From f57aed8e015593d084518c1dbe27f6f4bd9457de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 20 Jun 2022 21:32:03 +0200 Subject: [PATCH 01/78] Add a setting to make nginx forward node_exporter and postgres_exporter --- .../templates/nginx/conf.d/matrix-domain.conf.j2 | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 4abcd40a..8d17d64c 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -45,6 +45,19 @@ {{ render_nginx_status_location_block(matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses) }} {% endif %} + {% if matrix_nginx_proxy_node_exporter_reverse_enabled %} + location /node-exporter/ { + resolver 127.0.0.11 valid=5s; + proxy_pass http://matrix-prometheus-node-exporter:9100/; + } + {% endif %} + {% if matrix_nginx_proxy_postgres_exporter_reverse_enabled %} + location /postgres-exporter/ { + resolver 127.0.0.11 valid=5s; + proxy_pass http://matrix-prometheus-postgres-exporter:9187/; + } + {% endif %} + {% if matrix_nginx_proxy_proxy_matrix_corporal_api_enabled %} location ^~ /_matrix/corporal { {% if matrix_nginx_proxy_enabled %} From d24cb7db6f9ed357ae4653174eccb9b44e0ace84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Thu, 23 Jun 2022 20:24:52 +0200 Subject: [PATCH 02/78] Initial maubot commit --- group_vars/matrix_servers | 27 ++++ roles/matrix-maubot/defaults/main.yml | 32 +++++ roles/matrix-maubot/tasks/init.yml | 5 + roles/matrix-maubot/tasks/main.yml | 23 ++++ roles/matrix-maubot/tasks/setup_install.yml | 73 ++++++++++ roles/matrix-maubot/tasks/setup_uninstall.yml | 36 +++++ roles/matrix-maubot/tasks/validate_config.yml | 11 ++ .../templates/config/config.yaml.j2 | 127 ++++++++++++++++++ .../systemd/matrix-maubot.service.j2 | 36 +++++ setup.yml | 1 + 10 files changed, 371 insertions(+) create mode 100644 roles/matrix-maubot/defaults/main.yml create mode 100644 roles/matrix-maubot/tasks/init.yml create mode 100644 roles/matrix-maubot/tasks/main.yml create mode 100644 roles/matrix-maubot/tasks/setup_install.yml create mode 100644 roles/matrix-maubot/tasks/setup_uninstall.yml create mode 100644 roles/matrix-maubot/tasks/validate_config.yml create mode 100644 roles/matrix-maubot/templates/config/config.yaml.j2 create mode 100644 roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index f727da55..4bfcaee5 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1053,6 +1053,33 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | # ###################################################################### +###################################################################### +# +# matrix-maubot +# +###################################################################### + +# We don't enable bots by default. +matrix_maubot_enabled: false + +matrix_maubot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" + +matrix_maubot_systemd_required_services_list: | + {{ + ['docker.service'] + + + ['matrix-' + matrix_homeserver_implementation + '.service'] + + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) + }} + + +###################################################################### +# +# /matrix-maubot +# +###################################################################### + ###################################################################### # diff --git a/roles/matrix-maubot/defaults/main.yml b/roles/matrix-maubot/defaults/main.yml new file mode 100644 index 00000000..63603c50 --- /dev/null +++ b/roles/matrix-maubot/defaults/main.yml @@ -0,0 +1,32 @@ +--- + +matrix_maubot_enabled: true +matrix_maubot_container_image_self_build: false +matrix_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" +matrix_maubot_docker_src_files_path: "{{ matrix_maubot_base_path }}/docker-src" + +matrix_maubot_version: latest +matrix_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_maubot_version }}" +matrix_maubot_docker_image_force_pull: "{{ matrix_maubot_docker_image.endswith(':latest') }}" + +matrix_maubot_base_path: "{{ matrix_base_data_path }}/maubot" +matrix_maubot_data_path: "{{ matrix_maubot_base_path }}/data" + +matrix_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" + + + +matrix_maubot_logging_level: info +matrix_maubot_secret: '' +matrix_maubot_admin_user: '' +matrix_maubot_admin_password: '' +matrix_mau_environment_variables_extension: '' + +# A list of extra arguments to pass to the container +matrix_maubot_container_extra_arguments: [] + +# List of systemd services that matrix-bot-matrix-registration-bot.service depends on +matrix_maubot_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-bot-matrix-registration-bot.service wants +matrix_maubot_systemd_wanted_services_list: [] diff --git a/roles/matrix-maubot/tasks/init.yml b/roles/matrix-maubot/tasks/init.yml new file mode 100644 index 00000000..3b62fbf3 --- /dev/null +++ b/roles/matrix-maubot/tasks/init.yml @@ -0,0 +1,5 @@ +--- + +- set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-maubot.service'] }}" + when: matrix_maubot_enabled|bool diff --git a/roles/matrix-maubot/tasks/main.yml b/roles/matrix-maubot/tasks/main.yml new file mode 100644 index 00000000..dbca98c3 --- /dev/null +++ b/roles/matrix-maubot/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup|bool and matrix_maubot_enabled|bool" + tags: + - setup-all + - setup-maubot + +- import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup|bool and matrix_maubot_enabled|bool" + tags: + - setup-all + - setup-maubot + +- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup|bool and not matrix_maubot_enabled|bool" + tags: + - setup-all + - setup-maubot diff --git a/roles/matrix-maubot/tasks/setup_install.yml b/roles/matrix-maubot/tasks/setup_install.yml new file mode 100644 index 00000000..5d701946 --- /dev/null +++ b/roles/matrix-maubot/tasks/setup_install.yml @@ -0,0 +1,73 @@ +--- + +- name: Ensure maubot paths exist + file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_maubot_base_path }}", when: true} + - - {path: "{{ matrix_maubot_data_path }}", when: true} + - {path: "{{ matrix_maubot_docker_src_files_path }}", when: true} + when: "item.when|bool" + +- name: Ensure maubot configuration file created + template: + src: "{{ role_path }}/templates/config/config.yaml.j2" + dest: "{{ matrix_maubot_base_path }}/config.yaml" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure maubot image is pulled + docker_image: + name: "{{ matrix_maubot_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_maubot_docker_image_force_pull }}" + when: "not matrix_maubot_container_image_self_build|bool" + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure maubot repository is present on self-build + git: + repo: "{{ matrix_maubot_docker_repo }}" + dest: "{{ matrix_maubot_docker_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_maubot_git_pull_results + when: "matrix_maubot_container_image_self_build|bool" + +- name: Ensure maubot image is built + docker_image: + name: "{{ matrix_maubot_docker_image }}" + source: build + force_source: "{{ matrix_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_maubot_docker_src_files_path }}" + pull: true + when: "matrix_maubot_container_image_self_build|bool" + +- name: Ensure matrix-maubot.service installed + template: + src: "{{ role_path }}/templates/systemd/matrix-maubot.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-maubot.service" + mode: 0644 + register: matrix_maubot_systemd_service_result + +- name: Ensure systemd reloaded after matrix-maubot.service installation + service: + daemon_reload: true + when: "matrix_maubot_systemd_service_result.changed|bool" + +- name: Ensure matrix-maubot.service restarted, if necessary + service: + name: "matrix-maubot.service" + state: restarted diff --git a/roles/matrix-maubot/tasks/setup_uninstall.yml b/roles/matrix-maubot/tasks/setup_uninstall.yml new file mode 100644 index 00000000..1765eb03 --- /dev/null +++ b/roles/matrix-maubot/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-maubot service + stat: + path: "{{ matrix_systemd_path }}/matrix-maubot.service" + register: matrix_maubot_service_stat + +- name: Ensure matrix-maubot is stopped + service: + name: matrix-maubot + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_maubot_service_stat.stat.exists|bool" + +- name: Ensure matrix-maubot.service doesn't exist + file: + path: "{{ matrix_systemd_path }}/matrix-maubot.service" + state: absent + when: "matrix_maubot_service_stat.stat.exists|bool" + +- name: Ensure systemd reloaded after matrix-maubot.service removal + service: + daemon_reload: true + when: "matrix_maubot_service_stat.stat.exists|bool" + +- name: Ensure Matrix maubot paths don't exist + file: + path: "{{ matrix_maubot_base_path }}" + state: absent + +- name: Ensure maubot Docker image doesn't exist + docker_image: + name: "{{ matrix_maubot_docker_image }}" + state: absent diff --git a/roles/matrix-maubot/tasks/validate_config.yml b/roles/matrix-maubot/tasks/validate_config.yml new file mode 100644 index 00000000..e23dc10c --- /dev/null +++ b/roles/matrix-maubot/tasks/validate_config.yml @@ -0,0 +1,11 @@ +--- + +- name: Fail if required settings not defined + fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - matrix_maubot_secret + - matrix_maubot_admin_user + - matrix_maubot_admin_password diff --git a/roles/matrix-maubot/templates/config/config.yaml.j2 b/roles/matrix-maubot/templates/config/config.yaml.j2 new file mode 100644 index 00000000..9f72cfc0 --- /dev/null +++ b/roles/matrix-maubot/templates/config/config.yaml.j2 @@ -0,0 +1,127 @@ +# The full URI to the database. SQLite and Postgres are fully supported. +# Other DBMSes supported by SQLAlchemy may or may not work. +# Format examples: +# SQLite: sqlite:///filename.db +# Postgres: postgresql://username:password@hostname/dbname +database: sqlite:////data/maubot.db + +# Separate database URL for the crypto database. "default" means use the same database as above. +crypto_database: default + +# Additional arguments for asyncpg.create_pool() or sqlite3.connect() +# https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool +# https://docs.python.org/3/library/sqlite3.html#sqlite3.connect +# For sqlite, min_size is used as the connection thread pool size and max_size is ignored. +database_opts: + min_size: 1 + max_size: 10 +plugin_directories: + # The directory where uploaded new plugins should be stored. + upload: /data/plugins + # The directories from which plugins should be loaded. + # Duplicate plugin IDs will be moved to the trash. + load: + - /data/plugins + trash: /data/trash + +# Configuration for storing plugin databases +plugin_databases: + # The directory where SQLite plugin databases should be stored. + sqlite: /data/dbs + # The connection URL for plugin databases. If null, all plugins will get SQLite databases. + # If set, plugins using the new asyncpg interface will get a Postgres connection instead. + # Plugins using the legacy SQLAlchemy interface will always get a SQLite connection. + # + # To use the same connection pool as the default database, set to "default" + # (the default database above must be postgres to do this). + # + # When enabled, maubot will create separate Postgres schemas in the database for each plugin. + # To view schemas in psql, use `\dn`. To view enter and interact with a specific schema, + # use `SET search_path = name` (where `name` is the name found with `\dn`) and then use normal + # SQL queries/psql commands. + postgres: + # Maximum number of connections per plugin instance. + postgres_max_conns_per_plugin: 3 + # Overrides for the default database_opts when using a non-"default" postgres connection string. + postgres_opts: {} + +server: + # The IP and port to listen to. + hostname: 0.0.0.0 + port: 29316 + # Public base URL where the server is visible. + public_url: {{ matrix_maubot_bot_server }} + # The base management API path. + base_path: /_matrix/maubot/v1 + # The base path for the UI. + ui_base_path: /_matrix/maubot + # The base path for plugin endpoints. The instance ID will be appended directly. + plugin_base_path: /_matrix/maubot/plugin/ + # Override path from where to load UI resources. + # Set to false to using pkg_resources to find the path. + override_resource_path: /opt/maubot/frontend + # The base appservice API path. Use / for legacy appservice API and /_matrix/app/v1 for v1. + appservice_base_path: /_matrix/app/v1 + # The shared secret to sign API access tokens. + # Set to "generate" to generate and save a new token at startup. + unshared_secret: {{ matrix_maubot_secret }} + +# Known homeservers. This is required for the `mbc auth` command and also allows +# more convenient access from the management UI. This is not required to create +# clients in the management UI, since you can also just type the homeserver URL +# into the box there. +homeservers: + {{ matrix_domain }}: + # Client-server API URL + url: {{ matrix_maubot_bot_server }} + # registration_shared_secret from synapse config + # You can leave this empty if you don't have access to the homeserver. + # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. + secret: {{ matrix_registration_shared_secret }} +admins: + root: '' + {{ matrix_maubot_admin_user }}: {{ matrix_maubot_admin_password }} +api_features: + login: true + plugin: true + plugin_upload: true + instance: true + instance_database: true + client: true + client_proxy: true + client_auth: true + dev_open: true + log: true + +# Python logging configuration. +# +# See section 16.7.2 of the Python documentation for more info: +# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema +logging: + version: 1 + formatters: + colored: + (): maubot.lib.color_log.ColorFormatter + format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' + normal: + format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' + handlers: + file: + class: logging.handlers.RotatingFileHandler + formatter: normal + filename: /var/log/maubot.log + maxBytes: 10485760 + backupCount: 10 + console: + class: logging.StreamHandler + formatter: colored + loggers: + maubot: + level: DEBUG + mau: + level: DEBUG + aiohttp: + level: INFO + root: + level: DEBUG + handlers: [file, console] diff --git a/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 new file mode 100644 index 00000000..d09b8b72 --- /dev/null +++ b/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 @@ -0,0 +1,36 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Maubot +{% for service in matrix_maubot_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_maubot_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ + --log-driver=none \ + --cap-drop=ALL \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --read-only \ + --mount type=bind,src={{ matrix_maubot_base_path }},dst=/data \ + --network={{ matrix_docker_network }} \ + -p 29316:29316 \ + {{ matrix_maubot_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-maubot + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 5ea7e5a7..0a0fdc61 100755 --- a/setup.yml +++ b/setup.yml @@ -66,3 +66,4 @@ - matrix-prometheus-postgres-exporter - matrix-backup-borg - matrix-common-after + - matrix-maubot From 13166569985011d650526c129c9c062780c15dea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Thu, 23 Jun 2022 21:57:52 +0200 Subject: [PATCH 03/78] Rename to bot_maubot and fix permission error --- group_vars/matrix_servers | 6 +-- roles/matrix-bot-maubot/defaults/main.yml | 33 +++++++++++++++ .../tasks/init.yml | 2 +- .../tasks/main.yml | 12 +++--- .../tasks/setup_install.yml | 40 +++++++++---------- .../tasks/setup_uninstall.yml | 12 +++--- .../tasks/validate_config.yml | 5 +-- .../templates/config/config.yaml.j2 | 14 ++++--- .../systemd/matrix-maubot.service.j2 | 16 ++++---- roles/matrix-maubot/defaults/main.yml | 32 --------------- setup.yml | 2 +- 11 files changed, 89 insertions(+), 85 deletions(-) create mode 100644 roles/matrix-bot-maubot/defaults/main.yml rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/init.yml (74%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/main.yml (56%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/setup_install.yml (56%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/setup_uninstall.yml (68%) rename roles/{matrix-maubot => matrix-bot-maubot}/tasks/validate_config.yml (66%) rename roles/{matrix-maubot => matrix-bot-maubot}/templates/config/config.yaml.j2 (91%) rename roles/{matrix-maubot => matrix-bot-maubot}/templates/systemd/matrix-maubot.service.j2 (68%) delete mode 100644 roles/matrix-maubot/defaults/main.yml diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index a15e38b4..ef4f4b07 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1065,11 +1065,11 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | ###################################################################### # We don't enable bots by default. -matrix_maubot_enabled: false +matrix_bot_maubot_enabled: false -matrix_maubot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" +matrix_bot_maubot_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}" -matrix_maubot_systemd_required_services_list: | +matrix_bot_maubot_systemd_required_services_list: | {{ ['docker.service'] + diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml new file mode 100644 index 00000000..5e7c58a2 --- /dev/null +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -0,0 +1,33 @@ +--- + +matrix_bot_maubot_enabled: true +matrix_bot_maubot_container_image_self_build: false +matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" +matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src" + +matrix_bot_maubot_version: latest +matrix_bot_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_bot_maubot_version }}" +matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.endswith(':latest') }}" + +matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" +matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" +matrix_bot_maubot_container_data_dir: "/data" + +matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" + + + +matrix_bot_maubot_logging_level: info +matrix_bot_maubot_secret: '' +matrix_bot_maubot_admin_user: '' +matrix_bot_maubot_admin_password: '' +matrix_mau_environment_variables_extension: '' + +# A list of extra arguments to pass to the container +matrix_bot_maubot_container_extra_arguments: [] + +# List of systemd services that matrix-bot-matrix-registration-bot.service depends on +matrix_bot_maubot_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-bot-matrix-registration-bot.service wants +matrix_bot_maubot_systemd_wanted_services_list: [] diff --git a/roles/matrix-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml similarity index 74% rename from roles/matrix-maubot/tasks/init.yml rename to roles/matrix-bot-maubot/tasks/init.yml index 3b62fbf3..286c5f46 100644 --- a/roles/matrix-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -2,4 +2,4 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-maubot.service'] }}" - when: matrix_maubot_enabled|bool + when: matrix_bot_maubot_enabled|bool diff --git a/roles/matrix-maubot/tasks/main.yml b/roles/matrix-bot-maubot/tasks/main.yml similarity index 56% rename from roles/matrix-maubot/tasks/main.yml rename to roles/matrix-bot-maubot/tasks/main.yml index dbca98c3..c67e25ee 100644 --- a/roles/matrix-maubot/tasks/main.yml +++ b/roles/matrix-bot-maubot/tasks/main.yml @@ -5,19 +5,19 @@ - always - import_tasks: "{{ role_path }}/tasks/validate_config.yml" - when: "run_setup|bool and matrix_maubot_enabled|bool" + when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - - setup-maubot + - setup-bot-maubot - import_tasks: "{{ role_path }}/tasks/setup_install.yml" - when: "run_setup|bool and matrix_maubot_enabled|bool" + when: "run_setup|bool and matrix_bot_maubot_enabled|bool" tags: - setup-all - - setup-maubot + - setup-bot-maubot - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" - when: "run_setup|bool and not matrix_maubot_enabled|bool" + when: "run_setup|bool and not matrix_bot_maubot_enabled|bool" tags: - setup-all - - setup-maubot + - setup-bot-maubot diff --git a/roles/matrix-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml similarity index 56% rename from roles/matrix-maubot/tasks/setup_install.yml rename to roles/matrix-bot-maubot/tasks/setup_install.yml index 5d701946..36871079 100644 --- a/roles/matrix-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -4,30 +4,30 @@ file: path: "{{ item.path }}" state: directory - mode: 0750 + mode: 0755 owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" with_items: - - {path: "{{ matrix_maubot_base_path }}", when: true} - - - {path: "{{ matrix_maubot_data_path }}", when: true} - - {path: "{{ matrix_maubot_docker_src_files_path }}", when: true} + - {path: "{{ matrix_bot_maubot_base_path }}", when: true} + - - {path: "{{ matrix_bot_maubot_data_path }}", when: true} + - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: true} when: "item.when|bool" - name: Ensure maubot configuration file created template: src: "{{ role_path }}/templates/config/config.yaml.j2" - dest: "{{ matrix_maubot_base_path }}/config.yaml" + dest: "{{ matrix_bot_maubot_base_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" - mode: 0640 + mode: "u=rwx" - name: Ensure maubot image is pulled docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" - force_source: "{{ matrix_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" - force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_maubot_docker_image_force_pull }}" - when: "not matrix_maubot_container_image_self_build|bool" + force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_maubot_docker_image_force_pull }}" + when: "not matrix_bot_maubot_container_image_self_build|bool" register: result retries: "{{ matrix_container_retries_count }}" delay: "{{ matrix_container_retries_delay }}" @@ -35,37 +35,37 @@ - name: Ensure maubot repository is present on self-build git: - repo: "{{ matrix_maubot_docker_repo }}" - dest: "{{ matrix_maubot_docker_src_files_path }}" + repo: "{{ matrix_bot_maubot_docker_repo }}" + dest: "{{ matrix_bot_maubot_docker_src_files_path }}" force: "yes" become: true become_user: "{{ matrix_user_username }}" - register: matrix_maubot_git_pull_results - when: "matrix_maubot_container_image_self_build|bool" + register: matrix_bot_maubot_git_pull_results + when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" source: build - force_source: "{{ matrix_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" build: dockerfile: Dockerfile - path: "{{ matrix_maubot_docker_src_files_path }}" + path: "{{ matrix_bot_maubot_docker_src_files_path }}" pull: true - when: "matrix_maubot_container_image_self_build|bool" + when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure matrix-maubot.service installed template: src: "{{ role_path }}/templates/systemd/matrix-maubot.service.j2" dest: "{{ matrix_systemd_path }}/matrix-maubot.service" mode: 0644 - register: matrix_maubot_systemd_service_result + register: matrix_bot_maubot_systemd_service_result - name: Ensure systemd reloaded after matrix-maubot.service installation service: daemon_reload: true - when: "matrix_maubot_systemd_service_result.changed|bool" + when: "matrix_bot_maubot_systemd_service_result.changed|bool" - name: Ensure matrix-maubot.service restarted, if necessary service: diff --git a/roles/matrix-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml similarity index 68% rename from roles/matrix-maubot/tasks/setup_uninstall.yml rename to roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 1765eb03..c9dea82a 100644 --- a/roles/matrix-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -3,7 +3,7 @@ - name: Check existence of matrix-maubot service stat: path: "{{ matrix_systemd_path }}/matrix-maubot.service" - register: matrix_maubot_service_stat + register: matrix_bot_maubot_service_stat - name: Ensure matrix-maubot is stopped service: @@ -12,25 +12,25 @@ enabled: false daemon_reload: true register: stopping_result - when: "matrix_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure matrix-maubot.service doesn't exist file: path: "{{ matrix_systemd_path }}/matrix-maubot.service" state: absent - when: "matrix_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure systemd reloaded after matrix-maubot.service removal service: daemon_reload: true - when: "matrix_maubot_service_stat.stat.exists|bool" + when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure Matrix maubot paths don't exist file: - path: "{{ matrix_maubot_base_path }}" + path: "{{ matrix_bot_maubot_base_path }}" state: absent - name: Ensure maubot Docker image doesn't exist docker_image: - name: "{{ matrix_maubot_docker_image }}" + name: "{{ matrix_bot_maubot_docker_image }}" state: absent diff --git a/roles/matrix-maubot/tasks/validate_config.yml b/roles/matrix-bot-maubot/tasks/validate_config.yml similarity index 66% rename from roles/matrix-maubot/tasks/validate_config.yml rename to roles/matrix-bot-maubot/tasks/validate_config.yml index e23dc10c..6c9871e1 100644 --- a/roles/matrix-maubot/tasks/validate_config.yml +++ b/roles/matrix-bot-maubot/tasks/validate_config.yml @@ -6,6 +6,5 @@ You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" with_items: - - matrix_maubot_secret - - matrix_maubot_admin_user - - matrix_maubot_admin_password + - matrix_bot_maubot_secret + - matrix_bot_maubot_admins diff --git a/roles/matrix-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 similarity index 91% rename from roles/matrix-maubot/templates/config/config.yaml.j2 rename to roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 9f72cfc0..5e44ff5f 100644 --- a/roles/matrix-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -50,7 +50,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_maubot_bot_server }} + public_url: {{ matrix_bot_maubot_bot_server }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. @@ -64,7 +64,7 @@ server: appservice_base_path: /_matrix/app/v1 # The shared secret to sign API access tokens. # Set to "generate" to generate and save a new token at startup. - unshared_secret: {{ matrix_maubot_secret }} + unshared_secret: {{ matrix_bot_maubot_secret }} # Known homeservers. This is required for the `mbc auth` command and also allows # more convenient access from the management UI. This is not required to create @@ -73,14 +73,16 @@ server: homeservers: {{ matrix_domain }}: # Client-server API URL - url: {{ matrix_maubot_bot_server }} + url: {{ matrix_bot_maubot_bot_server }} # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. secret: {{ matrix_registration_shared_secret }} -admins: - root: '' - {{ matrix_maubot_admin_user }}: {{ matrix_maubot_admin_password }} + +# List of administrator users. Plaintext passwords will be bcrypted on startup. Set empty password +# to prevent normal login. Root is a special user that can't have a password and will always exist. +admins: {{ matrix_bot_maubot_admins | combine( {"root": ""} ) }} + api_features: login: true plugin: true diff --git a/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 similarity index 68% rename from roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 rename to roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index d09b8b72..3a3c3a0c 100644 --- a/roles/matrix-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -1,11 +1,11 @@ #jinja2: lstrip_blocks: "True" [Unit] Description=Maubot -{% for service in matrix_maubot_systemd_required_services_list %} +{% for service in matrix_bot_maubot_systemd_required_services_list %} Requires={{ service }} After={{ service }} {% endfor %} -{% for service in matrix_maubot_systemd_wanted_services_list %} +{% for service in matrix_bot_maubot_systemd_wanted_services_list %} Wants={{ service }} {% endfor %} DefaultDependencies=no @@ -18,13 +18,15 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ --log-driver=none \ - --cap-drop=ALL \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --read-only \ - --mount type=bind,src={{ matrix_maubot_base_path }},dst=/data \ + -e UID={{ matrix_user_uid }} \ + -e GID={{ matrix_user_gid }} \ + -v {{ matrix_bot_maubot_data_path }}:{{ matrix_bot_maubot_container_data_dir }}:z \ + {% for arg in matrix_bot_maubot_container_extra_arguments %} + {{ arg }} \ + {% endfor %} --network={{ matrix_docker_network }} \ -p 29316:29316 \ - {{ matrix_maubot_docker_image }} + {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' diff --git a/roles/matrix-maubot/defaults/main.yml b/roles/matrix-maubot/defaults/main.yml deleted file mode 100644 index 63603c50..00000000 --- a/roles/matrix-maubot/defaults/main.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- - -matrix_maubot_enabled: true -matrix_maubot_container_image_self_build: false -matrix_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" -matrix_maubot_docker_src_files_path: "{{ matrix_maubot_base_path }}/docker-src" - -matrix_maubot_version: latest -matrix_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_maubot_version }}" -matrix_maubot_docker_image_force_pull: "{{ matrix_maubot_docker_image.endswith(':latest') }}" - -matrix_maubot_base_path: "{{ matrix_base_data_path }}/maubot" -matrix_maubot_data_path: "{{ matrix_maubot_base_path }}/data" - -matrix_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" - - - -matrix_maubot_logging_level: info -matrix_maubot_secret: '' -matrix_maubot_admin_user: '' -matrix_maubot_admin_password: '' -matrix_mau_environment_variables_extension: '' - -# A list of extra arguments to pass to the container -matrix_maubot_container_extra_arguments: [] - -# List of systemd services that matrix-bot-matrix-registration-bot.service depends on -matrix_maubot_systemd_required_services_list: ['docker.service'] - -# List of systemd services that matrix-bot-matrix-registration-bot.service wants -matrix_maubot_systemd_wanted_services_list: [] diff --git a/setup.yml b/setup.yml index 433051c8..79c37741 100755 --- a/setup.yml +++ b/setup.yml @@ -66,4 +66,4 @@ - matrix-postgres-backup - matrix-backup-borg - matrix-common-after - - matrix-maubot + - matrix-bot-maubot From 4d40b61a51662d331f8ad0eaa5b798ccdbb4e501 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 11:50:52 +0200 Subject: [PATCH 04/78] Fix config error, add nginx --- roles/matrix-bot-maubot/defaults/main.yml | 2 + .../matrix-bot-maubot/tasks/setup_install.yml | 42 ++++++++++++++++++- .../systemd/matrix-maubot.service.j2 | 2 +- .../nginx/conf.d/matrix-domain.conf.j2 | 11 ----- setup.yml | 2 +- 5 files changed, 44 insertions(+), 15 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 5e7c58a2..7e86de6f 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -11,7 +11,9 @@ matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.en matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" +matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" matrix_bot_maubot_container_data_dir: "/data" +matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 36871079..7c651ea2 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -9,18 +9,56 @@ group: "{{ matrix_user_groupname }}" with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - - - {path: "{{ matrix_bot_maubot_data_path }}", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: true} when: "item.when|bool" - name: Ensure maubot configuration file created template: src: "{{ role_path }}/templates/config/config.yaml.j2" - dest: "{{ matrix_bot_maubot_base_path }}/config.yaml" + dest: "{{ matrix_bot_maubot_data_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" mode: "u=rwx" +- name: Generate Maubot proxying configuration for matrix-nginx-proxy + set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-maubot:{{ matrix_bot_maubot_port }}/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + +- name: Register Maubot's proxying configuration with matrix-nginx-proxy + set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + +- name: Warn about reverse-proxying if matrix-nginx-proxy not used + debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_nginx_proxy_enabled is not defined" + + - name: Ensure maubot image is pulled docker_image: name: "{{ matrix_bot_maubot_docker_image }}" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index 3a3c3a0c..8a7a09ed 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -25,7 +25,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - -p 29316:29316 \ + -p {{ matrix_bot_maubot_port }}:29316 \ {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 878a297d..2895ba14 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -45,17 +45,6 @@ {{ render_nginx_status_location_block(matrix_nginx_proxy_proxy_matrix_nginx_status_allowed_addresses) }} {% endif %} - {% if matrix_nginx_proxy_node_exporter_reverse_enabled %} - location /node-exporter/ { - resolver 127.0.0.11 valid=5s; - proxy_pass http://matrix-prometheus-node-exporter:9100/; - } - {% endif %} - {% if matrix_nginx_proxy_postgres_exporter_reverse_enabled %} - location /postgres-exporter/ { - resolver 127.0.0.11 valid=5s; - proxy_pass http://matrix-prometheus-postgres-exporter:9187/; - } {% if matrix_nginx_proxy_proxy_matrix_metrics_enabled %} location /metrics { {% if matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_enabled %} diff --git a/setup.yml b/setup.yml index 79c37741..38c32574 100755 --- a/setup.yml +++ b/setup.yml @@ -39,6 +39,7 @@ - matrix-bridge-hookshot - matrix-bot-matrix-reminder-bot - matrix-bot-matrix-registration-bot + - matrix-bot-maubot - matrix-bot-buscarron - matrix-bot-honoroit - matrix-bot-go-neb @@ -66,4 +67,3 @@ - matrix-postgres-backup - matrix-backup-borg - matrix-common-after - - matrix-bot-maubot From d7eb2d097f17c27e22389b78a11637ff262ec6ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 11:58:10 +0200 Subject: [PATCH 05/78] Fix yamllint (emptylines) --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 7e86de6f..7867ec6c 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -18,7 +18,6 @@ matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" - matrix_bot_maubot_logging_level: info matrix_bot_maubot_secret: '' matrix_bot_maubot_admin_user: '' From 8806598f51a325787c5f3ce764a6213a38902efa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 12:29:06 +0200 Subject: [PATCH 06/78] Add option to proxy