pub-solar/matrix-docker-ansible-deploy
5
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge branch 'master' into pub.solar

Browse source
This commit is contained in:
teutat3s 2022-03-23 13:32:55 +01:00
parent 5970916982 d04162b275
commit 80f94fd344
Signed by: teutat3s
GPG key ID: 18DAE600A6BBE705
125 changed files with 691 additions and 244 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/matrix.yml vendored
View file

@ -11,6 +11,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out configuration from GitHub
uses: actions/checkout@v2.4.0
uses: actions/checkout@v3
- name: 🚀 Run yamllint
uses: frenck/action-yamllint@v1.1.2

17
CHANGELOG.md
View file

@ -1,3 +1,20 @@
# 2022-03-17
## (Compatibility Break) ma1sd identity server no longer installed by default
The playbook no longer installs the [ma1sd](https://github.com/ma1uta/ma1sd) identity server by default. The next time you run the playbook, ma1sd will be uninstalled from your server, unless you explicitly enable the ma1sd service (see how below).
The main reason we used to install ma1sd by default in the past was to prevent Element from talking to the `matrix.org` / `vector.im` identity servers, by forcing it to talk to our own self-hosted (but otherwise useless) identity server instead, thus preventing contact list leaks.
Since Element no longer defaults to using a public identity server if another one is not provided, we can stop installing ma1sd.
If you need to install the ma1sd identity server for some reason, you can explicitly enable it by adding this to your `vars.yml` file:
```yaml
matrix_ma1sd_enabled: true
```
# 2022-02-12
## matrix_encryption_disabler support

2
README.md
View file

@ -31,7 +31,7 @@ Using this playbook, you can get the following services configured on your serve
- (optional, default) an [Element](https://app.element.io/) ([formerly Riot](https://element.io/previously-riot)) web UI, which is configured to connect to your own Synapse server by default
- (optional, default) a [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server
- (optional) a [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server
- (optional, default) an [Exim](https://www.exim.org/) mail server, through which all Matrix services send outgoing email (can be configured to relay through another SMTP server)

4
docs/configuring-dns.md
View file

@ -62,11 +62,11 @@ The `cinny.<your-domain>` subdomain may be necessary, because this playbook coul
## `_matrix-identity._tcp` SRV record setup
To make the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server (which this playbook installs for you) enable its federation features, set up an SRV record that looks like this:
To make the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server (which this playbook may optionally install for you) enable its federation features, set up an SRV record that looks like this:
- Name: `_matrix-identity._tcp` (use this text as-is)
- Content: `10 0 443 matrix.<your-domain>` (replace `<your-domain>` with your own)
This is an optional feature. See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record.
This is an optional feature for the optionally-installed [ma1sd service](configuring-playbook-ma1sd.md). See [ma1sd's documentation](https://github.com/ma1uta/ma1sd/wiki/mxisd-and-your-privacy#choices-are-never-easy) for information on the privacy implications of setting up this SRV record.
Note: This `_matrix-identity._tcp` SRV record for the identity server is different from the `_matrix._tcp` that can be used for Synapse delegation. See [howto-server-delegation.md](howto-server-delegation.md) for more information about delegation.

52
docs/configuring-playbook-bridge-appservice-discord.md
View file

@ -23,18 +23,51 @@ matrix_appservice_discord_bot_token: "YOUR DISCORD APP BOT TOKEN"
```
5. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready.
6. Retrieve Discord invite link from the `{{ matrix_appservice_discord_config_path }}/invite_link` file on the server (this defaults to `/matrix/appservice-discord/config/invite_link`). You need to peek at the file on the server via SSH, etc., because it's not available via HTTP(S).
7. Invite the Bot to Discord servers you wish to bridge. Administrator permission is recommended.
8. Room addresses follow this syntax: `#_discord_guildid_channelid`. You can easily find the guild and channel ids by logging into Discord in a browser and opening the desired channel. The URL will have this format: `discordapp.com/channels/guild_id/channel_id`. Once you have figured out the appropriate room addrss, you can join by doing `/join #_discord_guildid_channelid` in your Matrix client.
Other configuration options are available via the `matrix_appservice_discord_configuration_extension_yaml` variable.
## Self-Service Bridging (Manual)
## Getting Administrator access in a room
Self-service bridging allows you to bridge specific and existing Matrix rooms to specific Discord rooms. This is disabled by default, so it must be enabled by adding this to your `vars.yml`:
```yaml
matrix_appservice_discord_bridge_enableSelfServiceBridging: true
```
_Note: If self-service bridging is not enabled, `!discord help` commands will return no results._
Once self-service is enabled:
1. Start a chat with `@_discord_bot:<YOUR_DOMAIN>` and say `!discord help bridge`.
2. Follow the instructions in the help output message. If the bot is not already in the Discord server, follow the provided invite link. This may require you to be a administrator of the Discord server.
_Note: Encrypted Matrix rooms are not supported as of writing._
On the Discord side, you can say `!matrix help` to get a list of available commands to manage the bridge and Matrix users.
## Portal Bridging (Automatic)
Through portal bridging, Matrix rooms will automatically be created by the bot and bridged to the relevant Discord room. This is done by simply joining a room with a specific name pattern (`#_discord_<guildID>_<channlID>`).
All Matrix rooms created this way are **listed publicly** by default, and you will not have admin permissions to change this. To get more control, [make yourself a room Administrator](#getting-administrator-access-in-a-portal-bridged-room). You can then unlist the room from the directory and change the join rules.
If you want to disable portal bridging, set the following in `vars.yml`:
```yaml
matrix_appservice_discord_bridge_disablePortalBridging: true
```
To get started with Portal Bridging:
1. To invite the bot to Discord, retrieve the invite link from the `{{ matrix_appservice_discord_config_path }}/invite_link` file on the server (this defaults to `/matrix/appservice-discord/config/invite_link`). You need to peek at the file on the server via SSH, etc., because it's not available via HTTP(S).
2. Room addresses follow this syntax: `#_discord_<guildID>_<channelID>`. You can easily find the guild and channel IDs by logging into Discord in a browser and opening the desired channel. The URL will have this format: `discord.com/channels/<guildID>/<channelID>`.
3. Once you have figured out the appropriate room address, you can join by doing `/join #_discord_<guildID>_<channelID>` in your Matrix client.
## Getting Administrator access in a portal bridged room
By default, you won't have Administrator access in rooms created by the bridge.
To [adjust room access privileges](#adjusting-room-access-privileges) or do various other things (change the room name subsequently, etc.), you'd wish to become an Administrator.
To adjust room access privileges or do various other things (change the room name subsequently, etc.), you'd wish to become an Administrator.
There's the Discord bridge's guide for [setting privileges on bridge managed rooms](https://github.com/Half-Shot/matrix-appservice-discord/blob/master/docs/howto.md#set-privileges-on-bridge-managed-rooms). To do the same with our container setup, run the following command on the server:
@ -42,12 +75,3 @@ There's the Discord bridge's guide for [setting privileges on bridge managed roo
docker exec -it matrix-appservice-discord \
/bin/sh -c 'cp /cfg/registration.yaml /tmp/discord-registration.yaml && cd /tmp && node /build/tools/adminme.js -c /cfg/config.yaml -m "!ROOM_ID:SERVER" -u "@USER:SERVER" -p 100'
```
## Adjusting room access privileges
All rooms created by the bridge are **listed publicly** in your server's directory and **joinable by everyone** by default.
To get more control of them, [make yourself a room Administrator](#getting-administrator-access-in-a-room) first.
You can then unlist the room from the directory and change the join rules.

2
docs/configuring-playbook-bridge-appservice-slack.md
View file

@ -11,7 +11,7 @@ See the project's [documentation](https://github.com/matrix-org/matrix-appservic
loosely based on [this](https://github.com/matrix-org/matrix-appservice-slack#Setup)
1. Create a new Matrix room to act as the administration control room. Note its internal room ID. This can
be done in Riot by making a message, opening the options for that message and choosing "view source". The
be done in Element by making a message, opening the options for that message and choosing "view source". The
room ID will be displayed near the top.
2. Enable the bridge with the following configuration in your `vars.yml` file:

31
docs/configuring-playbook-bridge-hookshot.md
View file

@ -1,25 +1,44 @@
# Setting up Hookshot (optional)
The playbook can install and configure [matrix-hookshot](https://github.com/Half-Shot/matrix-hookshot) for you.
The playbook can install and configure [matrix-hookshot](https://github.com/matrix-org/matrix-hookshot) for you.
Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from software project management services such as GitHub, GitLab, JIRA, and Figma, as well as generic webhooks.
See the project's [documentation](https://half-shot.github.io/matrix-hookshot/hookshot.html) to learn what it does in detail and why it might be useful to you.
See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/hookshot.html) to learn what it does in detail and why it might be useful to you.
Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot.
## Setup Instructions
Refer to the [official instructions](https://half-shot.github.io/matrix-hookshot/setup.html) to learn what the individual options do.
Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/setup.html) to learn what the individual options do.
1. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required.
2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma).
3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below.
4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`.
5. Refer to [Hookshot's official instructions](https://half-shot.github.io/matrix-hookshot/usage.html) to start using the bridge. Note that the different listeners are bound to certain paths (see `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml)): by default webhooks root is `/hookshot/webhooks/`.
5. Refer to [Hookshot's official instructions](https://matrix-org.github.io/matrix-hookshot/usage.html) to start using the bridge. **Important:** Note that the different listeners are bound to certain paths which might differe from those assumed by the hookshot documentation, see [URLs for bridges setup](urls-for-bridges-setup) below.
Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them.
### URLs for bridges setup
All of the following endpoints are reachable on your `matrix.` subdomain (if the feature is enabled).
| Listener | default path | variable | used as |
|---|---|---|---|
| webhooks | `/hookshot/webhooks/` | `matrix_hookshot_webhook_endpoint` | GitHub "Webhook URL" |
| github oauth | `/hookshot/webhooks/oauth` | `matrix_hookshot_github_oauth_endpoint` | GitHub "Callback URL" |
| jira oauth | `/hookshot/webhooks/jira/oauth` | `matrix_hookshot_jira_oauth_endpoint` | JIRA OAuth |
| figma endpoint | `/hookshot/webhooks/figma/webhook` | `matrix_hookshot_figma_endpoint` | Figma |
| provisioning | `/hookshot/v1/` | `matrix_hookshot_provisioning_endpoint` | Dimension [provisioning](#provisioning-api) |
| appservice | `/hookshot/_matrix/app/` | `matrix_hookshot_appservice_endpoint` | Matrix server |
| metrics | `/hookshot/metrics/` | `matrix_hookshot_metrics_endpoint` | Prometheus |
| widgets | | | not supported |
See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml).
The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) in detail for more info.
### Manage GitHub Private Key with matrix-aux role
The GitHub bridge requires you to install a private key file. This can be done in multiple ways:
@ -45,3 +64,7 @@ The provisioning API will be enabled automatically if you set `matrix_dimension_
### Metrics
If metrics are enabled, they will be automatically available in the builtin Prometheus and Grafana, but you need to set up your own Dashboard for now. If additionally metrics proxying for use with external Prometheus is enabled (`matrix_nginx_proxy_proxy_synapse_metrics`), hookshot metrics will also be available (at `matrix_hookshot_metrics_endpoint`, default `/hookshot/metrics`, on the stats subdomain) and with the same password. See also [the Prometheus and Grafana docs](../configuring-playbook-prometheus-grafana.md).
### Collision with matrix-appservice-webhooks
If you are also running [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), it reserves its namespace by the default setting `matrix_appservice_webhooks_user_prefix: '_webhook_'`. You should take care if you modify its or hookshot's prefix that they do not collide with each other's namespace (default `matrix_hookshot_generic_user_id_prefix: '_webhooks_'`).

