From 5da31ba57989e5cc97a3fa1c57849daa55ec80d2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 3 Jun 2020 09:33:28 +0300 Subject: [PATCH] Move configuration templates outside of defaults/main.yml files --- .../defaults/main.yml | 95 +---- .../templates/config.yaml.j2 | 93 ++++ .../defaults/main.yml | 136 +----- .../templates/config.yaml.j2 | 134 ++++++ .../defaults/main.yml | 16 +- .../templates/config.yaml.j2 | 14 + .../defaults/main.yml | 30 +- .../templates/config.yaml.j2 | 28 ++ .../defaults/main.yml | 159 +------ .../templates/config.yaml.j2 | 157 +++++++ .../defaults/main.yml | 147 +------ .../templates/config.yaml.j2 | 145 +++++++ .../defaults/main.yml | 400 +----------------- .../templates/config.yaml.j2 | 397 +++++++++++++++++ .../defaults/main.yml | 170 +------- .../templates/config.yaml.j2 | 169 ++++++++ .../defaults/main.yml | 140 +----- .../templates/config.yaml.j2 | 138 ++++++ .../defaults/main.yml | 94 +--- .../templates/config.yaml.j2 | 92 ++++ roles/matrix-dimension/defaults/main.yml | 84 +--- .../matrix-dimension/templates/config.yaml.j2 | 81 ++++ roles/matrix-ma1sd/defaults/main.yml | 71 +--- roles/matrix-ma1sd/templates/ma1sd.yaml.j2 | 69 +++ 24 files changed, 1529 insertions(+), 1530 deletions(-) create mode 100644 roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mx-puppet-skype/templates/config.yaml.j2 create mode 100644 roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 create mode 100644 roles/matrix-dimension/templates/config.yaml.j2 create mode 100644 roles/matrix-ma1sd/templates/ma1sd.yaml.j2 diff --git a/roles/matrix-bridge-appservice-discord/defaults/main.yml b/roles/matrix-bridge-appservice-discord/defaults/main.yml index 0192f97d..97ad8e89 100644 --- a/roles/matrix-bridge-appservice-discord/defaults/main.yml +++ b/roles/matrix-bridge-appservice-discord/defaults/main.yml @@ -39,100 +39,7 @@ matrix_appservice_discord_bridge_homeserverUrl: "{{ matrix_homeserver_url }}" matrix_appservice_discord_bridge_disablePresence: false matrix_appservice_discord_bridge_enableSelfServiceBridging: false -matrix_appservice_discord_configuration_yaml: | - #jinja2: lstrip_blocks: "True" - bridge: - # Domain part of the bridge, e.g. matrix.org - domain: {{ matrix_appservice_discord_bridge_domain }} - # This should be your publically facing URL because Discord may use it to - # fetch media from the media store. - homeserverUrl: {{ matrix_appservice_discord_bridge_homeserverUrl }} - # Interval at which to process users in the 'presence queue'. If you have - # 5 users, one user will be processed every 500 milliseconds according to the - # value below. This has a minimum value of 250. - # WARNING: This has a high chance of spamming the homeserver with presence - # updates since it will send one each time somebody changes state or is online. - presenceInterval: 500 - # Disable setting presence for 'ghost users' which means Discord users on Matrix - # will not be shown as away or online. - disablePresence: {{ matrix_appservice_discord_bridge_disablePresence|to_json }} - # Disable sending typing notifications when somebody on Discord types. - disableTypingNotifications: false - # Disable deleting messages on Discord if a message is redacted on Matrix. - disableDeletionForwarding: false - # Enable users to bridge rooms using !discord commands. See - # https://t2bot.io/discord for instructions. - enableSelfServiceBridging: {{ matrix_appservice_discord_bridge_enableSelfServiceBridging|to_json }} - # Disable sending of read receipts for Matrix events which have been - # successfully bridged to Discord. - disableReadReceipts: false - # Disable Join Leave echos from matrix - disableJoinLeaveNotifications: false - # Authentication configuration for the discord bot. - auth: - clientID: {{ matrix_appservice_discord_client_id|string|to_json }} - botToken: {{ matrix_appservice_discord_bot_token }} - logging: - # What level should the logger output to the console at. - console: "warn" #silly, verbose, info, http, warn, error, silent - lineDateFormat: "MMM-D HH:mm:ss.SSS" # This is in moment.js format - # files: - # - file: "debug.log" - # disable: - # - "PresenceHandler" # Will not capture presence logging - # - file: "warn.log" # Will capture warnings - # level: "warn" - # - file: "botlogs.log" # Will capture logs from DiscordBot - # level: "info" - # enable: - # - "DiscordBot" - database: - userStorePath: "/data/user-store.db" - roomStorePath: "/data/room-store.db" - # You may either use SQLite or Postgresql for the bridge database, which contains - # important mappings for events and user puppeting configurations. - # Use the filename option for SQLite, or connString for Postgresql. - # If you are migrating, see https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#migrate-to-postgres-from-sqlite - # WARNING: You will almost certainly be fine with sqlite unless your bridge - # is in heavy demand and you suffer from IO slowness. - filename: "/data/discord.db" - # connString: "postgresql://user:password@localhost/database_name" - room: - # Set the default visibility of alias rooms, defaults to "public". - # One of: "public", "private" - defaultVisibility: "public" - channel: - # Pattern of the name given to bridged rooms. - # Can use :guild for the guild name and :name for the channel name. - namePattern: "[Discord] :guild :name" - # Changes made to rooms when a channel is deleted. - deleteOptions: - # Prefix the room name with a string. - #namePrefix: "[Deleted]" - # Prefix the room topic with a string. - #topicPrefix: "This room has been deleted" - # Disable people from talking in the room by raising the event PL to 50 - disableMessaging: false - # Remove the discord alias from the room. - unsetRoomAlias: true - # Remove the room from the directory. - unlistFromDirectory: true - # Set the room to be unavaliable for joining without an invite. - setInviteOnly: true - # Make all the discord users leave the room. - ghostsLeave: true - limits: - # Delay in milliseconds between discord users joining a room. - roomGhostJoinDelay: 6000 - # Delay in milliseconds before sending messages to discord to avoid echos. - # (Copies of a sent message may arrive from discord before we've - # fininished handling it, causing us to echo it back to the room) - discordSendDelay: 750 - ghosts: - # Pattern for the ghosts nick, available is :nick, :username, :tag and :id - nickPattern: ":nick" - # Pattern for the ghosts username, available is :username, :tag and :id - usernamePattern: ":username#:tag" +matrix_appservice_discord_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_appservice_discord_configuration_extension_yaml: | # Your custom YAML configuration goes here. diff --git a/roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 new file mode 100644 index 00000000..e91c60de --- /dev/null +++ b/roles/matrix-bridge-appservice-discord/templates/config.yaml.j2 @@ -0,0 +1,93 @@ +#jinja2: lstrip_blocks: "True" +bridge: + # Domain part of the bridge, e.g. matrix.org + domain: {{ matrix_appservice_discord_bridge_domain }} + # This should be your publically facing URL because Discord may use it to + # fetch media from the media store. + homeserverUrl: {{ matrix_appservice_discord_bridge_homeserverUrl }} + # Interval at which to process users in the 'presence queue'. If you have + # 5 users, one user will be processed every 500 milliseconds according to the + # value below. This has a minimum value of 250. + # WARNING: This has a high chance of spamming the homeserver with presence + # updates since it will send one each time somebody changes state or is online. + presenceInterval: 500 + # Disable setting presence for 'ghost users' which means Discord users on Matrix + # will not be shown as away or online. + disablePresence: {{ matrix_appservice_discord_bridge_disablePresence|to_json }} + # Disable sending typing notifications when somebody on Discord types. + disableTypingNotifications: false + # Disable deleting messages on Discord if a message is redacted on Matrix. + disableDeletionForwarding: false + # Enable users to bridge rooms using !discord commands. See + # https://t2bot.io/discord for instructions. + enableSelfServiceBridging: {{ matrix_appservice_discord_bridge_enableSelfServiceBridging|to_json }} + # Disable sending of read receipts for Matrix events which have been + # successfully bridged to Discord. + disableReadReceipts: false + # Disable Join Leave echos from matrix + disableJoinLeaveNotifications: false +# Authentication configuration for the discord bot. +auth: + clientID: {{ matrix_appservice_discord_client_id|string|to_json }} + botToken: {{ matrix_appservice_discord_bot_token }} +logging: + # What level should the logger output to the console at. + console: "warn" #silly, verbose, info, http, warn, error, silent + lineDateFormat: "MMM-D HH:mm:ss.SSS" # This is in moment.js format + # files: + # - file: "debug.log" + # disable: + # - "PresenceHandler" # Will not capture presence logging + # - file: "warn.log" # Will capture warnings + # level: "warn" + # - file: "botlogs.log" # Will capture logs from DiscordBot + # level: "info" + # enable: + # - "DiscordBot" +database: + userStorePath: "/data/user-store.db" + roomStorePath: "/data/room-store.db" + # You may either use SQLite or Postgresql for the bridge database, which contains + # important mappings for events and user puppeting configurations. + # Use the filename option for SQLite, or connString for Postgresql. + # If you are migrating, see https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#migrate-to-postgres-from-sqlite + # WARNING: You will almost certainly be fine with sqlite unless your bridge + # is in heavy demand and you suffer from IO slowness. + filename: "/data/discord.db" + # connString: "postgresql://user:password@localhost/database_name" +room: + # Set the default visibility of alias rooms, defaults to "public". + # One of: "public", "private" + defaultVisibility: "public" +channel: + # Pattern of the name given to bridged rooms. + # Can use :guild for the guild name and :name for the channel name. + namePattern: "[Discord] :guild :name" + # Changes made to rooms when a channel is deleted. + deleteOptions: + # Prefix the room name with a string. + #namePrefix: "[Deleted]" + # Prefix the room topic with a string. + #topicPrefix: "This room has been deleted" + # Disable people from talking in the room by raising the event PL to 50 + disableMessaging: false + # Remove the discord alias from the room. + unsetRoomAlias: true + # Remove the room from the directory. + unlistFromDirectory: true + # Set the room to be unavaliable for joining without an invite. + setInviteOnly: true + # Make all the discord users leave the room. + ghostsLeave: true +limits: + # Delay in milliseconds between discord users joining a room. + roomGhostJoinDelay: 6000 + # Delay in milliseconds before sending messages to discord to avoid echos. + # (Copies of a sent message may arrive from discord before we've + # fininished handling it, causing us to echo it back to the room) + discordSendDelay: 750 +ghosts: + # Pattern for the ghosts nick, available is :nick, :username, :tag and :id + nickPattern: ":nick" + # Pattern for the ghosts username, available is :username, :tag and :id + usernamePattern: ":username#:tag" diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index 819691f6..2cbb3e5f 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -346,141 +346,7 @@ matrix_appservice_irc_systemd_wanted_services_list: [] matrix_appservice_irc_appservice_token: '' matrix_appservice_irc_homeserver_token: '' -matrix_appservice_irc_configuration_yaml: | - #jinja2: lstrip_blocks: True - homeserver: - # The URL to the home server for client-server API calls, also used to form the - # media URLs as displayed in bridged IRC channels: - url: {{ matrix_appservice_irc_homeserver_url }} - # - # The URL of the homeserver hosting media files. This is only used to transform - # mxc URIs to http URIs when bridging m.room.[file|image] events. Optional. By - # default, this is the homeserver URL, specified above. - # - media_url: {{ matrix_appservice_irc_homeserver_media_url }} - - # Drop Matrix messages which are older than this number of seconds, according to - # the event's origin_server_ts. - # If the bridge is down for a while, the homeserver will attempt to send all missed - # events on reconnection. These events may be hours old, which can be confusing to - # IRC users if they are then bridged. This option allows these old messages to be - # dropped. - # CAUTION: This is a very coarse heuristic. Federated homeservers may have different - # clock times and hence produce different origin_server_ts values, which may be old - # enough to cause *all* events from the homeserver to be dropped. - # Default: 0 (don't ever drop) - # dropMatrixMessagesAfterSecs: 300 # 5 minutes - - # The 'domain' part for user IDs on this home server. Usually (but not always) - # is the "domain name" part of the HS URL. - domain: {{ matrix_appservice_irc_homeserver_domain }} - - # Should presence be enabled for matrix clients on this bridge. If disabled on the - # homeserver then it should also be disabled here to avoid excess traffic. - # Default: true - enablePresence: {{ matrix_appservice_irc_homeserver_enablePresence|to_json }} - - ircService: - # WARNING: The bridge needs to send plaintext passwords to the IRC server, it cannot - # send a password hash. As a result, passwords (NOT hashes) are stored encrypted in - # the database. - # - # To generate a .pem file: - # $ openssl genpkey -out passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048 - # - # The path to the RSA PEM-formatted private key to use when encrypting IRC passwords - # for storage in the database. Passwords are stored by using the admin room command - # `!storepass server.name passw0rd. When a connection is made to IRC on behalf of - # the Matrix user, this password will be sent as the server password (PASS command). - passwordEncryptionKeyPath: "/data/passkey.pem" # does not typically need modification - - # Config for Matrix -> IRC bridging - matrixHandler: - # Cache this many matrix events in memory to be used for m.relates_to messages (usually replies). - eventCacheSize: 4096 - - servers: {{ matrix_appservice_irc_ircService_servers|to_json }} - - # Configuration for an ident server. If you are running a public bridge it is - # advised you setup an ident server so IRC mods can ban specific matrix users - # rather than the application service itself. - ident: - # True to listen for Ident requests and respond with the - # matrix user's user_id (converted to ASCII, respecting RFC 1413). - # Default: false. - enabled: false - # The port to listen on for incoming ident requests. - # Ports below 1024 require root to listen on, and you may not want this to - # run as root. Instead, you can get something like an Apache to yank up - # incoming requests to 113 to a high numbered port. Set the port to listen - # on instead of 113 here. - # Default: 113. - port: 1113 - # The address to listen on for incoming ident requests. - # Default: 0.0.0.0 - address: "::" - - # Configuration for logging. Optional. Default: console debug level logging - # only. - logging: - # Level to log on console/logfile. One of error|warn|info|debug - level: "debug" - # The file location to log to. This is relative to the project directory. - #logfile: "debug.log" - # The file location to log errors to. This is relative to the project - # directory. - #errfile: "errors.log" - # Whether to log to the console or not. - toConsole: true - # The max number of files to keep. Files will be overwritten eventually due - # to rotations. - maxFiles: 5 - - # Optional. Enable Prometheus metrics. If this is enabled, you MUST install `prom-client`: - # $ npm install prom-client@6.3.0 - # Metrics will then be available via GET /metrics on the bridge listening port (-p). - metrics: - # Whether to actually enable the metric endpoint. Default: false - enabled: true - # When collecting remote user active times, which "buckets" should be used. Defaults are given below. - # The bucket name is formed of a duration and a period. (h=hours,d=days,w=weeks). - remoteUserAgeBuckets: - - "1h" - - "1d" - - "1w" - - # Configuration for the provisioning API. - # - # GET /_matrix/provision/link - # GET /_matrix/provision/unlink - # GET /_matrix/provision/listlinks - # - provisioning: - # True to enable the provisioning HTTP endpoint. Default: false. - enabled: false - # The number of seconds to wait before giving up on getting a response from - # an IRC channel operator. If the channel operator does not respond within the - # allotted time period, the provisioning request will fail. - # Default: 300 seconds (5 mins) - requestTimeoutSeconds: 300 - - # Options here are generally only applicable to large-scale bridges and may have - # consequences greater than other options in this configuration file. - advanced: - # The maximum number of HTTP(S) sockets to maintain. Usually this is unlimited - # however for large bridges it is important to rate limit the bridge to avoid - # accidentally overloading the homeserver. Defaults to 1000, which should be - # enough for the vast majority of use cases. - maxHttpSockets: 1000 - - # Use an external database to store bridge state. - database: - # database engine (must be 'postgres' or 'nedb'). Default: nedb - engine: "nedb" - # Either a PostgreSQL connection string, or a path to the NeDB storage directory. - # For postgres, it must start with postgres:// - # For NeDB, it must start with nedb://. The path is relative to the project directory. - connectionString: "nedb:///data" +matrix_appservice_irc_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_appservice_irc_configuration_extension_yaml: | # Your custom YAML configuration for Appservice IRC servers goes here. diff --git a/roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 new file mode 100644 index 00000000..3daa1898 --- /dev/null +++ b/roles/matrix-bridge-appservice-irc/templates/config.yaml.j2 @@ -0,0 +1,134 @@ +#jinja2: lstrip_blocks: True +homeserver: + # The URL to the home server for client-server API calls, also used to form the + # media URLs as displayed in bridged IRC channels: + url: {{ matrix_appservice_irc_homeserver_url }} + # + # The URL of the homeserver hosting media files. This is only used to transform + # mxc URIs to http URIs when bridging m.room.