management UI (now defaults to false) --- roles/matrix-bot-maubot/defaults/main.yml | 1 + roles/matrix-bot-maubot/tasks/setup_install.yml | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 7867ec6c..33556abe 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -16,6 +16,7 @@ matrix_bot_maubot_container_data_dir: "/data" matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" +matrix_bot_maubot_proxy_management_interface: False matrix_bot_maubot_logging_level: info diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 7c651ea2..22854ffb 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -39,6 +39,7 @@ proxy_set_header Connection "upgrade"; {% endif %} } + when: matrix_bot_maubot_proxy_management_interface|bool - name: Register Maubot's proxying configuration with matrix-nginx-proxy set_fact: @@ -48,6 +49,7 @@ + [matrix_bot_maubot_matrix_nginx_proxy_configuration] }} + when: matrix_bot_maubot_proxy_management_interface|bool - name: Warn about reverse-proxying if matrix-nginx-proxy not used debug: @@ -56,7 +58,7 @@ reverse proxy. Please make sure that you're proxying the `/_matrix/maubot` URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_nginx_proxy_enabled is not defined" + when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" - name: Ensure maubot image is pulled From 0ea146930be1923c11daecc9af9461f1462766a9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 12:39:51 +0200 Subject: [PATCH 07/78] Make exposing management UI configurable --- roles/matrix-bot-maubot/defaults/main.yml | 1 + .../templates/systemd/matrix-maubot.service.j2 | 2 ++ 2 files changed, 3 insertions(+) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 33556abe..0d141a2c 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,6 +17,7 @@ matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: False +matrix_bot_maubot_expose_management_interface: True matrix_bot_maubot_logging_level: info diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index 8a7a09ed..e94696f7 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -25,7 +25,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ + {% if matrix_bot_maubot_expose_management_interface|bool %} -p {{ matrix_bot_maubot_port }}:29316 \ + {% endif %} {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' From 2f1d78fa48de548fe8ce9452c91dfa8662733422 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 12:45:19 +0200 Subject: [PATCH 08/78] Make true and false lowercase --- roles/matrix-bot-maubot/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 0d141a2c..438c8f46 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -16,8 +16,8 @@ matrix_bot_maubot_container_data_dir: "/data" matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" -matrix_bot_maubot_proxy_management_interface: False -matrix_bot_maubot_expose_management_interface: True +matrix_bot_maubot_proxy_management_interface: false +matrix_bot_maubot_expose_management_interface: true matrix_bot_maubot_logging_level: info From 2309a61cb0d4a3a8d51ba53404a0b4b1b163ed73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 13:15:34 +0200 Subject: [PATCH 09/78] Fix minor naming issue --- roles/matrix-bot-maubot/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 438c8f46..bcac2e9e 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -29,8 +29,8 @@ matrix_mau_environment_variables_extension: '' # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] -# List of systemd services that matrix-bot-matrix-registration-bot.service depends on +# List of systemd services that matrix-bot-maubot.service depends on matrix_bot_maubot_systemd_required_services_list: ['docker.service'] -# List of systemd services that matrix-bot-matrix-registration-bot.service wants +# List of systemd services that matrix-bot-maubot.service wants matrix_bot_maubot_systemd_wanted_services_list: [] From d5c82a52219c25311a40f45f89892d81152203da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:36:53 +0200 Subject: [PATCH 10/78] Remove logging to /var/log and make readonly --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 8 +------- .../templates/systemd/matrix-maubot.service.j2 | 3 ++- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 5e44ff5f..86f0076d 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -108,12 +108,6 @@ logging: normal: format: '[%(asctime)s] [%(levelname)s@%(name)s] %(message)s' handlers: - file: - class: logging.handlers.RotatingFileHandler - formatter: normal - filename: /var/log/maubot.log - maxBytes: 10485760 - backupCount: 10 console: class: logging.StreamHandler formatter: colored @@ -126,4 +120,4 @@ logging: level: INFO root: level: DEBUG - handlers: [file, console] + handlers: [console] diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 index e94696f7..a4e6d750 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 @@ -20,9 +20,10 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ --log-driver=none \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ + --read-only \ -v {{ matrix_bot_maubot_data_path }}:{{ matrix_bot_maubot_container_data_dir }}:z \ {% for arg in matrix_bot_maubot_container_extra_arguments %} - {{ arg }} \ + {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %} From 6ed105b83071dd6edae569f19d2c551f3eb418a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:54:57 +0200 Subject: [PATCH 11/78] Rename service from matrix-maubot to matrix-bot-maubot --- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_install.yml | 12 ++++++------ ...aubot.service.j2 => matrix-bot-maubot.service.j2} | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) rename roles/matrix-bot-maubot/templates/systemd/{matrix-maubot.service.j2 => matrix-bot-maubot.service.j2} (97%) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 286c5f46..6f55c747 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -1,5 +1,5 @@ --- - set_fact: - matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-maubot.service'] }}" + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 22854ffb..dd48a0f0 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -95,19 +95,19 @@ pull: true when: "matrix_bot_maubot_container_image_self_build|bool" -- name: Ensure matrix-maubot.service installed +- name: Ensure matrix-bot-maubot.service installed template: - src: "{{ role_path }}/templates/systemd/matrix-maubot.service.j2" - dest: "{{ matrix_systemd_path }}/matrix-maubot.service" + src: "{{ role_path }}/templates/systemd/matrix-bot-maubot.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" mode: 0644 register: matrix_bot_maubot_systemd_service_result -- name: Ensure systemd reloaded after matrix-maubot.service installation +- name: Ensure systemd reloaded after matrix-bot-maubot.service installation service: daemon_reload: true when: "matrix_bot_maubot_systemd_service_result.changed|bool" -- name: Ensure matrix-maubot.service restarted, if necessary +- name: Ensure matrix-bot-maubot.service restarted, if necessary service: - name: "matrix-maubot.service" + name: "matrix-bot-maubot.service" state: restarted diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 similarity index 97% rename from roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 rename to roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index a4e6d750..1cfe4c34 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -35,7 +35,7 @@ ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' Restart=always RestartSec=30 -SyslogIdentifier=matrix-maubot +SyslogIdentifier=matrix-bot-maubot [Install] WantedBy=multi-user.target From ba0caf395a01fcf21124ce46dd4cade3c05ebf23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:58:50 +0200 Subject: [PATCH 12/78] Create dckr-src file path only when neccessary Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-maubot/tasks/setup_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index dd48a0f0..3b2ce5b7 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -10,7 +10,7 @@ with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: true} + - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_self_build }}"} when: "item.when|bool" - name: Ensure maubot configuration file created From 6d1650c83466bdc41ec325ef6efed79bf0c5d8cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 17:59:45 +0200 Subject: [PATCH 13/78] Remove config dir Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index bcac2e9e..54d50b84 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -13,7 +13,6 @@ matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" matrix_bot_maubot_container_data_dir: "/data" -matrix_bot_maubot_container_config_dir: "/root/.config/" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false From 2f167f21227054b6a94990b724c8a2afec537e58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:01:51 +0200 Subject: [PATCH 14/78] Rename docker container to matrix-bot-maubot --- .../templates/systemd/matrix-bot-maubot.service.j2 | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 1cfe4c34..c7415399 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -13,10 +13,10 @@ DefaultDependencies=no [Service] Type=simple Environment="HOME={{ matrix_systemd_unit_home_path }}" -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' -ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' -ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ @@ -31,8 +31,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-maubot \ {% endif %} {{ matrix_bot_maubot_docker_image }} -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-maubot 2>/dev/null || true' -ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' Restart=always RestartSec=30 SyslogIdentifier=matrix-bot-maubot From 8e9d1657876cda603a0f3d96b75f252c1be37856 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:06:06 +0200 Subject: [PATCH 15/78] Another rename to matrix-bot-maubot No functionality changed --- group_vars/matrix_servers | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index ef4f4b07..79df3cf1 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1060,7 +1060,7 @@ matrix_bot_matrix_registration_bot_systemd_required_services_list: | ###################################################################### # -# matrix-maubot +# matrix-bot-maubot # ###################################################################### @@ -1081,7 +1081,7 @@ matrix_bot_maubot_systemd_required_services_list: | ###################################################################### # -# /matrix-maubot +# /matrix-bot-maubot # ###################################################################### From a289116140920ae8ac19d6ccb734003ca42ac2a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:07:09 +0200 Subject: [PATCH 16/78] Use tagged release Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 54d50b84..b38f71c7 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -5,7 +5,7 @@ matrix_bot_maubot_container_image_self_build: false matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src" -matrix_bot_maubot_version: latest +matrix_bot_maubot_version: v0.3.1 matrix_bot_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_bot_maubot_version }}" matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.endswith(':latest') }}" From 90447a283924d20c3268d8b9ed627964cf004e98 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:19:23 +0200 Subject: [PATCH 17/78] Use correct registration secret --- group_vars/matrix_servers | 8 ++++++++ roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 79df3cf1..1705bdeb 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1078,6 +1078,14 @@ matrix_bot_maubot_systemd_required_services_list: | (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} +matrix_bot_maubot_registration_shared_secret: |- + {{ + { + 'synapse': matrix_synapse_registration_shared_secret, + 'dendrite': matrix_dendrite_registration_shared_secret, + }[matrix_homeserver_implementation] + }} + ###################################################################### # diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 86f0076d..2797c03f 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -77,7 +77,7 @@ homeservers: # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. - secret: {{ matrix_registration_shared_secret }} + secret: {{ matrix_bot_maubot_registration_shared_secret|to_json }} # List of administrator users. Plaintext passwords will be bcrypted on startup. Set empty password # to prevent normal login. Root is a special user that can't have a password and will always exist. From 7baf477c160b31abe7c8ae8993d68108d4e6ad99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Fri, 24 Jun 2022 18:21:13 +0200 Subject: [PATCH 18/78] Remove unnecessary variable The /data is hardcoded in the container --- roles/matrix-bot-maubot/defaults/main.yml | 1 - .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index b38f71c7..6e4219f5 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -12,7 +12,6 @@ matrix_bot_maubot_docker_image_force_pull: "{{ matrix_bot_maubot_docker_image.en matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" -matrix_bot_maubot_container_data_dir: "/data" matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index c7415399..89c91d5f 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -21,7 +21,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ --read-only \ - -v {{ matrix_bot_maubot_data_path }}:{{ matrix_bot_maubot_container_data_dir }}:z \ + -v {{ matrix_bot_maubot_data_path }}:/data:z \ {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ {% endfor %} From 64fbc5ff87c45ab3c87b75d21962f123853dc808 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 08:50:22 +0200 Subject: [PATCH 19/78] Replace spaces with tabs --- .../templates/systemd/matrix-bot-maubot.service.j2 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 89c91d5f..df66d321 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -17,19 +17,19 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ - --log-driver=none \ + --log-driver=none \ -e UID={{ matrix_user_uid }} \ -e GID={{ matrix_user_gid }} \ --read-only \ -v {{ matrix_bot_maubot_data_path }}:/data:z \ - {% for arg in matrix_bot_maubot_container_extra_arguments %} - {{ arg }} \ - {% endfor %} - --network={{ matrix_docker_network }} \ + {% for arg in matrix_bot_maubot_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %} -p {{ matrix_bot_maubot_port }}:29316 \ {% endif %} - {{ matrix_bot_maubot_docker_image }} + {{ matrix_bot_maubot_docker_image }} ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From a295ec3e3d9b1f75d213d3c9942daec52d57c7be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 09:44:24 +0200 Subject: [PATCH 20/78] Change to matrix_bot_maubot_bot_server_public This shall indicate that the public url of maubot is here configured the same as matrix_server_fqn_matrix but this must not be the case. In the config I used the matrix fqnd directly as this part of the config is directly bound to the homeserver we want to connect to (but can not use the internal) --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 6e4219f5..dd777a7b 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -13,7 +13,7 @@ matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" -matrix_bot_maubot_bot_server: "https://{{ matrix_server_fqn_matrix }}" +matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 2797c03f..29860340 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -50,7 +50,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_bot_maubot_bot_server }} + public_url: {{ matrix_bot_maubot_bot_server_public }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. @@ -73,7 +73,7 @@ server: homeservers: {{ matrix_domain }}: # Client-server API URL - url: {{ matrix_bot_maubot_bot_server }} + url: {{ matrix_server_fqn_matrix }} # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. From 2e5ad5cbe97d550b76c77f1597d6322b517d1d2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 09:46:19 +0200 Subject: [PATCH 21/78] Remove unused variable --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index dd777a7b..9d273053 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -18,7 +18,6 @@ matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true -matrix_bot_maubot_logging_level: info matrix_bot_maubot_secret: '' matrix_bot_maubot_admin_user: '' matrix_bot_maubot_admin_password: '' From 9ed70188dd8cb08d25bee55edfc2e887d8ab0f6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 25 Jun 2022 09:47:32 +0200 Subject: [PATCH 22/78] Use safer |to_json --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 29860340..1a45b91a 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -64,7 +64,7 @@ server: appservice_base_path: /_matrix/app/v1 # The shared secret to sign API access tokens. # Set to "generate" to generate and save a new token at startup. - unshared_secret: {{ matrix_bot_maubot_secret }} + unshared_secret: {{ matrix_bot_maubot_secret|to_json }} # Known homeservers. This is required for the `mbc auth` command and also allows # more convenient access from the management UI. This is not required to create From 6cc92854df7d81068fb13057e8751b6f488deebe Mon Sep 17 00:00:00 2001 From: Stuart Mumford Date: Wed, 29 Jun 2022 12:37:29 +0000 Subject: [PATCH 23/78] enable setting database URL --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 1a45b91a..eb9e7abf 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -3,10 +3,12 @@ # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgresql://username:password@hostname/dbname -database: sqlite:////data/maubot.db +database: {{ matrix_bot_maubot_storage_database|to_json }} # Separate database URL for the crypto database. "default" means use the same database as above. -crypto_database: default +crypto_database: + type: default + postgres_uri: {{ matrix_bot_maubot_storage_database|to_json }} # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool From 320978cdf50baed5a0c4c9e82ba08cafeff91179 Mon Sep 17 00:00:00 2001 From: Stuart Mumford Date: Wed, 29 Jun 2022 13:17:03 +0000 Subject: [PATCH 24/78] Enable setting database URI and other things --- roles/matrix-bot-maubot/defaults/main.yml | 8 +++----- roles/matrix-bot-maubot/tasks/setup_install.yml | 16 ++++++++-------- .../templates/config/config.yaml.j2 | 4 ++-- 3 files changed, 13 insertions(+), 15 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 9d273053..210fb193 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,11 +17,9 @@ matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true - -matrix_bot_maubot_secret: '' -matrix_bot_maubot_admin_user: '' -matrix_bot_maubot_admin_password: '' -matrix_mau_environment_variables_extension: '' +matrix_bot_database_uri: 'sqlite:///data/maubot.db' +matrix_bot_maubot_port: 29316 +matrix_bot_maubot_secret: 'generate' # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 3b2ce5b7..6d9aec87 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -26,15 +26,15 @@ matrix_bot_maubot_matrix_nginx_proxy_configuration: | location ~ ^/(_matrix/maubot/.