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-googlechat']}] if matrix_mautrix_googlechat_enabled else [])
+
([{'name': 'matrix-mautrix-instagram.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-instagram']}] if matrix_mautrix_instagram_enabled else [])
+
([{'name': 'matrix-mautrix-signal.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-signal', 'mautrix-signal']}] if matrix_mautrix_signal_enabled else [])
+
([{'name': (matrix_mautrix_meta_messenger_identifier + '.service'), 'priority': 2000, 'groups': ['matrix', 'bridges', 'mautrix-meta', 'mautrix-meta-messenger']}] if matrix_mautrix_meta_messenger_enabled else [])
@@ -377,6 +363,8 @@ devture_systemd_service_manager_services_list_auto: |
+
([{'name': 'matrix-coturn.service', 'priority': (900 if devture_systemd_service_manager_service_restart_mode == 'clean-stop-start' else 1500), 'groups': ['matrix', 'coturn']}] if matrix_coturn_enabled else [])
+
([{'name': 'matrix-matrixto.service', 'priority': 4000, 'groups': ['matrix', 'matrixto']}] if matrix_matrixto_enabled else [])
+
([{'name': 'matrix-rageshake.service', 'priority': 4000, 'groups': ['matrix', 'rageshake']}] if matrix_rageshake_enabled else [])
+
([{'name': 'matrix-coturn-reload.timer', 'priority': 5000, 'groups': ['matrix', 'coturn']}] if (matrix_coturn_enabled and matrix_coturn_tls_enabled) else [])
@@ -764,59 +752,6 @@ matrix_appservice_discord_database_password: "{{ '%s' | format(matrix_homeserver
#
######################################################################
######################################################################
#
# matrix-appservice-webhooks
#
######################################################################
# We don't enable bridges by default.
matrix_appservice_webhooks_enabled: false
matrix_appservice_webhooks_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_webhooks_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
}}
matrix_appservice_webhooks_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_appservice_webhooks_docker_image_registry_prefix_upstream_default }}"
matrix_appservice_webhooks_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_appservice_webhooks_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ matrix_appservice_webhooks_matrix_port) if matrix_playbook_service_host_bind_interface_prefix else '' }}"
matrix_appservice_webhooks_container_network: "{{ matrix_addons_container_network }}"
matrix_appservice_webhooks_container_additional_networks_auto: |-
{{
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_appservice_webhooks_container_labels_traefik_enabled) else [])
) | unique
}}
matrix_appservice_webhooks_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
matrix_appservice_webhooks_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_appservice_webhooks_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_appservice_webhooks_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_appservice_webhooks_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'webhook.as.token', rounds=655555) | to_uuid }}"
matrix_appservice_webhooks_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_appservice_webhooks_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'webhook.hs.token', rounds=655555) | to_uuid }}"
matrix_appservice_webhooks_id_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'webhook.id.token', rounds=655555) | to_uuid }}"
######################################################################
#
# /matrix-appservice-webhooks
#
######################################################################
######################################################################
#
# matrix-appservice-slack
@@ -1138,7 +1073,7 @@ matrix_mautrix_discord_container_additional_networks_auto: |-
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
([postgres_container_network] if postgres_enabled and matrix_mautrix_facebook_database_hostname == postgres_connection_hostname else [])
([postgres_container_network] if postgres_enabled and matrix_mautrix_discord_database_hostname == postgres_connection_hostname else [])
+
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_mautrix_discord_container_labels_traefik_enabled) else [])
) | unique
@@ -1254,85 +1189,6 @@ matrix_mautrix_slack_public_media_signing_key: "{{ '%s' | format(matrix_homeserv
#
######################################################################
######################################################################
#
# matrix-bridge-mautrix-facebook
#
######################################################################
# We don't enable bridges by default.
matrix_mautrix_facebook_enabled: false
matrix_mautrix_facebook_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
+
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_mautrix_facebook_database_hostname == postgres_connection_hostname) else [])
}}
matrix_mautrix_facebook_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_mautrix_facebook_docker_image_registry_prefix_upstream_default }}"
matrix_mautrix_facebook_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_mautrix_facebook_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '9008') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
matrix_mautrix_facebook_container_network: "{{ matrix_addons_container_network }}"
matrix_mautrix_facebook_container_additional_networks_auto: |-
{{
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
([postgres_container_network] if (postgres_enabled and matrix_mautrix_facebook_database_hostname == postgres_connection_hostname and matrix_mautrix_facebook_container_network != postgres_container_network) else [])
+
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_mautrix_facebook_container_labels_traefik_enabled) else [])
) | unique
}}
matrix_mautrix_facebook_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
matrix_mautrix_facebook_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_mautrix_facebook_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_mautrix_facebook_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_mautrix_facebook_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
matrix_mautrix_facebook_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
matrix_mautrix_facebook_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'fb.as.token', rounds=655555) | to_uuid }}"
matrix_mautrix_facebook_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_mautrix_facebook_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'fb.hs.token', rounds=655555) | to_uuid }}"
matrix_mautrix_facebook_homeserver_async_media: "{{ matrix_homeserver_implementation in ['synapse'] }}"
matrix_mautrix_facebook_appservice_public_enabled: true
matrix_mautrix_facebook_appservice_public_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_mautrix_facebook_appservice_public_prefix: "/{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'facebook', rounds=655555) | to_uuid }}"
matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
matrix_mautrix_facebook_bridge_presence: "{{ (matrix_synapse_presence_enabled if matrix_synapse_enabled else true) if matrix_homeserver_implementation == 'synapse' else true }}"
matrix_mautrix_facebook_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}"
matrix_mautrix_facebook_metrics_proxying_enabled: "{{ matrix_mautrix_facebook_metrics_enabled and matrix_metrics_exposure_enabled }}"
matrix_mautrix_facebook_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}"
matrix_mautrix_facebook_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/mautrix-facebook"
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
# and point them to a migration path.
matrix_mautrix_facebook_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
matrix_mautrix_facebook_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
matrix_mautrix_facebook_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.fb.db', rounds=655555) | to_uuid }}"
######################################################################
#
# /matrix-bridge-mautrix-facebook
#
######################################################################
######################################################################
#
# matrix-bridge-mautrix-googlechat
@@ -1411,76 +1267,6 @@ matrix_mautrix_googlechat_database_password: "{{ '%s' | format(matrix_homeserver
#
######################################################################
######################################################################
#
# matrix-bridge-mautrix-instagram
#
######################################################################
# We don't enable bridges by default.
matrix_mautrix_instagram_enabled: false
matrix_mautrix_instagram_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
+
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_mautrix_instagram_database_hostname == postgres_connection_hostname) else [])
}}
matrix_mautrix_instagram_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_mautrix_instagram_docker_image_registry_prefix_upstream_default }}"
matrix_mautrix_instagram_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_mautrix_instagram_container_network: "{{ matrix_addons_container_network }}"
matrix_mautrix_instagram_container_additional_networks_auto: |-
{{
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
([postgres_container_network] if (postgres_enabled and matrix_mautrix_instagram_database_hostname == postgres_connection_hostname and matrix_mautrix_instagram_container_network != postgres_container_network) else [])
+
([matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network and matrix_mautrix_instagram_container_labels_traefik_enabled else [])
) | unique
}}
matrix_mautrix_instagram_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
matrix_mautrix_instagram_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_mautrix_instagram_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_mautrix_instagram_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_mautrix_instagram_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
matrix_mautrix_instagram_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
matrix_mautrix_instagram_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ig.as.token', rounds=655555) | to_uuid }}"
matrix_mautrix_instagram_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_mautrix_instagram_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ig.hs.token', rounds=655555) | to_uuid }}"
matrix_mautrix_instagram_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
matrix_mautrix_instagram_bridge_presence: "{{ (matrix_synapse_presence_enabled if matrix_synapse_enabled else true) if matrix_homeserver_implementation == 'synapse' else true }}"
matrix_mautrix_instagram_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}"
matrix_mautrix_instagram_metrics_proxying_enabled: "{{ matrix_mautrix_instagram_metrics_enabled and matrix_metrics_exposure_enabled }}"
matrix_mautrix_instagram_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}"
matrix_mautrix_instagram_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/mautrix-instagram"
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
# and point them to a migration path.
matrix_mautrix_instagram_database_engine: "{{ 'postgres' if postgres_enabled else 'sqlite' }}"
matrix_mautrix_instagram_database_hostname: "{{ postgres_connection_hostname if postgres_enabled else '' }}"
matrix_mautrix_instagram_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mau.ig.db', rounds=655555) | to_uuid }}"
######################################################################
#
# /matrix-bridge-mautrix-instagram
#
######################################################################
######################################################################
#
# matrix-bridge-mautrix-signal
@@ -1890,7 +1676,7 @@ matrix_mautrix_gmessages_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
+
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_mautrix_facebook_database_hostname == postgres_connection_hostname) else [])
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_mautrix_gmessages_database_hostname == postgres_connection_hostname) else [])
}}
matrix_mautrix_gmessages_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_mautrix_gmessages_docker_image_registry_prefix_upstream_default }}"
@@ -2146,8 +1932,6 @@ matrix_sms_bridge_enabled: false
matrix_sms_bridge_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
+
([postgres_identifier ~ '.service'] if (postgres_enabled and matrix_mautrix_facebook_database_hostname == postgres_connection_hostname) else [])
}}
matrix_sms_bridge_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_sms_bridge_docker_image_registry_prefix_upstream_default }}"
@@ -2290,6 +2074,55 @@ matrix_hookshot_public_hostname: "{{ matrix_server_fqn_matrix }}"
#
######################################################################
######################################################################
#
# matrix-bridge-zulip
#
######################################################################
# We don't enable bridges by default.
matrix_zulip_bridge_enabled: false
matrix_zulip_bridge_scheme: "{{ 'https' if matrix_playbook_ssl_enabled else 'http' }}"
# Set this to your Matrix ID if you want to enforce the owner, otherwise first _local_ user becomes one
matrix_zulip_bridge_owner: "{{ matrix_admin if matrix_admin else '' }}"
matrix_zulip_bridge_systemd_required_services_list_auto: |
{{
matrix_addons_homeserver_systemd_services_list
}}
matrix_zulip_bridge_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_zulip_bridge_docker_image_registry_prefix_upstream_default }}"
matrix_zulip_bridge_container_network: "{{ matrix_addons_container_network }}"
matrix_zulip_bridge_container_additional_networks_auto: |-
{{
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
[matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_zulip_bridge_container_labels_traefik_enabled and matrix_playbook_reverse_proxyable_services_additional_network) else []
) | unique
}}
matrix_zulip_bridge_container_labels_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] }}"
matrix_zulip_bridge_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_zulip_bridge_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_zulip_bridge_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
matrix_zulip_bridge_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'zulip.as.tok', rounds=655555) | to_uuid }}"
matrix_zulip_bridge_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'zulip.hs.tok', rounds=655555) | to_uuid }}"
matrix_zulip_bridge_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
######################################################################
#
# /matrix-bridge-zulip
#
######################################################################
######################################################################
#
# matrix-bridge-mx-puppet-steam
@@ -2409,8 +2242,8 @@ matrix_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['a
matrix_postmoogle_ssl_path: |-
{{
{
'playbook-managed-traefik': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''),
'other-traefik-container': (traefik_certs_dumper_dumped_certificates_dir_path if traefik_certs_dumper_enabled else ''),
'playbook-managed-traefik': (traefik_certs_dumper_dumped_certificates_path if traefik_certs_dumper_enabled else ''),
'other-traefik-container': (traefik_certs_dumper_dumped_certificates_path if traefik_certs_dumper_enabled else ''),
'none': '',
}[matrix_playbook_reverse_proxy_type]
}}
@@ -2844,33 +2677,6 @@ matrix_bot_baibot_container_additional_networks_auto: |-
#
######################################################################
######################################################################
#
# matrix-bot-chatgpt
#
######################################################################
# We don't enable bots by default.
matrix_bot_chatgpt_enabled: false
matrix_bot_chatgpt_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_bot_chatgpt_container_image_registry_prefix_upstream_default }}"
matrix_bot_chatgpt_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
matrix_bot_chatgpt_container_network: "{{ matrix_addons_container_network }}"
matrix_bot_chatgpt_container_additional_networks_auto: "{{ [] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network] }}"
matrix_bot_chatgpt_matrix_homeserver_url: "{{ matrix_addons_homeserver_client_api_url }}"
matrix_bot_chatgpt_systemd_required_services_list_auto: "{{ matrix_addons_homeserver_systemd_services_list }}"
######################################################################
#
# /matrix-bot-chatgpt
#
######################################################################
######################################################################
#
# matrix-bot-go-neb
@@ -3273,6 +3079,38 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
#
######################################################################
######################################################################
#
# matrix-matrixto
#
######################################################################
# We don't enable matrixto by default.
matrix_matrixto_enabled: false
matrix_matrixto_base_path: "{{ matrix_base_data_path }}/matrixto"
# The container image is not provided at https://github.com/matrix-org/matrix.to
matrix_matrixto_container_image_self_build: true
matrix_matrixto_hostname: "{{ matrix_server_fqn_matrixto }}"
matrix_matrixto_container_network: matrix-matrixto
matrix_matrixto_container_additional_networks: "{{ [matrix_playbook_reverse_proxyable_services_additional_network] if matrix_playbook_reverse_proxyable_services_additional_network else [] }}"
matrix_matrixto_container_http_host_bind_port: "{{ (matrix_playbook_service_host_bind_interface_prefix ~ '5000') if matrix_playbook_service_host_bind_interface_prefix else '' }}"
matrix_matrixto_container_labels_traefik_enabled: "{{ matrix_playbook_traefik_labels_enabled }}"
matrix_matrixto_container_labels_traefik_docker_network: "{{ matrix_playbook_reverse_proxyable_services_additional_network }}"
matrix_matrixto_container_labels_traefik_entrypoints: "{{ traefik_entrypoint_primary }}"
matrix_matrixto_container_labels_traefik_tls_certResolver: "{{ traefik_certResolver_primary }}"
######################################################################
#
# /matrix-matrixto
#
######################################################################
######################################################################
#
@@ -3314,6 +3152,8 @@ matrix_rageshake_container_labels_traefik_tls_certResolver: "{{ traefik_certReso
matrix_coturn_enabled: true
matrix_coturn_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_coturn_docker_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else matrix_coturn_docker_image_registry_prefix_upstream_default }}"
matrix_coturn_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
@@ -3353,12 +3193,12 @@ matrix_coturn_container_additional_volumes: |
(
[
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/' + matrix_server_fqn_matrix + '/certificate.crt'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/' + matrix_coturn_hostname + '/certificate.crt'),
'dst': '/certificate.crt',
'options': 'ro',
},
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/' + matrix_server_fqn_matrix + '/privatekey.key'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/' + matrix_coturn_hostname + '/privatekey.key'),
'dst': '/privatekey.key',
'options': 'ro',
},
@@ -3368,7 +3208,7 @@ matrix_coturn_container_additional_volumes: |
matrix_coturn_systemd_required_services_list_auto: |
{{
([traefik_certs_dumper_identifier + '-wait-for-domain@' + matrix_server_fqn_matrix + '.service'] if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and traefik_certs_dumper_enabled and matrix_coturn_tls_enabled else [])
([traefik_certs_dumper_identifier + '-wait-for-domain@' + matrix_coturn_hostname + '.service'] if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and traefik_certs_dumper_enabled and matrix_coturn_tls_enabled else [])
}}
######################################################################
@@ -3808,6 +3648,8 @@ matrix_media_repo_container_additional_networks: |
([postgres_container_network] if (postgres_enabled and matrix_media_repo_database_hostname == postgres_connection_hostname and postgres_container_network != matrix_media_repo_container_network) else [])
+
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_media_repo_container_labels_traefik_enabled) else [])
+
([valkey_container_network] if valkey_enabled and matrix_media_repo_redis_enabled else [])
) | unique
}}
@@ -3873,6 +3715,21 @@ matrix_media_repo_homeservers_auto:
matrix_media_repo_homeserver_federation_enabled: "{{ matrix_homeserver_federation_enabled }}"
matrix_media_repo_redis_enabled: "{{ valkey_enabled }}"
# Use next redis index since Synapse is on 0. You can chose between index 0 and 15.
matrix_media_repo_redis_database_number: 1
matrix_media_repo_redis_shards: |
{{
([{
'name': 'valkey',
'addr': (valkey_identifier + ':' + valkey_container_http_port | string),
}])
if valkey_enabled and matrix_media_repo_redis_enabled
else []
}}
######################################################################
#
# /matrix-media-repo
@@ -4058,24 +3915,12 @@ postgres_managed_databases_auto: |
'password': matrix_mautrix_bluesky_database_password,
}] if (matrix_mautrix_bluesky_enabled and matrix_mautrix_bluesky_database_engine == 'postgres' and matrix_mautrix_bluesky_database_hostname == postgres_connection_hostname) else [])
+
([{
'name': matrix_mautrix_facebook_database_name,
'username': matrix_mautrix_facebook_database_username,
'password': matrix_mautrix_facebook_database_password,
}] if (matrix_mautrix_facebook_enabled and matrix_mautrix_facebook_database_engine == 'postgres' and matrix_mautrix_facebook_database_hostname == postgres_connection_hostname) else [])
+
([{
'name': matrix_mautrix_googlechat_database_name,
'username': matrix_mautrix_googlechat_database_username,
'password': matrix_mautrix_googlechat_database_password,
}] if (matrix_mautrix_googlechat_enabled and matrix_mautrix_googlechat_database_engine == 'postgres' and matrix_mautrix_googlechat_database_hostname == postgres_connection_hostname) else [])
+
([{
'name': matrix_mautrix_instagram_database_name,
'username': matrix_mautrix_instagram_database_username,
'password': matrix_mautrix_instagram_database_password,
}] if (matrix_mautrix_instagram_enabled and matrix_mautrix_instagram_database_engine == 'postgres' and matrix_mautrix_instagram_database_hostname == postgres_connection_hostname) else [])
+
([{
'name': matrix_mautrix_signal_database_name,
'username': matrix_mautrix_signal_database_username,
@@ -4906,10 +4751,6 @@ matrix_synapse_admin_config_asManagedUsers_auto: |
'^@'+(matrix_bot_draupnir_login | default('') | regex_escape) +':'+(matrix_domain | regex_escape)+'$',
] if matrix_bot_draupnir_enabled else [])
+
([
'^@'+(matrix_bot_chatgpt_matrix_bot_username_localpart | default('') | regex_escape) +':'+(matrix_domain | regex_escape)+'$',
] if matrix_bot_chatgpt_enabled else [])
+
([
'^@'+(matrix_bot_honoroit_login | default('') | regex_escape) +':'+(matrix_domain | regex_escape)+'$',
] if matrix_bot_honoroit_enabled else [])
@@ -4939,11 +4780,6 @@ matrix_synapse_admin_config_asManagedUsers_auto: |
'^@'+(matrix_appservice_slack_user_prefix | default('') | regex_escape)+'[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_appservice_slack_enabled else [])
+
([
'^@'+(matrix_appservice_webhooks_bot_name | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$',
'^@'+(matrix_appservice_webhooks_user_prefix | default('') | regex_escape)+'[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_appservice_webhooks_enabled else [])
+
([
'^@'+(matrix_beeper_linkedin_appservice_bot_username | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$',
'^@linkedin_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
@@ -4954,6 +4790,11 @@ matrix_synapse_admin_config_asManagedUsers_auto: |
'^@hbirc_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_heisenbridge_enabled else [])
+
([
'^@zulipbot:'+(matrix_domain | regex_escape)+'$',
'^@zulip_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_zulip_bridge_enabled else [])
+
([
'^@hookshot:'+(matrix_domain | regex_escape)+'$',
'^@_github_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
@@ -4972,11 +4813,6 @@ matrix_synapse_admin_config_asManagedUsers_auto: |
'^@discord_[0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_mautrix_discord_enabled else [])
+
([
'^@'+(matrix_mautrix_facebook_appservice_bot_username | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$',
'^@facebook_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_mautrix_facebook_enabled else [])
+
([
'^@'+(matrix_mautrix_gmessages_appservice_bot_username | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$',
'^@gmessages_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
@@ -4987,11 +4823,6 @@ matrix_synapse_admin_config_asManagedUsers_auto: |
'^@googlechat_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_mautrix_googlechat_enabled else [])
+
([
'^@'+(matrix_mautrix_instagram_appservice_bot_username | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$',
'^@instagram_[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
] if matrix_mautrix_instagram_enabled else [])
+
([
'^@'+(matrix_mautrix_meta_instagram_appservice_username | default('') | regex_escape)+':'+(matrix_domain | regex_escape)+'$',
'^@'+(matrix_mautrix_meta_instagram_bridge_username_prefix | default('') | regex_escape)+'[a-zA-Z0-9]+:'+(matrix_domain | regex_escape)+'$',
@@ -5449,7 +5280,7 @@ matrix_registration_container_additional_networks_auto: |-
(
([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+
([postgres_container_network] if (postgres_enabled and matrix_registration_database_hostname == postgres_connection_hostname and matrix_mautrix_facebook_container_network != postgres_container_network) else [])
([postgres_container_network] if (postgres_enabled and matrix_registration_database_hostname == postgres_connection_hostname and matrix_registration_container_network != postgres_container_network) else [])
+
([matrix_playbook_reverse_proxyable_services_additional_network] if (matrix_playbook_reverse_proxyable_services_additional_network and matrix_registration_container_labels_traefik_enabled) else [])
) | unique
@@ -5819,12 +5650,6 @@ matrix_user_creator_users_auto: |
'initial_type': 'bot',
}] if matrix_bot_baibot_enabled else [])
+
([{
'username': matrix_bot_chatgpt_matrix_bot_username_localpart,
'initial_password': matrix_bot_chatgpt_matrix_bot_password,
'initial_type': 'bot',
}] if matrix_bot_chatgpt_enabled and matrix_bot_chatgpt_matrix_bot_password | length > 0 else [])
+
([{
'username': matrix_bot_matrix_reminder_bot_matrix_user_id_localpart,
'initial_password': matrix_bot_matrix_reminder_bot_matrix_user_password,
@@ -6053,6 +5878,11 @@ traefik_systemd_required_services_list: |
([container_socket_proxy_identifier + '.service'] if container_socket_proxy_enabled else [])
}}
traefik_additional_domains_to_obtain_certificates_for_auto: |
{{
([matrix_coturn_hostname] if (matrix_coturn_enabled and matrix_coturn_tls_enabled and matrix_coturn_hostname != matrix_server_fqn_matrix) else [])
}}
########################################################################
# #
# /traefik #
@@ -6075,7 +5905,7 @@ traefik_certs_dumper_base_path: "{{ matrix_base_data_path }}/traefik-certs-dumpe
traefik_certs_dumper_uid: "{{ matrix_user_uid }}"
traefik_certs_dumper_gid: "{{ matrix_user_gid }}"
traefik_certs_dumper_ssl_dir_path: "{{ traefik_ssl_dir_path if traefik_enabled else '' }}"
traefik_certs_dumper_ssl_path: "{{ traefik_ssl_dir_path if traefik_enabled else '' }}"
traefik_certs_dumper_container_image_registry_prefix_upstream: "{{ matrix_container_global_registry_prefix_override if matrix_container_global_registry_prefix_override else traefik_certs_dumper_container_image_registry_prefix_upstream_default }}"
@@ -6184,12 +6014,12 @@ livekit_server_container_additional_volumes_auto: |
(
[
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/' + livekit_server_config_turn_domain + '/certificate.crt'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/' + livekit_server_config_turn_domain + '/certificate.crt'),
'dst': livekit_server_config_turn_cert_file,
'options': 'ro',
},
{
'src': (traefik_certs_dumper_dumped_certificates_dir_path + '/' + livekit_server_config_turn_domain + '/privatekey.key'),
'src': (traefik_certs_dumper_dumped_certificates_path + '/' + livekit_server_config_turn_domain + '/privatekey.key'),
'dst': livekit_server_config_turn_key_file,
'options': 'ro',
},

