From 6b9b824964fddb9b7ad9a70089d49705a0be1377 Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 16:11:45 +1000 Subject: [PATCH 01/30] Copy matrix-bridge-mautrix-facebook as base for matrix-bridge-mautrix-twitter --- .../defaults/main.yml | 115 +++++++++ .../tasks/init.yml | 23 ++ .../tasks/main.yml | 21 ++ .../tasks/setup_install.yml | 128 ++++++++++ .../tasks/setup_uninstall.yml | 24 ++ .../tasks/validate_config.yml | 31 +++ .../templates/config.yaml.j2 | 227 ++++++++++++++++++ .../matrix-mautrix-facebook.service.j2 | 42 ++++ 8 files changed, 611 insertions(+) create mode 100644 roles/matrix-bridge-mautrix-twitter/defaults/main.yml create mode 100644 roles/matrix-bridge-mautrix-twitter/tasks/init.yml create mode 100644 roles/matrix-bridge-mautrix-twitter/tasks/main.yml create mode 100644 roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml create mode 100644 roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml create mode 100644 roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml create mode 100644 roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-facebook.service.j2 diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml new file mode 100644 index 00000000..71a225f7 --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -0,0 +1,115 @@ +# mautrix-facebook is a Matrix <-> Facebook bridge +# See: https://github.com/tulir/mautrix-facebook + +matrix_mautrix_facebook_enabled: true + +matrix_mautrix_facebook_container_image_self_build: false +matrix_mautrix_facebook_container_image_self_build_repo: "https://github.com/tulir/mautrix-facebook.git" + +matrix_mautrix_facebook_version: latest +# See: https://mau.dev/tulir/mautrix-facebook/container_registry +matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}tulir/mautrix-facebook:{{ matrix_mautrix_facebook_version }}" +matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}" +matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}" + +matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook" +matrix_mautrix_facebook_config_path: "{{ matrix_mautrix_facebook_base_path }}/config" +matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data" +matrix_mautrix_facebook_docker_src_files_path: "{{ matrix_mautrix_facebook_base_path }}/docker-src" + +matrix_mautrix_facebook_homeserver_address: "{{ matrix_homeserver_container_url }}" +matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}' +matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:29319' + +# A list of extra arguments to pass to the container +matrix_mautrix_facebook_container_extra_arguments: [] + +# List of systemd services that matrix-mautrix-facebook.service depends on. +matrix_mautrix_facebook_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-mautrix-facebook.service wants +matrix_mautrix_facebook_systemd_wanted_services_list: [] + +matrix_mautrix_facebook_appservice_token: '' +matrix_mautrix_facebook_homeserver_token: '' + + +# Database-related configuration fields. +# +# To use SQLite: +# - change the engine (`matrix_mautrix_facebook_database_engine: 'sqlite'`) +# - change to the last bridge version that supported SQLite: +# `matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}tulir/mautrix-facebook:da1b4ec596e334325a1589e70829dea46e73064b"` +# - plan your migration to Postgres, as this bridge does not support SQLite anymore (and neither will the playbook in the future). +# +# To use Postgres: +# - adjust your database credentials via the `matrix_mautrix_facebook_postgres_*` variables +matrix_mautrix_facebook_database_engine: 'postgres' + +matrix_mautrix_facebook_sqlite_database_path_local: "{{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db" +matrix_mautrix_facebook_sqlite_database_path_in_container: "/data/mautrix-facebook.db" + +matrix_mautrix_facebook_database_username: 'matrix_mautrix_facebook' +matrix_mautrix_facebook_database_password: 'some-password' +matrix_mautrix_facebook_database_hostname: 'matrix-postgres' +matrix_mautrix_facebook_database_port: 5432 +matrix_mautrix_facebook_database_name: 'matrix_mautrix_facebook' + +matrix_mautrix_facebook_database_connection_string: 'postgres://{{ matrix_mautrix_facebook_database_username }}:{{ matrix_mautrix_facebook_database_password }}@{{ matrix_mautrix_facebook_database_hostname }}:{{ matrix_mautrix_facebook_database_port }}/{{ matrix_mautrix_facebook_database_name }}' + +matrix_mautrix_facebook_appservice_database: "{{ + { + 'sqlite': ('sqlite:///' + matrix_mautrix_facebook_sqlite_database_path_in_container), + 'postgres': matrix_mautrix_facebook_database_connection_string, + }[matrix_mautrix_facebook_database_engine] +}}" + + +# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). +matrix_mautrix_facebook_login_shared_secret: '' + +matrix_mautrix_facebook_bridge_login_shared_secret_map: "{{ {matrix_mautrix_facebook_homeserver_domain: matrix_mautrix_facebook_login_shared_secret} if matrix_mautrix_facebook_login_shared_secret else {} }}" + +matrix_mautrix_facebook_appservice_bot_username: facebookbot + +matrix_mautrix_facebook_bridge_presence: true + +# Default configuration template which covers the generic use case. +# You can customize it by controlling the various variables inside it. +# +# For a more advanced customization, you can extend the default (see `matrix_mautrix_facebook_configuration_extension_yaml`) +# or completely replace this variable with your own template. +matrix_mautrix_facebook_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" + +matrix_mautrix_facebook_configuration_extension_yaml: | + # Your custom YAML configuration goes here. + # This configuration extends the default starting configuration (`matrix_mautrix_facebook_configuration_yaml`). + # + # You can override individual variables from the default configuration, or introduce new ones. + # + # If you need something more special, you can take full control by + # completely redefining `matrix_mautrix_facebook_configuration_yaml`. + +matrix_mautrix_facebook_configuration_extension: "{{ matrix_mautrix_facebook_configuration_extension_yaml|from_yaml if matrix_mautrix_facebook_configuration_extension_yaml|from_yaml is mapping else {} }}" + +# Holds the final configuration (a combination of the default and its extension). +# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_facebook_configuration_yaml`. +matrix_mautrix_facebook_configuration: "{{ matrix_mautrix_facebook_configuration_yaml|from_yaml|combine(matrix_mautrix_facebook_configuration_extension, recursive=True) }}" + +matrix_mautrix_facebook_registration_yaml: | + id: facebook + as_token: "{{ matrix_mautrix_facebook_appservice_token }}" + hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}" + namespaces: + users: + - exclusive: true + regex: '^@facebook_.+:{{ matrix_mautrix_facebook_homeserver_domain|regex_escape }}$' + - exclusive: true + regex: '^@{{ matrix_mautrix_facebook_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_facebook_homeserver_domain|regex_escape }}$' + url: {{ matrix_mautrix_facebook_appservice_address }} + # See https://github.com/tulir/mautrix-signal/issues/43 + sender_localpart: _bot_{{ matrix_mautrix_facebook_appservice_bot_username }} + rate_limited: false + de.sorunome.msc2409.push_ephemeral: true + +matrix_mautrix_facebook_registration: "{{ matrix_mautrix_facebook_registration_yaml|from_yaml }}" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml new file mode 100644 index 00000000..9e127316 --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml @@ -0,0 +1,23 @@ +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook.service'] }}" + when: matrix_mautrix_facebook_enabled|bool + +# If the matrix-synapse role is not used, these variables may not exist. +- set_fact: + matrix_synapse_container_extra_arguments: > + {{ matrix_synapse_container_extra_arguments|default([]) }} + + + ["--mount type=bind,src={{ matrix_mautrix_facebook_config_path }}/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro"] + + matrix_synapse_app_service_config_files: > + {{ matrix_synapse_app_service_config_files|default([]) }} + + + {{ ["/matrix-mautrix-facebook-registration.yaml"] }} + when: matrix_mautrix_facebook_enabled|bool + +# ansible lower than 2.8, does not support docker_image build parameters +# for self buildig it is explicitly needed, so we rather fail here +- name: Fail if running on Ansible lower than 2.8 and trying self building + fail: + msg: "To self build Mautrix Facebook image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_facebook_container_image_self_build" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/main.yml b/roles/matrix-bridge-mautrix-twitter/tasks/main.yml new file mode 100644 index 00000000..54fb6f9d --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/tasks/main.yml @@ -0,0 +1,21 @@ +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool" + tags: + - setup-all + - setup-mautrix-facebook + +- import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool" + tags: + - setup-all + - setup-mautrix-facebook + +- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool" + tags: + - setup-all + - setup-mautrix-facebook diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml new file mode 100644 index 00000000..59998463 --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -0,0 +1,128 @@ +--- + +# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. +# We don't want to fail in such cases. +- name: Fail if matrix-synapse role already executed + fail: + msg: >- + The matrix-bridge-mautrix-facebook role needs to execute before the matrix-synapse role. + when: "matrix_synapse_role_executed|default(False)" + +- set_fact: + matrix_mautrix_facebook_requires_restart: false + +- block: + - name: Check if an SQLite database already exists + stat: + path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" + register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result + + - block: + - set_fact: + matrix_postgres_db_migration_request: + src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" + dst: "{{ matrix_mautrix_facebook_database_connection_string }}" + caller: "{{ role_path|basename }}" + engine_variable_name: 'matrix_mautrix_facebook_database_engine' + engine_old: 'sqlite' + systemd_services_to_stop: ['matrix-mautrix-facebook.service'] + + - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" + + - set_fact: + matrix_mautrix_facebook_requires_restart: true + when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists|bool" + when: "matrix_mautrix_facebook_database_engine == 'postgres'" + +- name: Ensure Mautrix Facebook image is pulled + docker_image: + name: "{{ matrix_mautrix_facebook_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}" + when: matrix_mautrix_facebook_enabled|bool and not matrix_mautrix_facebook_container_image_self_build + +- name: Ensure Mautrix Facebook paths exist + file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - { path: "{{ matrix_mautrix_facebook_base_path }}", when: true } + - { path: "{{ matrix_mautrix_facebook_config_path }}", when: true } + - { path: "{{ matrix_mautrix_facebook_data_path }}", when: true } + - { path: "{{ matrix_mautrix_facebook_docker_src_files_path }}", when: "{{ matrix_mautrix_facebook_container_image_self_build }}" } + when: item.when|bool + +- name: Ensure Mautrix Facebook repository is present on self-build + git: + repo: "{{ matrix_mautrix_facebook_container_image_self_build_repo }}" + dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}" +# version: "{{ matrix_coturn_docker_image.split(':')[1] }}" + force: "yes" + register: matrix_mautrix_facebook_git_pull_results + when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build" + +- name: Ensure Mautrix Facebook Docker image is built + docker_image: + name: "{{ matrix_mautrix_facebook_docker_image }}" + source: build + force_source: "{{ matrix_mautrix_facebook_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_mautrix_facebook_docker_src_files_path }}" + pull: yes + when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build|bool" + +- name: Check if an old database file already exists + stat: + path: "{{ matrix_mautrix_facebook_base_path }}/mautrix-facebook.db" + register: matrix_mautrix_facebook_stat_database + +- name: (Data relocation) Ensure matrix-mautrix-facebook.service is stopped + service: + name: matrix-mautrix-facebook + state: stopped + daemon_reload: yes + failed_when: false + when: "matrix_mautrix_facebook_stat_database.stat.exists" + +- name: (Data relocation) Move mautrix-facebook database file to ./data directory + command: "mv {{ matrix_mautrix_facebook_base_path }}/mautrix-facebook.db {{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db" + when: "matrix_mautrix_facebook_stat_database.stat.exists" + +- name: Ensure mautrix-facebook config.yaml installed + copy: + content: "{{ matrix_mautrix_facebook_configuration|to_nice_yaml }}" + dest: "{{ matrix_mautrix_facebook_config_path }}/config.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure mautrix-facebook registration.yaml installed + copy: + content: "{{ matrix_mautrix_facebook_registration|to_nice_yaml }}" + dest: "{{ matrix_mautrix_facebook_config_path }}/registration.yaml" + mode: 0644 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + +- name: Ensure matrix-mautrix-facebook.service installed + template: + src: "{{ role_path }}/templates/systemd/matrix-mautrix-facebook.