matrix-docker-ansible-deploy/docs/configuring-playbook-bot-mjolnir.md

133 lines
6 KiB
Markdown
Raw Normal View History

2021-03-24 03:46:08 +00:00
# Setting up Mjolnir (optional)
2021-04-02 22:55:46 +00:00
The playbook can install and configure the [Mjolnir](https://github.com/matrix-org/mjolnir) moderation bot for you.
2021-03-24 03:46:08 +00:00
See the project's [documentation](https://github.com/matrix-org/mjolnir) to learn what it does and why it might be useful to you.
## 1. Register the bot account
2021-03-24 03:46:08 +00:00
2021-04-02 22:55:46 +00:00
The playbook does not automatically create users for you. The bot requires an access token to be able to connect to your homeserver.
2021-03-24 03:46:08 +00:00
You **need to register the bot user manually** before setting up the bot.
Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`.
You can use the playbook to [register a new user](registering-users.md):
```
ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.mjolnir password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user
```
2021-04-03 06:12:06 +00:00
If you would like Mjolnir to be able to deactivate users, move aliases, shutdown rooms, etc then it must be a server admin so you need to change `admin=no` to `admin=yes` in the command above.
2021-04-02 23:26:50 +00:00
2021-04-02 22:55:46 +00:00
## 2. Get an access token
2021-03-24 03:46:08 +00:00
If you use curl, you can get an access token like this:
```
curl -X POST --header 'Content-Type: application/json' -d '{
2022-02-06 10:30:38 +00:00
"identifier": { "type": "m.id.user", "user": "bot.mjolnir" },
2021-03-24 03:46:08 +00:00
"password": "PASSWORD_FOR_THE_BOT",
"type": "m.login.password"
2021-04-02 23:26:50 +00:00
}' 'https://matrix.DOMAIN/_matrix/client/r0/login'
2021-03-24 03:46:08 +00:00
```
2021-04-02 22:55:46 +00:00
Alternatively, you can use a full-featured client (such as Element) to log in and get the access token from there (note: don't log out from the client as that will invalidate the token).
## 3. Make sure the account is free from rate limiting
2021-04-02 23:26:50 +00:00
You will need to prevent Synapse from rate limiting the bot's account. This is not an optional step. If you do not do this step Mjolnir will crash. [Currently there is no Synapse config option for this](https://github.com/matrix-org/synapse/issues/6286) so you have to manually edit the Synapse database. Manually editing the Synapse database is rarely a good idea but in this case it is required. Please ask for help if you are uncomfortable with these steps.
2021-04-02 22:55:46 +00:00
1. Copy the statement below into a text editor.
```
2021-04-08 18:32:44 +00:00
INSERT INTO ratelimit_override VALUES ('@bot.mjolnir:DOMAIN', 0, 0);
2021-04-02 22:55:46 +00:00
```
1. Change the username (`@bot.mjolnir:DOMAIN`) to the username you used when you registered the bot's account. You must change `DOMAIN` to your server's domain.
2021-04-02 23:11:05 +00:00
1. Get a database terminal by following these steps: [maintenance-postgres.md#getting-a-database-terminal](maintenance-postgres.md#getting-a-database-terminal)
2021-03-24 03:46:08 +00:00
2021-04-02 22:55:46 +00:00
1. Connect to Synapse's database by typing `\connect synapse` into the database terminal
2021-03-24 03:46:08 +00:00
2021-04-02 22:55:46 +00:00
1. Paste in the `INSERT INTO` command that you edited and press enter.
2021-03-24 03:46:08 +00:00
2021-04-02 22:55:46 +00:00
You can run `SELECT * FROM ratelimit_override;` to see if it worked. If the output looks like this:
2021-03-24 03:46:08 +00:00
```
2021-04-02 22:55:46 +00:00
user_id | messages_per_second | burst_count
-----------------------+---------------------+-------------
@bot.mjolnir:raim.ist | 0 | 0`
2021-03-24 03:46:08 +00:00
```
2021-04-02 22:55:46 +00:00
then you did it correctly.
2021-03-24 03:46:08 +00:00
2021-04-02 23:26:50 +00:00
## 4. Create a management room
2021-04-02 22:55:46 +00:00
Using your own account, create a new invite only room that you will use to manage the bot. This is the room where you will see the status of the bot and where you will send commands to the bot, such as the command to ban a user from another room. Anyone in this room can control the bot so it is important that you only invite trusted users to this room. The room must be unencrypted since the playbook does not support installing Pantalaimon yet.
2021-04-02 22:55:46 +00:00
Once you have created the room you need to copy the room ID so you can tell the bot to use that room. In Element you can do this by going to the room's settings, clicking Advanced, and then coping the internal room ID. The room ID will look something like `!QvgVuKq0ha8glOLGMG:DOMAIN`.
Finally invite the `@bot.mjolnir:DOMAIN` account you created earlier into the room.
2021-04-02 23:26:50 +00:00
## 5. Adjusting the playbook configuration
2021-03-24 03:46:08 +00:00
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs):
You must replace `ACCESS_TOKEN_FROM_STEP_2_GOES_HERE` and `ROOM_ID_FROM_STEP_4_GOES_HERE` with the your own values.
2021-04-02 22:55:46 +00:00
2021-03-24 03:46:08 +00:00
```yaml
2021-04-02 22:55:46 +00:00
matrix_bot_mjolnir_enabled: true
matrix_bot_mjolnir_access_token: "ACCESS_TOKEN_FROM_STEP_2_GOES_HERE"
matrix_bot_mjolnir_management_room: "ROOM_ID_FROM_STEP_4_GOES_HERE"
2021-03-24 03:46:08 +00:00
```
2021-05-25 14:59:49 +00:00
## 6. Adding mjolnir synapse antispam module (optional)
2021-03-24 03:46:08 +00:00
2021-05-25 14:59:49 +00:00
Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs):
```yaml
matrix_synapse_ext_spam_checker_mjolnir_antispam_enabled: true
matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_invites: true
matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_messages: false
matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames: false
matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: []
```
## 7. Installing
2021-03-24 03:46:08 +00:00
2021-04-02 22:55:46 +00:00
After configuring the playbook, run the [installation](installing.md) command:
2021-03-24 03:46:08 +00:00
```
ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
```
## Usage
2021-04-02 22:55:46 +00:00
You can refer to the upstream [documentation](https://github.com/matrix-org/mjolnir) for additional ways to use and configure mjolnir. Check out their [quickstart guide](https://github.com/matrix-org/mjolnir#quickstart-guide) for some basic commands you can give to the bot.
You can configure additional options by adding the `matrix_bot_mjolnir_configuration_extension_yaml` variable to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file.
For example to change mjolnir's `recordIgnoredInvites` option to `true` you would add the following to your `vars.yml` file.
2021-03-24 03:46:08 +00:00
2021-04-02 22:55:46 +00:00
```yaml
matrix_bot_mjolnir_configuration_extension_yaml: |
# Your custom YAML configuration goes here.
# This configuration extends the default starting configuration (`matrix_bot_mjolnir_configuration_yaml`).
#
# You can override individual variables from the default configuration, or introduce new ones.
#
# If you need something more special, you can take full control by
# completely redefining `matrix_bot_mjolnir_configuration_yaml`.
recordIgnoredInvites: true
```