18
i18n/requirements.txt
View File

@@ -1,9 +1,9 @@
alabaster==1.0.0
babel==2.17.0
certifi==2025.10.5
certifi==2026.1.4
charset-normalizer==3.4.4
click==8.3.0
docutils==0.22.3
click==8.3.1
docutils==0.22.4
idna==3.11
imagesize==1.4.1
Jinja2==3.1.6
@@ -12,16 +12,16 @@ markdown-it-py==4.0.0
MarkupSafe==3.0.3
mdit-py-plugins==0.5.0
mdurl==0.1.2
myst-parser==4.0.1
packaging==25.0
myst-parser==5.0.0
packaging==26.0
Pygments==2.19.2
PyYAML==6.0.3
requests==2.32.5
setuptools==80.9.0
setuptools==80.10.2
snowballstemmer==3.0.1
Sphinx==8.2.3
Sphinx==9.1.0
sphinx-intl==2.3.2
sphinx-markdown-builder==0.6.8
sphinx-markdown-builder==0.6.9
sphinxcontrib-applehelp==2.0.0
sphinxcontrib-devhelp==2.0.0
sphinxcontrib-htmlhelp==2.1.0
@@ -30,4 +30,4 @@ sphinxcontrib-qthelp==2.0.0
sphinxcontrib-serializinghtml==2.0.0
tabulate==0.9.0
uc-micro-py==1.0.3
urllib3==2.5.0
urllib3==2.6.3

40
requirements.yml
View File

@@ -1,61 +1,61 @@
---
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-aux.git
version: v1.0.0-5
version: v1.0.0-6
name: auxiliary
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-backup_borg.git
version: v1.4.2-2.0.11-0
version: v1.4.3-2.0.13-0
name: backup_borg
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-container-socket-proxy.git
version: v0.4.1-2
version: v0.4.2-1
name: container_socket_proxy
- src: git+https://github.com/geerlingguy/ansible-role-docker
version: 7.8.0
version: 8.0.0
name: docker
- src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git
version: 129c8590e106b83e6f4c259649a613c6279e937a
version: 542a2d68db4e9a8e9bb4b508052760b900c7dce6
name: docker_sdk_for_python
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etherpad.git
version: v2.5.2-1
version: v2.6.1-0
name: etherpad
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
version: v4.98.1-r0-2-2
name: exim_relay
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-grafana.git
version: v11.6.5-4
version: v11.6.5-6
name: grafana
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
version: v10590-0
version: v10710-0
name: jitsi
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
version: v1.9.3-0
version: v1.9.11-0
name: livekit_server
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-ntfy.git
version: v2.14.0-3
version: v2.16.0-0
name: ntfy
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
version: 7663e3114513e56f28d3ed762059b445c678a71a
version: 8630e4f1749bcb659c412820f754473f09055052
name: playbook_help
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages.git
version: 9b4b088c62b528b73a9a7c93d3109b091dd42ec6
name: playbook_runtime_messages
- src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git
version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
version: dd6e15246b7a9a2d921e0b3f9cd8a4a917a1bb2f
name: playbook_state_preserver
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres.git
version: v18.0-1
version: v18.1-3
name: postgres
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-postgres-backup.git
version: v18-0
name: postgres_backup
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
version: v3.7.3-1
version: v3.9.1-0
name: prometheus
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
version: v1.9.1-12
version: v1.9.1-13
name: prometheus_node_exporter
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
version: v0.18.1-1
version: v0.18.1-2
name: prometheus_postgres_exporter
- src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
version: v1.4.1-0
@@ -64,14 +64,14 @@
version: v1.0.0-4
name: systemd_service_manager
- src: git+https://github.com/devture/com.devture.ansible.role.timesync.git
version: v1.1.0-0
version: v1.1.0-1
name: timesync
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik.git
version: v3.5.4-1
version: v3.6.7-1
name: traefik
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-traefik-certs-dumper.git
version: v2.10.0-2
version: v2.10.0-4
name: traefik_certs_dumper
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-valkey.git
version: v9-0
version: v9.0.1-0
name: valkey

2
roles/custom/matrix-alertmanager-receiver/defaults/main.yml
View File

@@ -11,7 +11,7 @@
matrix_alertmanager_receiver_enabled: true
# renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
matrix_alertmanager_receiver_version: 2025.11.5
matrix_alertmanager_receiver_version: 2026.1.21
matrix_alertmanager_receiver_scheme: https

2
roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml
View File

@@ -12,7 +12,7 @@
matrix_appservice_draupnir_for_all_enabled: true
# renovate: datasource=docker depName=gnuxie/draupnir
matrix_appservice_draupnir_for_all_version: "v2.7.1"
matrix_appservice_draupnir_for_all_version: "v2.9.0"
matrix_appservice_draupnir_for_all_container_image_self_build: false
matrix_appservice_draupnir_for_all_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"

2
roles/custom/matrix-appservice-draupnir-for-all/tasks/validate_config.yml
View File

@@ -13,7 +13,7 @@
with_items:
- "matrix_appservice_draupnir_for_all_config_adminRoom"
- "matrix_bot_draupnir_container_network"
when: "vars[item] == '' or vars[item] is none"
when: "lookup('vars', item, default='') == '' or lookup('vars', item, default='') is none"
- name: (Deprecation) Catch and report renamed matrix-appservice-draupnir-for-all settings
ansible.builtin.fail:

2
roles/custom/matrix-authentication-service/defaults/main.yml
View File

@@ -22,7 +22,7 @@ matrix_authentication_service_container_repo_version: "{{ 'main' if matrix_authe
matrix_authentication_service_container_src_files_path: "{{ matrix_base_data_path }}/matrix-authentication-service/container-src"
# renovate: datasource=docker depName=ghcr.io/element-hq/matrix-authentication-service
matrix_authentication_service_version: 1.5.0
matrix_authentication_service_version: 1.9.0
matrix_authentication_service_container_image_registry_prefix: "{{ 'localhost/' if matrix_authentication_service_container_image_self_build else matrix_authentication_service_container_image_registry_prefix_upstream }}"
matrix_authentication_service_container_image_registry_prefix_upstream: "{{ matrix_authentication_service_container_image_registry_prefix_upstream_default }}"
matrix_authentication_service_container_image_registry_prefix_upstream_default: "ghcr.io/"

2
roles/custom/matrix-authentication-service/tasks/mas_cli_syn2mas.yml
View File

@@ -19,7 +19,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and vars[item.name] | string | length == 0"
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_authentication_service_syn2mas_synapse_homeserver_config_path', when: true}

2
roles/custom/matrix-authentication-service/tasks/validate_config.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and vars[item.name] | string | length == 0"
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_authentication_service_hostname', when: true}
- {'name': 'matrix_authentication_service_config_database_username', when: true}

8
roles/custom/matrix-base/defaults/main.yml
View File

@@ -148,6 +148,9 @@ matrix_server_fqn_ntfy: "ntfy.{{ matrix_domain }}"
# This is where you access rageshake.
matrix_server_fqn_rageshake: "rageshake.{{ matrix_domain }}"
# This is where you access Matrix.to.
matrix_server_fqn_matrixto: "mt.{{ matrix_domain }}"
matrix_federation_public_port: 8448
# The name of the Traefik entrypoint for handling Matrix Federation
@@ -270,7 +273,7 @@ matrix_metrics_exposure_http_basic_auth_users: ''
# - nevertheless, the playbook expects that you would install Traefik yourself via other means
# - you should make sure your Traefik configuration is compatible with what the playbook would have configured (web, web-secure, matrix-federation entrypoints, etc.)
# - you need to set `matrix_playbook_reverse_proxyable_services_additional_network` to the name of your Traefik network
# - Traefik certs dumper will be enabled by default (`traefik_certs_dumper_enabled`). You need to point it to your Traefik's SSL certificates (`traefik_certs_dumper_ssl_dir_path`)
# - Traefik certs dumper will be enabled by default (`traefik_certs_dumper_enabled`). You need to point it to your Traefik's SSL certificates (`traefik_certs_dumper_ssl_path`)
#
# - `none`
# - no reverse-proxy will be installed
@@ -388,7 +391,8 @@ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_enabled: "{{ matri
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_name: matrix-internal-matrix-client-api
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_port: 8008
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_host_bind_port: ''
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config: "{{ matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_auto | combine(matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_custom, recursive=True) }}"
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config: "{{ (matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_default | combine(matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_auto)) | combine(matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_custom, recursive=True) }}"
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_default: {}
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_auto: {}
matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_custom: {}

17
roles/custom/matrix-base/tasks/validate_config.yml
View File

@@ -36,6 +36,11 @@
- {'old': 'matrix_container_global_registry_prefix', 'new': '<no global variable anymore; you need to override the `_registry_prefix` variable in each component separately>'}
- {'old': 'matrix_user_username', 'new': 'matrix_user_name'}
- {'old': 'matrix_user_groupname', 'new': 'matrix_group_name'}
- {'old': 'matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedSlash', 'new': '<removed>'}
- {'old': 'matrix_playbook_public_matrix_federation_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedHash', 'new': '<removed>'}
- {'old': 'matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedSlash', 'new': '<removed>'}
- {'old': 'matrix_playbook_internal_matrix_client_api_traefik_entrypoint_config_http_encodedCharacters_allowEncodedHash', 'new': '<removed>'}
# We have a dedicated check for this variable, because we'd like to have a custom (friendlier) message.
- name: Fail if matrix_homeserver_generic_secret_key is undefined
@@ -100,15 +105,3 @@
To clean up your server from mx-puppet-skype's presence, see this changelog entry: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#mx-puppet-skype-removal.
If you still need bridging to Skype, consider switching to the go-skype bridge instead. See `docs/configuring-playbook-bridge-go-skype-bridge.md`.
when: "lookup('ansible.builtin.varnames', '^matrix_mx_puppet_skype_enabled$', wantlist=True) | length > 0"
- name: Fail if mautrix-instagram and mautrix-meta-instagram are in conflict
ansible.builtin.fail:
msg: >-
Your configuration enables both the old mautrix-instagram bridge and the new mautrix-meta-instagram bridge.
By default, both bridges are configured to use the same bridge bot username (`@{{ matrix_mautrix_meta_instagram_appservice_username }}:{{ matrix_domain }}`) which is a conflict.
We recommend that you disable at least one of the bridges (preferably the old mautrix-instagram bridge), or to resolve the conflict in another way.
To resolve the conflict without disabling a bridge, consider adjusting one of `matrix_mautrix_instagram_appservice_bot_username` or `matrix_mautrix_meta_instagram_appservice_username` - they both have a value of {{ matrix_mautrix_meta_instagram_appservice_username }} right now.
when:
- matrix_mautrix_instagram_enabled | bool
- matrix_mautrix_meta_instagram_enabled | bool
- matrix_mautrix_instagram_appservice_bot_username == matrix_mautrix_meta_instagram_appservice_username

27
roles/custom/matrix-bot-baibot/defaults/main.yml
View File

@@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
# renovate: datasource=docker depName=ghcr.io/etkecc/baibot
matrix_bot_baibot_version: v1.8.1
matrix_bot_baibot_version: v1.13.0
matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
@@ -70,6 +70,23 @@ matrix_bot_baibot_config_user_password: ''
# Also see: `matrix_bot_baibot_config_user_mxid_localpart`
matrix_bot_baibot_config_user_name: baibot
# Controls the `user.avatar` configuration setting.
#
# An optional path to an image file to be used as a custom avatar image.
# This path should be an in-container path (e.g., `/data/avatar.png`).
# Any type of content type is supported, but stick to common image formats (PNG, JPG, ..) for better compatibility with various Matrix clients.
#
# To use a custom avatar:
# - Use the auxiliary role (`aux_` variables) to upload your avatar file to the server (e.g. to {{ matrix_bot_baibot_data_path }}/avatar.png on the host),
# or do it any other way (without Ansible) you prefer
# - Set this variable to something like `/data/avatar.png` (the in-container path)
#
# Possible values:
# - null or empty string: use the default baibot avatar
# - "keep": don't touch the avatar, keep whatever is already set (useful if you manage the avatar via other means)
# - any other value: path to a custom avatar image file (must be an in-container path like `/data/avatar.png`)
matrix_bot_baibot_config_user_avatar: null
# Controls the `user.encryption.recovery_passphrase` configuration setting.
#
# An optional passphrase to use for backing up and recovering the bot's encryption keys.
@@ -204,8 +221,8 @@ matrix_bot_baibot_config_agents_static_definitions_anthropic_config_base_url: ht
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_api_key: ""
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_enabled: true
# For valid model choices, see: https://platform.anthropic.com/docs/models
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_model_id: claude-3-7-sonnet-20250219
# For valid model choices, see: https://docs.claude.com/en/docs/about-claude/models/overview
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_model_id: claude-sonnet-4-5-20250929
# The prompt text to use (can be null or empty to not use a prompt).
# See: https://huggingface.co/docs/transformers/en/tasks/prompting
matrix_bot_baibot_config_agents_static_definitions_anthropic_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}"
@@ -368,7 +385,7 @@ matrix_bot_baibot_config_agents_static_definitions_openai_config_api_key: ""
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_enabled: true
# For valid model choices, see: https://platform.openai.com/docs/models
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-5
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_model_id: gpt-5.2
# The prompt text to use (can be null or empty to not use a prompt).
# See: https://huggingface.co/docs/transformers/en/tasks/prompting
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_generation_prompt: "{{ matrix_bot_baibot_config_agents_static_definitions_prompt }}"
@@ -389,7 +406,7 @@ matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_
matrix_bot_baibot_config_agents_static_definitions_openai_config_text_to_speech_response_format: opus
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_enabled: true
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_model_id: gpt-image-1
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_model_id: gpt-image-1.5
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_style: null
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_size: null
matrix_bot_baibot_config_agents_static_definitions_openai_config_image_generation_quality: null

6
roles/custom/matrix-bot-baibot/templates/config.yaml.j2
View File

@@ -21,6 +21,12 @@ user:
# Leave empty to use the default (baibot).
name: {{ matrix_bot_baibot_config_user_name | to_json }}
# An optional path to an image file to be used as a custom avatar image.
# - null or empty string: use the default avatar
# - "keep": don't touch the avatar, keep whatever is already set
# - any other value: path to a custom avatar image file
avatar: {{ matrix_bot_baibot_config_user_avatar | to_json }}
encryption:
# An optional passphrase to use for backing up and recovering the bot's encryption keys.
# You can use any string here.