25
docs/configuring-playbook-bridge-mautrix-facebook.md
View file

@ -70,31 +70,6 @@ If you run into trouble, check the [Troubleshooting](#troubleshooting) section b
After successfully enabling bridging, you may wish to [set up Double Puppeting](#set-up-double-puppeting), if you haven't already done so.
## Set up community-grouping
This is an **optional feature** that you may wish to enable.
The Facebook bridge can create a Matrix community for you, which would contain all your chats and contacts.
For this to work, the bridge's bot needs to have permissions to create communities (also referred to as groups).
Since the bot is a non-admin user, you need to enable such group-creation for non-privileged users in [Synapse's settings](configuring-playbook-synapse.md).
Here's an example configuration:
```yaml
matrix_synapse_configuration_extension_yaml: |
enable_group_creation: true
group_creation_prefix: "unofficial/"
matrix_mautrix_facebook_configuration_extension_yaml: |
bridge:
community_template: "unofficial/facebook_{localpart}={server}"
```
Once the bridge is restarted, it would create a community and invite you to it. You need to accept the community invitation manually.
If you don't see all your contacts, you may wish to send a `sync` message to the bot.
## Troubleshooting
### Facebook rejecting login attempts and forcing you to change password

2
docs/configuring-playbook-bridge-mx-puppet-discord.md
View file

@ -7,6 +7,8 @@ The playbook can install and configure
See the project page to learn what it does and why it might be useful to you.
**Note**: we actually use the [Beeper](https://www.beeper.com/)-maintained [fork of mx-puppet-discord](https://gitlab.com/beeper/mx-puppet-monorepo), because `matrix-discord/mx-puppet-discord` is a low-quality and poorly maintained project.
To enable the [Discord](https://discordapp.com/) bridge just use the following
playbook configuration:

4
docs/configuring-playbook-bridge-mx-puppet-slack.md
View file

@ -4,8 +4,8 @@
[matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md)
bridge supported by the playbook.
The playbook can install and configure
[mx-puppet-slack](https://github.com/Sorunome/mx-puppet-slack) for you.
The playbook can install and configure [Beeper](https://www.beeper.com/)-maintained fork of
[mx-puppet-slack](https://gitlab.com/beeper/mx-puppet-monorepo) for you.
See the project page to learn what it does and why it might be useful to you.

3
docs/configuring-playbook-dimension.md
View file

@ -22,7 +22,7 @@ matrix_dimension_enabled: true
## Define admin users
These users can modify the integrations this Dimension supports. Admin interface is accessible at `https://dimension.<your-domain>/riot-app/admin` after logging in to element.
These users can modify the integrations this Dimension supports.
Add this to your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
```yaml
@ -31,6 +31,7 @@ matrix_dimension_admins:
- "@user2:{{ matrix_domain }}"
```
The admin interface is accessible within Element by accessing it in any room and clicking the cog wheel/settings icon in the top right. Currently, Dimension can be opened in Element by the "Add widgets, bridges, & bots" link in the room information.
## Access token

8
docs/configuring-playbook-external-postgres.md
View file

@ -5,7 +5,9 @@ If that's alright, you can skip this.
If you'd like to use an external PostgreSQL server that you manage, you can edit your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`).
It should be something like this:
**NOTE**: using **an external Postgres server is currently [not very seamless](https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1682#issuecomment-1061461683) when it comes to enabling various other playbook services** - you will need to create a new database/credentials for each service and to point each service to its corresponding database using custom `vars.yml` configuration. **For the best experience with the playbook, stick to using the integrated Postgres server**.
If you'd like to use an external Postgres server, use a custom `vars.yml` configuration like this:
```yaml
matrix_postgres_enabled: false
@ -15,6 +17,10 @@ matrix_synapse_database_host: "your-postgres-server-hostname"
matrix_synapse_database_user: "your-postgres-server-username"
matrix_synapse_database_password: "your-postgres-server-password"
matrix_synapse_database_database: "your-postgres-server-database-name"
# Rewire any other service (each `matrix-*` role) you may wish to use to use your external Postgres server.
# Each service expects to have its own dedicated database on the Postgres server
# and uses its own variable names (see `roles/matrix-*/defaults/main.yml) for configuring Postgres connectivity.
```
The database (as specified in `matrix_synapse_database_database`) must exist and be accessible with the given credentials.

16
docs/configuring-playbook-ma1sd.md
View file

@ -1,24 +1,22 @@
# Adjusting ma1sd Identity Server configuration (optional)
By default, this playbook configures an [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server for you.
The playbook can configure the [ma1sd](https://github.com/ma1uta/ma1sd) Identity Server for you.
ma1sd, being an Identity Server, is not strictly needed. It is only used for 3PIDs (3rd party identifiers like E-mail and phone numbers) and some [enhanced features](https://github.com/ma1uta/ma1sd/#features).
This server is private by default, potentially at the expense of user discoverability.
*ma1sd is a fork of [mxisd](https://github.com/kamax-io/mxisd) which was pronounced end of life 2019-06-21.*
**Note**: enabling ma1sd (which is also the default), means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible).
**Note**: enabling ma1sd, means that the `openid` API endpoints will be exposed on the Matrix Federation port (usually `8448`), even if [federation](configuring-playbook-federation.md) is disabled. It's something to be aware of, especially in terms of firewall whitelisting (make sure port `8448` is accessible).
## Disabling ma1sd
ma1sd, being an Identity Server, is not strictly needed. It is only used for 3PIDs (3rd party identifiers like E-mail and phone numbers) and some [enhanced features](https://github.com/ma1uta/ma1sd/#features).
If you'd like for the playbook to not install ma1sd (or to uninstall it if it was previously installed), you can disable it in your configuration file (`inventory/host_vars/matrix.<your-domain>/vars.yml`):
To enable ma1sd, use the following additional configuration in your `vars.yml` file:
```yaml
matrix_ma1sd_enabled: false
matrix_ma1sd_enabled: true
```
## Matrix.org lookup forwarding
To ensure maximum discovery, you can make your identity server also forward lookups to the central matrix.org Identity server (at the cost of potentially leaking all your contacts information).

9
docs/configuring-playbook-ssl-certificates.md
View file

@ -100,3 +100,12 @@ For automated certificate renewal to work, each port `80` vhost for each domain
See how this is configured for the `matrix.` subdomain in `/matrix/nginx-proxy/conf.d/matrix-synapse.conf`
Don't be alarmed if the above configuration file says port `8080`, instead of port `80`. It's due to port mapping due to our use of containers.
## Specify the SSL private key algorithm
If you'd like to [specify the private key type](https://eff-certbot.readthedocs.io/en/stable/using.html#using-ecdsa-keys) used with Let's Encrypt, define your own custom configuration like this:
```yaml
matrix_ssl_lets_encrypt_key_type: ecdsa
```

5
docs/configuring-playbook.md
View file

@ -47,8 +47,6 @@ When you're done with all the configuration you'd like to do, continue with [Ins
- [Using an external PostgreSQL server](configuring-playbook-external-postgres.md) (optional)
- [Adjusting ma1sd Identity Server configuration](configuring-playbook-ma1sd.md) (optional)
- [Adjusting SSL certificate retrieval](configuring-playbook-ssl-certificates.md) (optional, advanced)
- [Serving your base domain using this playbook's nginx server](configuring-playbook-base-domain-serving.md) (optional)
@ -69,11 +67,14 @@ When you're done with all the configuration you'd like to do, continue with [Ins
- [Adjusting email-sending settings](configuring-playbook-email.md) (optional)
- [Setting up Hydrogen](configuring-playbook-client-hydrogen.md) - a new lightweight matrix client with legacy and mobile browser support (optional)
- [Setting up Cinny](configuring-playbook-client-cinny.md) - a web client focusing primarily on simple, elegant and secure interface (optional)
### Authentication and user-related
- [Setting up an ma1sd Identity Server](configuring-playbook-ma1sd.md) (optional)
- [Setting up Synapse Admin](configuring-playbook-synapse-admin.md) (optional)
- [Setting up matrix-registration](configuring-playbook-matrix-registration.md) (optional)

4
docs/container-images.md
View file

@ -15,8 +15,6 @@ These services are enabled and used by default, but you can turn them off, if yo
- [vectorim/element-web](https://hub.docker.com/r/vectorim/element-web/) - the [Element](https://element.io/) web client (optional)
- [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) - the [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server (optional)
- [postgres](https://hub.docker.com/_/postgres/) - the [Postgres](https://www.postgresql.org/) database server (optional)
- [devture/exim-relay](https://hub.docker.com/r/devture/exim-relay/) - the [Exim](https://www.exim.org/) email server (optional)
@ -30,6 +28,8 @@ These services are enabled and used by default, but you can turn them off, if yo
These services are not part of our default installation, but can be enabled by [configuring the playbook](configuring-playbook.md) (either before the initial installation or any time later):
- [ma1uta/ma1sd](https://hub.docker.com/r/ma1uta/ma1sd/) - the [ma1sd](https://github.com/ma1uta/ma1sd) Matrix Identity server (optional)
- [matrixdotorg/dendrite-monolith](https://hub.docker.com/r/matrixdotorg/dendrite-monolith/) - the official [Dendrite](https://github.com/matrix-org/dendrite) Matrix homeserver (optional)
- [ewoutp/goofys](https://hub.docker.com/r/ewoutp/goofys/) - the [Goofys](https://github.com/kahing/goofys) Amazon [S3](https://aws.amazon.com/s3/) file-system-mounting program (optional)