*) { {% if matrix_nginx_proxy_enabled|default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "matrix-maubot:{{ matrix_bot_maubot_port }}/$1"; - proxy_pass http://$backend; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-bot-maubot:29316/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index eb9e7abf..aa9a2045 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -3,12 +3,12 @@ # Format examples: # SQLite: sqlite:///filename.db # Postgres: postgresql://username:password@hostname/dbname -database: {{ matrix_bot_maubot_storage_database|to_json }} +database: {{ matrix_bot_maubot_database_uri|to_json }} # Separate database URL for the crypto database. "default" means use the same database as above. crypto_database: type: default - postgres_uri: {{ matrix_bot_maubot_storage_database|to_json }} + postgres_uri: {{ matrix_bot_maubot_database_uri|to_json }} # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool From 59806ec3ea6287e2bbe896e8aa161f7f77d9c5d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:25:35 +0200 Subject: [PATCH 25/78] Fix typo in variable name --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 210fb193..d15a451f 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,7 +17,7 @@ matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true -matrix_bot_database_uri: 'sqlite:///data/maubot.db' +matrix_bot_maubot_database_uri: 'sqlite:////data/maubot.db' matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' From 07cfd3ba090f301bf9cff48870424507af76ea4f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:39:23 +0200 Subject: [PATCH 26/78] Use custom invocation instead of provided script --- roles/matrix-bot-maubot/tasks/setup_install.yml | 3 +++ .../templates/systemd/matrix-bot-maubot.service.j2 | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 6d9aec87..de47ecd4 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -10,6 +10,9 @@ with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true } + - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true } + - {path: "{{ matrix_bot_maubot_data_path }}/trash", when: true } - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_self_build }}"} when: "item.when|bool" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index df66d321..cde18e4d 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -29,7 +29,8 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% if matrix_bot_maubot_expose_management_interface|bool %} -p {{ matrix_bot_maubot_port }}:29316 \ {% endif %} - {{ matrix_bot_maubot_docker_image }} + {{ matrix_bot_maubot_docker_image }} \ + python3 -m maubot -c /data/config.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From 4ab516fca8cc3747df2f82e5be6e702f7fe95ed7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:42:18 +0200 Subject: [PATCH 27/78] Fix linter --- roles/matrix-bot-maubot/tasks/setup_install.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index de47ecd4..56d8c6a8 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -10,9 +10,9 @@ with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true } - - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true } - - {path: "{{ matrix_bot_maubot_data_path }}/trash", when: true } + - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true} + - {path: "{{ matrix_bot_maubot_data_path }}/trash", when: true} - {path: "{{ matrix_bot_maubot_docker_src_files_path }}", when: "{{ matrix_bot_maubot_container_image_self_build }}"} when: "item.when|bool" From 9ee5785704aa8a12a83b4e2cfcd650785b6e4aa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:44:11 +0200 Subject: [PATCH 28/78] Add postgres to service dependencies --- group_vars/matrix_servers | 2 ++ 1 file changed, 2 insertions(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 1705bdeb..4cc380df 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1075,6 +1075,8 @@ matrix_bot_maubot_systemd_required_services_list: | + ['matrix-' + matrix_homeserver_implementation + '.service'] + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else []) }} From 135096e53a155a9eb9f68b9c43d7306ec94acb3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 11:55:49 +0200 Subject: [PATCH 29/78] Add defaults --- group_vars/matrix_servers | 9 +++++++++ roles/matrix-bot-maubot/defaults/main.yml | 11 ++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 4cc380df..be09c7ba 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1088,6 +1088,9 @@ matrix_bot_maubot_registration_shared_secret: |- }[matrix_homeserver_implementation] }} +# Postgres is the default, except if not using `matrix_postgres` (internal postgres) +matrix_bot_maubot_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_bot_maubot_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxpup.dsc.db') | to_uuid }}" ###################################################################### # @@ -1805,6 +1808,12 @@ matrix_postgres_additional_databases: | 'password': matrix_bot_honoroit_database_password, }] if (matrix_bot_honoroit_enabled and matrix_bot_honoroit_database_engine == 'postgres' and matrix_bot_honoroit_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_bot_maubot_database_name, + 'username': matrix_bot_maubot_database_username, + 'password': matrix_bot_maubot_database_password, + }] if (matrix_bot_maubot_enabled and matrix_bot_maubot_database_engine == 'postgres' and matrix_bot_maubot_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_bot_buscarron_database_name, 'username': matrix_bot_buscarron_database_username, diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index d15a451f..294cd868 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -17,7 +17,16 @@ matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true -matrix_bot_maubot_database_uri: 'sqlite:////data/maubot.db' +matrix_bot_maubot_database_engine: sqlite +matrix_bot_maubot_sqlite_database_path_local: "{{ matrix_bot_maubot_data_path }}/maubot.db" +matrix_bot_maubot_sqlite_database_path_in_container: "/data/maubot.db" + +matrix_bot_maubot_database_username: matrix_bot_maubot +matrix_bot_maubot_database_password: ~ +matrix_bot_maubot_database_hostname: 'matrix-postgres' +matrix_bot_maubot_database_port: 5432 +matrix_bot_maubot_database_name: matrix_bot_maubot + matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' From a842e9cd1d71be6ef4b23ec5a2b9c52405baaecd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 13:00:17 +0200 Subject: [PATCH 30/78] Fix uninstall (did not remove service) --- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index c9dea82a..0346b7e7 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -5,22 +5,22 @@ path: "{{ matrix_systemd_path }}/matrix-maubot.service" register: matrix_bot_maubot_service_stat -- name: Ensure matrix-maubot is stopped +- name: Ensure matrix-bot-maubot is stopped service: - name: matrix-maubot + name: matrix-bot-maubot state: stopped enabled: false daemon_reload: true register: stopping_result when: "matrix_bot_maubot_service_stat.stat.exists|bool" -- name: Ensure matrix-maubot.service doesn't exist +- name: Ensure matrix-bot-maubot.service doesn't exist file: - path: "{{ matrix_systemd_path }}/matrix-maubot.service" + path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" state: absent when: "matrix_bot_maubot_service_stat.stat.exists|bool" -- name: Ensure systemd reloaded after matrix-maubot.service removal +- name: Ensure systemd reloaded after matrix-bot-maubot.service removal service: daemon_reload: true when: "matrix_bot_maubot_service_stat.stat.exists|bool" From bcd7ec714b4817bf1a3bde5eac48f9f2418b51c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 13:00:28 +0200 Subject: [PATCH 31/78] Add postgres configuration --- roles/matrix-bot-maubot/defaults/main.yml | 1 + .../templates/config/config.yaml.j2 | 24 +++---------------- 2 files changed, 4 insertions(+), 21 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 294cd868..21a7a2ec 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -26,6 +26,7 @@ matrix_bot_maubot_database_password: ~ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot +matrix_bot_maubot_database_uri: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index aa9a2045..157d76c3 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -6,9 +6,8 @@ database: {{ matrix_bot_maubot_database_uri|to_json }} # Separate database URL for the crypto database. "default" means use the same database as above. -crypto_database: - type: default - postgres_uri: {{ matrix_bot_maubot_database_uri|to_json }} +crypto_database: + type: default # Additional arguments for asyncpg.create_pool() or sqlite3.connect() # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool @@ -28,24 +27,7 @@ plugin_directories: # Configuration for storing plugin databases plugin_databases: - # The directory where SQLite plugin databases should be stored. - sqlite: /data/dbs - # The connection URL for plugin databases. If null, all plugins will get SQLite databases. - # If set, plugins using the new asyncpg interface will get a Postgres connection instead. - # Plugins using the legacy SQLAlchemy interface will always get a SQLite connection. - # - # To use the same connection pool as the default database, set to "default" - # (the default database above must be postgres to do this). - # - # When enabled, maubot will create separate Postgres schemas in the database for each plugin. - # To view schemas in psql, use `\dn`. To view enter and interact with a specific schema, - # use `SET search_path = name` (where `name` is the name found with `\dn`) and then use normal - # SQL queries/psql commands. - postgres: - # Maximum number of connections per plugin instance. - postgres_max_conns_per_plugin: 3 - # Overrides for the default database_opts when using a non-"default" postgres connection string. - postgres_opts: {} + type: default server: # The IP and port to listen to. From 05c1333ebb8ff1c7863ff00edb9348c42e15c024 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sat, 9 Jul 2022 13:44:41 +0200 Subject: [PATCH 32/78] Restrict permissions of container --- .../templates/systemd/matrix-bot-maubot.service.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index cde18e4d..b01139d2 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -18,9 +18,9 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ - -e UID={{ matrix_user_uid }} \ - -e GID={{ matrix_user_gid }} \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ + --cap-drop=ALL \ -v {{ matrix_bot_maubot_data_path }}:/data:z \ {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ From f64c1329271d52cbb1b9d7a2ea60c82b19a56460 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 09:51:27 +0200 Subject: [PATCH 33/78] Make database switchable --- roles/matrix-bot-maubot/defaults/main.yml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 21a7a2ec..50e10bfd 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -26,7 +26,15 @@ matrix_bot_maubot_database_password: ~ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot -matrix_bot_maubot_database_uri: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' + +matrix_bot_maubot_database_connection_string: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' + +matrix_bot_maubot_database_uri: "{{ + { + 'sqlite': ('sqlite:///' + matrix_bot_maubot_sqlite_database_path_in_container), + 'postgres': matrix_bot_maubot_database_connection_string, + }[matrix_bot_maubot_database_engine] + }}" matrix_bot_maubot_port: 29316 matrix_bot_maubot_secret: 'generate' From 27b1835ed47af91b253ab3d399b030a833641cf2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 10:06:17 +0200 Subject: [PATCH 34/78] Fix uninstall (for real this time) --- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 0346b7e7..f1d2fca2 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -2,7 +2,7 @@ - name: Check existence of matrix-maubot service stat: - path: "{{ matrix_systemd_path }}/matrix-maubot.service" + path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" register: matrix_bot_maubot_service_stat - name: Ensure matrix-bot-maubot is stopped From 2e15bd85ea3e61090598ad6ae9c1d8a4b6eaac20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 10:09:55 +0200 Subject: [PATCH 35/78] Rename with addition "unshared" --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- roles/matrix-bot-maubot/tasks/validate_config.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 50e10bfd..a003e65d 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -37,7 +37,7 @@ matrix_bot_maubot_database_uri: "{{ }}" matrix_bot_maubot_port: 29316 -matrix_bot_maubot_secret: 'generate' +matrix_bot_maubot_unshared_secret: 'generate' # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] diff --git a/roles/matrix-bot-maubot/tasks/validate_config.yml b/roles/matrix-bot-maubot/tasks/validate_config.yml index 6c9871e1..18070160 100644 --- a/roles/matrix-bot-maubot/tasks/validate_config.yml +++ b/roles/matrix-bot-maubot/tasks/validate_config.yml @@ -6,5 +6,5 @@ You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" with_items: - - matrix_bot_maubot_secret + - matrix_bot_maubot_unshared_secret - matrix_bot_maubot_admins diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 157d76c3..3c844be3 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -48,7 +48,7 @@ server: appservice_base_path: /_matrix/app/v1 # The shared secret to sign API access tokens. # Set to "generate" to generate and save a new token at startup. - unshared_secret: {{ matrix_bot_maubot_secret|to_json }} + unshared_secret: {{ matrix_bot_maubot_unshared_secret|to_json }} # Known homeservers. This is required for the `mbc auth` command and also allows # more convenient access from the management UI. This is not required to create From 07fdb09f69e51f46c0d1dff080f108dcc3f5bc17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 10:10:30 +0200 Subject: [PATCH 36/78] Rename with addition "url" --- roles/matrix-bot-maubot/defaults/main.