116
roles/custom/matrix-bot-chatgpt/defaults/main.yml
View File

@@ -1,116 +0,0 @@
# SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2023 Joe Kappus
# SPDX-FileCopyrightText: 2023 MDAD project contributors
# SPDX-FileCopyrightText: 2023 Nikita Chernyi
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
# SPDX-FileCopyrightText: 2024 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# chatgpt is a bot for chatting to openAI chatgpt Matrix bot
# Project source code URL: https://github.com/matrixgpt/matrix-chatgpt-bot
matrix_bot_chatgpt_enabled: true
# renovate: datasource=docker depName=ghcr.io/matrixgpt/matrix-chatgpt-bot
matrix_bot_chatgpt_version: 3.1.4
matrix_bot_chatgpt_container_image_self_build: false
matrix_bot_chatgpt_container_image_self_build_repo: "https://github.com/matrixgpt/matrix-chatgpt-bot"
matrix_bot_chatgpt_container_image_self_build_repo_version: "{{ 'main' if matrix_bot_chatgpt_version == 'latest' else matrix_bot_chatgpt_version }}"
matrix_bot_chatgpt_container_image: "{{ matrix_bot_chatgpt_container_image_registry_prefix }}matrixgpt/matrix-chatgpt-bot:{{ matrix_bot_chatgpt_container_image_tag }}"
matrix_bot_chatgpt_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_chatgpt_container_image_self_build else matrix_bot_chatgpt_container_image_registry_prefix_upstream }}"
matrix_bot_chatgpt_container_image_registry_prefix_upstream: "{{ matrix_bot_chatgpt_container_image_registry_prefix_upstream_default }}"
matrix_bot_chatgpt_container_image_registry_prefix_upstream_default: "ghcr.io/"
matrix_bot_chatgpt_container_image_tag: "{{ matrix_bot_chatgpt_version }}"
matrix_bot_chatgpt_container_image_force_pull: "{{ matrix_bot_chatgpt_container_image.endswith(':latest') }}"
matrix_bot_chatgpt_base_path: "{{ matrix_base_data_path }}/chatgpt"
matrix_bot_chatgpt_config_path: "{{ matrix_bot_chatgpt_base_path }}/config"
matrix_bot_chatgpt_data_path: "{{ matrix_bot_chatgpt_base_path }}/data"
matrix_bot_chatgpt_container_src_path: "{{ matrix_bot_chatgpt_base_path }}/container-src"
# Controls how long to wait for the container to stop gracefully before killing it.
# We use a small value here, because this container does not seem to handle the SIGTERM signal.
matrix_bot_chatgpt_container_stop_grace_time_seconds: 1
matrix_bot_chatgpt_container_network: ""
matrix_bot_chatgpt_container_additional_networks: "{{ matrix_bot_chatgpt_container_additional_networks_auto + matrix_bot_chatgpt_container_additional_networks_custom }}"
matrix_bot_chatgpt_container_additional_networks_auto: []
matrix_bot_chatgpt_container_additional_networks_custom: []
# A list of extra arguments to pass to the container
matrix_bot_chatgpt_container_extra_arguments: []
# List of systemd services that matrix-bot-chatgpt.service depends on
matrix_bot_chatgpt_systemd_required_services_list: "{{ matrix_bot_chatgpt_systemd_required_services_list_default + matrix_bot_chatgpt_systemd_required_services_list_auto + matrix_bot_chatgpt_systemd_required_services_list_custom }}"
matrix_bot_chatgpt_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_bot_chatgpt_systemd_required_services_list_auto: []
matrix_bot_chatgpt_systemd_required_services_list_custom: []
# List of systemd services that matrix-bot-chatgpt.service wants
matrix_bot_chatgpt_systemd_wanted_services_list: []
# ChatGPT Settings
matrix_bot_chatgpt_openai_api_key: ''
matrix_bot_chatgpt_api_model: 'gpt-3.5-turbo'
matrix_bot_chatgpt_context: 'thread' # CHATGPT_CONTEXT="thread"
matrix_bot_chatgpt_keyv_backend: 'file'
matrix_bot_chatgpt_keyv_url: ''
matrix_bot_chatgpt_keyv_bot_encryption: false
matrix_bot_chatgpt_keyv_bot_storage: true
# Matrix Static Settings (required, see notes)
# Defaults to "https://matrix.org"
matrix_bot_chatgpt_matrix_homeserver_url: "" # MATRIX_HOMESERVER_URL=
# With the @ and :example.com, ie @bot.chatgpt:example.com, needs to be set, created manually beforehand.
matrix_bot_chatgpt_matrix_bot_username_localpart: 'bot.chatgpt'
matrix_bot_chatgpt_matrix_bot_username: "@{{ matrix_bot_chatgpt_matrix_bot_username_localpart }}:{{ matrix_domain }}" # MATRIX_BOT_USERNAME=
# Set `MATRIX_BOT_PASSWORD` the bot will print an `MATRIX_ACCESS_TOKEN` to the terminal
# or https://webapps.stackexchange.com/questions/131056/how-to-get-an-access-token-for-element-riot-matrix
matrix_bot_chatgpt_matrix_access_token: '' # MATRIX_ACCESS_TOKEN=
# Once `MATRIX_BOT_ACCESS_TOKEN` is set this is no longer used.
matrix_bot_chatgpt_matrix_bot_password: '' # MATRIX_BOT_PASSWORD=
# Matrix Configurable Settings Defaults (optional)
matrix_bot_chatgpt_matrix_default_prefix: "!chatgpt " # MATRIX_DEFAULT_PREFIX= Leave prefix blank to reply to all messages, trailing space matters
matrix_bot_chatgpt_matrix_default_prefix_reply: false # MATRIX_DEFAULT_PREFIX_REPLY=
# Matrix Access Control (optional)
#
# Lists of space-separated entries. Example:
# matrix_bot_chatgpt_matrix_whitelist: ":{{ matrix_domain }} :example.net :example.org"
matrix_bot_chatgpt_matrix_blacklist: ''
matrix_bot_chatgpt_matrix_whitelist: ':{{ matrix_domain }}'
# Matrix Feature Flags (optional)
matrix_bot_chatgpt_matrix_autojoin: true # MATRIX_AUTOJOIN=true
matrix_bot_chatgpt_matrix_encryption: true # MATRIX_ENCRYPTION=true
matrix_bot_chatgpt_matrix_threads: true # MATRIX_THREADS=true
matrix_bot_chatgpt_matrix_rich_text: true # MATRIX_RICH_TEXT=true
# A list of admins
# Example set of rules:
# matrix_bot_chatgpt_admins:
# - @alice:example.com
# - @bob:example.com
# - @bot.*:example.com
# - @*:example.net
# matrix_bot_chatgpt_admins: "{{ [matrix_admin] if matrix_admin else [] }}"
# Additional environment variables to pass to the chatgpt container
#
# You can discover additional environment variables from:
# https://github.com/matrixgpt/matrix-chatgpt-bot/blob/main/src/env.ts
#
# Example:
# matrix_bot_chatgpt_environment_variables_extension: |
# chatgpt_TEXT_DONE=Done
matrix_bot_chatgpt_environment_variables_extension: ''
matrix_bot_chatgpt_matrix_bot_prompt_prefix: 'Instructions:\nYou are ChatGPT, a large language model trained by OpenAI.'

75
roles/custom/matrix-bot-chatgpt/tasks/install.yml
View File

@@ -1,75 +0,0 @@
# SPDX-FileCopyrightText: 2023 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2024 David Mehren
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Ensure chatgpt paths exist
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- {path: "{{ matrix_bot_chatgpt_config_path }}", when: true}
- {path: "{{ matrix_bot_chatgpt_data_path }}", when: true}
- {path: "{{ matrix_bot_chatgpt_container_src_path }}", when: "{{ matrix_bot_chatgpt_container_image_self_build }}"}
when: "item.when | bool"
- name: Ensure chatgpt environment variables file created
ansible.builtin.template:
src: "{{ role_path }}/templates/env.j2"
dest: "{{ matrix_bot_chatgpt_config_path }}/env"
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
mode: 0640
- name: Ensure chatgpt container image is pulled
community.docker.docker_image:
name: "{{ matrix_bot_chatgpt_container_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_bot_chatgpt_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_chatgpt_container_image_force_pull }}"
when: "not matrix_bot_chatgpt_container_image_self_build | bool"
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- when: matrix_bot_chatgpt_container_image_self_build | bool
block:
- name: Ensure chatgpt repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_bot_chatgpt_container_image_self_build_repo }}"
version: "{{ matrix_bot_chatgpt_container_image_self_build_repo_version }}"
dest: "{{ matrix_bot_chatgpt_container_src_path }}"
force: "yes"
become: true
become_user: "{{ matrix_user_name }}"
register: matrix_bot_chatgpt_git_pull_results
- name: Ensure chatgpt container image is built
community.docker.docker_image:
name: "{{ matrix_bot_chatgpt_container_image }}"
source: build
force_source: "{{ matrix_bot_chatgpt_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_chatgpt_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_bot_chatgpt_container_src_path }}"
pull: true
- name: Ensure chatgpt container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_bot_chatgpt_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-bot-chatgpt.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-bot-chatgpt.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-chatgpt.service"
mode: 0644

30
roles/custom/matrix-bot-chatgpt/tasks/uninstall.yml
View File

@@ -1,30 +0,0 @@
# SPDX-FileCopyrightText: 2023 MDAD project contributors
# SPDX-FileCopyrightText: 2023 Slavi Pantaleev
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check existence of matrix-chatgpt service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-chatgpt.service"
register: matrix_bot_chatgpt_service_stat
- when: matrix_bot_chatgpt_service_stat.stat.exists | bool
block:
- name: Ensure matrix-chatgpt is stopped
ansible.builtin.service:
name: matrix-bot-chatgpt
state: stopped
enabled: false
daemon_reload: true
- name: Ensure matrix-bot-chatgpt.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-bot-chatgpt.service"
state: absent
- name: Ensure Matrix chatgpt paths don't exist
ansible.builtin.file:
path: "{{ matrix_bot_chatgpt_base_path }}"
state: absent

44
roles/custom/matrix-bot-chatgpt/tasks/validate_config.yml
View File

@@ -1,44 +0,0 @@
# SPDX-FileCopyrightText: 2023 MDAD project contributors
# SPDX-FileCopyrightText: 2023 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Fail if required Chatgpt settings not defined
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_bot_chatgpt_openai_api_key', when: true}
- {'name': 'matrix_bot_chatgpt_matrix_bot_username', when: true}
- {'name': 'matrix_bot_chatgpt_container_network', when: true}
- {'name': 'matrix_bot_chatgpt_matrix_homeserver_url', when: true}
- name: Fail if OpenAI configuration not up-to-date.
ansible.builtin.fail:
msg: >-
Your configuration contains a variable that is no longer used.
Please change your configuration to remove the variable (`{{ item.name }}`).
when: "lookup('ansible.builtin.varnames', ('^' + item.name + '$'), wantlist=True) | length > 0"
with_items:
- {'name': 'matrix_bot_chatgpt_openai_email'}
- {'name': 'matrix_bot_chatgpt_openai_password'}
- {'name': 'matrix_bot_chatgpt_openai_login_type'}
- name: (Deprecation) Catch and report renamed ChatGPT settings
ansible.builtin.fail:
msg: >-
Your configuration contains a variable, which now has a different name.
Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml).
when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
with_items:
- {'old': 'matrix_bot_chatgpt_docker_image', 'new': 'matrix_bot_chatgpt_container_image'}
- {'old': 'matrix_bot_chatgpt_docker_image_name_prefix', 'new': 'matrix_bot_chatgpt_container_image_name_prefix'}
- {'old': 'matrix_bot_chatgpt_docker_image_force_pull', 'new': 'matrix_bot_chatgpt_container_image_force_pull'}
- {'old': 'matrix_bot_chatgpt_docker_repo', 'new': 'matrix_bot_chatgpt_container_image_self_build_repo'}
- {'old': 'matrix_bot_chatgpt_docker_repo_version', 'new': 'matrix_bot_chatgpt_container_image_self_build_repo_version'}
- {'old': 'matrix_bot_chatgpt_docker_src_files_path', 'new': 'matrix_bot_chatgpt_container_src_path'}
- {'old': 'matrix_bot_chatgpt_container_image_name_prefix', 'new': 'matrix_bot_chatgpt_container_image_registry_prefix'}

41
roles/custom/matrix-bot-chatgpt/templates/env.j2
View File

@@ -1,41 +0,0 @@
{#
SPDX-FileCopyrightText: 2023 Joe Kappus
SPDX-FileCopyrightText: 2023 MDAD project contributors
SPDX-FileCopyrightText: 2023 Slavi Pantaleev
SPDX-FileCopyrightText: 2024 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later
#}
MATRIX_HOMESERVER_URL={{ matrix_bot_chatgpt_matrix_homeserver_url }}
MATRIX_ACCESS_TOKEN={{ matrix_bot_chatgpt_matrix_access_token }}
OPENAI_API_KEY={{ matrix_bot_chatgpt_openai_api_key }}
CHATGPT_CONTEXT={{ matrix_bot_chatgpt_context }}
CHATGPT_API_MODEL={{ matrix_bot_chatgpt_api_model }}
KEYV_BACKEND={{ matrix_bot_chatgpt_keyv_backend }}
KEYV_URL={{ matrix_bot_chatgpt_keyv_url }}
KEYV_BOT_ENCRYPTION={{ matrix_bot_chatgpt_keyv_bot_encryption|lower }}
KEYV_BOT_STORAGE={{ matrix_bot_chatgpt_keyv_bot_storage|lower }}
# With the @ and :example.com, ie @bot.chatgpt:example.com
MATRIX_BOT_USERNAME={{ matrix_bot_chatgpt_matrix_bot_username }}
MATRIX_BOT_PASSWORD={{ matrix_bot_chatgpt_matrix_bot_password }}
MATRIX_DEFAULT_PREFIX={{ matrix_bot_chatgpt_matrix_default_prefix }}
MATRIX_DEFAULT_PREFIX_REPLY={{ matrix_bot_chatgpt_matrix_default_prefix_reply|lower }}
MATRIX_BLACKLIST={{ matrix_bot_chatgpt_matrix_blacklist }}
MATRIX_WHITELIST={{ matrix_bot_chatgpt_matrix_whitelist }}
MATRIX_AUTOJOIN={{ matrix_bot_chatgpt_matrix_autojoin|lower }}
MATRIX_ENCRYPTION={{ matrix_bot_chatgpt_matrix_encryption|lower }}
MATRIX_THREADS={{ matrix_bot_chatgpt_matrix_threads|lower }}
MATRIX_RICH_TEXT={{ matrix_bot_chatgpt_matrix_rich_text|lower }}
CHATGPT_PROMPT_PREFIX={{ matrix_bot_chatgpt_matrix_bot_prompt_prefix }}
DATA_PATH=/data/
{{ matrix_bot_chatgpt_environment_variables_extension }}

49
roles/custom/matrix-bot-chatgpt/templates/systemd/matrix-bot-chatgpt.service.j2
View File

@@ -1,49 +0,0 @@
#jinja2: lstrip_blocks: True
[Unit]
Description=Matrix chatgpt bot
{% for service in matrix_bot_chatgpt_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_bot_chatgpt_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ matrix_bot_chatgpt_container_stop_grace_time_seconds }} matrix-bot-chatgpt 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-chatgpt 2>/dev/null || true'
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-bot-chatgpt \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--read-only \
--tmpfs /tmp \
--network={{ matrix_bot_chatgpt_container_network }} \
--env-file={{ matrix_bot_chatgpt_config_path }}/env \
--mount type=bind,src={{ matrix_bot_chatgpt_data_path }},dst=/data \
--env HOME=/data/home \
{% for arg in matrix_bot_chatgpt_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_bot_chatgpt_container_image }}
{% for network in matrix_bot_chatgpt_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-bot-chatgpt
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-bot-chatgpt
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ matrix_bot_chatgpt_container_stop_grace_time_seconds }} matrix-bot-chatgpt 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-bot-chatgpt 2>/dev/null || true'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-bot-chatgpt
[Install]
WantedBy=multi-user.target

5
roles/custom/matrix-bot-chatgpt/templates/systemd/matrix-bot-chatgpt.service.j2.license
View File

@@ -1,5 +0,0 @@
SPDX-FileCopyrightText: 2023 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2023 MDAD project contributors
SPDX-FileCopyrightText: 2023 Vladimir Panteleev
SPDX-License-Identifier: AGPL-3.0-or-later

4
roles/custom/matrix-bot-draupnir/defaults/main.yml
View File

@@ -12,7 +12,7 @@
matrix_bot_draupnir_enabled: true
# renovate: datasource=docker depName=gnuxie/draupnir
matrix_bot_draupnir_version: "v2.7.1"
matrix_bot_draupnir_version: "v2.9.0"
matrix_bot_draupnir_container_image_self_build: false
matrix_bot_draupnir_container_image_self_build_repo: "https://github.com/the-draupnir-project/Draupnir.git"
@@ -101,7 +101,7 @@ matrix_bot_draupnir_password: "{{ matrix_bot_draupnir_pantalaimon_password }}"
# Controls if we activate the config block for Pantalaimon for now. Its name will
# probably be changed for our usecase due to Draupnir's push to scrub Pantalaimon from the codebase.
# This configuration option does not follow the common naming schema as its not controlling a config key directly.
matrix_bot_draupnir_login_native: ""
matrix_bot_draupnir_login_native: false
# The room ID where people can use the bot. The bot has no access controls, so
# anyone in this room can use the bot - secure your room!

4
roles/custom/matrix-bot-draupnir/tasks/validate_config.yml
View File

@@ -44,7 +44,7 @@
- {'name': 'matrix_bot_draupnir_config_rawHomeserverUrl', when: true}
- {'name': 'matrix_bot_draupnir_pantalaimon_username', when: "{{ matrix_bot_draupnir_pantalaimon_use }}"}
- {'name': 'matrix_bot_draupnir_pantalaimon_password', when: "{{ matrix_bot_draupnir_pantalaimon_use }}"}
when: "item.when | bool and (vars[item.name] == '' or vars[item.name] is none)"
when: "item.when | bool and (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
- name: Fail if Draupnir room hijacking enabled without enabling the Synapse Admin API
ansible.builtin.fail:
@@ -57,7 +57,7 @@
with_items:
- {'name': 'matrix_bot_draupnir_config_accessToken', when: "{{ matrix_bot_draupnir_pantalaimon_use }}"}
- {'name': 'matrix_bot_draupnir_config_accessToken', when: "{{ matrix_bot_draupnir_login_native }}"}
when: "item.when | bool and not (vars[item.name] == '' or vars[item.name] is none)"
when: "item.when | bool and not (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
- name: Fail when matrix_bot_draupnir_config_experimentalRustCrypto is enabled together with matrix_bot_draupnir_pantalaimon_use
ansible.builtin.fail:

2
roles/custom/matrix-bot-matrix-registration-bot/tasks/validate_config.yml
View File

@@ -10,7 +10,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
when: "lookup('vars', item, default='') == ''"
with_items:
- "matrix_bot_matrix_registration_bot_bot_password"
- "matrix_bot_matrix_registration_bot_api_base_url"

2
roles/custom/matrix-bot-maubot/defaults/main.yml
View File

@@ -30,7 +30,7 @@ matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git"
matrix_bot_maubot_docker_repo_version: "{{ 'master' if matrix_bot_maubot_version == 'latest' else matrix_bot_maubot_version }}"
# renovate: datasource=docker depName=dock.mau.dev/maubot/maubot
matrix_bot_maubot_version: v0.5.2
matrix_bot_maubot_version: v0.6.0
matrix_bot_maubot_docker_image: "{{ matrix_bot_maubot_docker_image_registry_prefix }}maubot/maubot:{{ matrix_bot_maubot_version }}"
matrix_bot_maubot_docker_image_registry_prefix: "{{ 'localhost/' if matrix_bot_maubot_container_image_self_build else matrix_bot_maubot_docker_image_registry_prefix_upstream }}"
matrix_bot_maubot_docker_image_registry_prefix_upstream: "{{ matrix_bot_maubot_docker_image_registry_prefix_upstream_default }}"

4
roles/custom/matrix-bot-mjolnir/tasks/validate_config.yml
View File

@@ -18,14 +18,14 @@
- {'name': 'matrix_bot_mjolnir_raw_homeserver_url', when: true}
- {'name': 'matrix_bot_mjolnir_pantalaimon_username', when: "{{ matrix_bot_mjolnir_pantalaimon_use }}"}
- {'name': 'matrix_bot_mjolnir_pantalaimon_password', when: "{{ matrix_bot_mjolnir_pantalaimon_use }}"}
when: "item.when | bool and (vars[item.name] == '' or vars[item.name] is none)"
when: "item.when | bool and (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
- name: Fail if inappropriate variables are defined
ansible.builtin.fail:
msg: "The `{{ item.name }}` variable must be undefined or have a null value."
with_items:
- {'name': 'matrix_bot_mjolnir_access_token', when: "{{ matrix_bot_mjolnir_pantalaimon_use }}"}
when: "item.when | bool and not (vars[item.name] == '' or vars[item.name] is none)"
when: "item.when | bool and not (lookup('vars', item.name, default='') == '' or lookup('vars', item.name, default='') is none)"
- name: (Deprecation) Catch and report renamed Mjolnir settings
ansible.builtin.fail:

