Add Matrix RTC stack docs and rename variable for installing "just the Matrix RTC stack"

Add support for easily installing the Element Call Stack, without the Element Call frontend
2026-01-27 15:13:17 +03:00 · 2025-04-09 16:20:48 +03:00 · 2025-04-09 15:09:35 +03:00
31 changed files with 20 additions and 113 deletions
--- a/docs/configuring-playbook-element-call.md
+++ b/docs/configuring-playbook-element-call.md
@@ -16,9 +16,8 @@ See the project's [documentation](https://github.com/element-hq/element-call) to
 ## Prerequisites
 - A [Synapse](configuring-playbook-synapse.md) homeserver (see the warning below)
- The [Matrix RTC (Real-Time Communication) stack](configuring-playbook-matrix-rtc.md) (automatically done when Element Call is enabled)
+- The [Matrix RTC (Real-Time Communication) stack](configuring-playbook-matrix-rtc.md)
 - A client compatible with Element Call. As of 2025-03-15, that's just [Element Web](configuring-playbook-client-element-web.md) and the Element X mobile clients (iOS and Android).
 - (Optional) Guest accounts being enabled for your Matrix server, if you'd like guests to be able to use Element Call. See [Allowing guests to use Element Call](#allowing-guests-to-use-element-call-optional)
 > [!WARNING]
 >  Because Element Call [requires](https://github.com/element-hq/element-call/blob/93ae2aed9841e0b066d515c56bd4c122d2b591b2/docs/self-hosting.md#a-matrix-homeserver) a few experimental features in the Matrix protocol, it's **very likely that it only works with the Synapse homeserver**.
@@ -28,7 +27,7 @@ See the project's [documentation](https://github.com/element-hq/element-call) to
 All clients that can currently use Element Call (Element Web and Element X on mobile) already embed the Element Call frontend within them.
 These **clients will use their own embedded Element Call frontend**, so **self-hosting the Element Call frontend by the playbook is largely unnecessary**.
-💡 A reason you may wish to continue installing the Element Call frontend (despite Matrix clients not making use of it), is if you need to use it standalone - directly via a browser (without a Matrix client). Note that unless you [allow guest accounts to use Element Call](#allowing-guests-to-use-element-call-optional), you will still need a Matrix user account **on the same homeserver** to be able to use Element Call.
+💡 A reason you may wish to continue installing the Element Call frontend (despite Matrix clients not making use of it), is if you need to use it standalone - directly via a browser (without a Matrix client).
 The playbook makes a distiction between enabling Element Call (`matrix_element_call_enabled`) and enabling the Matrix RTC Stack (`matrix_rtc_enabled`). Enabling Element Call automatically enables the Matrix RTC stack. Because installing the Element Call frontend is now unnecessary, **we recommend only installing the Matrix RTC stack, without the Element Call frontend**.
@@ -82,28 +81,6 @@ matrix_element_call_hostname: element-call.example.com
 > [!WARNING]
 > A `matrix_element_call_path_prefix` variable is also available and mean to let you configure a path prefix for the Element Call service, but [Element Call does not support running under a sub-path yet](https://github.com/element-hq/element-call/issues/3084).
 ### Allowing guests to use Element Call (optional)
 By default, Element Call can only be used by people having accounts on your Matrix server.
 If you'd like guests to be able to use Element Call as well, you need to enable guest accounts support for your homeserver.
 > [!WARNING]
 > Enabling guest accounts means that your homeserver's user database may get polluted with guest account signups (potentially made by bots).
 > Guest accounts should be limited in what (damage) they can do to your server and the rest of the Matrix ecosystem, but it's better to not enable them unless necessary.