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index a003e65d..93732021 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -13,7 +13,7 @@ matrix_bot_maubot_base_path: "{{ matrix_base_data_path }}/maubot" matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" -matrix_bot_maubot_bot_server_public: "https://{{ matrix_server_fqn_matrix }}" +matrix_bot_maubot_bot_server_public_url: "https://{{ matrix_server_fqn_matrix }}" matrix_bot_maubot_proxy_management_interface: false matrix_bot_maubot_expose_management_interface: true diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 3c844be3..559dc02c 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -34,7 +34,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_bot_maubot_bot_server_public }} + public_url: {{ matrix_bot_maubot_bot_server_public_url }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. From e62632bf5dc1544994cf7c5ac6bfdeb1f51b952e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 11:04:49 +0200 Subject: [PATCH 37/78] Change from spaces to tabs --- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index b01139d2..4ba1ac5d 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -18,7 +18,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --log-driver=none \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ --cap-drop=ALL \ -v {{ matrix_bot_maubot_data_path }}:/data:z \ From ffa20357ea7dd1e703f6caca70a747de1f4999c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 13:33:29 +0200 Subject: [PATCH 38/78] Use http_bin_port and make networking clearer --- roles/matrix-bot-maubot/defaults/main.yml | 14 ++++++++++++++ roles/matrix-bot-maubot/tasks/setup_install.yml | 2 +- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 93732021..d5be023f 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -36,6 +36,20 @@ matrix_bot_maubot_database_uri: "{{ }[matrix_bot_maubot_database_engine] }}" + +# Defines the port number where the management interface is +# To actually expose the management interface outside of the container, use `matrix_bot_maubot_management_interface_http_bind_port` +matrix_bot_maubot_management_interface_port: 29316 + +# Controls whether the maubot container exposes its HTTP management interface port (tcp/29316 in the container). +# +# Takes an ":" or "" value (e.g. "127.0.0.1:29316"), or empty string to not expose. +# If you'll be setting this at all, it should be defined in terms of `matrix_bot_maubot_management_interface_port`. +# Example: +# matrix_bot_maubot_management_interface_http_bind_port: "127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}" +matrix_bot_maubot_management_interface_http_bind_port: '' + + matrix_bot_maubot_port: 29316 matrix_bot_maubot_unshared_secret: 'generate' diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 56d8c6a8..b4b03165 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -37,7 +37,7 @@ proxy_set_header Connection "upgrade"; {% else %} {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_port }}/$1; + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; {% endif %} diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 4ba1ac5d..497c25a6 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -27,7 +27,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_expose_management_interface|bool %} - -p {{ matrix_bot_maubot_port }}:29316 \ + -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /data/config.yaml From acf53f604baa7b99aee601a7a16808f3ed77d79b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 10 Jul 2022 14:48:00 +0200 Subject: [PATCH 39/78] Fix homserver configuration url --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 559dc02c..d542fe91 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -57,7 +57,7 @@ server: homeservers: {{ matrix_domain }}: # Client-server API URL - url: {{ matrix_server_fqn_matrix }} + url: "https://{{ matrix_server_fqn_matrix }}" # registration_shared_secret from synapse config # You can leave this empty if you don't have access to the homeserver. # When this is empty, `mbc auth --register` won't work, but `mbc auth` (login) will. From 29b336f0a8648b8f79abe624345812742b64a302 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 11 Jul 2022 13:28:23 +0200 Subject: [PATCH 40/78] Add docs Unrelated to the original branch I added the matrix-registration bot as it was missing in the readme --- README.md | 4 ++++ docs/configuring-playbook.md | 2 ++ 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index 26f10940..f32b8233 100644 --- a/README.md +++ b/README.md @@ -103,6 +103,10 @@ Using this playbook, you can get the following services configured on your serve - (optional) [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) for scheduling one-off & recurring reminders and alarms - see [docs/configuring-playbook-bot-matrix-reminder-bot.md](docs/configuring-playbook-bot-matrix-reminder-bot.md) for setup documentation +- (optional) [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) for invitations by creating and managing registration tokens - see [docs/configuring-playbook-bot-matrix-registration-bot.md](docs/configuring-playbook-bot-matrix-registration-bot.md) for setup documentation + +- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-matrix-maubot.md](docs/configuring-playbook-bot-matrix-maubot.md) for setup documentation + - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation - (optional) [Go-NEB](https://github.com/matrix-org/go-neb) multi functional bot written in Go - see [docs/configuring-playbook-bot-go-neb.md](docs/configuring-playbook-bot-go-neb.md) for setup documentation diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 3bfb01bd..bba1b2e9 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -149,6 +149,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up matrix-registration-bot](configuring-playbook-bot-matrix-registration-bot.md) - a bot to create and manage registration tokens to invite users (optional) +- [Setting up maubot](configuring-playbook-bot-maubot.md) - a plugin-based Matrix bot system (optional) + - [Setting up honoroit](configuring-playbook-bot-honoroit.md) - a helpdesk bot (optional) - [Setting up Go-NEB](configuring-playbook-bot-go-neb.md) - an extensible multifunctional bot (optional) From 1ffc0d963b5089b10dbbcf21140b1b56003c9294 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 12 Jul 2022 01:15:12 +0200 Subject: [PATCH 41/78] Add maubot configuration docs --- docs/configuring-playbook-bot-maubot.md | 62 +++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 docs/configuring-playbook-bot-maubot.md diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md new file mode 100644 index 00000000..1fbe8d17 --- /dev/null +++ b/docs/configuring-playbook-bot-maubot.md @@ -0,0 +1,62 @@ +# Setting up maubot (optional) + +The playbook can install and configure [maubot](https://github.com/maubot/maubot) for you. + +After setting up maubot, you can use the web management interface to make it do things. +The default location of the management interface is `matrix./_matrix/maubot/` + +See the project's [documentation](https://docs.mau.fi/maubot/usage/basic.html) to learn what it +does and why it might be useful to you. + +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + +```yaml +matrix_bot_maubot_enabled: true +matrix_bot_maubot_admins: + - yourusername: securepassword +``` + +You can add multiple admins. + + +## Installing + +After configuring the playbook, run the [installation](installing.md) command again: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` + +## Usage + +You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. +To add a client you first need to create an account and obtain a valid access token. + +## Registering the bot user + +You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): + +``` +ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.maubot password=PASSWORD_FOR_THE_BOT admin=yes' --tags=register-user +``` + +Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. + +## Obtaining an admin access token + +This can be done via `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)) or by logging into Element/Schildichat with the bot account +(using the password you set) and navigate to `Settings->Help&About` and scroll to the bottom. +You can expand "Access token" to copy it. + +![Obatining an admin access token with Element](assets/obtain_admin_access_token_element.png) + +**IMPORTANT**: once you copy the token, just close the Matrix client window/tab. Do not "log out", as that would invalidate the token. + + + + + + + From 6b7191c9393fe74d9a10455731584c2e689a212b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Tue, 12 Jul 2022 01:22:20 +0200 Subject: [PATCH 42/78] Fix tabs issue for real --- .../systemd/matrix-bot-maubot.service.j2 | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 497c25a6..59435667 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -17,20 +17,20 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ - --log-driver=none \ - --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ - --read-only \ - --cap-drop=ALL \ - -v {{ matrix_bot_maubot_data_path }}:/data:z \ - {% for arg in matrix_bot_maubot_container_extra_arguments %} - {{ arg }} \ - {% endfor %} - --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_expose_management_interface|bool %} - -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ - {% endif %} - {{ matrix_bot_maubot_docker_image }} \ - python3 -m maubot -c /data/config.yaml + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --read-only \ + --cap-drop=ALL \ + -v {{ matrix_bot_maubot_data_path }}:/data:z \ + {% for arg in matrix_bot_maubot_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + --network={{ matrix_docker_network }} \ + {% if matrix_bot_maubot_expose_management_interface|bool %} + -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ + {% endif %} + {{ matrix_bot_maubot_docker_image }} \ + python3 -m maubot -c /data/config.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From 24a027c6b9c5c822ee4202d8b5afc23beabf5d14 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 19 Jul 2022 13:24:27 +0000 Subject: [PATCH 43/78] Update Synapse 1.62.0 -> 1.63.0 --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 87ef3d6a..faf9b3ef 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.62.0 +matrix_synapse_version: v1.63.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 65bfc1396e0ded8839b66791dc0b8f33d6834d74 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 19 Jul 2022 16:47:01 +0300 Subject: [PATCH 44/78] Revert "Update Hookshot 1.8.0 -> 1.8.1" This reverts commit 05ccee9f6f436c0b6f1e84b8f74fa002f205ef67. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1952 --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 7ffb26a2..62f797d0 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.8.1 +matrix_hookshot_version: 1.8.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 817830bb3de4594f9552058e0f94ce482f0d992d Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Tue, 19 Jul 2022 14:58:19 +0000 Subject: [PATCH 45/78] Update telemetry documentation to more closely match upstream Synapse no longer describes the stats as anonymized since the `server_name` is included. https://github.com/matrix-org/synapse/pull/13321 --- docs/configuring-playbook-telemetry.md | 30 ++----------------- .../templates/synapse/homeserver.yaml.j2 | 4 +-- 2 files changed, 5 insertions(+), 29 deletions(-) diff --git a/docs/configuring-playbook-telemetry.md b/docs/configuring-playbook-telemetry.md index da583838..22728b09 100644 --- a/docs/configuring-playbook-telemetry.md +++ b/docs/configuring-playbook-telemetry.md @@ -3,8 +3,7 @@ By default, this playbook configures your Matrix homeserver to not send any telemetry data anywhere. The [matrix.org](https://matrix.org) team would really appreciate it if you could help the project out by reporting -anonymized usage statistics from your homeserver. Only very [basic aggregate -data](#usage-statistics-being-submitted) (e.g. number of users) will be reported, but it helps track the +usage statistics from your homeserver. Enabling usage statistics helps track the growth of the Matrix community, and helps to make Matrix a success. @@ -19,28 +18,5 @@ matrix_synapse_report_stats: true ## Usage statistics being submitted -If statistics reporting is enabled, the information that gets submitted to the matrix.org team [according to the source code](https://github.com/matrix-org/synapse/blob/master/synapse/app/homeserver.py) is: - -- your homeserver's domain name - -- uptime of the homeserver program - -- [Python](https://www.python.org/) version powering your homeserver - -- total number of users on your home server (including bridged users) - -- total number of native Matrix users on your home server - -- total number of rooms on your homeserver - -- total number of daily active users on your homeserver - -- total number of daily active rooms on your homeserver - -- total number of messages sent per day - -- cache setting information - -- CPU and memory statistics for the homeserver program - -- database engine type and version +See [Synapse's documentation](https://github.com/matrix-org/synapse/blob/develop/docs/usage/administration/monitoring/reporting_homeserver_usage_statistics.md#available-statistics) +for a list of the individual parameters that are reported. diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index c2364650..3f023ca2 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1587,11 +1587,11 @@ metrics_flags: # #known_servers: true -# Whether or not to report anonymized homeserver usage statistics. +# Whether or not to report homeserver usage statistics. # report_stats: {{ matrix_synapse_report_stats|to_json }} -# The endpoint to report the anonymized homeserver usage statistics to. +# The endpoint to report homeserver usage statistics to. # Defaults to https://matrix.org/report-usage-stats/push # #report_stats_endpoint: https://example.com/report-usage-stats/push From 66d4c7e0720ad0d253dd41721899fa20dfbdedc2 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 19 Jul 2022 15:25:32 +0000 Subject: [PATCH 46/78] [DO NOT MERGE]Update Coturn 4.5.2-r12 -> 4.5.2-r13 **no docker tag yet**, [keep an eye on it](https://hub.docker.com/r/coturn/coturn/tags?page=1&name=4.5.2-r13) --- roles/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index 0b48616b..e1a544ba 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -8,7 +8,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" -matrix_coturn_version: 4.5.2-r12 +matrix_coturn_version: 4.5.2-r13 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From efec303a229b7842898f9e2ea3eebb3a7a8afede Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Tue, 19 Jul 2022 16:42:53 +0000 Subject: [PATCH 47/78] Explicitly mention that your homeserver's domain is included in telemetry --- docs/configuring-playbook-telemetry.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-telemetry.md b/docs/configuring-playbook-telemetry.md index 22728b09..a97fa59c 100644 --- a/docs/configuring-playbook-telemetry.md +++ b/docs/configuring-playbook-telemetry.md @@ -18,5 +18,9 @@ matrix_synapse_report_stats: true ## Usage statistics being submitted +When enabled, Synapse will regularly upload a few dozen statistics about your server. +This data includes your homeserver's domain, the total number of users, the number of active +users, the total number of rooms, and the number of messages sent per day on your homeserver. + See [Synapse's documentation](https://github.com/matrix-org/synapse/blob/develop/docs/usage/administration/monitoring/reporting_homeserver_usage_statistics.md#available-statistics) -for a list of the individual parameters that are reported. +for the full list of statistics that are reported. From 2e02e694b41078488672860ce1b4dfe67bfd9f95 Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Tue, 19 Jul 2022 16:31:01 -0600 Subject: [PATCH 48/78] Update configuring-well-known.md Make use of `example.com` more consistent (replace `DOMAIN`) and simplify Caddy 2 config. Remove Caddy 1 config since Caddy 1 is long past EOL. --- docs/configuring-well-known.md | 48 ++++++++++------------------------ 1 file changed, 14 insertions(+), 34 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 53a35386..d4a8dc7e 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -15,7 +15,7 @@ All services created by this playbook are meant to be installed on their own ser As [per the Server-Server specification](https://matrix.org/docs/spec/server_server/r0.1.0.html#server-discovery), to use a Matrix user identifier like `@:` while hosting services on a subdomain like `matrix.