49
group_vars/matrix_servers
View file

@ -9,8 +9,6 @@
# You can also override ANY variable (seen here or in any given role),
# by re-defining it in your own configuration file (`inventory/host_vars/matrix.<your-domain>`).
matrix_container_global_registry_prefix: "docker.io/"
######################################################################
#
# matrix-base
@ -301,6 +299,10 @@ matrix_mautrix_facebook_appservice_token: "{{ '%s' | format(matrix_homeserver_ge
matrix_mautrix_facebook_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'fb.hs.token') | to_uuid }}"
matrix_mautrix_facebook_public_endpoint: "/{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'facebook') | to_uuid }}"
matrix_mautrix_facebook_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:9008' }}"
matrix_mautrix_facebook_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
matrix_mautrix_facebook_bridge_presence: "{{ matrix_synapse_presence_enabled if matrix_synapse_enabled else true }}"
@ -558,10 +560,8 @@ matrix_mautrix_twitter_homeserver_token: "{{ matrix_homeserver_generic_secret_ke
matrix_mautrix_twitter_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
# We'd like to force-set people with external Postgres to SQLite, so the bridge role can complain
# and point them to a migration path.
matrix_mautrix_twitter_database_engine: "{{ 'postgres' if matrix_postgres_enabled else '' }}"
matrix_mautrix_twitter_database_password: "{{ matrix_homeserver_generic_secret_key | password_hash('sha512', 'mau.twt.db') | to_uuid }}"
matrix_mautrix_twitter_database_hostname: "{{ 'matrix-postgres' if matrix_postgres_enabled else '' }}"
matrix_mautrix_twitter_database_password: "{{ matrix_homeserver_generic_secret_key | password_hash('sha512', 'mau.twt.db') | to_uuid if matrix_postgres_enabled else '' }}"
######################################################################
#
@ -695,6 +695,10 @@ matrix_hookshot_provisioning_enabled: "{{ matrix_hookshot_provisioning_secret an
matrix_hookshot_proxy_metrics: "{{ matrix_nginx_proxy_proxy_synapse_metrics }}"
matrix_hookshot_proxy_metrics_basic_auth_enabled: "{{ matrix_nginx_proxy_proxy_synapse_metrics_basic_auth_enabled }}"
matrix_hookshot_generic_urlprefix_port_enabled: "{{ matrix_nginx_proxy_container_https_host_bind_port == 443 if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_https_host_bind_port == 80 }}"
matrix_hookshot_generic_urlprefix_port: ":{{ matrix_nginx_proxy_container_https_host_bind_port if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_http_host_bind_port }}"
matrix_hookshot_generic_urlprefix: "http{{ 's' if matrix_nginx_proxy_https_enabled else '' }}://{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_generic_urlprefix_port if matrix_hookshot_generic_urlprefix_port_enabled else '' }}{{ matrix_hookshot_generic_endpoint }}"
######################################################################
#
# /matrix-bridge-hookshot
@ -710,7 +714,7 @@ matrix_hookshot_proxy_metrics_basic_auth_enabled: "{{ matrix_nginx_proxy_proxy_s
# We don't enable bridges by default.
matrix_mx_puppet_skype_enabled: false
matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_mx_puppet_skype_systemd_required_services_list: |
{{
@ -749,7 +753,7 @@ matrix_mx_puppet_skype_database_password: "{{ '%s' | format(matrix_homeserver_ge
# We don't enable bridges by default.
matrix_mx_puppet_slack_enabled: false
matrix_mx_puppet_slack_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_mx_puppet_slack_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_mx_puppet_slack_systemd_required_services_list: |
{{
@ -787,7 +791,7 @@ matrix_mx_puppet_slack_database_password: "{{ '%s' | format(matrix_homeserver_ge
# We don't enable bridges by default.
matrix_mx_puppet_twitter_enabled: false
matrix_mx_puppet_twitter_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_mx_puppet_twitter_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_mx_puppet_twitter_systemd_required_services_list: |
{{
@ -828,7 +832,7 @@ matrix_mx_puppet_twitter_database_password: "{{ '%s' | format(matrix_homeserver_
# We don't enable bridges by default.
matrix_mx_puppet_instagram_enabled: false
matrix_mx_puppet_instagram_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_mx_puppet_instagram_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_mx_puppet_instagram_systemd_required_services_list: |
{{
@ -866,7 +870,7 @@ matrix_mx_puppet_instagram_database_password: "{{ '%s' | format(matrix_homeserve
# We don't enable bridges by default.
matrix_mx_puppet_discord_enabled: false
matrix_mx_puppet_discord_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_mx_puppet_discord_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_mx_puppet_discord_systemd_required_services_list: |
{{
@ -904,7 +908,7 @@ matrix_mx_puppet_discord_database_password: "{{ '%s' | format(matrix_homeserver_
# We don't enable bridges by default.
matrix_mx_puppet_steam_enabled: false
matrix_mx_puppet_steam_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_mx_puppet_steam_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_mx_puppet_steam_systemd_required_services_list: |
{{
@ -942,7 +946,7 @@ matrix_mx_puppet_steam_database_password: "{{ '%s' | format(matrix_homeserver_ge
# We don't enable bridges by default.
matrix_mx_puppet_groupme_enabled: false
matrix_mx_puppet_groupme_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_mx_puppet_groupme_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_mx_puppet_groupme_systemd_required_services_list: |
{{
@ -1070,7 +1074,7 @@ matrix_bot_go_neb_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_en
# We don't enable bots by default.
matrix_bot_mjolnir_enabled: false
matrix_bot_mjolnir_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_bot_mjolnir_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_bot_mjolnir_systemd_required_services_list: |
{{
@ -1136,7 +1140,7 @@ matrix_corporal_matrix_registration_shared_secret: "{{ matrix_synapse_registrati
matrix_coturn_enabled: true
matrix_coturn_container_image_self_build: "{{ matrix_architecture != 'amd64'}}"
matrix_coturn_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"
@ -1324,9 +1328,16 @@ matrix_mailer_container_image_self_build: "{{ matrix_architecture not in ['amd64
#
######################################################################
# By default, this playbook installs the ma1sd identity server on the same domain as Synapse (`matrix_server_fqn_matrix`).
# If you wish to use the public identity servers (matrix.org, vector.im) instead of your own you may wish to disable this.
matrix_ma1sd_enabled: true
# We no longer install the ma1sd identity server by default.
#
# The main reason we used to install ma1sd by default in the past was to
# prevent Element from talking to the `matrix.org` / `vector.im` identity servers,
# by forcing it to talk to our own self-hosted (but otherwise useless) identity server instead,
# thus preventing contact list leaks.
#
# Since Element no longer defaults to using a public identity server if another one is not provided,
# we can stop installing ma1sd.
matrix_ma1sd_enabled: false
matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
@ -2102,7 +2113,7 @@ matrix_prometheus_scraper_node_targets: "{{ ['matrix-prometheus-node-exporter:91
matrix_prometheus_scraper_postgres_enabled: "{{ matrix_prometheus_postgres_exporter_enabled }}"
matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port|string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
matrix_prometheus_scraper_hookshot_enabled: "{{ matrix_hookshot_metrics_enabled }}"
matrix_prometheus_scraper_hookshot_enabled: "{{ matrix_hookshot_metrics_enabled|default(false) }}"
matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url|string +':'+ matrix_hookshot_metrics_port|string] if matrix_hookshot_metrics_enabled else [] }}"
######################################################################

6
roles/matrix-base/defaults/main.yml
View file

@ -65,6 +65,12 @@ matrix_architecture: amd64
# We just remap from our `matrix_architecture` values to what Debian and possibly other distros call things.
matrix_debian_arch: "{{ 'armhf' if matrix_architecture == 'arm32' else matrix_architecture }}"
matrix_container_global_registry_prefix: "docker.io/"
# Each docker pull will retry on failed attempt 10 times with delay of 10 seconds between each attempt.
matrix_container_retries_count: 10
matrix_container_retries_delay: 10
matrix_user_username: "matrix"
matrix_user_groupname: "matrix"

6
roles/matrix-bot-go-neb/tasks/setup_install.yml
View file

@ -22,10 +22,14 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_bot_go_neb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_go_neb_docker_image_force_pull }}"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure go-neb config installed
copy:
content: "{{ matrix_bot_go_neb_configuration|to_nice_yaml }}"
content: "{{ matrix_bot_go_neb_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_bot_go_neb_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

4
roles/matrix-bot-honoroit/tasks/setup_install.yml
View file

@ -52,6 +52,10 @@
force_source: "{{ matrix_bot_honoroit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_honoroit_docker_image_force_pull }}"
when: "not matrix_bot_honoroit_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure honoroit repository is present on self-build
git:

6
roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
View file

@ -47,6 +47,10 @@
force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}"
when: "not matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure matrix-reminder-bot repository is present on self-build
git:
@ -70,7 +74,7 @@
- name: Ensure matrix-reminder-bot config installed
copy:
content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml }}"
content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

2
roles/matrix-bot-mjolnir/defaults/main.yml
View file

@ -4,7 +4,7 @@
matrix_bot_mjolnir_enabled: true
matrix_bot_mjolnir_version: "v1.3.1"
matrix_bot_mjolnir_version: "v1.3.2"
matrix_bot_mjolnir_container_image_self_build: false
matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"

6
roles/matrix-bot-mjolnir/tasks/setup_install.yml
View file

@ -24,6 +24,10 @@
force_source: "{{ matrix_bot_mjolnir_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_mjolnir_docker_image_force_pull }}"
when: "not matrix_bot_mjolnir_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure mjolnir repository is present on self-build
git:
@ -47,7 +51,7 @@
- name: Ensure matrix-bot-mjolnir config installed
copy:
content: "{{ matrix_bot_mjolnir_configuration|to_nice_yaml }}"
content: "{{ matrix_bot_mjolnir_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_bot_mjolnir_config_path }}/production.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

1
roles/matrix-bridge-appservice-discord/defaults/main.yml
View file

@ -42,6 +42,7 @@ matrix_appservice_discord_bridge_domain: "{{ matrix_domain }}"
matrix_appservice_discord_bridge_homeserverUrl: "{{ matrix_homeserver_url }}"
matrix_appservice_discord_bridge_disablePresence: false
matrix_appservice_discord_bridge_enableSelfServiceBridging: false
matrix_appservice_discord_bridge_disablePortalBridging: false
# Database-related configuration fields.
#

8
roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
View file

@ -32,6 +32,10 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_appservice_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_discord_docker_image_force_pull }}"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure AppService Discord paths exist
file:
@ -69,7 +73,7 @@
- name: Ensure AppService Discord config.yaml installed
copy:
content: "{{ matrix_appservice_discord_configuration|to_nice_yaml }}"
content: "{{ matrix_appservice_discord_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_discord_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -77,7 +81,7 @@
- name: Ensure AppService Discord registration.yaml installed
copy:
content: "{{ matrix_appservice_discord_registration|to_nice_yaml }}"
content: "{{ matrix_appservice_discord_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_discord_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

2
roles/matrix-bridge-appservice-discord/templates/config.yaml.j2
View file

@ -28,6 +28,8 @@ bridge:
disableJoinLeaveNotifications: false
# Disable Invite echos from matrix
disableInviteNotifications: false
# Disable portal briding (automatic room creation)
disablePortalBridging: {{ matrix_appservice_discord_bridge_disablePortalBridging|to_json }}
# Auto-determine the language of code blocks (this can be CPU-intensive)
determineCodeLanguage: false
# Authentication configuration for the discord bot.

