From dc82c1a0e6c3214ecb8edea4a0de96d4f2bdadc8 Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Thu, 17 Mar 2022 17:21:18 +0100 Subject: [PATCH 01/20] Update IRC appservice bridge --- roles/matrix-bridge-appservice-irc/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-irc/defaults/main.yml b/roles/matrix-bridge-appservice-irc/defaults/main.yml index fa861308..5dfe3623 100644 --- a/roles/matrix-bridge-appservice-irc/defaults/main.yml +++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml @@ -8,7 +8,7 @@ matrix_appservice_irc_container_image_self_build: false matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git" matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src" -matrix_appservice_irc_version: release-0.32.1 +matrix_appservice_irc_version: release-0.33.0 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}" matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}" From 5ed23e81ef95f9377393a680c6987fa0ccf6ecc5 Mon Sep 17 00:00:00 2001 From: Kim Brose Date: Thu, 17 Mar 2022 18:37:37 +0100 Subject: [PATCH 02/20] Fix index in external_prometheus.yml.example.j2 For an unknown reason prometheus ignored the given "numeric" index and replaced it by 1. This made it not work properly, plus multiple workers of same types were not differentiable. With a "string" index, it works as intended. --- .../templates/prometheus/external_prometheus.yml.example.j2 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-nginx-proxy/templates/prometheus/external_prometheus.yml.example.j2 b/roles/matrix-nginx-proxy/templates/prometheus/external_prometheus.yml.example.j2 index 01a39ffa..cbb2e6f3 100644 --- a/roles/matrix-nginx-proxy/templates/prometheus/external_prometheus.yml.example.j2 +++ b/roles/matrix-nginx-proxy/templates/prometheus/external_prometheus.yml.example.j2 @@ -22,7 +22,7 @@ scrape_configs: - targets: ['{{ matrix_server_fqn_matrix }}:{{ matrix_nginx_proxy_container_https_host_bind_port if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_http_host_bind_port }}'] labels: job: "master" - index: 1 + index: "0" {% for worker in matrix_nginx_proxy_proxy_synapse_workers_enabled_list %} - job_name: 'synapse-{{ worker.type }}-{{ worker.instanceId }}' metrics_path: /_synapse-worker-{{ worker.type }}-{{ worker.instanceId }}/metrics @@ -36,5 +36,5 @@ scrape_configs: - targets: ['{{ matrix_server_fqn_matrix }}:{{ matrix_nginx_proxy_container_https_host_bind_port if matrix_nginx_proxy_https_enabled else matrix_nginx_proxy_container_http_host_bind_port }}'] labels: job: "{{ worker.type }}" - index: {{ worker.instanceId }} + index: "{{ worker.instanceId }}" {% endfor %} From 95cfbf02566bf15a1003fe021d4d215eb3a8202e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Thu, 17 Mar 2022 20:16:17 +0000 Subject: [PATCH 03/20] Switch mx-puppet-slack to the beeper fork (#1704) --- docs/configuring-playbook-bridge-mx-puppet-slack.md | 4 ++-- roles/matrix-bridge-mx-puppet-slack/defaults/main.yml | 10 ++++++---- .../tasks/setup_install.yml | 3 ++- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/docs/configuring-playbook-bridge-mx-puppet-slack.md b/docs/configuring-playbook-bridge-mx-puppet-slack.md index 0630270f..8db159d7 100644 --- a/docs/configuring-playbook-bridge-mx-puppet-slack.md +++ b/docs/configuring-playbook-bridge-mx-puppet-slack.md @@ -4,8 +4,8 @@ [matrix-appservice-slack](configuring-playbook-bridge-appservice-slack.md) bridge supported by the playbook. -The playbook can install and configure -[mx-puppet-slack](https://github.com/Sorunome/mx-puppet-slack) for you. +The playbook can install and configure [Beeper](https://www.beeper.com/)-maintained fork of +[mx-puppet-slack](https://gitlab.com/beeper/mx-puppet-monorepo) for you. See the project page to learn what it does and why it might be useful to you. diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index bf5c6dfa..bb92c1d8 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -1,6 +1,6 @@ --- # Mx Puppet Slack is a Matrix <-> Slack bridge -# See: https://github.com/Sorunome/mx-puppet-slack +# See: https://gitlab.com/beeper/mx-puppet-monorepo (originally based on https://github.com/Sorunome/mx-puppet-slack) matrix_mx_puppet_slack_enabled: true @@ -8,7 +8,9 @@ matrix_mx_puppet_slack_oauth_client_id: '' matrix_mx_puppet_slack_oauth_client_secret: '' matrix_mx_puppet_slack_container_image_self_build: false -matrix_mx_puppet_slack_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-slack.git" +matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo.git" +matrix_mx_puppet_slack_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_slack_version == 'latest' else matrix_mx_puppet_slack_version }}" +matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Dockerfile-slack" # Controls whether the mx-puppet-slack container exposes its HTTP port (tcp/8432 in the container). # @@ -16,8 +18,8 @@ matrix_mx_puppet_slack_container_image_self_build_repo: "https://github.com/Soru matrix_mx_puppet_slack_container_http_host_bind_port: '' matrix_mx_puppet_slack_version: latest -matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}sorunome/mx-puppet-slack:{{ matrix_mx_puppet_slack_version }}" -matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else matrix_container_global_registry_prefix }}" +matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}beeper/mx-puppet-monorepo/slack:{{ matrix_mx_puppet_slack_version }}" +matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}" matrix_mx_puppet_slack_base_path: "{{ matrix_base_data_path }}/mx-puppet-slack" diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml index 23301eab..b064ee83 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/setup_install.yml @@ -79,6 +79,7 @@ repo: "{{ matrix_mx_puppet_slack_container_image_self_build_repo }}" dest: "{{ matrix_mx_puppet_slack_docker_src_files_path }}" force: "yes" + version: "{{ matrix_mx_puppet_slack_container_image_self_build_version }}" register: matrix_mx_puppet_slack_git_pull_results when: "matrix_mx_puppet_slack_enabled|bool and matrix_mx_puppet_slack_container_image_self_build" @@ -89,7 +90,7 @@ force_source: "{{ matrix_mx_puppet_slack_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mx_puppet_slack_git_pull_results.changed }}" build: - dockerfile: Dockerfile + dockerfile: "{{ matrix_mx_puppet_slack_container_image_self_build_dockerfile_path }}" path: "{{ matrix_mx_puppet_slack_docker_src_files_path }}" pull: true when: "matrix_mx_puppet_slack_enabled|bool and matrix_mx_puppet_slack_container_image_self_build" From 5c34353d87b880ccdb7edb3ae62ab91532509d1f Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Fri, 18 Mar 2022 14:52:25 -0600 Subject: [PATCH 04/20] Update configuring-playbook-dimension.md --- docs/configuring-playbook-dimension.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-dimension.md b/docs/configuring-playbook-dimension.md index e4b04740..73a7fc0e 100644 --- a/docs/configuring-playbook-dimension.md +++ b/docs/configuring-playbook-dimension.md @@ -31,7 +31,7 @@ matrix_dimension_admins: - "@user2:{{ matrix_domain }}" ``` -Admin interface is accessible at `https://dimension./riot-app/admin` after logging in to element and opening it in any room via "Edit widgets, bridges & bots" and then clicking the "settings"-icon in the upper right corner. +The admin interface is accessible within Element by accessing it in any room and clicking the cog wheel/settings icon in the top right. Currently, Dimension can be opened in Element by the "Add widgets, bridges, & bots" link in the room information. ## Access token From b242559df50c0f23c35c83ecf83ec43b27c0c701 Mon Sep 17 00:00:00 2001 From: Kim Brose Date: Tue, 22 Mar 2022 12:56:04 +0100 Subject: [PATCH 05/20] add detailed docs about hookshot's URLs --- docs/configuring-playbook-bridge-hookshot.md | 21 +++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 0df0036b..f4cc232d 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -16,10 +16,29 @@ Refer to the [official instructions](https://matrix-org.github.io/matrix-hooksho 2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). 3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. -5. Refer to [Hookshot's official instructions](https://matrix-org.github.io/matrix-hookshot/usage.html) to start using the bridge. Note that the different listeners are bound to certain paths (see `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml)): by default webhooks root is `/hookshot/webhooks/`. +5. Refer to [Hookshot's official instructions](https://matrix-org.github.io/matrix-hookshot/usage.html) to start using the bridge. **Important:** Note that the different listeners are bound to certain paths which might differe from those assumed by the hookshot documentation, see [URLs for bridges setup](urls-for-bridges-setup) below. Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. +### URLs for bridges setup + +All of the following endpoints are reachable on your `matrix.