 For [Synapse](configuring-playbook-synapse.md) (the default homeserver implementation), the configuration is like this:
 ```yml
 matrix_synapse_allow_guest_access: true
 ```
 For [Dendrite](configuring-playbook-dendrite.md), the configuration is like this:
 ```yml
 matrix_dendrite_guests_disabled: false
 ```
 ## Installing
 After configuring the playbook and potentially [adjusting your DNS records](#adjusting-dns-records) and [adjusting firewall rules](#adjusting-firewall-rules), run the playbook with [playbook tags](playbook-tags.md) as below:
--- a/docs/howto-srv-server-delegation.md
+++ b/docs/howto-srv-server-delegation.md
@@ -79,7 +79,7 @@ traefik_configuration_extension_yaml: |
            - "8.8.8.8:53"
        storage: {{ traefik_config_certificatesResolvers_acme_storage | to_json }}
-# 2. Configure the environment variables needed by Traefik to automate the ACME DNS Challenge (example for Cloudflare)
+# 2. Configure the environment variables needed by Rraefik to automate the ACME DNS Challenge (example for Cloudflare)
 traefik_environment_variables: |
  CF_API_EMAIL=redacted
  CF_ZONE_API_TOKEN=redacted
--- a/i18n/requirements.txt
+++ b/i18n/requirements.txt
@@ -30,4 +30,4 @@ sphinxcontrib-qthelp==2.0.0
 sphinxcontrib-serializinghtml==2.0.0
 tabulate==0.9.0
 uc-micro-py==1.0.3
-urllib3==2.4.0
+urllib3==2.3.0
--- a/requirements.yml
+++ b/requirements.yml
@@ -25,7 +25,7 @@
  version: v11.6.0-0
  name: grafana
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
-  version: v10184-0
+  version: v10169-0
  name: jitsi
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server.git
  version: v1.8.4-5
--- a/roles/custom/matrix-alertmanager-receiver/defaults/main.yml
+++ b/roles/custom/matrix-alertmanager-receiver/defaults/main.yml
@@ -11,7 +11,7 @@
 matrix_alertmanager_receiver_enabled: true
 # renovate: datasource=docker depName=docker.io/metio/matrix-alertmanager-receiver
-matrix_alertmanager_receiver_version: 2025.4.16
+matrix_alertmanager_receiver_version: 2025.3.26
 matrix_alertmanager_receiver_scheme: https
--- a/roles/custom/matrix-base/defaults/main.yml
+++ b/roles/custom/matrix-base/defaults/main.yml
@@ -48,9 +48,6 @@ matrix_bridges_encryption_enabled: false
 # Global var to make encryption default/optional across all bridges with encryption support
 matrix_bridges_encryption_default: "{{ matrix_bridges_encryption_enabled }}"
 # Global var for enabling msc4190 ( On supported bridges)
 matrix_bridges_msc4190_enabled: "{{ matrix_authentication_service_enabled and matrix_bridges_encryption_enabled and matrix_synapse_experimental_features_msc3202_device_masquerading_enabled }}"
 # Global var to enable/disable relay mode across all bridges with relay mode support
 matrix_bridges_relay_enabled: false
--- a/roles/custom/matrix-bot-baibot/defaults/main.yml
+++ b/roles/custom/matrix-bot-baibot/defaults/main.yml
@@ -17,7 +17,7 @@ matrix_bot_baibot_container_repo_version: "{{ 'main' if matrix_bot_baibot_versio
 matrix_bot_baibot_container_src_files_path: "{{ matrix_base_data_path }}/baibot/container-src"
 # renovate: datasource=docker depName=ghcr.io/etkecc/baibot
-matrix_bot_baibot_version: v1.6.0
+matrix_bot_baibot_version: v1.5.1
 matrix_bot_baibot_container_image: "{{ matrix_bot_baibot_container_image_registry_prefix }}etkecc/baibot:{{ matrix_bot_baibot_version }}"
 matrix_bot_baibot_container_image_registry_prefix: "{{ 'localhost/' if matrix_bot_baibot_container_image_self_build else matrix_bot_baibot_container_image_registry_prefix_upstream }}"
 matrix_bot_baibot_container_image_registry_prefix_upstream: "{{ matrix_bot_baibot_container_image_registry_prefix_upstream_default }}"
--- a/roles/custom/matrix-bot-honoroit/defaults/main.yml
+++ b/roles/custom/matrix-bot-honoroit/defaults/main.yml
@@ -30,7 +30,7 @@ matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}"
 matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
 # renovate: datasource=docker depName=ghcr.io/etkecc/honoroit
-matrix_bot_honoroit_version: v0.9.28
+matrix_bot_honoroit_version: v0.9.27
 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_registry_prefix }}etkecc/honoroit:{{ matrix_bot_honoroit_version }}"
 matrix_bot_honoroit_docker_image_registry_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else matrix_bot_honoroit_docker_image_registry_prefix_upstream }}"
 matrix_bot_honoroit_docker_image_registry_prefix_upstream: "{{ matrix_bot_honoroit_docker_image_registry_prefix_upstream_default }}"
--- a/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml
+++ b/roles/custom/matrix-bridge-heisenbridge/defaults/main.yml
