Merge branch 'master' into pub.solar

Update MSC1929 integration

.github/renovate.json

@@ -0,0 +1,14 @@
+{
+	"$schema": "https://docs.renovatebot.com/renovate-schema.json",
+	"extends": [
+		"config:base"
+	],
+	"regexManagers": [
+		{
+			"fileMatch": ["defaults/main.yml$"],
+			"matchStrings": [
+				"# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?(?:_version|_tag)\\s*:\\s*[\"']?(?<currentValue>.+?)[\"']?\\s"
+			]
+		}
+	]
+}

CHANGELOG.md

@@ -1,3 +1,16 @@
+# 2023-10-18
+
+## Postgres parameters are automatically tuned now
+
+The playbook has provided some hints about [Tuning PostgreSQL](docs/maintenance-postgres.md#tuning-postgresql) for quite a while now.
+
+From now on, the [Postgres Ansible role](https://github.com/devture/com.devture.ansible.role.postgres) automatically tunes your Postgres configuration with the same [calculation logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) that powers https://pgtune.leopard.in.ua/.
+
+Our [Tuning PostgreSQL](docs/maintenance-postgres.md#tuning-postgresql) documentation page has details about how you can turn auto-tuning off or adjust the automatically-determined Postgres configuration parameters manually.
+
+People who [enable load-balancing with Synapse workers](docs/configuring-playbook-synapse.md#load-balancing-with-workers) no longer need to increase the maximum number of Postgres connections manually (previously done via `devture_postgres_process_extra_arguments`). There's a new variable (`devture_postgres_max_connections`) for controlling this number and the playbook automatically raises its value from `200` to `500` for setups which enable workers.
+
+
 # 2023-08-31
 
 ## SchildiChat support

docs/ansible.md

@@ -65,7 +65,7 @@ docker run -it --rm \
 -w /work \
 -v `pwd`:/work \
 --entrypoint=/bin/sh \
-docker.io/devture/ansible:2.13.6-r0-3
+docker.io/devture/ansible:2.14.5-r0-0
 ```
 
 Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container.
@@ -86,7 +86,7 @@ docker run -it --rm \
 -v `pwd`:/work \
 -v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro \
 --entrypoint=/bin/sh \
-docker.io/devture/ansible:2.13.6-r0-3
+docker.io/devture/ansible:2.14.5-r0-0
 ```
 
 The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`).

docs/configuring-playbook-synapse-admin.md

@@ -15,7 +15,7 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.
 matrix_synapse_admin_enabled: true
 ```
 
-**Note**: Synapse Admin requires Synapse's [Admin APIs](https://github.com/matrix-org/synapse/tree/master/docs/admin_api) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, we **automatically** exposes them publicly for you (equivalent to `matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_admin_api_enabled: true`).
+**Note**: Synapse Admin requires Synapse's [Admin APIs](https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/index.html) to function. Access to them is restricted with a valid access token, so exposing them publicly should not be a real security concern. Still, for additional security, we normally leave them unexposed, following [official Synapse reverse-proxying recommendations](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints). Because Synapse Admin needs these APIs to function, when installing Synapse Admin, we **automatically** exposes them publicly for you (equivalent to `matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_admin_api_enabled: true`).
 
 
 ## Installing

docs/configuring-playbook-synapse.md

@@ -34,13 +34,7 @@ We support a few configuration presets (`matrix_synapse_workers_preset: one-of-e
 
 If you'd like more customization power, you can start with one of the presets and tweak various `matrix_synapse_workers_*_count` variables manually.
 
-If you increase worker counts too much, you may need to increase the maximum number of Postgres connections too (example):
-
-```yaml
-devture_postgres_process_extra_arguments: [
-  "-c 'max_connections=200'"
-]
-```
+When Synapse workers are enabled, the integrated [Postgres database is tuned](maintenance-postgres.md#tuning-postgresql), so that the maximum number of Postgres connections are increased from `200` to `500`. If you need to decrease or increase the number of maximum Postgres connections further, use the `devture_postgres_max_connections` variable.
 
 In case any problems occur, make sure to have a look at the [list of synapse issues about workers](https://github.com/matrix-org/synapse/issues?q=workers+in%3Atitle) and your `journalctl --unit 'matrix-*'`.
 

docs/configuring-playbook-turn.md

@@ -16,13 +16,24 @@ matrix_coturn_enabled: false
 In that case, Synapse would not point to any Coturn servers and audio/video call functionality may fail.
 
 ## Manually defining your public IP
+
 In the `hosts` file we explicitly ask for your server's external IP address when defining `ansible_host`, because the same value is used for configuring Coturn.
+
 If you'd rather use a local IP for `ansible_host`, make sure to set up `matrix_coturn_turn_external_ip_address` replacing `YOUR_PUBLIC_IP` with the pubic IP used by the server.
 
 ```yaml
 matrix_coturn_turn_external_ip_address: "YOUR_PUBLIC_IP"
 ```
 
+If you'd like to rely on external IP address auto-detection (not recommended unless you need it), set `matrix_coturn_turn_external_ip_address` to an empty value. The playbook will automatically contact an [EchoIP](https://github.com/mpolden/echoip)-compatible service (`https://ifconfig.co/json` by default) to determine your server's IP address. This API endpoint is configurable via the `matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url` variable.
+
+If your server has multiple external IP addresses, the Coturn role offers a different variable for specifying them:
+
+```yaml
+# Note: matrix_coturn_turn_external_ip_addresses is different than matrix_coturn_turn_external_ip_address
+matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']
+```
+
 ## Using your own external Coturn server
 
 If you'd like to use another TURN server (be it Coturn or some other one), you can configure the playbook like this:
@@ -49,4 +60,4 @@ jitsi_web_stun_servers:
 You can put multiple host/port combinations if you like.
 
 ## Further variables and configuration options
-To see all the available configuration options, check roles/custom/matrix-coturn/defaults/main.yml 
+To see all the available configuration options, check roles/custom/matrix-coturn/defaults/main.yml

docs/maintenance-postgres.md

@@ -87,7 +87,7 @@ This playbook can upgrade your existing Postgres setup with the following comman
 just run-tags upgrade-postgres
 ```
 
-**Warning: If you're using Borg Backup keep in mind that there is no official Postgres 15 support yet.**
+**Warning: If you're using Borg Backup keep in mind that there is no official Postgres 16 support yet.**
 
 **The old Postgres data directory is backed up** automatically, by renaming it to `/matrix/postgres/data-auto-upgrade-backup`.
 To rename to a different path, pass some extra flags to the command above, like this: `--extra-vars="postgres_auto_upgrade_backup_data_path=/another/disk/matrix-postgres-before-upgrade"`
@@ -106,63 +106,15 @@ Example: `--extra-vars="postgres_dump_name=matrix-postgres-dump.sql"`
 
 ## Tuning PostgreSQL
 
-PostgreSQL can be tuned to make it run faster. This is done by passing extra arguments to Postgres with the `devture_postgres_process_extra_arguments` variable. You should use a website like https://pgtune.leopard.in.ua/ or information from https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server to determine what Postgres settings you should change.
+PostgreSQL can be [tuned](https://wiki.postgresql.org/wiki/Tuning_Your_PostgreSQL_Server) to make it run faster. This is done by passing extra arguments to the Postgres process.
 
-**Note**: the configuration generator at https://pgtune.leopard.in.ua/ adds spaces around the `=` sign, which is invalid. You'll need to remove it manually (`max_connections = 300` -> `max_connections=300`)
+The [Postgres Ansible role](https://github.com/devture/com.devture.ansible.role.postgres) **already does some tuning by default**, which matches the [tuning logic](https://github.com/le0pard/pgtune/blob/master/src/features/configuration/configurationSlice.js) done by websites like https://pgtune.leopard.in.ua/.
+You can manually influence some of the tuning variables . These parameters (variables) are injected via the `devture_postgres_postgres_process_extra_arguments_auto` variable.
 