` subdomain (if the feature is enabled). + +| Listener | default path | variable | used as | +|---|---|---|---| +| webhooks | `/hookshot/webhooks/` | `matrix_hookshot_webhook_endpoint` | GitHub "Webhook URL" | +| github oauth | `/hookshot/webhooks/oauth` | `matrix_hookshot_github_oauth_endpoint` | GitHub "Callback URL" | +| jira oauth | `/hookshot/webhooks/jira/oauth` | `matrix_hookshot_jira_oauth_endpoint` | JIRA OAuth | +| figma endpoint | `/hookshot/webhooks/figma/webhook` | `matrix_hookshot_figma_endpoint` | Figma | +| provisioning | `/hookshot/v1/` | `matrix_hookshot_provisioning_endpoint` | Dimension [provisioning](#provisioning-api) | +| appservice | `/hookshot/_matrix/app/` | `matrix_hookshot_appservice_endpoint` | GitHub "Webhook URL" | +| metrics | `/hookshot/metrics/` | `matrix_hookshot_metrics_endpoint` | Prometheus | +| widgets | | | not supported | + +See also `matrix_hookshot_matrix_nginx_proxy_configuration` in [init.yml](/roles/matrix-bridge-hookshot/tasks/init.yml). + +The different listeners are also reachable *internally* in the docker-network via the container's name (configured by `matrix_hookshot_container_url`) and on different ports (e.g. `matrix_hookshot_appservice_port`). Read [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) in detail for more info. + ### Manage GitHub Private Key with matrix-aux role The GitHub bridge requires you to install a private key file. This can be done in multiple ways: From 81d198b5b68fb2107f91563c0fa95cc490589d21 Mon Sep 17 00:00:00 2001 From: Kim Brose Date: Tue, 22 Mar 2022 12:59:12 +0100 Subject: [PATCH 06/20] !fixup add detailed docs about hookshot's URLs --- docs/configuring-playbook-bridge-hookshot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index f4cc232d..5639f159 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -31,7 +31,7 @@ All of the following endpoints are reachable on your `matrix.` subdomain (if the | jira oauth | `/hookshot/webhooks/jira/oauth` | `matrix_hookshot_jira_oauth_endpoint` | JIRA OAuth | | figma endpoint | `/hookshot/webhooks/figma/webhook` | `matrix_hookshot_figma_endpoint` | Figma | | provisioning | `/hookshot/v1/` | `matrix_hookshot_provisioning_endpoint` | Dimension [provisioning](#provisioning-api) | -| appservice | `/hookshot/_matrix/app/` | `matrix_hookshot_appservice_endpoint` | GitHub "Webhook URL" | +| appservice | `/hookshot/_matrix/app/` | `matrix_hookshot_appservice_endpoint` | Matrix server | | metrics | `/hookshot/metrics/` | `matrix_hookshot_metrics_endpoint` | Prometheus | | widgets | | | not supported | From 41f948c48bfebee0ece70386ad6be3ae3030c2d5 Mon Sep 17 00:00:00 2001 From: Peter Date: Tue, 22 Mar 2022 13:34:05 +0100 Subject: [PATCH 07/20] Update mautrix-whatsapp 0.2.4 -> 0.3.0 --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 68634746..6aae2015 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git" matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" -matrix_mautrix_whatsapp_version: v0.2.4 +matrix_mautrix_whatsapp_version: v0.3.0 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" From d04162b275386d7d754ca534a25a2b32606e150f Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 22 Mar 2022 19:35:21 +0200 Subject: [PATCH 08/20] Upgrade Synapse (1.54.0 -> 1.55.0) `roles/matrix-synapse/vars/workers.yml` has not been updated here, because running `roles/matrix-synapse/files/workers-doc-to-yaml.awk` seems to cause some trouble with the current `workers.md` file available at https://github.com/matrix-org/synapse/raw/master/docs/workers.md, namely lots of: > FIXME: ADDITIONAL CONDITIONS REQUIRED: to be enabled manually lines and commented out regex lines. This is something that remains to be investigated/fixed. --- roles/matrix-synapse/defaults/main.yml | 2 +- .../templates/synapse/homeserver.yaml.j2 | 42 ++++++++++++++++++- 2 files changed, 41 insertions(+), 3 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index c7be1b43..80f2781b 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.54.0 +matrix_synapse_version: v1.55.