Changed

4 лет назад · 08ecd42e5e
--- a/roles/matrix-bridge-mautrix-wsproxy/defaults/main.yml
+++ b/roles/matrix-bridge-mautrix-wsproxy/defaults/main.yml
@@ -1,22 +1,21 @@
 # mautrix-wsproxy is a Matrix <-> websocket bridge
 # See: https://github.com/tulir/mautrix-wsproxy
 # See: https://github.com/mautrix/wsproxy

 matrix_mautrix_wsproxy_enabled: true

 matrix_mautrix_wsproxy_version: latest
 # See: https://mau.dev/tulir/mautrix-wsproxy/container_registry
 matrix_mautrix_wsproxy_docker_image: "dock.mau.dev/tulir/mautrix-wsproxy:{{ matrix_mautrix_wsproxy_version }}"
 # See: https://mau.dev/mautrix/wsproxy/container_registry
 matrix_mautrix_wsproxy_docker_image: "dock.mau.dev/mautrix/wsproxy:{{ matrix_mautrix_wsproxy_version }}"
 matrix_mautrix_wsproxy_docker_image_force_pull: "{{ matrix_mautrix_wsproxy_docker_image.endswith(':latest') }}"

 matrix_mautrix_wsproxy_base_path: "{{ matrix_base_data_path }}/mautrix-wsproxy"
 matrix_mautrix_wsproxy_base_path: "{{ matrix_base_data_path }}/wsproxy"
 matrix_mautrix_wsproxy_config_path: "{{ matrix_mautrix_wsproxy_base_path }}/config"
 matrix_mautrix_wsproxy_data_path: "{{ matrix_mautrix_wsproxy_base_path }}/data"

 matrix_mautrix_wsproxy_homeserver_address: "{{ matrix_homeserver_container_url }}"
 matrix_mautrix_wsproxy_homeserver_domain: "{{ matrix_domain }}"
 matrix_mautrix_wsproxy_appservice_address: "http://matrix-mautrix-wsproxy:29331"
 matrix_mautrix_wsproxy_appservice_websocket: "ws://matrix-mautrix-wsproxy:29331"

 matrix_mautrix_wsproxy_port: 29931
 # A list of extra arguments to pass to the container
 matrix_mautrix_wsproxy_container_extra_arguments: []

@@ -53,30 +52,6 @@ matrix_mautrix_wsproxy_configuration_extension: "{{ matrix_mautrix_wsproxy_confi
 # You most likely don't need to touch this variable. Instead, see `matrix_mautrix_wsproxy_configuration_yaml`.
 matrix_mautrix_wsproxy_configuration: "{{ matrix_mautrix_wsproxy_configuration_yaml|from_yaml|combine(matrix_mautrix_wsproxy_configuration_extension, recursive=True) }}"

 # Default mautrix-wsproxy configuration template which covers the generic use case.
 # You can customize it by controlling the various variables inside it.
 #
 # For a more advanced customization, you can extend the default (see `matrix_mautrix_wsproxy_configuration_extension_yaml`)
 # or completely replace this variable with your own template.
 matrix_mautrix_imessage_configuration_yaml: "{{ lookup('template', 'templates/config-ios.yaml.j2') }}"

 matrix_mautrix_imessage_configuration_extension_yaml: |
  # Your custom YAML configuration goes here.
  # This configuration extends the default starting configuration (`matrix_mautrix_wsproxy_configuration_yaml`).
  #
  # You can override individual variables from the default configuration, or introduce new ones.
  #
  # If you need something more special, you can take full control by
  # completely redefining `matrix_mautrix_imessage_configuration_yaml`.

 matrix_mautrix_imessage_configuration_extension: "{{ matrix_mautrix_imessage_configuration_extension_yaml|from_yaml if matrix_mautrix_imessage_configuration_extension_yaml|from_yaml is mapping else {} }}"