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + mode: 0644 + register: matrix_mautrix_facebook_systemd_service_result + +- name: Ensure systemd reloaded after matrix-mautrix-facebook.service installation + service: + daemon_reload: yes + when: "matrix_mautrix_facebook_systemd_service_result.changed" + +- name: Ensure matrix-mautrix-facebook.service restarted, if necessary + service: + name: "matrix-mautrix-facebook.service" + state: restarted + when: "matrix_mautrix_facebook_requires_restart|bool" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml new file mode 100644 index 00000000..efc8aa74 --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml @@ -0,0 +1,24 @@ +--- + +- name: Check existence of matrix-mautrix-facebook service + stat: + path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + register: matrix_mautrix_facebook_service_stat + +- name: Ensure matrix-mautrix-facebook is stopped + service: + name: matrix-mautrix-facebook + state: stopped + daemon_reload: yes + when: "matrix_mautrix_facebook_service_stat.stat.exists" + +- name: Ensure matrix-mautrix-facebook.service doesn't exist + file: + path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + state: absent + when: "matrix_mautrix_facebook_service_stat.stat.exists" + +- name: Ensure systemd reloaded after matrix-mautrix-facebook.service removal + service: + daemon_reload: yes + when: "matrix_mautrix_facebook_service_stat.stat.exists" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml new file mode 100644 index 00000000..0879bad9 --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml @@ -0,0 +1,31 @@ +--- + +- name: Fail if required settings not defined + fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_mautrix_facebook_appservice_token" + - "matrix_mautrix_facebook_homeserver_token" + +- block: + - name: Fail if on SQLite, unless on the last version supporting SQLite + fail: + msg: >- + You're trying to use the mautrix-facebook bridge with an SQLite database. + Going forward, this bridge only supports Postgres. + To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database + when: "not matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" + + - name: Inject warning if still on SQLite + set_fact: + matrix_playbook_runtime_results: | + {{ + matrix_playbook_runtime_results|default([]) + + + [ + "NOTE: Your mautrix-facebook bridge setup is still on SQLite. Your bridge is not getting any updates and will likely stop working at some point. To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database" + ] + }} + when: "matrix_mautrix_facebook_database_engine == 'sqlite'" diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 new file mode 100644 index 00000000..628db713 --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -0,0 +1,227 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_mautrix_facebook_homeserver_address }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_mautrix_facebook_homeserver_domain }} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + # Whether or not the homeserver supports asmux-specific endpoints, + # such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically + # updating m.direct. + asmux: false + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_mautrix_facebook_appservice_address }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 29319 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. Only Postgres is currently supported. + database: {{ matrix_mautrix_facebook_appservice_database|to_json }} + + # Public part of web server for out-of-Matrix interaction with the bridge. + public: + # Whether or not the public-facing endpoints should be enabled. + enabled: false + # The prefix to use in the public-facing endpoints. + prefix: /public + # The base URL where the public-facing endpoints are available. The prefix is not added + # implicitly. + external: https://example.com/public + # Shared secret for integration managers such as mautrix-manager. + # If set to "generate", a random string will be generated on the next startup. + # If null, integration manager access to the API will not be possible. + shared_secret: generate + + # The unique ID of this appservice. + id: facebook + # Username of the appservice bot. + bot_username: {{ matrix_mautrix_facebook_appservice_bot_username|to_json }} + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: Facebook bridge bot + bot_avatar: mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak + + # Authentication tokens for AS <-> HS communication. + as_token: "{{ matrix_mautrix_facebook_appservice_token }}" + hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}" + +# Prometheus telemetry config. Requires prometheus-client to be installed. +metrics: + enabled: false + listen_port: 8000 + +# Bridge config +bridge: + # Localpart template of MXIDs for Facebook users. + # {userid} is replaced with the user ID of the Facebook user. + username_template: "facebook_{userid}" + # Localpart template for per-user room grouping community IDs. + # The bridge will create these communities and add all of the specific user's portals to the community. + # {localpart} is the MXID localpart and {server} is the MXID server part of the user. + # + # `facebook_{localpart}={server}` is a good value. + community_template: null + # Displayname template for Facebook users. + # {displayname} is replaced with the display name of the Facebook user + # as defined below in displayname_preference. + # Keys available for displayname_preference are also available here. + displayname_template: '{displayname} (FB)' + # Available keys: + # "name" (full name) + # "first_name" + # "last_name" + # "nickname" + # "own_nickname" (user-specific!) + displayname_preference: + - name + - first_name + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!fb" + + # Number of chats to sync (and create portals for) on startup/login. + # Set 0 to disable automatic syncing. + initial_chat_sync: 10 + # Whether or not the Facebook users of logged in Matrix users should be + # invited to private chats when the user sends a message from another client. + invite_own_puppet_to_pm: false + # Whether or not to use /sync to get presence, read receipts and typing notifications + # when double puppeting is enabled + sync_with_custom_puppets: true + # Whether or not to update the m.direct account data event when double puppeting is enabled. + # Note that updating the m.direct event is not atomic (except with mautrix-asmux) + # and is therefore prone to race conditions. + sync_direct_chat_list: false + # Servers to always allow double puppeting from + double_puppet_server_map: {} + # example.com: https://example.com + # Allow using double puppeting from any server with a valid client .well-known file. + double_puppet_allow_discovery: false + # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + # If using this for other servers than the bridge's server, + # you must also set the URL in the double_puppet_server_map. + login_shared_secret_map: {{ matrix_mautrix_facebook_bridge_login_shared_secret_map|to_json }} + presence: {{ matrix_mautrix_facebook_bridge_presence|to_json }} + # Whether or not to update avatars when syncing all contacts at startup. + update_avatar_initial_sync: true + # End-to-bridge encryption support options. These require matrix-nio to be installed with pip + # and login_shared_secret to be configured in order to get a device for the bridge bot. + # + # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal + # application service. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # Options for automatic key sharing. + key_sharing: + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow: false + # Require the requesting device to have a valid cross-signing signature? + # This doesn't require that the bridge has verified the device, only that the user has verified it. + # Not yet implemented. + require_cross_signing: false + # Require devices to be verified by the bridge? + # Verification by the bridge is not yet implemented. + require_verification: true + # Whether or not the bridge should send a read receipt from the bridge bot when a message has + # been sent to Facebook. + delivery_receipts: false + # Whether to allow inviting arbitrary mxids to portal rooms + allow_invites: false + # Settings for backfilling messages from Facebook. + backfill: + # Whether or not the Facebook users of logged in Matrix users should be + # invited to private chats when backfilling history from Facebook. This is + # usually needed to prevent rate limits and to allow timestamp massaging. + invite_own_puppet: true + # Maximum number of messages to backfill initially. + # Set to 0 to disable backfilling when creating portal. + initial_limit: 0 + # Maximum number of messages to backfill if messages were missed while + # the bridge was disconnected. + # Set to 0 to disable backfilling missed messages. + missed_limit: 1000 + # If using double puppeting, should notifications be disabled + # while the initial backfill is in progress? + disable_notifications: false + periodic_reconnect: + # Interval in seconds in which to automatically reconnect all users. + # This can be used to automatically mitigate the bug where Facebook stops sending messages. + # Set to -1 to disable periodic reconnections entirely. + interval: -1 + # What to do in periodic reconnects. Either "refresh" or "reconnect" + mode: refresh + # Should even disconnected users be reconnected? + always: false + # The number of seconds that a disconnection can last without triggering an automatic re-sync + # and missed message backfilling when reconnecting. + # Set to 0 to always re-sync, or -1 to never re-sync automatically. + resync_max_disconnected_time: 5 + # Whether or not temporary disconnections should send notices to the notice room. + # If this is false, disconnections will never send messages and connections will only send + # messages if it was disconnected for more than resync_max_disconnected_time seconds. + temporary_disconnect_notices: true + # Whether or not the bridge should try to "refresh" the connection if a normal reconnection + # attempt fails. + refresh_on_reconnection_fail: false + # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. + # This field will automatically be changed back to false after it, + # except if the config file is not writable. + resend_bridge_info: false + + # Permissions for using the bridge. + # Permitted values: + # user - Use the bridge with puppeting. + # admin - Use and administrate the bridge. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + '{{ matrix_mautrix_facebook_homeserver_domain }}': user + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): mautrix_facebook.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: DEBUG + paho: + level: INFO + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [console] diff --git a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-facebook.service.j2 new file mode 100644 index 00000000..f3af4b9f --- /dev/null +++ b/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -0,0 +1,42 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix Mautrix Facebook bridge +{% for service in matrix_mautrix_facebook_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_mautrix_facebook_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null' + +# Intentional delay, so that the homeserver (we likely depend on) can manage to start. +ExecStartPre={{ matrix_host_command_sleep }} 5 + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebook \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --network={{ matrix_docker_network }} \ + -v {{ matrix_mautrix_facebook_config_path }}:/config:z \ + -v {{ matrix_mautrix_facebook_data_path }}:/data:z \ + {% for arg in matrix_mautrix_facebook_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_mautrix_facebook_docker_image }} \ + python3 -m mautrix_facebook -c /config/config.yaml --no-update + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-mautrix-facebook + +[Install] +WantedBy=multi-user.target From e9e4d8f250061055c0f71682f5a649687d5315c7 Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 16:12:26 +1000 Subject: [PATCH 02/30] Rename mautrix-twitter systemd file --- ...trix-facebook.service.j2 => matrix-mautrix-twitter.service.j2} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename roles/matrix-bridge-mautrix-twitter/templates/systemd/{matrix-mautrix-facebook.service.j2 => matrix-mautrix-twitter.service.j2} (100%) diff --git a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 similarity index 100% rename from roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-facebook.service.j2 rename to roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 From 7afe8103da1c247a7d281689ff8a3f9595a51d97 Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 16:18:31 +1000 Subject: [PATCH 03/30] Find/replace Facebook with Twitter find roles/matrix-bridge-mautrix-twitter -type f -exec sed -i \ -e 's/facebook/twitter/g' \ -e 's/Facebook/Twitter/g' \ -e 's/FB/Twitter/g' \ -e 's/fb/twitter/g' {} + --- .../defaults/main.yml | 122 +++++++++--------- .../tasks/init.yml | 14 +- .../tasks/main.yml | 12 +- .../tasks/setup_install.yml | 108 ++++++++-------- .../tasks/setup_uninstall.yml | 22 ++-- .../tasks/validate_config.yml | 14 +- .../templates/config.yaml.j2 | 54 ++++---- .../systemd/matrix-mautrix-twitter.service.j2 | 28 ++-- 8 files changed, 187 insertions(+), 187 deletions(-) diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index 71a225f7..02eff778 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -1,115 +1,115 @@ -# mautrix-facebook is a Matrix <-> Facebook bridge -# See: https://github.com/tulir/mautrix-facebook +# mautrix-twitter is a Matrix <-> Twitter bridge +# See: https://github.com/tulir/mautrix-twitter -matrix_mautrix_facebook_enabled: true +matrix_mautrix_twitter_enabled: true -matrix_mautrix_facebook_container_image_self_build: false -matrix_mautrix_facebook_container_image_self_build_repo: "https://github.com/tulir/mautrix-facebook.git" +matrix_mautrix_twitter_container_image_self_build: false +matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/tulir/mautrix-twitter.git" -matrix_mautrix_facebook_version: latest -# See: https://mau.dev/tulir/mautrix-facebook/container_registry -matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}tulir/mautrix-facebook:{{ matrix_mautrix_facebook_version }}" -matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}" -matrix_mautrix_facebook_docker_image_force_pull: "{{ matrix_mautrix_facebook_docker_image.endswith(':latest') }}" +matrix_mautrix_twitter_version: latest +# See: https://mau.dev/tulir/mautrix-twitter/container_registry +matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}tulir/mautrix-twitter:{{ matrix_mautrix_twitter_version }}" +matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}" +matrix_mautrix_twitter_docker_image_force_pull: "{{ matrix_mautrix_twitter_docker_image.endswith(':latest') }}" -matrix_mautrix_facebook_base_path: "{{ matrix_base_data_path }}/mautrix-facebook" -matrix_mautrix_facebook_config_path: "{{ matrix_mautrix_facebook_base_path }}/config" -matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data" -matrix_mautrix_facebook_docker_src_files_path: "{{ matrix_mautrix_facebook_base_path }}/docker-src" +matrix_mautrix_twitter_base_path: "{{ matrix_base_data_path }}/mautrix-twitter" +matrix_mautrix_twitter_config_path: "{{ matrix_mautrix_twitter_base_path }}/config" +matrix_mautrix_twitter_data_path: "{{ matrix_mautrix_twitter_base_path }}/data" +matrix_mautrix_twitter_docker_src_files_path: "{{ matrix_mautrix_twitter_base_path }}/docker-src" -matrix_mautrix_facebook_homeserver_address: "{{ matrix_homeserver_container_url }}" -matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}' -matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:29319' +matrix_mautrix_twitter_homeserver_address: "{{ matrix_homeserver_container_url }}" +matrix_mautrix_twitter_homeserver_domain: '{{ matrix_domain }}' +matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29319' # A list of extra arguments to pass to the container -matrix_mautrix_facebook_container_extra_arguments: [] +matrix_mautrix_twitter_container_extra_arguments: [] -# List of systemd services that matrix-mautrix-facebook.service depends on. -matrix_mautrix_facebook_systemd_required_services_list: ['docker.service'] +# List of systemd services that matrix-mautrix-twitter.service depends on. +matrix_mautrix_twitter_systemd_required_services_list: ['docker.service'] -# List of systemd services that matrix-mautrix-facebook.service wants -matrix_mautrix_facebook_systemd_wanted_services_list: [] +# List of systemd services that matrix-mautrix-twitter.service wants +matrix_mautrix_twitter_systemd_wanted_services_list: [] -matrix_mautrix_facebook_appservice_token: '' -matrix_mautrix_facebook_homeserver_token: '' +matrix_mautrix_twitter_appservice_token: '' +matrix_mautrix_twitter_homeserver_token: '' # Database-related configuration fields. # # To use SQLite: -# - change the engine (`matrix_mautrix_facebook_database_engine: 'sqlite'`) +# - change the engine (`matrix_mautrix_twitter_database_engine: 'sqlite'`) # - change to the last bridge version that supported SQLite: -# `matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}tulir/mautrix-facebook:da1b4ec596e334325a1589e70829dea46e73064b"` +# `matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}tulir/mautrix-twitter:da1b4ec596e334325a1589e70829dea46e73064b"` # - plan your migration to Postgres, as this bridge does not support SQLite anymore (and neither will the playbook in the future). # # To use Postgres: -# - adjust your database credentials via the `matrix_mautrix_facebook_postgres_*` variables -matrix_mautrix_facebook_database_engine: 'postgres' +# - adjust your database credentials via the `matrix_mautrix_twitter_postgres_*` variables +matrix_mautrix_twitter_database_engine: 'postgres' -matrix_mautrix_facebook_sqlite_database_path_local: "{{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db" -matrix_mautrix_facebook_sqlite_database_path_in_container: "/data/mautrix-facebook.db" +matrix_mautrix_twitter_sqlite_database_path_local: "{{ matrix_mautrix_twitter_data_path }}/mautrix-twitter.db" +matrix_mautrix_twitter_sqlite_database_path_in_container: "/data/mautrix-twitter.db" -matrix_mautrix_facebook_database_username: 'matrix_mautrix_facebook' -matrix_mautrix_facebook_database_password: 'some-password' -matrix_mautrix_facebook_database_hostname: 'matrix-postgres' -matrix_mautrix_facebook_database_port: 5432 -matrix_mautrix_facebook_database_name: 'matrix_mautrix_facebook' +matrix_mautrix_twitter_database_username: 'matrix_mautrix_twitter' +matrix_mautrix_twitter_database_password: 'some-password' +matrix_mautrix_twitter_database_hostname: 'matrix-postgres' +matrix_mautrix_twitter_database_port: 5432 +matrix_mautrix_twitter_database_name: 'matrix_mautrix_twitter' -matrix_mautrix_facebook_database_connection_string: 'postgres://{{ matrix_mautrix_facebook_database_username }}:{{ matrix_mautrix_facebook_database_password }}@{{ matrix_mautrix_facebook_database_hostname }}:{{ matrix_mautrix_facebook_database_port }}/{{ matrix_mautrix_facebook_database_name }}' +matrix_mautrix_twitter_database_connection_string: 'postgres://{{ matrix_mautrix_twitter_database_username }}:{{ matrix_mautrix_twitter_database_password }}@{{ matrix_mautrix_twitter_database_hostname }}:{{ matrix_mautrix_twitter_database_port }}/{{ matrix_mautrix_twitter_database_name }}' -matrix_mautrix_facebook_appservice_database: "{{ +matrix_mautrix_twitter_appservice_database: "{{ { - 'sqlite': ('sqlite:///' + matrix_mautrix_facebook_sqlite_database_path_in_container), - 'postgres': matrix_mautrix_facebook_database_connection_string, - }[matrix_mautrix_facebook_database_engine] + 'sqlite': ('sqlite:///' + matrix_mautrix_twitter_sqlite_database_path_in_container), + 'postgres': matrix_mautrix_twitter_database_connection_string, + }[matrix_mautrix_twitter_database_engine] }}" # Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth). -matrix_mautrix_facebook_login_shared_secret: '' +matrix_mautrix_twitter_login_shared_secret: '' -matrix_mautrix_facebook_bridge_login_shared_secret_map: "{{ {matrix_mautrix_facebook_homeserver_domain: matrix_mautrix_facebook_login_shared_secret} if matrix_mautrix_facebook_login_shared_secret else {} }}" +matrix_mautrix_twitter_bridge_login_shared_secret_map: "{{ {matrix_mautrix_twitter_homeserver_domain: matrix_mautrix_twitter_login_shared_secret} if matrix_mautrix_twitter_login_shared_secret else {} }}" -matrix_mautrix_facebook_appservice_bot_username: facebookbot +matrix_mautrix_twitter_appservice_bot_username: twitterbot -matrix_mautrix_facebook_bridge_presence: true +matrix_mautrix_twitter_bridge_presence: true # Default configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # -# For a more advanced customization, you can extend the default (see `matrix_mautrix_facebook_configuration_extension_yaml`) +# For a more advanced customization, you can extend the default (see `matrix_mautrix_twitter_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_mautrix_facebook_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" +matrix_mautrix_twitter_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" -matrix_mautrix_facebook_configuration_extension_yaml: | +matrix_mautrix_twitter_configuration_extension_yaml: | # Your custom YAML configuration goes here. - # This configuration extends the default starting configuration (`matrix_mautrix_facebook_configuration_yaml`). + # This configuration extends the default starting configuration (`matrix_mautrix_twitter_configuration_yaml`). # # You can override individual variables from the default configuration, or introduce new ones. # # If you need something more special, you can take full control by - # completely redefining `matrix_mautrix_facebook_configuration_yaml`. + # completely redefining `matrix_mautrix_twitter_configuration_yaml`. -matrix_mautrix_facebook_configuration_extension: "{{ matrix_mautrix_facebook_configuration_extension_yaml|from_yaml if matrix_mautrix_facebook_configuration_extension_yaml|from_yaml is mapping else {} }}" +matrix_mautrix_twitter_configuration_extension: "{{ matrix_mautrix_twitter_configuration_extension_yaml|from_yaml if matrix_mautrix_twitter_configuration_extension_yaml|from_yaml is mapping else {} }}" # Holds the final configuration (a combination of the default and its extension). -# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_facebook_configuration_yaml`. -matrix_mautrix_facebook_configuration: "{{ matrix_mautrix_facebook_configuration_yaml|from_yaml|combine(matrix_mautrix_facebook_configuration_extension, recursive=True) }}" +# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_twitter_configuration_yaml`. +matrix_mautrix_twitter_configuration: "{{ matrix_mautrix_twitter_configuration_yaml|from_yaml|combine(matrix_mautrix_twitter_configuration_extension, recursive=True) }}" -matrix_mautrix_facebook_registration_yaml: | - id: facebook - as_token: "{{ matrix_mautrix_facebook_appservice_token }}" - hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}" +matrix_mautrix_twitter_registration_yaml: | + id: twitter + as_token: "{{ matrix_mautrix_twitter_appservice_token }}" + hs_token: "{{ matrix_mautrix_twitter_homeserver_token }}" namespaces: users: - exclusive: true - regex: '^@facebook_.+:{{ matrix_mautrix_facebook_homeserver_domain|regex_escape }}$' + regex: '^@twitter_.+:{{ matrix_mautrix_twitter_homeserver_domain|regex_escape }}$' - exclusive: true - regex: '^@{{ matrix_mautrix_facebook_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_facebook_homeserver_domain|regex_escape }}$' - url: {{ matrix_mautrix_facebook_appservice_address }} + regex: '^@{{ matrix_mautrix_twitter_appservice_bot_username|regex_escape }}:{{ matrix_mautrix_twitter_homeserver_domain|regex_escape }}$' + url: {{ matrix_mautrix_twitter_appservice_address }} # See https://github.com/tulir/mautrix-signal/issues/43 - sender_localpart: _bot_{{ matrix_mautrix_facebook_appservice_bot_username }} + sender_localpart: _bot_{{ matrix_mautrix_twitter_appservice_bot_username }} rate_limited: false de.sorunome.msc2409.push_ephemeral: true -matrix_mautrix_facebook_registration: "{{ matrix_mautrix_facebook_registration_yaml|from_yaml }}" +matrix_mautrix_twitter_registration: "{{ matrix_mautrix_twitter_registration_yaml|from_yaml }}" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml index 9e127316..4f8df9e0 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml @@ -1,23 +1,23 @@ - set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-facebook.service'] }}" - when: matrix_mautrix_facebook_enabled|bool + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-mautrix-twitter.service'] }}" + when: matrix_mautrix_twitter_enabled|bool # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > {{ matrix_synapse_container_extra_arguments|default([]) }} + - ["--mount type=bind,src={{ matrix_mautrix_facebook_config_path }}/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro"] + ["--mount type=bind,src={{ matrix_mautrix_twitter_config_path }}/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro"] matrix_synapse_app_service_config_files: > {{ matrix_synapse_app_service_config_files|default([]) }} + - {{ ["/matrix-mautrix-facebook-registration.yaml"] }} - when: matrix_mautrix_facebook_enabled|bool + {{ ["/matrix-mautrix-twitter-registration.yaml"] }} + when: matrix_mautrix_twitter_enabled|bool # ansible lower than 2.8, does not support docker_image build parameters # for self buildig it is explicitly needed, so we rather fail here - name: Fail if running on Ansible lower than 2.8 and trying self building fail: - msg: "To self build Mautrix Facebook image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." - when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_facebook_container_image_self_build" + msg: "To self build Mautrix Twitter image, you should usa ansible 2.8 or higher. E.g. pip contains such packages." + when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_twitter_container_image_self_build" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/main.yml b/roles/matrix-bridge-mautrix-twitter/tasks/main.yml index 54fb6f9d..60eea099 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/main.yml @@ -3,19 +3,19 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool" + when: "run_setup|bool and matrix_mautrix_twitter_enabled|bool" tags: - setup-all - - setup-mautrix-facebook + - setup-mautrix-twitter - import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup|bool and matrix_mautrix_facebook_enabled|bool" + when: "run_setup|bool and matrix_mautrix_twitter_enabled|bool" tags: - setup-all - - setup-mautrix-facebook + - setup-mautrix-twitter - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup|bool and not matrix_mautrix_facebook_enabled|bool" + when: "run_setup|bool and not matrix_mautrix_twitter_enabled|bool" tags: - setup-all - - setup-mautrix-facebook + - setup-mautrix-twitter diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 59998463..41643972 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -5,44 +5,44 @@ - name: Fail if matrix-synapse role already executed fail: msg: >- - The matrix-bridge-mautrix-facebook role needs to execute before the matrix-synapse role. + The matrix-bridge-mautrix-twitter role needs to execute before the matrix-synapse role. when: "matrix_synapse_role_executed|default(False)" - set_fact: - matrix_mautrix_facebook_requires_restart: false + matrix_mautrix_twitter_requires_restart: false - block: - name: Check if an SQLite database already exists stat: - path: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" - register: matrix_mautrix_facebook_sqlite_database_path_local_stat_result + path: "{{ matrix_mautrix_twitter_sqlite_database_path_local }}" + register: matrix_mautrix_twitter_sqlite_database_path_local_stat_result - block: - set_fact: matrix_postgres_db_migration_request: - src: "{{ matrix_mautrix_facebook_sqlite_database_path_local }}" - dst: "{{ matrix_mautrix_facebook_database_connection_string }}" + src: "{{ matrix_mautrix_twitter_sqlite_database_path_local }}" + dst: "{{ matrix_mautrix_twitter_database_connection_string }}" caller: "{{ role_path|basename }}" - engine_variable_name: 'matrix_mautrix_facebook_database_engine' + engine_variable_name: 'matrix_mautrix_twitter_database_engine' engine_old: 'sqlite' - systemd_services_to_stop: ['matrix-mautrix-facebook.service'] + systemd_services_to_stop: ['matrix-mautrix-twitter.service'] - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" - set_fact: - matrix_mautrix_facebook_requires_restart: true - when: "matrix_mautrix_facebook_sqlite_database_path_local_stat_result.stat.exists|bool" - when: "matrix_mautrix_facebook_database_engine == 'postgres'" + matrix_mautrix_twitter_requires_restart: true + when: "matrix_mautrix_twitter_sqlite_database_path_local_stat_result.stat.exists|bool" + when: "matrix_mautrix_twitter_database_engine == 'postgres'" -- name: Ensure Mautrix Facebook image is pulled +- name: Ensure Mautrix Twitter image is pulled docker_image: - name: "{{ matrix_mautrix_facebook_docker_image }}" + name: "{{ matrix_mautrix_twitter_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}" - when: matrix_mautrix_facebook_enabled|bool and not matrix_mautrix_facebook_container_image_self_build + force_source: "{{ matrix_mautrix_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_twitter_docker_image_force_pull }}" + when: matrix_mautrix_twitter_enabled|bool and not matrix_mautrix_twitter_container_image_self_build -- name: Ensure Mautrix Facebook paths exist +- name: Ensure Mautrix Twitter paths exist file: path: "{{ item.path }}" state: directory @@ -50,79 +50,79 @@ owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - { path: "{{ matrix_mautrix_facebook_base_path }}", when: true } - - { path: "{{ matrix_mautrix_facebook_config_path }}", when: true } - - { path: "{{ matrix_mautrix_facebook_data_path }}", when: true } - - { path: "{{ matrix_mautrix_facebook_docker_src_files_path }}", when: "{{ matrix_mautrix_facebook_container_image_self_build }}" } + - { path: "{{ matrix_mautrix_twitter_base_path }}", when: true } + - { path: "{{ matrix_mautrix_twitter_config_path }}", when: true } + - { path: "{{ matrix_mautrix_twitter_data_path }}", when: true } + - { path: "{{ matrix_mautrix_twitter_docker_src_files_path }}", when: "{{ matrix_mautrix_twitter_container_image_self_build }}" } when: item.when|bool -- name: Ensure Mautrix Facebook repository is present on self-build +- name: Ensure Mautrix Twitter repository is present on self-build git: - repo: "{{ matrix_mautrix_facebook_container_image_self_build_repo }}" - dest: "{{ matrix_mautrix_facebook_docker_src_files_path }}" + repo: "{{ matrix_mautrix_twitter_container_image_self_build_repo }}" + dest: "{{ matrix_mautrix_twitter_docker_src_files_path }}" # version: "{{ matrix_coturn_docker_image.split(':')[1] }}" force: "yes" - register: matrix_mautrix_facebook_git_pull_results - when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build" + register: matrix_mautrix_twitter_git_pull_results + when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build" -- name: Ensure Mautrix Facebook Docker image is built +- name: Ensure Mautrix Twitter Docker image is built docker_image: - name: "{{ matrix_mautrix_facebook_docker_image }}" + name: "{{ matrix_mautrix_twitter_docker_image }}" source: build - force_source: "{{ matrix_mautrix_facebook_git_pull_results.changed }}" + force_source: "{{ matrix_mautrix_twitter_git_pull_results.changed }}" build: dockerfile: Dockerfile - path: "{{ matrix_mautrix_facebook_docker_src_files_path }}" + path: "{{ matrix_mautrix_twitter_docker_src_files_path }}" pull: yes - when: "matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_container_image_self_build|bool" + when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build|bool" - name: Check if an old database file already exists stat: - path: "{{ matrix_mautrix_facebook_base_path }}/mautrix-facebook.db" - register: matrix_mautrix_facebook_stat_database + path: "{{ matrix_mautrix_twitter_base_path }}/mautrix-twitter.db" + register: matrix_mautrix_twitter_stat_database -- name: (Data relocation) Ensure matrix-mautrix-facebook.service is stopped +- name: (Data relocation) Ensure matrix-mautrix-twitter.service is stopped service: - name: matrix-mautrix-facebook + name: matrix-mautrix-twitter state: stopped daemon_reload: yes failed_when: false - when: "matrix_mautrix_facebook_stat_database.stat.exists" + when: "matrix_mautrix_twitter_stat_database.stat.exists" -- name: (Data relocation) Move mautrix-facebook database file to ./data directory - command: "mv {{ matrix_mautrix_facebook_base_path }}/mautrix-facebook.db {{ matrix_mautrix_facebook_data_path }}/mautrix-facebook.db" - when: "matrix_mautrix_facebook_stat_database.stat.exists" +- name: (Data relocation) Move mautrix-twitter database file to ./data directory + command: "mv {{ matrix_mautrix_twitter_base_path }}/mautrix-twitter.db {{ matrix_mautrix_twitter_data_path }}/mautrix-twitter.db" + when: "matrix_mautrix_twitter_stat_database.stat.exists" -- name: Ensure mautrix-facebook config.yaml installed +- name: Ensure mautrix-twitter config.yaml installed copy: - content: "{{ matrix_mautrix_facebook_configuration|to_nice_yaml }}" - dest: "{{ matrix_mautrix_facebook_config_path }}/config.yaml" + content: "{{ matrix_mautrix_twitter_configuration|to_nice_yaml }}" + dest: "{{ matrix_mautrix_twitter_config_path }}/config.yaml" mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" -- name: Ensure mautrix-facebook registration.yaml installed +- name: Ensure mautrix-twitter registration.yaml installed copy: - content: "{{ matrix_mautrix_facebook_registration|to_nice_yaml }}" - dest: "{{ matrix_mautrix_facebook_config_path }}/registration.yaml" + content: "{{ matrix_mautrix_twitter_registration|to_nice_yaml }}" + dest: "{{ matrix_mautrix_twitter_config_path }}/registration.yaml" mode: 0644 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" -- name: Ensure matrix-mautrix-facebook.service installed +- name: Ensure matrix-mautrix-twitter.service installed template: - src: "{{ role_path }}/templates/systemd/matrix-mautrix-facebook.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + src: "{{ role_path }}/templates/systemd/matrix-mautrix-twitter.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" mode: 0644 - register: matrix_mautrix_facebook_systemd_service_result + register: matrix_mautrix_twitter_systemd_service_result -- name: Ensure systemd reloaded after matrix-mautrix-facebook.service installation +- name: Ensure systemd reloaded after matrix-mautrix-twitter.service installation service: daemon_reload: yes - when: "matrix_mautrix_facebook_systemd_service_result.changed" + when: "matrix_mautrix_twitter_systemd_service_result.changed" -- name: Ensure matrix-mautrix-facebook.service restarted, if necessary +- name: Ensure matrix-mautrix-twitter.service restarted, if necessary service: - name: "matrix-mautrix-facebook.service" + name: "matrix-mautrix-twitter.service" state: restarted - when: "matrix_mautrix_facebook_requires_restart|bool" + when: "matrix_mautrix_twitter_requires_restart|bool" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml index efc8aa74..28819726 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_uninstall.yml @@ -1,24 +1,24 @@ --- -- name: Check existence of matrix-mautrix-facebook service +- name: Check existence of matrix-mautrix-twitter service stat: - path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" - register: matrix_mautrix_facebook_service_stat + path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" + register: matrix_mautrix_twitter_service_stat -- name: Ensure matrix-mautrix-facebook is stopped +- name: Ensure matrix-mautrix-twitter is stopped service: - name: matrix-mautrix-facebook + name: matrix-mautrix-twitter state: stopped daemon_reload: yes - when: "matrix_mautrix_facebook_service_stat.stat.exists" + when: "matrix_mautrix_twitter_service_stat.stat.exists" -- name: Ensure matrix-mautrix-facebook.service doesn't exist +- name: Ensure matrix-mautrix-twitter.service doesn't exist file: - path: "{{ matrix_systemd_path }}/matrix-mautrix-facebook.service" + path: "{{ matrix_systemd_path }}/matrix-mautrix-twitter.service" state: absent - when: "matrix_mautrix_facebook_service_stat.stat.exists" + when: "matrix_mautrix_twitter_service_stat.stat.exists" -- name: Ensure systemd reloaded after matrix-mautrix-facebook.service removal +- name: Ensure systemd reloaded after matrix-mautrix-twitter.service removal service: daemon_reload: yes - when: "matrix_mautrix_facebook_service_stat.stat.exists" + when: "matrix_mautrix_twitter_service_stat.stat.exists" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml index 0879bad9..a9e63fd0 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml @@ -6,17 +6,17 @@ You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" with_items: - - "matrix_mautrix_facebook_appservice_token" - - "matrix_mautrix_facebook_homeserver_token" + - "matrix_mautrix_twitter_appservice_token" + - "matrix_mautrix_twitter_homeserver_token" - block: - name: Fail if on SQLite, unless on the last version supporting SQLite fail: msg: >- - You're trying to use the mautrix-facebook bridge with an SQLite database. + You're trying to use the mautrix-twitter bridge with an SQLite database. Going forward, this bridge only supports Postgres. - To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database - when: "not matrix_mautrix_facebook_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" + To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-twitter-bridge-now-requires-a-postgres-database + when: "not matrix_mautrix_twitter_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" - name: Inject warning if still on SQLite set_fact: @@ -25,7 +25,7 @@ matrix_playbook_runtime_results|default([]) + [ - "NOTE: Your mautrix-facebook bridge setup is still on SQLite. Your bridge is not getting any updates and will likely stop working at some point. To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-facebook-bridge-now-requires-a-postgres-database" + "NOTE: Your mautrix-twitter bridge setup is still on SQLite. Your bridge is not getting any updates and will likely stop working at some point. To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-twitter-bridge-now-requires-a-postgres-database" ] }} - when: "matrix_mautrix_facebook_database_engine == 'sqlite'" + when: "matrix_mautrix_twitter_database_engine == 'sqlite'" diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 index 628db713..93bf537b 100644 --- a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -2,9 +2,9 @@ # Homeserver details homeserver: # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_facebook_homeserver_address }} + address: {{ matrix_mautrix_twitter_homeserver_address }} # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_facebook_homeserver_domain }} + domain: {{ matrix_mautrix_twitter_homeserver_domain }} # Whether or not to verify the SSL certificate of the homeserver. # Only applies if address starts with https:// verify_ssl: true @@ -17,7 +17,7 @@ homeserver: # Changing these values requires regeneration of the registration. appservice: # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_facebook_appservice_address }} + address: {{ matrix_mautrix_twitter_appservice_address }} # The hostname and port where this appservice should listen. hostname: 0.0.0.0 @@ -27,7 +27,7 @@ appservice: max_body_size: 1 # The full URI to the database. Only Postgres is currently supported. - database: {{ matrix_mautrix_facebook_appservice_database|to_json }} + database: {{ matrix_mautrix_twitter_appservice_database|to_json }} # Public part of web server for out-of-Matrix interaction with the bridge. public: @@ -44,17 +44,17 @@ appservice: shared_secret: generate # The unique ID of this appservice. - id: facebook + id: twitter # Username of the appservice bot. - bot_username: {{ matrix_mautrix_facebook_appservice_bot_username|to_json }} + bot_username: {{ matrix_mautrix_twitter_appservice_bot_username|to_json }} # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # to leave display name/avatar as-is. - bot_displayname: Facebook bridge bot + bot_displayname: Twitter bridge bot bot_avatar: mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak # Authentication tokens for AS <-> HS communication. - as_token: "{{ matrix_mautrix_facebook_appservice_token }}" - hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}" + as_token: "{{ matrix_mautrix_twitter_appservice_token }}" + hs_token: "{{ matrix_mautrix_twitter_homeserver_token }}" # Prometheus telemetry config. Requires prometheus-client to be installed. metrics: @@ -63,20 +63,20 @@ metrics: # Bridge config bridge: - # Localpart template of MXIDs for Facebook users. - # {userid} is replaced with the user ID of the Facebook user. - username_template: "facebook_{userid}" + # Localpart template of MXIDs for Twitter users. + # {userid} is replaced with the user ID of the Twitter user. + username_template: "twitter_{userid}" # Localpart template for per-user room grouping community IDs. # The bridge will create these communities and add all of the specific user's portals to the community. # {localpart} is the MXID localpart and {server} is the MXID server part of the user. # - # `facebook_{localpart}={server}` is a good value. + # `twitter_{localpart}={server}` is a good value. community_template: null - # Displayname template for Facebook users. - # {displayname} is replaced with the display name of the Facebook user + # Displayname template for Twitter users. + # {displayname} is replaced with the display name of the Twitter user # as defined below in displayname_preference. # Keys available for displayname_preference are also available here. - displayname_template: '{displayname} (FB)' + displayname_template: '{displayname} (Twitter)' # Available keys: # "name" (full name) # "first_name" @@ -88,12 +88,12 @@ bridge: - first_name # The prefix for commands. Only required in non-management rooms. - command_prefix: "!fb" + command_prefix: "!twitter" # Number of chats to sync (and create portals for) on startup/login. # Set 0 to disable automatic syncing. initial_chat_sync: 10 - # Whether or not the Facebook users of logged in Matrix users should be + # Whether or not the Twitter users of logged in Matrix users should be # invited to private chats when the user sends a message from another client. invite_own_puppet_to_pm: false # Whether or not to use /sync to get presence, read receipts and typing notifications @@ -115,8 +115,8 @@ bridge: # manually. # If using this for other servers than the bridge's server, # you must also set the URL in the double_puppet_server_map. - login_shared_secret_map: {{ matrix_mautrix_facebook_bridge_login_shared_secret_map|to_json }} - presence: {{ matrix_mautrix_facebook_bridge_presence|to_json }} + login_shared_secret_map: {{ matrix_mautrix_twitter_bridge_login_shared_secret_map|to_json }} + presence: {{ matrix_mautrix_twitter_bridge_presence|to_json }} # Whether or not to update avatars when syncing all contacts at startup. update_avatar_initial_sync: true # End-to-bridge encryption support options. These require matrix-nio to be installed with pip @@ -143,14 +143,14 @@ bridge: # Verification by the bridge is not yet implemented. require_verification: true # Whether or not the bridge should send a read receipt from the bridge bot when a message has - # been sent to Facebook. + # been sent to Twitter. delivery_receipts: false # Whether to allow inviting arbitrary mxids to portal rooms allow_invites: false - # Settings for backfilling messages from Facebook. + # Settings for backfilling messages from Twitter. backfill: - # Whether or not the Facebook users of logged in Matrix users should be - # invited to private chats when backfilling history from Facebook. This is + # Whether or not the Twitter users of logged in Matrix users should be + # invited to private chats when backfilling history from Twitter. This is # usually needed to prevent rate limits and to allow timestamp massaging. invite_own_puppet: true # Maximum number of messages to backfill initially. @@ -165,7 +165,7 @@ bridge: disable_notifications: false periodic_reconnect: # Interval in seconds in which to automatically reconnect all users. - # This can be used to automatically mitigate the bug where Facebook stops sending messages. + # This can be used to automatically mitigate the bug where Twitter stops sending messages. # Set to -1 to disable periodic reconnections entirely. interval: -1 # What to do in periodic