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 29986c2e..63e3b7ad 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1977,8 +1977,14 @@ saml2_config: # # localpart_template: Jinja2 template for the localpart of the MXID. # If this is not set, the user will be prompted to choose their -# own username (see 'sso_auth_account_details.html' in the 'sso' -# section of this file). +# own username (see the documentation for the +# 'sso_auth_account_details.html' template). This template can +# use the 'localpart_from_email' filter. +# +# confirm_localpart: Whether to prompt the user to validate (or +# change) the generated localpart (see the documentation for the +# 'sso_auth_account_details.html' template), instead of +# registering the account right away. # # display_name_template: Jinja2 template for the display name to set # on first login. If unset, no displayname will be set. @@ -3013,4 +3019,36 @@ redis: password: {{ matrix_synapse_redis_password }} +## Background Updates ## + +# Background updates are database updates that are run in the background in batches. +# The duration, minimum batch size, default batch size, whether to sleep between batches and if so, how long to +# sleep can all be configured. This is helpful to speed up or slow down the updates. +# +background_updates: + # How long in milliseconds to run a batch of background updates for. Defaults to 100. Uncomment and set + # a time to change the default. + # + #background_update_duration_ms: 500 + + # Whether to sleep between updates. Defaults to True. Uncomment to change the default. + # + #sleep_enabled: false + + # If sleeping between updates, how long in milliseconds to sleep for. Defaults to 1000. Uncomment + # and set a duration to change the default. + # + #sleep_duration_ms: 300 + + # Minimum size a batch of background updates can be. Must be greater than 0. Defaults to 1. Uncomment and + # set a size to change the default. + # + #min_batch_size: 10 + + # The batch size to use for the first iteration of a new background update. The default is 100. + # Uncomment and set a size to change the default. + # + #default_batch_size: 50 + + # vim:ft=yaml From 07e68d48de5e1795913a77d6b72601581af6f01f Mon Sep 17 00:00:00 2001 From: Catalan Lover <48515417+FSG-Cat@users.noreply.github.com> Date: Tue, 22 Mar 2022 20:37:40 +0100 Subject: [PATCH 09/20] Update Mjolnir from 1.3.2 to 1.4.1 --- roles/matrix-bot-mjolnir/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-mjolnir/defaults/main.yml b/roles/matrix-bot-mjolnir/defaults/main.yml index cfb0d06d..0093576c 100644 --- a/roles/matrix-bot-mjolnir/defaults/main.yml +++ b/roles/matrix-bot-mjolnir/defaults/main.yml @@ -4,7 +4,7 @@ matrix_bot_mjolnir_enabled: true -matrix_bot_mjolnir_version: "v1.3.2" +matrix_bot_mjolnir_version: "v1.4.1" matrix_bot_mjolnir_container_image_self_build: false matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git" From 97865484bd8d33b6c399f7326b8651a27a049499 Mon Sep 17 00:00:00 2001 From: pulmonarycosignerkindness <70479260+pulmonarycosignerkindness@users.noreply.github.com> Date: Wed, 23 Mar 2022 19:17:54 +0000 Subject: [PATCH 10/20] Update mjolnir antispam commit hash Changed the commit hash in matrix_synapse_ext_spam_checker_mjolnir_antispam_git_version to latest. Fixes a Synapse ImportError with mjolnir v1.4.1 leading to a Synapse crash-loop. --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 80f2781b..f028de98 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -525,7 +525,7 @@ matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeserve # See: https://github.com/matrix-org/mjolnir#synapse-module matrix_synapse_ext_spam_checker_mjolnir_antispam_enabled: false matrix_synapse_ext_spam_checker_mjolnir_antispam_git_repository_url: "https://github.com/matrix-org/mjolnir" -matrix_synapse_ext_spam_checker_mjolnir_antispam_git_version: "70f353fbbad0af469b1001080dea194d512b2815" +matrix_synapse_ext_spam_checker_mjolnir_antispam_git_version: "4008e3f65d3745b9307dd31f1c5aa80c13a61a58" matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_invites: true # Flag messages sent by servers/users in the ban lists as spam. Currently # this means that spammy messages will appear as empty to users. Default From 38f2dc45534e36d7bc6fc9f890c156699c29a864 Mon Sep 17 00:00:00 2001 From: joecool1029 Date: Thu, 24 Mar 2022 15:54:36 -0400 Subject: [PATCH 11/20] Synapse 1.55.0 -> Synapse 1.55.2 This is a minor hotfix, needs to be bumped though or new deploys will break (existing deploys not affected by bug). --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index f028de98..65ca3e10 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.55.0 +matrix_synapse_version: v1.55.2 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From 85627b59adc9e057d7988aba1ae28edaad830f73 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 26 Mar 2022 10:04:21 +0200 Subject: [PATCH 12/20] Make synapse-compress-state in-container binary path configurable This makes it easier to use another container image for rust-synapse-compress-state, which may be storing the binary at another path. --- roles/matrix-synapse/defaults/main.yml | 1 + .../tasks/rust-synapse-compress-state/compress_room.