2
roles/matrix-bridge-appservice-irc/defaults/main.yml
View file

@ -8,7 +8,7 @@ matrix_appservice_irc_container_image_self_build: false
matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git"
matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src"
matrix_appservice_irc_version: release-0.32.1
matrix_appservice_irc_version: release-0.33.0
matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}"
matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"

8
roles/matrix-bridge-appservice-irc/tasks/setup_install.yml
View file

@ -64,6 +64,10 @@
force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}"
when: "matrix_appservice_irc_enabled|bool and not matrix_appservice_irc_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure matrix-appservice-irc repository is present when self-building
git:
@ -87,7 +91,7 @@
- name: Ensure Matrix Appservice IRC config installed
copy:
content: "{{ matrix_appservice_irc_configuration|to_nice_yaml }}"
content: "{{ matrix_appservice_irc_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_irc_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -171,7 +175,7 @@
- name: Ensure Appservice IRC registration.yaml installed
copy:
content: "{{ matrix_appservice_irc_registration|to_nice_yaml }}"
content: "{{ matrix_appservice_irc_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_irc_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

2
roles/matrix-bridge-appservice-slack/tasks/init.yml
View file

@ -84,4 +84,4 @@
Please make sure that you're proxying the `{{ something }}`
URL endpoint to the matrix-appservice-slack container.
You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable.
when: "matrix_appservice_slack_enabled|bool and matrix_nginx_proxy_enabled is not defined"
when: "matrix_appservice_slack_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

8
roles/matrix-bridge-appservice-slack/tasks/setup_install.yml
View file

@ -38,6 +38,10 @@
force_source: "{{ matrix_appservice_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_slack_docker_image_force_pull }}"
when: "not matrix_appservice_slack_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure matrix-appservice-slack repository is present when self-building
git:
@ -61,7 +65,7 @@
- name: Ensure Matrix Appservice Slack config installed
copy:
content: "{{ matrix_appservice_slack_configuration|to_nice_yaml }}"
content: "{{ matrix_appservice_slack_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_slack_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -69,7 +73,7 @@
- name: Ensure appservice-slack registration.yaml installed
copy:
content: "{{ matrix_appservice_slack_registration|to_nice_yaml }}"
content: "{{ matrix_appservice_slack_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_slack_config_path }}/slack-registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

2
roles/matrix-bridge-appservice-webhooks/defaults/main.yml
View file

@ -24,7 +24,7 @@ matrix_appservice_webhooks_public_endpoint: /appservice-webhooks
matrix_appservice_webhooks_inbound_uri_prefix: "{{ matrix_homeserver_url }}{{ matrix_appservice_webhooks_public_endpoint }}"
matrix_appservice_webhooks_bot_name: 'webhookbot'
matrix_appservice_webhooks_user_prefix: '_webhook'
matrix_appservice_webhooks_user_prefix: '_webhook_'
# Controls the webhooks_PORT and MATRIX_PORT of the installation
matrix_appservice_webhooks_matrix_port: 6789

2
roles/matrix-bridge-appservice-webhooks/tasks/init.yml
View file

@ -79,4 +79,4 @@
Please make sure that you're proxying the `{{ matrix_appservice_webhooks_public_endpoint }}`
URL endpoint to the matrix-appservice-webhooks container.
You can expose the container's port using the `matrix_appservice_webhooks_container_http_host_bind_port` variable.
when: "matrix_appservice_webhooks_enabled|bool and matrix_nginx_proxy_enabled is not defined"
when: "matrix_appservice_webhooks_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

8
roles/matrix-bridge-appservice-webhooks/tasks/setup_install.yml
View file

@ -21,6 +21,10 @@
force_source: "{{ matrix_appservice_webhooks_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_webhooks_docker_image_force_pull }}"
when: "not matrix_appservice_webhooks_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- name: Ensure Appservice webhooks repository is present on self-build
@ -45,7 +49,7 @@
- name: Ensure Matrix Appservice webhooks config is installed
copy:
content: "{{ matrix_appservice_webhooks_configuration|to_nice_yaml }}"
content: "{{ matrix_appservice_webhooks_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_webhooks_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -69,7 +73,7 @@
- name: Ensure appservice-webhooks registration.yaml installed
copy:
content: "{{ matrix_appservice_webhooks_registration|to_nice_yaml }}"
content: "{{ matrix_appservice_webhooks_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-beeper-linkedin/tasks/setup_install.yml
View file

@ -29,6 +29,10 @@
force_source: "{{ matrix_beeper_linkedin_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_beeper_linkedin_docker_image_force_pull }}"
when: "not matrix_beeper_linkedin_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- name: Ensure Beeper LinkedIn repository is present on self-build
@ -67,7 +71,7 @@
- name: Ensure beeper-linkedin config.yaml installed
copy:
content: "{{ matrix_beeper_linkedin_configuration|to_nice_yaml }}"
content: "{{ matrix_beeper_linkedin_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_beeper_linkedin_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -75,7 +79,7 @@
- name: Ensure beeper-linkedin registration.yaml installed
copy:
content: "{{ matrix_beeper_linkedin_registration|to_nice_yaml }}"
content: "{{ matrix_beeper_linkedin_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_beeper_linkedin_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

6
roles/matrix-bridge-heisenbridge/tasks/setup_install.yml
View file

@ -6,6 +6,10 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_heisenbridge_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_heisenbridge_docker_image_force_pull }}"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure heisenbridge paths exist
file:
@ -19,7 +23,7 @@
- name: Ensure heisenbridge registration.yaml installed if provided
copy:
content: "{{ matrix_heisenbridge_registration|to_nice_yaml }}"
content: "{{ matrix_heisenbridge_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_heisenbridge_base_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

13
roles/matrix-bridge-hookshot/defaults/main.yml
View file

@ -1,11 +1,11 @@
---
# A bridge between Matrix and multiple project management services, such as GitHub, GitLab and JIRA.
# https://github.com/Half-Shot/matrix-hookshot
# https://github.com/matrix-org/matrix-hookshot
matrix_hookshot_enabled: true
matrix_hookshot_version: 1.1.0
matrix_hookshot_version: 1.2.0
matrix_hookshot_docker_image: "{{ matrix_container_global_registry_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
matrix_hookshot_docker_image_force_pull: "{{ matrix_hookshot_docker_image.endswith(':latest') }}"
@ -34,7 +34,7 @@ matrix_hookshot_webhook_endpoint: "{{ matrix_hookshot_public_endpoint }}/webhook
# You need to create a GitHub app to enable this and fill in the empty variables below
# https://half-shot.github.io/matrix-hookshot/setup/github.html
# https://matrix-org.github.io/matrix-hookshot/setup/github.html
matrix_hookshot_github_enabled: false
matrix_hookshot_github_appid: ''
# Set this variable to the contents of the generated and downloaded GitHub private key:
@ -53,7 +53,7 @@ matrix_hookshot_github_oauth_secret: '' # "Client Secret" on the GitHub App pag
# Default value of matrix_hookshot_github_oauth_endpoint: "/hookshot/webhooks/oauth"
matrix_hookshot_github_oauth_endpoint: "{{ matrix_hookshot_webhook_endpoint }}/oauth"
matrix_hookshot_github_oauth_uri: "https://{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_github_oauth_endpoint }}"
# These are the default settings mentioned here and don't need to be modified: https://half-shot.github.io/matrix-hookshot/usage/room_configuration/github_repo.html#configuration
# These are the default settings mentioned here and don't need to be modified: https://matrix-org.github.io/matrix-hookshot/usage/room_configuration/github_repo.html#configuration
matrix_hookshot_github_ignore_hooks: "{}"
matrix_hookshot_github_command_prefix: '!gh'
matrix_hookshot_github_show_issue_room_link: false
@ -78,7 +78,7 @@ matrix_hookshot_gitlab_secret: ''
matrix_hookshot_jira_enabled: false
# Get the these values from https://half-shot.github.io/matrix-hookshot/setup/jira.html#jira-oauth
# Get the these values from https://matrix-org.github.io/matrix-hookshot/setup/jira.html#jira-oauth
matrix_hookshot_jira_secret: ''
matrix_hookshot_jira_oauth_enabled: false
matrix_hookshot_jira_oauth_id: ''
@ -92,6 +92,7 @@ matrix_hookshot_jira_oauth_uri: "{{ matrix_server_fqn_matrix }}{{ matrix_hooksho
matrix_hookshot_generic_enabled: true
# Default value of matrix_hookshot_generic_endpoint: "/hookshot/webhooks"
matrix_hookshot_generic_endpoint: "{{ matrix_hookshot_webhook_endpoint }}"
# urlprefix gets updated with protocol & port in group_vars/matrix_servers
matrix_hookshot_generic_urlprefix: "{{ matrix_server_fqn_matrix }}{{ matrix_hookshot_generic_endpoint }}"
matrix_hookshot_generic_allow_js_transformation_functions: false
# If you're also using matrix-appservice-webhooks, take care that these prefixes don't overlap
@ -117,7 +118,7 @@ matrix_hookshot_provisioning_secret: ''
matrix_hookshot_provisioning_enabled: false
matrix_hookshot_provisioning_endpoint: "{{ matrix_hookshot_public_endpoint }}/v1"
# You can configure access to the bridge as documented here https://half-shot.github.io/matrix-hookshot/setup.html#permissions
# You can configure access to the bridge as documented here https://matrix-org.github.io/matrix-hookshot/setup.html#permissions
# When empty, the default permissions are applied.
# Example:
# matrix_hookshot_permissions:

10
roles/matrix-bridge-hookshot/tasks/init.yml
View file

@ -55,10 +55,10 @@
{# Use the embedded DNS resolver in Docker containers to discover the service #}
resolver 127.0.0.11 valid=5s;
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_provisioning_port }}";
proxy_pass http://$backend/$1;
proxy_pass http://$backend/v1/$1$is_args$args;
{% else %}
{# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}/$1;
proxy_pass http://127.0.0.1:{{ matrix_hookshot_provisioning_port }}/v1/$1$is_args$args;
{% endif %}
proxy_set_header Host $host;
}
@ -68,10 +68,10 @@
{# Use the embedded DNS resolver in Docker containers to discover the service #}
resolver 127.0.0.11 valid=5s;
set $backend "{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_webhook_port }}";
proxy_pass http://$backend/$1;
proxy_pass http://$backend/$1$is_args$args;
{% else %}
{# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:{{ matrix_hookshot_webhook_port }}/$1;
proxy_pass http://127.0.0.1:{{ matrix_hookshot_webhook_port }}/$1$is_args$args;
{% endif %}
proxy_set_header Host $host;
}
@ -127,4 +127,4 @@
Please make sure that you're proxying the `{{ matrix_hookshot_public_endpoint }}`
URL endpoint to the matrix-hookshot container.
You can expose the container's ports using the `matrix_hookshot_container_http_host_bind_ports` variable.
when: "matrix_hookshot_enabled|bool and matrix_nginx_proxy_enabled is not defined"
when: "matrix_hookshot_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

8
roles/matrix-bridge-hookshot/tasks/setup_install.yml
View file

@ -8,6 +8,10 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_hookshot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_hookshot_docker_image_force_pull }}"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure hookshot paths exist
file:
@ -32,7 +36,7 @@
- name: Ensure hookshot config.yml installed if provided
copy:
content: "{{ matrix_hookshot_configuration|to_nice_yaml }}"
content: "{{ matrix_hookshot_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_hookshot_base_path }}/config.yml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -56,7 +60,7 @@
- name: Ensure hookshot registration.yml installed if provided
copy:
content: "{{ matrix_hookshot_registration|to_nice_yaml }}"
content: "{{ matrix_hookshot_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_hookshot_base_path }}/registration.yml"
mode: 0644
owner: "{{ matrix_user_username }}"

