overmind
/
matrix-docker-ansible-deploy
espelhamento de https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Fork 0
Código Issues 0 Versões 0 Wiki Atividade
Ver código fonte

Upgrade Hookshot (5.4.1 -> 6.0.1)

pull/3843/head
Slavi Pantaleev 1 ano atrás
pai
daf9418610
commit
119e78bc11
6 arquivos alterados com 17 adições e 14 exclusões
Visão unificada
Opções de diferenças
Mostrar estatísticas Baixar arquivo de patch Baixar arquivo de diferenças
  1. +2
    -2
      docs/configuring-playbook-bridge-hookshot.md
  2. +2
    -2
      group_vars/matrix_servers
  3. +7
    -6
      roles/custom/matrix-bridge-hookshot/defaults/main.yml
  4. +2
    -1
      roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml
  5. +2
    -2
      roles/custom/matrix-bridge-hookshot/templates/config.yml.j2
  6. +2
    -1
      roles/custom/matrix-bridge-hookshot/templates/registration.yml.j2

+ 2
- 2
docs/configuring-playbook-bridge-hookshot.md Ver arquivo

@@ -25,9 +25,9 @@ Finally, run the playbook (see [installing](installing.md)).


### End-to-bridge encryption ### End-to-bridge encryption


You can enable [experimental encryption](https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html) for Hookshot by adding `matrix_hookshot_experimental_encryption_enabled: true` to your configuration (`vars.yml`) and [executing the playbook](installing.md) again.
You can enable [encryption](https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html) for Hookshot by adding `matrix_hookshot_encryption_enabled: true` to your configuration (`vars.yml`) and [executing the playbook](installing.md) again.


Should the crypto store be corrupted, you can reset it by executing this Ansible playbook with the tag `reset-hookshot-encryption` added, for example `ansible-playbook -i inventory/hosts setup.yml -K --tags=reset-hookshot-encryption`.
Should the crypto store be corrupted, you can reset it by executing this Ansible playbook with the tag `reset-hookshot-encryption` added, for example `ansible-playbook -i inventory/hosts setup.yml --tags=reset-hookshot-encryption`.


## Usage ## Usage




+ 2
- 2
group_vars/matrix_servers Ver arquivo

@@ -4403,7 +4403,7 @@ ntfy_visitor_request_limit_exempt_hosts_hostnames_auto: |
# #
###################################################################### ######################################################################


redis_enabled: "{{ not (keydb_enabled or valkey_enabled) and (matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_experimental_encryption_enabled)) }}"
redis_enabled: "{{ not (keydb_enabled or valkey_enabled) and (matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_encryption_enabled)) }}"


redis_identifier: matrix-redis redis_identifier: matrix-redis


@@ -4455,7 +4455,7 @@ keydb_arch: |-
# #
###################################################################### ######################################################################


valkey_enabled: "{{ matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_experimental_encryption_enabled) }}"
valkey_enabled: "{{ matrix_synapse_workers_enabled or (matrix_hookshot_enabled and matrix_hookshot_encryption_enabled) }}"


valkey_identifier: matrix-valkey valkey_identifier: matrix-valkey




+ 7
- 6
roles/custom/matrix-bridge-hookshot/defaults/main.yml Ver arquivo

@@ -17,10 +17,10 @@ matrix_hookshot_container_additional_networks_auto: []
matrix_hookshot_container_additional_networks_custom: [] matrix_hookshot_container_additional_networks_custom: []


# renovate: datasource=docker depName=halfshot/matrix-hookshot # renovate: datasource=docker depName=halfshot/matrix-hookshot
matrix_hookshot_version: 5.4.1
matrix_hookshot_version: 6.0.1


matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}"
matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}matrix-org/matrix-hookshot:{{ matrix_hookshot_version }}"
matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else 'ghcr.io/' }}"
matrix_hookshot_docker_image_force_pull: "{{ matrix_hookshot_docker_image.endswith(':latest') }}" matrix_hookshot_docker_image_force_pull: "{{ matrix_hookshot_docker_image.endswith(':latest') }}"


matrix_hookshot_base_path: "{{ matrix_base_data_path }}/hookshot" matrix_hookshot_base_path: "{{ matrix_base_data_path }}/hookshot"
@@ -46,17 +46,18 @@ matrix_hookshot_appservice_hostname: "{{ matrix_hookshot_public_hostname }}"
matrix_hookshot_appservice_endpoint: "{{ matrix_hookshot_public_endpoint }}/_matrix/app" matrix_hookshot_appservice_endpoint: "{{ matrix_hookshot_public_endpoint }}/_matrix/app"