139
roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml
View File

@@ -1,139 +0,0 @@
# SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev
# SPDX-FileCopyrightText: 2020 Björn Marten
# SPDX-FileCopyrightText: 2020 David Gnedt
# SPDX-FileCopyrightText: 2021 - 2023 MDAD project contributors
# SPDX-FileCopyrightText: 2021 Ahmad Haghighi
# SPDX-FileCopyrightText: 2021 Béla Becker
# SPDX-FileCopyrightText: 2021 boris runakov
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
# SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# matrix-appservice-webhooks is a Matrix <-> webhook bridge
# Project source code URL: https://github.com/redoonetworks/matrix-appservice-webhooks
matrix_appservice_webhooks_enabled: true
matrix_appservice_webhooks_scheme: https
matrix_appservice_webhooks_hostname: ''
matrix_appservice_webhooks_path_prefix: /appservice-webhooks
matrix_appservice_webhooks_container_image_self_build: false
matrix_appservice_webhooks_container_image_self_build_repo: "https://github.com/redoonetworks/matrix-appservice-webhooks"
matrix_appservice_webhooks_container_image_self_build_repo_version: "{{ 'master' if matrix_appservice_webhooks_version == 'latest' else matrix_appservice_webhooks_version }}"
matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path: "Dockerfile"
matrix_appservice_webhooks_version: v1.0.3-01
matrix_appservice_webhooks_docker_image: "{{ matrix_appservice_webhooks_docker_image_registry_prefix }}redoonetworks/matrix-appservice-webhooks:{{ matrix_appservice_webhooks_version }}"
matrix_appservice_webhooks_docker_image_registry_prefix: "{{ 'localhost/' if matrix_appservice_webhooks_container_image_self_build else matrix_appservice_webhooks_docker_image_registry_prefix_upstream }}"
matrix_appservice_webhooks_docker_image_registry_prefix_upstream: "{{ matrix_appservice_webhooks_docker_image_registry_prefix_upstream_default }}"
matrix_appservice_webhooks_docker_image_registry_prefix_upstream_default: "docker.io/"
matrix_appservice_webhooks_docker_image_force_pull: "{{ matrix_appservice_webhooks_docker_image.endswith(':latest') }}"
matrix_appservice_webhooks_base_path: "{{ matrix_base_data_path }}/appservice-webhooks"
matrix_appservice_webhooks_config_path: "{{ matrix_appservice_webhooks_base_path }}/config"
matrix_appservice_webhooks_data_path: "{{ matrix_appservice_webhooks_base_path }}/data"
matrix_appservice_webhooks_docker_src_files_path: "{{ matrix_appservice_webhooks_base_path }}/docker-src"
# If nginx-proxy is disabled, the bridge itself expects its endpoint to be on its own domain (e.g. "localhost:6789")
matrix_appservice_webhooks_public_endpoint: "{{ matrix_appservice_webhooks_path_prefix }}"
matrix_appservice_webhooks_inbound_uri_prefix: "{{ matrix_appservice_webhooks_scheme }}://{{ matrix_appservice_webhooks_hostname }}{{ matrix_appservice_webhooks_public_endpoint }}"
matrix_appservice_webhooks_bot_name: 'webhookbot'
matrix_appservice_webhooks_user_prefix: '_webhook_'
# Controls the webhooks_PORT and MATRIX_PORT of the installation
matrix_appservice_webhooks_matrix_port: 6789
# Controls whether the appservice-webhooks container exposes its HTTP port (tcp/6789 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9999"), or empty string to not expose.
matrix_appservice_webhooks_container_http_host_bind_port: ''
matrix_appservice_webhooks_container_network: ""
matrix_appservice_webhooks_container_additional_networks: "{{ matrix_appservice_webhooks_container_additional_networks_auto + matrix_appservice_webhooks_container_additional_networks_custom }}"
matrix_appservice_webhooks_container_additional_networks_auto: []
matrix_appservice_webhooks_container_additional_networks_custom: []
# matrix_appservice_webhooks_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_appservice_webhooks_container_labels_additional_labels`.
matrix_appservice_webhooks_container_labels_traefik_enabled: true
matrix_appservice_webhooks_container_labels_traefik_docker_network: "{{ matrix_appservice_webhooks_container_network }}"
matrix_appservice_webhooks_container_labels_traefik_entrypoints: web-secure
matrix_appservice_webhooks_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls whether labels will be added that expose matrix-appservice-webhook's public endpoints
matrix_appservice_webhooks_container_labels_public_endpoint_enabled: true
matrix_appservice_webhooks_container_labels_public_endpoint_hostname: "{{ matrix_appservice_webhooks_hostname }}"
matrix_appservice_webhooks_container_labels_public_endpoint_prefix: "{{ matrix_appservice_webhooks_path_prefix }}"
matrix_appservice_webhooks_container_labels_public_endpoint_traefik_rule: "Host(`{{ matrix_appservice_webhooks_container_labels_public_endpoint_hostname }}`) && PathPrefix(`{{ matrix_appservice_webhooks_path_prefix }}`)"
matrix_appservice_webhooks_container_labels_public_endpoint_traefik_priority: 0
matrix_appservice_webhooks_container_labels_public_endpoint_traefik_entrypoints: "{{ matrix_appservice_webhooks_container_labels_traefik_entrypoints }}"
matrix_appservice_webhooks_container_labels_public_endpoint_traefik_tls: "{{ matrix_appservice_webhooks_container_labels_public_endpoint_traefik_entrypoints != 'web' }}"
matrix_appservice_webhooks_container_labels_public_endpoint_traefik_tls_certResolver: "{{ matrix_appservice_webhooks_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# matrix_appservice_webhooks_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_appservice_webhooks_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_appservice_webhooks_container_labels_additional_labels: ''
# A list of extra arguments to pass to the container
matrix_appservice_webhooks_container_extra_arguments: []
# List of systemd services that matrix-appservice-webhooks.service depends on.
matrix_appservice_webhooks_systemd_required_services_list: "{{ matrix_appservice_webhooks_systemd_required_services_list_default + matrix_appservice_webhooks_systemd_required_services_list_auto + matrix_appservice_webhooks_systemd_required_services_list_custom }}"
matrix_appservice_webhooks_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_appservice_webhooks_systemd_required_services_list_auto: []
matrix_appservice_webhooks_systemd_required_services_list_custom: []
# List of systemd services that matrix-appservice-webhooks.service wants
matrix_appservice_webhooks_systemd_wanted_services_list: []
matrix_appservice_webhooks_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_webhooks_homeserver_url: ""
matrix_appservice_webhooks_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_webhooks_appservice_url: 'http://matrix-appservice-webhooks'
matrix_appservice_webhooks_appservice_token: ''
matrix_appservice_webhooks_homeserver_token: ''
matrix_appservice_webhooks_id_token: ''
matrix_appservice_webhooks_api_secret: ''
# Valid values: info, verbose
matrix_appservice_webhooks_log_level: 'info'
matrix_appservice_webhooks_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_appservice_webhooks_configuration_extension_yaml: |
#
matrix_appservice_webhooks_configuration_extension: "{{ matrix_appservice_webhooks_configuration_extension_yaml | from_yaml if matrix_appservice_webhooks_configuration_extension_yaml | from_yaml else {} }}"
matrix_appservice_webhooks_configuration: "{{ matrix_appservice_webhooks_configuration_yaml | from_yaml | combine(matrix_appservice_webhooks_configuration_extension, recursive=True) }}"
matrix_appservice_webhooks_registration_yaml: |
id: "{{ matrix_appservice_webhooks_id_token }}"
hs_token: "{{ matrix_appservice_webhooks_homeserver_token }}"
as_token: "{{ matrix_appservice_webhooks_appservice_token }}"
namespaces:
users:
- exclusive: true
regex: '^@{{ matrix_appservice_webhooks_user_prefix | regex_escape }}.*:{{ matrix_domain | regex_escape }}$'
aliases: []
rooms: []
url: "{{ matrix_appservice_webhooks_appservice_url }}:{{ matrix_appservice_webhooks_matrix_port }}"
sender_localpart: _webhook
rate_limited: false
protocols: null
matrix_appservice_webhooks_registration: "{{ matrix_appservice_webhooks_registration_yaml | from_yaml }}"

26
roles/custom/matrix-bridge-appservice-webhooks/tasks/main.yml
View File

@@ -1,26 +0,0 @@
# SPDX-FileCopyrightText: 2020 Björn Marten
# SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 Marko Weltzer
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- tags:
- setup-all
- setup-appservice-webhooks
- install-all
- install-appservice-webhooks
block:
- when: matrix_appservice_webhooks_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- when: matrix_appservice_webhooks_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
- tags:
- setup-all
- setup-appservice-webhooks
block:
- when: not matrix_appservice_webhooks_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"

117
roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_install.yml
View File

@@ -1,117 +0,0 @@
# SPDX-FileCopyrightText: 2020 Björn Marten
# SPDX-FileCopyrightText: 2020 Chris van Dijk
# SPDX-FileCopyrightText: 2020 MDAD project contributors
# SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 Jim Myhrberg
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 Sebastian Gumprich
# SPDX-FileCopyrightText: 2024 David Mehren
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Ensure matrix-appservice-webhooks paths exist
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- {path: "{{ matrix_appservice_webhooks_base_path }}", when: true}
- {path: "{{ matrix_appservice_webhooks_config_path }}", when: true}
- {path: "{{ matrix_appservice_webhooks_data_path }}", when: true}
- {path: "{{ matrix_appservice_webhooks_docker_src_files_path }}", when: "{{ matrix_appservice_webhooks_container_image_self_build }}"}
when: "item.when | bool"
- name: Ensure matrix-appservice-webhooks container image is pulled
community.docker.docker_image:
name: "{{ matrix_appservice_webhooks_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_appservice_webhooks_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_webhooks_docker_image_force_pull }}"
when: "not matrix_appservice_webhooks_container_image_self_build | bool"
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- when: "matrix_appservice_webhooks_container_image_self_build | bool"
block:
- name: Ensure matrix-appservice-webhooks repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_appservice_webhooks_container_image_self_build_repo }}"
dest: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
version: "{{ matrix_appservice_webhooks_container_image_self_build_repo_version }}"
force: "yes"
become: true
become_user: "{{ matrix_user_name }}"
register: matrix_appservice_webhooks_git_pull_results
- name: Ensure matrix-appservice-webhooks container image is built
community.docker.docker_image:
name: "{{ matrix_appservice_webhooks_docker_image }}"
source: build
force_source: "{{ matrix_appservice_webhooks_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_webhooks_git_pull_results.changed }}"
build:
dockerfile: "{{ matrix_appservice_webhooks_container_image_self_build_repo_dockerfile_path }}"
path: "{{ matrix_appservice_webhooks_docker_src_files_path }}"
pull: true
- name: Ensure matrix-appservice-webhooks config is installed
ansible.builtin.copy:
content: "{{ matrix_appservice_webhooks_configuration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_webhooks_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure matrix-appservice-webhooks schema.yml template exists
ansible.builtin.template:
src: "{{ role_path }}/templates/schema.yml.j2"
dest: "{{ matrix_appservice_webhooks_config_path }}/schema.yml"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure matrix-appservice-webhooks database.json template exists
ansible.builtin.template:
src: "{{ role_path }}/templates/database.json.j2"
dest: "{{ matrix_appservice_webhooks_data_path }}/database.json"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure appservice-webhooks registration.yaml installed
ansible.builtin.copy:
content: "{{ matrix_appservice_webhooks_registration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure matrix-appservice-webhooks container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_appservice_webhooks_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-appservice-webhooks support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_appservice_webhooks_base_path }}/{{ item }}"
mode: 0640
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- labels
- name: Ensure matrix-appservice-webhooks.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-appservice-webhooks.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service"
mode: 0644

27
roles/custom/matrix-bridge-appservice-webhooks/tasks/setup_uninstall.yml
View File

@@ -1,27 +0,0 @@
# SPDX-FileCopyrightText: 2020 Björn Marten
# SPDX-FileCopyrightText: 2020 MDAD project contributors
# SPDX-FileCopyrightText: 2021 - 2022 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 Marko Weltzer
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check existence of matrix-appservice-webhooks service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service"
register: matrix_appservice_webhooks_service_stat
- when: matrix_appservice_webhooks_service_stat.stat.exists | bool
block:
- name: Ensure matrix-appservice-webhooks is stopped
ansible.builtin.service:
name: matrix-appservice-webhooks
state: stopped
enabled: false
daemon_reload: true
- name: Ensure matrix-appservice-webhooks.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-appservice-webhooks.service"
state: absent

32
roles/custom/matrix-bridge-appservice-webhooks/tasks/validate_config.yml
View File

@@ -1,32 +0,0 @@
# SPDX-FileCopyrightText: 2020 Björn Marten
# SPDX-FileCopyrightText: 2021 boris runakov
# SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Fail if required matrix-appservice-webhooks settings not defined
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
with_items:
- matrix_appservice_webhooks_appservice_token
- matrix_appservice_webhooks_homeserver_url
- matrix_appservice_webhooks_homeserver_token
- matrix_appservice_webhooks_id_token
- matrix_appservice_webhooks_api_secret
- matrix_appservice_webhooks_container_network
- matrix_appservice_webhooks_hostname
- matrix_appservice_webhooks_path_prefix
- name: (Deprecation) Catch and report renamed appservice-webhooks variables
ansible.builtin.fail:
msg: >-
Your configuration contains a variable, which now has a different name.
Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml).
when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
with_items:
- {'old': 'matrix_appservice_webhooks_docker_image_name_prefix', 'new': 'matrix_appservice_webhooks_docker_image_registry_prefix'}

28
roles/custom/matrix-bridge-appservice-webhooks/templates/config.yaml.j2
View File

@@ -1,28 +0,0 @@
#jinja2: lstrip_blocks: True
# Configuration specific to the application service. All fields (unless otherwise marked) are required.
homeserver:
# The domain for the client-server API calls.
url: "{{ matrix_appservice_webhooks_homeserver_url }}"
# The domain part for user IDs on this home server. Usually, but not always, this is the same as the
# home server's URL.
domain: "{{ matrix_domain }}"
# Configuration specific to the bridge. All fields (unless otherwise marked) are required.
webhookBot:
# The localpart to use for the bot. May require re-registering the application service.
localpart: "_webhook"
# Provisioning API options
provisioning:
# Your secret for the API. Required for all provisioning API requests.
secret: '{{ matrix_appservice_webhooks_api_secret }}'
# Configuration related to the web portion of the bridge. Handles the inbound webhooks
web:
hookUrlBase: "{{ matrix_appservice_webhooks_inbound_uri_prefix }}"
logging:
console: true
consoleLevel: {{ matrix_appservice_webhooks_log_level }}
writeFiles: false

3
roles/custom/matrix-bridge-appservice-webhooks/templates/config.yaml.j2.license
View File

@@ -1,3 +0,0 @@
SPDX-FileCopyrightText: 2020 - 2022 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later

13
roles/custom/matrix-bridge-appservice-webhooks/templates/database.json.j2
View File

@@ -1,13 +0,0 @@
{
"defaultEnv": {
"ENV": "NODE_ENV"
},
"development": {
"driver": "sqlite3",
"filename": "/data/development.db"
},
"production": {
"driver": "sqlite3",
"filename": "/data/production.db"
}
}

4
roles/custom/matrix-bridge-appservice-webhooks/templates/database.json.j2.license
View File

@@ -1,4 +0,0 @@
SPDX-FileCopyrightText: 2020 Björn Marten
SPDX-FileCopyrightText: 2022 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later

50
roles/custom/matrix-bridge-appservice-webhooks/templates/labels.j2
View File

@@ -1,50 +0,0 @@
{#
SPDX-FileCopyrightText: 2024 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if matrix_appservice_webhooks_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_appservice_webhooks_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_appservice_webhooks_container_labels_traefik_docker_network }}
{% endif %}
traefik.http.services.matrix-appservice-webhooks.loadbalancer.server.port={{ matrix_appservice_webhooks_matrix_port }}
{% if matrix_appservice_webhooks_container_labels_public_endpoint_enabled %}
############################################################
# #
# Public #
# #
############################################################
traefik.http.middlewares.matrix-appservice-webhooks-public-strip-prefix.stripprefix.prefixes={{ matrix_appservice_webhooks_container_labels_public_endpoint_prefix }}
traefik.http.routers.matrix-appservice-webhooks-public.rule={{ matrix_appservice_webhooks_container_labels_public_endpoint_traefik_rule }}
traefik.http.routers.matrix-appservice-webhooks-public.middlewares=matrix-appservice-webhooks-public-strip-prefix
{% if matrix_appservice_webhooks_container_labels_public_endpoint_traefik_priority | int > 0 %}
traefik.http.routers.matrix-appservice-webhooks-public.priority={{ matrix_appservice_webhooks_container_labels_public_endpoint_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-appservice-webhooks-public.service=matrix-appservice-webhooks
traefik.http.routers.matrix-appservice-webhooks-public.entrypoints={{ matrix_appservice_webhooks_container_labels_public_endpoint_traefik_entrypoints }}
traefik.http.routers.matrix-appservice-webhooks-public.tls={{ matrix_appservice_webhooks_container_labels_public_endpoint_traefik_tls | to_json }}
{% if matrix_appservice_webhooks_container_labels_public_endpoint_traefik_tls %}
traefik.http.routers.matrix-appservice-webhooks-public.tls.certResolver={{ matrix_appservice_webhooks_container_labels_public_endpoint_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Public #
# #
############################################################
{% endif %}
{% endif %}
{{ matrix_appservice_webhooks_container_labels_additional_labels }}

54
roles/custom/matrix-bridge-appservice-webhooks/templates/schema.yml.j2
View File

@@ -1,54 +0,0 @@
"$schema": "http://json-schema.org/draft-04/schema#"
type: "object"
properties:
provisioning:
type: "object"
properties:
secret:
type: "string"
homeserver:
type: "object"
properties:
domain:
type: "string"
url:
type: "string"
mediaUrl:
type: "string"
web:
type: "object"
properties:
hookUrlBase:
type: "string"
webhookBot:
type: "object"
properties:
localpart:
type: "string"
appearance:
type: "object"
properties:
displayName:
type: "string"
avatarUrl:
type: "string"
logging:
type: "object"
properties:
file:
type: "string"
console:
type: "boolean"
consoleLevel:
type: "string"
fileLevel:
type: "string"
writeFiles:
type: "boolean"
rotate:
type: "object"
properties:
size:
type: "number"
count:
type: "number"

4
roles/custom/matrix-bridge-appservice-webhooks/templates/schema.yml.j2.license
View File

@@ -1,4 +0,0 @@
SPDX-FileCopyrightText: 2020 Björn Marten
SPDX-FileCopyrightText: 2022 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later

51
roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2
View File

@@ -1,51 +0,0 @@
#jinja2: lstrip_blocks: True
[Unit]
Description=Matrix Appservice webhooks bridge
{% for service in matrix_appservice_webhooks_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_appservice_webhooks_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-appservice-webhooks 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true'
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-appservice-webhooks \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_appservice_webhooks_container_network }} \
{% if matrix_appservice_webhooks_container_http_host_bind_port %}
-p {{ matrix_appservice_webhooks_container_http_host_bind_port }}:{{matrix_appservice_webhooks_matrix_port}} \
{% endif %}
--mount type=bind,src={{ matrix_appservice_webhooks_config_path }},dst=/config \
--mount type=bind,src={{ matrix_appservice_webhooks_data_path }},dst=/data \
--label-file={{ matrix_appservice_webhooks_base_path }}/labels \
{% for arg in matrix_appservice_webhooks_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_appservice_webhooks_docker_image }} \
node index.js -p {{ matrix_appservice_webhooks_matrix_port }} -c /config/config.yaml -f /config/webhooks-registration.yaml
{% for network in matrix_appservice_webhooks_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-appservice-webhooks
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-appservice-webhooks
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-appservice-webhooks 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-appservice-webhooks 2>/dev/null || true'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-appservice-webhooks
[Install]
WantedBy=multi-user.target

8
roles/custom/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2.license
View File

@@ -1,8 +0,0 @@
SPDX-FileCopyrightText: 2020 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2020 Björn Marten
SPDX-FileCopyrightText: 2020 Chris van Dijk
SPDX-FileCopyrightText: 2020 MDAD project contributors
SPDX-FileCopyrightText: 2020 Scott Crossen
SPDX-FileCopyrightText: 2020 Stefan Warnat
SPDX-License-Identifier: AGPL-3.0-or-later