14
roles/matrix-bridge-hookshot/templates/registration.yml.j2
View file

@ -5,8 +5,22 @@ hs_token: {{ matrix_hookshot_homeserver_token|to_json }} # ..as can this
namespaces:
rooms: []
users:
{% if matrix_hookshot_github_enabled %}
- regex: "@_github_.*:{{ matrix_domain }}"
exclusive: true
{% endif %}
{% if matrix_hookshot_gitlab_enabled %}
- regex: "@_gitlab_.*:{{ matrix_domain }}" # Where foobar is your homeserver's domain
exclusive: true
{% endif %}
{% if matrix_hookshot_jira_enabled %}
- regex: "@_jira_.*:{{ matrix_domain }}" # Where foobar is your homeserver's domain
exclusive: true
{% endif %}
{% if matrix_hookshot_generic_enabled %}
- regex: "@{{ matrix_hookshot_generic_user_id_prefix }}.*:{{ matrix_domain }}" # Where foobar is your homeserver's domain // depending on userIdPrefix setting in conf
exclusive: true
{% endif %}
aliases:
- regex: "#github_.+:{{ matrix_domain }}"
exclusive: true

15
roles/matrix-bridge-mautrix-facebook/defaults/main.yml
View file

@ -17,9 +17,16 @@ matrix_mautrix_facebook_config_path: "{{ matrix_mautrix_facebook_base_path }}/co
matrix_mautrix_facebook_data_path: "{{ matrix_mautrix_facebook_base_path }}/data"
matrix_mautrix_facebook_docker_src_files_path: "{{ matrix_mautrix_facebook_base_path }}/docker-src"
# Whether or not the public-facing endpoints should be enabled (web-based login)
matrix_mautrix_facebook_appservice_public_enabled: true
# Mautrix Facebook public endpoint to log in to Facebook
matrix_mautrix_facebook_public_endpoint: ''
matrix_mautrix_facebook_homeserver_address: "{{ matrix_homeserver_container_url }}"
matrix_mautrix_facebook_homeserver_domain: '{{ matrix_domain }}'
matrix_mautrix_facebook_appservice_address: 'http://matrix-mautrix-facebook:29319'
matrix_mautrix_facebook_appservice_public_external: 'https://{{ matrix_server_fqn_matrix }}{{ matrix_mautrix_facebook_public_endpoint }}'
# A list of extra arguments to pass to the container
matrix_mautrix_facebook_container_extra_arguments: []
@ -33,6 +40,14 @@ matrix_mautrix_facebook_systemd_wanted_services_list: []
matrix_mautrix_facebook_appservice_token: ''
matrix_mautrix_facebook_homeserver_token: ''
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_facebook_federate_rooms: true
# Controls whether the matrix-mautrix-facebook container exposes its HTTP port.
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9008"), or empty string to not expose.
matrix_mautrix_facebook_container_http_host_bind_port: ''
# Database-related configuration fields.
#

48
roles/matrix-bridge-mautrix-facebook/tasks/init.yml
View file

@ -22,3 +22,51 @@
+
{{ ["/matrix-mautrix-facebook-registration.yaml"] }}
when: matrix_mautrix_facebook_enabled|bool
- block:
- name: Fail if matrix-nginx-proxy role already executed
fail:
msg: >-
Trying to append Mautrix Facebook's reverse-proxying configuration to matrix-nginx-proxy,
but it's pointless since the matrix-nginx-proxy role had already executed.
To fix this, please change the order of roles in your playbook,
so that the matrix-nginx-proxy role would run after the matrix-bridge-mautrix-facebook role.
when: matrix_nginx_proxy_role_executed|default(False)|bool
- name: Generate Mautrix Facebook proxying configuration for matrix-nginx-proxy
set_fact:
matrix_mautrix_facebook_matrix_nginx_proxy_configuration: |
location {{ matrix_mautrix_facebook_public_endpoint }} {
{% if matrix_nginx_proxy_enabled|default(False) %}
{# Use the embedded DNS resolver in Docker containers to discover the service #}
resolver 127.0.0.11 valid=5s;
set $backend "matrix-mautrix-facebook:29319";
proxy_pass http://$backend;
{% else %}
{# Generic configuration for use outside of our container setup #}
proxy_pass http://127.0.0.1:9008;
{% endif %}
}
- name: Register Mautrix Facebook proxying configuration with matrix-nginx-proxy
set_fact:
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
{{
matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
+
[matrix_mautrix_facebook_matrix_nginx_proxy_configuration]
}}
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
debug:
msg: >-
NOTE: You've enabled the Mautrix Facebook bridge but are not using the matrix-nginx-proxy
reverse proxy.
Please make sure that you're proxying the `{{ matrix_mautrix_facebook_public_endpoint }}`
URL endpoint to the matrix-mautrix-facebook container.
You can expose the container's port using the `matrix_mautrix_facebook_container_http_host_bind_port` variable.
when: "not matrix_nginx_proxy_enabled|default(False)|bool"
tags:
- always
when: matrix_mautrix_facebook_enabled|bool and matrix_mautrix_facebook_appservice_public_enabled|bool

8
roles/matrix-bridge-mautrix-facebook/tasks/setup_install.yml
View file

@ -41,6 +41,10 @@
force_source: "{{ matrix_mautrix_facebook_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_facebook_docker_image_force_pull }}"
when: not matrix_mautrix_facebook_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix Facebook paths exist
file:
@ -97,7 +101,7 @@
- name: Ensure mautrix-facebook config.yaml installed
copy:
content: "{{ matrix_mautrix_facebook_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_facebook_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_facebook_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -105,7 +109,7 @@
- name: Ensure mautrix-facebook registration.yaml installed
copy:
content: "{{ matrix_mautrix_facebook_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_facebook_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_facebook_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

1
roles/matrix-bridge-mautrix-facebook/tasks/validate_config.yml
View file

@ -6,6 +6,7 @@
You need to define a required configuration setting (`{{ item }}`).
when: "vars[item] == ''"
with_items:
- "matrix_mautrix_facebook_public_endpoint"
- "matrix_mautrix_facebook_appservice_token"
- "matrix_mautrix_facebook_homeserver_token"

21
roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2
View file

@ -32,16 +32,12 @@ appservice:
# Public part of web server for out-of-Matrix interaction with the bridge.
public:
# Whether or not the public-facing endpoints should be enabled.
enabled: false
enabled: {{ matrix_mautrix_facebook_appservice_public_enabled|to_json }}
# The prefix to use in the public-facing endpoints.
prefix: /public
prefix: {{ matrix_mautrix_facebook_public_endpoint|to_json }}
# The base URL where the public-facing endpoints are available. The prefix is not added
# implicitly.
external: https://example.com/public
# Shared secret for integration managers such as mautrix-manager.
# If set to "generate", a random string will be generated on the next startup.
# If null, integration manager access to the API will not be possible.
shared_secret: generate
external: {{ matrix_mautrix_facebook_appservice_public_external|to_json }}
# The unique ID of this appservice.
id: facebook
@ -66,12 +62,6 @@ bridge:
# Localpart template of MXIDs for Facebook users.
# {userid} is replaced with the user ID of the Facebook user.
username_template: "facebook_{userid}"
# Localpart template for per-user room grouping community IDs.
# The bridge will create these communities and add all of the specific user's portals to the community.
# {localpart} is the MXID localpart and {server} is the MXID server part of the user.
#
# `facebook_{localpart}={server}` is a good value.
community_template: null
# Displayname template for Facebook users.
# {displayname} is replaced with the display name of the Facebook user
# as defined below in displayname_preference.
@ -147,6 +137,9 @@ bridge:
delivery_receipts: false
# Whether to allow inviting arbitrary mxids to portal rooms
allow_invites: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: {{ matrix_mautrix_facebook_federate_rooms|to_json }}
# Settings for backfilling messages from Facebook.
backfill:
# Whether or not the Facebook users of logged in Matrix users should be
@ -179,7 +172,7 @@ bridge:
# Whether or not temporary disconnections should send notices to the notice room.
# If this is false, disconnections will never send messages and connections will only send
# messages if it was disconnected for more than resync_max_disconnected_time seconds.
temporary_disconnect_notices: true
temporary_disconnect_notices: false
# Whether or not the bridge should try to "refresh" the connection if a normal reconnection
# attempt fails.
refresh_on_reconnection_fail: false

3
roles/matrix-bridge-mautrix-facebook/templates/systemd/matrix-mautrix-facebook.service.j2
View file

@ -24,6 +24,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-facebo
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_docker_network }} \
{% if matrix_mautrix_facebook_appservice_public_enabled and matrix_mautrix_facebook_container_http_host_bind_port %}
-p {{ matrix_mautrix_facebook_container_http_host_bind_port }}:29319 \
{% endif %}
-v {{ matrix_mautrix_facebook_config_path }}:/config:z \
-v {{ matrix_mautrix_facebook_data_path }}:/data:z \
{% for arg in matrix_mautrix_facebook_container_extra_arguments %}

3
roles/matrix-bridge-mautrix-googlechat/defaults/main.yml
View file

@ -41,6 +41,9 @@ matrix_mautrix_googlechat_systemd_wanted_services_list: []
matrix_mautrix_googlechat_appservice_token: ''
matrix_mautrix_googlechat_homeserver_token: ''
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_googlechat_federate_rooms: true
# Database-related configuration fields.
#

2
roles/matrix-bridge-mautrix-googlechat/tasks/init.yml
View file

@ -67,4 +67,4 @@
Please make sure that you're proxying the `{{ matrix_mautrix_googlechat_public_endpoint }}`
URL endpoint to the matrix-mautrix-googlechat container.
You can expose the container's port using the `matrix_mautrix_googlechat_container_http_host_bind_port` variable.
when: "matrix_mautrix_googlechat_enabled|bool and (matrix_nginx_proxy_enabled is not defined or matrix_nginx_proxy_enabled|bool == false)"
when: "matrix_mautrix_googlechat_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

8
roles/matrix-bridge-mautrix-googlechat/tasks/setup_install.yml
View file

@ -41,6 +41,10 @@
force_source: "{{ matrix_mautrix_googlechat_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_googlechat_docker_image_force_pull }}"
when: not matrix_mautrix_googlechat_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix googlechat paths exist
file:
@ -96,7 +100,7 @@
- name: Ensure mautrix-googlechat config.yaml installed
copy:
content: "{{ matrix_mautrix_googlechat_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_googlechat_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_googlechat_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -104,7 +108,7 @@
- name: Ensure mautrix-googlechat registration.yaml installed
copy:
content: "{{ matrix_mautrix_googlechat_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_googlechat_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_googlechat_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

3
roles/matrix-bridge-mautrix-googlechat/templates/config.yaml.j2
View file

@ -93,6 +93,9 @@ bridge:
# This will cause the bridge bot to be in private chats for the encryption to work properly.
default: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: {{ matrix_mautrix_googlechat_federate_rooms|to_json }}
# Public website and API configs
web:
# Auth server config

2
roles/matrix-bridge-mautrix-hangouts/tasks/init.yml
View file

@ -67,4 +67,4 @@
Please make sure that you're proxying the `{{ matrix_mautrix_hangouts_public_endpoint }}`
URL endpoint to the matrix-mautrix-hangouts container.
You can expose the container's port using the `matrix_mautrix_hangouts_container_http_host_bind_port` variable.
when: "matrix_mautrix_hangouts_enabled|bool and (matrix_nginx_proxy_enabled is not defined or matrix_nginx_proxy_enabled|bool == false)"
when: "matrix_mautrix_hangouts_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