-### Here are some examples:
+Most users should be fine with the automatically-done tuning. However, you may wish to:
 
-These are not recommended values and they may not work well for you. This is just to give you an idea of some of the options that can be set. If you are an experienced PostgreSQL admin feel free to update this documentation with better examples.
+- **adjust the automatically-deterimned tuning parameters manually**: change the values for the tuning variables defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) (see `devture_postgres_max_connections`, `devture_postgres_data_storage` etc). These variables are ultimately passed to Postgres via a `devture_postgres_postgres_process_extra_arguments_auto` variable
 
-Here is an example config for a small 2 core server with 4GB of RAM and SSD storage:
-```
-devture_postgres_process_extra_arguments: [
-  "-c shared_buffers=128MB",
-  "-c effective_cache_size=2304MB",
-  "-c effective_io_concurrency=100",
-  "-c random_page_cost=2.0",
-  "-c min_wal_size=500MB",
-]
-```
+- **turn automatically-performed tuning off**: override it like this: `devture_postgres_postgres_process_extra_arguments_auto: []`
 
-Here is an example config for a 4 core server with 8GB of RAM on a Virtual Private Server (VPS); the paramters have been configured using https://pgtune.leopard.in.ua with the following setup: PostgreSQL version 12, OS Type: Linux, DB Type: Mixed type of application, Data Storage: SSD storage:
-```
-devture_postgres_process_extra_arguments: [
-  "-c max_connections=100",
-  "-c shared_buffers=2GB",
-  "-c effective_cache_size=6GB",
-  "-c maintenance_work_mem=512MB",
-  "-c checkpoint_completion_target=0.9",
-  "-c wal_buffers=16MB",
-  "-c default_statistics_target=100",
-  "-c random_page_cost=1.1",
-  "-c effective_io_concurrency=200",
-  "-c work_mem=5242kB",
-  "-c min_wal_size=1GB",
-  "-c max_wal_size=4GB",
-  "-c max_worker_processes=4",
-  "-c max_parallel_workers_per_gather=2",
-  "-c max_parallel_workers=4",
-  "-c max_parallel_maintenance_workers=2",
-]
-```
-
-Here is an example config for a large 6 core server with 24GB of RAM:
-```
-devture_postgres_process_extra_arguments: [
-  "-c max_connections=40",
-  "-c shared_buffers=1536MB",
-  "-c checkpoint_completion_target=0.7",
-  "-c wal_buffers=16MB",
-  "-c default_statistics_target=100",
-  "-c random_page_cost=1.1",
-  "-c effective_io_concurrency=100",
-  "-c work_mem=2621kB",
-  "-c min_wal_size=1GB",
-  "-c max_wal_size=4GB",
-  "-c max_worker_processes=6",
-  "-c max_parallel_workers_per_gather=3",
-  "-c max_parallel_workers=6",
-  "-c max_parallel_maintenance_workers=3",
-]
-```
+- **add additional tuning parameters**: define your additional Postgres configuration parameters in `devture_postgres_postgres_process_extra_arguments_custom`. See `devture_postgres_postgres_process_extra_arguments_auto` defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) for inspiration

docs/maintenance-synapse.md

@@ -72,8 +72,10 @@ You should then be able to browse the adminer database administration GUI at htt
 
 Synapse's presence feature which tracks which users are online and which are offline can use a lot of processing power. You can disable presence by adding `matrix_synapse_presence_enabled: false` to your `vars.yml` file.
 
+If you have enough compute resources (CPU & RAM), you can make Synapse better use of them by [enabling load-balancing with workers](configuring-playbook-synapse.md#load-balancing-with-workers).
+
 Tuning Synapse's cache factor can help reduce RAM usage. [See the upstream documentation](https://github.com/matrix-org/synapse#help-synapse-is-slow-and-eats-all-my-ram-cpu) for more information on what value to set the cache factor to. Use the variable `matrix_synapse_caches_global_factor` to set the cache factor.
 
-Tuning your PostgreSQL database will also make Synapse run significantly faster. See [maintenance-postgres.md##tuning-postgresql](maintenance-postgres.md##tuning-postgresql).
+[Tuning your PostgreSQL database](maintenance-postgres.md#tuning-postgresql) could also improve Synapse performance. The playbook tunes the integrated Postgres database automatically, but based on your needs you may wish to adjust tuning variables manually. If you're using an [external Postgres database](configuring-playbook-external-postgres.md), you will aslo need to tune Postgres manually.
 
 See also [How do I optimize this setup for a low-power server?](faq.md#how-do-i-optimize-this-setup-for-a-low-power-server).

examples/vars.yml

@@ -41,3 +41,19 @@ devture_traefik_config_certificatesResolvers_acme_email: ''
 # The playbook creates additional Postgres users and databases (one for each enabled service)
 # using this superuser account.
 devture_postgres_connection_password: ''
+
+# By default, we configure Coturn's external IP address using the value specified for `ansible_host` in your `inventory/hosts` file.
+# If this value is an external IP address, you can skip this section.
+#
+# If `ansible_host` is not the server's external IP address, you have 2 choices:
+# 1. Uncomment the line below, to allow IP address auto-detection to happen (more on this below)
+# 2. Uncomment and adjust the line below to specify an IP address manually
+#
+# By default, auto-detection will be attempted using the `https://ifconfig.co/json` API.
+# Default values for this are specified in `matrix_coturn_turn_external_ip_address_auto_detection_*` variables in the Coturn role
+# (see `roles/custom/matrix-coturn/defaults/main.yml`).
+#
+# If your server has multiple IP addresses, you may define them in another variable which allows a list of addresses.
+# Example: `matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']`
+#
+# matrix_coturn_turn_external_ip_address: ''

group_vars/matrix_servers

@@ -2245,6 +2245,9 @@ matrix_coturn_enabled: true
 
 matrix_coturn_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}"
 
+# We make the assumption that `ansible_host` points to an external IP address, which may not always be the case.
+# Users are free to set `matrix_coturn_turn_external_ip_address` to an empty string
+# to allow auto-detection (via an EchoIP service) to happen at runtime.
 matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"
 
 matrix_coturn_turn_static_auth_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'coturn.sas', rounds=655555) | to_uuid }}"
@@ -2961,6 +2964,8 @@ devture_postgres_db_name: matrix
 
 devture_postgres_systemd_services_to_stop_for_maintenance_list_auto: "{{ devture_systemd_service_manager_services_list_auto | map(attribute='name') | reject('equalto', (devture_postgres_identifier + '.service')) }}"
 
+devture_postgres_max_connections: "{{ 500 if matrix_synapse_workers_enabled else 200 }}"
+
 devture_postgres_managed_databases_auto: |
   {{
     ([{

requirements.yml

@@ -4,7 +4,7 @@
   version: v1.0.0-1
   name: auxiliary
 - src: git+https://gitlab.com/etke.cc/roles/backup_borg.git
-  version: v1.2.6-1.8.2-0
+  version: v1.2.6-1.8.3-0
 - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git
   version: v0.1.1-2
 - src: git+https://github.com/devture/com.devture.ansible.role.docker_sdk_for_python.git
@@ -16,7 +16,7 @@
 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_state_preserver.git
   version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
 - src: git+https://github.com/devture/com.devture.ansible.role.postgres.git
-  version: v16.0-5
+  version: v16.0-8
 - src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git
   version: a0cc7c1c696872ba8880d9c5e5a54098de825030
 - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
@@ -26,7 +26,7 @@
 - src: git+https://github.com/devture/com.devture.ansible.role.timesync.git
   version: v1.0.0-0
 - src: git+https://github.com/devture/com.devture.ansible.role.traefik.git
-  version: v2.10.4-1
+  version: v2.10.5-0
 - src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git
   version: v2.8.1-0
 - src: git+https://gitlab.com/etke.cc/roles/etherpad.git
@@ -35,17 +35,18 @@
   version: 7.0.1
   name: geerlingguy.docker
 - src: git+https://gitlab.com/etke.cc/roles/grafana.git
-  version: v10.1.4-0
+  version: v10.1.5-0
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
   version: v8960-1
   name: jitsi
 - src: git+https://gitlab.com/etke.cc/roles/ntfy.git
   version: v2.7.0-2
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
-  version: v2.47.1-0
+  version: v2.47.2-0
   name: prometheus
-- src: git+https://gitlab.com/etke.cc/roles/prometheus_node_exporter.git
+- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
   version: v1.6.1-0
+  name: prometheus_node_exporter
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
   version: v0.14.0-0
   name: prometheus_postgres_exporter

