From 61fffa169c63e042549b7ac99dda533945ca0d69 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 8 Apr 2020 19:08:15 +0300 Subject: [PATCH 01/14] Use Jitsi STUN servers instead of Google ones These are some new defaults that we switch to, to follow upstream changes: - https://github.com/jitsi/docker-jitsi-meet/commit/264df04 - https://github.com/jitsi/jitsi-meet/commit/3121494d4b149108bd94185e2a4b22b8eafdc794 --- group_vars/matrix_servers | 2 +- roles/matrix-jitsi/defaults/main.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index e9dbffb5..ef753e17 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -416,7 +416,7 @@ matrix_jitsi_web_stun_servers: | matrix_server_fqn_matrix + ':3478', ] if matrix_coturn_enabled - else [ 'stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302'] + else [ 'meet-jit-si-turnrelay.jitsi.net:443'] }} ###################################################################### diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 83511c4c..44a279c7 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -38,7 +38,7 @@ matrix_jitsi_web_transcripts_path: "{{ matrix_jitsi_web_base_path }}/transcripts matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}" # STUN servers used in the web UI. Feel free to point them to your own STUN server. -matrix_jitsi_web_stun_servers: ['stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302'] +matrix_jitsi_web_stun_servers: ['meet-jit-si-turnrelay.jitsi.net:443'] # Controls whether the matrix-jitsi-web container exposes its HTTP port (tcp/80 in the container). # @@ -120,7 +120,7 @@ matrix_jitsi_jvb_auth_password: '' # STUN servers used by JVB on the server-side, so it can discover its own external IP address. # Pointing this to a STUN server running on the same Docker network may lead to incorrect IP address discovery. -matrix_jitsi_jvb_stun_servers: ['stun.l.google.com:19302', 'stun1.l.google.com:19302', 'stun2.l.google.com:19302'] +matrix_jitsi_jvb_stun_servers: ['meet-jit-si-turnrelay.jitsi.net:443'] matrix_jitsi_jvb_brewery_muc: jvbbrewery matrix_jitsi_jvb_rtp_udp_port: 10000 From 110720714756d39b6e72859eb4371fd81be2c8b9 Mon Sep 17 00:00:00 2001 From: Rodrigo Belem Date: Mon, 16 Mar 2020 20:33:11 -0400 Subject: [PATCH 02/14] Initial mx-puppet-skype bridge role --- group_vars/matrix_servers | 29 +++ .../defaults/main.yml | 209 ++++++++++++++++++ .../tasks/init.yml | 23 ++ .../tasks/main.yml | 21 ++ .../tasks/setup_install.yml | 93 ++++++++ .../tasks/setup_uninstall.yml | 24 ++ .../tasks/validate_config.yml | 10 + .../systemd/matrix-mx-puppet-skype.service.j2 | 38 ++++ setup.yml | 1 + 9 files changed, 448 insertions(+) create mode 100644 roles/matrix-bridge-mx-puppet-skype/defaults/main.yml create mode 100644 roles/matrix-bridge-mx-puppet-skype/tasks/init.yml create mode 100644 roles/matrix-bridge-mx-puppet-skype/tasks/main.yml create mode 100644 roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml create mode 100644 roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml create mode 100644 roles/matrix-bridge-mx-puppet-skype/tasks/validate_config.yml create mode 100644 roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ef753e17..a1fb3740 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -290,6 +290,35 @@ matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_pro ###################################################################### +###################################################################### +# +# matrix-bridge-mx-puppet-skype +# +###################################################################### + +# We don't enable bridges by default. +matrix_mx_puppet_skype_enabled: false + +matrix_mx_puppet_skype_systemd_required_services_list: | + {{ + ['docker.service'] + + + (['matrix-synapse.service'] if matrix_synapse_enabled else []) + }} + +matrix_mx_puppet_skype_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'whats.as.token') | to_uuid }}" + +matrix_mx_puppet_skype_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'whats.hs.token') | to_uuid }}" + +matrix_mx_puppet_skype_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" + +###################################################################### +# +# /matrix-bridge-mx-puppet-skype +# +###################################################################### + + ###################################################################### # # matrix-corporal diff --git a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml new file mode 100644 index 00000000..9eb2c964 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml @@ -0,0 +1,209 @@ +# Mx Puppet Skype is a Matrix <-> Skype bridge +# See: https://github.com/Sorunome/mx-puppet-skype + +matrix_mx_puppet_skype_enabled: true + +matrix_mx_puppet_skype_container_image_self_build: false + +matrix_mx_puppet_skype_docker_image: "sorunome/mx-puppet-skype:latest" +matrix_mx_puppet_skype_docker_image_force_pull: "{{ matrix_mx_puppet_skype_docker_image.endswith(':latest') }}" + +matrix_mx_puppet_skype_base_path: "{{ matrix_base_data_path }}/mx-puppet-skype" +matrix_mx_puppet_skype_config_path: "{{ matrix_mx_puppet_skype_base_path }}/data" +matrix_mx_puppet_skype_data_path: "{{ matrix_mx_puppet_skype_base_path }}/data" +matrix_mx_puppet_skype_docker_src_files_path: "{{ matrix_mx_puppet_skype_base_path }}/docker-src" + +matrix_mx_puppet_skype_appservice_port: "6000" + +matrix_mx_puppet_skype_homeserver_address: 'http://matrix-synapse:8008' +matrix_mx_puppet_skype_homeserver_domain: '{{ matrix_domain }}' +matrix_mx_puppet_skype_appservice_address: 'http://matrix-mx-puppet-skype:{{ matrix_mx_puppet_skype_appservice_port }}' + +# A list of extra arguments to pass to the container +matrix_mx_puppet_skype_container_extra_arguments: [] + +# List of systemd services that matrix-puppet-skype.service depends on. +matrix_mx_puppet_skype_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-puppet-skype.service wants +matrix_mx_puppet_skype_systemd_wanted_services_list: [] + +matrix_mx_puppet_skype_appservice_token: '' +matrix_mx_puppet_skype_homeserver_token: '' + +# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). +matrix_mx_puppet_skype_login_shared_secret: '' + +# Default configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_mx_puppet_skype_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_mx_puppet_skype_configuration_yaml: | + #jinja2: lstrip_blocks: "True" + bridge: + # Address for the bridge to bind to; if running as a Docker container, you + # probably want 0.0.0.0 here + bindAddress: 0.0.0.0 + # Port to host the bridge on which your homeserver will connect to + port: {{ matrix_mx_puppet_skype_appservice_port }} + # Name of your homeserver + domain: {{ matrix_mx_puppet_skype_homeserver_domain }} + # URL where the bridge can connect to your homeserver + homeserverUrl: {{ matrix_mx_puppet_skype_homeserver_address }} + # Optionally specify a different media URL used for the media store + mediaURL: https://{{ matrix_server_fqn_matrix }} + # This enabled automatic double-puppeting: + # A map for shared secrets of the homeserver URL to the shared secret + # See https://github.com/devture/matrix-synapse-shared-secret-auth + #loginSharedSecretMap: + # yourserver.com: supersecretsharedsecret + {% if matrix_mx_puppet_skype_login_shared_secret != '' %} + loginSharedSecretMap: + {{ matrix_mx_puppet_skype_homeserver_domain }}: {{ matrix_mx_puppet_skype_login_shared_secret }} + {% endif %} + # optionally override the display name of the bridge bot + #displayname: Protocol Bot + # optionally set the avatar of the bridge bot + #avatarUrl: mxc://yourserver.com/somefile + + logging: + # Log level of console output + # Allowed values starting with most verbose: + # silly, debug, verbose, info, warn, error + console: info + # Optionally, you can apply filters to the console logging + #console: + # level: info + # enabled: + # - Store + # disabled: + # - PresenceHandler + + # Date and time formatting + lineDateFormat: MMM-D HH:mm:ss.SSS + # Logging files + # Log files are rotated daily by default + files: + # Log file path + - file: "/data/bridge.log" + # Log level for this file + # Allowed values starting with most verbose: + # silly, debug, verbose, info, warn, error + level: info + # Date and time formatting + datePattern: YYYY-MM-DD + # Maximum number of logs to keep. + # This can be a number of files or number of days. + # If using days, add 'd' as a suffix + maxFiles: 14d + # Maximum size of the file after which it will rotate. This can be a + # number of bytes, or units of kb, mb, and gb. If using the units, add + # 'k', 'm', or 'g' as the suffix + maxSize: 50m + # Optionally enable/disable logging for certain modules + #disabled: + # - PresenceHandler + # - module: bot-sdk-MatrixLiteClient + # regex: /_matrix/client/r0/presence/ # this regex needs to match to disable the log + #enabled: + # - Store + + database: + # Use Postgres as a database backend + # If set, will be used instead of SQLite3 + # Connection string to connect to the Postgres instance + # with username "user", password "pass", host "localhost" and database name "dbname". + # Modify each value as necessary + #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" + # Use SQLite3 as a database backend + # The name of the database file + filename: /data/database.db + + provisioning: + # Regex of Matrix IDs allowed to use the puppet bridge + whitelist: + # Allow a specific user + #- "@user:server\\.com" + # Allow users on a specific homeserver + - '@.*:{{ matrix_mx_puppet_skype_homeserver_domain | regex_escape }}' + # Allow anyone + #- ".