8
roles/matrix-bridge-mautrix-hangouts/tasks/setup_install.yml
View file

@ -41,6 +41,10 @@
force_source: "{{ matrix_mautrix_hangouts_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_hangouts_docker_image_force_pull }}"
when: not matrix_mautrix_hangouts_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix Hangouts paths exist
file:
@ -96,7 +100,7 @@
- name: Ensure mautrix-hangouts config.yaml installed
copy:
content: "{{ matrix_mautrix_hangouts_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_hangouts_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_hangouts_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -104,7 +108,7 @@
- name: Ensure mautrix-hangouts registration.yaml installed
copy:
content: "{{ matrix_mautrix_hangouts_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_hangouts_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_hangouts_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

3
roles/matrix-bridge-mautrix-instagram/defaults/main.yml
View file

@ -34,6 +34,9 @@ matrix_mautrix_instagram_systemd_wanted_services_list: []
matrix_mautrix_instagram_appservice_token: ''
matrix_mautrix_instagram_homeserver_token: ''
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_instagram_federate_rooms: true
# Database-related configuration fields.
#

8
roles/matrix-bridge-mautrix-instagram/tasks/setup_install.yml
View file

@ -14,6 +14,10 @@
force_source: "{{ matrix_mautrix_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_instagram_docker_image_force_pull }}"
when: not matrix_mautrix_instagram_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix instagram paths exist
file:
@ -51,7 +55,7 @@
- name: Ensure mautrix-instagram config.yaml installed
copy:
content: "{{ matrix_mautrix_instagram_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_instagram_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_instagram_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -59,7 +63,7 @@
- name: Ensure mautrix-instagram registration.yaml installed
copy:
content: "{{ matrix_mautrix_instagram_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_instagram_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_instagram_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2
View file

@ -46,12 +46,6 @@ appservice:
bot_displayname: Instagram bridge bot
bot_avatar: mxc://maunium.net/JxjlbZUlCPULEeHZSwleUXQv
# Community ID for bridged users (changes registration file) and rooms.
# Must be created manually.
#
# Example: "+instagram:example.com". Set to false to disable.
community_id: false
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
@ -116,7 +110,7 @@ bridge:
update_avatar_initial_sync: true
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
federate_rooms: {{ matrix_mautrix_instagram_federate_rooms|to_json }}
# Settings for backfilling messages from Instagram.
backfill:
# Whether or not the Instagram users of logged in Matrix users should be

4
roles/matrix-bridge-mautrix-signal/defaults/main.yml
View file

@ -56,6 +56,10 @@ matrix_mautrix_signal_homeserver_token: ''
matrix_mautrix_signal_appservice_bot_username: signalbot
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_signal_federate_rooms: true
# Database-related configuration fields
#
# This bridge only supports postgres.

8
roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml
View file

@ -15,6 +15,10 @@
force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
when: "not matrix_mautrix_signal_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix Signal repository is present on self-build
@ -84,7 +88,7 @@
- name: Ensure mautrix-signal config.yaml installed
copy:
content: "{{ matrix_mautrix_signal_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_signal_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_signal_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -92,7 +96,7 @@
- name: Ensure mautrix-signal registration.yaml installed
copy:
content: "{{ matrix_mautrix_signal_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_signal_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_signal_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2
View file

@ -56,12 +56,6 @@ appservice:
bot_displayname: Signal bridge bot
bot_avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp
# Community ID for bridged users (changes registration file) and rooms.
# Must be created manually.
#
# Example: "+signal:example.com". Set to false to disable.
community_id: false
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
@ -153,7 +147,7 @@ bridge:
{{ matrix_mautrix_signal_homeserver_domain }}: {{ matrix_mautrix_signal_login_shared_secret|to_json }}
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
federate_rooms: {{ matrix_mautrix_signal_federate_rooms|to_json }}
# End-to-bridge encryption support options. You must install the e2be optional dependency for
# this to work. See https://github.com/tulir/mautrix-telegram/wiki/Endtobridge-encryption
encryption:

7
roles/matrix-bridge-mautrix-telegram/defaults/main.yml
View file

@ -28,6 +28,9 @@ matrix_mautrix_telegram_api_id: ''
matrix_mautrix_telegram_api_hash: ''
matrix_mautrix_telegram_bot_token: disabled
# Whether or not the public-facing endpoints should be enabled (web-based login)
matrix_mautrix_telegram_appservice_public_enabled: true
# Mautrix telegram public endpoint to log in to telegram
# Use an uuid so it's not easily discoverable.
# Example: /741a0483-ba17-4682-9900-30bd7269f1cc
@ -40,6 +43,10 @@ matrix_mautrix_telegram_appservice_public_external: 'https://{{ matrix_server_fq
matrix_mautrix_telegram_appservice_bot_username: telegrambot
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_telegram_federate_rooms: true
# Controls whether the matrix-mautrix-telegram container exposes its HTTP port (tcp/8080 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9006"), or empty string to not expose.

22
roles/matrix-bridge-mautrix-telegram/tasks/init.yml
View file

@ -56,16 +56,16 @@
+
[matrix_mautrix_telegram_matrix_nginx_proxy_configuration]
}}
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
debug:
msg: >-
NOTE: You've enabled the Mautrix Telegram bridge but are not using the matrix-nginx-proxy
reverse proxy.
Please make sure that you're proxying the `{{ matrix_mautrix_telegram_public_endpoint }}`
URL endpoint to the matrix-mautrix-telegram container.
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
when: "not matrix_nginx_proxy_enabled|default(False)|bool"
tags:
- always
when: matrix_mautrix_telegram_enabled|bool
- name: Warn about reverse-proxying if matrix-nginx-proxy not used
debug:
msg: >-
NOTE: You've enabled the Mautrix Telegram bridge but are not using the matrix-nginx-proxy
reverse proxy.
Please make sure that you're proxying the `{{ matrix_mautrix_telegram_public_endpoint }}`
URL endpoint to the matrix-mautrix-telegram container.
You can expose the container's port using the `matrix_mautrix_telegram_container_http_host_bind_port` variable.
when: "matrix_mautrix_telegram_enabled|bool and matrix_nginx_proxy_enabled is not defined"
when: matrix_mautrix_telegram_enabled|bool and matrix_mautrix_telegram_appservice_public_enabled|bool

8
roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml
View file

@ -55,6 +55,10 @@
force_source: "{{ matrix_mautrix_telegram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_telegram_docker_image_force_pull }}"
when: "not matrix_mautrix_telegram_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure lottieconverter is present when self-building
git:
@ -118,7 +122,7 @@
- name: Ensure mautrix-telegram config.yaml installed
copy:
content: "{{ matrix_mautrix_telegram_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_telegram_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_telegram_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -126,7 +130,7 @@
- name: Ensure mautrix-telegram registration.yaml installed
copy:
content: "{{ matrix_mautrix_telegram_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_telegram_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_telegram_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

4
roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2
View file

@ -34,7 +34,7 @@ appservice:
# the HS database.
public:
# Whether or not the public-facing endpoints should be enabled.
enabled: true
enabled: {{ matrix_mautrix_telegram_appservice_public_enabled|to_json }}
# The prefix to use in the public-facing endpoints.
prefix: {{ matrix_mautrix_telegram_public_endpoint|to_json }}
# The base URL where the public-facing endpoints are available. The prefix is not added
@ -160,7 +160,7 @@ bridge:
parallel_file_transfer: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
federate_rooms: {{ matrix_mautrix_telegram_federate_rooms|to_json }}
# Settings for converting animated stickers.
animated_sticker:
# Format to which animated stickers should be converted.

2
roles/matrix-bridge-mautrix-telegram/templates/systemd/matrix-mautrix-telegram.service.j2
View file

@ -24,7 +24,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mautrix-telegr
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--cap-drop=ALL \
--network={{ matrix_docker_network }} \
{% if matrix_mautrix_telegram_container_http_host_bind_port %}
{% if matrix_mautrix_telegram_appservice_public_enabled and matrix_mautrix_telegram_container_http_host_bind_port %}
-p {{ matrix_mautrix_telegram_container_http_host_bind_port }}:8080 \
{% endif %}
-v {{ matrix_mautrix_telegram_config_path }}:/config:z \

7
roles/matrix-bridge-mautrix-twitter/defaults/main.yml
View file

@ -34,6 +34,9 @@ matrix_mautrix_twitter_systemd_wanted_services_list: []
matrix_mautrix_twitter_appservice_token: ''
matrix_mautrix_twitter_homeserver_token: ''
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_twitter_federate_rooms: true
# Database-related configuration fields.
#
@ -42,8 +45,8 @@ matrix_mautrix_twitter_homeserver_token: ''
matrix_mautrix_twitter_database_engine: 'postgres'
matrix_mautrix_twitter_database_username: 'matrix_mautrix_twitter'
matrix_mautrix_twitter_database_password: 'some-password'
matrix_mautrix_twitter_database_hostname: 'matrix-postgres'
matrix_mautrix_twitter_database_password: ''
matrix_mautrix_twitter_database_hostname: ''
matrix_mautrix_twitter_database_port: 5432
matrix_mautrix_twitter_database_name: 'matrix_mautrix_twitter'

8
roles/matrix-bridge-mautrix-twitter/tasks/setup_install.yml
View file

@ -18,6 +18,10 @@
force_source: "{{ matrix_mautrix_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_twitter_docker_image_force_pull }}"
when: matrix_mautrix_twitter_enabled|bool and not matrix_mautrix_twitter_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix Twitter paths exist
file:
@ -55,7 +59,7 @@
- name: Ensure mautrix-twitter config.yaml installed
copy:
content: "{{ matrix_mautrix_twitter_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_twitter_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_twitter_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -63,7 +67,7 @@
- name: Ensure mautrix-twitter registration.yaml installed
copy:
content: "{{ matrix_mautrix_twitter_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_twitter_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_twitter_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

10
roles/matrix-bridge-mautrix-twitter/tasks/validate_config.yml
View file

@ -8,11 +8,5 @@
with_items:
- "matrix_mautrix_twitter_appservice_token"
- "matrix_mautrix_twitter_homeserver_token"
- name: Fail if database is not defined
fail:
msg: >-
You need to define a need to set `matrix_mautrix_twitter_database_engine: postgres` and redefine the other `matrix_mautrix_twitter_database_*` variables
when: "vars[item] == ''"
with_items:
- "matrix_mautrix_twitter_database_engine"
- "matrix_mautrix_twitter_database_hostname"
- "matrix_mautrix_twitter_database_password"

8
roles/matrix-bridge-mautrix-twitter/templates/config.yaml.j2
View file

@ -54,12 +54,6 @@ appservice:
bot_displayname: Twitter bridge bot
bot_avatar: mxc://maunium.net/HVHcnusJkQcpVcsVGZRELLCn
# Community ID for bridged users (changes registration file) and rooms.
# Must be created manually.
#
# Example: "+twitter:example.com". Set to false to disable.
community_id: false
# Whether or not to receive ephemeral events via appservice transactions.
# Requires MSC2409 support (i.e. Synapse 1.22+).
# You should disable bridge -> sync_with_custom_puppets when this is enabled.
@ -111,7 +105,7 @@ bridge:
login_shared_secret_map: {{ matrix_mautrix_twitter_bridge_login_shared_secret_map|to_json }}
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
federate_rooms: {{ matrix_mautrix_twitter_federate_rooms|to_json }}
# Settings for backfilling messages from Twitter.
#
# Missed message backfilling is currently based on receiving them from the Twitter polling API,

6
roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml
View file

@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false
matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
matrix_mautrix_whatsapp_version: v0.2.4
matrix_mautrix_whatsapp_version: v0.3.0
# See: https://mau.dev/mautrix/whatsapp/container_registry
matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}"
@ -37,6 +37,10 @@ matrix_mautrix_whatsapp_homeserver_token: ''
matrix_mautrix_whatsapp_appservice_bot_username: whatsappbot
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
matrix_mautrix_whatsapp_federate_rooms: true
# Database-related configuration fields.
#
# To use SQLite, stick to these defaults.