@@ -19,7 +19,7 @@ matrix_heisenbridge_hostname: "{{ matrix_server_fqn_matrix }}"
 matrix_heisenbridge_path_prefix: "/heisenbridge"
 # renovate: datasource=docker depName=hif1/heisenbridge
-matrix_heisenbridge_version: 1.15.3
+matrix_heisenbridge_version: 1.15.2
 matrix_heisenbridge_docker_image: "{{ matrix_heisenbridge_docker_image_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
 matrix_heisenbridge_docker_image_registry_prefix: "{{ matrix_heisenbridge_docker_image_registry_prefix_upstream }}"
 matrix_heisenbridge_docker_image_registry_prefix_upstream: "{{ matrix_heisenbridge_docker_image_registry_prefix_upstream_default }}"
--- a/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-bluesky/defaults/main.yml
@@ -31,8 +31,6 @@ matrix_mautrix_bluesky_homeserver_address: ""
 matrix_mautrix_bluesky_homeserver_domain: '{{ matrix_domain }}'
 matrix_mautrix_bluesky_appservice_address: 'http://matrix-mautrix-bluesky:29340'
 matrix_mautrix_bluesky_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 # A public address that external services can use to reach this appservice.
 matrix_mautrix_bluesky_appservice_public_address: ''
@@ -189,7 +187,6 @@ matrix_mautrix_bluesky_registration_yaml: |
  rate_limited: false
  de.sorunome.msc2409.push_ephemeral: true
  receive_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_bluesky_msc4190_enabled | to_json }}
 matrix_mautrix_bluesky_registration: "{{ matrix_mautrix_bluesky_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-bluesky/templates/config.yaml.j2
@@ -209,6 +209,10 @@ appservice:
    # However, messages will not be guaranteed to be bridged in the same order they were sent in.
    # This value doesn't affect the registration file.
    async_transactions: false
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    msc4190: false
    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
    as_token: {{ matrix_mautrix_bluesky_appservice_token | to_json }}
@@ -354,11 +358,6 @@ encryption:
    # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
    # This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
    appservice: {{ matrix_mautrix_bluesky_bridge_encryption_appservice | to_json }}
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_bluesky_msc4190_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_bluesky_bridge_encryption_key_sharing_allow | to_json }}
--- a/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml
@@ -21,7 +21,7 @@ matrix_mautrix_discord_container_image_self_build_repo: "https://mau.dev/mautrix
 matrix_mautrix_discord_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_discord_version == 'latest' else matrix_mautrix_discord_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/discord
-matrix_mautrix_discord_version: v0.7.3
+matrix_mautrix_discord_version: v0.7.2
 # See: https://mau.dev/mautrix/discord/container_registry
 matrix_mautrix_discord_docker_image: "{{ matrix_mautrix_discord_docker_image_registry_prefix }}mautrix/discord:{{ matrix_mautrix_discord_version }}"
--- a/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml
@@ -36,8 +36,6 @@ matrix_mautrix_gmessages_homeserver_address: ""
 matrix_mautrix_gmessages_homeserver_domain: "{{ matrix_domain }}"
 matrix_mautrix_gmessages_appservice_address: "http://matrix-mautrix-gmessages:8080"
 matrix_mautrix_gmessages_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 matrix_mautrix_gmessages_backfill_enabled: true
 matrix_mautrix_gmessages_backfill_max_initial_messages: 50
 matrix_mautrix_gmessages_backfill_max_catchup_messages: 500
@@ -214,6 +212,5 @@ matrix_mautrix_gmessages_registration_yaml: |
      - exclusive: true
        regex: '^@{{ matrix_mautrix_gmessages_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_gmessages_homeserver_domain | regex_escape }}$'
  de.sorunome.msc2409.push_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_gmessages_msc4190_enabled | to_json }}
 matrix_mautrix_gmessages_registration: "{{ matrix_mautrix_gmessages_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-gmessages/templates/config.yaml.j2
@@ -354,11 +354,6 @@ encryption:
    # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
    # This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
    appservice: {{ matrix_mautrix_gmessages_bridge_encryption_appservice | to_json }}
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_gmessages_msc4190_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_gmessages_bridge_encryption_key_sharing_allow | to_json }}
--- a/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml
@@ -20,7 +20,7 @@ matrix_mautrix_meta_instagram_enabled: true
 matrix_mautrix_meta_instagram_identifier: matrix-mautrix-meta-instagram