roles/custom/matrix-base/templates/static-files/well-known/matrix-support.j2

@@ -1,6 +1,6 @@
 #jinja2: lstrip_blocks: "True"
 {
-    "admins": {{ matrix_homeserver_admin_contacts|to_json }}
+    "contacts": {{ matrix_homeserver_admin_contacts|to_json }}
     {% if matrix_homeserver_support_url %},
         "support_page": {{ matrix_homeserver_support_url|to_json }}
     {% endif %}

roles/custom/matrix-bot-buscarron/defaults/main.yml

@@ -5,6 +5,7 @@
 
 matrix_bot_buscarron_enabled: true
 
+# renovate: datasource=docker depName=registry.gitlab.com/etke.cc/buscarron
 matrix_bot_buscarron_version: v1.3.1
 
 # The hostname at which Buscarron is served.

roles/custom/matrix-bot-chatgpt/defaults/main.yml

@@ -4,6 +4,7 @@
 
 matrix_bot_chatgpt_enabled: true
 
+# renovate: datasource=docker depName=ghcr.io/matrixgpt/matrix-chatgpt-bot
 matrix_bot_chatgpt_version: 3.1.2
 
 matrix_bot_chatgpt_container_image_self_build: false

roles/custom/matrix-bot-draupnir/defaults/main.yml

@@ -4,6 +4,7 @@
 
 matrix_bot_draupnir_enabled: true
 
+# renovate: datasource=docker depName=gnuxie/draupnir
 matrix_bot_draupnir_version: "v1.85.1"
 
 matrix_bot_draupnir_container_image_self_build: false

roles/custom/matrix-bot-go-neb/defaults/main.yml

@@ -5,6 +5,7 @@
 
 matrix_bot_go_neb_enabled: true
 
+# renovate: datasource=docker depName=matrixdotorg/go-neb
 matrix_bot_go_neb_version: latest
 
 matrix_bot_go_neb_scheme: https

roles/custom/matrix-bot-honoroit/defaults/main.yml

@@ -20,6 +20,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git"
 matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}"
 matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
 
+# renovate: datasource=docker depName=registry.gitlab.com/etke.cc/honoroit
 matrix_bot_honoroit_version: v0.9.19
 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}etke.cc/honoroit:{{ matrix_bot_honoroit_version }}"
 matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/' }}"

roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_bot_matrix_registration_bot_docker_repo: "https://github.com/moan0s/matri
 matrix_bot_matrix_registration_bot_docker_repo_version: "{{ 'main' if matrix_bot_matrix_registration_bot_version == 'latest' else ('v' + matrix_bot_matrix_registration_bot_version) }}"
 matrix_bot_matrix_registration_bot_docker_src_files_path: "{{ matrix_bot_matrix_registration_bot_base_path }}/docker-src"
 
+# renovate: datasource=docker depName=moanos/matrix-registration-bot
 matrix_bot_matrix_registration_bot_version: 1.3.0
 matrix_bot_matrix_registration_bot_docker_iteration: 0
 matrix_bot_matrix_registration_bot_docker_tag: "{{ matrix_bot_matrix_registration_bot_version }}-{{ matrix_bot_matrix_registration_bot_docker_iteration}}"

roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml

@@ -9,6 +9,7 @@ matrix_bot_matrix_reminder_bot_docker_repo: "https://github.com/anoadragon453/ma
 matrix_bot_matrix_reminder_bot_docker_repo_version: "{{ matrix_bot_matrix_reminder_bot_version }}"
 matrix_bot_matrix_reminder_bot_docker_src_files_path: "{{ matrix_base_data_path }}/matrix-reminder-bot/docker-src"
 
+# renovate: datasource=docker depName=anoa/matrix-reminder-bot
 matrix_bot_matrix_reminder_bot_version: release-v0.2.1
 matrix_bot_matrix_reminder_bot_docker_image: "{{ matrix_container_global_registry_prefix }}anoa/matrix-reminder-bot:{{ matrix_bot_matrix_reminder_bot_version }}"
 matrix_bot_matrix_reminder_bot_docker_image_force_pull: "{{ matrix_bot_matrix_reminder_bot_docker_image.endswith(':latest') }}"

roles/custom/matrix-bot-maubot/defaults/main.yml

@@ -10,6 +10,7 @@ matrix_bot_maubot_docker_src_files_path: "{{ matrix_bot_maubot_base_path }}/dock
 matrix_bot_maubot_docker_repo_version: "{{ 'master' if matrix_bot_maubot_version == 'latest' else matrix_bot_maubot_version }}"
 
 
+# renovate: datasource=docker depName=dock.mau.dev/maubot/maubot
 matrix_bot_maubot_version: v0.4.2
 matrix_bot_maubot_docker_image: "{{ matrix_bot_maubot_docker_image_name_prefix }}maubot/maubot:{{ matrix_bot_maubot_version }}"
 matrix_bot_maubot_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_maubot_container_image_self_build else 'dock.mau.dev/' }}"

roles/custom/matrix-bot-mjolnir/defaults/main.yml

@@ -4,6 +4,7 @@
 
 matrix_bot_mjolnir_enabled: true
 
+# renovate: datasource=docker depName=matrixdotorg/mjolnir
 matrix_bot_mjolnir_version: "v1.6.4"
 
 matrix_bot_mjolnir_container_image_self_build: false

roles/custom/matrix-bot-postmoogle/defaults/main.yml

@@ -9,6 +9,7 @@ matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git"
 matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}"
 matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src"
 
+# renovate: datasource=docker depName=registry.gitlab.com/etke.cc/postmoogle
 matrix_bot_postmoogle_version: v0.9.16
 matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}etke.cc/postmoogle:{{ matrix_bot_postmoogle_version }}"
 matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/' }}"

roles/custom/matrix-bridge-appservice-discord/defaults/main.yml

@@ -5,6 +5,7 @@
 matrix_appservice_discord_enabled: false
 matrix_appservice_discord_container_image_self_build: false
 
+# renovate: datasource=docker depName=ghcr.io/matrix-org/matrix-appservice-discord
 matrix_appservice_discord_version: v4.0.0
 matrix_appservice_discord_docker_image: "{{ matrix_appservice_discord_docker_image_name_prefix }}matrix-org/matrix-appservice-discord:{{ matrix_appservice_discord_version }}"
 matrix_appservice_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_appservice_discord_container_image_self_build else 'ghcr.io/' }}"

roles/custom/matrix-bridge-appservice-irc/defaults/main.yml

@@ -11,6 +11,7 @@ matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appser
 
 # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`).
 # It's a bare version number now. We try to somewhat retain compatibility below.
+# renovate: datasource=docker depName=docker.io/matrixdotorg/matrix-appservice-irc
 matrix_appservice_irc_version: 1.0.1
 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}"
 matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}"

roles/custom/matrix-bridge-appservice-slack/defaults/main.yml

@@ -11,6 +11,7 @@ matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/apps
 
 # matrix_appservice_slack_version used to contain the full Docker image tag (e.g. `release-X.X.X`).
 # It's a bare version number now. We try to somewhat retain compatibility below.
+# renovate: datasource=docker depName=docker.io/matrixdotorg/matrix-appservice-slack
 matrix_appservice_slack_version: 2.1.2
 matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_docker_image_tag }}"
 matrix_appservice_slack_docker_image_tag: "{{ 'latest' if matrix_appservice_slack_version == 'latest' else ('release-' + matrix_appservice_slack_version) }}"

roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml

@@ -4,6 +4,7 @@
 
 matrix_beeper_linkedin_enabled: true
 
+# renovate: datasource=docker depName=ghcr.io/beeper/linkedin
 matrix_beeper_linkedin_version: latest
 