8
roles/matrix-bridge-mautrix-whatsapp/tasks/setup_install.yml
View file

@ -57,6 +57,10 @@
force_source: "{{ matrix_mautrix_whatsapp_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_whatsapp_docker_image_force_pull }}"
when: not matrix_mautrix_whatsapp_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Mautrix Whatsapp repository is present on self-build
git:
@ -108,7 +112,7 @@
- name: Ensure mautrix-whatsapp config.yaml installed
copy:
content: "{{ matrix_mautrix_whatsapp_configuration|to_nice_yaml }}"
content: "{{ matrix_mautrix_whatsapp_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_whatsapp_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -116,7 +120,7 @@
- name: Ensure mautrix-whatsapp registration.yaml installed
copy:
content: "{{ matrix_mautrix_whatsapp_registration|to_nice_yaml }}"
content: "{{ matrix_mautrix_whatsapp_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mautrix_whatsapp_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

2
roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2
View file

@ -136,7 +136,7 @@ bridge:
allow_user_invite: false
# Whether or not created rooms should have federation enabled.
# If false, created portal rooms will never be federated.
federate_rooms: true
federate_rooms: {{ matrix_mautrix_whatsapp_federate_rooms|to_json }}
# The prefix for commands. Only required in non-management rooms.
command_prefix: "!wa"

16
roles/matrix-bridge-mx-puppet-discord/defaults/main.yml
View file

@ -1,11 +1,19 @@
---
# Mx Puppet Discord is a Matrix <-> Discord bridge
# See: https://github.com/matrix-discord/mx-puppet-discord
# See: https://gitlab.com/beeper/mx-puppet-monorepo (originally based on https://github.com/matrix-discord/mx-puppet-discord)
#
# We use the Beeper-maintained fork, because https://github.com/matrix-discord/mx-puppet-discord is horribly broken often. See:
# - https://github.com/matrix-discord/mx-puppet-discord/issues/201
# - https://github.com/matrix-discord/mx-puppet-discord/issues/202
# - https://github.com/matrix-discord/mx-puppet-discord/issues/203
# - (other similar issues in the past)
matrix_mx_puppet_discord_enabled: true
matrix_mx_puppet_discord_container_image_self_build: false
matrix_mx_puppet_discord_container_image_self_build_repo: "https://github.com/matrix-discord/mx-puppet-discord.git"
matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo"
matrix_mx_puppet_discord_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_discord_version == 'latest' else matrix_mx_puppet_discord_version }}"
matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "docker/Dockerfile-discord"
# Controls whether the mx-puppet-discord container exposes its HTTP port (tcp/8432 in the container).
#
@ -13,8 +21,8 @@ matrix_mx_puppet_discord_container_image_self_build_repo: "https://github.com/ma
matrix_mx_puppet_discord_container_http_host_bind_port: ''
matrix_mx_puppet_discord_version: latest
matrix_mx_puppet_discord_docker_image: "{{ matrix_mx_puppet_discord_docker_image_name_prefix }}sorunome/mx-puppet-discord:{{ matrix_mx_puppet_discord_version }}"
matrix_mx_puppet_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_discord_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_mx_puppet_discord_docker_image: "{{ matrix_mx_puppet_discord_docker_image_name_prefix }}beeper/mx-puppet-monorepo/discord:{{ matrix_mx_puppet_discord_version }}"
matrix_mx_puppet_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_discord_container_image_self_build else 'registry.gitlab.com/' }}"
matrix_mx_puppet_discord_docker_image_force_pull: "{{ matrix_mx_puppet_discord_docker_image.endswith(':latest') }}"
matrix_mx_puppet_discord_base_path: "{{ matrix_base_data_path }}/mx-puppet-discord"

11
roles/matrix-bridge-mx-puppet-discord/tasks/setup_install.yml
View file

@ -72,12 +72,17 @@
force_source: "{{ matrix_mx_puppet_discord_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_docker_image_force_pull }}"
when: matrix_mx_puppet_discord_enabled|bool and not matrix_mx_puppet_discord_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure MX Puppet Discord repository is present on self build
git:
repo: "{{ matrix_mx_puppet_discord_container_image_self_build_repo }}"
dest: "{{ matrix_mx_puppet_discord_docker_src_files_path }}"
force: "yes"
version: "{{ matrix_mx_puppet_discord_container_image_self_build_version }}"
register: matrix_mx_puppet_discord_git_pull_results
when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build"
@ -88,14 +93,14 @@
force_source: "{{ matrix_mx_puppet_discord_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_discord_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
dockerfile: "{{ matrix_mx_puppet_discord_container_image_self_build_dockerfile_path }}"
path: "{{ matrix_mx_puppet_discord_docker_src_files_path }}"
pull: true
when: "matrix_mx_puppet_discord_enabled|bool and matrix_mx_puppet_discord_container_image_self_build|bool"
- name: Ensure mx-puppet-discord config.yaml installed
copy:
content: "{{ matrix_mx_puppet_discord_configuration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_discord_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_discord_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -103,7 +108,7 @@
- name: Ensure mx-puppet-discord discord-registration.yaml installed
copy:
content: "{{ matrix_mx_puppet_discord_registration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_discord_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_discord_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-mx-puppet-groupme/tasks/setup_install.yml
View file

@ -73,6 +73,10 @@
force_source: "{{ matrix_mx_puppet_groupme_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_groupme_docker_image_force_pull }}"
when: matrix_mx_puppet_groupme_enabled|bool and not matrix_mx_puppet_groupme_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure MX Puppet Groupme repository is present on self build
git:
@ -96,7 +100,7 @@
- name: Ensure mx-puppet-groupme config.yaml installed
copy:
content: "{{ matrix_mx_puppet_groupme_configuration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_groupme_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_groupme_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -104,7 +108,7 @@
- name: Ensure mx-puppet-groupme groupme-registration.yaml installed
copy:
content: "{{ matrix_mx_puppet_groupme_registration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_groupme_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_groupme_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-mx-puppet-instagram/tasks/setup_install.yml
View file

@ -42,6 +42,10 @@
force_source: "{{ matrix_mx_puppet_instagram_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_instagram_docker_image_force_pull }}"
when: matrix_mx_puppet_instagram_enabled|bool and not matrix_mx_puppet_instagram_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure mx-puppet-instagram paths exist
file:
@ -79,7 +83,7 @@
- name: Ensure mx-puppet-instagram config.yaml installed
copy:
content: "{{ matrix_mx_puppet_instagram_configuration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_instagram_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_instagram_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -87,7 +91,7 @@
- name: Ensure mx-puppet-instagram-registration.yaml installed
copy:
content: "{{ matrix_mx_puppet_instagram_registration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_instagram_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_instagram_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-mx-puppet-skype/tasks/setup_install.yml
View file

@ -73,6 +73,10 @@
force_source: "{{ matrix_mx_puppet_skype_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_skype_docker_image_force_pull }}"
when: matrix_mx_puppet_skype_enabled|bool and not matrix_mx_puppet_skype_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure MX Puppet Skype repository is present on self build
git:
@ -96,7 +100,7 @@
- name: Ensure mx-puppet-skype config.yaml installed
copy:
content: "{{ matrix_mx_puppet_skype_configuration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_skype_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_skype_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -104,7 +108,7 @@
- name: Ensure mx-puppet-skype skype-registration.yaml installed
copy:
content: "{{ matrix_mx_puppet_skype_registration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_skype_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_skype_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

10
roles/matrix-bridge-mx-puppet-slack/defaults/main.yml
View file

@ -1,6 +1,6 @@
---
# Mx Puppet Slack is a Matrix <-> Slack bridge
# See: https://github.com/Sorunome/mx-puppet-slack
# See: https://gitlab.com/beeper/mx-puppet-monorepo (originally based on https://github.com/Sorunome/mx-puppet-slack)
matrix_mx_puppet_slack_enabled: true
@ -8,7 +8,9 @@ matrix_mx_puppet_slack_oauth_client_id: ''
matrix_mx_puppet_slack_oauth_client_secret: ''
matrix_mx_puppet_slack_container_image_self_build: false
matrix_mx_puppet_slack_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-slack.git"
matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo.git"
matrix_mx_puppet_slack_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_slack_version == 'latest' else matrix_mx_puppet_slack_version }}"
matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Dockerfile-slack"
# Controls whether the mx-puppet-slack container exposes its HTTP port (tcp/8432 in the container).
#
@ -16,8 +18,8 @@ matrix_mx_puppet_slack_container_image_self_build_repo: "https://github.com/Soru
matrix_mx_puppet_slack_container_http_host_bind_port: ''
matrix_mx_puppet_slack_version: latest
matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}sorunome/mx-puppet-slack:{{ matrix_mx_puppet_slack_version }}"
matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}beeper/mx-puppet-monorepo/slack:{{ matrix_mx_puppet_slack_version }}"
matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}"
matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}"
matrix_mx_puppet_slack_base_path: "{{ matrix_base_data_path }}/mx-puppet-slack"

2
roles/matrix-bridge-mx-puppet-slack/tasks/init.yml
View file

@ -68,4 +68,4 @@
Please make sure that you're proxying the `{{ matrix_mx_puppet_slack_redirect_path }}`
URL endpoint to the matrix-mx-puppet-slack container.
You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable.
when: "matrix_mx_puppet_slack_enabled|bool and matrix_nginx_proxy_enabled is not defined"
when: "matrix_mx_puppet_slack_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