reconnects. Either "refresh" or "reconnect" @@ -197,7 +197,7 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - '{{ matrix_mautrix_facebook_homeserver_domain }}': user + '{{ matrix_mautrix_twitter_homeserver_domain }}': user # Python logging configuration. # @@ -207,7 +207,7 @@ logging: version: 1 formatters: colored: - (): mautrix_facebook.util.ColorFormatter + (): mautrix_twitter.util.ColorFormatter format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" normal: format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" diff --git a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 b/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 index f3af4b9f..73bdbc86 100644 --- a/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 +++ b/roles/matrix-bridge-mautrix-twitter/templates/systemd/matrix-mautrix-twitter.service.j2 @@ -1,11 +1,11 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mautrix Facebook bridge -{% for service in matrix_mautrix_facebook_systemd_required_services_list %} +Description=Matrix Mautrix Twitter bridge +{% for service in matrix_mautrix_twitter_systemd_required_services_list %} Requires={{ service }} After={{ service }} {% endfor %} -{% for service in matrix_mautrix_facebook_systemd_wanted_services_list %} +{% for service in matrix_mautrix_twitter_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} DefaultDependencies=no @@ -13,30 +13,30 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. ExecStartPre={{ matrix_host_command_sleep }} 5 -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebook \ +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-twitter \ --log-driver=none \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --cap-drop=ALL \ --network={{ matrix_docker_network }} \ - -v {{ matrix_mautrix_facebook_config_path }}:/config:z \ - -v {{ matrix_mautrix_facebook_data_path }}:/data:z \ - {% for arg in matrix_mautrix_facebook_container_extra_arguments %} + -v {{ matrix_mautrix_twitter_config_path }}:/config:z \ + -v {{ matrix_mautrix_twitter_data_path }}:/data:z \ + {% for arg in matrix_mautrix_twitter_container_extra_arguments %} {{ arg }} \ {% endfor %} - {{ matrix_mautrix_facebook_docker_image }} \ - python3 -m mautrix_facebook -c /config/config.yaml --no-update + {{ matrix_mautrix_twitter_docker_image }} \ + python3 -m mautrix_twitter -c /config/config.yaml --no-update -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-facebook 2>/dev/null' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-facebook 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-mautrix-twitter 2>/dev/null' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mautrix-twitter 2>/dev/null' Restart=always RestartSec=30 -SyslogIdentifier=matrix-mautrix-facebook +SyslogIdentifier=matrix-mautrix-twitter [Install] WantedBy=multi-user.target From 8282ab48c789690389a4a56855c14a92aefeafc9 Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 16:21:06 +1000 Subject: [PATCH 04/30] Replace bridge config with one from upstream Source: https://github.com/tulir/mautrix-twitter/blob/12f420ab95c2b1b1862109dc14f6af64b2bf7914/mautrix_twitter/example-config.yaml --- .../templates/config.yaml.j2 | 202 +++++++++--------- 1 file changed, 96 insertions(+), 106 deletions(-) diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 index 93bf537b..e4f6ba1f 100644 --- a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -1,60 +1,72 @@ -#jinja2: lstrip_blocks: "True" # Homeserver details homeserver: # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_twitter_homeserver_address }} + address: https://example.com # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_twitter_homeserver_domain }} + domain: example.com # Whether or not to verify the SSL certificate of the homeserver. # Only applies if address starts with https:// verify_ssl: true - # Whether or not the homeserver supports asmux-specific endpoints, - # such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically - # updating m.direct. asmux: false # Application service host/registration related details # Changing these values requires regeneration of the registration. appservice: # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_twitter_appservice_address }} + address: http://localhost:29327 + # When using https:// the TLS certificate and key files for the address. + tls_cert: false + tls_key: false # The hostname and port where this appservice should listen. hostname: 0.0.0.0 - port: 29319 + port: 29327 # The maximum body size of appservice API requests (from the homeserver) in mebibytes # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s max_body_size: 1 # The full URI to the database. Only Postgres is currently supported. - database: {{ matrix_mautrix_twitter_appservice_database|to_json }} + database: postgres://username:password@hostname/db + # Additional arguments for asyncpg.create_pool() + # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool + database_opts: + min_size: 5 + max_size: 10 - # Public part of web server for out-of-Matrix interaction with the bridge. - public: - # Whether or not the public-facing endpoints should be enabled. - enabled: false - # The prefix to use in the public-facing endpoints. - prefix: /public - # The base URL where the public-facing endpoints are available. The prefix is not added - # implicitly. - external: https://example.com/public - # Shared secret for integration managers such as mautrix-manager. - # If set to "generate", a random string will be generated on the next startup. - # If null, integration manager access to the API will not be possible. + # Provisioning API part of the web server for automated portal creation and fetching information. + # Used by things like mautrix-manager (https://github.com/tulir/mautrix-manager). + provisioning: + # Whether or not the provisioning API should be enabled. + enabled: true + # The prefix to use in the provisioning API endpoints. + prefix: /_matrix/provision/v1 + # The shared secret to authorize users of the API. + # Set to "generate" to generate and save a new token. shared_secret: generate # The unique ID of this appservice. id: twitter # Username of the appservice bot. - bot_username: {{ matrix_mautrix_twitter_appservice_bot_username|to_json }} + bot_username: twitterbot # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # to leave display name/avatar as-is. bot_displayname: Twitter bridge bot - bot_avatar: mxc://maunium.net/ygtkteZsXnGJLJHRchUwYWak + bot_avatar: mxc://maunium.net/HVHcnusJkQcpVcsVGZRELLCn - # Authentication tokens for AS <-> HS communication. - as_token: "{{ matrix_mautrix_twitter_appservice_token }}" - hs_token: "{{ matrix_mautrix_twitter_homeserver_token }}" + # Community ID for bridged users (changes registration file) and rooms. + # Must be created manually. + # + # Example: "+twitter:example.com". Set to false to disable. + community_id: false + + # Whether or not to receive ephemeral events via appservice transactions. + # Requires MSC2409 support (i.e. Synapse 1.22+). + # You should disable bridge -> sync_with_custom_puppets when this is enabled. + ephemeral_events: false + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "This value is generated when generating the registration" + hs_token: "This value is generated when generating the registration" # Prometheus telemetry config. Requires prometheus-client to be installed. metrics: @@ -66,64 +78,59 @@ bridge: # Localpart template of MXIDs for Twitter users. # {userid} is replaced with the user ID of the Twitter user. username_template: "twitter_{userid}" - # Localpart template for per-user room grouping community IDs. - # The bridge will create these communities and add all of the specific user's portals to the community. - # {localpart} is the MXID localpart and {server} is the MXID server part of the user. - # - # `twitter_{localpart}={server}` is a good value. - community_template: null # Displayname template for Twitter users. - # {displayname} is replaced with the display name of the Twitter user - # as defined below in displayname_preference. - # Keys available for displayname_preference are also available here. - displayname_template: '{displayname} (Twitter)' - # Available keys: - # "name" (full name) - # "first_name" - # "last_name" - # "nickname" - # "own_nickname" (user-specific!) - displayname_preference: - - name - - first_name + # {displayname} is replaced with the display name of the Twitter user. + # {username} is replaced with the username of the Twitter user. + displayname_template: "{displayname} (Twitter)" - # The prefix for commands. Only required in non-management rooms. - command_prefix: "!twitter" + # Maximum length of displayname + displayname_max_length: 100 - # Number of chats to sync (and create portals for) on startup/login. + # Number of conversations to sync (and create portals for) on login. # Set 0 to disable automatic syncing. - initial_chat_sync: 10 - # Whether or not the Twitter users of logged in Matrix users should be - # invited to private chats when the user sends a message from another client. - invite_own_puppet_to_pm: false - # Whether or not to use /sync to get presence, read receipts and typing notifications + initial_conversation_sync: 10 + # Whether or not to use /sync to get read receipts and typing notifications # when double puppeting is enabled sync_with_custom_puppets: true # Whether or not to update the m.direct account data event when double puppeting is enabled. # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. sync_direct_chat_list: false - # Servers to always allow double puppeting from - double_puppet_server_map: {} - # example.com: https://example.com # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false - # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth + # Servers to allow double puppeting from, even if double_puppet_allow_discovery is false. + double_puppet_server_map: + example.com: https://example.com + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth # # If set, custom puppets will be enabled automatically for local users # instead of users having to find an access token and run `login-matrix` # manually. # If using this for other servers than the bridge's server, # you must also set the URL in the double_puppet_server_map. - login_shared_secret_map: {{ matrix_mautrix_twitter_bridge_login_shared_secret_map|to_json }} - presence: {{ matrix_mautrix_twitter_bridge_presence|to_json }} - # Whether or not to update avatars when syncing all contacts at startup. - update_avatar_initial_sync: true - # End-to-bridge encryption support options. These require matrix-nio to be installed with pip - # and login_shared_secret to be configured in order to get a device for the bridge bot. + login_shared_secret_map: + example.com: foo + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Settings for backfilling messages from Twitter. # - # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal - # application service. + # Missed message backfilling is currently based on receiving them from the Twitter polling API, + # rather than manually asking for messages in each conversation. Due to this, there's no way to + # set a limit for missed message backfilling. + backfill: + # Whether or not the Twitter users of logged in Matrix users should be + # invited to private chats when backfilling history from Twitter. This is + # usually needed to prevent rate limits and to allow timestamp massaging. + invite_own_puppet: true + # Maximum number of messages to backfill initially. + # Set to 0 to disable backfilling when creating portal. + initial_limit: 0 + # If using double puppeting, should notifications be disabled + # while the initial backfill is in progress? + disable_notifications: false + # End-to-bridge encryption support options. You must install the e2be optional dependency for + # this to work. See https://github.com/tulir/mautrix-telegram/wiki/End‐to‐bridge-encryption encryption: # Allow encryption, work in group chat rooms with e2ee enabled allow: false @@ -142,52 +149,29 @@ bridge: # Require devices to be verified by the bridge? # Verification by the bridge is not yet implemented. require_verification: true + # Whether or not to explicitly set the avatar and room name for private + # chat portal rooms. This will be implicitly enabled if encryption.default is true. + private_chat_portal_meta: false # Whether or not the bridge should send a read receipt from the bridge bot when a message has # been sent to Twitter. delivery_receipts: false - # Whether to allow inviting arbitrary mxids to portal rooms - allow_invites: false - # Settings for backfilling messages from Twitter. - backfill: - # Whether or not the Twitter users of logged in Matrix users should be - # invited to private chats when backfilling history from Twitter. This is - # usually needed to prevent rate limits and to allow timestamp massaging. - invite_own_puppet: true - # Maximum number of messages to backfill initially. - # Set to 0 to disable backfilling when creating portal. - initial_limit: 0 - # Maximum number of messages to backfill if messages were missed while - # the bridge was disconnected. - # Set to 0 to disable backfilling missed messages. - missed_limit: 1000 - # If using double puppeting, should notifications be disabled - # while the initial backfill is in progress? - disable_notifications: false - periodic_reconnect: - # Interval in seconds in which to automatically reconnect all users. - # This can be used to automatically mitigate the bug where Twitter stops sending messages. - # Set to -1 to disable periodic reconnections entirely. - interval: -1 - # What to do in periodic reconnects. Either "refresh" or "reconnect" - mode: refresh - # Should even disconnected users be reconnected? - always: false - # The number of seconds that a disconnection can last without triggering an automatic re-sync - # and missed message backfilling when reconnecting. - # Set to 0 to always re-sync, or -1 to never re-sync automatically. - resync_max_disconnected_time: 5 - # Whether or not temporary disconnections should send notices to the notice room. - # If this is false, disconnections will never send messages and connections will only send - # messages if it was disconnected for more than resync_max_disconnected_time seconds. + # Whether or not delivery errors should be reported as messages in the Matrix room. + delivery_error_reports: false + # Whether or not non-fatal polling errors should send notices to the notice room. temporary_disconnect_notices: true - # Whether