17
roles/custom/matrix-bridge-hookshot/defaults/main.yml
View File

@@ -29,7 +29,7 @@ matrix_hookshot_container_additional_networks_auto: []
matrix_hookshot_container_additional_networks_custom: []
# renovate: datasource=docker depName=halfshot/matrix-hookshot
matrix_hookshot_version: 7.2.0
matrix_hookshot_version: 7.3.1
matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_registry_prefix }}matrix-org/matrix-hookshot:{{ matrix_hookshot_version }}"
matrix_hookshot_docker_image_registry_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_hookshot_docker_image_registry_prefix_upstream }}"
@@ -72,8 +72,9 @@ matrix_hookshot_cache_redisUri: "{{ ('redis://' + matrix_hookshot_cache_redis_ho
# Controls whether the end-to-bridge encryption support is enabled.
# This requires that:
# - support to also be enabled in the homeserver, see the documentation of Hookshot.
# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables.
# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables. Note that this is configured automatically by the playbook when encryption is enabled.
# See: https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html
# NOTE: Encryption is not currently (2025-12-30) supported when using MAS (https://github.com/matrix-org/matrix-hookshot/issues/1084)
matrix_hookshot_encryption_enabled: "{{ matrix_bridges_encryption_enabled }}"
# Controls whether metrics are enabled in the bridge configuration.
@@ -241,6 +242,18 @@ matrix_hookshot_widgets_branding_widgetTitle: "Hookshot Configuration" # noqa
# level: admin
matrix_hookshot_permissions: []
# Static connections that can be configured by an administrator, as documented here:
# https://matrix-org.github.io/matrix-hookshot/latest/usage/static_connections.html
# Currently only generic webhooks are supported.
# Example:
# matrix_hookshot_connections:
# - connectionType: uk.half-shot.matrix-hookshot.generic.hook
# stateKey: my-unique-webhook-id
# roomId: "!room-id"
# state:
# name: My Static Webhook
matrix_hookshot_connections: []
matrix_hookshot_bot_displayname: Hookshot Bot
matrix_hookshot_bot_avatar: 'mxc://half-shot.uk/2876e89ccade4cb615e210c458e2a7a6883fe17d'

10
roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml
View File

@@ -51,7 +51,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
when: "lookup('vars', item, default='') == ''"
with_items:
- "matrix_hookshot_appservice_token"
- "matrix_hookshot_homeserver_address"
@@ -62,7 +62,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`) to enable GitHub.
when: "matrix_hookshot_github_enabled and vars[item] == ''"
when: "matrix_hookshot_github_enabled and lookup('vars', item, default='') == ''"
with_items:
- "matrix_hookshot_github_auth_id"
- "matrix_hookshot_github_webhook_secret"
@@ -71,7 +71,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`) to enable GitHub OAuth.
when: "matrix_hookshot_github_oauth_enabled and vars[item] == ''"
when: "matrix_hookshot_github_oauth_enabled and lookup('vars', item, default='') == ''"
with_items:
- "matrix_hookshot_github_oauth_client_id"
- "matrix_hookshot_github_oauth_client_secret"
@@ -80,7 +80,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`) to enable Jira.
when: "matrix_hookshot_jira_enabled and vars[item] == ''"
when: "matrix_hookshot_jira_enabled and lookup('vars', item, default='') == ''"
with_items:
- "matrix_hookshot_jira_webhook_secret"
@@ -88,7 +88,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`) to enable Jira OAuth.
when: "matrix_hookshot_jira_oauth_enabled and vars[item] == ''"
when: "matrix_hookshot_jira_oauth_enabled and lookup('vars', item, default='') == ''"
with_items:
- "matrix_hookshot_jira_oauth_client_id"
- "matrix_hookshot_jira_oauth_client_secret"

1
roles/custom/matrix-bridge-hookshot/templates/config.yaml.j2
View File

@@ -137,6 +137,7 @@ widgets:
{% if matrix_hookshot_permissions %}
permissions: {{ matrix_hookshot_permissions | to_json }}
{% endif %}
connections: {{ matrix_hookshot_connections | to_json }}
listeners:
# (Optional) HTTP Listener configuration.
# Bind resource endpoints to ports and addresses.

227
roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml
View File

@@ -1,227 +0,0 @@
# SPDX-FileCopyrightText: 2019 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2020 Horvath Gergely
# SPDX-FileCopyrightText: 2020 Marcel Partap
# SPDX-FileCopyrightText: 2021 - 2024 MDAD project contributors
# SPDX-FileCopyrightText: 2021 Aaron Raimist
# SPDX-FileCopyrightText: 2021 Arthur Brugière
# SPDX-FileCopyrightText: 2022 - 2023 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 László Várady
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2023 Adrien le Maire
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# mautrix-facebook is a Matrix <-> Facebook bridge
# Project source code URL: https://github.com/mautrix/facebook
matrix_mautrix_facebook_enabled: true
matrix_mautrix_facebook_container_image_self_build: false
matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/facebook
matrix_mautrix_facebook_version: v0.5.1
matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_registry_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}"
matrix_mautrix_facebook_docker_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else matrix_mautrix_facebook_docker_image_registry_prefix_upstream }}"
matrix_mautrix_facebook_docker_image_registry_prefix_upstream: "{{ matrix_mautrix_facebook_docker_image_registry_prefix_upstream_default }}"
matrix_mautrix_facebook_docker_image_registry_prefix_upstream_default: "dock.mau.dev/"
matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}"
matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook"
matrix_mautrix_facebook_config_path: "{{ matrix_mautrix_facebook_base_path }}/config"
matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data"
matrix_mautrix_facebook_docker_src_files_path: "{{ matrix_mautrix_facebook_base_path }}/docker-src"
matrix_mautrix_facebook_command_prefix: "!fb"
matrix_mautrix_facebook_homeserver_address: ""
# Whether asynchronous uploads via MSC2246 should be enabled for media.
# Requires a homeserver that supports MSC2246 (https://github.com/matrix-org/matrix-spec-proposals/pull/2246).
matrix_mautrix_facebook_homeserver_async_media: false
matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}'
# Whether or not the public-facing endpoints should be enabled (web-based login)
matrix_mautrix_facebook_appservice_public_enabled: false
# Mautrix Facebook public endpoint to log in to Facebook
matrix_mautrix_facebook_appservice_public_prefix: ''
matrix_mautrix_facebook_appservice_public_hostname: ''
matrix_mautrix_facebook_appservice_public_external: "{{ ('https://' + matrix_mautrix_facebook_appservice_public_hostname + matrix_mautrix_facebook_appservice_public_prefix) if matrix_mautrix_facebook_appservice_public_enabled else '' }}"
matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:29319'
matrix_mautrix_facebook_container_network: ""
matrix_mautrix_facebook_container_additional_networks: "{{ matrix_mautrix_facebook_container_additional_networks_auto + matrix_mautrix_facebook_container_additional_networks_custom }}"
matrix_mautrix_facebook_container_additional_networks_auto: []
matrix_mautrix_facebook_container_additional_networks_custom: []
# matrix_mautrix_facebook_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_mautrix_facebook_container_labels_additional_labels`.
matrix_mautrix_facebook_container_labels_traefik_enabled: true
matrix_mautrix_facebook_container_labels_traefik_docker_network: "{{ matrix_mautrix_facebook_container_network }}"
matrix_mautrix_facebook_container_labels_traefik_entrypoints: web-secure
matrix_mautrix_facebook_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls whether labels will be added that expose mautrix-facebook's public endpoint
matrix_mautrix_facebook_container_labels_public_endpoint_enabled: "{{ matrix_mautrix_facebook_appservice_public_enabled }}"
matrix_mautrix_facebook_container_labels_public_endpoint_traefik_rule: "Host(`{{ matrix_mautrix_facebook_appservice_public_hostname }}`) && PathPrefix(`{{ matrix_mautrix_facebook_appservice_public_prefix }}`)"
matrix_mautrix_facebook_container_labels_public_endpoint_traefik_priority: 0
matrix_mautrix_facebook_container_labels_public_endpoint_traefik_entrypoints: "{{ matrix_mautrix_facebook_container_labels_traefik_entrypoints }}"
matrix_mautrix_facebook_container_labels_public_endpoint_traefik_tls: "{{ matrix_mautrix_facebook_container_labels_public_endpoint_traefik_entrypoints != 'web' }}"
matrix_mautrix_facebook_container_labels_public_endpoint_traefik_tls_certResolver: "{{ matrix_mautrix_facebook_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# Controls whether labels will be added that expose mautrix-facebook's metrics
matrix_mautrix_facebook_container_labels_metrics_enabled: "{{ matrix_mautrix_facebook_metrics_enabled and matrix_mautrix_facebook_metrics_proxying_enabled }}"
matrix_mautrix_facebook_container_labels_metrics_traefik_rule: "Host(`{{ matrix_mautrix_facebook_metrics_proxying_hostname }}`) && PathPrefix(`{{ matrix_mautrix_facebook_metrics_proxying_path_prefix }}`)"
matrix_mautrix_facebook_container_labels_metrics_traefik_priority: 0
matrix_mautrix_facebook_container_labels_metrics_traefik_entrypoints: "{{ matrix_mautrix_facebook_container_labels_traefik_entrypoints }}"
matrix_mautrix_facebook_container_labels_metrics_traefik_tls: "{{ matrix_mautrix_facebook_container_labels_metrics_traefik_entrypoints != 'web' }}"
matrix_mautrix_facebook_container_labels_metrics_traefik_tls_certResolver: "{{ matrix_mautrix_facebook_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_mautrix_facebook_container_labels_metrics_middleware_basic_auth_enabled: false
# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
matrix_mautrix_facebook_container_labels_metrics_middleware_basic_auth_users: ''
# matrix_mautrix_facebook_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_mautrix_facebook_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_mautrix_facebook_container_labels_additional_labels: ''
# A list of extra arguments to pass to the container
matrix_mautrix_facebook_container_extra_arguments: []
# List of systemd services that matrix-mautrix-facebook.service depends on.
matrix_mautrix_facebook_systemd_required_services_list: "{{ matrix_mautrix_facebook_systemd_required_services_list_default + matrix_mautrix_facebook_systemd_required_services_list_auto + matrix_mautrix_facebook_systemd_required_services_list_custom }}"
matrix_mautrix_facebook_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_mautrix_facebook_systemd_required_services_list_auto: []
matrix_mautrix_facebook_systemd_required_services_list_custom: []
# List of systemd services that matrix-mautrix-facebook.service wants
matrix_mautrix_facebook_systemd_wanted_services_list: []
matrix_mautrix_facebook_appservice_token: ''
matrix_mautrix_facebook_homeserver_token: ''
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_facebook_federate_rooms: true
# Whether or not metrics endpoint should be enabled.
# Enabling them is usually enough for a local (in-container) Prometheus to consume them.
# If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_facebook_metrics_proxying_enabled`.
matrix_mautrix_facebook_metrics_enabled: false
# Controls whether metrics should be exposed on a public URL.
matrix_mautrix_facebook_metrics_proxying_enabled: false
matrix_mautrix_facebook_metrics_proxying_hostname: ''
matrix_mautrix_facebook_metrics_proxying_path_prefix: ''
matrix_mautrix_facebook_bridge_permissions: |
{{
{'*': 'relay', matrix_mautrix_facebook_homeserver_domain: 'user'}
| combine({matrix_admin: 'admin'} if matrix_admin else {})
}}
# Controls whether the matrix-mautrix-facebook container exposes its HTTP port.
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9008"), or empty string to not expose.
matrix_mautrix_facebook_container_http_host_bind_port: ''
# Database-related configuration fields.
#
# To use SQLite:
# - change the engine (`matrix_mautrix_facebook_database_engine: 'sqlite'`)
# - change to the last bridge version that supported SQLite:
# `matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}tulir/mautrix-facebook:da1b4ec596e334325a1589e70829dea46e73064b"`
# - plan your migration to Postgres, as this bridge does not support SQLite anymore (and neither will the playbook in the future).
#
# To use Postgres:
# - adjust your database credentials via the `matrix_mautrix_facebook_database_*` variables
matrix_mautrix_facebook_database_engine: 'postgres'
matrix_mautrix_facebook_sqlite_database_path_local: "{{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db"
matrix_mautrix_facebook_sqlite_database_path_in_container: "/data/mautrix-facebook.db"
matrix_mautrix_facebook_database_username: 'matrix_mautrix_facebook'
matrix_mautrix_facebook_database_password: 'some-password'
matrix_mautrix_facebook_database_hostname: ''
matrix_mautrix_facebook_database_port: 5432
matrix_mautrix_facebook_database_name: 'matrix_mautrix_facebook'
matrix_mautrix_facebook_database_connection_string: 'postgres://{{ matrix_mautrix_facebook_database_username }}:{{ matrix_mautrix_facebook_database_password }}@{{ matrix_mautrix_facebook_database_hostname }}:{{ matrix_mautrix_facebook_database_port }}/{{ matrix_mautrix_facebook_database_name }}'
matrix_mautrix_facebook_appservice_database: "{{
{
'sqlite': ('sqlite:///' + matrix_mautrix_facebook_sqlite_database_path_in_container),
'postgres': matrix_mautrix_facebook_database_connection_string,
}[matrix_mautrix_facebook_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_facebook_login_shared_secret: ''
matrix_mautrix_facebook_bridge_login_shared_secret_map: "{{ {matrix_mautrix_facebook_homeserver_domain: matrix_mautrix_facebook_login_shared_secret} if matrix_mautrix_facebook_login_shared_secret else {} }}"
# Enable bridge relay bot functionality
matrix_mautrix_facebook_relay_enabled: "{{ matrix_bridges_relay_enabled }}"
matrix_mautrix_facebook_appservice_bot_username: facebookbot
matrix_mautrix_facebook_bridge_presence: true
# Specifies the default log level for all bridge loggers.
matrix_mautrix_facebook_logging_level: WARNING
# Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_mautrix_facebook_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_mautrix_facebook_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_mautrix_facebook_configuration_extension_yaml: |
# Your custom YAML configuration goes here.
# This configuration extends the default starting configuration (`matrix_mautrix_facebook_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_mautrix_facebook_configuration_yaml`.
matrix_mautrix_facebook_configuration_extension: "{{ matrix_mautrix_facebook_configuration_extension_yaml | from_yaml if matrix_mautrix_facebook_configuration_extension_yaml | from_yaml is mapping else {} }}"
# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_facebook_configuration_yaml`.
matrix_mautrix_facebook_configuration: "{{ matrix_mautrix_facebook_configuration_yaml | from_yaml | combine(matrix_mautrix_facebook_configuration_extension, recursive=True) }}"
matrix_mautrix_facebook_registration_yaml: |
id: facebook
as_token: "{{ matrix_mautrix_facebook_appservice_token }}"
hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}"
namespaces:
users:
- exclusive: true
regex: '^@facebook_.+:{{ matrix_mautrix_facebook_homeserver_domain | regex_escape }}$'
- exclusive: true
regex: '^@{{ matrix_mautrix_facebook_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_facebook_homeserver_domain | regex_escape }}$'
url: {{ matrix_mautrix_facebook_appservice_address }}
# See https://github.com/mautrix/signal/issues/43
sender_localpart: _bot_{{ matrix_mautrix_facebook_appservice_bot_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mautrix_facebook_registration: "{{ matrix_mautrix_facebook_registration_yaml | from_yaml }}"
# Enable End-to-bridge encryption
matrix_mautrix_facebook_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
matrix_mautrix_facebook_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}"
matrix_mautrix_facebook_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_facebook_bridge_encryption_allow }}"

27
roles/custom/matrix-bridge-mautrix-facebook/tasks/main.yml
View File

@@ -1,27 +0,0 @@
# SPDX-FileCopyrightText: 2019 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2019 Dan Arnfield
# SPDX-FileCopyrightText: 2019 Jason Locklin
# SPDX-FileCopyrightText: 2022 Marko Weltzer
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- tags:
- setup-all
- setup-mautrix-facebook
- install-all
- install-mautrix-facebook
block:
- when: matrix_mautrix_facebook_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- when: matrix_mautrix_facebook_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
- tags:
- setup-all
- setup-mautrix-facebook
block:
- when: not matrix_mautrix_facebook_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"

159
roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
View File

@@ -1,159 +0,0 @@
# SPDX-FileCopyrightText: 2019 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2019 Dan Arnfield
# SPDX-FileCopyrightText: 2020 Chris van Dijk
# SPDX-FileCopyrightText: 2020 Horvath Gergely
# SPDX-FileCopyrightText: 2020 MDAD project contributors
# SPDX-FileCopyrightText: 2020 Stuart Mumford
# SPDX-FileCopyrightText: 2021 Aaron Raimist
# SPDX-FileCopyrightText: 2022 Jim Myhrberg
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 Sebastian Gumprich
# SPDX-FileCopyrightText: 2024 David Mehren
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- ansible.builtin.set_fact:
matrix_mautrix_facebook_requires_restart: false
- when: "matrix_mautrix_facebook_database_engine == 'postgres'"
block:
- name: Check if an SQLite database already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}"
register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result
- when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists | bool"
block:
- ansible.builtin.include_role:
name: galaxy/postgres
tasks_from: migrate_db_to_postgres
vars:
postgres_db_migration_request:
src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}"
dst: "{{ matrix_mautrix_facebook_database_connection_string }}"
caller: "{{ role_path | basename }}"
engine_variable_name: 'matrix_mautrix_facebook_database_engine'
engine_old: 'sqlite'
systemd_services_to_stop: ['matrix-mautrix-facebook.service']
- ansible.builtin.set_fact:
matrix_mautrix_facebook_requires_restart: true
- name: Ensure Mautrix Facebook image is pulled
community.docker.docker_image:
name: "{{ matrix_mautrix_facebook_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}"
when: not matrix_mautrix_facebook_container_image_self_build
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix Facebook paths exist
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- {path: "{{ matrix_mautrix_facebook_base_path }}", when: true}
- {path: "{{ matrix_mautrix_facebook_config_path }}", when: true}
- {path: "{{ matrix_mautrix_facebook_data_path }}", when: true}
- {path: "{{ matrix_mautrix_facebook_docker_src_files_path }}", when: "{{ matrix_mautrix_facebook_container_image_self_build }}"}
when: item.when | bool
- name: Ensure Mautrix Facebook repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_mautrix_facebook_container_image_self_build_repo }}"
dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}"
version: "{{ matrix_mautrix_facebook_docker_image.split(':')[1] }}"
force: "yes"
become: true
become_user: "{{ matrix_user_name }}"
register: matrix_mautrix_facebook_git_pull_results
when: "matrix_mautrix_facebook_container_image_self_build | bool"
- name: Ensure Mautrix Facebook Docker image is built
community.docker.docker_image:
name: "{{ matrix_mautrix_facebook_docker_image }}"
source: build
force_source: "{{ matrix_mautrix_facebook_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_facebook_docker_src_files_path }}"
pull: true
when: "matrix_mautrix_facebook_container_image_self_build | bool"
- name: Check if an old database file already exists
ansible.builtin.stat:
path: "{{ matrix_mautrix_facebook_base_path }}/mautrix-facebook.db"
register: matrix_mautrix_facebook_stat_database
- name: (Data relocation) Ensure matrix-mautrix-facebook.service is stopped
ansible.builtin.service:
name: matrix-mautrix-facebook
state: stopped
enabled: false
daemon_reload: true
failed_when: false
when: "matrix_mautrix_facebook_stat_database.stat.exists"
- name: (Data relocation) Move mautrix-facebook database file to ./data directory
ansible.builtin.command:
cmd: "mv {{ matrix_mautrix_facebook_base_path }}/mautrix-facebook.db {{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db"
creates: "{{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db"
removes: "{{ matrix_mautrix_facebook_base_path }}/mautrix-facebook.db"
when: "matrix_mautrix_facebook_stat_database.stat.exists"
- name: Ensure mautrix-facebook config.yaml installed
ansible.builtin.copy:
content: "{{ matrix_mautrix_facebook_configuration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_facebook_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure mautrix-facebook registration.yaml installed
ansible.builtin.copy:
content: "{{ matrix_mautrix_facebook_registration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_facebook_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure mautrix-facebook support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_mautrix_facebook_base_path }}/{{ item }}"
mode: 0640
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- labels
- name: Ensure matrix-mautrix-facebook container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_facebook_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-facebook.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-mautrix-facebook.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service"
mode: 0644
- name: Ensure matrix-mautrix-facebook.service restarted, if necessary
ansible.builtin.service:
name: "matrix-mautrix-facebook.service"
state: restarted
daemon_reload: true
when: "matrix_mautrix_facebook_requires_restart | bool"

26
roles/custom/matrix-bridge-mautrix-facebook/tasks/setup_uninstall.yml
View File

@@ -1,26 +0,0 @@
# SPDX-FileCopyrightText: 2019 - 2022 Slavi Pantaleev
# SPDX-FileCopyrightText: 2020 MDAD project contributors
# SPDX-FileCopyrightText: 2022 Marko Weltzer
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Check existence of matrix-mautrix-facebook service
ansible.builtin.stat:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service"
register: matrix_mautrix_facebook_service_stat
- when: matrix_mautrix_facebook_service_stat.stat.exists | bool
block:
- name: Ensure matrix-mautrix-facebook is stopped
ansible.builtin.service:
name: matrix-mautrix-facebook
state: stopped
enabled: false
daemon_reload: true
- name: Ensure matrix-mautrix-facebook.service doesn't exist
ansible.builtin.file:
path: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-facebook.service"
state: absent