 # See: https://github.com/beeper/linkedin/pkgs/container/linkedin

roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_go_skype_bridge_container_image_self_build: false
 matrix_go_skype_bridge_container_image_self_build_repo: "https://github.com/kelaresg/go-skype-bridge.git"
 matrix_go_skype_bridge_container_image_self_build_branch: "{{ 'master' if matrix_go_skype_bridge_version == 'latest' else matrix_go_skype_bridge_version }}"
 
+# renovate: datasource=docker depName=nodefyme/go-skype-bridge
 matrix_go_skype_bridge_version: latest
 matrix_go_skype_bridge_docker_image: "{{ matrix_go_skype_bridge_docker_image_name_prefix }}nodefyme/go-skype-bridge:{{ matrix_go_skype_bridge_version }}"
 matrix_go_skype_bridge_docker_image_name_prefix: "{{ 'localhost/' if matrix_go_skype_bridge_container_image_self_build else matrix_container_global_registry_prefix }}"

roles/custom/matrix-bridge-heisenbridge/defaults/main.yml

@@ -4,6 +4,7 @@
 
 matrix_heisenbridge_enabled: true
 
+# renovate: datasource=docker depName=hif1/heisenbridge
 matrix_heisenbridge_version: 1.14.5
 matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}"
 matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}"

roles/custom/matrix-bridge-hookshot/defaults/main.yml

@@ -10,6 +10,7 @@ matrix_hookshot_container_image_self_build: false
 matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git"
 matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}"
 
+# renovate: datasource=docker depName=halfshot/matrix-hookshot
 matrix_hookshot_version: 4.5.1
 
 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"

roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml

@@ -8,7 +8,9 @@ matrix_mautrix_discord_container_image_self_build: false
 matrix_mautrix_discord_container_image_self_build_repo: "https://mau.dev/mautrix/discord.git"
 matrix_mautrix_discord_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_discord_version == 'latest' else matrix_mautrix_discord_version }}"
 
-matrix_mautrix_discord_version: v0.6.2
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/discord
+matrix_mautrix_discord_version: v0.6.3
+
 # See: https://mau.dev/mautrix/discord/container_registry
 matrix_mautrix_discord_docker_image: "{{ matrix_mautrix_discord_docker_image_name_prefix }}mautrix/discord:{{ matrix_mautrix_discord_version }}"
 matrix_mautrix_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_discord_container_image_self_build else 'dock.mau.dev/' }}"

roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml

@@ -7,6 +7,7 @@ matrix_mautrix_facebook_enabled: true
 matrix_mautrix_facebook_container_image_self_build: false
 matrix_mautrix_facebook_container_image_self_build_repo: "https://mau.dev/mautrix/facebook.git"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/facebook
 matrix_mautrix_facebook_version: v0.5.1
 matrix_mautrix_facebook_docker_image: "{{ matrix_mautrix_facebook_docker_image_name_prefix }}mautrix/facebook:{{ matrix_mautrix_facebook_version }}"
 matrix_mautrix_facebook_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_facebook_container_image_self_build else 'dock.mau.dev/' }}"

roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml

@@ -8,7 +8,9 @@ matrix_mautrix_gmessages_container_image_self_build: false
 matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/mautrix/gmessages.git"
 matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}"
 
-matrix_mautrix_gmessages_version: v0.2.0
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages
+matrix_mautrix_gmessages_version: v0.2.1
+
 # See: https://mau.dev/mautrix/gmessages/container_registry
 matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_name_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}"
 matrix_mautrix_gmessages_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_gmessages_container_image_self_build else 'dock.mau.dev/' }}"

roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_mautrix_googlechat_container_image_self_build: false
 matrix_mautrix_googlechat_container_image_self_build_repo: "https://github.com/mautrix/googlechat.git"
 matrix_mautrix_googlechat_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_googlechat_version == 'latest' else matrix_mautrix_googlechat_version }}"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/googlechat
 matrix_mautrix_googlechat_version: v0.5.1
 # See: https://mau.dev/mautrix/googlechat/container_registry
 matrix_mautrix_googlechat_docker_image: "{{ matrix_mautrix_googlechat_docker_image_name_prefix }}mautrix/googlechat:{{ matrix_mautrix_googlechat_version }}"

roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_mautrix_hangouts_container_image_self_build: false
 matrix_mautrix_hangouts_container_image_self_build_repo: "https://github.com/mautrix/hangouts.git"
 matrix_mautrix_hangouts_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_hangouts_version == 'latest' else matrix_mautrix_googlechat_version }}"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/hangouts
 matrix_mautrix_hangouts_version: latest
 # See: https://mau.dev/mautrix/hangouts/container_registry
 matrix_mautrix_hangouts_docker_image: "{{ matrix_mautrix_hangouts_docker_image_name_prefix }}mautrix/hangouts:{{ matrix_mautrix_hangouts_version }}"

roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_mautrix_instagram_container_image_self_build: false
 matrix_mautrix_instagram_container_image_self_build_repo: "https://github.com/mautrix/instagram.git"
 matrix_mautrix_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_instagram_version == 'latest' else matrix_mautrix_instagram_version }}"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/instagram
 matrix_mautrix_instagram_version: v0.3.1
 # See: https://mau.dev/tulir/mautrix-instagram/container_registry
 matrix_mautrix_instagram_docker_image: "{{ matrix_mautrix_instagram_docker_image_name_prefix }}mautrix/instagram:{{ matrix_mautrix_instagram_version }}"

roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml

@@ -9,7 +9,9 @@ matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git"
 matrix_mautrix_signal_docker_repo_version: "{{ 'master' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
 matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
 matrix_mautrix_signal_version: v0.4.3
+# renovate: datasource=docker depName=signald/signald
 matrix_mautrix_signal_daemon_version: 0.23.2
 # See: https://mau.dev/mautrix/signal/container_registry
 matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_version }}"

roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_mautrix_slack_container_image_self_build: false
 matrix_mautrix_slack_container_image_self_build_repo: "https://mau.dev/mautrix/slack.git"
 matrix_mautrix_slack_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_slack_version == 'latest' else matrix_mautrix_slack_version }}"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/slack
 matrix_mautrix_slack_version: latest
 # See: https://mau.dev/mautrix/slack/container_registry
 matrix_mautrix_slack_docker_image: "{{ matrix_mautrix_slack_docker_image_name_prefix }}mautrix/slack:{{ matrix_mautrix_slack_version }}"

roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml

@@ -17,6 +17,7 @@ matrix_mautrix_telegram_docker_repo: "https://mau.dev/mautrix/telegram.git"
 matrix_mautrix_telegram_docker_repo_version: "{{ 'master' if matrix_mautrix_telegram_version == 'latest' else matrix_mautrix_telegram_version }}"
 matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/telegram
 matrix_mautrix_telegram_version: v0.14.2
 # See: https://mau.dev/mautrix/telegram/container_registry
 matrix_mautrix_telegram_docker_image: "{{ matrix_mautrix_telegram_docker_image_name_prefix }}mautrix/telegram:{{ matrix_mautrix_telegram_version }}"

roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_mautrix_twitter_container_image_self_build: false
 matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/mautrix/twitter.git"
 matrix_mautrix_twitter_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_twitter_version == 'latest' else matrix_mautrix_twitter_version }}"
 
