From 8370ee0647d9420f6e0bd59d7d2e0df6d334ffe5 Mon Sep 17 00:00:00 2001 From: Panagiotis Vasilopoulos Date: Sun, 4 Oct 2020 19:28:22 +0000 Subject: [PATCH 01/21] caddy2: removed unknown tls directive --- examples/caddy2/Caddyfile | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/examples/caddy2/Caddyfile b/examples/caddy2/Caddyfile index 55fca3fd..1438a50b 100644 --- a/examples/caddy2/Caddyfile +++ b/examples/caddy2/Caddyfile @@ -1,7 +1,4 @@ matrix.DOMAIN.tld { - - tls {$CADDY_TLS} - @identity { path /_matrix/identity/* } @@ -97,10 +94,7 @@ matrix.DOMAIN.tld:8448 { } dimension.DOMAIN.tld { - - tls {$CADDY_TLS} - - header { +header { # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" # Enable cross-site filter (XSS) and tell browser to block detected attacks @@ -127,9 +121,6 @@ dimension.DOMAIN.tld { } element.DOMAIN.tld { - - tls {$CADDY_TLS} - header { # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" @@ -153,4 +144,4 @@ element.DOMAIN.tld { header_up X-Forwarded-TlsCipher {tls_cipher} header_up X-Forwarded-HttpsProto {proto} } -} \ No newline at end of file +} From 1f9c173a7ec3cb071f6857c59a6ef6c619cc9702 Mon Sep 17 00:00:00 2001 From: dhose <4066579+dhose@users.noreply.github.com> Date: Tue, 6 Oct 2020 11:42:32 +0200 Subject: [PATCH 02/21] Adding '.python-version' to .gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index d6068088..36c65bda 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ !/inventory/scripts /roles/*/files/scratchpad .DS_Store +.python-version From 6a72e3fa540edb9ef427b4ab804ef5aeb6e28a7d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 7 Oct 2020 08:54:46 +0300 Subject: [PATCH 03/21] Try to make importing SQLite from older Synapse version work If the SQLite database was from an older version of Synapse, it appears that Synapse would try to run migrations on it first, before importing. This was failing, because the file wasn't writable. Hopefully, this fixes the problem. --- roles/matrix-postgres/tasks/import_sqlite_db.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-postgres/tasks/import_sqlite_db.yml b/roles/matrix-postgres/tasks/import_sqlite_db.yml index fe0deba8..c877ead4 100644 --- a/roles/matrix-postgres/tasks/import_sqlite_db.yml +++ b/roles/matrix-postgres/tasks/import_sqlite_db.yml @@ -81,6 +81,6 @@ --entrypoint=python -v {{ matrix_synapse_config_dir_path }}:/data -v {{ matrix_synapse_config_dir_path }}:/matrix-media-store-parent/media-store - -v {{ server_path_homeserver_db }}:/{{ server_path_homeserver_db|basename }}:ro + -v {{ server_path_homeserver_db }}:/{{ server_path_homeserver_db|basename }} {{ matrix_synapse_docker_image }} /usr/local/bin/synapse_port_db --sqlite-database /{{ server_path_homeserver_db|basename }} --postgres-config /data/homeserver.yaml From 898f319e1175fc5b77bf36c6338dd25daf0fb831 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 7 Oct 2020 09:06:59 +0300 Subject: [PATCH 04/21] Add additional notice to SQLite importing docs --- docs/importing-sqlite.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/importing-sqlite.md b/docs/importing-sqlite.md index cb30d098..9e3a910d 100644 --- a/docs/importing-sqlite.md +++ b/docs/importing-sqlite.md @@ -20,4 +20,7 @@ Run this command (make sure to replace `` with a f ansible-playbook -i inventory/hosts setup.yml --extra-vars='server_path_homeserver_db=' --tags=import-sqlite-db -**Note**: `` must be a file path to a `homeserver.db` file on the server (not on your local machine!). +**Notes**: + +- `` must be a file path to a `homeserver.db` **file on the server** (not on your local machine!). +- if the SQLite database is from an older version of Synapse, the **importing procedure may run migrations on it to bring it up to date**. That is, your SQLite database file may get modified and become unusable with your older Synapse version. Keeping a copy of the original is probably wise. From 1a9cafa3a33387f2c32eb736e6a4665dd87a177e Mon Sep 17 00:00:00 2001 From: Fanch Date: Sat, 10 Oct 2020 04:11:26 +0200 Subject: [PATCH 05/21] add run-docker-prune command --- roles/matrix-common-after/tasks/main.yml | 4 ++++ roles/matrix-common-after/tasks/run_docker_prune.yml | 4 ++++ 2 files changed, 8 insertions(+) create mode 100644 roles/matrix-common-after/tasks/run_docker_prune.yml diff --git a/roles/matrix-common-after/tasks/main.yml b/roles/matrix-common-after/tasks/main.yml index 197ab6a9..d77d56a1 100644 --- a/roles/matrix-common-after/tasks/main.yml +++ b/roles/matrix-common-after/tasks/main.yml @@ -11,3 +11,7 @@ - import_tasks: "{{ role_path }}/tasks/dump_runtime_results.yml" tags: - always + +- import_tasks: "{{ role_path }}/tasks/run_docker_prune.yml" + tags: + - run-docker-prune diff --git a/roles/matrix-common-after/tasks/run_docker_prune.yml b/roles/matrix-common-after/tasks/run_docker_prune.yml new file mode 100644 index 00000000..a7e35a03 --- /dev/null +++ b/roles/matrix-common-after/tasks/run_docker_prune.yml @@ -0,0 +1,4 @@ +--- + +- name: Run Docker System Prune + command: "{{ matrix_host_command_docker }} system prune -a -f" From 4d5068e283e9bab4dfedfd51e1357a6775126960 Mon Sep 17 00:00:00 2001 From: Fanch Date: Sat, 10 Oct 2020 14:27:07 +0200 Subject: [PATCH 06/21] add some doc about the run-docker-prune tag --- docs/maintenance-and-troubleshooting.