or not the bridge should try to "refresh" the connection if a normal reconnection - # attempt fails. - refresh_on_reconnection_fail: false + # Number of seconds to sleep more than the previous error when a polling error occurs. + # Growth is capped at 15 minutes. + error_sleep: 5 + # Maximum number of polling errors before giving up. Set to -1 to retry forever. + max_poll_errors: 12 # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. # This field will automatically be changed back to false after it, # except if the config file is not writable. resend_bridge_info: false + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!tw" + # Permissions for using the bridge. # Permitted values: # user - Use the bridge with puppeting. @@ -197,7 +181,9 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - '{{ matrix_mautrix_twitter_homeserver_domain }}': user + "example.com": "user" + "@admin:example.com": "admin" + # Python logging configuration. # @@ -212,16 +198,20 @@ logging: normal: format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: normal + filename: ./mautrix-twitter.log + maxBytes: 10485760 + backupCount: 10 console: class: logging.StreamHandler formatter: colored loggers: mau: level: DEBUG - paho: - level: INFO aiohttp: level: INFO root: level: DEBUG - handlers: [console] + handlers: [file, console] From 68e6311a9f0f47138c379d5cbea5dbbc2781c0ce Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 16:29:12 +1000 Subject: [PATCH 05/30] Update mautrix-twitter config to be Jinja2 template Updates based off the variable names used in mautrix-facebook role. Also update port number in defauts/main.yml, and disable presence checking, because Twitter doesn't support that. --- .../defaults/main.yml | 4 +-- .../templates/config.yaml.j2 | 32 +++++++------------ 2 files changed, 13 insertions(+), 23 deletions(-) diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index 02eff778..ad162cae 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -19,7 +19,7 @@ matrix_mautrix_twitter_docker_src_files_path: "{{ matrix_mautrix_twitter_base_pa matrix_mautrix_twitter_homeserver_address: "{{ matrix_homeserver_container_url }}" matrix_mautrix_twitter_homeserver_domain: '{{ matrix_domain }}' -matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29319' +matrix_mautrix_twitter_appservice_address: 'http://matrix-mautrix-twitter:29327' # A list of extra arguments to pass to the container matrix_mautrix_twitter_container_extra_arguments: [] @@ -72,8 +72,6 @@ matrix_mautrix_twitter_bridge_login_shared_secret_map: "{{ {matrix_mautrix_twitt matrix_mautrix_twitter_appservice_bot_username: twitterbot -matrix_mautrix_twitter_bridge_presence: true - # Default configuration template which covers the generic use case. # You can customize it by controlling the various variables inside it. # diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 index e4f6ba1f..2c10585d 100644 --- a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -1,9 +1,10 @@ +#jinja2: lstrip_blocks: "True" # Homeserver details homeserver: # The address that this appservice can use to connect to the homeserver. - address: https://example.com + address: {{ matrix_mautrix_twitter_homeserver_address }} # The domain of the homeserver (for MXIDs, etc). - domain: example.com + domain: {{ matrix_mautrix_twitter_homeserver_domain }} # Whether or not to verify the SSL certificate of the homeserver. # Only applies if address starts with https:// verify_ssl: true @@ -13,7 +14,7 @@ homeserver: # Changing these values requires regeneration of the registration. appservice: # The address that the homeserver can use to connect to this appservice. - address: http://localhost:29327 + address: {{ matrix_mautrix_twitter_appservice_address }} # When using https:// the TLS certificate and key files for the address. tls_cert: false tls_key: false @@ -26,7 +27,7 @@ appservice: max_body_size: 1 # The full URI to the database. Only Postgres is currently supported. - database: postgres://username:password@hostname/db + database: {{ matrix_mautrix_twitter_appservice_database|to_json }} # Additional arguments for asyncpg.create_pool() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool database_opts: @@ -47,7 +48,7 @@ appservice: # The unique ID of this appservice. id: twitter # Username of the appservice bot. - bot_username: twitterbot + bot_username: {{ matrix_mautrix_twitter_appservice_bot_username|to_json }} # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # to leave display name/avatar as-is. bot_displayname: Twitter bridge bot @@ -65,8 +66,8 @@ appservice: ephemeral_events: false # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. - as_token: "This value is generated when generating the registration" - hs_token: "This value is generated when generating the registration" + as_token: "{{ matrix_mautrix_twitter_appservice_token }}" + hs_token: "{{ matrix_mautrix_twitter_homeserver_token }}" # Prometheus telemetry config. Requires prometheus-client to be installed. metrics: @@ -99,8 +100,7 @@ bridge: # Allow using double puppeting from any server with a valid client .well-known file. double_puppet_allow_discovery: false # Servers to allow double puppeting from, even if double_puppet_allow_discovery is false. - double_puppet_server_map: - example.com: https://example.com + double_puppet_server_map: {} # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth # # If set, custom puppets will be enabled automatically for local users @@ -108,8 +108,7 @@ bridge: # manually. # If using this for other servers than the bridge's server, # you must also set the URL in the double_puppet_server_map. - login_shared_secret_map: - example.com: foo + login_shared_secret_map: {{ matrix_mautrix_twitter_bridge_login_shared_secret_map|to_json }} # Whether or not created rooms should have federation enabled. # If false, created portal rooms will never be federated. federate_rooms: true @@ -181,8 +180,7 @@ bridge: # domain - All users on that homeserver # mxid - Specific user permissions: - "example.com": "user" - "@admin:example.com": "admin" + '{{ matrix_mautrix_twitter_homeserver_domain }}': user # Python logging configuration. @@ -198,12 +196,6 @@ logging: normal: format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" handlers: - file: - class: logging.handlers.RotatingFileHandler - formatter: normal - filename: ./mautrix-twitter.log - maxBytes: 10485760 - backupCount: 10 console: class: logging.StreamHandler formatter: colored @@ -214,4 +206,4 @@ logging: level: INFO root: level: DEBUG - handlers: [file, console] + handlers: [console] From cb608c06aaaa876b19761a40bcef846669f10139 Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 14:18:17 +1000 Subject: [PATCH 06/30] Remove references to sqlite Remove references to sqlite since we should just use postgres from the outset. --- .../defaults/main.yml | 10 ----- .../tasks/setup_install.yml | 40 ------------------- .../tasks/validate_config.yml | 21 ---------- 3 files changed, 71 deletions(-) diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index ad162cae..ed81f2d4 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -36,19 +36,10 @@ matrix_mautrix_twitter_homeserver_token: '' # Database-related configuration fields. # -# To use SQLite: -# - change the engine (`matrix_mautrix_twitter_database_engine: 'sqlite'`) -# - change to the last bridge version that supported SQLite: -# `matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}tulir/mautrix-twitter:da1b4ec596e334325a1589e70829dea46e73064b"` -# - plan your migration to Postgres, as this bridge does not support SQLite anymore (and neither will the playbook in the future). -# # To use Postgres: # - adjust your database credentials via the `matrix_mautrix_twitter_postgres_*` variables matrix_mautrix_twitter_database_engine: 'postgres' -matrix_mautrix_twitter_sqlite_database_path_local: "{{ matrix_mautrix_twitter_data_path }}/mautrix-twitter.db" -matrix_mautrix_twitter_sqlite_database_path_in_container: "/data/mautrix-twitter.db" - matrix_mautrix_twitter_database_username: 'matrix_mautrix_twitter' matrix_mautrix_twitter_database_password: 'some-password' matrix_mautrix_twitter_database_hostname: 'matrix-postgres' @@ -59,7 +50,6 @@ matrix_mautrix_twitter_database_connection_string: 'postgres://{{ matrix_mautrix matrix_mautrix_twitter_appservice_database: "{{ { - 'sqlite': ('sqlite:///' + matrix_mautrix_twitter_sqlite_database_path_in_container), 'postgres': matrix_mautrix_twitter_database_connection_string, }[matrix_mautrix_twitter_database_engine] }}" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml index 41643972..c27eeccd 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml @@ -11,29 +11,6 @@ - set_fact: matrix_mautrix_twitter_requires_restart: false -- block: - - name: Check if an SQLite database already exists - stat: - path: "{{ matrix_mautrix_twitter_sqlite_database_path_local }}" - register: matrix_mautrix_twitter_sqlite_database_path_local_stat_result - - - block: - - set_fact: - matrix_postgres_db_migration_request: - src: "{{ matrix_mautrix_twitter_sqlite_database_path_local }}" - dst: "{{ matrix_mautrix_twitter_database_connection_string }}" - caller: "{{ role_path|basename }}" - engine_variable_name: 'matrix_mautrix_twitter_database_engine' - engine_old: 'sqlite' - systemd_services_to_stop: ['matrix-mautrix-twitter.service'] - - - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml" - - - set_fact: - matrix_mautrix_twitter_requires_restart: true - when: "matrix_mautrix_twitter_sqlite_database_path_local_stat_result.stat.exists|bool" - when: "matrix_mautrix_twitter_database_engine == 'postgres'" - - name: Ensure Mautrix Twitter image is pulled docker_image: name: "{{ matrix_mautrix_twitter_docker_image }}" @@ -76,23 +53,6 @@ pull: yes when: "matrix_mautrix_twitter_enabled|bool and matrix_mautrix_twitter_container_image_self_build|bool" -- name: Check if an old database file already exists - stat: - path: "{{ matrix_mautrix_twitter_base_path }}/mautrix-twitter.db" - register: matrix_mautrix_twitter_stat_database - -- name: (Data relocation) Ensure matrix-mautrix-twitter.service is stopped - service: - name: matrix-mautrix-twitter - state: stopped - daemon_reload: yes - failed_when: false - when: "matrix_mautrix_twitter_stat_database.stat.exists" - -- name: (Data relocation) Move mautrix-twitter database file to ./data directory - command: "mv {{ matrix_mautrix_twitter_base_path }}/mautrix-twitter.db {{ matrix_mautrix_twitter_data_path }}/mautrix-twitter.db" - when: "matrix_mautrix_twitter_stat_database.stat.exists" - - name: Ensure mautrix-twitter config.yaml installed copy: content: "{{ matrix_mautrix_twitter_configuration|to_nice_yaml }}" diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml index a9e63fd0..4c95f7bf 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml @@ -8,24 +8,3 @@ with_items: - "matrix_mautrix_twitter_appservice_token" - "matrix_mautrix_twitter_homeserver_token" - -- block: - - name: Fail if on SQLite, unless on the last version supporting SQLite - fail: - msg: >- - You're trying to use the mautrix-twitter bridge with an SQLite database. - Going forward, this bridge only supports Postgres. - To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-twitter-bridge-now-requires-a-postgres-database - when: "not matrix_mautrix_twitter_docker_image.endswith(':da1b4ec596e334325a1589e70829dea46e73064b')" - - - name: Inject warning if still on SQLite - set_fact: - matrix_playbook_runtime_results: | - {{ - matrix_playbook_runtime_results|default([]) - + - [ - "NOTE: Your mautrix-twitter bridge setup is still on SQLite. Your bridge is not getting any updates and will likely stop working at some point. To learn more about this, see our changelog: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#breaking-change-the-mautrix-twitter-bridge-now-requires-a-postgres-database" - ] - }} - when: "matrix_mautrix_twitter_database_engine == 'sqlite'" From 0f49ce06389f4c79fcb67d9933498a41c7bf820f Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 16:41:58 +1000 Subject: [PATCH 07/30] Set up vars for mautrix-twitter playbook * Copy/update mautrix_facebook group_vars to mautrix_twitter * Replace facebook -> twitter, fb -> twt, remove presence var * Enable playbook in setup.yml --- group_vars/matrix_servers | 45 +++++++++++++++++++++++++++++++++++++++ setup.yml | 1 + 2 files changed, 46 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index f9763c56..c4caef04 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -511,6 +511,45 @@ matrix_mautrix_telegram_database_password: "{{ '%s' | format(matrix_synapse_maca # ###################################################################### +###################################################################### +# +# matrix-bridge-mautrix-twitter +# +###################################################################### + +# We don't enable bridges by default. +matrix_mautrix_twitter_enabled: false + +matrix_mautrix_twitter_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}" + +matrix_mautrix_twitter_systemd_required_services_list: | + {{ + ['docker.service'] + + + (['matrix-synapse.service'] if matrix_synapse_enabled else []) + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + }} + +matrix_mautrix_twitter_appservice_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'twt.as.token') | to_uuid }}" + +matrix_mautrix_twitter_homeserver_token: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'twt.hs.token') | to_uuid }}" + +matrix_mautrix_twitter_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}" + +# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain +# and point them to a migration path. +matrix_mautrix_twitter_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_mautrix_twitter_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.twt.db') | to_uuid }}" + +###################################################################### +# +# /matrix-bridge-mautrix-twitter +# +###################################################################### + ###################################################################### # # matrix-bridge-mautrix-whatsapp @@ -1511,6 +1550,12 @@ matrix_postgres_additional_databases: | 'password': matrix_mautrix_telegram_database_password, }] if (matrix_mautrix_telegram_enabled and matrix_mautrix_telegram_database_engine == 'postgres' and matrix_mautrix_telegram_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_mautrix_twitter_database_name, + 'username': matrix_mautrix_twitter_database_username, + 