0b5e4aa784
Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1775 Related to https://signald.org/articles/install/docker/#migrating-from-versions-before-0180 > Prior to 0.18.0 the signald container image used the root user, which is not recommended for security reasons. This was fixed in the 0.18.0 release which will start as root, fix permissions on the volume, then drop to the non-root user and start signald. Future images will start as the non-root user, so if you’re upgrading make sure to run 0.18.0 at least once. > A special tag, 0.18.0-non-root, will be published. it starts as the non-root user and does not fix permissions on the volume.
130 lines
6.2 KiB
YAML
130 lines
6.2 KiB
YAML
---
|
|
# mautrix-signal is a Matrix <-> Signal bridge
|
|
# See: https://github.com/mautrix/signal
|
|
|
|
matrix_mautrix_signal_enabled: true
|
|
|
|
matrix_mautrix_signal_container_image_self_build: false
|
|
matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git"
|
|
matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src"
|
|
|
|
matrix_mautrix_signal_version: v0.3.0
|
|
matrix_mautrix_signal_daemon_version: 0.18.0
|
|
# See: https://mau.dev/mautrix/signal/container_registry
|
|
matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}"
|
|
matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}"
|
|
|
|
matrix_mautrix_signal_daemon_container_image_self_build: false
|
|
matrix_mautrix_signal_daemon_docker_repo: "https://mau.dev/maunium/signald.git"
|
|
matrix_mautrix_signal_daemon_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signald/docker-src"
|
|
|
|
matrix_mautrix_signal_daemon_docker_image: "docker.io/signald/signald:{{ matrix_mautrix_signal_daemon_docker_image_tag }}"
|
|
matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image_tag.endswith(':latest') }}"
|
|
matrix_mautrix_signal_daemon_docker_image_tag: "{{ matrix_mautrix_signal_daemon_version }}-non-root"
|
|
|
|
matrix_mautrix_signal_base_path: "{{ matrix_base_data_path }}/mautrix-signal"
|
|
matrix_mautrix_signal_config_path: "{{ matrix_mautrix_signal_base_path }}/bridge"
|
|
matrix_mautrix_signal_daemon_path: "{{ matrix_mautrix_signal_base_path }}/signald"
|
|
|
|
matrix_mautrix_signal_homeserver_address: ''
|
|
matrix_mautrix_signal_homeserver_domain: ''
|
|
matrix_mautrix_signal_appservice_address: 'http://matrix-mautrix-signal:29328'
|
|
|
|
# Controls whether the matrix-mautrix-signal container exposes its port (tcp/29328 in the container).
|
|
#
|
|
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9006"), or empty string to not expose.
|
|
matrix_mautrix_signal_container_http_host_bind_port: ''
|
|
|
|
# A list of extra arguments to pass to the container
|
|
matrix_mautrix_signal_container_extra_arguments: []
|
|
|
|
# List of systemd services that matrix-mautrix-signal.service depends on.
|
|
matrix_mautrix_signal_systemd_required_services_list:
|
|
- 'docker.service'
|
|
- 'matrix-mautrix-signal-daemon.service'
|
|
|
|
# List of systemd services that matrix-mautrix-signal.service wants
|
|
matrix_mautrix_signal_systemd_wanted_services_list: []
|
|
|
|
# List of systemd services that matrix-mautrix-signal-daemon.service depends on.
|
|
matrix_mautrix_signal_daemon_systemd_required_services_list: ['docker.service']
|
|
|
|
# List of systemd services that matrix-mautrix-signal-daemon.service wants
|
|
matrix_mautrix_signal_daemon_systemd_wanted_services_list: []
|
|
|
|
matrix_mautrix_signal_appservice_token: ''
|
|
matrix_mautrix_signal_homeserver_token: ''
|
|
|
|
matrix_mautrix_signal_appservice_bot_username: signalbot
|
|
|
|
# Whether or not created rooms should have federation enabled.
|
|
# If false, created portal rooms will never be federated.
|
|
matrix_mautrix_signal_federate_rooms: true
|
|
|
|
# Database-related configuration fields
|
|
#
|
|
# This bridge only supports postgres.
|
|
#
|
|
matrix_mautrix_signal_database_engine: 'postgres'
|
|
|
|
matrix_mautrix_signal_database_username: 'matrix_mautrix_signal'
|
|
matrix_mautrix_signal_database_password: 'some-password'
|
|
matrix_mautrix_signal_database_hostname: 'matrix-postgres'
|
|
matrix_mautrix_signal_database_port: 5432
|
|
matrix_mautrix_signal_database_name: 'matrix_mautrix_signal'
|
|
|
|
matrix_mautrix_signal_database_connection_string: 'postgres://{{ matrix_mautrix_signal_database_username }}:{{ matrix_mautrix_signal_database_password }}@{{ matrix_mautrix_signal_database_hostname }}:{{ matrix_mautrix_signal_database_port }}/{{ matrix_mautrix_signal_database_name }}'
|
|
|
|
matrix_mautrix_signal_appservice_database: "{{
|
|
{
|
|
'postgres': matrix_mautrix_signal_database_connection_string,
|
|
}[matrix_mautrix_signal_database_engine]
|
|
}}"
|
|
|
|
# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
|
|
matrix_mautrix_signal_login_shared_secret: ''
|
|
|
|
# Enable bridge relay bot functionality
|
|
matrix_mautrix_signal_relaybot_enabled: false
|
|
|
|
# Permissions for using the bridge.
|
|
# Permitted values:
|
|
# relay - Allowed to be relayed through the bridge, no access to commands.
|
|
# user - Use the bridge with puppeting.
|
|
# admin - Use and administrate the bridge.
|
|
# Permitted keys:
|
|
# * - All Matrix users
|
|
# domain - All users on that homeserver
|
|
# mxid - Specific user
|
|
matrix_mautrix_signal_bridge_permissions: |
|
|
'*': relay
|
|
'{{ matrix_mautrix_signal_homeserver_domain }}': user
|
|
|
|
# Default configuration template which covers the generic use case.
|
|
# You can customize it by controlling the various variables inside it.
|
|
#
|
|
# For a more advanced customization, you can extend the default (see `matrix_mautrix_signal_configuration_extension_yaml`)
|
|
# or completely replace this variable with your own template.
|
|
matrix_mautrix_signal_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
|
|
|
|
matrix_mautrix_signal_configuration_extension_yaml: |
|
|
# Your custom YAML configuration goes here.
|
|
# This configuration extends the default starting configuration (`matrix_mautrix_signal_configuration_yaml`).
|
|
#
|
|
# You can override individual variables from the default configuration, or introduce new ones.
|
|
#
|
|
# If you need something more special, you can take full control by
|
|
# completely redefining `matrix_mautrix_signal_configuration_yaml`.
|
|
|
|
matrix_mautrix_signal_configuration_extension: "{{ matrix_mautrix_signal_configuration_extension_yaml|from_yaml if matrix_mautrix_signal_configuration_extension_yaml|from_yaml is mapping else {} }}"
|
|
|
|
# Holds the final configuration (a combination of the default and its extension).
|
|
# You most likely don't need to touch this variable. Instead, see `matrix_mautrix_signal_configuration_yaml`.
|
|
matrix_mautrix_signal_configuration: "{{ matrix_mautrix_signal_configuration_yaml|from_yaml|combine(matrix_mautrix_signal_configuration_extension, recursive=True) }}"
|
|
|
|
matrix_mautrix_signal_registration_yaml: "{{ lookup('template', 'templates/registration.yaml.j2') }}"
|
|
|
|
matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml|from_yaml }}"
|
|
|
|
matrix_mautrix_signal_log_level: 'DEBUG'
|