*" + # Regex of Matrix IDs forbidden from using the puppet bridge + #blacklist: + # Disallow a specific user + #- "@user:server\\.com" + # Disallow users on a specific homeserver + #- "@.*:yourserver\\.com" + + presence: + # Bridge online/offline status + enabled: true + # How often to send status to the homeserver in milliseconds + interval: 500 + # if the im.vector.user_status state setting should be diabled + #disableStatusState: false + # A blacklist of remote user IDs for the im.vector.user_status state setting + #statusStateBlacklist: + # - baduser + + relay: + # Regex of Matrix IDs to allow to use the relay mode + # Same format as in provisioning + whitelist: + - '@.*:{{ matrix_mx_puppet_skype_homeserver_domain | regex_escape }}' + #blacklist: + #- "@user:yourserver\\.com" + + # Map certain homeserver URLs to the C-S API endpoint + # Useful for double-puppeting if .well-known is unavailable for some reason + #homeserverUrlMap: + # yourserver.com: http://localhost:1234 + + namePatterns: + # Override the protocols set default name patterns + # Which variables are available depends on protocol implementation + user: :name + room: :name + + limits: + # Up to how many users should be auto-joined on room creation? -1 to disable + # Defaults to 200 + maxAutojoinUsers: 200 + # How long the delay between two autojoin users should be, in millisectonds. + # Defaults to 5000 + roomUserAutojoinDelay: 5000 + +matrix_mx_puppet_skype_configuration_extension_yaml: | + # Your custom YAML configuration goes here. + # This configuration extends the default starting configuration (`matrix_mx_puppet_skype_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_mx_puppet_skype_configuration_yaml`. + +matrix_mx_puppet_skype_configuration_extension: "{{ matrix_mx_puppet_skype_configuration_extension_yaml|from_yaml if matrix_mx_puppet_skype_configuration_extension_yaml|from_yaml is mapping else {} }}" + +# Holds the final configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_mx_puppet_skype_configuration_yaml`. +matrix_mx_puppet_skype_configuration: "{{ matrix_mx_puppet_skype_configuration_yaml|from_yaml|combine(matrix_mx_puppet_skype_configuration_extension, recursive=True) }}" + +matrix_mx_puppet_skype_registration_yaml: | + as_token: "{{ matrix_mx_puppet_skype_appservice_token }}" + hs_token: "{{ matrix_mx_puppet_skype_homeserver_token }}" + id: skype-puppet + namespaces: + users: + - exclusive: true + regex: '@_skypepuppet_.*:{{ matrix_mx_puppet_skype_homeserver_domain|regex_escape }}' + rooms: [] + aliases: + - exclusive: true + regex: '#_skypepuppet_.*:{{ matrix_mx_puppet_skype_homeserver_domain|regex_escape }}' + protocols: [] + rate_limited: false + sender_localpart: _skypepuppet_bot + url: {{ matrix_mx_puppet_skype_appservice_address }} + +matrix_mx_puppet_skype_registration: "{{ matrix_mx_puppet_skype_registration_yaml|from_yaml }}" diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml new file mode 100644 index 00000000..099baa07 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml @@ -0,0 +1,23 @@ +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mx-puppet-skype'] }}" + when: matrix_mx_puppet_skype_enabled|bool + +# If the matrix-synapse role is not used, these variables may not exist. +- set_fact: + matrix_synapse_container_extra_arguments: > + {{ matrix_synapse_container_extra_arguments|default([]) }} + + + ["--mount type=bind,src={{ matrix_mx_puppet_skype_config_path }}/skype-registration.yaml,dst=/matrix-mx-puppet-skype-registration.yaml,ro"] + + matrix_synapse_app_service_config_files: > + {{ matrix_synapse_app_service_config_files|default([]) }} + + + {{ ["/matrix-mx-puppet-skype-registration.yaml"] }} + when: matrix_mx_puppet_skype_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Puppet Skype image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_skype_container_image_self_build" diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/main.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/main.yml new file mode 100644 index 00000000..01ddd7d8 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/main.yml @@ -0,0 +1,21 @@ +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup|bool and matrix_mx_puppet_skype_enabled|bool" + tags: + - setup-all + - setup-mx-puppet-skype + +- import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup|bool and matrix_mx_puppet_skype_enabled|bool" + tags: + - setup-all + - setup-mx-puppet-skype + +- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup|bool and not matrix_mx_puppet_skype_enabled|bool" + tags: + - setup-all + - setup-mx-puppet-skype diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml new file mode 100644 index 00000000..46e37112 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml @@ -0,0 +1,93 @@ +--- + +# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. +# We don't want to fail in such cases. +- name: Fail if matrix-synapse role already executed + fail: + msg: >- + The matrix-bridge-mx-puppet-skype role needs to execute before the matrix-synapse role. + when: "matrix_synapse_role_executed|default(False)" + +- name: Ensure MX Puppet Skype image is pulled + docker_image: + name: "{{ matrix_mx_puppet_skype_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_mx_puppet_skype_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_skype_docker_image_force_pull }}" + when: matrix_mx_puppet_skype_enabled|bool and not matrix_mx_puppet_skype_container_image_self_build + +- name: Ensure MX Puppet Skype paths exist + file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + with_items: + - { path: "{{ matrix_mx_puppet_skype_base_path }}", when: true } + - { path: "{{ matrix_mx_puppet_skype_config_path }}", when: true } + - { path: "{{ matrix_mx_puppet_skype_data_path }}", when: true } + - { path: "{{ matrix_mx_puppet_skype_docker_src_files_path }}", when: "{{ matrix_mx_puppet_skype_container_image_self_build }}" } + when: matrix_mx_puppet_skype_enabled|bool and item.when|bool + +- name: Ensure MX Puppet Skype repository is present on self build + git: + repo: https://github.com/Sorunome/mx-puppet-skype.git + dest: "{{ matrix_mx_puppet_skype_docker_src_files_path }}" + force: "yes" + when: "matrix_mx_puppet_skype_enabled|bool and matrix_mx_puppet_skype_container_image_self_build" + +- name: Ensure MX Puppet Skype Docker image is built + docker_image: + name: "{{ matrix_mx_puppet_skype_docker_image }}" + source: build + build: + dockerfile: Dockerfile + path: "{{ matrix_mx_puppet_skype_docker_src_files_path }}" + pull: yes + when: "matrix_mx_puppet_skype_enabled|bool and matrix_mx_puppet_skype_container_image_self_build" + +- name: Check if an old database file already exists + stat: + path: "{{ matrix_mx_puppet_skype_base_path }}/database.db" + register: matrix_mx_puppet_skype_stat_database + +- name: (Data relocation) Ensure matrix-mx-puppet-skype.service is stopped + service: + name: matrix-mx-puppet-skype + state: stopped + daemon_reload: yes + failed_when: false + when: "matrix_mx_puppet_skype_stat_database.stat.exists" + +- name: (Data relocation) Move mx-puppet-skype database file to ./data directory + command: "mv {{ matrix_mx_puppet_skype_base_path }}/database.db {{ matrix_mx_puppet_skype_data_path }}/database.db" + when: "matrix_mx_puppet_skype_stat_database.stat.exists" + +- name: Ensure mx-puppet-skype config.yaml installed + copy: + content: "{{ matrix_mx_puppet_skype_configuration|to_nice_yaml }}" + dest: "{{ matrix_mx_puppet_skype_config_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + +- name: Ensure mx-puppet-skype skype-registration.yaml installed + copy: + content: "{{ matrix_mx_puppet_skype_registration|to_nice_yaml }}" + dest: "{{ matrix_mx_puppet_skype_config_path }}/skype-registration.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_username }}" + +- name: Ensure matrix-mx-puppet-skype.service installed + template: + src: "{{ role_path }}/templates/systemd/matrix-mx-puppet-skype.service.j2" + dest: "/etc/systemd/system/matrix-mx-puppet-skype.service" + mode: 0644 + register: matrix_mx_puppet_skype_systemd_service_result + +- name: Ensure systemd reloaded after matrix-mx-puppet-skype.service installation + service: + daemon_reload: yes + when: "matrix_mx_puppet_skype_systemd_service_result.changed" diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml new file mode 100644 index 00000000..72b3a945 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_uninstall.yml @@ -0,0 +1,24 @@ +--- + +- name: Check existence of matrix-mx-puppet-skype service + stat: + path: "/etc/systemd/system/matrix-mx-puppet-skype.service" + register: matrix_mx_puppet_skype_service_stat + +- name: Ensure matrix-mx-puppet-skype is stopped + service: + name: matrix-mx-puppet-skype + state: stopped + daemon_reload: yes + when: "matrix_mx_puppet_skype_service_stat.stat.exists" + +- name: Ensure matrix-mx-puppet-skype.service doesn't exist + file: + path: "/etc/systemd/system/matrix-mx-puppet-skype.service" + state: absent + when: "matrix_mx_puppet_skype_service_stat.stat.exists" + +- name: Ensure systemd reloaded after matrix-mx-puppet-skype.service removal + service: + daemon_reload: yes + when: "matrix_mx_puppet_skype_service_stat.stat.exists" diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/validate_config.