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docs/maintenance-and-troubleshooting.md b/docs/maintenance-and-troubleshooting.md index bccf3e2e..ae90fba2 100644 --- a/docs/maintenance-and-troubleshooting.md +++ b/docs/maintenance-and-troubleshooting.md @@ -33,6 +33,12 @@ matrix_synapse_root_log_level: "INFO" Re-run the playbook after making these configuration changes. +## Remove unused Docker data + +You can free some disk space from Docker, see [docker system prune](https://docs.docker.com/engine/reference/commandline/system_prune/) for more information. +```bash +ansible-playbook -i inventory/hosts setup.yml --tags=run-docker-prune +``` ## Postgres From 78529cbd47544f8dd3a452eda4f749256315f359 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Mon, 12 Oct 2020 23:59:34 -0500 Subject: [PATCH 07/21] Upgrade Synapse (v1.20.1 -> v1.21.0) --- roles/matrix-synapse/defaults/main.yml | 2 +- .../templates/synapse/homeserver.yaml.j2 | 121 ++++++++++++++++-- 2 files changed, 113 insertions(+), 10 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index bd8d2be9..1bc04bc6 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -5,7 +5,7 @@ matrix_synapse_enabled: true matrix_synapse_container_image_self_build: false -matrix_synapse_docker_image: "matrixdotorg/synapse:v1.20.1" +matrix_synapse_docker_image: "matrixdotorg/synapse:v1.21.0" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index e687a500..f58f34f8 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -9,10 +9,23 @@ ## Server ## -# The domain name of the server, with optional explicit port. -# This is used by remote servers to connect to this server, -# e.g. matrix.org, localhost:8080, etc. -# This is also the last part of your UserID. +# The public-facing domain of the server +# +# The server_name name will appear at the end of usernames and room addresses +# created on this server. For example if the server_name was example.com, +# usernames on this server would be in the format @user:example.com +# +# In most cases you should avoid using a matrix specific subdomain such as +# matrix.example.com or synapse.example.com as the server_name for the same +# reasons you wouldn't use user@email.example.com as your email address. +# See https://github.com/matrix-org/synapse/blob/master/docs/delegate.md +# for information on how to host Synapse on a subdomain while preserving +# a clean server_name. +# +# The server_name cannot be changed later so it is important to +# configure this correctly before you start Synapse. It should be all +# lowercase and may contain an explicit port. +# Examples: matrix.org, localhost:8080 # server_name: "{{ matrix_domain }}" @@ -107,7 +120,6 @@ default_room_version: {{ matrix_synapse_default_room_version|to_json }} # #enable_search: false - # List of ports that Synapse should listen on, their purpose and their # configuration. # @@ -389,6 +401,12 @@ retention: # 'longest_max_lifetime' of '3d' will handle every room with a retention policy # which 'max_lifetime' is lower than or equal to three days. # + # The rationale for this per-job configuration is that some rooms might have a + # retention policy with a low 'max_lifetime', where history needs to be purged + # of outdated messages on a more frequent basis than for the rest of the rooms + # (e.g. every 12h), but not want that purge to be performed by a job that's + # iterating over every room it knows, which could be heavy on the server. + # # If any purge job is configured, it is strongly recommended to have at least # a single job with neither 'shortest_max_lifetime' nor 'longest_max_lifetime' # set, or one job without 'shortest_max_lifetime' and one job without @@ -414,6 +432,24 @@ retention: # #request_token_inhibit_3pid_errors: true +# A list of domains that the domain portion of 'next_link' parameters +# must match. +# +# This parameter is optionally provided by clients while requesting +# validation of an email or phone number, and maps to a link that +# users will be automatically redirected to after validation +# succeeds. Clients