 # Holds the final configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_mautrix_imessage_configuration_yaml`.
 matrix_mautrix_imessage_configuration: "{{ matrix_mautrix_imessage_configuration_yaml|from_yaml|combine(matrix_mautrix_imessage_configuration_extension, recursive=True) }}"

 matrix_mautrix_imessage_user: ''

 matrix_mautrix_wsproxy_registration_yaml: |
  id: imessage
  url: {{ matrix_mautrix_wsproxy_appservice_address }}
--- a/roles/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml
+++ b/roles/matrix-bridge-mautrix-wsproxy/tasks/setup_install.yml
@@ -43,14 +43,6 @@
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"

 - name: Ensure mautrix-imessage config-ios.yaml installed
  copy:
    content: "{{ matrix_mautrix_imessage_configuration|to_nice_yaml }}"
    dest: "{{ matrix_mautrix_wsproxy_config_path }}/config-ios.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"

 - name: Ensure mautrix-wsproxy registration.yaml installed
  copy:
    content: "{{ matrix_mautrix_wsproxy_registration|to_nice_yaml }}"
@@ -59,6 +51,54 @@
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"

 - name: Fail if matrix-nginx-proxy role already executed
  fail:
    msg: >-
      Trying to append mautrix-wsproxy reverse-proxying configuration to matrix-nginx-proxy,
      but it's pointless since the matrix-nginx-proxy role had already executed.
      To fix this, please change the order of roles in your plabook,
      so that the matrix-nginx-proxy role would run after the matrix-wspoxy role.
  when: matrix_nginx_proxy_role_executed|default(False)|bool and matrix_mautrix_wsproxy_enabled|bool

 - name: Generate Wsproxy proxying configuration for matrix-nginx-proxy
  set_fact:
    matrix_mautrix_wsproxy_matrix_nginx_proxy_configuration: |
      location ~ ^/(_matrix/client/unstable/fi.mau.syncproxy/*) {      
      {% if matrix_nginx_proxy_enabled|default(False) %}
      	{# Use the embedded DNS resolver in Docker containers to discover the service #}
      	resolver 127.0.0.11 valid=5s;
      	set $backend "matrix-mautrix-wsproxy:{{ matrix_mautrix_wsproxy_port }}/$1";
      	proxy_pass http://$backend;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
      {% else %}
      	{# Generic configuration for use outside of our container setup #}
      	proxy_pass http://127.0.0.1:{{ matrix_mautrix_wsproxy_port }}/$1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
      {% endif %}
      }
  when: matrix_mautrix_wsproxy_enabled|bool

 - name: Register Wsproxy's proxying configuration with matrix-nginx-proxy
  set_fact:
    matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
      {{
        matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
        +
        [matrix_bot_maubot_matrix_nginx_proxy_configuration]
      }}
  when: matrix_mautrix_wsproxy_enabled|bool

 - name: Warn about reverse-proxying if matrix-nginx-proxy not used
  debug:
    msg: >-
      NOTE: You've enabled mautrix-wsproxy but are not using the matrix-nginx-proxy
      reverse proxy.
      Please make sure that you're proxying the `/_matrix/client/unstable/fi.mau.syncproxy`
      URL endpoint to the mautrix-wsproxy container.
  when: "matrix_mautrix_wsproxy_enabled|bool and matrix_nginx_proxy_enabled is not defined"

 - name: Ensure matrix-mautrix-wsproxy.service installed
  template:
    src: "{{ role_path }}/templates/systemd/matrix-mautrix-wsproxy.service.j2"
--- a/roles/matrix-bridge-mautrix-wsproxy/templates/config-ios.yaml.j2
+++ b/roles/matrix-bridge-mautrix-wsproxy/templates/config-ios.yaml.j2
@@ -1,107 +0,0 @@
 #jinja2: lstrip_blocks: "True"
 # Homeserver details.
 homeserver:
    # The address that this appservice can use to connect to the homeserver.
    address: {{ matrix_mautrix_wsproxy_homeserver_address }}
    websocket_proxy: {{ matrix_mautrix_wsproxy_appservice_websocket }}
    # The domain of the homeserver (for MXIDs, etc).
    domain: {{ matrix_mautrix_wsproxy_homeserver_domain }}
 # Application service host/registration related details.
 # Changing these values requires regeneration of the registration.