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 65ca3e10..0008de3d 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -624,6 +624,7 @@ matrix_synapse_rust_synapse_compress_state_docker_image: "devture/rust-synapse-c matrix_synapse_rust_synapse_compress_state_docker_image_force_pull: "{{ matrix_synapse_rust_synapse_compress_state_docker_image.endswith(':latest') }}" matrix_synapse_rust_synapse_compress_state_base_path: "{{ matrix_base_data_path }}/rust-synapse-compress-state" +matrix_synapse_rust_synapse_compress_state_synapse_compress_state_in_container_path: "/synapse-compress-state" # Default Synapse configuration template which covers the generic use case. diff --git a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml index 36ef0a3a..e1386c75 100644 --- a/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml +++ b/roles/matrix-synapse/tasks/rust-synapse-compress-state/compress_room.yml @@ -12,7 +12,7 @@ --network={{ matrix_docker_network }} --mount type=bind,src={{ matrix_synapse_rust_synapse_compress_state_base_path }},dst=/work {{ matrix_synapse_rust_synapse_compress_state_docker_image }} - /synapse-compress-state -t -o /work/state-compressor.sql + {{ matrix_synapse_rust_synapse_compress_state_synapse_compress_state_in_container_path }} -t -o /work/state-compressor.sql -p "host={{ matrix_synapse_database_host }} user={{ matrix_synapse_database_user }} password={{ matrix_synapse_database_password }} dbname={{ matrix_synapse_database_database }}" -r '{{ room_details.room_id }}' From dac4df738497018ea0b7f48ab8d464ae600ba012 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 26 Mar 2022 10:31:05 +0200 Subject: [PATCH 13/20] Add arm64 support for rust-synapse-compress-state by switching container image This switches the playbook from devture/rust-synapse-compress-state (a container image which wraps the upstream-prebuilt amd64 binary of rust-synapse-compress-state) to registry.gitlab.com/mb-saces/rust-synapse-compress-state (https://gitlab.com/mb-saces/rust-synapse-compress-state), which builds rust-synapse-compress-state from source and provides a multi-arch image that currently works on amd64 and arm64. Ideally, we'll stop using `:latest` and arm32 support will be made available upstream as well at some point. Discussed here: https://gitlab.com/mb-saces/rust-synapse-compress-state/-/issues/1 --- roles/matrix-synapse/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 0008de3d..4cba18fa 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -620,11 +620,11 @@ matrix_synapse_redaction_retention_period: 7d matrix_synapse_user_ips_max_age: 28d -matrix_synapse_rust_synapse_compress_state_docker_image: "devture/rust-synapse-compress-state:v0.1.0" +matrix_synapse_rust_synapse_compress_state_docker_image: "registry.gitlab.com/mb-saces/rust-synapse-compress-state:latest" matrix_synapse_rust_synapse_compress_state_docker_image_force_pull: "{{ matrix_synapse_rust_synapse_compress_state_docker_image.endswith(':latest') }}" matrix_synapse_rust_synapse_compress_state_base_path: "{{ matrix_base_data_path }}/rust-synapse-compress-state" -matrix_synapse_rust_synapse_compress_state_synapse_compress_state_in_container_path: "/synapse-compress-state" +matrix_synapse_rust_synapse_compress_state_synapse_compress_state_in_container_path: "/usr/local/bin/synapse_compress_state" # Default Synapse configuration template which covers the generic use case. From fc1e15baffc9782d61587cc4382f37f437989eaa Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Sat, 26 Mar 2022 12:09:42 +0100 Subject: [PATCH 14/20] Updated: to v0.3.1 --- roles/matrix-bridge-mautrix-googlechat/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml index 168d08f7..e334e8d6 100644 --- a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml @@ -7,7 +7,7 @@ matrix_mautrix_googlechat_enabled: true matrix_mautrix_googlechat_container_image_self_build: false matrix_mautrix_googlechat_container_image_self_build_repo: "https://github.com/mautrix/googlechat.git" -matrix_mautrix_googlechat_version: latest +matrix_mautrix_googlechat_version: v0.3.1 # See: https://mau.dev/mautrix/googlechat/container_registry matrix_mautrix_googlechat_docker_image: "{{ matrix_mautrix_googlechat_docker_image_name_prefix }}mautrix/googlechat:{{ matrix_mautrix_googlechat_version }}" matrix_mautrix_googlechat_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_googlechat_container_image_self_build else 'dock.mau.dev/' }}" From f29f51a54c4e58199cfc4a9da76eaf9798e4fd6e Mon Sep 17 00:00:00 2001 From: joecool1029 Date: Mon, 28 Mar 2022 13:52:44 -0400 Subject: [PATCH 15/20] Update Element 1.10.7 -> 1.10.8 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index edaa189c..c395efb7 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -9,7 +9,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.10.7 +matrix_client_element_version: v1.10.8 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 9b0323432351c4ee793ad81bccf4f8347204c8ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliv=C3=A9r=20Falvai?= Date: Tue, 29 Mar 2022 22:14:44 +0200 Subject: [PATCH 16/20] Fix Facebook presence config key --- roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 index 1f71286e..49c49be8 100644 --- a/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2 @@ -106,7 +106,9 @@ bridge: # If using this for other servers than the bridge's server, # you must also set the URL in the double_puppet_server_map. login_shared_secret_map: {{ matrix_mautrix_facebook_bridge_login_shared_secret_map|to_json }} - presence: {{ matrix_mautrix_facebook_bridge_presence|to_json }} + # Should presence from Facebook be bridged? This doesn't use the same API as the Android app, + # so it might be more suspicious to Facebook. + presence_from_facebook: {{ matrix_mautrix_facebook_bridge_presence|to_json }} # Whether or not to update avatars when syncing all contacts at startup. update_avatar_initial_sync: true # End-to-bridge encryption support options. These require matrix-nio to be installed with pip From 326b1090b75f9fab81b282db5becce35374cd084 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oliv=C3=A9r=20Falvai?= Date: Tue, 29 Mar 2022 22:26:29 +0200 Subject: [PATCH 17/20] Add note about Prometheus retention policy --- docs/configuring-playbook-prometheus-grafana.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/configuring-playbook-prometheus-grafana.md b/docs/configuring-playbook-prometheus-grafana.md index 892bffb2..f178def2 100644 --- a/docs/configuring-playbook-prometheus-grafana.md +++ b/docs/configuring-playbook-prometheus-grafana.md @@ -25,6 +25,8 @@ matrix_grafana_default_admin_password: "some_strong_password_chosen_by_you" By default, a [Grafana](https://grafana.com/) web user-interface will be available at `https://stats.`. +The retention policy of Prometheus metrics is [15 days by default](https://prometheus.io/docs/prometheus/latest/storage/#operational-aspects). Older data gets deleted automatically. + ## What does it do? From 0103d92df4a28bef7182e161ce3ca9cc4ff596f0 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 30 Mar 2022 09:02:17 +0300 Subject: [PATCH 18/20] Temporarily switch to Myned-maintained fork of mx-puppet-discord/mx-puppet-slack Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1719 We're using a pinned commit of this fork, which patches up the npm/yarn lock files, so that self-building of the Discord and Slack bridges can work after GitHub's deprecation of the `git://` and `ssh://` protocols (https://github.blog/2021-09-01-improving-git-protocol-security-github/). When the issue gets fixed in the Beeper fork (via https://gitlab.com/beeper/mx-puppet-monorepo/-/merge_requests/35 or otherwise), we'll get back on it. --- roles/matrix-bridge-mx-puppet-discord/defaults/main.yml | 4 ++-- roles/matrix-bridge-mx-puppet-slack/defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml index 52257689..03bac4e5 100644 --- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -11,7 +11,7 @@ matrix_mx_puppet_discord_enabled: true matrix_mx_puppet_discord_container_image_self_build: false -matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo" +matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/Myned/mx-puppet-monorepo" matrix_mx_puppet_discord_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_discord_version == 'latest' else matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "docker/Dockerfile-discord" @@ -20,7 +20,7 @@ matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "docker/Doc # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_discord_container_http_host_bind_port: '' -matrix_mx_puppet_discord_version: latest +matrix_mx_puppet_discord_version: 40f3142032bacec6333f4bbc051d5e30af88de9c matrix_mx_puppet_discord_docker_image: "{{ matrix_mx_puppet_discord_docker_image_name_prefix }}beeper/mx-puppet-monorepo/discord:{{ matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_discord_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_discord_docker_image_force_pull: "{{ matrix_mx_puppet_discord_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index bb92c1d8..63549bc4 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mx_puppet_slack_oauth_client_id: '' matrix_mx_puppet_slack_oauth_client_secret: '' matrix_mx_puppet_slack_container_image_self_build: false -matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo.git" +matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/Myned/mx-puppet-monorepo" matrix_mx_puppet_slack_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_slack_version == 'latest' else matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Dockerfile-slack" @@ -17,7 +17,7 @@ matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Docke # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_slack_container_http_host_bind_port: '' -matrix_mx_puppet_slack_version: latest +matrix_mx_puppet_slack_version: 40f3142032bacec6333f4bbc051d5e30af88de9c matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}beeper/mx-puppet-monorepo/slack:{{ matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}" From ea358e208c36ceabf2bd6441677c5fd026cdde3c Mon Sep 17 00:00:00 2001 From: Kim Brose Date: Wed, 30 Mar 2022 14:18:21 +0200 Subject: [PATCH 19/20] Upgrade Hookshot (1.2.0 -> 1.3.0) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index e6be626e..01dd43b0 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -5,7 +5,7 @@ matrix_hookshot_enabled: true -matrix_hookshot_version: 1.2.0 +matrix_hookshot_version: 1.3.0 matrix_hookshot_docker_image: "{{ matrix_container_global_registry_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_force_pull: "{{ matrix_hookshot_docker_image.endswith(':latest') }}" From 999c717cf452efc94ef72f125ec6c2aa1a7c43f4 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 31 Mar 2022 08:37:24 +0300 Subject: [PATCH 20/20] Revert "Temporarily switch to Myned-maintained fork of mx-puppet-discord/mx-puppet-slack" This reverts commit 0103d92df4a28bef7182e161ce3ca9cc4ff596f0. The same fix has now been merged upstream (https://gitlab.com/beeper/mx-puppet-monorepo/-/merge_requests/35), so we don't need to use a fork anymore. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1719 --- roles/matrix-bridge-mx-puppet-discord/defaults/main.yml | 4 ++-- roles/matrix-bridge-mx-puppet-slack/defaults/main.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml index 03bac4e5..52257689 100644 --- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -11,7 +11,7 @@ matrix_mx_puppet_discord_enabled: true matrix_mx_puppet_discord_container_image_self_build: false -matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/Myned/mx-puppet-monorepo" +matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo" matrix_mx_puppet_discord_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_discord_version == 'latest' else matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "docker/Dockerfile-discord" @@ -20,7 +20,7 @@ matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "docker/Doc # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_discord_container_http_host_bind_port: '' -matrix_mx_puppet_discord_version: 40f3142032bacec6333f4bbc051d5e30af88de9c +matrix_mx_puppet_discord_version: latest matrix_mx_puppet_discord_docker_image: "{{ matrix_mx_puppet_discord_docker_image_name_prefix }}beeper/mx-puppet-monorepo/discord:{{ matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_discord_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_discord_docker_image_force_pull: "{{ matrix_mx_puppet_discord_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index 63549bc4..bb92c1d8 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mx_puppet_slack_oauth_client_id: '' matrix_mx_puppet_slack_oauth_client_secret: '' matrix_mx_puppet_slack_container_image_self_build: false -matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/Myned/mx-puppet-monorepo" +matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo.git" matrix_mx_puppet_slack_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_slack_version == 'latest' else matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Dockerfile-slack" @@ -17,7 +17,7 @@ matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Docke # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_slack_container_http_host_bind_port: '' -matrix_mx_puppet_slack_version: 40f3142032bacec6333f4bbc051d5e30af88de9c +matrix_mx_puppet_slack_version: latest matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}beeper/mx-puppet-monorepo/slack:{{ matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}"