can make use this parameter to aid the validation +# process. +# +# The whitelist is applied whether the homeserver or an +# identity server is handling validation. +# +# The default value is no whitelist functionality; all domains are +# allowed. Setting this value to an empty list will instead disallow +# all domains. +# +#next_link_domain_whitelist: ["matrix.org"] + ## TLS ## @@ -580,6 +616,7 @@ acme: #tls_fingerprints: [{"sha256": ""}] +## Federation ## # Restrict federation to the following whitelist of domains. # N.B. we recommend also firewalling your federation listener to limit @@ -617,6 +654,17 @@ federation_ip_range_blacklist: - 'fe80::/64' - 'fc00::/7' +# Report prometheus metrics on the age of PDUs being sent to and received from +# the following domains. This can be used to give an idea of "delay" on inbound +# and outbound federation, though be aware that any delay can be due to problems +# at either end or with the intermediate network. +# +# By default, no domains are monitored in this way. +# +#federation_metrics_domains: +# - matrix.org +# - example.com + ## Caching ## @@ -662,6 +710,7 @@ caches: per_cache_factors: #get_users_who_share_room_with_user: 2.0 + ## Database ## database: @@ -1074,6 +1123,17 @@ account_validity: # #invalid_token_html_path: "invalid_token.html" +# Time that a user's session remains valid for, after they log in. +# +# Note that this is not currently compatible with guest logins. +# +# Note also that this is calculated at login time: changes are not applied +# retrospectively to users who have already logged in. +# +# By default, this is infinite. +# +#session_lifetime: 24h + # The user must provide all of the below types of 3PID when registering. # #registrations_require_3pid: @@ -1427,11 +1487,14 @@ trusted_key_servers: {{ matrix_synapse_trusted_key_servers|to_json }} # At least one of `sp_config` or `config_path` must be set in this section to # enable SAML login. # -# (You will probably also want to set the following options to `false` to +# You will probably also want to set the following options to `false` to # disable the regular login/registration flows: # * enable_registration # * password_config.enabled # +# You will also want to investigate the settings under the "sso" configuration +# section below. +# # Once SAML support is enabled, a metadata file will be exposed at # https://:/_matrix/saml2/metadata.xml, which you may be able to # use to configure your SAML IdP with. Alternatively, you can manually configure @@ -1653,6 +1716,19 @@ oidc_config: # #skip_verification: true + # Whether to fetch the user profile from the userinfo endpoint. Valid + # values are: "auto" or "userinfo_endpoint". + # + # Defaults to "auto", which fetches the userinfo endpoint if "openid" is included + # in `scopes`. Uncomment the following to always fetch the userinfo endpoint. + # + #user_profile_method: "userinfo_endpoint" + + # Uncomment to allow a user logging in via OIDC to match a pre-existing account instead + # of failing. This could be used if switching from password logins to OIDC. Defaults to false. + # + #allow_existing_users: true + # An external module can be provided here as a custom solution to mapping # attributes returned from a OIDC provider onto a matrix user. # @@ -1830,6 +1906,24 @@ sso: # #algorithm: "provided-by-your-issuer" + # The issuer to validate the "iss" claim against. + # + # Optional, if provided the "iss" claim will be required and + # validated for all JSON web tokens. + # + #issuer: "provided-by-your-issuer" + + # A list of audiences to validate the "aud" claim against. + # + # Optional, if provided the "aud" claim will be required and + # validated for all JSON web tokens. + # + # Note that if the "aud" claim is included in a JSON web token then + # validation will fail without configuring audiences. + # + #audiences: + # - "provided-by-your-issuer" + password_config: # Uncomment to disable password login @@ -1936,9 +2030,13 @@ email: # * The contents of password reset emails sent by the homeserver: # 'password_reset.html' and 'password_reset.txt' # - # * HTML pages for success and failure that a user will see when they follow - # the link in the password reset email: 'password_reset_success.html' and - # 'password_reset_failure.html' + # * An HTML page that a user will see when they follow the link in the password + # reset email. The user will be asked to confirm the action before their + # password is reset: 'password_reset_confirmation.html' + # + # * HTML pages for success and failure that a user will see when they confirm + # the password reset flow using the page above: 'password_reset_success.html' + # and 