`, the Matrix network needs to be instructed of such delegation/redirection. -Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (``). +Server delegation can be configured using DNS SRV records or by setting up a `/.well-known/matrix/server` file on the base domain (``). Both methods have their place and will continue to do so. You only need to use just one of these delegation methods. For simplicity reasons, our setup advocates for the `/.well-known/matrix/server` method and guides you into using that. @@ -79,7 +79,7 @@ If you're managing the base domain by yourself somehow, you'll need to set up se To make things easy for you to set up, this playbook generates and hosts 2 well-known files on the Matrix domain's server. The files are generated at `/matrix/static-files/.well-known/matrix/` and hosted at `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`, even though this is the wrong place to host them. -You have 3 options when it comes to installing the files on the base domain's server: +You have 4 options when it comes to installing the files on the base domain's server: ### (Option 1): **Copying the files manually** to your base domain's server @@ -116,12 +116,12 @@ With this method, you **don't need** to add special HTTP headers for [CORS](http **For nginx**, it would be something like this: ```nginx -# This is your HTTPS-enabled server for DOMAIN. +# This is your HTTPS-enabled server for example.com. server { - server_name DOMAIN; + server_name example.com; location /.well-known/matrix { - proxy_pass https://matrix.DOMAIN/.well-known/matrix; + proxy_pass https://matrix.example.com/.well-known/matrix; proxy_set_header X-Forwarded-For $remote_addr; } @@ -133,11 +133,11 @@ server { ```apache - ServerName DOMAIN + ServerName example.com SSLProxyEngine on - ProxyPass /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon - ProxyPassReverse /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon + ProxyPass /.well-known/matrix https://matrix.example.com/.well-known/matrix nocanon + ProxyPassReverse /.well-known/matrix https://matrix.example.com/.well-known/matrix nocanon # other configuration @@ -146,30 +146,10 @@ server { **For Caddy 2**, it would be something like this: ```caddy -DOMAIN.com { - @wellknown { - path /.well-known/matrix/*:x - } - - handle @wellknown { - reverse_proxy https://matrix.DOMAIN.com { - header_up Host {http.reverse_proxy.upstream.hostport} - } - } - # Configration for the base domain goes here - # handle { - # header -Server - # encode zstd gzip - # reverse_proxy localhost:4020 - # } -} -``` - -**For Caddy 1**, it would be something like this: - -```caddy -proxy /.well-known/matrix/ https://matrix.DOMAIN { - header_upstream Host {http.reverse_proxy.upstream.hostport} +example.com { + reverse_proxy /.well-known/matrix/* https://matrix.example.com { + header_up Host {upstream_hostport} + } } ``` @@ -196,7 +176,7 @@ backend matrix-backend ``` # In the _redirects file in the website's root -/.well-known/matrix/* https://matrix.DOMAIN/.well-known/matrix/:splat 200! +/.well-known/matrix/* https://matrix.example.com/.well-known/matrix/:splat 200! ``` **For AWS CloudFront** @@ -206,7 +186,7 @@ backend matrix-backend Make sure to: -- **replace `DOMAIN`** in the server configuration with your actual domain name +- **replace `example.com`** in the server configuration with your actual domain name - and: to **do this for the HTTPS-enabled server block**, as that's where Matrix expects the file to be From 1dea35209ba82f30d363cf7b21628656b5efb1be Mon Sep 17 00:00:00 2001 From: Cody Wyatt Neiman Date: Tue, 19 Jul 2022 19:46:45 -0400 Subject: [PATCH 49/78] Fix self-build error image names --- roles/matrix-bridge-appservice-irc/tasks/init.yml | 2 +- roles/matrix-bridge-appservice-slack/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-facebook/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-googlechat/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-hangouts/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-instagram/tasks/init.yml | 2 +- roles/matrix-bridge-mautrix-telegram/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-discord/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-slack/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-steam/tasks/init.yml | 2 +- roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml | 2 +- roles/matrix-corporal/tasks/init.yml | 2 +- roles/matrix-coturn/tasks/init.yml | 2 +- roles/matrix-dynamic-dns/tasks/init.yml | 2 +- roles/matrix-ma1sd/tasks/init.yml | 2 +- roles/matrix-mailer/tasks/init.yml | 2 +- roles/matrix-registration/tasks/init.yml | 2 +- roles/matrix-synapse-admin/tasks/init.yml | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/matrix-bridge-appservice-irc/tasks/init.yml index d22dd5d7..9713e9b7 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/init.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the matrix-appservice-irc image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_appservice_irc_container_image_self_build and matrix_appservice_irc_enabled" # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index b4895aea..e11125ed 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the matrix-appservice-slack image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_appservice_slack_container_image_self_build and matrix_appservice_slack_enabled" # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index a5debc0b..c5eb58be 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Facebook image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_facebook_container_image_self_build and matrix_mautrix_facebook_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index af1e7d30..7f846526 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Google Chat image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_googlechat_container_image_self_build and matrix_mautrix_googlechat_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 28ca1cdb..8ad9bc02 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Hangouts image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_hangouts_container_image_self_build and matrix_mautrix_hangouts_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml index 858e2917..5a78afed 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Instagram image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_instagram_container_image_self_build and matrix_mautrix_instagram_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index e83bc663..fac5a86c 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Mautrix-Telegram image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mautrix_telegram_container_image_self_build and matrix_mautrix_telegram_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml index 1a821d7d..9fbba3c8 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-discord image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_discord_container_image_self_build and matrix_mx_puppet_discord_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml index 92f041d4..1a06b09e 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-groupme image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_groupme_container_image_self_build and matrix_mx_puppet_groupme_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml index 5e89275c..850c6859 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-instagram image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_instagram_container_image_self_build and matrix_mx_puppet_instagram_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index fd9d62ae..2213df55 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-slack image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_slack_container_image_self_build and matrix_mx_puppet_slack_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml index 6c9a9a4f..fb3257b2 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-steam image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_steam_container_image_self_build and matrix_mx_puppet_steam_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index 3667ebc7..d6e65964 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the mx-puppet-twitter image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mx_puppet_twitter_container_image_self_build and matrix_mx_puppet_twitter_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-corporal/tasks/init.yml b/roles/matrix-corporal/tasks/init.yml index c6686a37..dffdbe90 100644 --- a/roles/matrix-corporal/tasks/init.yml +++ b/roles/matrix-corporal/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Matrix Corporal image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_corporal_container_image_self_build and matrix_corporal_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-coturn/tasks/init.yml b/roles/matrix-coturn/tasks/init.yml index 60a77264..315dfb65 100644 --- a/roles/matrix-coturn/tasks/init.yml +++ b/roles/matrix-coturn/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the coturn image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_coturn_container_image_self_build and matrix_coturn_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-dynamic-dns/tasks/init.yml b/roles/matrix-dynamic-dns/tasks/init.yml index 1cd6170e..9c906441 100644 --- a/roles/matrix-dynamic-dns/tasks/init.yml +++ b/roles/matrix-dynamic-dns/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Dynamic DNS image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_dynamic_dns_container_image_self_build and matrix_dynamic_dns_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-ma1sd/tasks/init.yml b/roles/matrix-ma1sd/tasks/init.yml index 1d425006..48226aa0 100644 --- a/roles/matrix-ma1sd/tasks/init.yml +++ b/roles/matrix-ma1sd/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the ma1sd image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_ma1sd_container_image_self_build and matrix_ma1sd_enabled | bool" - ansible.builtin.set_fact: diff --git a/roles/matrix-mailer/tasks/init.yml b/roles/matrix-mailer/tasks/init.yml index e83902d7..487ed0c9 100644 --- a/roles/matrix-mailer/tasks/init.yml +++ b/roles/matrix-mailer/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Matrix Mailer image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_mailer_container_image_self_build and matrix_mailer_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-registration/tasks/init.yml b/roles/matrix-registration/tasks/init.yml index 064f895c..922db0f7 100644 --- a/roles/matrix-registration/tasks/init.yml +++ b/roles/matrix-registration/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Matrix Registration image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_registration_container_image_self_build and matrix_registration_enabled" - ansible.builtin.set_fact: diff --git a/roles/matrix-synapse-admin/tasks/init.yml b/roles/matrix-synapse-admin/tasks/init.yml index 4d8a5eb0..f934eced 100644 --- a/roles/matrix-synapse-admin/tasks/init.yml +++ b/roles/matrix-synapse-admin/tasks/init.yml @@ -3,7 +3,7 @@ # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407 - name: Fail if trying to self-build on Ansible < 2.8 ansible.builtin.fail: - msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md" + msg: "To self-build the Synapse Admin image, you should use Ansible 2.8 or higher. See docs/ansible.md" when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_synapse_admin_container_image_self_build and matrix_synapse_admin_enabled" - ansible.builtin.set_fact: From d6d311e810d45d6d4ba5464cc47a988b618fa5d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:27:20 +0200 Subject: [PATCH 50/78] Fix plugin database issue --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index d542fe91..254c836e 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -27,7 +27,7 @@ plugin_directories: # Configuration for storing plugin databases plugin_databases: - type: default + postgres: default server: # The IP and port to listen to. From 73ebbdcacd75e701a80c5ee31921121f4c75bbaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:29:03 +0200 Subject: [PATCH 51/78] Move maubot nginx config Reasoning: setup_install.yml only runs on --tags=setup-all or on --tags=setup-bot-maubot. If --tags=setup-nginx-proxy or similar commands are run, setup_install.yml will not run and the nginx configuration will be incomplete. --- roles/matrix-bot-maubot/tasks/init.yml | 39 ++++++++++++++++++ .../matrix-bot-maubot/tasks/setup_install.yml | 40 ------------------- 2 files changed, 39 insertions(+), 40 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 6f55c747..032fdbf7 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -3,3 +3,42 @@ - set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool + +- name: Generate Maubot proxying configuration for matrix-nginx-proxy + set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-bot-maubot:29316/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + when: matrix_bot_maubot_proxy_management_interface|bool + +- name: Register Maubot's proxying configuration with matrix-nginx-proxy + set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + when: matrix_bot_maubot_proxy_management_interface|bool + +- name: Warn about reverse-proxying if matrix-nginx-proxy not used + debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index b4b03165..8b27cd03 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -24,46 +24,6 @@ group: "{{ matrix_user_groupname }}" mode: "u=rwx" -- name: Generate Maubot proxying configuration for matrix-nginx-proxy - set_fact: - matrix_bot_maubot_matrix_nginx_proxy_configuration: | - location ~ ^/(_matrix/maubot/.*) { - {% if matrix_nginx_proxy_enabled|default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:29316/$1"; - proxy_pass http://$backend; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% endif %} - } - when: matrix_bot_maubot_proxy_management_interface|bool - -- name: Register Maubot's proxying configuration with matrix-nginx-proxy - set_fact: - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) - + - [matrix_bot_maubot_matrix_nginx_proxy_configuration] - }} - when: matrix_bot_maubot_proxy_management_interface|bool - -- name: Warn about reverse-proxying if matrix-nginx-proxy not used - debug: - msg: >- - NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `/_matrix/maubot` - URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" - - - name: Ensure maubot image is pulled docker_image: name: "{{ matrix_bot_maubot_docker_image }}" From d2e6ab6c3885dfa267c0ce5cdfb6163b7782d88b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:41:17 +0200 Subject: [PATCH 52/78] Fix some CI lint errors --- roles/matrix-bot-maubot/tasks/init.yml | 73 +++++++++++++------------- 1 file changed, 37 insertions(+), 36 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 032fdbf7..09a5f9a8 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -4,41 +4,42 @@ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool -- name: Generate Maubot proxying configuration for matrix-nginx-proxy - set_fact: - matrix_bot_maubot_matrix_nginx_proxy_configuration: | - location ~ ^/(_matrix/maubot/.*) { - {% if matrix_nginx_proxy_enabled|default(False) %} - {# Use the embedded DNS resolver in Docker containers to discover the service #} - resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:29316/$1"; - proxy_pass http://$backend; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% else %} - {# Generic configuration for use outside of our container setup #} - proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - {% endif %} - } - when: matrix_bot_maubot_proxy_management_interface|bool +- block: + - name: Generate Maubot proxying configuration for matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_bot_maubot_matrix_nginx_proxy_configuration: | + location ~ ^/(_matrix/maubot/.*) { + {% if matrix_nginx_proxy_enabled|default(False) %} + {# Use the embedded DNS resolver in Docker containers to discover the service #} + resolver 127.0.0.11 valid=5s; + set $backend "matrix-bot-maubot:29316/$1"; + proxy_pass http://$backend; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% else %} + {# Generic configuration for use outside of our container setup #} + proxy_pass http://127.0.0.1:{{ matrix_bot_maubot_management_interface_port }}/$1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + {% endif %} + } + when: matrix_bot_maubot_proxy_management_interface|bool -- name: Register Maubot's proxying configuration with matrix-nginx-proxy - set_fact: - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | - {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) - + - [matrix_bot_maubot_matrix_nginx_proxy_configuration] - }} - when: matrix_bot_maubot_proxy_management_interface|bool + - name: Register Maubot's proxying configuration with matrix-nginx-proxy + ansible.builtin.set_fact: + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | + {{ + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + + + [matrix_bot_maubot_matrix_nginx_proxy_configuration] + }} + when: matrix_bot_maubot_proxy_management_interface|bool -- name: Warn about reverse-proxying if matrix-nginx-proxy not used - debug: - msg: >- - NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy - reverse proxy. - Please make sure that you're proxying the `/_matrix/maubot` - URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" + - name: Warn about reverse-proxying if matrix-nginx-proxy not used + ansible.builtin.debug: + msg: >- + NOTE: You've enabled Maubot but are not using the matrix-nginx-proxy + reverse proxy. + Please make sure that you're proxying the `/_matrix/maubot` + URL endpoint to the matrix-maubot container. + when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" From f8a88707119feea06042cdba20f6e57d4848aadf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:48:26 +0200 Subject: [PATCH 53/78] Use FQCN --- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/tasks/setup_install.yml | 16 ++++++++-------- .../matrix-bot-maubot/tasks/setup_uninstall.yml | 12 ++++++------ .../matrix-bot-maubot/tasks/validate_config.yml | 2 +- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 09a5f9a8..fe33da9b 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -1,6 +1,6 @@ --- -- set_fact: +- ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 8b27cd03..cf350c02 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -1,7 +1,7 @@ --- - name: Ensure maubot paths exist - file: + ansible.builtin.file: path: "{{ item.path }}" state: directory mode: 0755 @@ -17,7 +17,7 @@ when: "item.when|bool" - name: Ensure maubot configuration file created - template: + ansible.builtin.template: src: "{{ role_path }}/templates/config/config.yaml.j2" dest: "{{ matrix_bot_maubot_data_path }}/config.yaml" owner: "{{ matrix_user_username }}" @@ -25,7 +25,7 @@ mode: "u=rwx" - name: Ensure maubot