# The variables below control the Redis cache parameters. # The variables below control the Redis cache parameters.
# Using caching is required when experimental encryption is enabled (`matrix_hookshot_experimental_encryption_enabled`)
# Using caching is required when encryption is enabled (`matrix_hookshot_encryption_enabled`)
# but may also speed up Hookshot startup, etc. # but may also speed up Hookshot startup, etc.
matrix_hookshot_cache_redis_host: '' matrix_hookshot_cache_redis_host: ''
matrix_hookshot_cache_redis_port: "6379" matrix_hookshot_cache_redis_port: "6379"
matrix_hookshot_cache_redisUri: "{{ ('redis://' + matrix_hookshot_cache_redis_host + ':' + matrix_hookshot_cache_redis_port) if matrix_hookshot_cache_redis_host else '' }}" # noqa var-naming matrix_hookshot_cache_redisUri: "{{ ('redis://' + matrix_hookshot_cache_redis_host + ':' + matrix_hookshot_cache_redis_port) if matrix_hookshot_cache_redis_host else '' }}" # noqa var-naming


# Controls whether the experimental end-to-bridge encryption support is enabled.
# Controls whether the end-to-bridge encryption support is enabled.
# This requires that: # This requires that:
# - support to also be enabled in the homeserver, see the documentation of Hookshot. # - support to also be enabled in the homeserver, see the documentation of Hookshot.
# - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables. # - Hookshot to be pointed at a Redis instance via the `matrix_hookshot_cache_redis*` variables.
matrix_hookshot_experimental_encryption_enabled: false
# See: https://matrix-org.github.io/matrix-hookshot/latest/advanced/encryption.html
matrix_hookshot_encryption_enabled: false


# Controls whether metrics are enabled in the bridge configuration. # Controls whether metrics are enabled in the bridge configuration.
# Enabling them is usually enough for a local (in-container) Prometheus to consume them. # Enabling them is usually enough for a local (in-container) Prometheus to consume them.


+ 2
- 1
roles/custom/matrix-bridge-hookshot/tasks/validate_config.yml Ver arquivo

@@ -31,6 +31,7 @@
- {'old': 'matrix_hookshot_ident', 'new': 'matrix_hookshot_identifier'} - {'old': 'matrix_hookshot_ident', 'new': 'matrix_hookshot_identifier'}
- {'old': 'matrix_hookshot_queue_host', 'new': 'matrix_hookshot_cache_redis_host'} - {'old': 'matrix_hookshot_queue_host', 'new': 'matrix_hookshot_cache_redis_host'}
- {'old': 'matrix_hookshot_queue_port', 'new': 'matrix_hookshot_cache_redis_port'} - {'old': 'matrix_hookshot_queue_port', 'new': 'matrix_hookshot_cache_redis_port'}
- {'old': 'matrix_hookshot_experimental_encryption_enabled', 'new': 'matrix_hookshot_encryption_enabled'}


- name: Fail if required Hookshot settings not defined - name: Fail if required Hookshot settings not defined
ansible.builtin.fail: ansible.builtin.fail:
@@ -96,7 +97,7 @@
ansible.builtin.fail: ansible.builtin.fail:
msg: >- msg: >-
You need to define a required configuration setting (`matrix_hookshot_cache_redis*`) to enable Hookshot encryption. You need to define a required configuration setting (`matrix_hookshot_cache_redis*`) to enable Hookshot encryption.
when: "matrix_hookshot_experimental_encryption_enabled and matrix_hookshot_cache_redisUri == ''"
when: "matrix_hookshot_encryption_enabled and matrix_hookshot_cache_redisUri == ''"


- name: (Deprecation) Catch and report old metrics usage - name: (Deprecation) Catch and report old metrics usage
ansible.builtin.fail: ansible.builtin.fail:


+ 2
- 2
roles/custom/matrix-bridge-hookshot/templates/config.yml.j2 Ver arquivo

@@ -113,8 +113,8 @@ metrics:
cache: cache:
redisUri: {{ matrix_hookshot_cache_redisUri | to_json }} redisUri: {{ matrix_hookshot_cache_redisUri | to_json }}
{% endif %} {% endif %}
{% if matrix_hookshot_experimental_encryption_enabled %}
experimentalEncryption:
{% if matrix_hookshot_encryption_enabled %}
encryption:
storagePath: /data/encryption storagePath: /data/encryption
{% endif %} {% endif %}
logging: logging:


+ 2
- 1
roles/custom/matrix-bridge-hookshot/templates/registration.yml.j2 Ver arquivo

@@ -29,8 +29,9 @@ sender_localpart: hookshot
url: "http://{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}" # This should match the bridge.port in your config file url: "http://{{ matrix_hookshot_container_url }}:{{ matrix_hookshot_appservice_port }}" # This should match the bridge.port in your config file
rate_limited: false rate_limited: false


{% if matrix_hookshot_experimental_encryption_enabled %}
{% if matrix_hookshot_encryption_enabled %}
de.sorunome.msc2409.push_ephemeral: true de.sorunome.msc2409.push_ephemeral: true
push_ephemeral: true push_ephemeral: true
org.matrix.msc3202: true org.matrix.msc3202: true
org.matrix.msc3202: true
{% endif %} {% endif %}

Escrever Pré-visualização
Carregando…
Cancelar
Salvar