'password_reset_failure.html' # # * The contents of address verification emails sent during registration: # 'registration.html' and 'registration.txt' @@ -2417,6 +2515,11 @@ opentracing: # events: worker1 # typing: worker1 +# The worker that is used to run background tasks (e.g. cleaning up expired +# data). If not provided this defaults to the main process. +# +#run_background_tasks_on: worker1 + # Configuration for Redis when using workers. This *must* be enabled when # using workers (unless using old style direct TCP configuration). From d250727e8baf7e5e71fa6a6b1c6ce0b119ab7924 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 13 Oct 2020 09:44:32 +0300 Subject: [PATCH 08/21] Upgrade certbot (1.7.0 -> 1.9.0) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 8ba0c532..3b9dd60b 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -227,7 +227,7 @@ matrix_ssl_domains_to_obtain_certificates_for: [] # Controls whether to obtain production or staging certificates from Let's Encrypt. matrix_ssl_lets_encrypt_staging: false -matrix_ssl_lets_encrypt_certbot_docker_image: "certbot/certbot:{{ matrix_ssl_architecture }}-v1.7.0" +matrix_ssl_lets_encrypt_certbot_docker_image: "certbot/certbot:{{ matrix_ssl_architecture }}-v1.9.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 matrix_ssl_lets_encrypt_support_email: ~ From 5abd51136864106ea151519fc31c1e153d8fc69c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 13 Oct 2020 13:08:25 +0300 Subject: [PATCH 09/21] Upgrade Synapse (v1.21.0 -> v1.21.1) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 1bc04bc6..43808e49 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -5,7 +5,7 @@ matrix_synapse_enabled: true matrix_synapse_container_image_self_build: false -matrix_synapse_docker_image: "matrixdotorg/synapse:v1.21.0" +matrix_synapse_docker_image: "matrixdotorg/synapse:v1.21.1" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" From fa5d85426b052884d7edbc5e50f102fffe48deed Mon Sep 17 00:00:00 2001 From: Scott Crossen Date: Tue, 13 Oct 2020 16:35:41 -0700 Subject: [PATCH 10/21] Renamed systemd descriptions for all bridges --- .../templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 | 2 +- .../templates/systemd/matrix-appservice-discord.service.j2 | 2 +- .../templates/systemd/matrix-appservice-irc.service.j2 | 2 +- .../templates/systemd/matrix-appservice-slack.service.j2 | 2 +- .../templates/systemd/matrix-appservice-webhooks.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-facebook.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-hangouts.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-telegram.service.j2 | 2 +- .../templates/systemd/matrix-mautrix-whatsapp.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-discord.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-instagram.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-skype.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-slack.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-steam.service.j2 | 2 +- .../templates/systemd/matrix-mx-puppet-twitter.service.j2 | 2 +- .../templates/systemd/matrix-sms-bridge-database.service.j2 | 2 +- .../templates/systemd/matrix-sms-bridge.service.j2 | 2 +- 17 files changed, 17 insertions(+), 17 deletions(-) diff --git a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 b/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 index 4220e6cc..0decac02 100644 --- a/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 +++ b/roles/matrix-bot-matrix-reminder-bot/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=matrix-reminder-bot +Description=Matrix reminder bot {% for service in matrix_bot_matrix_reminder_bot_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 b/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 index d512cd88..f2187ca3 100644 --- a/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 +++ b/roles/matrix-bridge-appservice-discord/templates/systemd/matrix-appservice-discord.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Appservice Discord server +Description=Matrix Appservice Discord bridge {% for service in matrix_appservice_discord_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 b/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 index aa6141d6..95638612 100644 --- a/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 +++ b/roles/matrix-bridge-appservice-irc/templates/systemd/matrix-appservice-irc.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Appservice IRC server +Description=Matrix Appservice IRC bridge {% for service in matrix_appservice_irc_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 b/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 index de773ff9..1c68294f 100644 --- a/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 +++ b/roles/matrix-bridge-appservice-slack/templates/systemd/matrix-appservice-slack.