image is pulled - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -37,7 +37,7 @@ until: result is not failed - name: Ensure maubot repository is present on self-build - git: + ansible.builtin.git: repo: "{{ matrix_bot_maubot_docker_repo }}" dest: "{{ matrix_bot_maubot_docker_src_files_path }}" force: "yes" @@ -47,7 +47,7 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: build force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -59,18 +59,18 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure matrix-bot-maubot.service installed - template: + ansible.builtin.template: src: "{{ role_path }}/templates/systemd/matrix-bot-maubot.service.j2" dest: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" mode: 0644 register: matrix_bot_maubot_systemd_service_result - name: Ensure systemd reloaded after matrix-bot-maubot.service installation - service: + ansible.builtin.service: daemon_reload: true when: "matrix_bot_maubot_systemd_service_result.changed|bool" - name: Ensure matrix-bot-maubot.service restarted, if necessary - service: + ansible.builtin.service: name: "matrix-bot-maubot.service" state: restarted diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index f1d2fca2..8812eeed 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -1,12 +1,12 @@ --- - name: Check existence of matrix-maubot service - stat: + ansible.builtin.stat: path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" register: matrix_bot_maubot_service_stat - name: Ensure matrix-bot-maubot is stopped - service: + ansible.builtin.service: name: matrix-bot-maubot state: stopped enabled: false @@ -15,22 +15,22 @@ when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure matrix-bot-maubot.service doesn't exist - file: + ansible.builtin.file: path: "{{ matrix_systemd_path }}/matrix-bot-maubot.service" state: absent when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure systemd reloaded after matrix-bot-maubot.service removal - service: + ansible.builtin.service: daemon_reload: true when: "matrix_bot_maubot_service_stat.stat.exists|bool" - name: Ensure Matrix maubot paths don't exist - file: + ansible.builtin.file: path: "{{ matrix_bot_maubot_base_path }}" state: absent - name: Ensure maubot Docker image doesn't exist - docker_image: + community.docker.docker_image: name: "{{ matrix_bot_maubot_docker_image }}" state: absent diff --git a/roles/matrix-bot-maubot/tasks/validate_config.yml b/roles/matrix-bot-maubot/tasks/validate_config.yml index 18070160..5b28d9c0 100644 --- a/roles/matrix-bot-maubot/tasks/validate_config.yml +++ b/roles/matrix-bot-maubot/tasks/validate_config.yml @@ -1,7 +1,7 @@ --- - name: Fail if required settings not defined - fail: + ansible.builtin.fail: msg: >- You need to define a required configuration setting (`{{ item }}`). when: "vars[item] == ''" From 04a817aeaadf8db96f7e81db7a33c1d4edd0b486 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 08:55:10 +0200 Subject: [PATCH 54/78] Use explicit version for self build --- roles/matrix-bot-maubot/defaults/main.yml | 2 ++ roles/matrix-bot-maubot/tasks/setup_install.yml | 1 + 2 files changed, 3 insertions(+) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index d5be023f..7c5cb0eb 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -4,6 +4,8 @@ matrix_bot_maubot_enabled: true matrix_bot_maubot_container_image_self_build: false matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/docker-src" +matrix_bot_maubot_docker_repo_version: "{{ 'master' if matrix_bot_maubot_version == 'latest' else matrix_bot_maubot_version }}" + matrix_bot_maubot_version: v0.3.1 matrix_bot_maubot_docker_image: "dock.mau.dev/maubot/maubot:{{ matrix_bot_maubot_version }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index cf350c02..c136fd89 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -39,6 +39,7 @@ - name: Ensure maubot repository is present on self-build ansible.builtin.git: repo: "{{ matrix_bot_maubot_docker_repo }}" + version: "{{ matrix_bot_maubot_docker_repo_version }}" dest: "{{ matrix_bot_maubot_docker_src_files_path }}" force: "yes" become: true From f2dcbe5c9cd5119a671d57c00002f4ef778b7961 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 09:00:47 +0200 Subject: [PATCH 55/78] Name all tasks --- roles/matrix-bot-maubot/defaults/main.yml | 8 +++++++- roles/matrix-bot-maubot/tasks/init.yml | 6 ++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 7c5cb0eb..57c3f5f7 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -29,7 +29,13 @@ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot -matrix_bot_maubot_database_connection_string: 'postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable' +matrix_bot_maubot_database_connection_string: > + postgres://{{ matrix_bot_maubot_database_username }} + :{{ matrix_bot_maubot_database_password }} + @{{ matrix_bot_maubot_database_hostname }} + :{{ matrix_bot_maubot_database_port }} + /{{ matrix_bot_maubot_database_name }} + ?sslmode=disable' matrix_bot_maubot_database_uri: "{{ { diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index fe33da9b..54fd714b 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -1,10 +1,12 @@ --- -- ansible.builtin.set_fact: +- name: Add maubot to the systemd service list + ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" when: matrix_bot_maubot_enabled|bool -- block: +- name: Configure nginx for maubot + block: - name: Generate Maubot proxying configuration for matrix-nginx-proxy ansible.builtin.set_fact: matrix_bot_maubot_matrix_nginx_proxy_configuration: | From 492d430cb00948defab71107935db966d5489c35 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 10:01:42 +0300 Subject: [PATCH 56/78] Revert "Revert "Update Hookshot 1.8.0 -> 1.8.1"" This reverts commit 65bfc1396e0ded8839b66791dc0b8f33d6834d74. The 1.8.1 image is published now, so we can finally upgrade. --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 62f797d0..7ffb26a2 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.8.0 +matrix_hookshot_version: 1.8.1 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From e306d0051e22b4e69e457e4048ceb7c6198d1a4e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 10:07:03 +0300 Subject: [PATCH 57/78] Add project introduction to maubot's defaults file --- roles/matrix-bot-maubot/defaults/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 57c3f5f7..49437ece 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -1,5 +1,8 @@ --- +# maubot is a plugin-based Matrix bot system. +# Project source code URL: https://mau.dev/maubot/maubot + matrix_bot_maubot_enabled: true matrix_bot_maubot_container_image_self_build: false matrix_bot_maubot_docker_repo: "https://mau.dev/maubot/maubot.git" From b8832e30143107e003e51f509e4f92a7ac6b99f8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 10:27:13 +0300 Subject: [PATCH 58/78] Fix some Jinja2 inconsistencies in maubot role --- roles/matrix-bot-maubot/tasks/init.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 54fd714b..001a3c47 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -3,7 +3,7 @@ - name: Add maubot to the systemd service list ansible.builtin.set_fact: matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}" - when: matrix_bot_maubot_enabled|bool + when: matrix_bot_maubot_enabled | bool - name: Configure nginx for maubot block: @@ -11,7 +11,7 @@ ansible.builtin.set_fact: matrix_bot_maubot_matrix_nginx_proxy_configuration: | location ~ ^/(_matrix/maubot/.*) { - {% if matrix_nginx_proxy_enabled|default(False) %} + {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; set $backend "matrix-bot-maubot:29316/$1"; @@ -25,13 +25,13 @@ proxy_set_header Connection "upgrade"; {% endif %} } - when: matrix_bot_maubot_proxy_management_interface|bool + when: matrix_bot_maubot_proxy_management_interface | bool - name: Register Maubot's proxying configuration with matrix-nginx-proxy ansible.builtin.set_fact: matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: | {{ - matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([]) + matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([]) + [matrix_bot_maubot_matrix_nginx_proxy_configuration] }} @@ -44,4 +44,4 @@ reverse proxy. Please make sure that you're proxying the `/_matrix/maubot` URL endpoint to the matrix-maubot container. - when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined" + when: "matrix_bot_maubot_enabled | bool and matrix_bot_maubot_proxy_management_interface | bool and matrix_nginx_proxy_enabled is not defined" From a1bfad1e9babb1c430f9f89e0c4a98c8051ccdfa Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 11:16:49 +0300 Subject: [PATCH 59/78] Fix whitespace in matrix_bot_maubot_database_connection_string --- roles/matrix-bot-maubot/defaults/main.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 49437ece..f210ba51 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -32,13 +32,7 @@ matrix_bot_maubot_database_hostname: 'matrix-postgres' matrix_bot_maubot_database_port: 5432 matrix_bot_maubot_database_name: matrix_bot_maubot -matrix_bot_maubot_database_connection_string: > - postgres://{{ matrix_bot_maubot_database_username }} - :{{ matrix_bot_maubot_database_password }} - @{{ matrix_bot_maubot_database_hostname }} - :{{ matrix_bot_maubot_database_port }} - /{{ matrix_bot_maubot_database_name }} - ?sslmode=disable' +matrix_bot_maubot_database_connection_string: postgres://{{ matrix_bot_maubot_database_username }}:{{ matrix_bot_maubot_database_password }}@{{ matrix_bot_maubot_database_hostname }}:{{ matrix_bot_maubot_database_port }}/{{ matrix_bot_maubot_database_name }}?sslmode=disable matrix_bot_maubot_database_uri: "{{ { From b20cfc5015317afc4f8d9a7e0f8ba5d80153591e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 11:23:32 +0200 Subject: [PATCH 60/78] Clear up maubot role (#1960) * Make interface hidden behind proxy by default * Remove expose option and replace with http_bind_port Reasoning: This is a similar binary trigger but allows to bin not on all interfaces * Clarify maubot admin purpose * Remove unnecessary edif * Extend docs to prevent common misconceptions * Make http_bind_port singular, do not allow multiple values * Make optional again --- docs/configuring-playbook-bot-maubot.md | 10 +++++++++- roles/matrix-bot-maubot/defaults/main.yml | 3 +-- .../templates/systemd/matrix-bot-maubot.service.j2 | 6 +++--- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/docs/configuring-playbook-bot-maubot.md b/docs/configuring-playbook-bot-maubot.md index 1fbe8d17..d74cfb2f 100644 --- a/docs/configuring-playbook-bot-maubot.md +++ b/docs/configuring-playbook-bot-maubot.md @@ -18,7 +18,8 @@ matrix_bot_maubot_admins: - yourusername: securepassword ``` -You can add multiple admins. +You can add multiple admins. The admin accounts are not connected to any matrix ID and are only used to access the +maubot administration interface. ## Installing @@ -32,6 +33,13 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage You can visit `matrix./_matrix/maubot/` to manage your available plugins, clients and instances. + +You should start in the following order +1. **Create one or more clients:** A client is a matrix account which the bot will use to message. +2. **Upload some Plugins:** Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source. +3. **Create an instance:** An instance is the actual bot. You have to specify a client which the bot instance will use +and the plugin (how the bot will behave) + To add a client you first need to create an account and obtain a valid access token. ## Registering the bot user diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index f210ba51..c6d92215 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -19,8 +19,7 @@ matrix_bot_maubot_data_path: "{{ matrix_bot_maubot_base_path }}/data" matrix_bot_maubot_config_path: "{{ matrix_bot_maubot_base_path }}/config" matrix_bot_maubot_bot_server_public_url: "https://{{ matrix_server_fqn_matrix }}" -matrix_bot_maubot_proxy_management_interface: false -matrix_bot_maubot_expose_management_interface: true +matrix_bot_maubot_proxy_management_interface: true matrix_bot_maubot_database_engine: sqlite matrix_bot_maubot_sqlite_database_path_local: "{{ matrix_bot_maubot_data_path }}/maubot.db" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 59435667..6f8ec6f6 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -26,9 +26,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_expose_management_interface|bool %} - -p {{ matrix_bot_maubot_management_interface_port }}:29316 \ - {% endif %} + {% if matrix_bot_maubot_management_interface_http_bind_port | bool %} + -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 + {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /data/config.yaml From d1649ff67b93f145bbbc3766590b0b62242fa5ba Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:40:30 +0300 Subject: [PATCH 61/78] Do not restart matrix-bot-maubot.service on every playbook run Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/tasks/setup_install.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index c136fd89..5d9965a0 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -70,8 +70,3 @@ ansible.builtin.service: daemon_reload: true when: "matrix_bot_maubot_systemd_service_result.changed|bool" - -- name: Ensure matrix-bot-maubot.service restarted, if necessary - ansible.builtin.service: - name: "matrix-bot-maubot.service" - state: restarted From 46ced6134ca3ebdea1bcd20d65921fe90b68855f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:48:12 +0300 Subject: [PATCH 62/78] Store maubot configuration separately from data Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 Because the configuration file is now mounted as readonly and maubot tries to update it on start, we get this warning: > Failed to create tempfile to write updated config to disk: [Errno 30] Read-only file system: '/config/tmpfa8vcb3y.yaml' It doesn't seem to cause issues though. Because the configuration is no longer overwritten on every bot start, each next Ansible run should no longer overwrite it again and report a "changed" task. --- roles/matrix-bot-maubot/tasks/setup_install.yml | 3 ++- .../templates/systemd/matrix-bot-maubot.service.j2 | 7 ++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 5d9965a0..50e48254 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -9,6 +9,7 @@ group: "{{ matrix_user_groupname }}" with_items: - {path: "{{ matrix_bot_maubot_base_path }}", when: true} + - {path: "{{ matrix_bot_maubot_config_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}", when: true} - {path: "{{ matrix_bot_maubot_data_path }}/plugins", when: true} - {path: "{{ matrix_bot_maubot_data_path }}/dbs", when: true} @@ -19,7 +20,7 @@ - name: Ensure maubot configuration file created ansible.builtin.template: src: "{{ role_path }}/templates/config/config.yaml.j2" - dest: "{{ matrix_bot_maubot_data_path }}/config.yaml" + dest: "{{ matrix_bot_maubot_config_path }}/config.yaml" owner: "{{ matrix_user_username }}" group: "{{ matrix_user_groupname }}" mode: "u=rwx" diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 6f8ec6f6..18b32c98 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -21,16 +21,17 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ --read-only \ --cap-drop=ALL \ - -v {{ matrix_bot_maubot_data_path }}:/data:z \ + --mount type=bind,src={{ matrix_bot_maubot_config_path }},dst=/config,ro \ + --mount type=bind,src={{ matrix_bot_maubot_data_path }},dst=/data \ {% for arg in matrix_bot_maubot_container_extra_arguments %} {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_management_interface_http_bind_port | bool %} + {% if matrix_bot_maubot_management_interface_http_bind_port %} -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 {% endif %} {{ matrix_bot_maubot_docker_image }} \ - python3 -m maubot -c /data/config.yaml + python3 -m maubot -c /config/config.yaml ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-maubot 2>/dev/null || true' ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-maubot 2>/dev/null || true' From d2fb6a86e11b4c2cc197c05597a532ea023b69a9 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:50:00 +0300 Subject: [PATCH 63/78] Fix matrix-bot-maubot.service.j2 indentation (tabs only) Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- .../templates/systemd/matrix-bot-maubot.service.