'password': matrix_mautrix_twitter_database_password, + }] if (matrix_mautrix_twitter_enabled and matrix_mautrix_twitter_database_engine == 'postgres' and matrix_mautrix_twitter_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_mautrix_whatsapp_database_name, 'username': matrix_mautrix_whatsapp_database_username, diff --git a/setup.yml b/setup.yml index 42613d96..edd21205 100755 --- a/setup.yml +++ b/setup.yml @@ -20,6 +20,7 @@ - matrix-bridge-appservice-irc - matrix-bridge-beeper-linkedin - matrix-bridge-mautrix-facebook + - matrix-bridge-mautrix-twitter - matrix-bridge-mautrix-hangouts - matrix-bridge-mautrix-googlechat - matrix-bridge-mautrix-instagram From 35033bbc0c2a9d232f3faa9e8763ba8fbf861afd Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Sun, 11 Apr 2021 16:45:27 +1000 Subject: [PATCH 08/30] Update documentation to include mautrix-twitter Playbook config copied from mautrix-facebook and altered accordingly. --- README.md | 2 ++ ...iguring-playbook-bridge-mautrix-twitter.md | 35 +++++++++++++++++++ docs/configuring-playbook.md | 2 ++ docs/container-images.md | 2 ++ 4 files changed, 41 insertions(+) create mode 100644 docs/configuring-playbook-bridge-mautrix-twitter.md diff --git a/README.md b/README.md index 6e1b5c14..59bd915e 100644 --- a/README.md +++ b/README.md @@ -51,6 +51,8 @@ Using this playbook, you can get the following services configured on your serve - (optional) the [mautrix-facebook](https://github.com/mautrix/facebook) bridge for bridging your Matrix server to [Facebook](https://facebook.com/) +- (optional) the [mautrix-twitter](https://github.com/mautrix/twitter) bridge for bridging your Matrix server to [Twitter](https://twitter.com/) + - (optional) the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge for bridging your Matrix server to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) - (optional) the [mautrix-googlechat](https://github.com/mautrix/googlechat) bridge for bridging your Matrix server to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md new file mode 100644 index 00000000..cfc14506 --- /dev/null +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -0,0 +1,35 @@ +# Setting up Mautrix Twitter (optional) + +The playbook can install and configure [mautrix-twitter](https://github.com/tulir/mautrix-twitter) for you. + +See the project's [documentation](https://github.com/tulir/mautrix-twitter/wiki#usage) to learn what it does and why it might be useful to you. + +```yaml +matrix_mautrix_twitter_enabled: true +``` + + +## Set up Double Puppeting + +If you'd like to use [Double Puppeting](https://github.com/tulir/mautrix-twitter/wiki/Authentication#double-puppeting) (hint: you most likely do), you have 2 ways of going about it. + +### Method 1: automatically, by enabling Shared Secret Auth + +The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook. + +This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future. + +### Method 2: manually, by asking each user to provide a working access token + +This method is currently not available for the Mautrix-Twitter bridge, but is on the [roadmap](https://github.com/tulir/mautrix-twitter/blob/master/ROADMAP.md) under Misc/Manual login with `login-matrix` + +## Usage + +1. You then need to start a chat with `@twitterbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). +2. Send login-cookie to start the login. The bot should respond with instructions on how to proceed. + +You can learn more here about authentication from the bridge's [official documentation on Authentication](https://docs.mau.fi/bridges/python/twitter/authentication.html). + +If you run into trouble, check the [Troubleshooting](#troubleshooting) section below. + +After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 243440dd..0f35325d 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -102,6 +102,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Mautrix Instagram bridging](configuring-playbook-bridge-mautrix-instagram.md) (optional) +- [Setting up Mautrix Twitter bridging](configuring-playbook-bridge-mautrix-twitter.md) (optional) + - [Setting up Mautrix Signal bridging](configuring-playbook-bridge-mautrix-signal.md) (optional) - [Setting up Appservice IRC bridging](configuring-playbook-bridge-appservice-irc.md) (optional) diff --git a/docs/container-images.md b/docs/container-images.md index 6fbb9205..18436c91 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -46,6 +46,8 @@ These services are not part of our default installation, but can be enabled by [ - [mautrix/facebook](https://mau.dev/mautrix/facebook/container_registry) - the [mautrix-facebook](https://github.com/mautrix/facebook) bridge to [Facebook](https://facebook.com/) (optional) +- [tulir/mautrix-twitter](https://mau.dev/mautrix/twitter/container_registry) - the [mautrix-twitter](https://github.com/tulir/mautrix-twitter) bridge to [Twitter](https://twitter.com/) (optional) + - [mautrix/hangouts](https://mau.dev/mautrix/hangouts/container_registry) - the [mautrix-hangouts](https://github.com/mautrix/hangouts) bridge to [Google Hangouts](https://en.wikipedia.org/wiki/Google_Hangouts) (optional) - [mautrix/googlechat](https://mau.dev/mautrix/googlechat/container_registry) - the [mautrix-googlechat](https://github.com/mautrix/googlechat) bridge to [Google Chat](https://en.wikipedia.org/wiki/Google_Chat) (optional) From 2b83aeb87ed26ed1182e257ad80dfaef409dc065 Mon Sep 17 00:00:00 2001 From: Matthew Cengia Date: Tue, 9 Nov 2021 14:47:02 +1100 Subject: [PATCH 09/30] Update Mautrix-Twitter image path --- roles/matrix-bridge-mautrix-twitter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index ed81f2d4..2d6b4b20 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/tuli matrix_mautrix_twitter_version: latest # See: https://mau.dev/tulir/mautrix-twitter/container_registry -matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}tulir/mautrix-twitter:{{ matrix_mautrix_twitter_version }}" +matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}" matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}" matrix_mautrix_twitter_docker_image_force_pull: "{{ matrix_mautrix_twitter_docker_image.endswith(':latest') }}" From 2430c14869697148ebfc3b4442b77677b78cbe57 Mon Sep 17 00:00:00 2001 From: sakkiii Date: Thu, 16 Dec 2021 22:33:23 +0530 Subject: [PATCH 10/30] Create ansible-lint.yml avoiding common pitfalls that can easily lead to bugs or make code harder to maintain --- .github/workflows/ansible-lint.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/ansible-lint.yml diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml new file mode 100644 index 00000000..ec7fddef --- /dev/null +++ b/.github/workflows/ansible-lint.yml @@ -0,0 +1,19 @@ +name: Ansible Lint + +on: [push, pull_request] + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Lint Ansible Playbook + uses: ansible/ansible-lint-action@master + with: + # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) + targets: "./" + + args: "-x metadata, formatting" From 45119ea9dfbba2df79c01ec0d2ba09f001c0e23d Mon Sep 17 00:00:00 2001 From: Alexander Bersenev Date: Fri, 17 Dec 2021 05:47:47 +0500 Subject: [PATCH 11/30] Remove a space from XMPP_INTERNAL_MUC_DOMAIN The domain is invalid with space, so it shouldn't be here --- roles/matrix-jitsi/templates/jvb/env.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-jitsi/templates/jvb/env.j2 b/roles/matrix-jitsi/templates/jvb/env.j2 index 43569268..41d343b3 100644 --- a/roles/matrix-jitsi/templates/jvb/env.j2 +++ b/roles/matrix-jitsi/templates/jvb/env.j2 @@ -25,7 +25,7 @@ COLIBRI_REST_ENABLED SHUTDOWN_REST_ENABLED TZ={{ matrix_jitsi_timezone }} XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }} -XMPP_INTERNAL_MUC_DOMAIN= {{ matrix_jitsi_xmpp_internal_muc_domain }} +XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }} XMPP_SERVER={{ matrix_jitsi_xmpp_server }} {{ matrix_jitsi_jvb_environment_variables_extension }} From 4625b34acca15f1403709e9e203802d57e49f92c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 17 Dec 2021 17:18:18 +0200 Subject: [PATCH 12/30] Fix failure trying to stop orphaned systemd services Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1461 --- roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml b/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml index 4a90bfa6..d0440d22 100644 --- a/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml +++ b/roles/matrix-synapse/tasks/synapse/workers/setup_uninstall.yml @@ -8,6 +8,7 @@ name: "{{ item.key }}" state: stopped with_dict: "{{ ansible_facts.services|default({})|dict2items|selectattr('key', 'match', 'matrix-synapse-worker-.+\\.service')|list|items2dict }}" + when: "item.value['status'] != 'not-found'" # see https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1461 - name: Find worker configs to be cleaned find: From fa704f104bf9c9f0df07fd3297e371d030c58dfb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 17 Dec 2021 17:30:21 +0200 Subject: [PATCH 13/30] Add support for using custom ACME CA servers (other than Let's Encrypt') Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1468 --- roles/matrix-nginx-proxy/defaults/main.yml | 7 +++++++ .../tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml | 2 ++ 2 files changed, 9 insertions(+) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index a2a2a6b9..a2584ec7 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -442,7 +442,14 @@ matrix_ssl_domains_to_obtain_certificates_for: "{{ matrix_ssl_additional_domains matrix_ssl_additional_domains_to_obtain_certificates_for: [] # Controls whether to obtain production or staging certificates from Let's Encrypt. +# If you'd like to use another ACME certificate server (not Let's Encrypt), see `matrix_ssl_lets_encrypt_server` matrix_ssl_lets_encrypt_staging: false + +# Controls the server used to retrieve the SSL certificates (passed as a `--server` flag to Certbot). +# By default, we use the Let's Encrypt production environment (see `matrix_ssl_lets_encrypt_staging` for using the staging environment). +# Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server +matrix_ssl_lets_encrypt_server: '' + matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.21.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml index 4639f122..d4aab6e4 100644 --- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml +++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml @@ -42,6 +42,7 @@ --non-interactive --work-dir=/tmp --http-01-port 8080 + {% if matrix_ssl_lets_encrypt_server %}--server={{ matrix_ssl_lets_encrypt_server|quote }}{% endif %} {% if matrix_ssl_lets_encrypt_staging %}--staging{% endif %} --standalone --preferred-challenges http @@ -70,6 +71,7 @@ --non-interactive --work-dir=/tmp --http-01-port 8080 + {% if matrix_ssl_lets_encrypt_server %}--server={{ matrix_ssl_lets_encrypt_server|quote }}{% endif %} {% if matrix_ssl_lets_encrypt_staging %}--staging{% endif %} --standalone --preferred-challenges http From afd7f03bb5f541e1e63d48b1ce66e9183b257eca Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Fri, 17 Dec 2021 17:30:40 +0200 Subject: [PATCH 14/30] Minor comment changes --- roles/matrix-nginx-proxy/defaults/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index a2584ec7..7eeb39ff 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -442,11 +442,11 @@ matrix_ssl_domains_to_obtain_certificates_for: "{{ matrix_ssl_additional_domains matrix_ssl_additional_domains_to_obtain_certificates_for: [] # Controls whether to obtain production or staging certificates from Let's Encrypt. -# If you'd like to use another ACME certificate server (not Let's Encrypt), see `matrix_ssl_lets_encrypt_server` +# If you'd like to use another ACME Certificate Authority server (not Let's Encrypt), use `matrix_ssl_lets_encrypt_server` matrix_ssl_lets_encrypt_staging: false -# Controls the server used to retrieve the SSL certificates (passed as a `--server` flag to Certbot). -# By default, we use the Let's Encrypt production environment (see `matrix_ssl_lets_encrypt_staging` for using the staging environment). +# Controls from which Certificate Authority server to retrieve the SSL certificates (passed as a `--server` flag to Certbot). +# By default, we use the Let's Encrypt production environment (use `matrix_ssl_lets_encrypt_staging` for using the staging environment). # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server matrix_ssl_lets_encrypt_server: '' From 0080e4e40944d251c1613c4636a710fdd9ffe2ef Mon Sep 17 00:00:00 2001 From: sakkiii Date: Fri, 17 Dec 2021 21:03:20 +0530 Subject: [PATCH 15/30] Update ansible-lint version to 5.3.1 --- .github/workflows/ansible-lint.