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/twitter
 matrix_mautrix_twitter_version: v0.1.7
 # See: https://mau.dev/tulir/mautrix-twitter/container_registry
 matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}"

roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml

@@ -8,7 +8,9 @@ matrix_mautrix_whatsapp_container_image_self_build: false
 matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
 matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
 
-matrix_mautrix_whatsapp_version: v0.10.2
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp
+matrix_mautrix_whatsapp_version: v0.10.3
+
 # See: https://mau.dev/mautrix/whatsapp/container_registry
 matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
 matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}"

roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml

@@ -127,6 +127,7 @@ matrix_mautrix_imessage_registration_yaml: |
 matrix_mautrix_imessage_registration: "{{ matrix_mautrix_imessage_registration_yaml|from_yaml }}"
 
 # Syncproxy-related configuration fields
+# renovate: datasource=docker depName=dock.mau.dev/mautrix/syncproxy
 matrix_mautrix_wsproxy_syncproxy_version: latest
 # See: https://mau.dev/mautrix/wsproxy/container_registry
 matrix_mautrix_wsproxy_syncproxy_docker_image: "dock.mau.dev/mautrix/syncproxy:{{ matrix_mautrix_wsproxy_syncproxy_version }}"

roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml

@@ -14,6 +14,7 @@ matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "Dockerfile
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
 matrix_mx_puppet_discord_container_http_host_bind_port: ''
 
+# renovate: datasource=docker depName=registry.gitlab.com/mx-puppet/discord/mx-puppet-discord
 matrix_mx_puppet_discord_version: v0.1.1
 matrix_mx_puppet_discord_docker_image: "{{ matrix_mx_puppet_discord_docker_image_name_prefix }}mx-puppet/discord/mx-puppet-discord:{{ matrix_mx_puppet_discord_version }}"
 matrix_mx_puppet_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_discord_container_image_self_build else 'registry.gitlab.com/' }}"

roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_mx_puppet_instagram_container_image_self_build: false
 matrix_mx_puppet_instagram_container_image_self_build_repo: "https://github.com/Sorunome/mx-puppet-instagram.git"
 matrix_mx_puppet_instagram_container_image_self_build_repo_version: "{{ 'master' if matrix_mx_puppet_instagram_version == 'latest' else matrix_mx_puppet_instagram_version }}"
 
+# renovate: datasource=docker depName=sorunome/mx-puppet-instagram
 matrix_mx_puppet_instagram_version: latest
 matrix_mx_puppet_instagram_docker_image: "{{ matrix_mx_puppet_instagram_docker_image_name_prefix }}sorunome/mx-puppet-instagram:{{ matrix_mx_puppet_instagram_version }}"
 matrix_mx_puppet_instagram_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_instagram_container_image_self_build else matrix_container_global_registry_prefix }}"

roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml

@@ -17,6 +17,7 @@ matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "Dockerfile"
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
 matrix_mx_puppet_slack_container_http_host_bind_port: ''
 
+# renovate: datasource=docker depName=registry.gitlab.com/mx-puppet/slack/mx-puppet-slack
 matrix_mx_puppet_slack_version: v0.1.2
 matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}mx-puppet/slack/mx-puppet-slack:{{ matrix_mx_puppet_slack_version }}"
 matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}"

roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml

@@ -13,6 +13,7 @@ matrix_mx_puppet_steam_container_image_self_build_repo_version: "{{ 'master' if
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
 matrix_mx_puppet_steam_container_http_host_bind_port: ''
 
+# renovate: datasource=docker depName=icewind1991/mx-puppet-steam
 matrix_mx_puppet_steam_version: latest
 matrix_mx_puppet_steam_docker_image: "{{ matrix_mx_puppet_steam_docker_image_name_prefix }}icewind1991/mx-puppet-steam:{{ matrix_mx_puppet_steam_version }}"
 matrix_mx_puppet_steam_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_steam_container_image_self_build else matrix_container_global_registry_prefix }}"

roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml

@@ -13,6 +13,7 @@ matrix_mx_puppet_twitter_container_image_self_build_repo: "https://github.com/So
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8432"), or empty string to not expose.
 matrix_mx_puppet_twitter_container_http_host_bind_port: ''
 
+# renovate: datasource=docker depName=sorunome/mx-puppet-twitter
 matrix_mx_puppet_twitter_version: latest
 matrix_mx_puppet_twitter_docker_image: "{{ matrix_mx_puppet_twitter_docker_image_name_prefix }}sorunome/mx-puppet-twitter:{{ matrix_mx_puppet_twitter_version }}"
 matrix_mx_puppet_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_twitter_container_image_self_build else matrix_container_global_registry_prefix }}"

roles/custom/matrix-bridge-sms/defaults/main.yml

@@ -4,7 +4,8 @@
 
 matrix_sms_bridge_enabled: true
 
-matrix_sms_bridge_version: 0.5.7
+# renovate: datasource=docker depName=folivonet/matrix-sms-bridge
+matrix_sms_bridge_version: 0.5.8
 matrix_sms_bridge_docker_image: "{{ matrix_container_global_registry_prefix }}folivonet/matrix-sms-bridge:{{ matrix_sms_bridge_version }}"
 
 matrix_sms_bridge_base_path: "{{ matrix_base_data_path }}/matrix-sms-bridge"

roles/custom/matrix-cactus-comments/defaults/main.yml

@@ -27,6 +27,7 @@ matrix_cactus_comments_tmp_directory_size_mb: 1
 
 matrix_cactus_comments_container_port: 5000
 
+# renovate: datasource=docker depName=cactuscomments/cactus-appservice
 matrix_cactus_comments_version: 0.9.0
 matrix_cactus_comments_docker_image: "{{ matrix_container_global_registry_prefix }}cactuscomments/cactus-appservice:{{ matrix_cactus_comments_version }}"
 matrix_cactus_comments_docker_image_force_pull: "{{ matrix_cactus_comments_docker_image.endswith(':latest') }}"

roles/custom/matrix-client-cinny/defaults/main.yml

@@ -6,6 +6,7 @@ matrix_client_cinny_enabled: true
 matrix_client_cinny_container_image_self_build: false
 matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git"
 
+# renovate: datasource=docker depName=ajbura/cinny
 matrix_client_cinny_version: v2.2.6
 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}"
 matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}"

roles/custom/matrix-client-element/defaults/main.yml

@@ -10,7 +10,9 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto
 # - https://github.com/vector-im/element-web/issues/19544
 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
 
-matrix_client_element_version: v1.11.45
+# renovate: datasource=docker depName=vectorim/element-web
+matrix_client_element_version: v1.11.46
+
 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
 matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
 matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}"

roles/custom/matrix-client-hydrogen/defaults/main.yml

@@ -6,6 +6,7 @@ matrix_client_hydrogen_enabled: true
 matrix_client_hydrogen_container_image_self_build: false
 matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
 
+# renovate: datasource=docker depName=ghcr.io/vector-im/hydrogen-web
 matrix_client_hydrogen_version: v0.4.1
 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vector-im/hydrogen-web:{{ matrix_client_hydrogen_version }}"
 matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else 'ghcr.io/' }}"

roles/custom/matrix-client-hydrogen/tasks/setup_install.yml

@@ -12,6 +12,39 @@
     - {path: "{{ matrix_client_hydrogen_docker_src_files_path }}", when: "{{ matrix_client_hydrogen_container_image_self_build }}"}
   when: "item.when | bool"
 