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 18b32c98..8957da5e 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -27,9 +27,9 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {{ arg }} \ {% endfor %} --network={{ matrix_docker_network }} \ - {% if matrix_bot_maubot_management_interface_http_bind_port %} - -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 - {% endif %} + {% if matrix_bot_maubot_management_interface_http_bind_port %} + -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 + {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml From e5238bf7d52128372042de94a41c94f6eb2df8ed Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 12:54:04 +0300 Subject: [PATCH 64/78] Announce maubot Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- CHANGELOG.md | 9 +++++++++ docs/container-images.md | 2 ++ docs/self-building.md | 1 + 3 files changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c8d31aba..66f740ed 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-07-20 + +## maubot support + +Thanks to [Stuart Mumford (@Cadair)](https://github.com/cadair) for starting ([PR #373](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/373) and [PR #622](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/622)) and to [Julian-Samuel Gebühr (@moan0s)](https://github.com/moan0s) for finishing up (in [PR #1894](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894)), the playbook can now help you set up [maubot](https://github.com/maubot/maubot) - a plugin-based Matrix bot system. + +See our [Setting up maubot](docs/configuring-playbook-bot-maubot.md) documentation to get started. + + # 2022-07-14 ## mx-puppet-skype removal diff --git a/docs/container-images.md b/docs/container-images.md index a587d932..3821cd8c 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -92,6 +92,8 @@ These services are not part of our default installation, but can be enabled by [ - [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional) +- [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) - the [maubot](https://github.com/maubot/maubot) bot (a plugin-based Matrix bot system) (optional) + - [etke.cc/honoroit](https://gitlab.com/etke.cc/honoroit/container_registry) - the [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot (optional) - [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) diff --git a/docs/self-building.md b/docs/self-building.md index ab6e17d3..3351a1f8 100644 --- a/docs/self-building.md +++ b/docs/self-building.md @@ -37,6 +37,7 @@ List of roles where self-building the Docker image is currently possible: - `matrix-bot-mjolnir` - `matrix-bot-honoroit` - `matrix-bot-matrix-reminder-bot` +- `matrix-bot-maubot` - `matrix-email2matrix` Adding self-building support to other roles is welcome. Feel free to contribute! From b575409ed74d575a63a415003304b6305cd1ec71 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:02:19 +0300 Subject: [PATCH 65/78] Use |to_json in maubot configuration Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 254c836e..ef46fe76 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -34,7 +34,7 @@ server: hostname: 0.0.0.0 port: 29316 # Public base URL where the server is visible. - public_url: {{ matrix_bot_maubot_bot_server_public_url }} + public_url: {{ matrix_bot_maubot_bot_server_public_url|to_json }} # The base management API path. base_path: /_matrix/maubot/v1 # The base path for the UI. @@ -65,7 +65,7 @@ homeservers: # List of administrator users. Plaintext passwords will be bcrypted on startup. Set empty password # to prevent normal login. Root is a special user that can't have a password and will always exist. -admins: {{ matrix_bot_maubot_admins | combine( {"root": ""} ) }} +admins: {{ matrix_bot_maubot_admins | combine( {"root": ""} )|to_json }} api_features: login: true From 5ce2732899aea2c35903333b4c783ea7124292ef Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:03:50 +0300 Subject: [PATCH 66/78] Make maubot logging level configurable Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/defaults/main.yml | 3 +++ roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 8 ++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index c6d92215..376af188 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -57,6 +57,9 @@ matrix_bot_maubot_management_interface_http_bind_port: '' matrix_bot_maubot_port: 29316 matrix_bot_maubot_unshared_secret: 'generate' +# Specifies the default log level for all bot loggers. +matrix_bot_maubot_logging_level: WARNING + # A list of extra arguments to pass to the container matrix_bot_maubot_container_extra_arguments: [] diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index ef46fe76..041522f8 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -97,11 +97,11 @@ logging: formatter: colored loggers: maubot: - level: DEBUG + level: {{ matrix_bot_maubot_logging_level|to_json }} mau: - level: DEBUG + level: {{ matrix_bot_maubot_logging_level|to_json }} aiohttp: - level: INFO + level: {{ matrix_bot_maubot_logging_level|to_json }} root: - level: DEBUG + level: {{ matrix_bot_maubot_logging_level|to_json }} handlers: [console] From 8a689813ffa8233e6a66b91a52bccdf08953f8f1 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:04:35 +0300 Subject: [PATCH 67/78] Remove unused maubot variable Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/defaults/main.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/matrix-bot-maubot/defaults/main.yml b/roles/matrix-bot-maubot/defaults/main.yml index 376af188..0a73d92e 100644 --- a/roles/matrix-bot-maubot/defaults/main.yml +++ b/roles/matrix-bot-maubot/defaults/main.yml @@ -54,7 +54,6 @@ matrix_bot_maubot_management_interface_port: 29316 matrix_bot_maubot_management_interface_http_bind_port: '' -matrix_bot_maubot_port: 29316 matrix_bot_maubot_unshared_secret: 'generate' # Specifies the default log level for all bot loggers. From 90551e82ec6be265b56d43e78c0a76030121b58f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 13:06:11 +0300 Subject: [PATCH 68/78] Make use of matrix_bot_maubot_management_interface_port variable to actually make maubot port configurable Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1894 --- roles/matrix-bot-maubot/tasks/init.yml | 2 +- roles/matrix-bot-maubot/templates/config/config.yaml.j2 | 2 +- .../templates/systemd/matrix-bot-maubot.service.j2 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/init.yml b/roles/matrix-bot-maubot/tasks/init.yml index 001a3c47..251d0b4a 100644 --- a/roles/matrix-bot-maubot/tasks/init.yml +++ b/roles/matrix-bot-maubot/tasks/init.yml @@ -14,7 +14,7 @@ {% if matrix_nginx_proxy_enabled | default(False) %} {# Use the embedded DNS resolver in Docker containers to discover the service #} resolver 127.0.0.11 valid=5s; - set $backend "matrix-bot-maubot:29316/$1"; + set $backend "matrix-bot-maubot:{{ matrix_bot_maubot_management_interface_port }}/$1"; proxy_pass http://$backend; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; diff --git a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 index 041522f8..938901ea 100644 --- a/roles/matrix-bot-maubot/templates/config/config.yaml.j2 +++ b/roles/matrix-bot-maubot/templates/config/config.yaml.j2 @@ -32,7 +32,7 @@ plugin_databases: server: # The IP and port to listen to. hostname: 0.0.0.0 - port: 29316 + port: {{ matrix_bot_maubot_management_interface_port|to_json }} # Public base URL where the server is visible. public_url: {{ matrix_bot_maubot_bot_server_public_url|to_json }} # The base management API path. diff --git a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 index 8957da5e..2773c69d 100644 --- a/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 +++ b/roles/matrix-bot-maubot/templates/systemd/matrix-bot-maubot.service.j2 @@ -28,7 +28,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-maubot \ {% endfor %} --network={{ matrix_docker_network }} \ {% if matrix_bot_maubot_management_interface_http_bind_port %} - -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:29316 + -p {{ matrix_bot_maubot_management_interface_http_bind_port }}:{{ matrix_bot_maubot_management_interface_port }} {% endif %} {{ matrix_bot_maubot_docker_image }} \ python3 -m maubot -c /config/config.yaml From ff2ba1d5b158761a6d67902545ea5c3864073d34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 20 Jul 2022 12:18:11 +0200 Subject: [PATCH 69/78] Add matrix-registreation-bot docker image --- docs/container-images.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/container-images.md b/docs/container-images.md index 3821cd8c..dcc36973 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -92,6 +92,8 @@ These services are not part of our default installation, but can be enabled by [ - [anoa/matrix-reminder-bot](https://hub.docker.com/r/anoa/matrix-reminder-bot) - the [matrix-reminder-bot](https://github.com/anoadragon453/matrix-reminder-bot) bot for one-off & recurring reminders and alarms (optional) +- [moanos/matrix-registration-bot/](https://hub.docker.com/r/moanos/matrix-registration-bot/) - the [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) bot (manage registration tokens for invitations to the server) (optional) + - [dock.mau.dev/maubot/maubot](https://mau.dev/maubot/maubot/container_registry) - the [maubot](https://github.com/maubot/maubot) bot (a plugin-based Matrix bot system) (optional) - [etke.cc/honoroit](https://gitlab.com/etke.cc/honoroit/container_registry) - the [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot (optional) From 89bd25995a235ab30a1896e47b69c714b673c3b5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 20 Jul 2022 16:06:01 +0300 Subject: [PATCH 70/78] Upgrade Synapse (v1.63.0 -> v1.63.1) --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index faf9b3ef..e6138bba 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.63.0 +matrix_synapse_version: v1.63.1 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 592c88b021fa0f6ff14040808608dfd9676713b6 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 20 Jul 2022 16:52:03 +0000 Subject: [PATCH 71/78] Update Grafana 9.0.3 -> 9.0.4 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 3765a0e4..a1cd3273 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.0.3 +matrix_grafana_version: 9.0.4 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From db604f81ec38caeff0822d11982cf19b661d66c6 Mon Sep 17 00:00:00 2001 From: Simone Date: Wed, 20 Jul 2022 19:21:23 +0200 Subject: [PATCH 72/78] Upgrade heisenbridge 1.13.0 1.13.1 --- roles/matrix-bridge-heisenbridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/matrix-bridge-heisenbridge/defaults/main.yml index 68c5d75b..da74ed21 100644 --- a/roles/matrix-bridge-heisenbridge/defaults/main.yml +++ b/roles/matrix-bridge-heisenbridge/defaults/main.yml @@ -4,7 +4,7 @@ matrix_heisenbridge_enabled: true -matrix_heisenbridge_version: 1.13.0 +matrix_heisenbridge_version: 1.13.1 matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}" matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}" From 9e87f9d885d72e7ff95d98eb70379f1d45cd8538 Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Wed, 20 Jul 2022 12:10:34 -0600 Subject: [PATCH 73/78] Update configuring-well-known.md --- docs/configuring-well-known.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index d4a8dc7e..81caf04c 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -79,7 +79,7 @@ If you're managing the base domain by yourself somehow, you'll need to set up se To make things easy for you to set up, this playbook generates and hosts 2 well-known files on the Matrix domain's server. The files are generated at `/matrix/static-files/.well-known/matrix/` and hosted at `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`, even though this is the wrong place to host them. -You have 4 options when it comes to installing the files on the base domain's server: +You have 3 options when it comes to installing the files on the base domain's server: ### (Option 1): **Copying the files manually** to your base domain's server From 4155ed2518d781f18f2e3ecaf6f1f4b4b3d5b609 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 21 Jul 2022 11:23:57 +0300 Subject: [PATCH 74/78] Leave docker_image module calls unprefixed to increase compatibility Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1965 --- roles/matrix-bot-maubot/tasks/setup_install.yml | 4 ++-- roles/matrix-bot-maubot/tasks/setup_uninstall.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-maubot/tasks/setup_install.yml b/roles/matrix-bot-maubot/tasks/setup_install.yml index 50e48254..185a2988 100644 --- a/roles/matrix-bot-maubot/tasks/setup_install.yml +++ b/roles/matrix-bot-maubot/tasks/setup_install.yml @@ -26,7 +26,7 @@ mode: "u=rwx" - name: Ensure maubot image is pulled - community.docker.docker_image: + docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" force_source: "{{ matrix_bot_maubot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" @@ -49,7 +49,7 @@ when: "matrix_bot_maubot_container_image_self_build|bool" - name: Ensure maubot image is built - community.docker.docker_image: + docker_image: name: "{{ matrix_bot_maubot_docker_image }}" source: build force_source: "{{ matrix_bot_maubot_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" diff --git a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml index 8812eeed..0be7089c 100644 --- a/roles/matrix-bot-maubot/tasks/setup_uninstall.yml +++ b/roles/matrix-bot-maubot/tasks/setup_uninstall.yml @@ -31,6 +31,6 @@ state: absent - name: Ensure maubot Docker image doesn't exist - community.docker.docker_image: + docker_image: name: "{{ matrix_bot_maubot_docker_image }}" state: absent From db94653b425ee8418b0cabb3ff5ea925ad443a33 Mon Sep 17 00:00:00 2001 From: kleo Date: Thu, 21 Jul 2022 21:56:52 +0800 Subject: [PATCH 75/78] Borg backup provide ssh key example format --- docs/configuring-playbook-backup-borg.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 44c970af..3371a312 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -43,7 +43,13 @@ matrix_backup_borg_location_repositories: - USER@HOST:REPO matrix_backup_borg_storage_encryption_passphrase: "PASSPHRASE" matrix_backup_borg_ssh_key_private: | - PRIVATE KEY + -----BEGIN OPENSSH PRIVATE KEY----- + TG9yZW0gaXBzdW0gZG9sb3Igc2l0IGFtZXQsIGNvbnNlY3RldHVyIGFkaXBpc2NpbmcgZW + xpdCwgc2VkIGRvIGVpdXNtb2QgdGVtcG9yIGluY2lkaWR1bnQgdXQgbGFib3JlIGV0IGRv + bG9yZSBtYWduYSBhbGlxdWEuIFV0IGVuaW0gYWQgbWluaW0gdmVuaWFtLCBxdWlzIG5vc3 + RydWQgZXhlcmNpdGF0aW9uIHVsbGFtY28gbGFib3JpcyBuaXNpIHV0IGFsaXF1aXAgZXgg + ZWEgY29tbW9kbyBjb25zZXF1YXQuIA== + -----END OPENSSH PRIVATE KEY----- ``` where: From 57e8769c5ea735ba5feab3671e809610fb09a266 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 21 Jul 2022 17:07:06 +0300 Subject: [PATCH 76/78] Add hint about matrix_backup_borg_ssh_key_private indentation --- docs/configuring-playbook-backup-borg.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-backup-borg.md b/docs/configuring-playbook-backup-borg.md index 3371a312..41ca0156 100644 --- a/docs/configuring-playbook-backup-borg.md +++ b/docs/configuring-playbook-backup-borg.md @@ -58,7 +58,7 @@ where: * HOST - SSH host of a provider/server * REPO - borg repository name, it will be initialized on backup start, eg: `matrix` * PASSPHRASE - passphrase used for encrypting backups, you may generate it with `pwgen -s 64 1` or use any password manager -* PRIVATE KEY - the content of the **private** part of the SSH key you created before +* PRIVATE KEY - the content of the **private** part of the SSH key you created before. The whole key (all of its belonging lines) under `matrix_backup_borg_ssh_key_private` needs to be indented with 2 spaces To backup without encryption, add `matrix_backup_borg_encryption: 'none'` to your vars. This will also enable the `matrix_backup_borg_unknown_unencrypted_repo_access_is_ok` variable. From e05abfb9d1b52ed4a97354e64b68a0082ae76898 Mon Sep 17 00:00:00 2001 From: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Date: Thu, 21 Jul 2022 15:20:47 +0100 Subject: [PATCH 77/78] Fix link to maubot docs in README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8b19ef54..1df5801c 100644 --- a/README.md +++ b/README.md @@ -105,7 +105,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) for invitations by creating and managing registration tokens - see [docs/configuring-playbook-bot-matrix-registration-bot.md](docs/configuring-playbook-bot-matrix-registration-bot.md) for setup documentation -- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-matrix-maubot.md](docs/configuring-playbook-bot-matrix-maubot.md) for setup documentation +- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-maubot.md](docs/configuring-playbook-bot-maubot.md) for setup documentation - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation From d81a186f49e5d1976aa672e6e01dddd2afecb728 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 21 Jul 2022 17:26:48 +0300 Subject: [PATCH 78/78] matrix-maubot -> maubot --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1df5801c..47f67f4e 100644 --- a/README.md +++ b/README.md @@ -105,7 +105,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) [matrix-registration-bot](https://github.com/moan0s/matrix-registration-bot) for invitations by creating and managing registration tokens - see [docs/configuring-playbook-bot-matrix-registration-bot.md](docs/configuring-playbook-bot-matrix-registration-bot.md) for setup documentation -- (optional) [matrix-maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-maubot.md](docs/configuring-playbook-bot-maubot.md) for setup documentation +- (optional) [maubot](https://github.com/maubot/maubot) a plugin-based Matrix bot system - see [docs/configuring-playbook-bot-maubot.md](docs/configuring-playbook-bot-maubot.md) for setup documentation - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation