matrix-docker-ansible-deploy/roles/custom/matrix-bridge-appservice-slack/defaults/main.yml
Slavi Pantaleev 6427397486 Do not hardcode sslmode=disable to Postgres connection strings - make it configurable
This is backward-compatible with what we had before. We're not changing
the SSL mode - just making it configurable.

Most components are defaulting to `sslmode=disable`, while some
(`matrix-bot-matrix-reminder-bot` and others) do not specify an `sslmode` at all.

We're making sslmode configurable, because certain external Postgres
servers may be configured to require SSL encryption.
In such cases `sslmode=disable` does not work and needs to be changed to
`sslmode=require` or something else (`verify-ca`, `verify-full`, etc).
2023-08-22 19:40:50 +03:00

126 lines
6 KiB
YAML

---
# matrix-appservice-slack is a Matrix <-> Slack bridge
# Project source code URL: https://github.com/matrix-org/matrix-appservice-slack
matrix_appservice_slack_enabled: true
matrix_appservice_slack_container_image_self_build: false
matrix_appservice_slack_docker_repo: "https://github.com/matrix-org/matrix-appservice-slack.git"
matrix_appservice_slack_docker_repo_version: "{{ 'master' if matrix_appservice_slack_version == 'latest' else matrix_appservice_slack_version }}"
matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-slack/docker-src"
# matrix_appservice_slack_version used to contain the full Docker image tag (e.g. `release-X.X.X`).
# It's a bare version number now. We try to somewhat retain compatibility below.
matrix_appservice_slack_version: 2.1.2
matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_docker_image_tag }}"
matrix_appservice_slack_docker_image_tag: "{{ 'latest' if matrix_appservice_slack_version == 'latest' else ('release-' + matrix_appservice_slack_version) }}"
matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}"
matrix_appservice_slack_base_path: "{{ matrix_base_data_path }}/appservice-slack"
matrix_appservice_slack_config_path: "{{ matrix_appservice_slack_base_path }}/config"
matrix_appservice_slack_data_path: "{{ matrix_appservice_slack_base_path }}/data"
matrix_appservice_slack_public_endpoint: /appservice-slack
matrix_appservice_slack_inbound_uri_prefix: "{{ matrix_homeserver_url }}{{ matrix_appservice_slack_public_endpoint }}"
# Once you make a control room in Matrix, you can get its ID by typing any message and checking its source
matrix_appservice_slack_control_room_id: ''
matrix_appservice_slack_bot_name: 'slackbot'
matrix_appservice_slack_user_prefix: 'slack_'
# Controls the SLACK_PORT and MATRIX_PORT of the installation
matrix_appservice_slack_matrix_port: 9004
matrix_appservice_slack_slack_port: 9003
# Controls whether the appservice-slack container exposes its HTTP port (tcp/9003 in the container).
#
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:9999"), or empty string to not expose.
matrix_appservice_slack_container_http_host_bind_port: ''
matrix_appservice_slack_homeserver_media_url: "{{ matrix_server_fqn_matrix }}"
matrix_appservice_slack_homeserver_url: ""
matrix_appservice_slack_homeserver_domain: "{{ matrix_domain }}"
matrix_appservice_slack_appservice_url: 'http://matrix-appservice-slack'
# A list of extra arguments to pass to the container
matrix_appservice_slack_container_extra_arguments: []
# List of systemd services that matrix-appservice-slack.service depends on.
matrix_appservice_slack_systemd_required_services_list: ['docker.service']
# List of systemd services that matrix-appservice-slack.service wants
matrix_appservice_slack_systemd_wanted_services_list: []
matrix_appservice_slack_appservice_token: ''
matrix_appservice_slack_homeserver_token: ''
matrix_appservice_slack_id_token: ''
matrix_appservice_slack_database_engine: nedb
matrix_appservice_slack_database_username: matrix_appservice_slack
matrix_appservice_slack_database_password: 'some-passsword'
matrix_appservice_slack_database_hostname: ''
matrix_appservice_slack_database_port: 5432
matrix_appservice_slack_database_name: matrix_appservice_slack
matrix_appservice_slack_database_sslmode: disable
# This is just the Postgres connection string, if Postgres is used.
# Naming clashes with `matrix_appservice_slack_database_connectionString` somewhat.
matrix_appservice_slack_database_connection_string: 'postgresql://{{ matrix_appservice_slack_database_username }}:{{ matrix_appservice_slack_database_password }}@{{ matrix_appservice_slack_database_hostname }}:{{ matrix_appservice_slack_database_port }}/{{ matrix_appservice_slack_database_name }}?sslmode={{ matrix_appservice_slack_database_sslmode }}'
# This is what actually goes into `database.connectionString` for the bridge.
matrix_appservice_slack_database_connectionString: |- # noqa var-naming
{{
{
'nedb': 'nedb:///data',
'postgres': matrix_appservice_slack_database_connection_string,
}[matrix_appservice_slack_database_engine]
}}
matrix_appservice_slack_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
matrix_appservice_slack_configuration_extension_yaml: |
#slack_hook_port: 9898
#inbound_uri_prefix: "https://my.server.here:9898/"
#bot_username: "slackbot"
#username_prefix: "slack_"
# Optional
#slack_master_token: "abc-123-def"
# Optional
#matrix_admin_room: "!aBcDeF:matrix.org"
#homeserver:
# url: http://localhost:{{ matrix_synapse_container_client_api_port }}
# server_name: my.server
# Optional
#tls:
# key_file: /path/to/tls.key
# crt_file: /path/to/tls.crt
#logging:
# console: "info"
# files:
# - "./debug.log": "info"
#- "./error.log": "error"
matrix_appservice_slack_configuration_extension: "{{ matrix_appservice_slack_configuration_extension_yaml | from_yaml if matrix_appservice_slack_configuration_extension_yaml | from_yaml else {} }}"
matrix_appservice_slack_configuration: "{{ matrix_appservice_slack_configuration_yaml | from_yaml | combine(matrix_appservice_slack_configuration_extension, recursive=True) }}"
matrix_appservice_slack_registration_yaml: |
id: "{{ matrix_appservice_slack_id_token }}"
as_token: "{{ matrix_appservice_slack_appservice_token }}"
hs_token: "{{ matrix_appservice_slack_homeserver_token }}"
namespaces:
users:
- exclusive: true
regex: '@{{ matrix_appservice_slack_user_prefix }}.*'
aliases:
- exclusive: false
regex: '#{{ matrix_appservice_slack_user_prefix }}.*'
rooms: []
url: "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_matrix_port }}"
sender_localpart: slackbot
rate_limited: true
protocols: null
matrix_appservice_slack_registration: "{{ matrix_appservice_slack_registration_yaml | from_yaml }}"