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/validate_config.yml new file mode 100644 index 00000000..7ed433b1 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/validate_config.yml @@ -0,0 +1,10 @@ +--- + +- name: Fail if required settings not defined + fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_mx_puppet_skype_appservice_token" + - "matrix_mx_puppet_skype_homeserver_token" diff --git a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 new file mode 100644 index 00000000..de0c9d20 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 @@ -0,0 +1,38 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix Mx Puppet Skype server +{% for service in matrix_mx_puppet_skype_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_mx_puppet_skype_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} + +[Service] +Type=simple +ExecStartPre=-/usr/bin/docker kill matrix-mx-puppet-skype +ExecStartPre=-/usr/bin/docker rm matrix-mx-puppet-skype + +# Intentional delay, so that the homeserver (we likely depend on) can manage to start. +ExecStartPre=/bin/sleep 5 + +ExecStart=/usr/bin/docker run --rm --name matrix-mx-puppet-skype \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_docker_network }} \ + -v {{ matrix_mx_puppet_skype_data_path }}:/data:z \ + {% for arg in matrix_mx_puppet_skype_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_mx_puppet_skype_docker_image }} + +ExecStop=-/usr/bin/docker kill matrix-mx-puppet-skype +ExecStop=-/usr/bin/docker rm matrix-mx-puppet-skype +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-mx-puppet-skype + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 5baee8f3..bca4b240 100755 --- a/setup.yml +++ b/setup.yml @@ -16,6 +16,7 @@ - matrix-bridge-mautrix-hangouts - matrix-bridge-mautrix-telegram - matrix-bridge-mautrix-whatsapp + - matrix-bridge-mx-puppet-skype - matrix-synapse - matrix-riot-web - matrix-jitsi From 53f893b77e7ab5d31413a85ff76d52a8575b6184 Mon Sep 17 00:00:00 2001 From: Rodrigo Belem Date: Wed, 8 Apr 2020 13:18:02 -0400 Subject: [PATCH 03/14] Add documentations for the mx-puppet-skype bridge --- ...iguring-playbook-bridge-mx-bridge-skype.md | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 docs/configuring-playbook-bridge-mx-bridge-skype.md diff --git a/docs/configuring-playbook-bridge-mx-bridge-skype.md b/docs/configuring-playbook-bridge-mx-bridge-skype.md new file mode 100644 index 00000000..f39ce51e --- /dev/null +++ b/docs/configuring-playbook-bridge-mx-bridge-skype.md @@ -0,0 +1,32 @@ +# Setting up MX Puppet Skype (optional) + +The playbook can install and configure +[mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) for you. + +See the project's +[documentation](https://github.com/tulir/mautrix-hangouts/wiki#usage) to learn +what it does and why it might be useful to you. + +To enable the [Skype](https://www.skype.com/) bridge just use the following +playbook configuration: + + +```yaml +matrix_mx_puppet_skype_enabled: true +``` + + +## Usage + +Once the bot is enabled you need to start a chat with `Skype Puppet Bridge` with +the handle `@_skypepuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base +domain, not the `matrix.` domain). + +Send `link ` to the bridge bot to link your skype account. + +Once logged in, send `list` to the bot user to list the available rooms. + +Clicking rooms in the list will result in you receiving an invitation to the +bridged room. + +Also send `help` to the bot to see the commands available. From 67a5ef97ba34d8cc4a865783f657832d0148f4d6 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 09:16:10 +0300 Subject: [PATCH 04/14] Fix missing "stun:" prefix for jitsi/web STUN server URLs Hopefully fixes an error like this (which I haven't been able to reproduce, but..): > [modules/xmpp/strophe.util.js] : Strophe: Error: Failed to construct 'RTCPeerConnection': 'matrix.DOMAIN' is not one of the supported URL schemes 'stun', 'turn' or 'turns'. --- group_vars/matrix_servers | 6 +++--- roles/matrix-jitsi/defaults/main.yml | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ef753e17..5841b20c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -412,11 +412,11 @@ matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | passwor matrix_jitsi_web_stun_servers: | {{ [ - matrix_server_fqn_matrix + ':5349', - matrix_server_fqn_matrix + ':3478', + 'stun:' + matrix_server_fqn_matrix + ':5349', + 'stun:' + matrix_server_fqn_matrix + ':3478', ] if matrix_coturn_enabled - else [ 'meet-jit-si-turnrelay.jitsi.net:443'] + else [ 'stun:meet-jit-si-turnrelay.jitsi.net:443'] }} ###################################################################### diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 44a279c7..fb9242ed 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -38,7 +38,8 @@ matrix_jitsi_web_transcripts_path: "{{ matrix_jitsi_web_base_path }}/transcripts matrix_jitsi_web_public_url: "https://{{ matrix_server_fqn_jitsi }}" # STUN servers used in the web UI. Feel free to point them to your