+- when: "matrix_client_hydrogen_container_image_self_build | bool"
+  block:
+    - name: Ensure Hydrogen repository is present on self-build
+      ansible.builtin.git:
+        repo: "{{ matrix_client_hydrogen_container_image_self_build_repo }}"
+        dest: "{{ matrix_client_hydrogen_docker_src_files_path }}"
+        version: "{{ matrix_client_hydrogen_docker_image.split(':')[1] }}"
+        force: "yes"
+      become: true
+      become_user: "{{ matrix_user_username }}"
+      register: matrix_client_hydrogen_git_pull_results
+
+    - name: Check if Hydrogen Docker image exists
+      ansible.builtin.command: "{{ devture_systemd_docker_base_host_command_docker }} images --quiet --filter 'reference={{ matrix_client_hydrogen_docker_image }}'"
+      register: matrix_client_hydrogen_docker_image_check_result
+      changed_when: false
+
+    # Invoking the `docker build` command here, instead of calling the `docker_image` Ansible module,
+    # because the latter does not support BuildKit.
+    # See: https://github.com/ansible-collections/community.general/issues/514
+    - name: Ensure Hydrogen Docker image is built
+      ansible.builtin.shell:
+        chdir: "{{ matrix_client_hydrogen_docker_src_files_path }}"
+        cmd: |
+          {{ devture_systemd_docker_base_host_command_docker }} build \
+          -t "{{ matrix_client_hydrogen_docker_image }}" \
+          -f Dockerfile \
+          .
+      environment:
+        DOCKER_BUILDKIT: 1
+      changed_when: true
+      when: "matrix_client_hydrogen_git_pull_results.changed | bool or matrix_client_hydrogen_docker_image_check_result.stdout == ''"
+
 - name: Ensure Hydrogen Docker image is pulled
   community.docker.docker_image:
     name: "{{ matrix_client_hydrogen_docker_image }}"
@@ -24,17 +57,6 @@
   delay: "{{ devture_playbook_help_container_retries_delay }}"
   until: result is not failed
 
-- name: Ensure Hydrogen repository is present on self-build
-  ansible.builtin.git:
-    repo: "{{ matrix_client_hydrogen_container_image_self_build_repo }}"
-    dest: "{{ matrix_client_hydrogen_docker_src_files_path }}"
-    version: "{{ matrix_client_hydrogen_docker_image.split(':')[1] }}"
-    force: "yes"
-  become: true
-  become_user: "{{ matrix_user_username }}"
-  register: matrix_client_hydrogen_git_pull_results
-  when: "matrix_client_hydrogen_container_image_self_build | bool"
-
 - name: Ensure Hydrogen configuration installed
   ansible.builtin.copy:
     content: "{{ matrix_client_hydrogen_configuration | to_nice_json }}"
@@ -54,17 +76,6 @@
     - {src: "{{ role_path }}/templates/nginx.conf.j2", name: "nginx.conf"}
     - {src: "{{ role_path }}/templates/labels.j2", name: "labels"}
 
-- name: Ensure Hydrogen Docker image is built
-  community.docker.docker_image:
-    name: "{{ matrix_client_hydrogen_docker_image }}"
-    source: build
-    force_source: "{{ matrix_client_hydrogen_git_pull_results.changed }}"
-    build:
-      dockerfile: Dockerfile
-      path: "{{ matrix_client_hydrogen_docker_src_files_path }}"
-      pull: true
-  when: "matrix_client_hydrogen_container_image_self_build | bool"
-
 - name: Ensure Hydrogen container network is created
   community.general.docker_network:
     name: "{{ matrix_client_hydrogen_container_network }}"

roles/custom/matrix-client-schildichat/defaults/main.yml

@@ -5,6 +5,7 @@ matrix_client_schildichat_enabled: true
 
 matrix_client_schildichat_container_image_self_build: false
 
+# renovate: datasource=docker depName=registry.gitlab.com/etke.cc/schildichat-web
 matrix_client_schildichat_version: v1.11.30-sc.2
 matrix_client_schildichat_docker_image: "{{ matrix_client_schildichat_docker_image_name_prefix }}etke.cc/schildichat-web:{{ matrix_client_schildichat_version }}"
 matrix_client_schildichat_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_schildichat_container_image_self_build else 'registry.gitlab.com/' }}"

roles/custom/matrix-conduit/defaults/main.yml

@@ -6,6 +6,7 @@ matrix_conduit_enabled: true
 
 matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix }}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}"
 matrix_conduit_docker_image_name_prefix: "docker.io/"
+# renovate: datasource=docker depName=matrixconduit/matrix-conduit
 matrix_conduit_docker_image_tag: "v0.6.0"
 matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}"
 

roles/custom/matrix-corporal/defaults/main.yml

@@ -23,7 +23,8 @@ matrix_corporal_container_extra_arguments: []
 # List of systemd services that matrix-corporal.service depends on
 matrix_corporal_systemd_required_services_list: ['docker.service']
 
-matrix_corporal_version: 2.5.2
+# renovate: datasource=docker depName=devture/matrix-corporal
+matrix_corporal_version: 2.6.0
 matrix_corporal_docker_image: "{{ matrix_corporal_docker_image_name_prefix }}devture/matrix-corporal:{{ matrix_corporal_docker_image_tag }}"
 matrix_corporal_docker_image_name_prefix: "{{ 'localhost/' if matrix_corporal_container_image_self_build else matrix_container_global_registry_prefix }}"
 matrix_corporal_docker_image_tag: "{{ matrix_corporal_version }}"  # for backward-compatibility

roles/custom/matrix-coturn/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn
 matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}"
 matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile"
 
+# renovate: datasource=docker depName=coturn/coturn
 matrix_coturn_version: 4.6.2-r5
 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine"
 matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}"
@@ -73,8 +74,25 @@ matrix_coturn_turn_udp_max_port: 49172
 matrix_coturn_turn_static_auth_secret: ""
 
 # The external IP address of the machine where Coturn is.
+# If do not define an IP address here or in `matrix_coturn_turn_external_ip_addresses`, auto-detection via an EchoIP service will be done.
+# See `matrix_coturn_turn_external_ip_address_auto_detection_enabled`
 matrix_coturn_turn_external_ip_address: ''
-matrix_coturn_turn_external_ip_addresses: ["{{ matrix_coturn_turn_external_ip_address }}"]
+matrix_coturn_turn_external_ip_addresses: "{{ [matrix_coturn_turn_external_ip_address] if matrix_coturn_turn_external_ip_address != '' else [] }}"
+
+# Controls whether external IP address auto-detection should be attempted.
+# We try to do this if there is no external IP address explicitly configured and if an EchoIP service URL is specified.
+# See matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url
+matrix_coturn_turn_external_ip_address_auto_detection_enabled: "{{ matrix_coturn_turn_external_ip_addresses | length == 0 and matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url != '' }}"
+
+# Specifies the address of the EchoIP service (https://github.com/mpolden/echoip) to use for detecting the external IP address.
+# By default, we use the official public instance.
+matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url: https://ifconfig.co/json
+
+# Controls whether SSL certificates will be validated when contacting the EchoIP service (matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url)
+matrix_coturn_turn_external_ip_address_auto_detection_echoip_validate_certs: true
+
+matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_retries_count: "{{ devture_playbook_help_geturl_retries_count }}"
+matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_retries_delay: "{{ devture_playbook_help_geturl_retries_delay }}"
 
 matrix_coturn_allowed_peer_ips: []
 