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Appservice Slack server +Description=Matrix Appservice Slack bridge {% for service in matrix_appservice_slack_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 b/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 index b05f8a27..08f5813f 100644 --- a/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 +++ b/roles/matrix-bridge-appservice-webhooks/templates/systemd/matrix-appservice-webhooks.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Appservice webhooks server +Description=Matrix Appservice webhooks bridge {% for service in matrix_appservice_webhooks_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 b/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 index 444423c1..b593a2e3 100644 --- a/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 +++ b/roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mautrix Facebook server +Description=Matrix Mautrix Facebook bridge {% for service in matrix_mautrix_facebook_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 b/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 index dc6ffda0..58433982 100644 --- a/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 +++ b/roles/matrix-bridge-mautrix-hangouts/templates/systemd/matrix-mautrix-hangouts.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mautrix Hangouts server +Description=Matrix Mautrix Hangouts bridge {% for service in matrix_mautrix_hangouts_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 index b0b4f643..c0fb8938 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mautrix Telegram server +Description=Matrix Mautrix Telegram bridge {% for service in matrix_mautrix_telegram_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 index 7dd25140..ac2b961e 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/systemd/matrix-mautrix-whatsapp.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mautrix Whatsapp server +Description=Matrix Mautrix Whatsapp bridge {% for service in matrix_mautrix_whatsapp_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index e26128ef..78737a17 100644 --- a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mx Puppet Discord server +Description=Matrix Mx Puppet Discord bridge {% for service in matrix_mx_puppet_discord_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 b/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 index b94c399a..81e3e081 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 +++ b/roles/matrix-bridge-mx-puppet-instagram/templates/systemd/matrix-mx-puppet-instagram.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mx Puppet Instagram server +Description=Matrix Mx Puppet Instagram bridge {% for service in matrix_mx_puppet_instagram_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 index a6860b69..8a46cb25 100644 --- a/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 +++ b/roles/matrix-bridge-mx-puppet-skype/templates/systemd/matrix-mx-puppet-skype.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mx Puppet Skype server +Description=Matrix Mx Puppet Skype bridge {% for service in matrix_mx_puppet_skype_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 b/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 index 3ce0e18b..23c2504f 100644 --- a/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 +++ b/roles/matrix-bridge-mx-puppet-slack/templates/systemd/matrix-mx-puppet-slack.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mx Puppet Slack server +Description=Matrix Mx Puppet Slack bridge {% for service in matrix_mx_puppet_slack_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 b/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 index 53518d42..986c5d2c 100644 --- a/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 +++ b/roles/matrix-bridge-mx-puppet-steam/templates/systemd/matrix-mx-puppet-steam.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mx Puppet Steam server +Description=Matrix Mx Puppet Steam bridge {% for service in matrix_mx_puppet_steam_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 b/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 index 9245f02b..6afb6fb4 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 +++ b/roles/matrix-bridge-mx-puppet-twitter/templates/systemd/matrix-mx-puppet-twitter.