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index ec7fddef..32b1b977 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -11,9 +11,12 @@ jobs: - uses: actions/checkout@v2 - name: Lint Ansible Playbook - uses: ansible/ansible-lint-action@master + uses: ansible/ansible-lint-action@c37fb7b4bda2c8cb18f4942716bae9f11b0dc9bc with: # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) targets: "./" + override-deps: | + ansible-lint==5.3.1 + args: "-x metadata, formatting" From e8237ea37e8e51ae19c07b2577647d948ede29eb Mon Sep 17 00:00:00 2001 From: SkepticalWaves Date: Fri, 17 Dec 2021 15:23:44 -0500 Subject: [PATCH 16/30] Update synapse-admin to newest tagged release --- roles/matrix-synapse-admin/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse-admin/defaults/main.yml b/roles/matrix-synapse-admin/defaults/main.yml index 069b6279..6d20d20f 100644 --- a/roles/matrix-synapse-admin/defaults/main.yml +++ b/roles/matrix-synapse-admin/defaults/main.yml @@ -8,7 +8,7 @@ matrix_synapse_admin_container_self_build_repo: "https://github.com/Awesome-Tech matrix_synapse_admin_docker_src_files_path: "{{ matrix_base_data_path }}/synapse-admin/docker-src" -matrix_synapse_admin_version: 0.8.1 +matrix_synapse_admin_version: 0.8.4 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}awesometechnologies/synapse-admin:{{ matrix_synapse_admin_version }}" matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_self_build else matrix_container_global_registry_prefix }}" matrix_synapse_admin_docker_image_force_pull: "{{ matrix_synapse_admin_docker_image.endswith(':latest') }}" From 01b6bba9d7196701c42562e6525518613db55efc Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 18 Dec 2021 14:52:06 +0200 Subject: [PATCH 17/30] Make Synapse's url_preview_accept_language default to 'en-US, en' Related to https://github.com/matrix-org/synapse/issues/11604 Getting an upstream fix is preferable. In any case, it's probably nice to have this defined explicitly in our configuration. This way, people can more easily discover that they can override the URL preview language. --- roles/matrix-synapse/defaults/main.yml | 3 +++ roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 3 +-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index d1d049d5..d2d04841 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -321,6 +321,9 @@ matrix_synapse_push_include_content: true # URLs shared by users. matrix_synapse_url_preview_enabled: true +# A list of values for the Accept-Language HTTP header used when downloading webpages during URL preview generation +matrix_url_preview_accept_language: ['en-US', 'en'] + # Enable exposure of metrics to Prometheus # See https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.md matrix_synapse_metrics_enabled: false diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 1361eb9e..e384853c 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1149,8 +1149,7 @@ max_spider_size: 10M # - fr;q=0.8 # - *;q=0.7 # -url_preview_accept_language: -# - en +url_preview_accept_language: {{ matrix_url_preview_accept_language|to_json }} ## Captcha ## From dad1a23aa85fe11f89d16de6aec7f83a1985d134 Mon Sep 17 00:00:00 2001 From: WobbelTheBear Date: Mon, 20 Dec 2021 17:44:08 +0100 Subject: [PATCH 18/30] Update Element version (v1.9.7 -> v1.9.8) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 28412a26..7853292a 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -7,7 +7,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.9.7 +matrix_client_element_version: v1.9.8 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 06f3b813d617c17d1d93e96dab4ed94ffc5f298d Mon Sep 17 00:00:00 2001 From: Wm Salt Hale Date: Mon, 20 Dec 2021 10:50:05 -0800 Subject: [PATCH 19/30] added .well-known path to Caddy2 example, closes #1442 --- examples/caddy2/Caddyfile | 35 ++++++++++++++++++++++++----------- 1 file changed, 24 insertions(+), 11 deletions(-) diff --git a/examples/caddy2/Caddyfile b/examples/caddy2/Caddyfile index c6d2841b..6370cb01 100644 --- a/examples/caddy2/Caddyfile +++ b/examples/caddy2/Caddyfile @@ -27,6 +27,10 @@ matrix.DOMAIN.tld { not path /matrix/static-files/* } + @wellknown { + path /.well-known/matrix/* + } + header { # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -69,6 +73,15 @@ matrix.DOMAIN.tld { } } + handle @wellknown { + encode zstd gzip + root * /matrix/static-files + header Cache-Control max-age=14400 + header Content-Type application/json + header Access-Control-Allow-Origin * + file_server + } + handle { encode zstd gzip @@ -102,17 +115,17 @@ element.DOMAIN.tld { # tls your@email.com header { - # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS - Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" - # Enable cross-site filter (XSS) and tell browser to block detected attacks - X-XSS-Protection "1; mode=block" - # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type - X-Content-Type-Options "nosniff" - # Disallow the site to be rendered within a frame (clickjacking protection) - X-Frame-Options "DENY" - # X-Robots-Tag - X-Robots-Tag "noindex, noarchive, nofollow" - } + # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS + Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" + # Enable cross-site filter (XSS) and tell browser to block detected attacks + X-XSS-Protection "1; mode=block" + # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type + X-Content-Type-Options "nosniff" + # Disallow the site to be rendered within a frame (clickjacking protection) + X-Frame-Options "DENY" + # X-Robots-Tag + X-Robots-Tag "noindex, noarchive, nofollow" + } handle { encode zstd gzip From 2d49b950064655f62ab133ed958b945e5899bb6b Mon Sep 17 00:00:00 2001 From: array-in-a-matrix Date: Mon, 20 Dec 2021 16:55:15 -0500 Subject: [PATCH 20/30] missing uppercase in bot name --- roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 index db57bd0d..ac14754c 100644 --- a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 @@ -43,7 +43,7 @@ appservice: bot_username: {{ matrix_mautrix_instagram_appservice_bot_username|to_json }} # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty # to leave display name/avatar as-is. - bot_displayname: instagram bridge bot + bot_displayname: Instagram bridge bot bot_avatar: mxc://maunium.net/JxjlbZUlCPULEeHZSwleUXQv # Community ID for bridged users (changes registration file) and rooms. From 87bc9bd146f4e04b8c87be6f4e0a40b685aa21dd Mon Sep 17 00:00:00 2001 From: Shreyas Ajjarapu Date: Mon, 20 Dec 2021 23:36:05 -0600 Subject: [PATCH 21/30] Update validate_config.yml --- .../tasks/validate_config.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml index 4c95f7bf..1c2a52d4 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml @@ -8,3 +8,11 @@ with_items: - "matrix_mautrix_twitter_appservice_token" - "matrix_mautrix_twitter_homeserver_token" + +- name: Fail if required settings not defined + fail: + msg: >- + You need to define a need to set `matrix_mautrix_twitter_database_engine: postgres` and redefine the other `matrix_mautrix_twitter_database_*` variables + when: "vars[item] == ''" + with_items: + - "matrix_mautrix_twitter_database_engine" From 25ced724ace25ec8392ebab220f6094bad842a7d Mon Sep 17 00:00:00 2001 From: Shreyas Ajjarapu Date: Mon, 20 Dec 2021 23:38:54 -0600 Subject: [PATCH 22/30] Update matrix_servers --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index c4caef04..69917747 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -541,7 +541,7 @@ matrix_mautrix_twitter_login_shared_secret: "{{ matrix_synapse_ext_password_prov # We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain # and point them to a migration path. -matrix_mautrix_twitter_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_mautrix_twitter_database_engine: "{{ 'postgres' if matrix_postgres_enabled else '' }}" matrix_mautrix_twitter_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.twt.db') | to_uuid }}" ###################################################################### From 6a9775520baec57e0729e41197dc04e95bf8edb9 Mon Sep 17 00:00:00 2001 From: Shreyas Ajjarapu Date: Tue, 21 Dec 2021 00:13:08 -0600 Subject: [PATCH 23/30] Update validate_config.yml --- roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml index 1c2a52d4..114fd2cf 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml @@ -9,7 +9,7 @@ - "matrix_mautrix_twitter_appservice_token" - "matrix_mautrix_twitter_homeserver_token" -- name: Fail if required settings not defined +- name: Fail if database is not defined fail: msg: >- You need to define a need to set `matrix_mautrix_twitter_database_engine: postgres` and redefine the other `matrix_mautrix_twitter_database_*` variables From cddbb1ffa0bf03ae5eae9f0e506cccded58689f3 Mon Sep 17 00:00:00 2001 From: Shreyas Ajjarapu Date: Tue, 21 Dec 2021 00:27:45 -0600 Subject: [PATCH 24/30] Update config.yaml.j2 --- roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 index 2c10585d..b03c77f4 100644 --- a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -124,10 +124,10 @@ bridge: invite_own_puppet: true # Maximum number of messages to backfill initially. # Set to 0 to disable backfilling when creating portal. - initial_limit: 0 + initial_limit: 100 # If using double puppeting, should notifications be disabled # while the initial backfill is in progress? - disable_notifications: false + disable_notifications: true # End-to-bridge encryption support options. You must install the e2be optional dependency for # this to work. See https://github.com/tulir/mautrix-telegram/wiki/End‐to‐bridge-encryption encryption: From 3509f648af5f03e0a8c0e1ed3e5682725f03576e Mon Sep 17 00:00:00 2001 From: Shreyas Ajjarapu Date: Tue, 21 Dec 2021 00:28:55 -0600 Subject: [PATCH 25/30] Update config.yaml.j2 --- roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 index db57bd0d..760d6162 100644 --- a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 @@ -132,7 +132,7 @@ bridge: missed_limit: 1000 # If using double puppeting, should notifications be disabled # while the initial backfill is in progress? - disable_notifications: false + disable_notifications: true periodic_reconnect: # Interval in seconds in which to automatically reconnect all users. # This can be used to automatically mitigate the bug where Instagram stops sending messages. From 6c9f6c28deb86fea74fa9432ee028bda2575ff96 Mon Sep 17 00:00:00 2001 From: Catalan Lover <48515417+FSG-Cat@users.noreply.github.com> Date: Tue, 21 Dec 2021 14:15:13 +0100 Subject: [PATCH 26/30] Update Synapse from 1.49.0 to 1.49.1 This update fixes a sync issue that would cause some users to experience sync issues that could cause initial sync to completely fail. --- roles/matrix-synapse/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index d2d04841..2d030b7d 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont # amd64 gets released first. # arm32 relies on self-building, so the same version can be built immediately. # arm64 users need to wait for a prebuilt image to become available. -matrix_synapse_version: v1.49.0 -matrix_synapse_version_arm64: v1.49.0 +matrix_synapse_version: v1.49.1 +matrix_synapse_version_arm64: v1.49.1 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From eb0c332f807ebe383d39ca7182fc8e13ab80aeb2 Mon Sep 17 00:00:00 2001 From: Catalan Lover <48515417+FSG-Cat@users.noreply.github.com> Date: Tue, 21 Dec 2021 19:29:56 +0100 Subject: [PATCH 27/30] Update Synapse Version from 1.49.1 to 1.49.2 This upgrade is technically not needed due to 1.49.1 and 1.49.2 being identical with a lone fix to Debian packaging being the only change. Still some might want us to be on the absolutely latest version even tho these 2 are practically identical. ARM64 has yet to be built so this has to wait for that before merge. --- roles/matrix-synapse/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 2d030b7d..4e69ecd7 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -15,8 +15,8 @@ matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_cont # amd64 gets released first. # arm32 relies on self-building, so the same version can be built immediately. # arm64 users need to wait for a prebuilt image to become available. -matrix_synapse_version: v1.49.1 -matrix_synapse_version_arm64: v1.49.1 +matrix_synapse_version: v1.49.2 +matrix_synapse_version_arm64: v1.49.2 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version if matrix_architecture in ['arm32', 'amd64'] else matrix_synapse_version_arm64 }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From ed0fcd618cf4d17c94394e4a787b3481a27c9f1d Mon Sep 17 00:00:00 2001 From: Shreyas Ajjarapu Date: Tue, 21 Dec 2021 21:37:09 -0600 Subject: [PATCH 28/30] Update config.yaml.j2 --- roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 index b03c77f4..9bfa3123 100644 --- a/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2 @@ -124,7 +124,7 @@ bridge: invite_own_puppet: true # Maximum number of messages to backfill initially. # Set to 0 to disable backfilling when creating portal. - initial_limit: 100 + initial_limit: 0 # If using double puppeting, should notifications be disabled # while the initial backfill is in progress? disable_notifications: true From f6f81a85de3c03c2db7534171e389deb09c1360a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 22 Dec 2021 15:27:35 +0200 Subject: [PATCH 29/30] Enable notifications during backfill .. as per the default bridge config. Source: https://github.com/mautrix/twitter/blob/f848710c01a75f4357508552fa63499cba2839e4/mautrix_twitter/example-config.yamll#L147 --- roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 index cea15748..ac14754c 100644 --- a/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2 @@ -132,7 +132,7 @@ bridge: missed_limit: 1000 # If using double puppeting, should notifications be disabled # while the initial backfill is in progress? - disable_notifications: true + disable_notifications: false periodic_reconnect: # Interval in seconds in which to automatically reconnect all users. # This can be used to automatically mitigate the bug where Instagram stops sending messages. From e834a69e60cfa383d26426ec0631a201a3c64656 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 22 Dec 2021 15:53:53 +0200 Subject: [PATCH 30/30] Announce mautrix-twitter support Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1478 --- CHANGELOG.md | 7 +++++++ docs/configuring-playbook-bridge-mautrix-twitter.md | 2 ++ docs/configuring-playbook-bridge-mx-puppet-twitter.md | 2 ++ 3 files changed, 11 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a6d15b96..1d7331e9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +# 2021-12-22 + +## Twitter bridging support via mautrix-twitter + +Thanks to [Matthew Cengia](https://github.com/mattcen) and [Shreyas Ajjarapu](https://github.com/shreyasajj), besides [mx-puppet-twitter](docs/configuring-playbook-bridge-mx-puppet-twitter.md), bridging to [Twitter](https://twitter.com/) can now also happen with [mautrix-twitter](docs/configuring-playbook-bridge-mautrix-twitter.md). + + # 2021-12-14 ## (Security) Users of the Signal bridge may wish to upgrade it to work around log4j vulnerability diff --git a/docs/configuring-playbook-bridge-mautrix-twitter.md b/docs/configuring-playbook-bridge-mautrix-twitter.md index cfc14506..93eb8901 100644 --- a/docs/configuring-playbook-bridge-mautrix-twitter.md +++ b/docs/configuring-playbook-bridge-mautrix-twitter.md @@ -1,5 +1,7 @@ # Setting up Mautrix Twitter (optional) +**Note**: bridging to [Twitter](https://twitter.com/) can also happen via the [mx-puppet-twitter](configuring-playbook-bridge-mx-puppet-twitter.md) bridge supported by the playbook. + The playbook can install and configure [mautrix-twitter](https://github.com/tulir/mautrix-twitter) for you. See the project's [documentation](https://github.com/tulir/mautrix-twitter/wiki#usage) to learn what it does and why it might be useful to you. diff --git a/docs/configuring-playbook-bridge-mx-puppet-twitter.md b/docs/configuring-playbook-bridge-mx-puppet-twitter.md index dd2c9c12..cd3dd39c 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-twitter.md +++ b/docs/configuring-playbook-bridge-mx-puppet-twitter.md @@ -1,5 +1,7 @@ # Setting up MX Puppet Twitter (optional) +**Note**: bridging to [Twitter](https://twitter.com/) can also happen via the [mautrix-twitter](configuring-playbook-bridge-mautrix-twitter.md) bridge supported by the playbook. + The playbook can install and configure [mx-puppet-twitter](https://github.com/Sorunome/mx-puppet-twitter) for you.