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
-matrix_mautrix_meta_instagram_version: v0.4.6
+matrix_mautrix_meta_instagram_version: v0.4.5
 matrix_mautrix_meta_instagram_base_path: "{{ matrix_base_data_path }}/mautrix-meta-instagram"
 matrix_mautrix_meta_instagram_config_path: "{{ matrix_mautrix_meta_instagram_base_path }}/config"
@@ -123,8 +123,6 @@ matrix_mautrix_meta_instagram_appservice_address: "http://{{ matrix_mautrix_meta
 matrix_mautrix_meta_instagram_appservice_id: "{{ matrix_mautrix_meta_instagram_meta_mode }}"
 matrix_mautrix_meta_instagram_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 # For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons:
 # - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger
 # - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com`
@@ -299,6 +297,5 @@ matrix_mautrix_meta_instagram_registration_yaml: |
  sender_localpart: _bot_{{ matrix_mautrix_meta_instagram_appservice_username }}
  rate_limited: false
  de.sorunome.msc2409.push_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_meta_instagram_msc4190_enabled | to_json }}
 matrix_mautrix_meta_instagram_registration: "{{ matrix_mautrix_meta_instagram_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-meta-instagram/templates/config.yaml.j2
@@ -367,11 +367,6 @@ encryption:
    # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
    # This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
    appservice: {{ matrix_mautrix_meta_instagram_bridge_encryption_appservice | to_json }}
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_meta_instagram_msc4190_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_meta_instagram_bridge_encryption_allow_key_sharing | to_json }}
--- a/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml
@@ -20,7 +20,7 @@ matrix_mautrix_meta_messenger_enabled: true
 matrix_mautrix_meta_messenger_identifier: matrix-mautrix-meta-messenger
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/meta
-matrix_mautrix_meta_messenger_version: v0.4.6
+matrix_mautrix_meta_messenger_version: v0.4.5
 matrix_mautrix_meta_messenger_base_path: "{{ matrix_base_data_path }}/mautrix-meta-messenger"
 matrix_mautrix_meta_messenger_config_path: "{{ matrix_mautrix_meta_messenger_base_path }}/config"
@@ -123,8 +123,6 @@ matrix_mautrix_meta_messenger_appservice_address: "http://{{ matrix_mautrix_meta
 matrix_mautrix_meta_messenger_appservice_id: "{{ matrix_mautrix_meta_messenger_meta_mode }}"
 matrix_mautrix_meta_messenger_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 # For Facebook/Messenger, we use the same `@messengerbot:example.com` username regardless of how bridging happens for multiple reasons:
 # - it's consistent - regardless of how bridging happens, the bridged service is actually Messenger
 # - it's easy for users - you may change the mode, but the bot is always at `@messengerbot:example.com`
@@ -299,6 +297,5 @@ matrix_mautrix_meta_messenger_registration_yaml: |
  sender_localpart: _bot_{{ matrix_mautrix_meta_messenger_appservice_username }}
  rate_limited: false
  de.sorunome.msc2409.push_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_meta_messenger_msc4190_enabled | to_json }}
 matrix_mautrix_meta_messenger_registration: "{{ matrix_mautrix_meta_messenger_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-meta-messenger/templates/config.yaml.j2
@@ -367,11 +367,6 @@ encryption:
    # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
    # This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
    appservice: {{ matrix_mautrix_meta_messenger_bridge_encryption_appservice | to_json }}
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_meta_messenger_msc4190_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_meta_messenger_bridge_encryption_allow_key_sharing | to_json }}
--- a/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml
@@ -25,7 +25,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/
 matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
-matrix_mautrix_signal_version: v0.8.2
+matrix_mautrix_signal_version: v0.8.1
 # See: https://mau.dev/mautrix/signal/container_registry
 matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_registry_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}"
@@ -44,8 +44,6 @@ matrix_mautrix_signal_homeserver_address: ""
 matrix_mautrix_signal_homeserver_domain: "{{ matrix_domain }}"
 matrix_mautrix_signal_appservice_address: "http://matrix-mautrix-signal:8080"
 matrix_mautrix_signal_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 matrix_mautrix_signal_command_prefix: "!signal"