 appservice:
    # SQLite database path
    database: mautrix-imessage.db

    # The unique ID of this appservice.
    id: imessage
    # Appservice bot details.
    bot:
        # Username of the appservice bot.
        username: imessagebot
        # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
        # to leave display name/avatar as-is.
        displayname: iMessage bridge bot
        avatar: mxc://maunium.net/tManJEpANASZvDVzvRvhILdX

    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
    as_token: "{{ matrix_mautrix_wsproxy_appservice_token }}"
    hs_token: "{{ matrix_mautrix_wsproxy_homeserver_token }}"
 imessage:
    platform: ios

 # Bridge config
 bridge:
    # The user of the bridge.
    user: "{{ matrix_mautrix_imessage_user }}"

    # Localpart template of MXIDs for iMessage users.
    # {{ '{{.}}' }} is replaced with the phone number or email of the iMessage user.
    username_template: "{{ 'imessage_{{.}}' }}"
    # Displayname template for iMessage users.
    # {{ '{{.}}' }} is replaced with the contact list name (if available) or username (phone number or email) of the iMessage user.
    displayname_template: "{{ '{{.}} (iMessage)' }}"

    # Whether or not the bridge should send a read receipt from the bridge bot when a message has been
    # sent to iMessage. If fetch_message_on_timeout is enabled, a successful post-timeout fetch will
    # trigger a read receipt too.
    delivery_receipts: false

    # Whether or not to update the m.direct account data event when double puppeting is enabled.
    # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
    # and is therefore prone to race conditions.
    sync_direct_chat_list: false
    # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
    #
    # If set, custom puppets will be enabled automatically for local users
    # instead of users having to find an access token and run `login-matrix`
    # manually.
    login_shared_secret: {{ matrix_mautrix_whatsapp_login_shared_secret|to_json }}
    # Maximum age of chats to sync in days.
    chat_sync_max_age: 0.5
    # Maximum number of messages to backfill for new portal rooms.
    initial_backfill_limit: 100

    # The prefix for commands. Only required in non-management rooms.
    command_prefix: "!im"

    # End-to-bridge encryption support options. This requires login_shared_secret to be configured
    # in order to get a device for the bridge bot.
    #
    # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
    # application service.
    encryption:
        # Allow encryption, work in group chat rooms with e2ee enabled
        allow: false
        # Default to encryption, force-enable encryption in all portals the bridge creates
        # This will cause the bridge bot to be in private chats for the encryption to work properly.
        # It is recommended to also set private_chat_portal_meta to true when using this.
        default: false
        # Options for automatic key sharing.
        key_sharing:
            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
            # You must use a client that supports requesting keys from other users to use this feature.
            allow: false
            # Require the requesting device to have a valid cross-signing signature?
            # This doesn't require that the bridge has verified the device, only that the user has verified it.
            # Not yet implemented.
            require_cross_signing: false
            # Require devices to be verified by the bridge?
            # Verification by the bridge is not yet implemented.
            require_verification: true

 # Logging config.
 logging:
    # The directory for log files. Will be created if not found.
    directory: ./logs
    # Available variables: .Date for the file date and .Index for different log files on the same day.
    file_name_format: "{{ '{{.Date}}-{{.Index}}.log' }}"
    # Date format for file names in the Go time format: https://golang.org/pkg/time/#pkg-constants
    file_date_format: "2006-01-02"
    # Log file permissions.
    file_mode: 0600
    # Timestamp format for log entries in the Go time format.
    timestamp_format: "Jan _2, 2006 15:04:05"
    # Minimum severity for log messages.
    # Options: debug, info, warn, error, fatal
    print_level: debug