roles/custom/matrix-coturn/tasks/setup_install.yml

@@ -1,5 +1,37 @@
 ---
 
+- when: matrix_coturn_turn_external_ip_address_auto_detection_enabled | bool
+  block:
+    - name: Fail if enabled, but EchoIP service URL unset
+      when: matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url == ''
+      ansible.builtin.fail:
+        msg: "To use the external IP address auto-detection feature, you need to set matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url"
+
+    # NOTE:
+    # `ansible.builtin.uri` does not provide a way to configure whether IPv4 or IPv6 is used.
+    # Luckily, the default instance we use does not define AAAA records for now, so it's always IPv4.
+    - name: Fetch IP address information from EchoIP service
+      ansible.builtin.uri:
+        url: "{{ matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url }}"
+        headers:
+          Content-Type: application/json
+        follow_redirects: none
+        validate_certs: "{{ matrix_coturn_turn_external_ip_address_auto_detection_echoip_validate_certs }}"
+      register: result_matrix_coturn_turn_external_ip_address_auto_detection_echoip_response
+      ignore_errors: true
+      check_mode: false
+      retries: "{{ matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_retries_count }}"
+      delay: "{{ matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_retries_delay }}"
+      until: not result_matrix_coturn_turn_external_ip_address_auto_detection_echoip_response.failed
+
+    - name: Fail if EchoIP service failed
+      when: "(result_matrix_coturn_turn_external_ip_address_auto_detection_echoip_response.failed or 'json' not in result_matrix_coturn_turn_external_ip_address_auto_detection_echoip_response)"
+      ansible.builtin.fail:
+        msg: "Failed contacting EchoIP service API at `{{ matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url }}` (controlled by `matrix_coturn_turn_external_ip_address_auto_detection_echoip_service_url`). Full error: {{ result_matrix_coturn_turn_external_ip_address_auto_detection_echoip_response }}"
+
+    - ansible.builtin.set_fact:
+        matrix_coturn_turn_external_ip_address: "{{ result_matrix_coturn_turn_external_ip_address_auto_detection_echoip_response.json.ip }}"
+
 - name: Ensure Matrix Coturn path exists
   ansible.builtin.file:
     path: "{{ item.path }}"

roles/custom/matrix-coturn/templates/turnserver.conf.j2

@@ -5,7 +5,7 @@ realm=turn.{{ matrix_server_fqn_matrix }}
 
 min-port={{ matrix_coturn_turn_udp_min_port }}
 max-port={{ matrix_coturn_turn_udp_max_port }}
-{% for ip in matrix_coturn_turn_external_ip_addresses|select('ne', '') %}
+{% for ip in matrix_coturn_turn_external_ip_addresses %}
 external-ip={{ ip }}
 {% endfor %}
 

roles/custom/matrix-dendrite/defaults/main.yml

@@ -10,6 +10,7 @@ matrix_dendrite_container_image_self_build_repo: "https://github.com/matrix-org/
 matrix_dendrite_docker_image_path: "matrixdotorg/dendrite-monolith"
 matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}{{ matrix_dendrite_docker_image_path }}:{{ matrix_dendrite_docker_image_tag }}"
 matrix_dendrite_docker_image_name_prefix: "{{ 'localhost/' if matrix_dendrite_container_image_self_build else matrix_container_global_registry_prefix }}"
+# renovate: datasource=docker depName=matrixdotorg/dendrite-monolith
 matrix_dendrite_docker_image_tag: "v0.13.3"
 matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}"
 

roles/custom/matrix-dimension/defaults/main.yml

@@ -29,6 +29,7 @@ matrix_dimension_container_image_self_build_branch: master
 matrix_dimension_base_path: "{{ matrix_base_data_path }}/dimension"
 matrix_dimension_docker_src_files_path: "{{ matrix_base_data_path }}/docker-src/dimension"
 
+# renovate: datasource=docker depName=turt2live/matrix-dimension
 matrix_dimension_version: latest
 matrix_dimension_docker_image: "{{ matrix_dimension_docker_image_name_prefix }}turt2live/matrix-dimension:{{ matrix_dimension_version }}"
 matrix_dimension_docker_image_name_prefix: "{{ 'localhost/' if matrix_dimension_container_image_self_build else matrix_container_global_registry_prefix }}"

roles/custom/matrix-dynamic-dns/defaults/main.yml

@@ -7,7 +7,8 @@ matrix_dynamic_dns_enabled: true
 # The dynamic dns daemon interval
 matrix_dynamic_dns_daemon_interval: '300'
 
-matrix_dynamic_dns_version: v3.10.0-ls135
+# renovate: datasource=docker depName=linuxserver/ddclient
+matrix_dynamic_dns_version: v3.10.0-ls136
 
 # The docker container to use when in mode
 matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}"

roles/custom/matrix-email2matrix/defaults/main.yml

@@ -11,6 +11,7 @@ matrix_email2matrix_container_image_self_build: false
 matrix_email2matrix_container_image_self_build_repo: "https://github.com/devture/email2matrix.git"
 matrix_email2matrix_container_image_self_build_branch: "{{ matrix_email2matrix_version }}"
 
+# renovate: datasource=docker depName=devture/email2matrix
 matrix_email2matrix_version: 1.1.0
 matrix_email2matrix_docker_image_prefix: "{{ 'localhost/' if matrix_email2matrix_container_image_self_build else matrix_container_global_registry_prefix }}"
 matrix_email2matrix_docker_image: "{{ matrix_email2matrix_docker_image_prefix }}devture/email2matrix:{{ matrix_email2matrix_version }}"

roles/custom/matrix-ma1sd/defaults/main.yml

@@ -8,6 +8,7 @@ matrix_ma1sd_container_image_self_build: false
 matrix_ma1sd_container_image_self_build_repo: "https://github.com/ma1uta/ma1sd.git"
 matrix_ma1sd_container_image_self_build_branch: "{{ matrix_ma1sd_version }}"
 
+# renovate: datasource=docker depName=ma1uta/ma1sd
 matrix_ma1sd_version: "2.5.0"
 
 matrix_ma1sd_docker_image: "{{ matrix_ma1sd_docker_image_name_prefix }}ma1uta/ma1sd:{{ matrix_ma1sd_version }}"

roles/custom/matrix-mailer/defaults/main.yml

@@ -10,7 +10,8 @@ matrix_mailer_container_image_self_build_repository_url: "https://github.com/dev
 matrix_mailer_container_image_self_build_src_files_path: "{{ matrix_mailer_base_path }}/docker-src"
 matrix_mailer_container_image_self_build_version: "{{ matrix_mailer_docker_image.split(':')[1] }}"
 
-matrix_mailer_version: 4.96-r1-0
+# renovate: datasource=docker depName=devture/exim-relay versioning=semver
+matrix_mailer_version: 4.96.2-r0-0
 matrix_mailer_docker_image: "{{ matrix_mailer_docker_image_name_prefix }}devture/exim-relay:{{ matrix_mailer_version }}"
 matrix_mailer_docker_image_name_prefix: "{{ 'localhost/' if matrix_mailer_container_image_self_build else matrix_container_global_registry_prefix }}"
 matrix_mailer_docker_image_force_pull: "{{ matrix_mailer_docker_image.endswith(':latest') }}"

roles/custom/matrix-media-repo/defaults/main.yml

@@ -18,6 +18,7 @@ matrix_media_repo_container_image_self_build_repo: "https://github.com/turt2live
 matrix_media_repo_docker_image_path: "turt2live/matrix-media-repo"
 matrix_media_repo_docker_image: "{{ matrix_media_repo_docker_image_name_prefix }}{{ matrix_media_repo_docker_image_path }}:{{ matrix_media_repo_docker_image_tag }}"
 matrix_media_repo_docker_image_name_prefix: "{{ 'localhost/' if matrix_media_repo_container_image_self_build else matrix_container_global_registry_prefix }}"
+# renovate: datasource=docker depName=turt2live/matrix-media-repo
 matrix_media_repo_docker_image_tag: "v1.2.13"
 matrix_media_repo_docker_image_force_pull: "{{ matrix_media_repo_docker_image.endswith(':latest') }}"
 

roles/custom/matrix-nginx-proxy/defaults/main.yml

@@ -1,6 +1,7 @@
 ---
 # Project source code URL: https://github.com/nginx/nginx
 matrix_nginx_proxy_enabled: true
+# renovate: datasource=docker depName=nginx
 matrix_nginx_proxy_version: 1.25.2-alpine
 