11
roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml
View file

@ -69,12 +69,17 @@
force_source: "{{ matrix_mx_puppet_slack_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_slack_docker_image_force_pull }}"
when: matrix_mx_puppet_slack_enabled|bool and not matrix_mx_puppet_slack_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure MX Puppet Slack repository is present on self build
git:
repo: "{{ matrix_mx_puppet_slack_container_image_self_build_repo }}"
dest: "{{ matrix_mx_puppet_slack_docker_src_files_path }}"
force: "yes"
version: "{{ matrix_mx_puppet_slack_container_image_self_build_version }}"
register: matrix_mx_puppet_slack_git_pull_results
when: "matrix_mx_puppet_slack_enabled|bool and matrix_mx_puppet_slack_container_image_self_build"
@ -85,7 +90,7 @@
force_source: "{{ matrix_mx_puppet_slack_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_slack_git_pull_results.changed }}"
build:
dockerfile: Dockerfile
dockerfile: "{{ matrix_mx_puppet_slack_container_image_self_build_dockerfile_path }}"
path: "{{ matrix_mx_puppet_slack_docker_src_files_path }}"
pull: true
when: "matrix_mx_puppet_slack_enabled|bool and matrix_mx_puppet_slack_container_image_self_build"
@ -96,7 +101,7 @@
- name: Ensure mx-puppet-slack config.yaml installed
copy:
content: "{{ matrix_mx_puppet_slack_configuration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_slack_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_slack_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -104,7 +109,7 @@
- name: Ensure mx-puppet-slack slack-registration.yaml installed
copy:
content: "{{ matrix_mx_puppet_slack_registration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_slack_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_slack_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-mx-puppet-steam/tasks/setup_install.yml
View file

@ -73,6 +73,10 @@
force_source: "{{ matrix_mx_puppet_steam_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_steam_docker_image_force_pull }}"
when: matrix_mx_puppet_steam_enabled|bool and not matrix_mx_puppet_steam_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure MX Puppet Steam repository is present on self build
git:
@ -96,7 +100,7 @@
- name: Ensure mx-puppet-steam config.yaml installed
copy:
content: "{{ matrix_mx_puppet_steam_configuration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_steam_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_steam_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -104,7 +108,7 @@
- name: Ensure mx-puppet-steam steam-registration.yaml installed
copy:
content: "{{ matrix_mx_puppet_steam_registration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_steam_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_steam_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

2
roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml
View file

@ -68,4 +68,4 @@
Please make sure that you're proxying the `{{ matrix_mx_puppet_twitter_redirect_path }}`
URL endpoint to the matrix-mx-puppet-twitter container.
You can expose the container's port using the `matrix_mx_puppet_twitter_container_http_host_bind_port` variable.
when: "matrix_mx_puppet_twitter_enabled|bool and matrix_nginx_proxy_enabled is not defined"
when: "matrix_mx_puppet_twitter_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

8
roles/matrix-bridge-mx-puppet-twitter/tasks/setup_install.yml
View file

@ -73,6 +73,10 @@
force_source: "{{ matrix_mx_puppet_twitter_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_twitter_docker_image_force_pull }}"
when: matrix_mx_puppet_twitter_enabled|bool and not matrix_mx_puppet_twitter_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure MX Puppet Twitter repository is present on self build
git:
@ -96,7 +100,7 @@
- name: Ensure mx-puppet-twitter config.yaml installed
copy:
content: "{{ matrix_mx_puppet_twitter_configuration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_twitter_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_twitter_config_path }}/config.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -104,7 +108,7 @@
- name: Ensure mx-puppet-twitter twitter-registration.yaml installed
copy:
content: "{{ matrix_mx_puppet_twitter_registration|to_nice_yaml }}"
content: "{{ matrix_mx_puppet_twitter_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_mx_puppet_twitter_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

8
roles/matrix-bridge-sms/tasks/setup_install.yml
View file

@ -4,6 +4,10 @@
docker_image:
name: "{{ matrix_sms_bridge_docker_image }}"
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure matrix-sms-bridge paths exist
file:
@ -19,7 +23,7 @@
- name: Ensure matrix-sms-bridge application.yml installed
copy:
content: "{{ matrix_sms_bridge_configuration|to_nice_yaml }}"
content: "{{ matrix_sms_bridge_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_sms_bridge_config_path }}/application.yml"
mode: 0644
owner: "{{ matrix_user_username }}"
@ -27,7 +31,7 @@
- name: Ensure matrix-sms-bridge registration.yaml installed
copy:
content: "{{ matrix_sms_bridge_registration|to_nice_yaml }}"
content: "{{ matrix_sms_bridge_registration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_sms_bridge_config_path }}/registration.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

2
roles/matrix-client-cinny/defaults/main.yml
View file

@ -5,7 +5,7 @@ matrix_client_cinny_enabled: true
matrix_client_cinny_container_image_self_build: false
matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git"
matrix_client_cinny_version: v1.7.0
matrix_client_cinny_version: v1.8.2
matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}"
matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}"

4
roles/matrix-client-cinny/tasks/setup_install.yml
View file

@ -18,6 +18,10 @@
force_source: "{{ matrix_client_cinny_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_cinny_docker_image_force_pull }}"
when: "not matrix_client_cinny_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Cinny repository is present on self-build
git:

2
roles/matrix-client-element/defaults/main.yml
View file

@ -9,7 +9,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto
# - https://github.com/vector-im/element-web/issues/19544
matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
matrix_client_element_version: v1.10.6
matrix_client_element_version: v1.10.7
matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"

4
roles/matrix-client-element/tasks/setup_install.yml
View file

@ -19,6 +19,10 @@
force_source: "{{ matrix_client_element_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_element_docker_image_force_pull }}"
when: "not matrix_client_element_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Element repository is present on self-build
git:

4
roles/matrix-client-hydrogen/tasks/setup_install.yml
View file

@ -19,6 +19,10 @@
force_source: "{{ matrix_client_hydrogen_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_client_hydrogen_docker_image_force_pull }}"
when: "not matrix_client_hydrogen_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Hydrogen repository is present on self-build
git:

4
roles/matrix-corporal/tasks/setup_corporal.yml
View file

@ -45,6 +45,10 @@
force_source: "{{ matrix_corporal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_corporal_docker_image_force_pull }}"
when: "matrix_corporal_enabled|bool and not matrix_corporal_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Matrix Corporal config installed
copy:

4
roles/matrix-coturn/tasks/setup_install.yml
View file

@ -24,6 +24,10 @@
force_source: "{{ matrix_coturn_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_coturn_docker_image_force_pull }}"
when: "not matrix_coturn_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- name: Ensure Coturn repository is present on self-build

6
roles/matrix-dendrite/tasks/dendrite/setup_install.yml
View file

@ -23,6 +23,10 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_dendrite_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dendrite_docker_image_force_pull }}"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Check if a Dendrite signing key exists
stat:
@ -52,7 +56,7 @@
- name: Ensure Dendrite configuration installed
copy:
content: "{{ matrix_dendrite_configuration|to_nice_yaml }}"
content: "{{ matrix_dendrite_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_dendrite_config_dir_path }}/dendrite.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

5
roles/matrix-dimension/tasks/setup_install.yml
View file

@ -78,7 +78,7 @@
- name: Ensure Dimension config installed
copy:
content: "{{ matrix_dimension_configuration|to_nice_yaml }}"
content: "{{ matrix_dimension_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_dimension_base_path }}/config.yaml"
mode: 0640
owner: "{{ matrix_user_username }}"
@ -92,6 +92,9 @@
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dimension_docker_image_force_pull }}"
when: "not matrix_dimension_container_image_self_build|bool"
register: matrix_dimension_pull_results
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: matrix_dimension_pull_results is not failed
- name: Ensure dimension repository is present on self-build
git:

4
roles/matrix-dynamic-dns/tasks/install.yml
View file

@ -7,6 +7,10 @@
force_source: "{{ matrix_dynamic_dns_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_dynamic_dns_docker_image_force_pull }}"
when: matrix_dynamic_dns_enabled|bool and not matrix_dynamic_dns_container_image_self_build
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Dynamic DNS paths exist
file:

4
roles/matrix-email2matrix/tasks/setup_install.yml
View file

@ -28,6 +28,10 @@
force_source: "{{ matrix_email2matrix_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_email2matrix_docker_image_force_pull }}"
when: "not matrix_email2matrix_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure Email2Matrix repository is present on self-build
git:

2
roles/matrix-etherpad/tasks/init.yml
View file

@ -61,4 +61,4 @@
Please make sure that you're proxying the `{{ matrix_etherpad_public_endpoint }}`
URL endpoint to the matrix-etherpad container.
You can expose the container's port using the `matrix_etherpad_container_http_host_bind_port` variable.
when: "matrix_etherpad_enabled|bool and matrix_nginx_proxy_enabled is not defined"
when: "matrix_etherpad_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"

4
roles/matrix-etherpad/tasks/setup_install.yml
View file

@ -22,6 +22,10 @@
source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
force_source: "{{ matrix_etherpad_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_etherpad_docker_image_force_pull }}"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure matrix-etherpad.service installed
template:

4
roles/matrix-grafana/tasks/setup.yml
View file

@ -11,6 +11,10 @@
force_source: "{{ matrix_grafana_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_grafana_docker_image_force_pull }}"
when: "matrix_grafana_enabled|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure grafana paths exists
file:

4
roles/matrix-jitsi/tasks/setup_jitsi_jicofo.yml
View file

@ -23,6 +23,10 @@
force_source: "{{ matrix_jitsi_jicofo_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jicofo_docker_image_force_pull }}"
when: matrix_jitsi_enabled|bool
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure jitsi-jicofo environment variables file created
template:

4
roles/matrix-jitsi/tasks/setup_jitsi_jvb.yml
View file

@ -23,6 +23,10 @@
force_source: "{{ matrix_jitsi_jvb_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_jvb_docker_image_force_pull }}"
when: matrix_jitsi_enabled|bool
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure jitsi-jvb configuration files created
template:

4
roles/matrix-jitsi/tasks/setup_jitsi_prosody.yml
View file

@ -24,6 +24,10 @@
force_source: "{{ matrix_jitsi_prosody_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_prosody_docker_image_force_pull }}"
when: matrix_jitsi_enabled|bool
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure jitsi-prosody environment variables file is created
template:

4
roles/matrix-jitsi/tasks/setup_jitsi_web.yml
View file

@ -25,6 +25,10 @@
force_source: "{{ matrix_jitsi_web_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_jitsi_web_docker_image_force_pull }}"
when: matrix_jitsi_enabled|bool
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- name: Ensure jitsi-web environment variables file created
template:

7
roles/matrix-ma1sd/tasks/setup_install.yml
View file

@ -52,6 +52,10 @@
force_source: "{{ matrix_ma1sd_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_ma1sd_docker_image_force_pull }}"
when: "not matrix_ma1sd_container_image_self_build|bool"
register: result
retries: "{{ matrix_container_retries_count }}"
delay: "{{ matrix_container_retries_delay }}"
until: result is not failed
- block:
- name: Ensure gradle is installed for self-building (Debian)
@ -87,6 +91,7 @@
shell: "DOCKER_BUILDKIT=1 ./gradlew dockerBuild"
args:
chdir: "{{ matrix_ma1sd_docker_src_files_path }}"
when: matrix_ma1sd_git_pull_results.changed
- name: Ensure ma1sd Docker image is tagged correctly
docker_image:
@ -104,7 +109,7 @@
- name: Ensure ma1sd config installed
copy:
content: "{{ matrix_ma1sd_configuration|to_nice_yaml }}"
content: "{{ matrix_ma1sd_configuration|to_nice_yaml(indent=2, width=999999) }}"
dest: "{{ matrix_ma1sd_config_path }}/ma1sd.yaml"
mode: 0644
owner: "{{ matrix_user_username }}"

Some files were not shown because too many files have changed in this diff Show more