[file|image] events. Optional. By + # default, this is the homeserver URL, specified above. + # + media_url: {{ matrix_appservice_irc_homeserver_media_url }} + + # Drop Matrix messages which are older than this number of seconds, according to + # the event's origin_server_ts. + # If the bridge is down for a while, the homeserver will attempt to send all missed + # events on reconnection. These events may be hours old, which can be confusing to + # IRC users if they are then bridged. This option allows these old messages to be + # dropped. + # CAUTION: This is a very coarse heuristic. Federated homeservers may have different + # clock times and hence produce different origin_server_ts values, which may be old + # enough to cause *all* events from the homeserver to be dropped. + # Default: 0 (don't ever drop) + # dropMatrixMessagesAfterSecs: 300 # 5 minutes + + # The 'domain' part for user IDs on this home server. Usually (but not always) + # is the "domain name" part of the HS URL. + domain: {{ matrix_appservice_irc_homeserver_domain }} + + # Should presence be enabled for matrix clients on this bridge. If disabled on the + # homeserver then it should also be disabled here to avoid excess traffic. + # Default: true + enablePresence: {{ matrix_appservice_irc_homeserver_enablePresence|to_json }} + +ircService: + # WARNING: The bridge needs to send plaintext passwords to the IRC server, it cannot + # send a password hash. As a result, passwords (NOT hashes) are stored encrypted in + # the database. + # + # To generate a .pem file: + # $ openssl genpkey -out passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048 + # + # The path to the RSA PEM-formatted private key to use when encrypting IRC passwords + # for storage in the database. Passwords are stored by using the admin room command + # `!storepass server.name passw0rd. When a connection is made to IRC on behalf of + # the Matrix user, this password will be sent as the server password (PASS command). + passwordEncryptionKeyPath: "/data/passkey.pem" # does not typically need modification + + # Config for Matrix -> IRC bridging + matrixHandler: + # Cache this many matrix events in memory to be used for m.relates_to messages (usually replies). + eventCacheSize: 4096 + + servers: {{ matrix_appservice_irc_ircService_servers|to_json }} + + # Configuration for an ident server. If you are running a public bridge it is + # advised you setup an ident server so IRC mods can ban specific matrix users + # rather than the application service itself. + ident: + # True to listen for Ident requests and respond with the + # matrix user's user_id (converted to ASCII, respecting RFC 1413). + # Default: false. + enabled: false + # The port to listen on for incoming ident requests. + # Ports below 1024 require root to listen on, and you may not want this to + # run as root. Instead, you can get something like an Apache to yank up + # incoming requests to 113 to a high numbered port. Set the port to listen + # on instead of 113 here. + # Default: 113. + port: 1113 + # The address to listen on for incoming ident requests. + # Default: 0.0.0.0 + address: "::" + + # Configuration for logging. Optional. Default: console debug level logging + # only. + logging: + # Level to log on console/logfile. One of error|warn|info|debug + level: "debug" + # The file location to log to. This is relative to the project directory. + #logfile: "debug.log" + # The file location to log errors to. This is relative to the project + # directory. + #errfile: "errors.log" + # Whether to log to the console or not. + toConsole: true + # The max number of files to keep. Files will be overwritten eventually due + # to rotations. + maxFiles: 5 + + # Optional. Enable Prometheus metrics. If this is enabled, you MUST install `prom-client`: + # $ npm install prom-client@6.3.0 + # Metrics will then be available via GET /metrics on the bridge listening port (-p). + metrics: + # Whether to actually enable the metric endpoint. Default: false + enabled: true + # When collecting remote user active times, which "buckets" should be used. Defaults are given below. + # The bucket name is formed of a duration and a period. (h=hours,d=days,w=weeks). + remoteUserAgeBuckets: + - "1h" + - "1d" + - "1w" + + # Configuration for the provisioning API. + # + # GET /_matrix/provision/link + # GET /_matrix/provision/unlink + # GET /_matrix/provision/listlinks + # + provisioning: + # True to enable the provisioning HTTP endpoint. Default: false. + enabled: false + # The number of seconds to wait before giving up on getting a response from + # an IRC channel operator. If the channel operator does not respond within the + # allotted time period, the provisioning request will fail. + # Default: 300 seconds (5 mins) + requestTimeoutSeconds: 300 + +# Options here are generally only applicable to large-scale bridges and may have +# consequences greater than other options in this configuration file. +advanced: + # The maximum number of HTTP(S) sockets to maintain. Usually this is unlimited + # however for large bridges it is important to rate limit the bridge to avoid + # accidentally overloading the homeserver. Defaults to 1000, which should be + # enough for the vast majority of use cases. + maxHttpSockets: 1000 + +# Use an external database to store bridge state. +database: + # database engine (must be 'postgres' or 'nedb'). Default: nedb + engine: "nedb" + # Either a PostgreSQL connection string, or a path to the NeDB storage directory. + # For postgres, it must start with postgres:// + # For NeDB, it must start with nedb://. The path is relative to the project directory. + connectionString: "nedb:///data" diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/matrix-bridge-appservice-slack/defaults/main.yml index d68c1178..58dde6a0 100644 --- a/roles/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/matrix-bridge-appservice-slack/defaults/main.yml @@ -45,21 +45,7 @@ matrix_appservice_slack_appservice_token: '' matrix_appservice_slack_homeserver_token: '' matrix_appservice_slack_id_token: '' -matrix_appservice_slack_configuration_yaml: | - slack_hook_port: {{ matrix_appservice_slack_slack_port }} - inbound_uri_prefix: "{{ matrix_appservice_slack_inbound_uri_prefix }}" - bot_username: "{{ matrix_appservice_slack_bot_name }}" - username_prefix: {{ matrix_appservice_slack_user_prefix }} - - homeserver: - media_url: "{{ matrix_appservice_slack_homeserver_media_url }}" - url: "{{ matrix_appservice_slack_homeserver_url }}" - server_name: "{{ matrix_domain }}" - - dbdir: "/data" - - matrix_admin_room: "{{ matrix_appservice_slack_control_room_id }}" - +matrix_appservice_slack_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_appservice_slack_configuration_extension_yaml: | #slack_hook_port: 9898 diff --git a/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 new file mode 100644 index 00000000..8f48d317 --- /dev/null +++ b/roles/matrix-bridge-appservice-slack/templates/config.yaml.j2 @@ -0,0 +1,14 @@ +#jinja2: lstrip_blocks: True +slack_hook_port: {{ matrix_appservice_slack_slack_port }} +inbound_uri_prefix: "{{ matrix_appservice_slack_inbound_uri_prefix }}" +bot_username: "{{ matrix_appservice_slack_bot_name }}" +username_prefix: {{ matrix_appservice_slack_user_prefix }} + +homeserver: + media_url: "{{ matrix_appservice_slack_homeserver_media_url }}" + url: "{{ matrix_appservice_slack_homeserver_url }}" + server_name: "{{ matrix_domain }}" + +dbdir: "/data" + +matrix_admin_room: "{{ matrix_appservice_slack_control_room_id }}" diff --git a/roles/matrix-bridge-appservice-webhooks/defaults/main.yml b/roles/matrix-bridge-appservice-webhooks/defaults/main.yml index 1b2c9940..0fb5abbc 100644 --- a/roles/matrix-bridge-appservice-webhooks/defaults/main.yml +++ b/roles/matrix-bridge-appservice-webhooks/defaults/main.yml @@ -49,35 +49,7 @@ matrix_appservice_webhooks_api_secret: '' # Logging information (info and verbose is available) default is: info matrix_appservice_webhooks_log_level: 'info' -matrix_appservice_webhooks_configuration_yaml: | - - # Configuration specific to the application service. All fields (unless otherwise marked) are required. - homeserver: - # The domain for the client-server API calls. - url: "{{ matrix_appservice_webhooks_homeserver_url }}" - - # The domain part for user IDs on this home server. Usually, but not always, this is the same as the - # home server's URL. - domain: "{{ matrix_domain }}" - - # Configuration specific to the bridge. All fields (unless otherwise marked) are required. - webhookBot: - # The localpart to use for the bot. May require re-registering the application service. - localpart: "_webhook" - - # Provisioning API options - provisioning: - # Your secret for the API. Required for all provisioning API requests. - secret: '{{ matrix_appservice_webhooks_api_secret }}' - - # Configuration related to the web portion of the bridge. Handles the inbound webhooks - web: - hookUrlBase: "{{ matrix_appservice_webhooks_inbound_uri_prefix }}" - - logging: - console: true - consoleLevel: {{ matrix_appservice_webhooks_log_level }} - writeFiles: false +matrix_appservice_webhooks_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_appservice_webhooks_configuration_extension_yaml: | # diff --git a/roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 new file mode 100644 index 00000000..49751624 --- /dev/null +++ b/roles/matrix-bridge-appservice-webhooks/templates/config.yaml.j2 @@ -0,0 +1,28 @@ +#jinja2: lstrip_blocks: True +# Configuration specific to the application service. All fields (unless otherwise marked) are required. +homeserver: + # The domain for the client-server API calls. + url: "{{ matrix_appservice_webhooks_homeserver_url }}" + + # The domain part for user IDs on this home server. Usually, but not always, this is the same as the + # home server's URL. + domain: "{{ matrix_domain }}" + +# Configuration specific to the bridge. All fields (unless otherwise marked) are required. +webhookBot: + # The localpart to use for the bot. May require re-registering the application service. + localpart: "_webhook" + +# Provisioning API options +provisioning: + # Your secret for the API. Required for all provisioning API requests. + secret: '{{ matrix_appservice_webhooks_api_secret }}' + +# Configuration related to the web portion of the bridge. Handles the inbound webhooks +web: + hookUrlBase: "{{ matrix_appservice_webhooks_inbound_uri_prefix }}" + +logging: + console: true + consoleLevel: {{ matrix_appservice_webhooks_log_level }} + writeFiles: false diff --git a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml index 2f737afd..610bcc11 100644 --- a/roles/matrix-bridge-mautrix-facebook/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-facebook/defaults/main.yml @@ -38,164 +38,7 @@ matrix_mautrix_facebook_login_shared_secret: '' # # For a more advanced customization, you can extend the default (see `matrix_mautrix_facebook_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_mautrix_facebook_configuration_yaml: | - #jinja2: lstrip_blocks: "True" - # Homeserver details - homeserver: - # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_facebook_homeserver_address }} - # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_facebook_homeserver_domain }} - # Whether or not to verify the SSL certificate of the homeserver. - # Only applies if address starts with https:// - verify_ssl: true - - # Application service host/registration related details - # Changing these values requires regeneration of the registration. - appservice: - # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_facebook_appservice_address }} - - # The hostname and port where this appservice should listen. - hostname: 0.0.0.0 - port: 29319 - # The maximum body size of appservice API requests (from the homeserver) in mebibytes - # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s - max_body_size: 1 - - # The full URI to the database. SQLite and Postgres are fully supported. - # Other DBMSes supported by SQLAlchemy may or may not work. - # Format examples: - # SQLite: sqlite:///filename.db - # Postgres: postgres://username:password@hostname/dbname - database: sqlite:////data/mautrix-facebook.db - - # Public part of web server for out-of-Matrix interaction with the bridge. - public: - # Whether or not the public-facing endpoints should be enabled. - enabled: false - # The prefix to use in the public-facing endpoints. - prefix: /public - # The base URL where the public-facing endpoints are available. The prefix is not added - # implicitly. - external: https://example.com/public - - # The unique ID of this appservice. - id: facebook - # Username of the appservice bot. - bot_username: facebookbot - # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty - # to leave display name/avatar as-is. - bot_displayname: Facebook bridge bot - bot_avatar: mxc://maunium.net/ddtNPZSKMNqaUzqrHuWvUADv - - # Authentication tokens for AS <-> HS communication. - as_token: "{{ matrix_mautrix_facebook_appservice_token }}" - hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}" - - # Bridge config - bridge: - # Localpart template of MXIDs for Facebook users. - # {userid} is replaced with the user ID of the Facebook user. - username_template: "facebook_{userid}" - # Localpart template for per-user room grouping community IDs. - # The bridge will create these communities and add all of the specific user's portals to the community. - # {localpart} is the MXID localpart and {server} is the MXID server part of the user. - # - # `facebook_{localpart}={server}` is a good value. - community_template: null - # Displayname template for Facebook users. - # {displayname} is replaced with the display name of the Facebook user - # as defined below in displayname_preference. - # Keys available for displayname_preference are also available here. - displayname_template: '{displayname} (FB)' - # Available keys: - # "name" (full name) - # "first_name" - # "last_name" - # "nickname" - # "own_nickname" (user-specific!) - displayname_preference: - - name - - # The prefix for commands. Only required in non-management rooms. - command_prefix: "!fb" - - # Number of chats to sync (and create portals for) on startup/login. - # Maximum 20, set 0 to disable automatic syncing. - initial_chat_sync: 10 - # Whether or