47
roles/custom/matrix-bridge-mautrix-facebook/tasks/validate_config.yml
View File

@@ -1,47 +0,0 @@
# SPDX-FileCopyrightText: 2019 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2019 Jason Locklin
# SPDX-FileCopyrightText: 2022 László Várady
# SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: (Deprecation) Catch and report renamed mautrix-facebook settings
ansible.builtin.fail:
msg: >-
Your configuration contains a variable, which now has a different name.
Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml).
when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
with_items:
- {'old': 'matrix_mautrix_facebook_public_endpoint', 'new': 'matrix_mautrix_facebook_appservice_public_prefix'}
- {'old': 'matrix_mautrix_facebook_docker_image_name_prefix', 'new': 'matrix_mautrix_facebook_docker_image_registry_prefix'}
- name: Fail if required mautrix-facebook settings not defined
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_mautrix_facebook_appservice_public_hostname', when: "{{ matrix_mautrix_facebook_appservice_public_enabled }}"}
- {'name': 'matrix_mautrix_facebook_appservice_public_prefix', when: "{{ matrix_mautrix_facebook_appservice_public_enabled }}"}
- {'name': 'matrix_mautrix_facebook_metrics_proxying_hostname', when: "{{ matrix_mautrix_facebook_metrics_proxying_enabled }}"}
- {'name': 'matrix_mautrix_facebook_metrics_proxying_path_prefix', when: "{{ matrix_mautrix_facebook_metrics_proxying_enabled }}"}
- {'name': 'matrix_mautrix_facebook_appservice_token', when: true}
- {'name': 'matrix_mautrix_facebook_homeserver_token', when: true}
- {'name': 'matrix_mautrix_facebook_container_network', when: true}
- {'name': 'matrix_mautrix_facebook_homeserver_address', when: true}
- {'name': 'matrix_mautrix_facebook_database_hostname', when: "{{ matrix_mautrix_facebook_database_engine == 'postgres' }}"}
- when: "matrix_mautrix_facebook_database_engine == 'sqlite' and matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')"
block:
- name: Inject warning if on an old SQLite-supporting version
ansible.builtin.set_fact:
devture_playbook_runtime_messages_list: |
{{
devture_playbook_runtime_messages_list | default([])
+
[
"Note: Your mautrix-facebook bridge is still on SQLite and on the last version that supported it, before support was dropped. Support has been subsequently re-added in v0.3.2, so we advise you to upgrade (by removing your `matrix_mautrix_facebook_docker_image` definition from vars.yml)"
]
}}

259
roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2
View File

@@ -1,259 +0,0 @@
#jinja2: lstrip_blocks: True
# Homeserver details
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: {{ matrix_mautrix_facebook_homeserver_address }}
# The domain of the homeserver (for MXIDs, etc).
domain: {{ matrix_mautrix_facebook_homeserver_domain }}
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# Whether or not the homeserver supports asmux-specific endpoints,
# such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically
# updating m.direct.
asmux: false
# Whether asynchronous uploads via MSC2246 should be enabled for media.
# Requires a media repo that supports MSC2246.
async_media: {{ matrix_mautrix_facebook_homeserver_async_media | to_json }}
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_facebook_appservice_address }}
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 29319
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. Only Postgres is currently supported.
database: {{ matrix_mautrix_facebook_appservice_database|to_json }}
# Public part of web server for out-of-Matrix interaction with the bridge.
public:
# Whether or not the public-facing endpoints should be enabled.
enabled: {{ matrix_mautrix_facebook_appservice_public_enabled|to_json }}
# The prefix to use in the public-facing endpoints.
prefix: {{ matrix_mautrix_facebook_appservice_public_prefix|to_json }}
# The base URL where the public-facing endpoints are available. The prefix is not added
# implicitly.
external: {{ matrix_mautrix_facebook_appservice_public_external|to_json }}
# Allow logging in within Matrix. If false, users can only log in using the web interface.
allow_matrix_login: true
# Segment API key to enable analytics tracking for web server endpoints. Set to null to disable.
# Currently the only events are login start, success and fail.
segment_key: null
# The unique ID of this appservice.
id: facebook
# Username of the appservice bot.
bot_username: {{ matrix_mautrix_facebook_appservice_bot_username|to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: Facebook bridge bot
bot_avatar: mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak
# Authentication tokens for AS <-> HS communication.
as_token: "{{ matrix_mautrix_facebook_appservice_token }}"
hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}"
# Prometheus telemetry config. Requires prometheus-client to be installed.
metrics:
enabled: {{ matrix_mautrix_facebook_metrics_enabled | to_json }}
listen_port: 8000
# Bridge config
bridge:
# Localpart template of MXIDs for Facebook users.
# {userid} is replaced with the user ID of the Facebook user.
username_template: "facebook_{userid}"
# Displayname template for Facebook users.
# {displayname} is replaced with the display name of the Facebook user
# as defined below in displayname_preference.
# Keys available for displayname_preference are also available here.
displayname_template: '{displayname} (FB)'
# Available keys:
# "name" (full name)
# "first_name"
# "last_name"
# "nickname"
# "own_nickname" (user-specific!)
displayname_preference:
- name
- first_name
# The prefix for commands. Only required in non-management rooms.
command_prefix: "{{ matrix_mautrix_facebook_command_prefix }}"
# Number of chats to sync (and create portals for) on startup/login.
# Set 0 to disable automatic syncing.
initial_chat_sync: 10
# Whether or not the Facebook users of logged in Matrix users should be
# invited to private chats when the user sends a message from another client.
invite_own_puppet_to_pm: false
# Whether or not to use /sync to get presence, read receipts and typing notifications
# when double puppeting is enabled
sync_with_custom_puppets: true
# Whether or not to update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# Servers to always allow double puppeting from
double_puppet_server_map: {}
# example.com: https://example.com
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
# If using this for other servers than the bridge's server,
# you must also set the URL in the double_puppet_server_map.
login_shared_secret_map: {{ matrix_mautrix_facebook_bridge_login_shared_secret_map|to_json }}
# Should presence from Facebook be bridged? This doesn't use the same API as the Android app,
# so it might be more suspicious to Facebook.
presence_from_facebook: {{ matrix_mautrix_facebook_bridge_presence|to_json }}
# Whether or not to update avatars when syncing all contacts at startup.
update_avatar_initial_sync: true
# End-to-bridge encryption support options. These require matrix-nio to be installed with pip
# and login_shared_secret to be configured in order to get a device for the bridge bot.
#
# Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
# application service.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: {{ matrix_mautrix_facebook_bridge_encryption_allow|to_json }}
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: {{ matrix_mautrix_facebook_bridge_encryption_default|to_json }}
# Options for automatic key sharing.
key_sharing:
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow_key_sharing: {{ matrix_mautrix_facebook_bridge_encryption_key_sharing_allow|to_json }}
# Require the requesting device to have a valid cross-signing signature?
# This doesn't require that the bridge has verified the device, only that the user has verified it.
# Not yet implemented.
require_cross_signing: false
# Require devices to be verified by the bridge?
# Verification by the bridge is not yet implemented.
require_verification: true
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
# been sent to Facebook.
delivery_receipts: false
# Whether to allow inviting arbitrary mxids to portal rooms
allow_invites: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: {{ matrix_mautrix_facebook_federate_rooms|to_json }}
# Settings for backfilling messages from Facebook.
backfill:
# Whether or not the Facebook users of logged in Matrix users should be
# invited to private chats when backfilling history from Facebook. This is
# usually needed to prevent rate limits and to allow timestamp massaging.
invite_own_puppet: true
# Maximum number of messages to backfill initially.
# Set to 0 to disable backfilling when creating portal.
initial_limit: 0
# Maximum number of messages to backfill if messages were missed while
# the bridge was disconnected.
# Set to 0 to disable backfilling missed messages.
missed_limit: 1000
# If using double puppeting, should notifications be disabled
# while the initial backfill is in progress?
disable_notifications: false
periodic_reconnect:
# Interval in seconds in which to automatically reconnect all users.
# This can be used to automatically mitigate the bug where Facebook stops sending messages.
# Set to -1 to disable periodic reconnections entirely.
interval: -1
# What to do in periodic reconnects. Either "refresh" or "reconnect"
mode: refresh
# Should even disconnected users be reconnected?
always: false
# The number of seconds that a disconnection can last without triggering an automatic re-sync
# and missed message backfilling when reconnecting.
# Set to 0 to always re-sync, or -1 to never re-sync automatically.
resync_max_disconnected_time: 5
# Should the bridge do a resync on startup?
sync_on_startup: true
# Whether or not temporary disconnections should send notices to the notice room.
# If this is false, disconnections will never send messages and connections will only send
# messages if it was disconnected for more than resync_max_disconnected_time seconds.
temporary_disconnect_notices: false
# Whether or not the bridge should try to "refresh" the connection if a normal reconnection
# attempt fails.
refresh_on_reconnection_fail: false
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# Permissions for using the bridge.
# Permitted values:
# user - Use the bridge with puppeting.
# admin - Use and administrate the bridge.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_facebook_bridge_permissions|to_json }}
relay:
# Whether relay mode should be allowed. If allowed, `!fb set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: {{ matrix_mautrix_facebook_relay_enabled }}
# The formats to use when sending messages to Messenger via a relay user.
#
# Available variables:
# $sender_displayname - The display name of the sender (e.g. Example User)
# $sender_username - The username (Matrix ID localpart) of the sender (e.g. alice)
# $sender_mxid - The Matrix ID of the sender (e.g. @alice:example.com)
# $message - The message content
message_formats:
m.text: '<b>$sender_displayname</b>: $message'
m.notice: '<b>$sender_displayname</b>: $message'
m.emote: '* <b>$sender_displayname</b> $message'
m.file: '<b>$sender_displayname</b> sent a file'
m.image: '<b>$sender_displayname</b> sent an image'
m.audio: '<b>$sender_displayname</b> sent an audio file'
m.video: '<b>$sender_displayname</b> sent a video'
m.location: '<b>$sender_displayname</b> sent a location'
facebook:
device_seed: generate
default_region_hint: ODN
connection_type: WIFI
carrier: Verizon
hni: 311390
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging:
version: 1
formatters:
colored:
(): mautrix_facebook.util.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: {{ matrix_mautrix_facebook_logging_level|to_json }}
paho:
level: {{ matrix_mautrix_facebook_logging_level|to_json }}
aiohttp:
level: {{ matrix_mautrix_facebook_logging_level|to_json }}
root:
level: {{ matrix_mautrix_facebook_logging_level|to_json }}
handlers: [console]

9
roles/custom/matrix-bridge-mautrix-facebook/templates/config.yaml.j2.license
View File

@@ -1,9 +0,0 @@
SPDX-FileCopyrightText: 2019 - 2024 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 Hugues Morisset
SPDX-FileCopyrightText: 2020 - 2022 MDAD project contributors
SPDX-FileCopyrightText: 2022 - 2023 Nikita Chernyi
SPDX-FileCopyrightText: 2022 László Várady
SPDX-FileCopyrightText: 2022 Olivér Falvai
SPDX-FileCopyrightText: 2023 Adrien le Maire
SPDX-License-Identifier: AGPL-3.0-or-later

82
roles/custom/matrix-bridge-mautrix-facebook/templates/labels.j2
View File

@@ -1,82 +0,0 @@
{#
SPDX-FileCopyrightText: 2024 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if matrix_mautrix_facebook_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_mautrix_facebook_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_mautrix_facebook_container_labels_traefik_docker_network }}
{% endif %}
traefik.http.services.matrix-mautrix-facebook-appservice.loadbalancer.server.port=29319
traefik.http.services.matrix-mautrix-facebook-metrics.loadbalancer.server.port=8000
{% if matrix_mautrix_facebook_container_labels_public_endpoint_enabled %}
############################################################
# #
# Public #
# #
############################################################
traefik.http.routers.matrix-mautrix-facebook-public.rule={{ matrix_mautrix_facebook_container_labels_public_endpoint_traefik_rule }}
{% if matrix_mautrix_facebook_container_labels_public_endpoint_traefik_priority | int > 0 %}
traefik.http.routers.matrix-mautrix-facebook-public.priority={{ matrix_mautrix_facebook_container_labels_public_endpoint_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-mautrix-facebook-public.service=matrix-mautrix-facebook-appservice
traefik.http.routers.matrix-mautrix-facebook-public.entrypoints={{ matrix_mautrix_facebook_container_labels_public_endpoint_traefik_entrypoints }}
traefik.http.routers.matrix-mautrix-facebook-public.tls={{ matrix_mautrix_facebook_container_labels_public_endpoint_traefik_tls | to_json }}
{% if matrix_mautrix_facebook_container_labels_public_endpoint_traefik_tls %}
traefik.http.routers.matrix-mautrix-facebook-public.tls.certResolver={{ matrix_mautrix_facebook_container_labels_public_endpoint_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Public #
# #
############################################################
{% endif %}
{% if matrix_mautrix_facebook_container_labels_metrics_enabled %}
############################################################
# #
# Metrics #
# #
############################################################
{% if matrix_mautrix_facebook_container_labels_metrics_middleware_basic_auth_enabled %}
traefik.http.middlewares.matrix-mautrix-facebook-metrics-basic-auth.basicauth.users={{ matrix_mautrix_facebook_container_labels_metrics_middleware_basic_auth_users }}
traefik.http.routers.matrix-mautrix-facebook-metrics.middlewares=matrix-mautrix-facebook-metrics-basic-auth
{% endif %}
traefik.http.routers.matrix-mautrix-facebook-metrics.rule={{ matrix_mautrix_facebook_container_labels_metrics_traefik_rule }}
{% if matrix_mautrix_facebook_container_labels_metrics_traefik_priority | int > 0 %}
traefik.http.routers.matrix-mautrix-facebook-metrics.priority={{ matrix_mautrix_facebook_container_labels_metrics_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-mautrix-facebook-metrics.service=matrix-mautrix-facebook-metrics
traefik.http.routers.matrix-mautrix-facebook-metrics.entrypoints={{ matrix_mautrix_facebook_container_labels_metrics_traefik_entrypoints }}
traefik.http.routers.matrix-mautrix-facebook-metrics.tls={{ matrix_mautrix_facebook_container_labels_metrics_traefik_tls | to_json }}
{% if matrix_mautrix_facebook_container_labels_metrics_traefik_tls %}
traefik.http.routers.matrix-mautrix-facebook-metrics.tls.certResolver={{ matrix_mautrix_facebook_container_labels_metrics_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Metrics #
# #
############################################################
{% endif %}
{% endif %}
{{ matrix_mautrix_facebook_container_labels_additional_labels }}

51
roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2
View File

@@ -1,51 +0,0 @@
#jinja2: lstrip_blocks: True
[Unit]
Description=Matrix Mautrix Facebook bridge
{% for service in matrix_mautrix_facebook_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_mautrix_facebook_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-facebook 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true'
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-mautrix-facebook \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_mautrix_facebook_container_network }} \
{% if matrix_mautrix_facebook_appservice_public_enabled and matrix_mautrix_facebook_container_http_host_bind_port %}
-p {{ matrix_mautrix_facebook_container_http_host_bind_port }}:29319 \
{% endif %}
--mount type=bind,src={{ matrix_mautrix_facebook_config_path }},dst=/config \
--mount type=bind,src={{ matrix_mautrix_facebook_data_path }},dst=/data \
--label-file={{ matrix_mautrix_facebook_base_path }}/labels \
{% for arg in matrix_mautrix_facebook_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_mautrix_facebook_docker_image }} \
python3 -m mautrix_facebook -c /config/config.yaml --no-update
{% for network in matrix_mautrix_facebook_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-facebook
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-facebook
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-facebook 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null || true'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-facebook
[Install]
WantedBy=multi-user.target

7
roles/custom/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2.license
View File

@@ -1,7 +0,0 @@
SPDX-FileCopyrightText: 2019 - 2025 Slavi Pantaleev
SPDX-FileCopyrightText: 2019 Hugues Morisset
SPDX-FileCopyrightText: 2020 Chris van Dijk
SPDX-FileCopyrightText: 2020 Scott Crossen
SPDX-FileCopyrightText: 2022 László Várady
SPDX-License-Identifier: AGPL-3.0-or-later

2
roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
View File

@@ -18,7 +18,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma
matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages
matrix_mautrix_gmessages_version: v0.2510.0
matrix_mautrix_gmessages_version: v0.2601.0
# See: https://mau.dev/mautrix/gmessages/container_registry
matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_registry_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}"