own STUN server. -matrix_jitsi_web_stun_servers: ['meet-jit-si-turnrelay.jitsi.net:443'] +# Addresses need to be prefixed with one of `stun:`, `turn:` or `turns:`. +matrix_jitsi_web_stun_servers: ['stun:meet-jit-si-turnrelay.jitsi.net:443'] # Controls whether the matrix-jitsi-web container exposes its HTTP port (tcp/80 in the container). # From 4e9976d559418ae9747ec7b255c2bab126dc309b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 09:26:03 +0300 Subject: [PATCH 05/14] Rename documentation file --- ...kype.md => configuring-playbook-bridge-mx-puppet-skype.md} | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) rename docs/{configuring-playbook-bridge-mx-bridge-skype.md => configuring-playbook-bridge-mx-puppet-skype.md} (84%) diff --git a/docs/configuring-playbook-bridge-mx-bridge-skype.md b/docs/configuring-playbook-bridge-mx-puppet-skype.md similarity index 84% rename from docs/configuring-playbook-bridge-mx-bridge-skype.md rename to docs/configuring-playbook-bridge-mx-puppet-skype.md index f39ce51e..cca5e305 100644 --- a/docs/configuring-playbook-bridge-mx-bridge-skype.md +++ b/docs/configuring-playbook-bridge-mx-puppet-skype.md @@ -3,9 +3,7 @@ The playbook can install and configure [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) for you. -See the project's -[documentation](https://github.com/tulir/mautrix-hangouts/wiki#usage) to learn -what it does and why it might be useful to you. +See the project page to learn what it does and why it might be useful to you. To enable the [Skype](https://www.skype.com/) bridge just use the following playbook configuration: From 5b8f8bc9420e23a91c15bfe7408546b6d6a46902 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 09:33:30 +0300 Subject: [PATCH 06/14] Announce Skype bridging --- CHANGELOG.md | 9 +++++++++ README.md | 2 ++ docs/configuring-playbook.md | 2 ++ 3 files changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index af2c8910..b849ef35 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2020-04-09 + +## Skype bridging support + +Thanks to [Rodrigo Belem](https://github.com/rbelem)'s efforts, the playbook now supports bridging to [Skype](https://www.skype.com) via the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge. + +See our [Setting up MX Puppet Skype bridging](docs/configuring-playbook-bridge-mx-puppet-skype.md) documentation page for getting started. + + # 2020-04-05 ## Private Jitsi support diff --git a/README.md b/README.md index b16a8dfe..43125026 100644 --- a/README.md +++ b/README.md @@ -144,6 +144,8 @@ This playbook sets up your server using the following Docker images: - [turt2live/matrix-appservice-webhooks](https://hub.docker.com/r/turt2live/matrix-appservice-webhooks) - the [Appservice Webhooks](https://github.com/turt2live/matrix-appservice-webhooks) bridge (optional) +- [sorunome/mx-puppet-skype](https://hub.docker.com/r/sorunome/mx-puppet-skype) - the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge to [Skype](https:/www.skype.com) (optional) + - [turt2live/matrix-dimension](https://hub.docker.com/r/turt2live/matrix-dimension) - the [Dimension](https://dimension.t2bot.io/) integrations manager (optional) - [jitsi/web](https://hub.docker.com/r/jitsi/web) - the [Jitsi](https://jitsi.org/) web UI (optional) diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 4d0d2093..af00f7c0 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -97,4 +97,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional) +- [Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md) (optional) + - [Setting up Email2Matrix](configuring-playbook-email2matrix.md) (optional) From c1a66d3422c3b0a1676ba6358fc182668de8f4c3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 09:44:10 +0300 Subject: [PATCH 07/14] Put mx-puppet-skype configs in ./config directory, not ./data --- roles/matrix-bridge-mx-puppet-skype/defaults/main.yml | 2 +- roles/matrix-bridge-mx-puppet-skype/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml | 2 +- .../templates/systemd/matrix-mx-puppet-skype.service.j2 | 3 +++ 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml index 9eb2c964..d4df2f0d 100644 --- a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mx_puppet_skype_docker_image: "sorunome/mx-puppet-skype:latest" matrix_mx_puppet_skype_docker_image_force_pull: "{{ matrix_mx_puppet_skype_docker_image.endswith(':latest') }}" matrix_mx_puppet_skype_base_path: "{{ matrix_base_data_path }}/mx-puppet-skype" -matrix_mx_puppet_skype_config_path: "{{ matrix_mx_puppet_skype_base_path }}/data" +matrix_mx_puppet_skype_config_path: "{{ matrix_mx_puppet_skype_base_path }}/config" matrix_mx_puppet_skype_data_path: "{{ matrix_mx_puppet_skype_base_path }}/data" matrix_mx_puppet_skype_docker_src_files_path: "{{ matrix_mx_puppet_skype_base_path }}/docker-src" diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml index 099baa07..801c71c2 100644 --- a/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml @@ -7,7 +7,7 @@ matrix_synapse_container_extra_arguments: > {{ matrix_synapse_container_extra_arguments|default([]) }} + - ["--mount type=bind,src={{ matrix_mx_puppet_skype_config_path }}/skype-registration.yaml,dst=/matrix-mx-puppet-skype-registration.yaml,ro"] + ["--mount type=bind,src={{ matrix_mx_puppet_skype_config_path }}/registration.yaml,dst=/matrix-mx-puppet-skype-registration.yaml,ro"] matrix_synapse_app_service_config_files: > {{ matrix_synapse_app_service_config_files|default([]) }} diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml index 46e37112..894b0a9b 100644 --- a/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml @@ -75,7 +75,7 @@ - name: Ensure mx-puppet-skype skype-registration.yaml installed copy: content: "{{ matrix_mx_puppet_skype_registration|to_nice_yaml }}" - dest: "{{ matrix_mx_puppet_skype_config_path }}/skype-registration.yaml" + dest: "{{ matrix_mx_puppet_skype_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_username }}" diff --git a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 index de0c9d20..cc55f324 100644 --- a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 +++ b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 @@ -22,6 +22,9 @@ ExecStart=/usr/bin/docker run --rm --name matrix-mx-puppet-skype \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ --network={{ matrix_docker_network }} \ + -e CONFIG_PATH=/config/config.yaml \ + -e REGISTRATION_PATH=/config/registration.yaml \ + -v {{ matrix_mx_puppet_skype_config_path }}:/config:z \ -v {{ matrix_mx_puppet_skype_data_path }}:/data:z \ {% for arg in matrix_mx_puppet_skype_container_extra_arguments %} {{ arg }} \ From 7035af87d8d96c9381b47ed65a39e05ead1dc3b5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 09:58:35 +0300 Subject: [PATCH 08/14] Add support for Jitsi discovery for Riot via /.well-known/matrix/client This will not work yet, as no version of Riot currently supports it. It's expected to land in riot-web v1.5.16 via matrix-org/matrix-react-sdk#4348. --- group_vars/matrix_servers | 2 ++ roles/matrix-base/defaults/main.yml | 5 +++++ .../templates/static-files/well-known/matrix-client.j2 | 5 +++++ 3 files changed, 12 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 474ef960..864cd7d4 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -18,6 +18,8 @@ matrix_identity_server_url: "{{ 'https://' + matrix_synapse_trusted_third_party_id_servers[0] if matrix_synapse_trusted_third_party_id_servers|length > 0 else None }}" +matrix_riot_jitsi_preferredDomain: "{{ matrix_server_fqn_jitsi if matrix_jitsi_enabled else '' }}" + ###################################################################### # # /matrix-base diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index c6ed430b..7f4c6ace 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -43,6 +43,11 @@ matrix_identity_server_url: ~ matrix_integration_manager_rest_url: ~ matrix_integration_manager_ui_url: ~ +# The domain name where a Jitsi server is self-hosted. +# If set, `/.well-known/matrix/client` will suggest Riot clients to use that Jitsi server. +# See: https://github.com/vector-im/riot-web/blob/develop/docs/jitsi.md#configuring-riot-to-use-your-self-hosted-jitsi-server +matrix_riot_jitsi_preferredDomain: '' + # The Docker network that all services would be put into matrix_docker_network: "matrix" diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index 719656a4..edbaa62e 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -18,4 +18,9 @@ ] } {% endif %} + {% if matrix_riot_jitsi_preferredDomain %}, + "im.vector.riot.jitsi": { + "preferredDomain": {{ matrix_riot_jitsi_preferredDomain|to_json }} + } + {% endif %} } From ab58b3fc9ed0f0e76a781ec977ebbd7bd9f3ff2c Mon Sep 17 00:00:00 2001 From: skoal Date: Thu, 9 Apr 2020 14:31:42 +0200 Subject: [PATCH 09/14] Update prerequisites.md Added Jitsi firewall ports --- docs/prerequisites.