 # We use an official nginx image, which we fix-up to run unprivileged.
@@ -307,6 +308,7 @@ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_path: "{{ matrix_nginx_proxy_
 # To avoid using this, use `matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_raw_content` instead of supplying username/password.
 # Learn more in: `roles/custom/matrix-nginx-proxy/tasks/nginx-proxy/setup_metrics_auth.yml`.
 matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image: "{{ matrix_container_global_registry_prefix }}httpd:{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag }}"
+# renovate: datasource=docker depName=httpd
 matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag: "2.4.54-alpine3.16"
 matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_force_pull: "{{ matrix_nginx_proxy_proxy_matrix_metrics_basic_auth_apache_container_image_tag.endswith(':latest') }}"
 

roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml

@@ -3,6 +3,7 @@
 # See: https://github.com/martin-helmich/prometheus-nginxlog-exporter/
 
 matrix_prometheus_nginxlog_exporter_enabled: true
+# renovate: datasource=docker depName=ghcr.io/martin-helmich/prometheus-nginxlog-exporter/exporter
 matrix_prometheus_nginxlog_exporter_version: v1.10.0
 
 matrix_prometheus_nginxlog_exporter_container_hostname: 'matrix-prometheus-nginxlog-exporter'

roles/custom/matrix-rageshake/defaults/main.yml

@@ -16,7 +16,8 @@ matrix_rageshake_path_prefix: /
 
 # There are no stable container image tags yet.
 # See: https://github.com/matrix-org/rageshake/issues/69
-matrix_rageshake_version: 1.9.0
+# renovate: datasource=docker depName=ghcr.io/matrix-org/rageshake
+matrix_rageshake_version: 1.11.0
 
 matrix_rageshake_base_path: "{{ matrix_base_data_path }}/rageshake"
 matrix_rageshake_config_path: "{{ matrix_rageshake_base_path }}/config"

roles/custom/matrix-registration/defaults/main.yml

@@ -18,6 +18,7 @@ matrix_registration_config_path: "{{ matrix_registration_base_path }}/config"
 matrix_registration_data_path: "{{ matrix_registration_base_path }}/data"
 matrix_registration_docker_src_files_path: "{{ matrix_registration_base_path }}/docker-src"
 
+# renovate: datasource=docker depName=zeratax/matrix-registration
 matrix_registration_version: "v0.7.2"
 
 matrix_registration_docker_image: "{{ matrix_registration_docker_image_name_prefix }}zeratax/matrix-registration:{{ matrix_registration_version }}"

roles/custom/matrix-sliding-sync/defaults/main.yml

@@ -5,7 +5,8 @@
 
 matrix_sliding_sync_enabled: true
 
-matrix_sliding_sync_version: v0.99.10
+# renovate: datasource=docker depName=ghcr.io/matrix-org/sliding-sync
+matrix_sliding_sync_version: v0.99.11
 
 matrix_sliding_sync_scheme: https
 
@@ -85,6 +86,9 @@ matrix_sliding_sync_environment_variable_syncv3_secret: ''
 # Controls the SYNCV3_DB environment variable
 matrix_sliding_sync_environment_variable_syncv3_db: 'user={{ matrix_sliding_sync_database_username }} password={{ matrix_sliding_sync_database_password }} host={{ matrix_sliding_sync_database_hostname }} port={{ matrix_sliding_sync_database_port }} dbname={{ matrix_sliding_sync_database_name }} sslmode={{ matrix_sliding_sync_database_sslmode }}'
 
+# Additional environment variables.
+matrix_sliding_sync_environment_variables_additional_variables: ''
+
 matrix_sliding_sync_database_username: 'matrix_sliding_sync'
 matrix_sliding_sync_database_password: ''
 matrix_sliding_sync_database_hostname: ''

roles/custom/matrix-sliding-sync/templates/env.j2

@@ -2,3 +2,5 @@ SYNCV3_SERVER={{ matrix_sliding_sync_environment_variable_syncv3_server }}
 SYNCV3_SECRET={{ matrix_sliding_sync_environment_variable_syncv3_secret }}
 SYNCV3_BINDADDR=:8008
 SYNCV3_DB={{ matrix_sliding_sync_environment_variable_syncv3_db }}
+
+{{ matrix_sliding_sync_environment_variables_additional_variables }}

roles/custom/matrix-sygnal/defaults/main.yml

@@ -12,6 +12,7 @@ matrix_sygnal_hostname: ''
 # This value must either be `/` or not end with a slash (e.g. `/sygnal`).
 matrix_sygnal_path_prefix: /
 
+# renovate: datasource=docker depName=matrixdotorg/sygnal
 matrix_sygnal_version: v0.12.0
 
 matrix_sygnal_base_path: "{{ matrix_base_data_path }}/sygnal"

roles/custom/matrix-synapse-admin/defaults/main.yml

@@ -14,6 +14,7 @@ matrix_synapse_admin_nginx_proxy_integration_enabled: false
 matrix_synapse_admin_container_image_self_build: false
 matrix_synapse_admin_container_image_self_build_repo: "https://github.com/Awesome-Technologies/synapse-admin.git"
 
+# renovate: datasource=docker depName=awesometechnologies/synapse-admin
 matrix_synapse_admin_version: 0.8.7
 matrix_synapse_admin_docker_image: "{{ matrix_synapse_admin_docker_image_name_prefix }}awesometechnologies/synapse-admin:{{ matrix_synapse_admin_version }}"
 matrix_synapse_admin_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_admin_container_image_self_build else matrix_container_global_registry_prefix }}"

roles/custom/matrix-synapse-auto-compressor/defaults/main.yml

@@ -5,6 +5,7 @@
 
 matrix_synapse_auto_compressor_enabled: true
 
+# renovate: datasource=docker depName=registry.gitlab.com/etke.cc/rust-synapse-compress-state
 matrix_synapse_auto_compressor_version: v0.1.3
 
 matrix_synapse_auto_compressor_base_path: "{{ matrix_base_data_path }}/synapse-auto-compressor"

roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml

@@ -25,6 +25,7 @@
 
 matrix_synapse_reverse_proxy_companion_enabled: true
 
+# renovate: datasource=docker depName=nginx
 matrix_synapse_reverse_proxy_companion_version: 1.25.2-alpine
 
 matrix_synapse_reverse_proxy_companion_base_path: "{{ matrix_synapse_base_path }}/reverse-proxy-companion"

roles/custom/matrix-synapse/defaults/main.yml

@@ -4,7 +4,8 @@
 
 matrix_synapse_enabled: true
 
-matrix_synapse_version: v1.93.0
+# renovate: datasource=docker depName=matrixdotorg/synapse
+matrix_synapse_version: v1.94.0
 
 matrix_synapse_username: ''
 matrix_synapse_uid: ''

roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2

@@ -2117,8 +2117,7 @@ saml2_config:
   #  attribute_requirements:
   #    - attribute: userGroup
   #      value: "synapseUsers"
-oidc_providers:
-  {{ matrix_synapse_oidc_providers|to_nice_yaml(indent=2, width=999999) }}
+oidc_providers: {{ matrix_synapse_oidc_providers }}
 {% endif %}
 
 

roles/custom/matrix-user-verification-service/defaults/main.yml

@@ -6,7 +6,8 @@ matrix_user_verification_service_ansible_name: "Matrix User Verification Service
 matrix_user_verification_service_enabled: true
 
 # Fix version tag
-matrix_user_verification_service_version: "v2.0.0"
+# renovate: datasource=docker depName=matrixdotorg/matrix-user-verification-service
+matrix_user_verification_service_version: "v3.0.0"
 
 # Paths
 matrix_user_verification_service_base_path: "{{ matrix_base_data_path }}/user-verification-service"