193
roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml
View File

@@ -1,193 +0,0 @@
# SPDX-FileCopyrightText: 2021 - 2024 MDAD project contributors
# SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2021 Aaron Raimist
# SPDX-FileCopyrightText: 2021 Marcus Proest
# SPDX-FileCopyrightText: 2022 - 2023 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 László Várady
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2023 Adrien le Maire
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# mautrix-instagram is a Matrix <-> Instagram bridge
# Project source code URL: https://github.com/mautrix/instagram
matrix_mautrix_instagram_enabled: true
matrix_mautrix_instagram_container_image_self_build: false
matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git"
matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/instagram
matrix_mautrix_instagram_version: v0.3.1
# See: https://mau.dev/tulir/mautrix-instagram/container_registry
matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_registry_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}"
matrix_mautrix_instagram_docker_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_instagram_container_image_self_build else matrix_mautrix_instagram_docker_image_registry_prefix_upstream }}"
matrix_mautrix_instagram_docker_image_registry_prefix_upstream: "{{ matrix_mautrix_instagram_docker_image_registry_prefix_upstream_default }}"
matrix_mautrix_instagram_docker_image_registry_prefix_upstream_default: "dock.mau.dev/"
matrix_mautrix_instagram_docker_image_force_pull: "{{ matrix_mautrix_instagram_docker_image.endswith(':latest') }}"
matrix_mautrix_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-instagram"
matrix_mautrix_instagram_config_path: "{{ matrix_mautrix_instagram_base_path }}/config"
matrix_mautrix_instagram_data_path: "{{ matrix_mautrix_instagram_base_path }}/data"
matrix_mautrix_instagram_docker_src_files_path: "{{ matrix_mautrix_instagram_base_path }}/docker-src"
matrix_mautrix_instagram_homeserver_address: ""
matrix_mautrix_instagram_homeserver_domain: '{{ matrix_domain }}'
matrix_mautrix_instagram_appservice_address: 'http://matrix-mautrix-instagram:29330'
matrix_mautrix_instagram_command_prefix: "!ig"
matrix_mautrix_instagram_bridge_permissions: |
{{
{'*': 'relay', matrix_mautrix_instagram_homeserver_domain: 'user'}
| combine({matrix_admin: 'admin'} if matrix_admin else {})
}}
matrix_mautrix_instagram_container_network: ""
matrix_mautrix_instagram_container_additional_networks: "{{ matrix_mautrix_instagram_container_additional_networks_auto + matrix_mautrix_instagram_container_additional_networks_custom }}"
matrix_mautrix_instagram_container_additional_networks_auto: []
matrix_mautrix_instagram_container_additional_networks_custom: []
# matrix_mautrix_instagram_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_mautrix_instagram_container_labels_additional_labels`.
matrix_mautrix_instagram_container_labels_traefik_enabled: true
matrix_mautrix_instagram_container_labels_traefik_docker_network: "{{ matrix_mautrix_instagram_container_network }}"
matrix_mautrix_instagram_container_labels_traefik_entrypoints: web-secure
matrix_mautrix_instagram_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls whether labels will be added that expose mautrix-instagram's metrics
matrix_mautrix_instagram_container_labels_metrics_enabled: "{{ matrix_mautrix_instagram_metrics_enabled and matrix_mautrix_instagram_metrics_proxying_enabled }}"
matrix_mautrix_instagram_container_labels_metrics_traefik_rule: "Host(`{{ matrix_mautrix_instagram_metrics_proxying_hostname }}`) && PathPrefix(`{{ matrix_mautrix_instagram_metrics_proxying_path_prefix }}`)"
matrix_mautrix_instagram_container_labels_metrics_traefik_priority: 0
matrix_mautrix_instagram_container_labels_metrics_traefik_entrypoints: "{{ matrix_mautrix_instagram_container_labels_traefik_entrypoints }}"
matrix_mautrix_instagram_container_labels_metrics_traefik_tls: "{{ matrix_mautrix_instagram_container_labels_metrics_traefik_entrypoints != 'web' }}"
matrix_mautrix_instagram_container_labels_metrics_traefik_tls_certResolver: "{{ matrix_mautrix_instagram_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_mautrix_instagram_container_labels_metrics_middleware_basic_auth_enabled: false
# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
matrix_mautrix_instagram_container_labels_metrics_middleware_basic_auth_users: ''
# matrix_mautrix_instagram_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_mautrix_instagram_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_mautrix_instagram_container_labels_additional_labels: ''
# A list of extra arguments to pass to the container
matrix_mautrix_instagram_container_extra_arguments: []
# List of systemd services that matrix-mautrix-instagram.service depends on.
matrix_mautrix_instagram_systemd_required_services_list: "{{ matrix_mautrix_instagram_systemd_required_services_list_default + matrix_mautrix_instagram_systemd_required_services_list_auto + matrix_mautrix_instagram_systemd_required_services_list_custom }}"
matrix_mautrix_instagram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_mautrix_instagram_systemd_required_services_list_auto: []
matrix_mautrix_instagram_systemd_required_services_list_custom: []
# List of systemd services that matrix-mautrix-instagram.service wants
matrix_mautrix_instagram_systemd_wanted_services_list: []
matrix_mautrix_instagram_appservice_token: ''
matrix_mautrix_instagram_homeserver_token: ''
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_instagram_federate_rooms: true
# Whether or not metrics endpoint should be enabled.
# Enabling them is usually enough for a local (in-container) Prometheus to consume them.
# If metrics need to be consumed by another (external) Prometheus server, consider exposing them via `matrix_mautrix_instagram_metrics_proxying_enabled`.
matrix_mautrix_instagram_metrics_enabled: false
# Controls whether metrics should be exposed on a public URL.
matrix_mautrix_instagram_metrics_proxying_enabled: false
matrix_mautrix_instagram_metrics_proxying_hostname: ''
matrix_mautrix_instagram_metrics_proxying_path_prefix: ''
# Database-related configuration fields.
#
# To use Postgres:
# - adjust your database credentials via the `matrix_mautrix_instagram_database_*` variables
matrix_mautrix_instagram_database_engine: 'postgres'
matrix_mautrix_instagram_database_username: 'matrix_mautrix_instagram'
matrix_mautrix_instagram_database_password: 'some-password'
matrix_mautrix_instagram_database_hostname: ''
matrix_mautrix_instagram_database_port: 5432
matrix_mautrix_instagram_database_name: 'matrix_mautrix_instagram'
matrix_mautrix_instagram_database_connection_string: 'postgres://{{ matrix_mautrix_instagram_database_username }}:{{ matrix_mautrix_instagram_database_password }}@{{ matrix_mautrix_instagram_database_hostname }}:{{ matrix_mautrix_instagram_database_port }}/{{ matrix_mautrix_instagram_database_name }}'
matrix_mautrix_instagram_appservice_database: "{{
{
'postgres': matrix_mautrix_instagram_database_connection_string,
}[matrix_mautrix_instagram_database_engine]
}}"
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
matrix_mautrix_instagram_login_shared_secret: ''
matrix_mautrix_instagram_bridge_login_shared_secret_map: "{{ {matrix_mautrix_instagram_homeserver_domain: matrix_mautrix_instagram_login_shared_secret} if matrix_mautrix_instagram_login_shared_secret else {} }}"
# Enable bridge relay bot functionality
matrix_mautrix_instagram_relay_enabled: "{{ matrix_bridges_relay_enabled }}"
matrix_mautrix_instagram_appservice_bot_username: instagrambot
matrix_mautrix_instagram_bridge_presence: true
# Specifies the default log level for all bridge loggers.
matrix_mautrix_instagram_logging_level: WARNING
# Default configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `matrix_mautrix_instagram_configuration_extension_yaml`)
# or completely replace this variable with your own template.
matrix_mautrix_instagram_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_mautrix_instagram_configuration_extension_yaml: |
# Your custom YAML configuration goes here.
# This configuration extends the default starting configuration (`matrix_mautrix_instagram_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_mautrix_instagram_configuration_yaml`.
matrix_mautrix_instagram_configuration_extension: "{{ matrix_mautrix_instagram_configuration_extension_yaml | from_yaml if matrix_mautrix_instagram_configuration_extension_yaml | from_yaml is mapping else {} }}"
# Holds the final configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_instagram_configuration_yaml`.
matrix_mautrix_instagram_configuration: "{{ matrix_mautrix_instagram_configuration_yaml | from_yaml | combine(matrix_mautrix_instagram_configuration_extension, recursive=True) }}"
matrix_mautrix_instagram_registration_yaml: |
id: instagram
as_token: "{{ matrix_mautrix_instagram_appservice_token }}"
hs_token: "{{ matrix_mautrix_instagram_homeserver_token }}"
namespaces:
users:
- exclusive: true
regex: '^@instagram_.+:{{ matrix_mautrix_instagram_homeserver_domain | regex_escape }}$'
- exclusive: true
regex: '^@{{ matrix_mautrix_instagram_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_instagram_homeserver_domain | regex_escape }}$'
url: {{ matrix_mautrix_instagram_appservice_address }}
# See https://github.com/mautrix/signal/issues/43
sender_localpart: _bot_{{ matrix_mautrix_instagram_appservice_bot_username }}
rate_limited: false
de.sorunome.msc2409.push_ephemeral: true
receive_ephemeral: true
matrix_mautrix_instagram_registration: "{{ matrix_mautrix_instagram_registration_yaml | from_yaml }}"
# Enable End-to-bridge encryption
matrix_mautrix_instagram_bridge_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
matrix_mautrix_instagram_bridge_encryption_default: "{{ matrix_bridges_encryption_default }}"
matrix_mautrix_instagram_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_instagram_bridge_encryption_allow }}"

27
roles/custom/matrix-bridge-mautrix-instagram/tasks/main.yml
View File

@@ -1,27 +0,0 @@
# SPDX-FileCopyrightText: 2021 Marcus Proest
# SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2023 Adrien le Maire
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- tags:
- setup-all
- setup-mautrix-instagram
- install-all
- install-mautrix-instagram
block:
- when: matrix_mautrix_instagram_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- when: matrix_mautrix_instagram_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
- tags:
- setup-all
- setup-mautrix-instagram
block:
- when: not matrix_mautrix_instagram_enabled | bool
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"

99
roles/custom/matrix-bridge-mautrix-instagram/tasks/setup_install.yml
View File

@@ -1,99 +0,0 @@
# SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2021 Marcus Proest
# SPDX-FileCopyrightText: 2022 Jim Myhrberg
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2022 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 Sebastian Gumprich
# SPDX-FileCopyrightText: 2024 David Mehren
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Ensure Mautrix instagram image is pulled
community.docker.docker_image:
name: "{{ matrix_mautrix_instagram_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_mautrix_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_instagram_docker_image_force_pull }}"
when: not matrix_mautrix_instagram_container_image_self_build
register: result
retries: "{{ devture_playbook_help_container_retries_count }}"
delay: "{{ devture_playbook_help_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix instagram paths exist
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: 0750
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- {path: "{{ matrix_mautrix_instagram_base_path }}", when: true}
- {path: "{{ matrix_mautrix_instagram_config_path }}", when: true}
- {path: "{{ matrix_mautrix_instagram_data_path }}", when: true}
- {path: "{{ matrix_mautrix_instagram_docker_src_files_path }}", when: "{{ matrix_mautrix_instagram_container_image_self_build }}"}
when: item.when | bool
- name: Ensure Mautrix instagram repository is present on self-build
ansible.builtin.git:
repo: "{{ matrix_mautrix_instagram_container_image_self_build_repo }}"
version: "{{ matrix_mautrix_instagram_container_image_self_build_repo_version }}"
dest: "{{ matrix_mautrix_instagram_docker_src_files_path }}"
force: "yes"
become: true
become_user: "{{ matrix_user_name }}"
register: matrix_mautrix_instagram_git_pull_results
when: "matrix_mautrix_instagram_container_image_self_build | bool"
- name: Ensure Mautrix instagram Docker image is built
community.docker.docker_image:
name: "{{ matrix_mautrix_instagram_docker_image }}"
source: build
force_source: "{{ matrix_mautrix_instagram_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_instagram_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
path: "{{ matrix_mautrix_instagram_docker_src_files_path }}"
pull: true
when: "matrix_mautrix_instagram_container_image_self_build | bool"
- name: Ensure mautrix-instagram config.yaml installed
ansible.builtin.copy:
content: "{{ matrix_mautrix_instagram_configuration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_instagram_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure mautrix-instagram registration.yaml installed
ansible.builtin.copy:
content: "{{ matrix_mautrix_instagram_registration | to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_instagram_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
- name: Ensure mautrix-instagram support files installed
ansible.builtin.template:
src: "{{ role_path }}/templates/{{ item }}.j2"
dest: "{{ matrix_mautrix_instagram_base_path }}/{{ item }}"
mode: 0640
owner: "{{ matrix_user_name }}"
group: "{{ matrix_group_name }}"
with_items:
- labels
- name: Ensure matrix-mautrix-instagram container network is created
community.general.docker_network:
enable_ipv6: "{{ devture_systemd_docker_base_ipv6_enabled }}"
name: "{{ matrix_mautrix_instagram_container_network }}"
driver: bridge
driver_options: "{{ devture_systemd_docker_base_container_networks_driver_options }}"
- name: Ensure matrix-mautrix-instagram.service installed
ansible.builtin.template:
src: "{{ role_path }}/templates/systemd/matrix-mautrix-instagram.service.j2"
dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-mautrix-instagram.service"
mode: 0644

29
roles/custom/matrix-bridge-mautrix-instagram/tasks/validate_config.yml
View File

@@ -1,29 +0,0 @@
# SPDX-FileCopyrightText: 2021 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2021 Marcus Proest
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Fail if required mautrix-instagram settings not defined
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item.name }}`).
when: "item.when | bool and lookup('vars', item.name, default='') | string | length == 0"
with_items:
- {'name': 'matrix_mautrix_instagram_appservice_token', when: true}
- {'name': 'matrix_mautrix_instagram_homeserver_address', when: true}
- {'name': 'matrix_mautrix_instagram_homeserver_token', when: true}
- {'name': 'matrix_mautrix_instagram_container_network', when: true}
- {'name': 'matrix_mautrix_instagram_database_hostname', when: "{{ matrix_mautrix_instagram_database_engine == 'postgres' }}"}
- {'name': 'matrix_mautrix_instagram_metrics_proxying_hostname', when: "{{ matrix_mautrix_instagram_metrics_proxying_enabled }}"}
- {'name': 'matrix_mautrix_instagram_metrics_proxying_path_prefix', when: "{{ matrix_mautrix_instagram_metrics_proxying_enabled }}"}
- name: (Deprecation) Catch and report renamed mautrix-instagram variables
ansible.builtin.fail:
msg: >-
Your configuration contains a variable, which now has a different name.
Please rename the variable (`{{ item.old }}` -> `{{ item.new }}`) on your configuration file (vars.yml).
when: "lookup('ansible.builtin.varnames', ('^' + item.old + '$'), wantlist=True) | length > 0"
with_items:
- {'old': 'matrix_mautrix_instagram_docker_image_name_prefix', 'new': 'matrix_mautrix_instagram_docker_image_registry_prefix'}

244
roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2
View File

@@ -1,244 +0,0 @@
#jinja2: lstrip_blocks: True
# Homeserver details
homeserver:
# The address that this appservice can use to connect to the homeserver.
address: {{ matrix_mautrix_instagram_homeserver_address }}
# The domain of the homeserver (for MXIDs, etc).
domain: {{ matrix_mautrix_instagram_homeserver_domain }}
# Whether or not to verify the SSL certificate of the homeserver.
# Only applies if address starts with https://
verify_ssl: true
# Whether or not the homeserver supports asmux-specific endpoints,
# such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically
# updating m.direct.
asmux: false
# Application service host/registration related details
# Changing these values requires regeneration of the registration.
appservice:
# The address that the homeserver can use to connect to this appservice.
address: {{ matrix_mautrix_instagram_appservice_address }}
# When using https:// the TLS certificate and key files for the address.
tls_cert: false
tls_key: false
# The hostname and port where this appservice should listen.
hostname: 0.0.0.0
port: 29330
# The maximum body size of appservice API requests (from the homeserver) in mebibytes
# Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
max_body_size: 1
# The full URI to the database. Only Postgres is currently supported.
database: {{ matrix_mautrix_instagram_appservice_database|to_json }}
# Additional arguments for asyncpg.create_pool()
# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
database_opts:
min_size: 5
max_size: 10
# The unique ID of this appservice.
id: instagram
# Username of the appservice bot.
bot_username: {{ matrix_mautrix_instagram_appservice_bot_username|to_json }}
# Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
# to leave display name/avatar as-is.
bot_displayname: Instagram bridge bot
bot_avatar: mxc://maunium.net/JxjlbZUlCPULEeHZSwleUXQv
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
ephemeral_events: false
# Authentication tokens for AS <-> HS communication.
as_token: "{{ matrix_mautrix_instagram_appservice_token }}"
hs_token: "{{ matrix_mautrix_instagram_homeserver_token }}"
# Prometheus telemetry config. Requires prometheus-client to be installed.
metrics:
enabled: {{ matrix_mautrix_instagram_metrics_enabled | to_json }}
listen_port: 8000
instagram:
# Seed for generating devices. This is secret because the seed is used to generate
# device IDs, which can apparently be used to bypass two-factor authentication after
# logging out, because Instagram is insecure.
device_seed: generate
# Bridge config
bridge:
# Localpart template of MXIDs for Instagram users.
# {userid} is replaced with the user ID of the Instagram user.
username_template: "instagram_{userid}"
# Displayname template for Instagram users.
# {displayname} is replaced with the display name of the Instagram user.
# {username} is replaced with the username of the Instagram user.
displayname_template: "{username} (Instagram)"
# Maximum length of displayname
displayname_max_length: 100
# Maximum number of seconds since the last activity in a chat to automatically create portals.
portal_create_max_age: 86400
# Maximum number of chats to fetch for startup sync
chat_sync_limit: 100
# Whether or not to use /sync to get read receipts and typing notifications
# when double puppeting is enabled
sync_with_custom_puppets: true
# Whether or not to update the m.direct account data event when double puppeting is enabled.
# Note that updating the m.direct event is not atomic (except with mautrix-asmux)
# and is therefore prone to race conditions.
sync_direct_chat_list: false
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Servers to allow double puppeting from, even if double_puppet_allow_discovery is false.
double_puppet_server_map: {}
# example.com: https://example.com
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
# instead of users having to find an access token and run `login-matrix`
# manually.
# If using this for other servers than the bridge's server,
# you must also set the URL in the double_puppet_server_map.
login_shared_secret_map:
{{ matrix_mautrix_instagram_bridge_login_shared_secret_map|to_json }}
# Whether or not to update avatars when syncing all contacts at startup.
update_avatar_initial_sync: true
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: {{ matrix_mautrix_instagram_federate_rooms|to_json }}
# Settings for backfilling messages from Instagram.
backfill:
# Whether or not the Instagram users of logged in Matrix users should be
# invited to private chats when backfilling history from Instagram. This is
# usually needed to prevent rate limits and to allow timestamp massaging.
invite_own_puppet: true
# Maximum number of messages to backfill initially.
# Set to 0 to disable backfilling when creating portal.
initial_limit: 0
# Maximum number of messages to backfill if messages were missed while
# the bridge was disconnected.
# Set to 0 to disable backfilling missed messages.
missed_limit: 1000
# If using double puppeting, should notifications be disabled
# while the initial backfill is in progress?
disable_notifications: false
periodic_reconnect:
# Interval in seconds in which to automatically reconnect all users.
# This can be used to automatically mitigate the bug where Instagram stops sending messages.
# Set to -1 to disable periodic reconnections entirely.
interval: -1
# Whether or not the bridge should backfill chats when reconnecting.
resync: true
# Should even disconnected users be reconnected?
always: false
# End-to-bridge encryption support options. These require matrix-nio to be installed with pip
# and login_shared_secret to be configured in order to get a device for the bridge bot.
#
# Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
# application service.
encryption:
# Allow encryption, work in group chat rooms with e2ee enabled
allow: {{ matrix_mautrix_instagram_bridge_encryption_allow|to_json }}
# Default to encryption, force-enable encryption in all portals the bridge creates
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: {{ matrix_mautrix_instagram_bridge_encryption_default|to_json }}
# Options for automatic key sharing.
key_sharing:
# Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
# You must use a client that supports requesting keys from other users to use this feature.
allow: {{ matrix_mautrix_instagram_bridge_encryption_key_sharing_allow|to_json }}
# Require the requesting device to have a valid cross-signing signature?
# This doesn't require that the bridge has verified the device, only that the user has verified it.
# Not yet implemented.
require_cross_signing: false
# Require devices to be verified by the bridge?
# Verification by the bridge is not yet implemented.
require_verification: true
# Whether or not to explicitly set the avatar and room name for private
# chat portal rooms. This will be implicitly enabled if encryption.default is true.
private_chat_portal_meta: false
# Whether or not the bridge should send a read receipt from the bridge bot when a message has
# been sent to Instagram.
delivery_receipts: false
# Whether or not delivery errors should be reported as messages in the Matrix room.
delivery_error_reports: true
# Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
# This field will automatically be changed back to false after it,
# except if the config file is not writable.
resend_bridge_info: false
# Whether or not unimportant bridge notices should be sent to the user.
# (e.g. connected, disconnected but will retry)
unimportant_bridge_notices: true
# The prefix for commands. Only required in non-management rooms.
command_prefix: "{{ matrix_mautrix_instagram_command_prefix }}"
# Permissions for using the bridge.
# Permitted values:
# user - Use the bridge with puppeting.
# admin - Use and administrate the bridge.
# Permitted keys:
# * - All Matrix users
# domain - All users on that homeserver
# mxid - Specific user
permissions: {{ matrix_mautrix_instagram_bridge_permissions|to_json }}
# Provisioning API part of the web server for automated portal creation and fetching information.
# Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager).
provisioning:
# Whether or not the provisioning API should be enabled.
enabled: true
# The prefix to use in the provisioning API endpoints.
prefix: /_matrix/provision/v1
# The shared secret to authorize users of the API.
# Set to "generate" to generate and save a new token.
shared_secret: generate
relay:
# Whether relay mode should be allowed. If allowed, `!ig set-relay` can be used to turn any
# authenticated user into a relaybot for that chat.
enabled: {{ matrix_mautrix_instagram_relay_enabled }}
# The formats to use when sending messages to Instagram via a relay user.
#
# Available variables:
# $sender_displayname - The display name of the sender (e.g. Example User)
# $sender_username - The username (Matrix ID localpart) of the sender (e.g. alice)
# $sender_mxid - The Matrix ID of the sender (e.g. @alice:example.com)
# $message - The message content
#
# Note that Instagram doesn't support captions for images, so images won't include any indication of being relayed.
message_formats:
m.text: '$sender_displayname: $message'
m.notice: '$sender_displayname: $message'
m.emote: '* $sender_displayname $message'
# Python logging configuration.
#
# See section 16.7.2 of the Python documentation for more info:
# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
logging:
version: 1
formatters:
colored:
(): mautrix_instagram.util.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
console:
class: logging.StreamHandler
formatter: colored
loggers:
mau:
level: {{ matrix_mautrix_instagram_logging_level|to_json }}
mauigpapi:
level: {{ matrix_mautrix_instagram_logging_level|to_json }}
paho:
level: {{ matrix_mautrix_instagram_logging_level|to_json }}
aiohttp:
level: {{ matrix_mautrix_instagram_logging_level|to_json }}
root:
level: {{ matrix_mautrix_instagram_logging_level|to_json }}
handlers: [console]

10
roles/custom/matrix-bridge-mautrix-instagram/templates/config.yaml.j2.license
View File