 matrix_mautrix_signal_bridge_permissions: |
@@ -212,7 +210,6 @@ matrix_mautrix_signal_registration_yaml: |
      - exclusive: true
        regex: '^@{{ matrix_mautrix_signal_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_signal_homeserver_domain | regex_escape }}$'
  de.sorunome.msc2409.push_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_signal_msc4190_enabled | to_json }}
 matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-signal/templates/config.yaml.j2
@@ -334,11 +334,6 @@ encryption:
    # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
    # This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
    appservice: false
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_signal_msc4190_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_signal_bridge_encryption_key_sharing_allow | to_json }}
--- a/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml
@@ -34,8 +34,6 @@ matrix_mautrix_slack_homeserver_address: ""
 matrix_mautrix_slack_homeserver_domain: "{{ matrix_domain }}"
 matrix_mautrix_slack_appservice_address: "http://matrix-mautrix-slack:8080"
 matrix_mautrix_slack_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 matrix_mautrix_slack_command_prefix: "!slack"
 matrix_mautrix_slack_bridge_permissions: |
@@ -153,7 +151,6 @@ matrix_mautrix_slack_registration_yaml: |
      - exclusive: true
        regex: '^@{{ matrix_mautrix_slack_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_slack_homeserver_domain | regex_escape }}$'
  de.sorunome.msc2409.push_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_slack_msc4190_enabled | to_json }}
 matrix_mautrix_slack_registration: "{{ matrix_mautrix_slack_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-slack/templates/config.yaml.j2
@@ -371,11 +371,6 @@ encryption:
    # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
    # This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
    appservice: false
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_slack_msc4190_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_slack_bridge_encryption_key_sharing_allow | to_json }}
--- a/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml
@@ -84,8 +84,6 @@ matrix_mautrix_telegram_appservice_public_external: '{{ matrix_mautrix_telegram_
 matrix_mautrix_telegram_appservice_bot_username: telegrambot
 matrix_mautrix_telegram_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 # Specifies the default log level for all bridge loggers.
 matrix_mautrix_telegram_logging_level: WARNING
@@ -241,7 +239,6 @@ matrix_mautrix_telegram_registration_yaml: |
  url: {{ matrix_mautrix_telegram_appservice_address }}
  rate_limited: false
  de.sorunome.msc2409.push_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_telegram_msc4190_enabled | to_json }}
 matrix_mautrix_telegram_registration: "{{ matrix_mautrix_telegram_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-telegram/templates/config.yaml.j2
@@ -269,11 +269,6 @@ bridge:
        default: {{ matrix_mautrix_telegram_bridge_encryption_default|to_json }}
        # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
        appservice: false
        # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
        # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
        # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
        # Changing this option requires updating the appservice registration file.
        msc4190:  {{ matrix_mautrix_telegram_msc4190_enabled | to_json }}
        # Require encryption, drop any unencrypted messages.
        require: false
        # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
--- a/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml
@@ -39,8 +39,6 @@ matrix_mautrix_twitter_homeserver_address: ""
 matrix_mautrix_twitter_homeserver_domain: '{{ matrix_domain }}'
 matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29327'
 matrix_mautrix_twitter_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 # A public address that external services can use to reach this appservice.
 matrix_mautrix_twitter_appservice_public_address: ''
@@ -198,7 +196,6 @@ matrix_mautrix_twitter_registration_yaml: |
  rate_limited: false
  de.sorunome.msc2409.push_ephemeral: true
  receive_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_twitter_msc4190_enabled | to_json }}
 matrix_mautrix_twitter_registration: "{{ matrix_mautrix_twitter_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-twitter/templates/config.yaml.j2
@@ -212,8 +212,7 @@ appservice:
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
-    # Changing this option requires updating the appservice registration file.
+    msc4190: false
    msc4190: {{ matrix_mautrix_twitter_msc4190_enabled | to_json }}
    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
    as_token: {{ matrix_mautrix_twitter_appservice_token | to_json }}
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
@@ -46,8 +46,6 @@ matrix_mautrix_whatsapp_homeserver_address: ""
 matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}"
 matrix_mautrix_whatsapp_appservice_address: "http://matrix-mautrix-whatsapp:8080"
 matrix_mautrix_whatsapp_msc4190_enabled: "{{ matrix_bridges_msc4190_enabled }}"
 matrix_mautrix_whatsapp_extev_polls: false
 matrix_mautrix_whatsapp_command_prefix: "!wa"
@@ -231,6 +229,5 @@ matrix_mautrix_whatsapp_registration_yaml: |
      - exclusive: true
        regex: '^@{{ matrix_mautrix_whatsapp_appservice_bot_username | regex_escape }}:{{ matrix_mautrix_whatsapp_homeserver_domain | regex_escape }}$'
  de.sorunome.msc2409.push_ephemeral: true
  io.element.msc4190: {{ matrix_mautrix_whatsapp_msc4190_enabled | to_json }}
 matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml | from_yaml }}"
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2
@@ -445,11 +445,6 @@ encryption:
    # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
    # This option is not yet compatible with standard Matrix servers like Synapse and should not be used.
    appservice: false
    # Whether to use MSC4190 instead of appservice login to create the bridge bot device.
    # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202.
    # Only relevant when using end-to-bridge encryption, required when using encryption with next-gen auth (MSC3861).
    # Changing this option requires updating the appservice registration file.
    msc4190: {{ matrix_mautrix_whatsapp_msc4190_enabled | to_json }}
    # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
    # You must use a client that supports requesting keys from other users to use this feature.
    allow_key_sharing: {{ matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow | to_json }}
--- a/roles/custom/matrix-dendrite/defaults/main.yml
+++ b/roles/custom/matrix-dendrite/defaults/main.yml
@@ -240,9 +240,6 @@ matrix_dendrite_client_api_rate_limiting_cooloff_ms: 500
 # Controls whether people with access to the homeserver can register by themselves.
 matrix_dendrite_client_api_registration_disabled: true
 # Controls whether guest accounts are disabled
 matrix_dendrite_guests_disabled: true
 # reCAPTCHA API for validating registration attempts
 matrix_dendrite_client_api_enable_registration_captcha: false
 matrix_dendrite_client_api_recaptcha_public_key: ""
--- a/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2
+++ b/roles/custom/matrix-dendrite/templates/dendrite.yaml.j2
@@ -189,7 +189,7 @@ client_api:
  # Prevents new guest accounts from being created. Guest registration is also
  # disabled implicitly by setting 'registration_disabled' above.
-  guests_disabled: {{ matrix_dendrite_guests_disabled | to_json }}
+  guests_disabled: true
  # If set, allows registration by anyone who knows the shared secret, regardless of
  # whether registration is otherwise disabled.
--- a/roles/custom/matrix-synapse-admin/defaults/main.yml
+++ b/roles/custom/matrix-synapse-admin/defaults/main.yml
@@ -25,7 +25,7 @@ matrix_synapse_admin_container_image_self_build: false
 matrix_synapse_admin_container_image_self_build_repo: "https://github.com/etkecc/synapse-admin.git"
 # renovate: datasource=docker depName=ghcr.io/etkecc/synapse-admin
-matrix_synapse_admin_version: v0.10.3-etke39
+matrix_synapse_admin_version: v0.10.3-etke38
 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_registry_prefix }}etkecc/synapse-admin:{{ matrix_synapse_admin_version }}"
 matrix_synapse_admin_docker_image_registry_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else matrix_synapse_admin_docker_image_registry_prefix_upstream }}"
 matrix_synapse_admin_docker_image_registry_prefix_upstream: "{{ matrix_synapse_admin_docker_image_registry_prefix_upstream_default }}"
Author	SHA1	Message	Date
Slavi Pantaleev	69e33575e2	Add Matrix RTC stack docs and rename variable for installing "just the Matrix RTC stack"	2025-04-09 16:20:48 +03:00
Slavi Pantaleev	64f7c2187d	Add support for easily installing the Element Call Stack, without the Element Call frontend	2025-04-09 15:09:35 +03:00