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 3427c8a3..6b66c3d3 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -16,6 +16,6 @@ - properly configured DNS records for `` (details in [Configuring DNS](configuring-dns.md)) -- some TCP/UDP ports open. This playbook configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: `80/tcp` (HTTP webserver), `443/tcp` (HTTPS webserver), `3478/tcp` (TURN over TCP), `3478/udp` (TURN over UDP), `5349/tcp` (TURN over TCP), `5349/udp` (TURN over UDP), `8448/tcp` (Matrix Federation API HTTPS webserver), the range `49152-49172/udp` (TURN over UDP). +- some TCP/UDP ports open. This playbook configures the server's internal firewall for you. In most cases, you don't need to do anything special. But **if your server is running behind another firewall**, you'd need to open these ports: `80/tcp` (HTTP webserver), `443/tcp` (HTTPS webserver), `3478/tcp` (TURN over TCP), `3478/udp` (TURN over UDP), `5349/tcp` (TURN over TCP), `5349/udp` (TURN over UDP), `8448/tcp` (Matrix Federation API HTTPS webserver), the range `49152-49172/udp` (TURN over UDP), `4443/tcp` (Jitsi Harvester fallback), `10000/udp` (Jitsi video RTP) When ready to proceed, continue with [Configuring DNS](configuring-dns.md). From 0713570e2feebf21a598891d58a20552f6027ad1 Mon Sep 17 00:00:00 2001 From: skoal Date: Thu, 9 Apr 2020 14:40:32 +0200 Subject: [PATCH 10/14] Update matrix_servers turn tls port update --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 864cd7d4..419cf002 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -443,7 +443,7 @@ matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | passwor matrix_jitsi_web_stun_servers: | {{ [ - 'stun:' + matrix_server_fqn_matrix + ':5349', + 'turns:' + matrix_server_fqn_matrix + ':5349', 'stun:' + matrix_server_fqn_matrix + ':3478', ] if matrix_coturn_enabled From e6ebfbf8cc94b8a728f61faa2a4759114d590e95 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 16:07:36 +0300 Subject: [PATCH 11/14] Prevent conflict between Whatsapp and Skype bridge tokens Fixes an error like this: > synapse.config._base.ConfigError: Cannot reuse as_token across application services --- group_vars/matrix_servers | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 864cd7d4..6135ded6 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -308,9 +308,9 @@ matrix_mx_puppet_skype_systemd_required_services_list: | (['matrix-synapse.service'] if matrix_synapse_enabled else []) }} -matrix_mx_puppet_skype_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'whats.as.token') | to_uuid }}" +matrix_mx_puppet_skype_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'skype.as.tok') | to_uuid }}" -matrix_mx_puppet_skype_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'whats.hs.token') | to_uuid }}" +matrix_mx_puppet_skype_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'skype.hs.tok') | to_uuid }}" matrix_mx_puppet_skype_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" From 64de103dff0c165cb709219f4e72366ba3c7b351 Mon Sep 17 00:00:00 2001 From: Rodrigo Belem Date: Thu, 9 Apr 2020 11:03:06 -0400 Subject: [PATCH 12/14] Add global var to control skype image self build --- group_vars/matrix_servers | 2 ++ 1 file changed, 2 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 65ebc451..ceb5ff9f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -301,6 +301,8 @@ matrix_mautrix_whatsapp_login_shared_secret: "{{ matrix_synapse_ext_password_pro # We don't enable bridges by default. matrix_mx_puppet_skype_enabled: false +matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_container_images_self_build }}" + matrix_mx_puppet_skype_systemd_required_services_list: | {{ ['docker.service'] From 181434d9c6d5634ef367f059432a066c31c3f827 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 18:48:56 +0300 Subject: [PATCH 13/14] Add matrix-mx-puppet-skype to the list of roles that can self-build --- docs/self-building.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/docs/self-building.md b/docs/self-building.md index bef35852..aae31c7b 100644 --- a/docs/self-building.md +++ b/docs/self-building.md @@ -8,12 +8,13 @@ matrix_container_images_self_build: true ``` Setting that variable will self-build every role which supports self-building. Self-building can be set on a per-role basis as well. -List of roles where self-building the docker image is currently possible: -- synapse -- riot-web -- coturn -- ma1sd -- matrix-bridge-mautrix-facebook -- matrix-bridge-mautrix-hangouts +List of roles where self-building the Docker image is currently possible: +- `matrix-synapse` +- `matrix-riot-web` +- `matrix-coturn` +- `matrix-ma1sd` +- `matrix-mautrix-facebook` +- `matrix-mautrix-hangouts` +- `matrix-mx-puppet-skype` Adding self-building support to other roles is welcome. Feel free to contribute! From 515160f0d71fff0a6d33f07f1eea5ff49df5db30 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Apr 2020 19:09:04 +0300 Subject: [PATCH 14/14] Fix STUN server URL for jitsi/web (turns -> stun) Discussed in #446 (Github Pull Request). --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ceb5ff9f..e80d55c3 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -445,7 +445,7 @@ matrix_jitsi_jvb_auth_password: "{{ matrix_synapse_macaroon_secret_key | passwor matrix_jitsi_web_stun_servers: | {{ [ - 'turns:' + matrix_server_fqn_matrix + ':5349', + 'stun:' + matrix_server_fqn_matrix + ':5349', 'stun:' + matrix_server_fqn_matrix + ':3478', ] if matrix_coturn_enabled