@@ -1,10 +0,0 @@
SPDX-FileCopyrightText: 2021 - 2022 MDAD project contributors
SPDX-FileCopyrightText: 2021 Marcus Proest
SPDX-FileCopyrightText: 2022 - 2023 Nikita Chernyi
SPDX-FileCopyrightText: 2022 - 2023 Slavi Pantaleev
SPDX-FileCopyrightText: 2022 László Várady
SPDX-FileCopyrightText: 2023 Adrien le Maire
SPDX-FileCopyrightText: 2023 Kevin Kengen
SPDX-FileCopyrightText: 2024 Suguru Hirahara
SPDX-License-Identifier: AGPL-3.0-or-later

52
roles/custom/matrix-bridge-mautrix-instagram/templates/labels.j2
View File

@@ -1,52 +0,0 @@
{#
SPDX-FileCopyrightText: 2024 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later
#}
{% if matrix_mautrix_instagram_container_labels_traefik_enabled %}
traefik.enable=true
{% if matrix_mautrix_instagram_container_labels_traefik_docker_network %}
traefik.docker.network={{ matrix_mautrix_instagram_container_labels_traefik_docker_network }}
{% endif %}
traefik.http.services.matrix-mautrix-instagram-metrics.loadbalancer.server.port=8000
{% if matrix_mautrix_instagram_container_labels_metrics_enabled %}
############################################################
# #
# Metrics #
# #
############################################################
{% if matrix_mautrix_instagram_container_labels_metrics_middleware_basic_auth_enabled %}
traefik.http.middlewares.matrix-mautrix-instagram-metrics-basic-auth.basicauth.users={{ matrix_mautrix_instagram_container_labels_metrics_middleware_basic_auth_users }}
traefik.http.routers.matrix-mautrix-instagram-metrics.middlewares=matrix-mautrix-instagram-metrics-basic-auth
{% endif %}
traefik.http.routers.matrix-mautrix-instagram-metrics.rule={{ matrix_mautrix_instagram_container_labels_metrics_traefik_rule }}
{% if matrix_mautrix_instagram_container_labels_metrics_traefik_priority | int > 0 %}
traefik.http.routers.matrix-mautrix-instagram-metrics.priority={{ matrix_mautrix_instagram_container_labels_metrics_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-mautrix-instagram-metrics.service=matrix-mautrix-instagram-metrics
traefik.http.routers.matrix-mautrix-instagram-metrics.entrypoints={{ matrix_mautrix_instagram_container_labels_metrics_traefik_entrypoints }}
traefik.http.routers.matrix-mautrix-instagram-metrics.tls={{ matrix_mautrix_instagram_container_labels_metrics_traefik_tls | to_json }}
{% if matrix_mautrix_instagram_container_labels_metrics_traefik_tls %}
traefik.http.routers.matrix-mautrix-instagram-metrics.tls.certResolver={{ matrix_mautrix_instagram_container_labels_metrics_traefik_tls_certResolver }}
{% endif %}
############################################################
# #
# /Metrics #
# #
############################################################
{% endif %}
{% endif %}
{{ matrix_mautrix_instagram_container_labels_additional_labels }}

48
roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2
View File

@@ -1,48 +0,0 @@
#jinja2: lstrip_blocks: True
[Unit]
Description=Matrix Mautrix Instagram bridge
{% for service in matrix_mautrix_instagram_systemd_required_services_list %}
Requires={{ service }}
After={{ service }}
{% endfor %}
{% for service in matrix_mautrix_instagram_systemd_wanted_services_list %}
Wants={{ service }}
{% endfor %}
DefaultDependencies=no
[Service]
Type=simple
Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-instagram 2>/dev/null || true'
ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true'
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--rm \
--name=matrix-mautrix-instagram \
--log-driver=none \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_mautrix_instagram_container_network }} \
--mount type=bind,src={{ matrix_mautrix_instagram_config_path }},dst=/config \
--mount type=bind,src={{ matrix_mautrix_instagram_data_path }},dst=/data \
--label-file={{ matrix_mautrix_instagram_base_path }}/labels \
{% for arg in matrix_mautrix_instagram_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_mautrix_instagram_docker_image }} \
python3 -m mautrix_instagram -c /config/config.yaml --no-update
{% for network in matrix_mautrix_instagram_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-mautrix-instagram
{% endfor %}
ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-mautrix-instagram
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop -t {{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-mautrix-instagram 2>/dev/null || true'
ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-mautrix-instagram 2>/dev/null || true'
Restart=always
RestartSec=30
SyslogIdentifier=matrix-mautrix-instagram
[Install]
WantedBy=multi-user.target

4
roles/custom/matrix-bridge-mautrix-instagram/templates/systemd/matrix-mautrix-instagram.service.j2.license
View File

@@ -1,4 +0,0 @@
SPDX-FileCopyrightText: 2021 Marcus Proest
SPDX-FileCopyrightText: 2022 - 2025 Slavi Pantaleev
SPDX-License-Identifier: AGPL-3.0-or-later

2
roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
View File

@@ -20,7 +20,7 @@ matrix_mautrix_meta_instagram_enabled: true
matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_instagram_version: v0.2510.0
matrix_mautrix_meta_instagram_version: v0.2512.0
matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram"
matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config"

2
roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
View File

@@ -20,7 +20,7 @@ matrix_mautrix_meta_messenger_enabled: true
matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger
# renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
matrix_mautrix_meta_messenger_version: v0.2510.0
matrix_mautrix_meta_messenger_version: v0.2512.0
matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger"
matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config"

5
roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
View File

@@ -25,7 +25,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/
matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
matrix_mautrix_signal_version: v0.2510.0
matrix_mautrix_signal_version: v0.2601.0
# See: https://mau.dev/mautrix/signal/container_registry
matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_registry_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}"
@@ -50,11 +50,14 @@ matrix_mautrix_signal_appservice_address: "http://matrix-mautrix-signal:8080"
matrix_mautrix_signal_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
matrix_mautrix_signal_self_sign_enabled: "{{ matrix_bridges_self_sign_enabled }}"
matrix_mautrix_signal_extev_polls: false
matrix_mautrix_signal_command_prefix: "!signal"
# Displayname template for Signal users.
# {{.ProfileName}} - The Signal profile name set by the user.
# {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances.
# {{.Nickname}} - The nickname set for the user in the native Signal app. This is not safe on multi-user instances.
# {{.PhoneNumber}} - The phone number of the user.
# {{.UUID}} - The UUID of the Signal user.
# {{.AboutEmoji}} - The emoji set by the user in their profile.

2
roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2
View File

@@ -19,6 +19,8 @@ network:
# Google Maps: 'https://www.google.com/maps/place/%[1]s,%[2]s'
# OpenStreetMap: 'https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s'
location_format: 'https://www.google.com/maps/place/%[1]s,%[2]s'
# Should polls be sent using unstable MSC3381 event types?
extev_polls: {{ matrix_mautrix_signal_extev_polls | to_json }}
# Config options that affect the central bridge module.
bridge:

2
roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml
View File

@@ -17,7 +17,7 @@ matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/s
matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/slack
matrix_mautrix_slack_version: v0.2510.0
matrix_mautrix_slack_version: v0.2511.0
# See: https://mau.dev/mautrix/slack/container_registry
matrix_mautrix_slack_docker_image: "{{ matrix_mautrix_slack_docker_image_registry_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}"
matrix_mautrix_slack_docker_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_slack_container_image_self_build else matrix_mautrix_slack_docker_image_registry_prefix_upstream }}"

2
roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml
View File

@@ -22,7 +22,7 @@ matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/maut
matrix_mautrix_twitter_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_twitter_version == 'latest' else matrix_mautrix_twitter_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/twitter
matrix_mautrix_twitter_version: v0.2510.0
matrix_mautrix_twitter_version: v0.2511.0
# See: https://mau.dev/tulir/mautrix-twitter/container_registry
matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_registry_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}"
matrix_mautrix_twitter_docker_image_registry_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else matrix_mautrix_twitter_docker_image_registry_prefix_upstream }}"

2
roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
View File

@@ -28,7 +28,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
# renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp
matrix_mautrix_whatsapp_version: v0.2510.0
matrix_mautrix_whatsapp_version: v0.2601.0
# See: https://mau.dev/mautrix/whatsapp/container_registry
matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_registry_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"

2
roles/custom/matrix-bridge-mautrix-wsproxy/tasks/validate_config.yml
View File

@@ -9,7 +9,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
when: "lookup('vars', item, default='') == ''"
with_items:
- "matrix_mautrix_androidsms_appservice_token"
- "matrix_mautrix_androidsms_homeserver_token"

2
roles/custom/matrix-bridge-postmoogle/defaults/main.yml
View File

@@ -18,7 +18,7 @@ matrix_postmoogle_docker_repo_version: "{{ 'main' if matrix_postmoogle_version =
matrix_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src"
# renovate: datasource=docker depName=ghcr.io/etkecc/postmoogle
matrix_postmoogle_version: v0.9.27
matrix_postmoogle_version: v0.9.28
matrix_postmoogle_docker_image: "{{ matrix_postmoogle_docker_image_registry_prefix }}etkecc/postmoogle:{{ matrix_postmoogle_version }}"
matrix_postmoogle_docker_image_registry_prefix: "{{ 'localhost/' if matrix_postmoogle_container_image_self_build else matrix_postmoogle_docker_image_registry_prefix_upstream }}"
matrix_postmoogle_docker_image_registry_prefix_upstream: "{{ matrix_postmoogle_docker_image_registry_prefix_upstream_default }}"

2
roles/custom/matrix-bridge-sms/tasks/validate_config.yml
View File

@@ -11,7 +11,7 @@
ansible.builtin.fail:
msg: >-
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
when: "lookup('vars', item, default='') == ''"
with_items:
- "matrix_sms_bridge_appservice_token"
- "matrix_sms_bridge_homeserver_hostname"

14
roles/custom/matrix-bridge-steam/defaults/main.yml
View File

@@ -13,7 +13,7 @@ matrix_steam_bridge_container_image_self_build_repo: "https://github.com/jasonla
matrix_steam_bridge_container_image_self_build_repo_version: "{{ 'main' if matrix_steam_bridge_version == 'latest' else matrix_steam_bridge_version }}"
# renovate: datasource=docker depName=ghcr.io/jasonlaguidice/matrix-steam-bridge
matrix_steam_bridge_version: 1.0.7
matrix_steam_bridge_version: 1.1.0
matrix_steam_bridge_docker_image: "{{ matrix_steam_bridge_docker_image_registry_prefix }}jasonlaguidice/matrix-steam-bridge:{{ matrix_steam_bridge_version }}"
matrix_steam_bridge_docker_image_registry_prefix: "{{ 'localhost/' if matrix_steam_bridge_container_image_self_build else matrix_steam_bridge_docker_image_registry_prefix_upstream }}"
matrix_steam_bridge_docker_image_registry_prefix_upstream: "{{ matrix_steam_bridge_docker_image_registry_prefix_upstream_default }}"
@@ -52,10 +52,14 @@ matrix_steam_bridge_public_media_signing_key: ''
matrix_steam_bridge_public_media_expiry: 0
matrix_steam_bridge_public_media_hash_length: 32
# Displayname template for Steam users
# {{ .DisplayName }} is replaced with the display name of the Steam user
# {{ .Username }} is replaced with the username of the Steam user
matrix_steam_bridge_network_displayname_template: "{% raw %}{{ .DisplayName }} (Steam){% endraw %}"
# Display name template for Steam users.
# Available template variables:
# {{.PersonaName}} - The Steam display name/persona name (most commonly used)
# {{.AccountName}} - The Steam account/login name
# {{.SteamID}} - The numeric Steam ID
# {{.ProfileURL}} - The Steam profile URL
# You can use template functions like {{or}} to provide fallbacks.
matrix_steam_bridge_network_displayname_template: "{% raw %}{{ .PersonaName }} (Steam){% endraw %}"
matrix_steam_bridge_command_prefix: "!steam"

122
roles/custom/matrix-bridge-zulip/defaults/main.yml Normal file
View File

@@ -0,0 +1,122 @@
# SPDX-FileCopyrightText: 2021 - 2022 Toni Spets
# SPDX-FileCopyrightText: 2022 - 2023 Nikita Chernyi
# SPDX-FileCopyrightText: 2022 - 2025 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 MDAD project contributors
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2023 Samuel Meenzen
# SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
# MatrixZulipBridge is a puppeting appservice bridge for Zulip
# Project source code URL: https://github.com/GearKite/MatrixZulipBridge
matrix_zulip_bridge_enabled: true
matrix_zulip_bridge_scheme: https
matrix_zulip_bridge_hostname: "{{ matrix_server_fqn_matrix }}"
matrix_zulip_bridge_path_prefix: "/zulip"
# renovate: datasource=docker depName=ghcr.io/gearkite/matrixzulipbridge
matrix_zulip_bridge_version: v0.4.1
matrix_zulip_bridge_docker_image: "{{ matrix_zulip_bridge_docker_image_registry_prefix }}gearkite/matrixzulipbridge:{{ matrix_zulip_bridge_version }}"
matrix_zulip_bridge_docker_image_registry_prefix: "{{ matrix_zulip_bridge_docker_image_registry_prefix_upstream }}"
matrix_zulip_bridge_docker_image_registry_prefix_upstream: "{{ matrix_zulip_bridge_docker_image_registry_prefix_upstream_default }}"
matrix_zulip_bridge_docker_image_registry_prefix_upstream_default: ghcr.io/
matrix_zulip_bridge_docker_image_force_pull: "{{ matrix_zulip_bridge_docker_image.endswith(':latest') }}"
matrix_zulip_bridge_base_path: "{{ matrix_base_data_path }}/zulip"
matrix_zulip_bridge_container_network: ""
# The port number in the container
matrix_zulip_bridge_container_http_port: 9898
matrix_zulip_bridge_container_additional_networks: "{{ matrix_zulip_bridge_container_additional_networks_auto + matrix_zulip_bridge_container_additional_networks_custom }}"
matrix_zulip_bridge_container_additional_networks_auto: []
matrix_zulip_bridge_container_additional_networks_custom: []
# Controls how long to wait for the container to stop gracefully before killing it.
# We use a small value here, because this container does not seem to handle the SIGTERM signal.
matrix_zulip_bridge_container_stop_grace_time_seconds: 1
# matrix_zulip_bridge_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `matrix_zulip_bridge_container_labels_additional_labels`.
matrix_zulip_bridge_container_labels_traefik_enabled: true
matrix_zulip_bridge_container_labels_traefik_docker_network: "{{ matrix_zulip_bridge_container_network }}"
matrix_zulip_bridge_container_labels_traefik_hostname: "{{ matrix_zulip_bridge_hostname }}"
matrix_zulip_bridge_container_labels_traefik_path_prefix: "{{ matrix_zulip_bridge_path_prefix }}"
matrix_zulip_bridge_container_labels_traefik_entrypoints: web-secure
matrix_zulip_bridge_container_labels_traefik_tls_certResolver: default # noqa var-naming
# Controls if the media router is enabled
matrix_zulip_bridge_container_labels_traefik_media_enabled: true
matrix_zulip_bridge_container_labels_traefik_media_hostname: "{{ matrix_zulip_bridge_container_labels_traefik_hostname }}"
# The path prefix must either be `/` or not end with a slash (e.g. `/zulip`).
matrix_zulip_bridge_container_labels_traefik_media_path_prefix: "{{ '' if matrix_zulip_bridge_container_labels_traefik_path_prefix == '/' else (matrix_zulip_bridge_container_labels_traefik_path_prefix) }}/_bridge_zulip/media"
matrix_zulip_bridge_container_labels_traefik_media_rule: "Host(`{{ matrix_zulip_bridge_container_labels_traefik_media_hostname }}`){% if matrix_zulip_bridge_container_labels_traefik_media_path_prefix != '/' %} && PathPrefix(`{{ matrix_zulip_bridge_container_labels_traefik_media_path_prefix }}`){% endif %}"
matrix_zulip_bridge_container_labels_traefik_media_priority: 0
matrix_zulip_bridge_container_labels_traefik_media_entrypoints: "{{ matrix_zulip_bridge_container_labels_traefik_entrypoints }}"
matrix_zulip_bridge_container_labels_traefik_media_tls: "{{ matrix_zulip_bridge_container_labels_traefik_media_entrypoints != 'web' }}"
matrix_zulip_bridge_container_labels_traefik_media_tls_certResolver: "{{ matrix_zulip_bridge_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# matrix_zulip_bridge_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
# Example:
# matrix_zulip_bridge_container_labels_additional_labels: |
# my.label=1
# another.label="here"
matrix_zulip_bridge_container_labels_additional_labels: ''
# A list of extra arguments to pass to the container
matrix_zulip_bridge_container_extra_arguments: []
# List of systemd services that service depends on.
matrix_zulip_bridge_systemd_required_services_list: "{{ matrix_zulip_bridge_systemd_required_services_list_default + matrix_zulip_bridge_systemd_required_services_list_auto + matrix_zulip_bridge_systemd_required_services_list_custom }}"
matrix_zulip_bridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
matrix_zulip_bridge_systemd_required_services_list_auto: []
matrix_zulip_bridge_systemd_required_services_list_custom: []
# List of systemd services that service wants
matrix_zulip_bridge_systemd_wanted_services_list: []
matrix_zulip_bridge_homeserver_url: ""
matrix_zulip_bridge_appservice_token: ''
matrix_zulip_bridge_homeserver_token: ''
matrix_zulip_bridge_config_media_url: "{{ matrix_zulip_bridge_scheme }}://{{ matrix_zulip_bridge_hostname }}"
# This matches the hardcoded `DEFAULT_MEDIA_PATH` in MatrixZulipBridge, but uses `matrix_zulip_bridge_path_prefix` as the path prefix.
# See: https://github.com/GearKite/MatrixZulipBridge/blob/2ba51f3da2ad8bd33460c953ef91a9cfc585a2d4/matrixzulipbridge/__main__.py#L87
matrix_zulip_bridge_config_media_path: "{{ matrix_zulip_bridge_container_labels_traefik_media_path_prefix }}/v3/download/{netloc}{path}{filename}"
matrix_zulip_bridge_config_media_key: "{{ matrix_zulip_bridge_homeserver_token }}"
matrix_zulip_bridge_config_displayname: "Zulip bridge bot"
matrix_zulip_bridge_registration_yaml_bridge_zulip:
media_url: "{{ matrix_zulip_bridge_config_media_url }}"
media_path: "{{ matrix_zulip_bridge_config_media_path }}"
media_key: "{{ matrix_zulip_bridge_config_media_key }}"
displayname: "{{ matrix_zulip_bridge_config_displayname }}"
# Default registration file consumed by both the homeserver and MatrixZulipBridge.
# Besides registration information, it contains configuration (see the Zulip bridge key).
matrix_zulip_bridge_registration_yaml:
id: zulip
url: http://matrix-zulip-bridge:{{ matrix_zulip_bridge_container_http_port }}
as_token: "{{ matrix_zulip_bridge_appservice_token }}"
hs_token: "{{ matrix_zulip_bridge_homeserver_token }}"
rate_limited: false
sender_localpart: zulipbot
namespaces:
users:
- regex: '@zulip_.*'
exclusive: true
aliases: []
rooms: []
zulipbridge: "{{ matrix_zulip_bridge_registration_yaml_bridge_zulip }}"
matrix_zulip_bridge_registration: "{{ matrix_zulip_bridge_registration_yaml | from_yaml }}"

29
roles/custom/matrix-bridge-zulip/tasks/main.yml Normal file
View File

@@ -0,0 +1,29 @@
# SPDX-FileCopyrightText: 2021 Toni Spets
# SPDX-FileCopyrightText: 2022 - 2024 Slavi Pantaleev
# SPDX-FileCopyrightText: 2022 Marko Weltzer
# SPDX-FileCopyrightText: 2025 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later
---
- name: Perform the Zulip bridge installation tasks
when: matrix_zulip_bridge_enabled | bool
tags:
- setup-all
- setup-bridge-zulip
- install-all
- install-bridge-zulip
block:
- name: Validate the Zulip bridge configuration
ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
- name: Install the Zulip bridge
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_install.yml"
- name: Perform the Zulip bridge uninstallation tasks
when: not matrix_zulip_bridge_enabled | bool
tags:
- setup-all
- setup-bridge-zulip
block:
- name: Uninstall the Zulip bridge
ansible.builtin.include_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"

Some files were not shown because too many files have changed in this diff Show More