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=Matrix Mx Puppet Twitter server +Description=Matrix Mx Puppet Twitter bridge {% for service in matrix_mx_puppet_twitter_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge-database.service.j2 b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge-database.service.j2 index e2cad164..c9bb0343 100644 --- a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge-database.service.j2 +++ b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge-database.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=matrix-sms-bridge-database server +Description=Matrix sms bridge database {% for service in matrix_sms_bridge_database_systemd_required_services_list %} Requires={{ service }} After={{ service }} diff --git a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 index 7bf91700..7cab3742 100644 --- a/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 +++ b/roles/matrix-bridge-sms/templates/systemd/matrix-sms-bridge.service.j2 @@ -1,6 +1,6 @@ #jinja2: lstrip_blocks: "True" [Unit] -Description=matrix-sms-bridge server +Description=Matrix sms bridge {% for service in matrix_sms_bridge_systemd_required_services_list %} Requires={{ service }} After={{ service }} From b65bfc38ce499e3b3ad21e146dcb86e1c4e60c34 Mon Sep 17 00:00:00 2001 From: Dan Arnfield Date: Wed, 14 Oct 2020 06:23:33 -0500 Subject: [PATCH 11/21] Update nginx (1.19.2 -> 1.19.3) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 3b9dd60b..643d723e 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -3,7 +3,7 @@ matrix_nginx_proxy_enabled: true # We use an official nginx image, which we fix-up to run unprivileged. # An alternative would be an `nginxinc/nginx-unprivileged` image, but # that is frequently out of date. -matrix_nginx_proxy_docker_image: "nginx:1.19.2-alpine" +matrix_nginx_proxy_docker_image: "nginx:1.19.3-alpine" matrix_nginx_proxy_docker_image_force_pull: "{{ matrix_nginx_proxy_docker_image.endswith(':latest') }}" matrix_nginx_proxy_base_path: "{{ matrix_base_data_path }}/nginx-proxy" From 640166e4c307e59d79720aac9efe2ee8572cdcf7 Mon Sep 17 00:00:00 2001 From: jgbresson Date: Thu, 15 Oct 2020 00:09:54 -0400 Subject: [PATCH 12/21] Upgrade Element (1.7.8 -> 1.7.9) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 5219bcc3..a864244a 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -2,7 +2,7 @@ matrix_client_element_enabled: true matrix_client_element_container_image_self_build: false -matrix_client_element_docker_image: "vectorim/riot-web:v1.7.8" +matrix_client_element_docker_image: "vectorim/riot-web:v1.7.9" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" matrix_client_element_data_path: "{{ matrix_base_data_path }}/client-element" From 3fd198e89a6be52325d09aa775cfacd8b3df03ed Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Oct 2020 11:34:50 +0300 Subject: [PATCH 13/21] Add notes about running Ansible on Ubuntu 20.04 Discussed in #669 (Github Issue). --- docs/ansible.md | 2 ++ docs/prerequisites.md | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/docs/ansible.md b/docs/ansible.md index 1ac08b5f..776147bd 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -11,6 +11,8 @@ If your local computer cannot run Ansible, you can also run Ansible on some serv Ansible 2.7.0 or newer is required. +Ubuntu (at least 20.04) ships with a buggy version (see this [bug](https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/1880359)), which can't be used in combination with a host running new systemd (more detaisl in [#517](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/517), [#669]([669](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/669))). If this problem affects you, you can: avoid running Ubuntu 20.04 on your host; run Ansible from another machine targeting your host; or try to upgrade to a newer Ansible version (see below). + ## Checking your Ansible version diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 5f551eb4..4356081b 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -1,6 +1,12 @@ # Prerequisites -- An x86 server running **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)), **Debian** (9/Stretch+), **Ubuntu** (16.04+), or **Archlinux**. This playbook doesn't support running on ARM ([see](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Alternative Architectures](alternative-architectures.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. +- An **x86** server running one of these operating systems: + - **CentOS** (7 only for now; [8 is not yet supported](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/300)) + - **Debian** (9/Stretch+) + - **Ubuntu** (16.04+, although [20.04 may be problematic](ansible.md#supported-ansible-versions)) + - **Archlinux** + +This playbook doesn't support running on ARM (see [this issue](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/299)), however a minimal subset of the tools can be built on the host, which may result in a working configuration, even on a Raspberry pi (see [Alternative Architectures](alternative-architectures.md)). We only strive to support released stable versions of distributions, not betas or pre-releases. This playbook can take over your whole server or co-exist with other services that you have there. - `root` access to your server (or a user capable of elevating to `root` via `sudo`). From f7ecc7a2a5e849420685eaa6b9d0ce010e3533f7 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 15 Oct 2020 17:42:52 +0300 Subject: [PATCH 14/21] Upgrade Synapse (v1.21.1 -> v1.21.2) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 43808e49..fd8eaa52 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -5,7 +5,7 @@ matrix_synapse_enabled: true matrix_synapse_container_image_self_build: false -matrix_synapse_docker_image: "matrixdotorg/synapse:v1.21.1" +matrix_synapse_docker_image: "matrixdotorg/synapse:v1.21.2" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" matrix_synapse_base_path: "{{ matrix_base_data_path }}/synapse" From 48f929dc918d277b7ea44b1e8afe385326e46cb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 00:32:00 +0200 Subject: [PATCH 15/21] add variables for secure_backup_required and secure_backup_setup_methods --- roles/matrix-base/defaults/main.yml | 10 ++++++++ .../static-files/well-known/matrix-client.j2 | 25 +++++++++++++++---- 2 files changed, 30 insertions(+), 5 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 3fbbd76e..5bd10014 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -67,6 +67,16 @@ matrix_client_element_jitsi_preferredDomain: '' # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md matrix_client_element_e2ee_default: true +# Controls whether Element should require a secure backup set up before Element can be used. +# Setting this to true will update `/.well-known/matrix/client` and tell Element require a secure backup. +# See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md +matrix_client_element_e2ee_backup_required: false + +# Controls which backup methods from ["key", "passphrase"] should be used, both is the default. +# Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use +# See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md +matrix_client_element_e2ee_backup_methods: [] + # The Docker network that all services would be put into matrix_docker_network: "matrix" diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index 6dc5ff23..b1879d92 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -26,12 +26,27 @@ "preferredDomain": {{ matrix_client_element_jitsi_preferredDomain|to_json }} } {% endif %} - {% if not matrix_client_element_e2ee_default %}, - "io.element.e2ee": { - "default": false + , + "io.element.e2ee": { + {% if not matrix_client_element_e2ee_default %} + "default": false + {% else %} + "default": true + {% endif %} + {% if matrix_client_element_e2ee_backup_required %}, + "secure_backup_required": true + {% else %} + "secure_backup_required": false + {% endif %} + {% if matrix_client_element_e2ee_backup_methods %}, + "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} + {% endif %} }, "im.vector.riot.e2ee": { - "default": false + {% if not matrix_client_element_e2ee_default %} + "default": false + {% else %} + "default": true + {% endif %} } - {% endif %} } From 65992043347f8ed0451aa1ae29ddd3d37c6730be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:20:22 +0200 Subject: [PATCH 16/21] fix commata not being set when secure_backup_required false --- .../templates/static-files/well-known/matrix-client.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index b1879d92..14cbe71f 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -29,11 +29,11 @@ , "io.element.e2ee": { {% if not matrix_client_element_e2ee_default %} - "default": false + "default": false, {% else %} - "default": true + "default": true, {% endif %} - {% if matrix_client_element_e2ee_backup_required %}, + {% if matrix_client_element_e2ee_backup_required %} "secure_backup_required": true {% else %} "secure_backup_required": false From 4cfa11275544c447d9c848811535a32dc14a5a02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:44:04 +0200 Subject: [PATCH 17/21] update default backup_methods as proposed by the system anyway --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 5bd10014..cffb7b4a 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -75,7 +75,7 @@ matrix_client_element_e2ee_backup_required: false # Controls which backup methods from ["key", "passphrase"] should be used, both is the default. # Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_methods: [] +matrix_client_element_e2ee_backup_methods: [ "key", "passphrase" ] # The Docker network that all services would be put into matrix_docker_network: "matrix" From 8f7e21892d7facae416b3b4cd36857835fa6428b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:47:37 +0200 Subject: [PATCH 18/21] fix indentation, updated to proposed changes from Slavi: no more ifdef --- .../static-files/well-known/matrix-client.j2 | 24 ++++--------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index 14cbe71f..ecd5eaf9 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -27,26 +27,12 @@ } {% endif %} , - "io.element.e2ee": { - {% if not matrix_client_element_e2ee_default %} - "default": false, - {% else %} - "default": true, - {% endif %} - {% if matrix_client_element_e2ee_backup_required %} - "secure_backup_required": true - {% else %} - "secure_backup_required": false - {% endif %} - {% if matrix_client_element_e2ee_backup_methods %}, - "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} - {% endif %} + "io.element.e2ee": { + "default": {{ matrix_client_element_e2ee_default|to_json }}, + "secure_backup_required": {{ matrix_client_element_e2ee_backup_required|to_json }}, + "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} }, "im.vector.riot.e2ee": { - {% if not matrix_client_element_e2ee_default %} - "default": false - {% else %} - "default": true - {% endif %} + "default": {{ matrix_client_element_e2ee_default|to_json }} } } From 5158fa4df98ec2baf7a9c88b2e2c2d8924f093cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:50:16 +0200 Subject: [PATCH 19/21] e2ee_backup_methods: rather leave the default empty, so that the system default may apply --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index cffb7b4a..5bd10014 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -75,7 +75,7 @@ matrix_client_element_e2ee_backup_required: false # Controls which backup methods from ["key", "passphrase"] should be used, both is the default. # Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_methods: [ "key", "passphrase" ] +matrix_client_element_e2ee_backup_methods: [] # The Docker network that all services would be put into matrix_docker_network: "matrix" From 1cf5b1d80f626c7a1e54bd48fb1e31a1dd81618f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 09:24:50 +0200 Subject: [PATCH 20/21] e2ee_backup: rename variables to be consistent with naming scheme --- roles/matrix-base/defaults/main.yml | 4 ++-- .../templates/static-files/well-known/matrix-client.j2 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 5bd10014..164509b7 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -70,12 +70,12 @@ matrix_client_element_e2ee_default: true # Controls whether Element should require a secure backup set up before Element can be used. # Setting this to true will update `/.well-known/matrix/client` and tell Element require a secure backup. # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_required: false +matrix_client_element_e2ee_secure_backup_required: false # Controls which backup methods from ["key", "passphrase"] should be used, both is the default. # Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_methods: [] +matrix_client_element_e2ee_secure_backup_setup_methods: [] # The Docker network that all services would be put into matrix_docker_network: "matrix" diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index ecd5eaf9..a4356d1d 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -29,8 +29,8 @@ , "io.element.e2ee": { "default": {{ matrix_client_element_e2ee_default|to_json }}, - "secure_backup_required": {{ matrix_client_element_e2ee_backup_required|to_json }}, - "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} + "secure_backup_required": {{ matrix_client_element_e2ee_secure_backup_required|to_json }}, + "secure_backup_setup_methods": {{ matrix_client_element_e2ee_secure_backup_setup_methods|to_json }} }, "im.vector.riot.e2ee": { "default": {{ matrix_client_element_e2ee_default|to_json }} From 24c6d7e81f9c22764dfd7c2d3c2c20239b692553 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 20 Oct 2020 19:06:16 +0300 Subject: [PATCH 21/21] Upgrade Element (1.7.9 -> 1.7.10) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index a864244a..d2b9258f 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -2,7 +2,7 @@ matrix_client_element_enabled: true matrix_client_element_container_image_self_build: false -matrix_client_element_docker_image: "vectorim/riot-web:v1.7.9" +matrix_client_element_docker_image: "vectorim/riot-web:v1.7.10" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" matrix_client_element_data_path: "{{ matrix_base_data_path }}/client-element"