From 48f929dc918d277b7ea44b1e8afe385326e46cb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 00:32:00 +0200 Subject: [PATCH 1/6] add variables for secure_backup_required and secure_backup_setup_methods --- roles/matrix-base/defaults/main.yml | 10 ++++++++ .../static-files/well-known/matrix-client.j2 | 25 +++++++++++++++---- 2 files changed, 30 insertions(+), 5 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 3fbbd76e..5bd10014 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -67,6 +67,16 @@ matrix_client_element_jitsi_preferredDomain: '' # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md matrix_client_element_e2ee_default: true +# Controls whether Element should require a secure backup set up before Element can be used. +# Setting this to true will update `/.well-known/matrix/client` and tell Element require a secure backup. +# See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md +matrix_client_element_e2ee_backup_required: false + +# Controls which backup methods from ["key", "passphrase"] should be used, both is the default. +# Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use +# See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md +matrix_client_element_e2ee_backup_methods: [] + # The Docker network that all services would be put into matrix_docker_network: "matrix" diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index 6dc5ff23..b1879d92 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -26,12 +26,27 @@ "preferredDomain": {{ matrix_client_element_jitsi_preferredDomain|to_json }} } {% endif %} - {% if not matrix_client_element_e2ee_default %}, - "io.element.e2ee": { - "default": false + , + "io.element.e2ee": { + {% if not matrix_client_element_e2ee_default %} + "default": false + {% else %} + "default": true + {% endif %} + {% if matrix_client_element_e2ee_backup_required %}, + "secure_backup_required": true + {% else %} + "secure_backup_required": false + {% endif %} + {% if matrix_client_element_e2ee_backup_methods %}, + "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} + {% endif %} }, "im.vector.riot.e2ee": { - "default": false + {% if not matrix_client_element_e2ee_default %} + "default": false + {% else %} + "default": true + {% endif %} } - {% endif %} } From 65992043347f8ed0451aa1ae29ddd3d37c6730be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:20:22 +0200 Subject: [PATCH 2/6] fix commata not being set when secure_backup_required false --- .../templates/static-files/well-known/matrix-client.j2 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index b1879d92..14cbe71f 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -29,11 +29,11 @@ , "io.element.e2ee": { {% if not matrix_client_element_e2ee_default %} - "default": false + "default": false, {% else %} - "default": true + "default": true, {% endif %} - {% if matrix_client_element_e2ee_backup_required %}, + {% if matrix_client_element_e2ee_backup_required %} "secure_backup_required": true {% else %} "secure_backup_required": false From 4cfa11275544c447d9c848811535a32dc14a5a02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:44:04 +0200 Subject: [PATCH 3/6] update default backup_methods as proposed by the system anyway --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 5bd10014..cffb7b4a 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -75,7 +75,7 @@ matrix_client_element_e2ee_backup_required: false # Controls which backup methods from ["key", "passphrase"] should be used, both is the default. # Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_methods: [] +matrix_client_element_e2ee_backup_methods: [ "key", "passphrase" ] # The Docker network that all services would be put into matrix_docker_network: "matrix" From 8f7e21892d7facae416b3b4cd36857835fa6428b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:47:37 +0200 Subject: [PATCH 4/6] fix indentation, updated to proposed changes from Slavi: no more ifdef --- .../static-files/well-known/matrix-client.j2 | 24 ++++--------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index 14cbe71f..ecd5eaf9 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -27,26 +27,12 @@ } {% endif %} , - "io.element.e2ee": { - {% if not matrix_client_element_e2ee_default %} - "default": false, - {% else %} - "default": true, - {% endif %} - {% if matrix_client_element_e2ee_backup_required %} - "secure_backup_required": true - {% else %} - "secure_backup_required": false - {% endif %} - {% if matrix_client_element_e2ee_backup_methods %}, - "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} - {% endif %} + "io.element.e2ee": { + "default": {{ matrix_client_element_e2ee_default|to_json }}, + "secure_backup_required": {{ matrix_client_element_e2ee_backup_required|to_json }}, + "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} }, "im.vector.riot.e2ee": { - {% if not matrix_client_element_e2ee_default %} - "default": false - {% else %} - "default": true - {% endif %} + "default": {{ matrix_client_element_e2ee_default|to_json }} } } From 5158fa4df98ec2baf7a9c88b2e2c2d8924f093cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 08:50:16 +0200 Subject: [PATCH 5/6] e2ee_backup_methods: rather leave the default empty, so that the system default may apply --- roles/matrix-base/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index cffb7b4a..5bd10014 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -75,7 +75,7 @@ matrix_client_element_e2ee_backup_required: false # Controls which backup methods from ["key", "passphrase"] should be used, both is the default. # Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_methods: [ "key", "passphrase" ] +matrix_client_element_e2ee_backup_methods: [] # The Docker network that all services would be put into matrix_docker_network: "matrix" From 1cf5b1d80f626c7a1e54bd48fb1e31a1dd81618f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20K=C3=BCchel?= Date: Fri, 16 Oct 2020 09:24:50 +0200 Subject: [PATCH 6/6] e2ee_backup: rename variables to be consistent with naming scheme --- roles/matrix-base/defaults/main.yml | 4 ++-- .../templates/static-files/well-known/matrix-client.j2 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-base/defaults/main.yml b/roles/matrix-base/defaults/main.yml index 5bd10014..164509b7 100644 --- a/roles/matrix-base/defaults/main.yml +++ b/roles/matrix-base/defaults/main.yml @@ -70,12 +70,12 @@ matrix_client_element_e2ee_default: true # Controls whether Element should require a secure backup set up before Element can be used. # Setting this to true will update `/.well-known/matrix/client` and tell Element require a secure backup. # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_required: false +matrix_client_element_e2ee_secure_backup_required: false # Controls which backup methods from ["key", "passphrase"] should be used, both is the default. # Setting this to other then empty will update `/.well-known/matrix/client` and tell Element which method to use # See: https://github.com/vector-im/element-web/blob/develop/docs/e2ee.md -matrix_client_element_e2ee_backup_methods: [] +matrix_client_element_e2ee_secure_backup_setup_methods: [] # The Docker network that all services would be put into matrix_docker_network: "matrix" diff --git a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 index ecd5eaf9..a4356d1d 100644 --- a/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 +++ b/roles/matrix-base/templates/static-files/well-known/matrix-client.j2 @@ -29,8 +29,8 @@ , "io.element.e2ee": { "default": {{ matrix_client_element_e2ee_default|to_json }}, - "secure_backup_required": {{ matrix_client_element_e2ee_backup_required|to_json }}, - "secure_backup_setup_methods": {{ matrix_client_element_e2ee_backup_methods|to_json }} + "secure_backup_required": {{ matrix_client_element_e2ee_secure_backup_required|to_json }}, + "secure_backup_setup_methods": {{ matrix_client_element_e2ee_secure_backup_setup_methods|to_json }} }, "im.vector.riot.e2ee": { "default": {{ matrix_client_element_e2ee_default|to_json }}