not the Facebook users of logged in Matrix users should be - # invited to private chats when the user sends a message from another client. - invite_own_puppet_to_pm: false - # Whether or not to use /sync to get presence, read receipts and typing notifications when using - # your own Matrix account as the Matrix puppet for your Facebook account. - sync_with_custom_puppets: true - # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth - # - # If set, custom puppets will be enabled automatically for local users - # instead of users having to find an access token and run `login-matrix` - # manually. - login_shared_secret: {{ matrix_mautrix_facebook_login_shared_secret|to_json }} - # Whether or not to bridge presence in both directions. Facebook allows users not to broadcast - # presence, but then it won't send other users' presence to the client. - presence: true - # Whether or not to update avatars when syncing all contacts at startup. - update_avatar_initial_sync: true - # End-to-bridge encryption support options. These require matrix-nio to be installed with pip - # and login_shared_secret to be configured in order to get a device for the bridge bot. - # - # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal - # application service. - encryption: - # Allow encryption, work in group chat rooms with e2ee enabled - allow: false - # Default to encryption, force-enable encryption in all portals the bridge creates - # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false - - # Whether or not the bridge should send a read receipt from the bridge bot when a message has - # been sent to Facebook. - delivery_receipts: false - - # Permissions for using the bridge. - # Permitted values: - # user - Use the bridge with puppeting. - # admin - Use and administrate the bridge. - # Permitted keys: - # * - All Matrix users - # domain - All users on that homeserver - # mxid - Specific user - permissions: - '{{ matrix_mautrix_facebook_homeserver_domain }}': user - - # Python logging configuration. - # - # See section 16.7.2 of the Python documentation for more info: - # https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema - logging: - version: 1 - formatters: - colored: - (): mautrix_facebook.util.ColorFormatter - format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - normal: - format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - handlers: - console: - class: logging.StreamHandler - formatter: colored - loggers: - mau: - level: DEBUG - fbchat: - level: DEBUG - hbmqtt: - level: INFO - aiohttp: - level: INFO - root: - level: DEBUG - handlers: [console] +matrix_mautrix_facebook_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_mautrix_facebook_configuration_extension_yaml: | # Your custom YAML configuration goes here. diff --git a/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 new file mode 100644 index 00000000..887f3df8 --- /dev/null +++ b/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 @@ -0,0 +1,157 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_mautrix_facebook_homeserver_address }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_mautrix_facebook_homeserver_domain }} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_mautrix_facebook_appservice_address }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 29319 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. SQLite and Postgres are fully supported. + # Other DBMSes supported by SQLAlchemy may or may not work. + # Format examples: + # SQLite: sqlite:///filename.db + # Postgres: postgres://username:password@hostname/dbname + database: sqlite:////data/mautrix-facebook.db + + # Public part of web server for out-of-Matrix interaction with the bridge. + public: + # Whether or not the public-facing endpoints should be enabled. + enabled: false + # The prefix to use in the public-facing endpoints. + prefix: /public + # The base URL where the public-facing endpoints are available. The prefix is not added + # implicitly. + external: https://example.com/public + + # The unique ID of this appservice. + id: facebook + # Username of the appservice bot. + bot_username: facebookbot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: Facebook bridge bot + bot_avatar: mxc://maunium.net/ddtNPZSKMNqaUzqrHuWvUADv + + # Authentication tokens for AS <-> HS communication. + as_token: "{{ matrix_mautrix_facebook_appservice_token }}" + hs_token: "{{ matrix_mautrix_facebook_homeserver_token }}" + +# Bridge config +bridge: + # Localpart template of MXIDs for Facebook users. + # {userid} is replaced with the user ID of the Facebook user. + username_template: "facebook_{userid}" + # Localpart template for per-user room grouping community IDs. + # The bridge will create these communities and add all of the specific user's portals to the community. + # {localpart} is the MXID localpart and {server} is the MXID server part of the user. + # + # `facebook_{localpart}={server}` is a good value. + community_template: null + # Displayname template for Facebook users. + # {displayname} is replaced with the display name of the Facebook user + # as defined below in displayname_preference. + # Keys available for displayname_preference are also available here. + displayname_template: '{displayname} (FB)' + # Available keys: + # "name" (full name) + # "first_name" + # "last_name" + # "nickname" + # "own_nickname" (user-specific!) + displayname_preference: + - name + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!fb" + + # Number of chats to sync (and create portals for) on startup/login. + # Maximum 20, set 0 to disable automatic syncing. + initial_chat_sync: 10 + # Whether or not the Facebook users of logged in Matrix users should be + # invited to private chats when the user sends a message from another client. + invite_own_puppet_to_pm: false + # Whether or not to use /sync to get presence, read receipts and typing notifications when using + # your own Matrix account as the Matrix puppet for your Facebook account. + sync_with_custom_puppets: true + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret: {{ matrix_mautrix_facebook_login_shared_secret|to_json }} + # Whether or not to bridge presence in both directions. Facebook allows users not to broadcast + # presence, but then it won't send other users' presence to the client. + presence: true + # Whether or not to update avatars when syncing all contacts at startup. + update_avatar_initial_sync: true + # End-to-bridge encryption support options. These require matrix-nio to be installed with pip + # and login_shared_secret to be configured in order to get a device for the bridge bot. + # + # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal + # application service. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + + # Whether or not the bridge should send a read receipt from the bridge bot when a message has + # been sent to Facebook. + delivery_receipts: false + + # Permissions for using the bridge. + # Permitted values: + # user - Use the bridge with puppeting. + # admin - Use and administrate the bridge. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + '{{ matrix_mautrix_facebook_homeserver_domain }}': user + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): mautrix_facebook.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: DEBUG + fbchat: + level: DEBUG + hbmqtt: + level: INFO + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [console] diff --git a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml index 8de4576f..31f4fe98 100644 --- a/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-hangouts/defaults/main.yml @@ -40,152 +40,7 @@ matrix_mautrix_hangouts_login_shared_secret: '' # # For a more advanced customization, you can extend the default (see `matrix_mautrix_hangouts_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_mautrix_hangouts_configuration_yaml: | - #jinja2: lstrip_blocks: "True" - # Homeserver details - homeserver: - # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_hangouts_homeserver_address }} - # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_hangouts_homeserver_domain }} - # Whether or not to verify the SSL certificate of the homeserver. - # Only applies if address starts with https:// - verify_ssl: true - - # Application service host/registration related details - # Changing these values requires regeneration of the registration. - appservice: - # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_hangouts_appservice_address }} - - # The hostname and port where this appservice should listen. - hostname: 0.0.0.0 - port: 8080 - # The maximum body size of appservice API requests (from the homeserver) in mebibytes - # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s - max_body_size: 1 - - # The full URI to the database. SQLite and Postgres are fully supported. - # Other DBMSes supported by SQLAlchemy may or may not work. - # Format examples: - # SQLite: sqlite:///filename.db - # Postgres: postgres://username:password@hostname/dbname - database: sqlite:////data/mautrix-hangouts.db - - # The unique ID of this appservice. - id: hangouts - # Username of the appservice bot. - bot_username: hangoutsbot - # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty - # to leave display name/avatar as-is. - bot_displayname: Hangouts bridge bot - bot_avatar: mxc://maunium.net/FBXZnpfORkBEruORbikmleAy - - # Authentication tokens for AS <-> HS communication. - as_token: "{{ matrix_mautrix_hangouts_appservice_token }}" - hs_token: "{{ matrix_mautrix_hangouts_homeserver_token }}" - - # Bridge config - bridge: - # Localpart template of MXIDs for Hangouts users. - # {userid} is replaced with the user ID of the Hangouts user. - username_template: "hangouts_{userid}" - # Displayname template for Hangouts users. - # {displayname} is replaced with the display name of the Hangouts user - # as defined below in displayname_preference. - # Keys available for displayname_preference are also available here. - displayname_template: '{full_name} (Hangouts)' - # Available keys: - # "name" (full name) - # "first_name" - # "last_name" - # "nickname" - # "own_nickname" (user-specific!) - displayname_preference: - - name - - # The prefix for commands. Only required in non-management rooms. - command_prefix: "!HO" - - # Number of chats to sync (and create portals for) on startup/login. - # Maximum 20, set 0 to disable automatic syncing. - initial_chat_sync: 20 - # Whether or not the Hangouts users of logged in Matrix users should be - # invited to private chats when the user sends a message from another client. - invite_own_puppet_to_pm: false - # Whether or not to use /sync to get presence, read receipts and typing notifications when using - # your own Matrix account as the Matrix puppet for your Hangouts account. - sync_with_custom_puppets: true - # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth - # - # If set, custom puppets will be enabled automatically for local users - # instead of users having to find an access token and run `login-matrix` - # manually. - login_shared_secret: {{ matrix_mautrix_hangouts_login_shared_secret|to_json }} - # Whether or not to update avatars when syncing all contacts at startup. - update_avatar_initial_sync: true - # End-to-bridge encryption support options. These require matrix-nio to be installed with pip - # and login_shared_secret to be configured in order to get a device for the bridge bot. - # - # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal - # application service. - encryption: - # Allow encryption, work in group chat rooms with e2ee enabled - allow: false - # Default to encryption, force-enable encryption in all portals the bridge creates - # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false - - # Public website and API configs - web: - # Auth server config - auth: - # Publicly accessible base URL for the login endpoints. - # The prefix below is not implicitly added. This URL and all subpaths should be proxied - # or otherwise pointed to the appservice's webserver to the path specified below (prefix). - # This path should usually include a trailing slash. - # Internal prefix in the appservice web server for the login endpoints. - public: "{{ matrix_homeserver_url }}{{ matrix_mautrix_hangouts_public_endpoint }}/login" - prefix: "{{ matrix_mautrix_hangouts_public_endpoint }}/login" - - - # Permissions for using the bridge. - # Permitted values: - # user - Use the bridge with puppeting. - # admin - Use and administrate the bridge. - # Permitted keys: - # * - All Matrix users - # domain - All users on that homeserver - # mxid - Specific user - permissions: - '{{ matrix_mautrix_hangouts_homeserver_domain }}': user - - # Python logging configuration. - # - # See section 16.7.2 of the Python documentation for more info: - # https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema - logging: - version: 1 - formatters: - colored: - (): mautrix_hangouts.util.ColorFormatter - format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - normal: - format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - handlers: - console: - class: logging.StreamHandler - formatter: colored - loggers: - mau: - level: DEBUG - hangups: - level: DEBUG - aiohttp: - level: INFO - root: - level: DEBUG - handlers: [console] +matrix_mautrix_hangouts_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_mautrix_hangouts_configuration_extension_yaml: | # Your custom YAML configuration goes here. diff --git a/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 new file mode 100644 index 00000000..f274b203 --- /dev/null +++ b/roles/matrix-bridge-mautrix-hangouts/templates/config.yaml.j2 @@ -0,0 +1,145 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_mautrix_hangouts_homeserver_address }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_mautrix_hangouts_homeserver_domain }} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_mautrix_hangouts_appservice_address }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 8080 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. SQLite and Postgres are fully supported. + # Other DBMSes supported by SQLAlchemy may or may not work. + # Format examples: + # SQLite: sqlite:///filename.db + # Postgres: postgres://username:password@hostname/dbname + database: sqlite:////data/mautrix-hangouts.db + + # The unique ID of this appservice. + id: hangouts + # Username of the appservice bot. + bot_username: hangoutsbot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: Hangouts bridge bot + bot_avatar: mxc://maunium.net/FBXZnpfORkBEruORbikmleAy + + # Authentication tokens for AS <-> HS communication. + as_token: "{{ matrix_mautrix_hangouts_appservice_token }}" + hs_token: "{{ matrix_mautrix_hangouts_homeserver_token }}" + +# Bridge config +bridge: + # Localpart template of MXIDs for Hangouts users. + # {userid} is replaced with the user ID of the Hangouts user. + username_template: "hangouts_{userid}" + # Displayname template for Hangouts users. + # {displayname} is replaced with the display name of the Hangouts user + # as defined below in displayname_preference. + # Keys available for displayname_preference are also available here. + displayname_template: '{full_name} (Hangouts)' + # Available keys: + # "name" (full name) + # "first_name" + # "last_name" + # "nickname" + # "own_nickname" (user-specific!) + displayname_preference: + - name + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!HO" + + # Number of chats to sync (and create portals for) on startup/login. + # Maximum 20, set 0 to disable automatic syncing. + initial_chat_sync: 20 + # Whether or not the Hangouts users of logged in Matrix users should be + # invited to private chats when the user sends a message from another client. + invite_own_puppet_to_pm: false + # Whether or not to use /sync to get presence, read receipts and typing notifications when using + # your own Matrix account as the Matrix puppet for your Hangouts account. + sync_with_custom_puppets: true + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret: {{ matrix_mautrix_hangouts_login_shared_secret|to_json }} + # Whether or not to update avatars when syncing all contacts at startup. + update_avatar_initial_sync: true + # End-to-bridge encryption support options. These require matrix-nio to be installed with pip + # and login_shared_secret to be configured in order to get a device for the bridge bot. + # + # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal + # application service. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + + # Public website and API configs + web: + # Auth server config + auth: + # Publicly accessible base URL for the login endpoints. + # The prefix below is not implicitly added. This URL and all subpaths should be proxied + # or otherwise pointed to the appservice's webserver to the path specified below (prefix). + # This path should usually include a trailing slash. + # Internal prefix in the appservice web server for the login endpoints. + public: "{{ matrix_homeserver_url }}{{ matrix_mautrix_hangouts_public_endpoint }}/login" + prefix: "{{ matrix_mautrix_hangouts_public_endpoint }}/login" + + + # Permissions for using the bridge. + # Permitted values: + # user - Use the bridge with puppeting. + # admin - Use and administrate the bridge. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + '{{ matrix_mautrix_hangouts_homeserver_domain }}': user + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): mautrix_hangouts.util.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + formatter: colored + loggers: + mau: + level: DEBUG + hangups: + level: DEBUG + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [console] diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 1e77eb02..d3990b68 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -51,405 +51,7 @@ matrix_mautrix_telegram_login_shared_secret: '' # # For a more advanced customization, you can extend the default (see `matrix_mautrix_telegram_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_mautrix_telegram_configuration_yaml: | - #jinja2: lstrip_blocks: "True" - # Homeserver details - homeserver: - # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_telegram_homeserver_address }} - # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_telegram_homeserver_domain }} - # Whether or not to verify the SSL certificate of the homeserver. - # Only applies if address starts with https:// - verify_ssl: true - - # Application service host/registration related details - # Changing these values requires regeneration of the registration. - appservice: - # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_telegram_appservice_address }} - - # The hostname and port where this appservice should listen. - hostname: 0.0.0.0 - port: 8080 - # The maximum body size of appservice API requests (from the homeserver) in mebibytes - # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s - max_body_size: 1 - - # The full URI to the database. SQLite and Postgres are fully supported. - # Other DBMSes supported by SQLAlchemy may or may not work. - # Format examples: - # SQLite: sqlite:///filename.db - # Postgres: postgres://username:password@hostname/dbname - database: sqlite:////data/mautrix-telegram.db - - # Public part of web server for out-of-Matrix interaction with the bridge. - # Used for things like login if the user wants to make sure the 2FA password isn't stored in - # the HS database. - public: - # Whether or not the public-facing endpoints should be enabled. - enabled: true - # The prefix to use in the public-facing endpoints. - prefix: {{ matrix_mautrix_telegram_public_endpoint }} - # The base URL where the public-facing endpoints are available. The prefix is not added - # implicitly. - external: {{ matrix_mautrix_telegram_appservice_public_external }} - - # Provisioning API part of the web server for automated portal creation and fetching information. - # Used by things like Dimension (https://dimension.t2bot.io/). - provisioning: - # Whether or not the provisioning API should be enabled. - enabled: false - # The prefix to use in the provisioning API endpoints. - prefix: /_matrix/provision/v1 - # The shared secret to authorize users of the API. - # Set to "generate" to generate and save a new token. - shared_secret: generate - - # The unique ID of this appservice. - id: telegram - # Username of the appservice bot. - bot_username: telegrambot - # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty - # to leave display name/avatar as-is. - bot_displayname: Telegram bridge bot - bot_avatar: mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX - - # Authentication tokens for AS <-> HS communication. - as_token: "{{ matrix_mautrix_telegram_appservice_token }}" - hs_token: "{{ matrix_mautrix_telegram_homeserver_token }}" - - # Bridge config - bridge: - # Localpart template of MXIDs for Telegram users. - # {userid} is replaced with the user ID of the Telegram user. - username_template: "telegram_{userid}" - # Localpart template of room aliases for Telegram portal rooms. - # {groupname} is replaced with the name part of the public channel/group invite link ( https://t.me/{} ) - alias_template: "telegram_{groupname}" - # Displayname template for Telegram users. - # {displayname} is replaced with the display name of the Telegram user. - displayname_template: "{displayname} (Telegram)" - - # Set the preferred order of user identifiers which to use in the Matrix puppet display name. - # In the (hopefully unlikely) scenario that none of the given keys are found, the numeric user - # ID is used. - # - # If the bridge is working properly, a phone number or an username should always be known, but - # the other one can very well be empty. - # - # Valid keys: - # "full name" (First and/or last name) - # "full name reversed" (Last and/or first name) - # "first name" - # "last name" - # "username" - # "phone number" - displayname_preference: - - full name - - username - - phone number - # Maximum length of displayname - displayname_max_length: 100 - - # Maximum number of members to sync per portal when starting up. Other members will be - # synced when they send messages. The maximum is 10000, after which the Telegram server - # will not send any more members. - # Defaults to no local limit (-> limited to 10000 by server) - max_initial_member_sync: -1 - # Whether or not to sync the member list in channels. - # If no channel admins have logged into the bridge, the bridge won't be able to sync the member - # list regardless of this setting. - sync_channel_members: true - # Whether or not to skip deleted members when syncing members. - skip_deleted_members: true - # Whether or not to automatically synchronize contacts and chats of Matrix users logged into - # their Telegram account at startup. - startup_sync: true - # Number of most recently active dialogs to check when syncing chats. - # Dialogs include groups and private chats, but only groups are synced. - # Set to 0 to remove limit. - sync_dialog_limit: 30 - # Whether or not to sync and create portals for direct chats at startup. - sync_direct_chats: false - # The maximum number of simultaneous Telegram deletions to handle. - # A large number of simultaneous redactions could put strain on your homeserver. - max_telegram_delete: 10 - # Whether or not to automatically sync the Matrix room state (mostly unpuppeted displaynames) - # at startup and when creating a bridge. - sync_matrix_state: true - # Allow logging in within Matrix. If false, the only way to log in is using the out-of-Matrix - # login website (see appservice.public config section) - allow_matrix_login: true - # Whether or not to bridge plaintext highlights. - # Only enable this if your displayname_template has some static part that the bridge can use to - # reliably identify what is a plaintext highlight. - plaintext_highlights: false - # Whether or not to make portals of publicly joinable channels/supergroups publicly joinable on Matrix. - public_portals: true - # Whether or not to use /sync to get presence, read receipts and typing notifications when using - # your own Matrix account as the Matrix puppet for your Telegram account. - sync_with_custom_puppets: true - # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth - # - # If set, custom puppets will be enabled automatically for local users - # instead of users having to find an access token and run `login-matrix` - # manually. - login_shared_secret: {{ matrix_mautrix_telegram_login_shared_secret|to_json }} - # Set to false to disable link previews in messages sent to Telegram. - telegram_link_preview: true - # Use inline images instead of a separate message for the caption. - # N.B. Inline images are not supported on all clients (e.g. Riot iOS). - inline_images: false - # Maximum size of image in megabytes before sending to Telegram as a document. - image_as_file_size: 10 - # Maximum size of Telegram documents in megabytes to bridge. - max_document_size: 100 - # Enable experimental parallel file transfer, which makes uploads/downloads much faster by - # streaming from/to Matrix and using many connections for Telegram. - # Note that generating HQ thumbnails for videos is not possible with streamed transfers. - parallel_file_transfer: false - # Whether or not created rooms should have federation enabled. - # If false, created portal rooms will never be federated. - federate_rooms: true - # Settings for converting animated stickers. - animated_sticker: - # Format to which animated stickers should be converted. - # disable - No conversion, send as-is (gzipped lottie) - # png - converts to non-animated png (fastest), - # gif - converts to animated gif, but loses transparency - # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support - target: gif - # Arguments for converter. All converters take width and height. - # GIF converter takes background as a hex color. - args: - width: 256 - height: 256 - background: "020202" # only for gif - fps: 30 # only for webm - # End-to-bridge encryption support options. These require matrix-nio to be installed with pip - # and login_shared_secret to be configured in order to get a device for the bridge bot. - # - # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal - # application service. - encryption: - # Allow encryption, work in group chat rooms with e2ee enabled - allow: false - # Default to encryption, force-enable encryption in all portals the bridge creates - # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false - - # Overrides for base power levels. - initial_power_level_overrides: - user: {} - group: {} - - # Whether to bridge Telegram bot messages as m.notices or m.texts. - bot_messages_as_notices: true - bridge_notices: - # Whether or not Matrix bot messages (type m.notice) should be bridged. - default: false - # List of user IDs for whom the previous flag is flipped. - # e.g. if bridge_notices.default is false, notices from other users will not be bridged, but - # notices from users listed here will be bridged. - exceptions: [] - - # Some config options related to Telegram message deduplication. - # The default values are usually fine, but some debug messages/warnings might recommend you - # change these. - deduplication: - # Whether or not to check the database if the message about to be sent is a duplicate. - pre_db_check: false - # The number of latest events to keep when checking for duplicates. - # You might need to increase this on high-traffic bridge instances. - cache_queue_length: 20 - - - # The formats to use when sending messages to Telegram via the relay bot. - # - # Telegram doesn't have built-in emotes, so the m.emote format is also used for non-relaybot users. - # - # Available variables: - # $sender_displayname - The display name of the sender (e.g. Example User) - # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) - # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) - # $message - The message content as HTML - message_formats: - m.text: "$sender_displayname: $message" - m.notice: "$sender_displayname: $message" - m.emote: "* $sender_displayname $message" - m.file: "$sender_displayname sent a file: $message" - m.image: "$sender_displayname sent an image: $message" - m.audio: "$sender_displayname sent an audio file: $message" - m.video: "$sender_displayname sent a video: $message" - m.location: "$sender_displayname sent a location: $message" - # Telegram doesn't have built-in emotes, this field specifies how m.emote's from authenticated - # users are sent to telegram. All fields in message_formats are supported. Additionally, the - # Telegram user info is available in the following variables: - # $displayname - Telegram displayname - # $username - Telegram username (may not exist) - # $mention - Telegram @username or displayname mention (depending on which exists) - emote_format: "* $mention $formatted_body" - - # The formats to use when sending state events to Telegram via the relay bot. - # - # Variables from `message_formats` that have the `sender_` prefix are available without the prefix. - # In name_change events, `$prev_displayname` is the previous displayname. - # - # Set format to an empty string to disable the messages for that event. - state_event_formats: - join: "$displayname joined the room." - leave: "$displayname left the room." - name_change: "$prev_displayname changed their name to $displayname" - - # Filter rooms that can/can't be bridged. Can also be managed using the `filter` and - # `filter-mode` management commands. - # - # Filters do not affect direct chats. - # An empty blacklist will essentially disable the filter. - filter: - # Filter mode to use. Either "blacklist" or "whitelist". - # If the mode is "blacklist", the listed chats will never be bridged. - # If the mode is "whitelist", only the listed chats can be bridged. - mode: blacklist - # The list of group/channel IDs to filter. - list: [] - - # The prefix for commands. Only required in non-management rooms. - command_prefix: "!tg" - - # Permissions for using the bridge. - # Permitted values: - # relaybot - Only use the bridge via the relaybot, no access to commands. - # user - Relaybot level + access to commands to create bridges. - # puppeting - User level + logging in with a Telegram account. - # full - Full access to use the bridge, i.e. previous levels + Matrix login. - # admin - Full access to use the bridge and some extra administration commands. - # Permitted keys: - # * - All Matrix users - # domain - All users on that homeserver - # mxid - Specific user - permissions: - '{{ matrix_mautrix_telegram_homeserver_domain }}': full - - # Options related to the message relay Telegram bot. - relaybot: - private_chat: - # List of users to invite to the portal when someone starts a private chat with the bot. - # If empty, private chats with the bot won't create a portal. - invite: [] - # Whether or not to bridge state change messages in relaybot private chats. - state_changes: true - # When private_chat_invite is empty, this message is sent to users /starting the - # relaybot. Telegram's "markdown" is supported. - message: This is a Matrix bridge relaybot and does not support direct chats - # List of users to invite to all group chat portals created by the bridge. - group_chat_invite: [] - # Whether or not the relaybot should not bridge events in unbridged group chats. - # If false, portals will be created when the relaybot receives messages, just like normal - # users. This behavior is usually not desirable, as it interferes with manually bridging - # the chat to another room. - ignore_unbridged_group_chat: true - # Whether or not to allow creating portals from Telegram. - authless_portals: true - # Whether or not to allow Telegram group admins to use the bot commands. - whitelist_group_admins: true - # Whether or not to ignore incoming events sent by the relay bot. - ignore_own_incoming_events: true - # List of usernames/user IDs who are also allowed to use the bot commands. - whitelist: [] - - # Telegram config - telegram: - # Get your own API keys at https://my.telegram.org/apps - api_id: {{ matrix_mautrix_telegram_api_id }} - api_hash: {{ matrix_mautrix_telegram_api_hash }} - # (Optional) Create your own bot at https://t.me/BotFather - bot_token: {{ matrix_mautrix_telegram_bot_token }} - - # Telethon connection options. - connection: - # The timeout in seconds to be used when connecting. - timeout: 120 - # How many times the reconnection should retry, either on the initial connection or when - # Telegram disconnects us. May be set to a negative or null value for infinite retries, but - # this is not recommended, since the program can get stuck in an infinite loop. - retries: 5 - # The delay in seconds to sleep between automatic reconnections. - retry_delay: 1 - # The threshold below which the library should automatically sleep on flood wait errors - # (inclusive). For instance, if a FloodWaitError for 17s occurs and flood_sleep_threshold - # is 20s, the library will sleep automatically. If the error was for 21s, it would raise - # the error instead. Values larger than a day (86400) will be changed to a day. - flood_sleep_threshold: 60 - # How many times a request should be retried. Request are retried when Telegram is having - # internal issues, when there is a FloodWaitError less than flood_sleep_threshold, or when - # there's a migrate error. May take a negative or null value for infinite retries, but this - # is not recommended, since some requests can always trigger a call fail (such as searching - # for messages). - request_retries: 5 - - # Device info sent to Telegram. - device_info: - # "auto" = OS name+version. - device_model: auto - # "auto" = Telethon version. - system_version: auto - # "auto" = mautrix-telegram version. - app_version: auto - lang_code: en - system_lang_code: en - - # Custom server to connect to. - server: - # Set to true to use these server settings. If false, will automatically - # use production server assigned by Telegram. Set to false in production. - enabled: false - # The DC ID to connect to. - dc: 2 - # The IP to connect to. - ip: 149.154.167.40 - # The port to connect to. 443 may not work, 80 is better and both are equally secure. - port: 80 - - # Telethon proxy configuration. - # You must install PySocks from pip for proxies to work. - proxy: - # Allowed types: disabled, socks4, socks5, http - type: disabled - # Proxy IP address and port. - address: 127.0.0.1 - port: 1080 - # Whether or not to perform DNS resolving remotely. - rdns: true - # Proxy authentication (optional). - username: "" - password: "" - - # Python logging configuration. - # - # See section 16.7.2 of the Python documentation for more info: - # https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema - logging: - version: 1 - formatters: - precise: - format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - handlers: - console: - class: logging.StreamHandler - formatter: precise - loggers: - mau: - level: DEBUG - telethon: - level: DEBUG - aiohttp: - level: INFO - root: - level: DEBUG - handlers: [console] - +matrix_mautrix_telegram_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_mautrix_telegram_configuration_extension_yaml: | # Your custom YAML configuration goes here. diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 new file mode 100644 index 00000000..2a5b5785 --- /dev/null +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -0,0 +1,397 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_mautrix_telegram_homeserver_address }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_mautrix_telegram_homeserver_domain }} + # Whether or not to verify the SSL certificate of the homeserver. + # Only applies if address starts with https:// + verify_ssl: true + +# Application service host/registration related details +# Changing these values requires regeneration of the registration. +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_mautrix_telegram_appservice_address }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 8080 + # The maximum body size of appservice API requests (from the homeserver) in mebibytes + # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s + max_body_size: 1 + + # The full URI to the database. SQLite and Postgres are fully supported. + # Other DBMSes supported by SQLAlchemy may or may not work. + # Format examples: + # SQLite: sqlite:///filename.db + # Postgres: postgres://username:password@hostname/dbname + database: sqlite:////data/mautrix-telegram.db + + # Public part of web server for out-of-Matrix interaction with the bridge. + # Used for things like login if the user wants to make sure the 2FA password isn't stored in + # the HS database. + public: + # Whether or not the public-facing endpoints should be enabled. + enabled: true + # The prefix to use in the public-facing endpoints. + prefix: {{ matrix_mautrix_telegram_public_endpoint }} + # The base URL where the public-facing endpoints are available. The prefix is not added + # implicitly. + external: {{ matrix_mautrix_telegram_appservice_public_external }} + + # Provisioning API part of the web server for automated portal creation and fetching information. + # Used by things like Dimension (https://dimension.t2bot.io/). + provisioning: + # Whether or not the provisioning API should be enabled. + enabled: false + # The prefix to use in the provisioning API endpoints. + prefix: /_matrix/provision/v1 + # The shared secret to authorize users of the API. + # Set to "generate" to generate and save a new token. + shared_secret: generate + + # The unique ID of this appservice. + id: telegram + # Username of the appservice bot. + bot_username: telegrambot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + bot_displayname: Telegram bridge bot + bot_avatar: mxc://maunium.net/tJCRmUyJDsgRNgqhOgoiHWbX + + # Authentication tokens for AS <-> HS communication. + as_token: "{{ matrix_mautrix_telegram_appservice_token }}" + hs_token: "{{ matrix_mautrix_telegram_homeserver_token }}" + +# Bridge config +bridge: + # Localpart template of MXIDs for Telegram users. + # {userid} is replaced with the user ID of the Telegram user. + username_template: "telegram_{userid}" + # Localpart template of room aliases for Telegram portal rooms. + # {groupname} is replaced with the name part of the public channel/group invite link ( https://t.me/{} ) + alias_template: "telegram_{groupname}" + # Displayname template for Telegram users. + # {displayname} is replaced with the display name of the Telegram user. + displayname_template: "{displayname} (Telegram)" + + # Set the preferred order of user identifiers which to use in the Matrix puppet display name. + # In the (hopefully unlikely) scenario that none of the given keys are found, the numeric user + # ID is used. + # + # If the bridge is working properly, a phone number or an username should always be known, but + # the other one can very well be empty. + # + # Valid keys: + # "full name" (First and/or last name) + # "full name reversed" (Last and/or first name) + # "first name" + # "last name" + # "username" + # "phone number" + displayname_preference: + - full name + - username + - phone number + # Maximum length of displayname + displayname_max_length: 100 + + # Maximum number of members to sync per portal when starting up. Other members will be + # synced when they send messages. The maximum is 10000, after which the Telegram server + # will not send any more members. + # Defaults to no local limit (-> limited to 10000 by server) + max_initial_member_sync: -1 + # Whether or not to sync the member list in channels. + # If no channel admins have logged into the bridge, the bridge won't be able to sync the member + # list regardless of this setting. + sync_channel_members: true + # Whether or not to skip deleted members when syncing members. + skip_deleted_members: true + # Whether or not to automatically synchronize contacts and chats of Matrix users logged into + # their Telegram account at startup. + startup_sync: true + # Number of most recently active dialogs to check when syncing chats. + # Dialogs include groups and private chats, but only groups are synced. + # Set to 0 to remove limit. + sync_dialog_limit: 30 + # Whether or not to sync and create portals for direct chats at startup. + sync_direct_chats: false + # The maximum number of simultaneous Telegram deletions to handle. + # A large number of simultaneous redactions could put strain on your homeserver. + max_telegram_delete: 10 + # Whether or not to automatically sync the Matrix room state (mostly unpuppeted displaynames) + # at startup and when creating a bridge. + sync_matrix_state: true + # Allow logging in within Matrix. If false, the only way to log in is using the out-of-Matrix + # login website (see appservice.public config section) + allow_matrix_login: true + # Whether or not to bridge plaintext highlights. + # Only enable this if your displayname_template has some static part that the bridge can use to + # reliably identify what is a plaintext highlight. + plaintext_highlights: false + # Whether or not to make portals of publicly joinable channels/supergroups publicly joinable on Matrix. + public_portals: true + # Whether or not to use /sync to get presence, read receipts and typing notifications when using + # your own Matrix account as the Matrix puppet for your Telegram account. + sync_with_custom_puppets: true + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret: {{ matrix_mautrix_telegram_login_shared_secret|to_json }} + # Set to false to disable link previews in messages sent to Telegram. + telegram_link_preview: true + # Use inline images instead of a separate message for the caption. + # N.B. Inline images are not supported on all clients (e.g. Riot iOS). + inline_images: false + # Maximum size of image in megabytes before sending to Telegram as a document. + image_as_file_size: 10 + # Maximum size of Telegram documents in megabytes to bridge. + max_document_size: 100 + # Enable experimental parallel file transfer, which makes uploads/downloads much faster by + # streaming from/to Matrix and using many connections for Telegram. + # Note that generating HQ thumbnails for videos is not possible with streamed transfers. + parallel_file_transfer: false + # Whether or not created rooms should have federation enabled. + # If false, created portal rooms will never be federated. + federate_rooms: true + # Settings for converting animated stickers. + animated_sticker: + # Format to which animated stickers should be converted. + # disable - No conversion, send as-is (gzipped lottie) + # png - converts to non-animated png (fastest), + # gif - converts to animated gif, but loses transparency + # webm - converts to webm video, requires ffmpeg executable with vp9 codec and webm container support + target: gif + # Arguments for converter. All converters take width and height. + # GIF converter takes background as a hex color. + args: + width: 256 + height: 256 + background: "020202" # only for gif + fps: 30 # only for webm + # End-to-bridge encryption support options. These require matrix-nio to be installed with pip + # and login_shared_secret to be configured in order to get a device for the bridge bot. + # + # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal + # application service. + encryption: + # Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + + # Overrides for base power levels. + initial_power_level_overrides: + user: {} + group: {} + + # Whether to bridge Telegram bot messages as m.notices or m.texts. + bot_messages_as_notices: true + bridge_notices: + # Whether or not Matrix bot messages (type m.notice) should be bridged. + default: false + # List of user IDs for whom the previous flag is flipped. + # e.g. if bridge_notices.default is false, notices from other users will not be bridged, but + # notices from users listed here will be bridged. + exceptions: [] + + # Some config options related to Telegram message deduplication. + # The default values are usually fine, but some debug messages/warnings might recommend you + # change these. + deduplication: + # Whether or not to check the database if the message about to be sent is a duplicate. + pre_db_check: false + # The number of latest events to keep when checking for duplicates. + # You might need to increase this on high-traffic bridge instances. + cache_queue_length: 20 + + + # The formats to use when sending messages to Telegram via the relay bot. + # + # Telegram doesn't have built-in emotes, so the m.emote format is also used for non-relaybot users. + # + # Available variables: + # $sender_displayname - The display name of the sender (e.g. Example User) + # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser) + # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com) + # $message - The message content as HTML + message_formats: + m.text: "$sender_displayname: $message" + m.notice: "$sender_displayname: $message" + m.emote: "* $sender_displayname $message" + m.file: "$sender_displayname sent a file: $message" + m.image: "$sender_displayname sent an image: $message" + m.audio: "$sender_displayname sent an audio file: $message" + m.video: "$sender_displayname sent a video: $message" + m.location: "$sender_displayname sent a location: $message" + # Telegram doesn't have built-in emotes, this field specifies how m.emote's from authenticated + # users are sent to telegram. All fields in message_formats are supported. Additionally, the + # Telegram user info is available in the following variables: + # $displayname - Telegram displayname + # $username - Telegram username (may not exist) + # $mention - Telegram @username or displayname mention (depending on which exists) + emote_format: "* $mention $formatted_body" + + # The formats to use when sending state events to Telegram via the relay bot. + # + # Variables from `message_formats` that have the `sender_` prefix are available without the prefix. + # In name_change events, `$prev_displayname` is the previous displayname. + # + # Set format to an empty string to disable the messages for that event. + state_event_formats: + join: "$displayname joined the room." + leave: "$displayname left the room." + name_change: "$prev_displayname changed their name to $displayname" + + # Filter rooms that can/can't be bridged. Can also be managed using the `filter` and + # `filter-mode` management commands. + # + # Filters do not affect direct chats. + # An empty blacklist will essentially disable the filter. + filter: + # Filter mode to use. Either "blacklist" or "whitelist". + # If the mode is "blacklist", the listed chats will never be bridged. + # If the mode is "whitelist", only the listed chats can be bridged. + mode: blacklist + # The list of group/channel IDs to filter. + list: [] + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!tg" + + # Permissions for using the bridge. + # Permitted values: + # relaybot - Only use the bridge via the relaybot, no access to commands. + # user - Relaybot level + access to commands to create bridges. + # puppeting - User level + logging in with a Telegram account. + # full - Full access to use the bridge, i.e. previous levels + Matrix login. + # admin - Full access to use the bridge and some extra administration commands. + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + '{{ matrix_mautrix_telegram_homeserver_domain }}': full + + # Options related to the message relay Telegram bot. + relaybot: + private_chat: + # List of users to invite to the portal when someone starts a private chat with the bot. + # If empty, private chats with the bot won't create a portal. + invite: [] + # Whether or not to bridge state change messages in relaybot private chats. + state_changes: true + # When private_chat_invite is empty, this message is sent to users /starting the + # relaybot. Telegram's "markdown" is supported. + message: This is a Matrix bridge relaybot and does not support direct chats + # List of users to invite to all group chat portals created by the bridge. + group_chat_invite: [] + # Whether or not the relaybot should not bridge events in unbridged group chats. + # If false, portals will be created when the relaybot receives messages, just like normal + # users. This behavior is usually not desirable, as it interferes with manually bridging + # the chat to another room. + ignore_unbridged_group_chat: true + # Whether or not to allow creating portals from Telegram. + authless_portals: true + # Whether or not to allow Telegram group admins to use the bot commands. + whitelist_group_admins: true + # Whether or not to ignore incoming events sent by the relay bot. + ignore_own_incoming_events: true + # List of usernames/user IDs who are also allowed to use the bot commands. + whitelist: [] + +# Telegram config +telegram: + # Get your own API keys at https://my.telegram.org/apps + api_id: {{ matrix_mautrix_telegram_api_id }} + api_hash: {{ matrix_mautrix_telegram_api_hash }} + # (Optional) Create your own bot at https://t.me/BotFather + bot_token: {{ matrix_mautrix_telegram_bot_token }} + + # Telethon connection options. + connection: + # The timeout in seconds to be used when connecting. + timeout: 120 + # How many times the reconnection should retry, either on the initial connection or when + # Telegram disconnects us. May be set to a negative or null value for infinite retries, but + # this is not recommended, since the program can get stuck in an infinite loop. + retries: 5 + # The delay in seconds to sleep between automatic reconnections. + retry_delay: 1 + # The threshold below which the library should automatically sleep on flood wait errors + # (inclusive). For instance, if a FloodWaitError for 17s occurs and flood_sleep_threshold + # is 20s, the library will sleep automatically. If the error was for 21s, it would raise + # the error instead. Values larger than a day (86400) will be changed to a day. + flood_sleep_threshold: 60 + # How many times a request should be retried. Request are retried when Telegram is having + # internal issues, when there is a FloodWaitError less than flood_sleep_threshold, or when + # there's a migrate error. May take a negative or null value for infinite retries, but this + # is not recommended, since some requests can always trigger a call fail (such as searching + # for messages). + request_retries: 5 + + # Device info sent to Telegram. + device_info: + # "auto" = OS name+version. + device_model: auto + # "auto" = Telethon version. + system_version: auto + # "auto" = mautrix-telegram version. + app_version: auto + lang_code: en + system_lang_code: en + + # Custom server to connect to. + server: + # Set to true to use these server settings. If false, will automatically + # use production server assigned by Telegram. Set to false in production. + enabled: false + # The DC ID to connect to. + dc: 2 + # The IP to connect to. + ip: 149.154.167.40 + # The port to connect to. 443 may not work, 80 is better and both are equally secure. + port: 80 + + # Telethon proxy configuration. + # You must install PySocks from pip for proxies to work. + proxy: + # Allowed types: disabled, socks4, socks5, http + type: disabled + # Proxy IP address and port. + address: 127.0.0.1 + port: 1080 + # Whether or not to perform DNS resolving remotely. + rdns: true + # Proxy authentication (optional). + username: "" + password: "" + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + precise: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + formatter: precise + loggers: + mau: + level: DEBUG + telethon: + level: DEBUG + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [console] diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index f83c78f0..e9929f96 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -35,175 +35,7 @@ matrix_mautrix_whatsapp_login_shared_secret: '' # # For a more advanced customization, you can extend the default (see `matrix_mautrix_whatsapp_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_mautrix_whatsapp_configuration_yaml: | - # Homeserver details. - homeserver: - # The address that this appservice can use to connect to the homeserver. - address: {{ matrix_mautrix_whatsapp_homeserver_address }} - # The domain of the homeserver (for MXIDs, etc). - domain: {{ matrix_mautrix_whatsapp_homeserver_domain }} - # Application service host/registration related details. - # Changing these values requires regeneration of the registration. - - appservice: - # The address that the homeserver can use to connect to this appservice. - address: {{ matrix_mautrix_whatsapp_appservice_address }} - - # The hostname and port where this appservice should listen. - hostname: 0.0.0.0 - port: 8080 - - # Database config. - database: - # The database type. "sqlite3" and "postgres" are supported. - type: sqlite3 - # The database URI. - # SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string - # Postgres: Connection string. For example, postgres://user:password@host/database - uri: mautrix-whatsapp.db - # Maximum number of connections. Mostly relevant for Postgres. - max_open_conns: 20 - max_idle_conns: 2 - - # Path to the Matrix room state store. - state_store_path: ./mx-state.json - - # The unique ID of this appservice. - id: whatsapp - # Appservice bot details. - bot: - # Username of the appservice bot. - username: whatsappbot - # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty - # to leave display name/avatar as-is. - displayname: WhatsApp bridge bot - avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr - - # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. - as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" - hs_token: "{{ matrix_mautrix_whatsapp_homeserver_token }}" - - # Bridge config - bridge: - # Localpart template of MXIDs for WhatsApp users. - # {{ '{{.}}' }} is replaced with the phone number of the WhatsApp user. - username_template: "{{ 'whatsapp_{{.}}' }}" - # Displayname template for WhatsApp users. - # {{ '{{.Notify'}}' }} - nickname set by the WhatsApp user - # {{ '{{.Jid}}' }} - phone number (international format) - # The following variables are also available, but will cause problems on multi-user instances: - # {{ '{{.Name}}' }} - display name from contact list - # {{ '{{.Short}}' }} - short display name from contact list - displayname_template: "{{ '{{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}} (WA)' }}" - # WhatsApp connection timeout in seconds. - connection_timeout: 20 - # Maximum number of times to retry connecting on connection error. - max_connection_attempts: 3 - # Number of seconds to wait between connection attempts. - # Negative numbers are exponential backoff: -connection_retry_delay + 1 + 2^attempts - connection_retry_delay: -1 - # Whether or not the bridge should send a notice to the user's management room when it retries connecting. - # If false, it will only report when it stops retrying. - report_connection_retry: true - # Maximum number of seconds to wait for chats to be sent at startup. - # If this is too low and you have lots of chats, it could cause backfilling to fail. - chat_list_wait: 30 - # Maximum number of seconds to wait to sync portals before force unlocking message processing. - # If this is too low and you have lots of chats, it could cause backfilling to fail. - portal_sync_wait: 600 - - # Whether or not to send call start/end notices to Matrix. - call_notices: - start: true - end: true - - # Number of chats to sync for new users. - initial_chat_sync_count: 10 - # Number of old messages to fill when creating new portal rooms. - initial_history_fill_count: 20 - # Maximum number of chats to sync when recovering from downtime. - # Set to -1 to sync all new chats during downtime. - recovery_chat_sync_limit: -1 - # Whether or not to sync history when recovering from downtime. - recovery_history_backfill: true - # Maximum number of seconds since last message in chat to skip - # syncing the chat in any case. This setting will take priority - # over both recovery_chat_sync_limit and initial_chat_sync_count. - # Default is 3 days = 259200 seconds - sync_max_chat_age: 259200 - - # Whether or not to sync with custom puppets to receive EDUs that - # are not normally sent to appservices. - sync_with_custom_puppets: true - # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth - # - # If set, custom puppets will be enabled automatically for local users - # instead of users having to find an access token and run `login-matrix` - # manually. - login_shared_secret: {{ matrix_mautrix_whatsapp_login_shared_secret|to_json }} - - # Whether or not to invite own WhatsApp user's Matrix puppet into private - # chat portals when backfilling if needed. - # This always uses the default puppet instead of custom puppets due to - # rate limits and timestamp massaging. - invite_own_puppet_for_backfilling: true - # Whether or not to explicitly set the avatar and room name for private - # chat portal rooms. This can be useful if the previous field works fine, - # but causes room avatar/name bugs. - private_chat_portal_meta: false - - # Allow invite permission for user. User can invite any bots to room with whatsapp - # users (private chat and groups) - allow_user_invite: false - - # The prefix for commands. Only required in non-management rooms. - command_prefix: "!wa" - - # Permissions for using the bridge. - # Permitted values: - # user - Access to use the bridge to chat with a WhatsApp account. - # admin - User level and some additional administration tools - # Permitted keys: - # * - All Matrix users - # domain - All users on that homeserver - # mxid - Specific user - permissions: - "{{ matrix_mautrix_whatsapp_homeserver_domain }}": user - - relaybot: - # Whether or not relaybot support is enabled. - enabled: false - # The management room for the bot. This is where all status notifications are posted and - # in this room, you can use `!wa ` instead of `!wa relaybot `. Omitting - # the command prefix completely like in user management rooms is not possible. - management: '!foo:example.com' - # List of users to invite to all created rooms that include the relaybot. - invites: [] - # The formats to use when sending messages to WhatsApp via the relaybot. - message_formats: - m.text: "{{ '{{ .Sender.Displayname }}' }}: {{ '{{ .Message }}' }}" - m.notice: "{{ '{{ .Sender.Displayname }}' }}:: {{ '{{ .Message }}' }}" - m.emote: "* {{ '{{ .Sender.Displayname }}' }}: {{ '{{ .Message }}' }}" - m.file: "{{ '{{ .Sender.Displayname }}' }}: sent a file" - m.image: "{{ '{{ .Sender.Displayname }}' }}: sent an image" - m.audio: "{{ '{{ .Sender.Displayname }}' }}: sent an audio file" - m.video: "{{ '{{ .Sender.Displayname }}' }}: sent a video" - m.location: "{{ '{{ .Sender.Displayname }}' }}: sent a location" - # Logging config. - logging: - # The directory for log files. Will be created if not found. - directory: ./logs - # Available variables: .Date for the file date and .Index for different log files on the same day. - file_name_format: "{{ '{{.Date}}-{{.Index}}.log' }}" - # Date format for file names in the Go time format: https://golang.org/pkg/time/#pkg-constants - file_date_format: "2006-01-02" - # Log file permissions. - file_mode: 0600 - # Timestamp format for log entries in the Go time format. - timestamp_format: "Jan _2, 2006 15:04:05" - # Minimum severity for log messages. - # Options: debug, info, warn, error, fatal - print_level: debug +matrix_mautrix_whatsapp_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_mautrix_whatsapp_configuration_extension_yaml: | # Your custom YAML configuration goes here. diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 new file mode 100644 index 00000000..a527a188 --- /dev/null +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -0,0 +1,169 @@ +#jinja2: lstrip_blocks: "True" +# Homeserver details. +homeserver: + # The address that this appservice can use to connect to the homeserver. + address: {{ matrix_mautrix_whatsapp_homeserver_address }} + # The domain of the homeserver (for MXIDs, etc). + domain: {{ matrix_mautrix_whatsapp_homeserver_domain }} +# Application service host/registration related details. +# Changing these values requires regeneration of the registration. + +appservice: + # The address that the homeserver can use to connect to this appservice. + address: {{ matrix_mautrix_whatsapp_appservice_address }} + + # The hostname and port where this appservice should listen. + hostname: 0.0.0.0 + port: 8080 + + # Database config. + database: + # The database type. "sqlite3" and "postgres" are supported. + type: sqlite3 + # The database URI. + # SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string + # Postgres: Connection string. For example, postgres://user:password@host/database + uri: mautrix-whatsapp.db + # Maximum number of connections. Mostly relevant for Postgres. + max_open_conns: 20 + max_idle_conns: 2 + + # Path to the Matrix room state store. + state_store_path: ./mx-state.json + + # The unique ID of this appservice. + id: whatsapp + # Appservice bot details. + bot: + # Username of the appservice bot. + username: whatsappbot + # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty + # to leave display name/avatar as-is. + displayname: WhatsApp bridge bot + avatar: mxc://maunium.net/NeXNQarUbrlYBiPCpprYsRqr + + # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. + as_token: "{{ matrix_mautrix_whatsapp_appservice_token }}" + hs_token: "{{ matrix_mautrix_whatsapp_homeserver_token }}" + +# Bridge config +bridge: + # Localpart template of MXIDs for WhatsApp users. + # {{ '{{.}}' }} is replaced with the phone number of the WhatsApp user. + username_template: "{{ 'whatsapp_{{.}}' }}" + # Displayname template for WhatsApp users. + # {{ '{{.Notify'}}' }} - nickname set by the WhatsApp user + # {{ '{{.Jid}}' }} - phone number (international format) + # The following variables are also available, but will cause problems on multi-user instances: + # {{ '{{.Name}}' }} - display name from contact list + # {{ '{{.Short}}' }} - short display name from contact list + displayname_template: "{{ '{{if .Notify}}{{.Notify}}{{else}}{{.Jid}}{{end}} (WA)' }}" + # WhatsApp connection timeout in seconds. + connection_timeout: 20 + # Maximum number of times to retry connecting on connection error. + max_connection_attempts: 3 + # Number of seconds to wait between connection attempts. + # Negative numbers are exponential backoff: -connection_retry_delay + 1 + 2^attempts + connection_retry_delay: -1 + # Whether or not the bridge should send a notice to the user's management room when it retries connecting. + # If false, it will only report when it stops retrying. + report_connection_retry: true + # Maximum number of seconds to wait for chats to be sent at startup. + # If this is too low and you have lots of chats, it could cause backfilling to fail. + chat_list_wait: 30 + # Maximum number of seconds to wait to sync portals before force unlocking message processing. + # If this is too low and you have lots of chats, it could cause backfilling to fail. + portal_sync_wait: 600 + + # Whether or not to send call start/end notices to Matrix. + call_notices: + start: true + end: true + + # Number of chats to sync for new users. + initial_chat_sync_count: 10 + # Number of old messages to fill when creating new portal rooms. + initial_history_fill_count: 20 + # Maximum number of chats to sync when recovering from downtime. + # Set to -1 to sync all new chats during downtime. + recovery_chat_sync_limit: -1 + # Whether or not to sync history when recovering from downtime. + recovery_history_backfill: true + # Maximum number of seconds since last message in chat to skip + # syncing the chat in any case. This setting will take priority + # over both recovery_chat_sync_limit and initial_chat_sync_count. + # Default is 3 days = 259200 seconds + sync_max_chat_age: 259200 + + # Whether or not to sync with custom puppets to receive EDUs that + # are not normally sent to appservices. + sync_with_custom_puppets: true + # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth + # + # If set, custom puppets will be enabled automatically for local users + # instead of users having to find an access token and run `login-matrix` + # manually. + login_shared_secret: {{ matrix_mautrix_whatsapp_login_shared_secret|to_json }} + + # Whether or not to invite own WhatsApp user's Matrix puppet into private + # chat portals when backfilling if needed. + # This always uses the default puppet instead of custom puppets due to + # rate limits and timestamp massaging. + invite_own_puppet_for_backfilling: true + # Whether or not to explicitly set the avatar and room name for private + # chat portal rooms. This can be useful if the previous field works fine, + # but causes room avatar/name bugs. + private_chat_portal_meta: false + + # Allow invite permission for user. User can invite any bots to room with whatsapp + # users (private chat and groups) + allow_user_invite: false + + # The prefix for commands. Only required in non-management rooms. + command_prefix: "!wa" + + # Permissions for using the bridge. + # Permitted values: + # user - Access to use the bridge to chat with a WhatsApp account. + # admin - User level and some additional administration tools + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "{{ matrix_mautrix_whatsapp_homeserver_domain }}": user + + relaybot: + # Whether or not relaybot support is enabled. + enabled: false + # The management room for the bot. This is where all status notifications are posted and + # in this room, you can use `!wa ` instead of `!wa relaybot `. Omitting + # the command prefix completely like in user management rooms is not possible. + management: '!foo:example.com' + # List of users to invite to all created rooms that include the relaybot. + invites: [] + # The formats to use when sending messages to WhatsApp via the relaybot. + message_formats: + m.text: "{{ '{{ .Sender.Displayname }}' }}: {{ '{{ .Message }}' }}" + m.notice: "{{ '{{ .Sender.Displayname }}' }}:: {{ '{{ .Message }}' }}" + m.emote: "* {{ '{{ .Sender.Displayname }}' }}: {{ '{{ .Message }}' }}" + m.file: "{{ '{{ .Sender.Displayname }}' }}: sent a file" + m.image: "{{ '{{ .Sender.Displayname }}' }}: sent an image" + m.audio: "{{ '{{ .Sender.Displayname }}' }}: sent an audio file" + m.video: "{{ '{{ .Sender.Displayname }}' }}: sent a video" + m.location: "{{ '{{ .Sender.Displayname }}' }}: sent a location" +# Logging config. +logging: + # The directory for log files. Will be created if not found. + directory: ./logs + # Available variables: .Date for the file date and .Index for different log files on the same day. + file_name_format: "{{ '{{.Date}}-{{.Index}}.log' }}" + # Date format for file names in the Go time format: https://golang.org/pkg/time/#pkg-constants + file_date_format: "2006-01-02" + # Log file permissions. + file_mode: 0600 + # Timestamp format for log entries in the Go time format. + timestamp_format: "Jan _2, 2006 15:04:05" + # Minimum severity for log messages. + # Options: debug, info, warn, error, fatal + print_level: debug diff --git a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml index 9d80ab04..8b977acf 100644 --- a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml @@ -56,145 +56,7 @@ matrix_mx_puppet_skype_login_shared_secret: '' # # For a more advanced customization, you can extend the default (see `matrix_mx_puppet_skype_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_mx_puppet_skype_configuration_yaml: | - #jinja2: lstrip_blocks: "True" - bridge: - # Address for the bridge to bind to; if running as a Docker container, you - # probably want 0.0.0.0 here - bindAddress: 0.0.0.0 - # Port to host the bridge on which your homeserver will connect to - port: {{ matrix_mx_puppet_skype_appservice_port }} - # Name of your homeserver - domain: {{ matrix_domain }} - # URL where the bridge can connect to your homeserver - homeserverUrl: {{ matrix_mx_puppet_skype_homeserver_address }} - # Optionally specify a different media URL used for the media store - mediaURL: https://{{ matrix_server_fqn_matrix }} - # This enabled automatic double-puppeting: - # A map for shared secrets of the homeserver URL to the shared secret - # See https://github.com/devture/matrix-synapse-shared-secret-auth - #loginSharedSecretMap: - # yourserver.com: supersecretsharedsecret - {% if matrix_mx_puppet_skype_login_shared_secret != '' %} - loginSharedSecretMap: - {{ matrix_domain }}: {{ matrix_mx_puppet_skype_login_shared_secret }} - {% endif %} - # optionally override the display name of the bridge bot - #displayname: Protocol Bot - # optionally set the avatar of the bridge bot - #avatarUrl: mxc://yourserver.com/somefile - - logging: - # Log level of console output - # Allowed values starting with most verbose: - # silly, debug, verbose, info, warn, error - console: info - # Optionally, you can apply filters to the console logging - #console: - # level: info - # enabled: - # - Store - # disabled: - # - PresenceHandler - - # Date and time formatting - lineDateFormat: MMM-D HH:mm:ss.SSS - # Logging files - # Log files are rotated daily by default - files: - # Log file path - - file: "/data/bridge.log" - # Log level for this file - # Allowed values starting with most verbose: - # silly, debug, verbose, info, warn, error - level: info - # Date and time formatting - datePattern: YYYY-MM-DD - # Maximum number of logs to keep. - # This can be a number of files or number of days. - # If using days, add 'd' as a suffix - maxFiles: 14d - # Maximum size of the file after which it will rotate. This can be a - # number of bytes, or units of kb, mb, and gb. If using the units, add - # 'k', 'm', or 'g' as the suffix - maxSize: 50m - # Optionally enable/disable logging for certain modules - #disabled: - # - PresenceHandler - # - module: bot-sdk-MatrixLiteClient - # regex: /_matrix/client/r0/presence/ # this regex needs to match to disable the log - #enabled: - # - Store - - database: - # Use Postgres as a database backend - # If set, will be used instead of SQLite3 - # Connection string to connect to the Postgres instance - # with username "user", password "pass", host "localhost" and database name "dbname". - # Modify each value as necessary - #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" - # Use SQLite3 as a database backend - # The name of the database file - filename: /data/database.db - - provisioning: - # Regex of Matrix IDs allowed to use the puppet bridge - whitelist: {{ matrix_mx_puppet_skype_provisioning_whitelist|to_json }} - # Allow a specific user - #- "@user:server\\.com" - # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" - # Allow anyone - #- ".*" - - # Regex of Matrix IDs forbidden from using the puppet bridge - #blacklist: - # Disallow a specific user - #- "@user:server\\.com" - # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" - blacklist: {{ matrix_mx_puppet_skype_provisioning_blacklist|to_json }} - - presence: - # Bridge online/offline status - enabled: true - # How often to send status to the homeserver in milliseconds - interval: 500 - # if the im.vector.user_status state setting should be diabled - #disableStatusState: false - # A blacklist of remote user IDs for the im.vector.user_status state setting - #statusStateBlacklist: - # - baduser - - relay: - # Regex of Matrix IDs to allow to use the relay mode - # Same format as in provisioning - #whitelist: - #- "@.*:yourserver\\.com" - whitelist: {{ matrix_mx_puppet_skype_relay_whitelist|to_json }} - - #blacklist: - #- "@user:yourserver\\.com" - blacklist: {{ matrix_mx_puppet_skype_relay_blacklist|to_json }} - - # Map certain homeserver URLs to the C-S API endpoint - # Useful for double-puppeting if .well-known is unavailable for some reason - #homeserverUrlMap: - # yourserver.com: http://localhost:1234 - - namePatterns: - # Override the protocols set default name patterns - # Which variables are available depends on protocol implementation - user: :name - room: :name - - limits: - # Up to how many users should be auto-joined on room creation? -1 to disable - # Defaults to 200 - maxAutojoinUsers: 200 - # How long the delay between two autojoin users should be, in millisectonds. - # Defaults to 5000 - roomUserAutojoinDelay: 5000 +matrix_mx_puppet_skype_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_mx_puppet_skype_configuration_extension_yaml: | # Your custom YAML configuration goes here. diff --git a/roles/matrix-bridge-mx-puppet-skype/templates/config.yaml.j2 b/roles/matrix-bridge-mx-puppet-skype/templates/config.yaml.j2 new file mode 100644 index 00000000..c7b5c870 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-skype/templates/config.yaml.j2 @@ -0,0 +1,138 @@ +#jinja2: lstrip_blocks: "True" +bridge: + # Address for the bridge to bind to; if running as a Docker container, you + # probably want 0.0.0.0 here + bindAddress: 0.0.0.0 + # Port to host the bridge on which your homeserver will connect to + port: {{ matrix_mx_puppet_skype_appservice_port }} + # Name of your homeserver + domain: {{ matrix_domain }} + # URL where the bridge can connect to your homeserver + homeserverUrl: {{ matrix_mx_puppet_skype_homeserver_address }} + # Optionally specify a different media URL used for the media store + mediaURL: https://{{ matrix_server_fqn_matrix }} + # This enabled automatic double-puppeting: + # A map for shared secrets of the homeserver URL to the shared secret + # See https://github.com/devture/matrix-synapse-shared-secret-auth + #loginSharedSecretMap: + # yourserver.com: supersecretsharedsecret + {% if matrix_mx_puppet_skype_login_shared_secret != '' %} + loginSharedSecretMap: + {{ matrix_domain }}: {{ matrix_mx_puppet_skype_login_shared_secret }} + {% endif %} + # optionally override the display name of the bridge bot + #displayname: Protocol Bot + # optionally set the avatar of the bridge bot + #avatarUrl: mxc://yourserver.com/somefile + +logging: + # Log level of console output + # Allowed values starting with most verbose: + # silly, debug, verbose, info, warn, error + console: info + # Optionally, you can apply filters to the console logging + #console: + # level: info + # enabled: + # - Store + # disabled: + # - PresenceHandler + + # Date and time formatting + lineDateFormat: MMM-D HH:mm:ss.SSS + # Logging files + # Log files are rotated daily by default + files: + # Log file path + - file: "/data/bridge.log" + # Log level for this file + # Allowed values starting with most verbose: + # silly, debug, verbose, info, warn, error + level: info + # Date and time formatting + datePattern: YYYY-MM-DD + # Maximum number of logs to keep. + # This can be a number of files or number of days. + # If using days, add 'd' as a suffix + maxFiles: 14d + # Maximum size of the file after which it will rotate. This can be a + # number of bytes, or units of kb, mb, and gb. If using the units, add + # 'k', 'm', or 'g' as the suffix + maxSize: 50m + # Optionally enable/disable logging for certain modules + #disabled: + # - PresenceHandler + # - module: bot-sdk-MatrixLiteClient + # regex: /_matrix/client/r0/presence/ # this regex needs to match to disable the log + #enabled: + # - Store + +database: + # Use Postgres as a database backend + # If set, will be used instead of SQLite3 + # Connection string to connect to the Postgres instance + # with username "user", password "pass", host "localhost" and database name "dbname". + # Modify each value as necessary + #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" + # Use SQLite3 as a database backend + # The name of the database file + filename: /data/database.db + +provisioning: + # Regex of Matrix IDs allowed to use the puppet bridge + whitelist: {{ matrix_mx_puppet_skype_provisioning_whitelist|to_json }} + # Allow a specific user + #- "@user:server\\.com" + # Allow users on a specific homeserver + #- "@.*:yourserver\\.com" + # Allow anyone + #- ".*" + + # Regex of Matrix IDs forbidden from using the puppet bridge + #blacklist: + # Disallow a specific user + #- "@user:server\\.com" + # Disallow users on a specific homeserver + #- "@.*:yourserver\\.com" + blacklist: {{ matrix_mx_puppet_skype_provisioning_blacklist|to_json }} + +presence: + # Bridge online/offline status + enabled: true + # How often to send status to the homeserver in milliseconds + interval: 500 + # if the im.vector.user_status state setting should be diabled + #disableStatusState: false + # A blacklist of remote user IDs for the im.vector.user_status state setting + #statusStateBlacklist: + # - baduser + +relay: + # Regex of Matrix IDs to allow to use the relay mode + # Same format as in provisioning + #whitelist: + #- "@.*:yourserver\\.com" + whitelist: {{ matrix_mx_puppet_skype_relay_whitelist|to_json }} + + #blacklist: + #- "@user:yourserver\\.com" + blacklist: {{ matrix_mx_puppet_skype_relay_blacklist|to_json }} + +# Map certain homeserver URLs to the C-S API endpoint +# Useful for double-puppeting if .well-known is unavailable for some reason +#homeserverUrlMap: +# yourserver.com: http://localhost:1234 + +namePatterns: + # Override the protocols set default name patterns + # Which variables are available depends on protocol implementation + user: :name + room: :name + +limits: + # Up to how many users should be auto-joined on room creation? -1 to disable + # Defaults to 200 + maxAutojoinUsers: 200 + # How long the delay between two autojoin users should be, in millisectonds. + # Defaults to 5000 + roomUserAutojoinDelay: 5000 diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index 083910b1..13aa5b7a 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -57,99 +57,7 @@ matrix_mx_puppet_slack_homeserver_token: '' # # For a more advanced customization, you can extend the default (see `matrix_mx_puppet_slack_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_mx_puppet_slack_configuration_yaml: | - #jinja2: lstrip_blocks: "True" - bridge: - # Port to host the bridge on - # Used for communication between the homeserver and the bridge - port: {{ matrix_mx_puppet_slack_appservice_port }} - # The host connections to the bridge's webserver are allowed from - bindAddress: 0.0.0.0 - # Public domain of the homeserver - domain: {{ matrix_mx_puppet_slack_homeserver_domain }} - # Reachable URL of the Matrix homeserver - homeserverUrl: {{ matrix_mx_puppet_slack_homeserver_address }} - - - # Slack OAuth settings. Create a slack app at https://api.slack.com/apps - oauth: - enabled: true - # Slack app credentials. - # N.B. This must be quoted so YAML wouldn't parse it as a float. - clientId: "{{ matrix_mx_puppet_slack_client_id }}" - clientSecret: {{ matrix_mx_puppet_slack_client_secret }} - # Path where to listen for OAuth redirect callbacks. - redirectPath: {{ matrix_mx_puppet_slack_redirect_path }} - # Set up proxying from https://your.domain/redirect_path to http://bindAddress:port/redirect_path, - # then set this field and the Slack app redirect URI field to the former. - redirectUri: {{ matrix_mx_puppet_slack_redirect_uri }} - - presence: - # Bridge Discord online/offline status - enabled: true - # How often to send status to the homeserver in milliseconds - interval: 500 - - provisioning: - # Regex of Matrix IDs allowed to use the puppet bridge - whitelist: {{ matrix_mx_puppet_slack_provisioning_whitelist|to_json }} - # Allow a specific user - #- "@user:server\\.com" - # Allow users on a specific homeserver - #- "@.*:yourserver\\.com" - # Allow anyone - #- ".*" - # Regex of Matrix IDs forbidden from using the puppet bridge - #blacklist: - # Disallow a specific user - #- "@user:server\\.com" - # Disallow users on a specific homeserver - #- "@.*:yourserver\\.com" - blacklist: {{ matrix_mx_puppet_slack_provisioning_blacklist|to_json }} - - # Shared secret for the provisioning API for use by integration managers. - # If this is not set, the provisioning API will not be enabled. - #sharedSecret: random string - # Path prefix for the provisioning API. /v1 will be appended to the prefix automatically. - apiPrefix: /_matrix/provision - - database: - # Use Postgres as a database backend - # If set, will be used instead of SQLite3 - # Connection string to connect to the Postgres instance - # with username "user", password "pass", host "localhost" and database name "dbname". - # Modify each value as necessary - #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" - # Use SQLite3 as a database backend - # The name of the database file - filename: /data/database.db - - logging: - # Log level of console output - # Allowed values starting with most verbose: - # silly, debug, verbose, info, warn, error - console: info - # Date and time formatting - lineDateFormat: MMM-D HH:mm:ss.SSS - # Logging files - # Log files are rotated daily by default - files: - # Log file path - - file: "/data/bridge.log" - # Log level for this file - # Allowed values starting with most verbose: - # silly, debug, verbose, info, warn, error - level: info - # Date and time formatting - datePattern: YYYY-MM-DD - # Maximum number of logs to keep. - # This can be a number of files or number of days. - # If using days, add 'd' as a suffix - maxFiles: 14d - # Maximum size of the file after which it will rotate. This can be a - # number of bytes, or units of kb, mb, and gb. If using the units, add - # 'k', 'm', or 'g' as the suffix - maxSize: 50m +matrix_mx_puppet_slack_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_mx_puppet_slack_configuration_extension_yaml: | # Your custom YAML configuration goes here. diff --git a/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 b/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 new file mode 100644 index 00000000..bcf4e2d1 --- /dev/null +++ b/roles/matrix-bridge-mx-puppet-slack/templates/config.yaml.j2 @@ -0,0 +1,92 @@ +#jinja2: lstrip_blocks: "True" +bridge: + # Port to host the bridge on + # Used for communication between the homeserver and the bridge + port: {{ matrix_mx_puppet_slack_appservice_port }} + # The host connections to the bridge's webserver are allowed from + bindAddress: 0.0.0.0 + # Public domain of the homeserver + domain: {{ matrix_mx_puppet_slack_homeserver_domain }} + # Reachable URL of the Matrix homeserver + homeserverUrl: {{ matrix_mx_puppet_slack_homeserver_address }} + + +# Slack OAuth settings. Create a slack app at https://api.slack.com/apps +oauth: + enabled: true + # Slack app credentials. + # N.B. This must be quoted so YAML wouldn't parse it as a float. + clientId: "{{ matrix_mx_puppet_slack_client_id }}" + clientSecret: {{ matrix_mx_puppet_slack_client_secret }} + # Path where to listen for OAuth redirect callbacks. + redirectPath: {{ matrix_mx_puppet_slack_redirect_path }} + # Set up proxying from https://your.domain/redirect_path to http://bindAddress:port/redirect_path, + # then set this field and the Slack app redirect URI field to the former. + redirectUri: {{ matrix_mx_puppet_slack_redirect_uri }} + +presence: + # Bridge Discord online/offline status + enabled: true + # How often to send status to the homeserver in milliseconds + interval: 500 + +provisioning: + # Regex of Matrix IDs allowed to use the puppet bridge + whitelist: {{ matrix_mx_puppet_slack_provisioning_whitelist|to_json }} + # Allow a specific user + #- "@user:server\\.com" + # Allow users on a specific homeserver + #- "@.*:yourserver\\.com" + # Allow anyone + #- ".*" + # Regex of Matrix IDs forbidden from using the puppet bridge + #blacklist: + # Disallow a specific user + #- "@user:server\\.com" + # Disallow users on a specific homeserver + #- "@.*:yourserver\\.com" + blacklist: {{ matrix_mx_puppet_slack_provisioning_blacklist|to_json }} + + # Shared secret for the provisioning API for use by integration managers. + # If this is not set, the provisioning API will not be enabled. + #sharedSecret: random string + # Path prefix for the provisioning API. /v1 will be appended to the prefix automatically. + apiPrefix: /_matrix/provision + +database: + # Use Postgres as a database backend + # If set, will be used instead of SQLite3 + # Connection string to connect to the Postgres instance + # with username "user", password "pass", host "localhost" and database name "dbname". + # Modify each value as necessary + #connString: "postgres://user:pass@localhost/dbname?sslmode=disable" + # Use SQLite3 as a database backend + # The name of the database file + filename: /data/database.db + +logging: + # Log level of console output + # Allowed values starting with most verbose: + # silly, debug, verbose, info, warn, error + console: info + # Date and time formatting + lineDateFormat: MMM-D HH:mm:ss.SSS + # Logging files + # Log files are rotated daily by default + files: + # Log file path + - file: "/data/bridge.log" + # Log level for this file + # Allowed values starting with most verbose: + # silly, debug, verbose, info, warn, error + level: info + # Date and time formatting + datePattern: YYYY-MM-DD + # Maximum number of logs to keep. + # This can be a number of files or number of days. + # If using days, add 'd' as a suffix + maxFiles: 14d + # Maximum size of the file after which it will rotate. This can be a + # number of bytes, or units of kb, mb, and gb. If using the units, add + # 'k', 'm', or 'g' as the suffix + maxSize: 50m diff --git a/roles/matrix-dimension/defaults/main.yml b/roles/matrix-dimension/defaults/main.yml index fafe289d..770f5bcb 100644 --- a/roles/matrix-dimension/defaults/main.yml +++ b/roles/matrix-dimension/defaults/main.yml @@ -39,89 +39,7 @@ matrix_dimension_homeserver_federationUrl: "http://matrix-synapse:8048" # # For a more advanced customization, you can extend the default (see `matrix_dimension_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_dimension_configuration_yaml: | - #jinja2: lstrip_blocks: True - # The web settings for the service (API and UI). - # It is best to have this run on localhost and use a reverse proxy to access Dimension. - web: - port: 8184 - address: '0.0.0.0' - - # Homeserver configuration - homeserver: - # The domain name of the homeserver. This is used in many places, such as with go-neb - # setups, to identify the homeserver. - name: "{{ matrix_domain }}" - - # The URL that Dimension, go-neb, and other services provisioned by Dimension should - # use to access the homeserver with. - clientServerUrl: "http://matrix-synapse:8008" - - # The URL that Dimension should use when trying to communicate with federated APIs on - # the homeserver. If not supplied or left empty Dimension will try to resolve the address - # through the normal federation process. - federationUrl: "{{ matrix_dimension_homeserver_federationUrl }}" - - # The URL that Dimension will redirect media requests to for downloading media such as - # stickers. If not supplied or left empty Dimension will use the clientServerUrl. - mediaUrl: "https://{{ matrix_server_fqn_matrix }}" - - # The access token Dimension should use for miscellaneous access to the homeserver. This - # should be for a user on the configured homeserver: any user will do, however it is - # recommended to use a dedicated user (such as @dimension:t2bot.io). For information on - # how to acquire an access token, visit https://t2bot.io/docs/access_tokens - accessToken: "{{ matrix_dimension_access_token }}" - - # These users can modify the integrations this Dimension supports. - # To access the admin interface, open Dimension in Riot and click the settings icon. - admins: {{ matrix_dimension_admins|to_json }} - - # IPs and CIDR ranges listed here will be blocked from being widgets. - # Note: Widgets may still be embedded with restricted content, although not through Dimension directly. - widgetBlacklist: - - 10.0.0.0/8 - - 172.16.0.0/12 - - 192.168.0.0/16 - - 127.0.0.0/8 - - # Where the database for Dimension is - database: - file: "dimension.db" - - # Display settings that apply to self-hosted go-neb instances - goneb: - # The avatars to set for each bot. Usually these don't need to be changed, however if your homeserver - # is not able to reach t2bot.io then you should specify your own here. To not use an avatar for a bot, - # make the bot's avatar an empty string. - avatars: - giphy: "mxc://t2bot.io/c5eaab3ef0133c1a61d3c849026deb27" - imgur: "mxc://t2bot.io/6749eaf2b302bb2188ae931b2eeb1513" - github: "mxc://t2bot.io/905b64b3cd8e2347f91a60c5eb0832e1" - wikipedia: "mxc://t2bot.io/7edfb54e9ad9e13fec0df22636feedf1" - travisci: "mxc://t2bot.io/7f4703126906fab8bb27df34a17707a8" - rss: "mxc://t2bot.io/aace4fcbd045f30afc1b4e5f0928f2f3" - google: "mxc://t2bot.io/636ad10742b66c4729bf89881a505142" - guggy: "mxc://t2bot.io/e7ef0ed0ba651aaf907655704f9a7526" - echo: "mxc://t2bot.io/3407ff2db96b4e954fcbf2c6c0415a13" - circleci: "mxc://t2bot.io/cf7d875845a82a6b21f5f66de78f6bee" - jira: "mxc://t2bot.io/f4a38ebcc4280ba5b950163ca3e7c329" - - # Settings for how Dimension is represented to the public - dimension: - # This is where Dimension is accessible from clients. Be sure to set this - # to your own Dimension instance. - publicUrl: "https://{{ matrix_server_fqn_dimension }}" - - # Settings for controlling how logging works - logging: - file: /dev/null - console: true - consoleLevel: verbose - fileLevel: info - rotate: - size: 52428800 # bytes, default is 50mb - count: 5 - +matrix_dimension_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}" matrix_dimension_configuration_extension_yaml: | # Your custom YAML configuration for Dimension goes here. diff --git a/roles/matrix-dimension/templates/config.yaml.j2 b/roles/matrix-dimension/templates/config.yaml.j2 new file mode 100644 index 00000000..576c4e8a --- /dev/null +++ b/roles/matrix-dimension/templates/config.yaml.j2 @@ -0,0 +1,81 @@ +#jinja2: lstrip_blocks: True +# The web settings for the service (API and UI). +# It is best to have this run on localhost and use a reverse proxy to access Dimension. +web: + port: 8184 + address: '0.0.0.0' + +# Homeserver configuration +homeserver: + # The domain name of the homeserver. This is used in many places, such as with go-neb + # setups, to identify the homeserver. + name: "{{ matrix_domain }}" + + # The URL that Dimension, go-neb, and other services provisioned by Dimension should + # use to access the homeserver with. + clientServerUrl: "http://matrix-synapse:8008" + + # The URL that Dimension should use when trying to communicate with federated APIs on + # the homeserver. If not supplied or left empty Dimension will try to resolve the address + # through the normal federation process. + federationUrl: "{{ matrix_dimension_homeserver_federationUrl }}" + + # The URL that Dimension will redirect media requests to for downloading media such as + # stickers. If not supplied or left empty Dimension will use the clientServerUrl. + mediaUrl: "https://{{ matrix_server_fqn_matrix }}" + + # The access token Dimension should use for miscellaneous access to the homeserver. This + # should be for a user on the configured homeserver: any user will do, however it is + # recommended to use a dedicated user (such as @dimension:t2bot.io). For information on + # how to acquire an access token, visit https://t2bot.io/docs/access_tokens + accessToken: "{{ matrix_dimension_access_token }}" + +# These users can modify the integrations this Dimension supports. +# To access the admin interface, open Dimension in Riot and click the settings icon. +admins: {{ matrix_dimension_admins|to_json }} + +# IPs and CIDR ranges listed here will be blocked from being widgets. +# Note: Widgets may still be embedded with restricted content, although not through Dimension directly. +widgetBlacklist: + - 10.0.0.0/8 + - 172.16.0.0/12 + - 192.168.0.0/16 + - 127.0.0.0/8 + +# Where the database for Dimension is +database: + file: "dimension.db" + +# Display settings that apply to self-hosted go-neb instances +goneb: + # The avatars to set for each bot. Usually these don't need to be changed, however if your homeserver + # is not able to reach t2bot.io then you should specify your own here. To not use an avatar for a bot, + # make the bot's avatar an empty string. + avatars: + giphy: "mxc://t2bot.io/c5eaab3ef0133c1a61d3c849026deb27" + imgur: "mxc://t2bot.io/6749eaf2b302bb2188ae931b2eeb1513" + github: "mxc://t2bot.io/905b64b3cd8e2347f91a60c5eb0832e1" + wikipedia: "mxc://t2bot.io/7edfb54e9ad9e13fec0df22636feedf1" + travisci: "mxc://t2bot.io/7f4703126906fab8bb27df34a17707a8" + rss: "mxc://t2bot.io/aace4fcbd045f30afc1b4e5f0928f2f3" + google: "mxc://t2bot.io/636ad10742b66c4729bf89881a505142" + guggy: "mxc://t2bot.io/e7ef0ed0ba651aaf907655704f9a7526" + echo: "mxc://t2bot.io/3407ff2db96b4e954fcbf2c6c0415a13" + circleci: "mxc://t2bot.io/cf7d875845a82a6b21f5f66de78f6bee" + jira: "mxc://t2bot.io/f4a38ebcc4280ba5b950163ca3e7c329" + +# Settings for how Dimension is represented to the public +dimension: + # This is where Dimension is accessible from clients. Be sure to set this + # to your own Dimension instance. + publicUrl: "https://{{ matrix_server_fqn_dimension }}" + +# Settings for controlling how logging works +logging: + file: /dev/null + console: true + consoleLevel: verbose + fileLevel: info + rotate: + size: 52428800 # bytes, default is 50mb + count: 5 diff --git a/roles/matrix-ma1sd/defaults/main.yml b/roles/matrix-ma1sd/defaults/main.yml index ff2f72d4..64cf7c9a 100644 --- a/roles/matrix-ma1sd/defaults/main.yml +++ b/roles/matrix-ma1sd/defaults/main.yml @@ -85,76 +85,7 @@ matrix_ma1sd_v2_enabled: true # # For a more advanced customization, you can extend the default (see `matrix_ma1sd_configuration_extension_yaml`) # or completely replace this variable with your own template. -matrix_ma1sd_configuration_yaml: | - #jinja2: lstrip_blocks: True - matrix: - domain: {{ matrix_domain }} - v1: {{ matrix_ma1sd_v1_enabled|to_json }} - v2: {{ matrix_ma1sd_v2_enabled|to_json }} - - server: - name: {{ matrix_server_fqn_matrix }} - - key: - path: /var/ma1sd/sign.key - - storage: - provider: - sqlite: - database: /var/ma1sd/ma1sd.db - - {% if matrix_ma1sd_dns_overwrite_enabled %} - dns: - overwrite: - homeserver: - client: - - name: {{ matrix_ma1sd_dns_overwrite_homeserver_client_name }} - value: {{ matrix_ma1sd_dns_overwrite_homeserver_client_value }} - {% endif %} - - {% if matrix_ma1sd_matrixorg_forwarding_enabled %} - forward: - servers: ['matrix-org'] - {% endif %} - - threepid: - medium: - email: - identity: - from: {{ matrix_ma1sd_threepid_medium_email_identity_from }} - connectors: - smtp: - host: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_host }} - port: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_port }} - tls: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_tls }} - login: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_login }} - password: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_password }} - {% if matrix_ma1sd_threepid_medium_email_custom_templates_enabled %} - generators: - template: - {% if matrix_ma1sd_threepid_medium_email_custom_invite_template %} - invite: '/var/ma1sd/invite-template.eml' - {% endif %} - {% if matrix_ma1sd_threepid_medium_email_custom_session_validation_template or matrix_ma1sd_threepid_medium_email_custom_unbind_fraudulent_template %} - session: - {% if matrix_ma1sd_threepid_medium_email_custom_session_validation_template %} - validation: '/var/ma1sd/validate-template.eml' - {% endif %} - {% if matrix_ma1sd_threepid_medium_email_custom_unbind_fraudulent_template %} - unbind: - frandulent: '/var/ma1sd/unbind-fraudulent.eml' - {% endif %} - {% endif %} - {% if matrix_ma1sd_threepid_medium_email_custom_matrixid_template %} - generic: - matrixId: '/var/ma1sd/mxid-template.eml' - {% endif %} - {% endif %} - - synapseSql: - enabled: {{ matrix_ma1sd_synapsesql_enabled }} - type: {{ matrix_ma1sd_synapsesql_type }} - connection: {{ matrix_ma1sd_synapsesql_connection }} +matrix_ma1sd_configuration_yaml: "{{ lookup('template', 'templates/ma1sd.yaml.j2') }}" matrix_ma1sd_configuration_extension_yaml: | # Your custom YAML configuration for ma1sd goes here. diff --git a/roles/matrix-ma1sd/templates/ma1sd.yaml.j2 b/roles/matrix-ma1sd/templates/ma1sd.yaml.j2 new file mode 100644 index 00000000..0deef3d8 --- /dev/null +++ b/roles/matrix-ma1sd/templates/ma1sd.yaml.j2 @@ -0,0 +1,69 @@ +#jinja2: lstrip_blocks: True +matrix: + domain: {{ matrix_domain }} + v1: {{ matrix_ma1sd_v1_enabled|to_json }} + v2: {{ matrix_ma1sd_v2_enabled|to_json }} + +server: + name: {{ matrix_server_fqn_matrix }} + +key: + path: /var/ma1sd/sign.key + +storage: + provider: + sqlite: + database: /var/ma1sd/ma1sd.db + +{% if matrix_ma1sd_dns_overwrite_enabled %} +dns: + overwrite: + homeserver: + client: + - name: {{ matrix_ma1sd_dns_overwrite_homeserver_client_name }} + value: {{ matrix_ma1sd_dns_overwrite_homeserver_client_value }} +{% endif %} + +{% if matrix_ma1sd_matrixorg_forwarding_enabled %} +forward: + servers: ['matrix-org'] +{% endif %} + +threepid: + medium: + email: + identity: + from: {{ matrix_ma1sd_threepid_medium_email_identity_from }} + connectors: + smtp: + host: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_host }} + port: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_port }} + tls: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_tls }} + login: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_login }} + password: {{ matrix_ma1sd_threepid_medium_email_connectors_smtp_password }} +{% if matrix_ma1sd_threepid_medium_email_custom_templates_enabled %} + generators: + template: + {% if matrix_ma1sd_threepid_medium_email_custom_invite_template %} + invite: '/var/ma1sd/invite-template.eml' + {% endif %} + {% if matrix_ma1sd_threepid_medium_email_custom_session_validation_template or matrix_ma1sd_threepid_medium_email_custom_unbind_fraudulent_template %} + session: + {% if matrix_ma1sd_threepid_medium_email_custom_session_validation_template %} + validation: '/var/ma1sd/validate-template.eml' + {% endif %} + {% if matrix_ma1sd_threepid_medium_email_custom_unbind_fraudulent_template %} + unbind: + frandulent: '/var/ma1sd/unbind-fraudulent.eml' + {% endif %} + {% endif %} + {% if matrix_ma1sd_threepid_medium_email_custom_matrixid_template %} + generic: + matrixId: '/var/ma1sd/mxid-template.eml' + {% endif %} +{% endif %} + +synapseSql: + enabled: {{ matrix_ma1sd_synapsesql_enabled }} + type: {{ matrix_ma1sd_synapsesql_type }} + connection: {{ matrix_ma1sd_synapsesql_connection }}