Merge branch 'master' of https://github.com/spantaleev/matrix-docker-ansible-deploy into maubot_moanos

3 лет назад · 1f7013ff32
--- a/.config/ansible-lint.yml
+++ b/.config/ansible-lint.yml
@@ -0,0 +1,13 @@
 ---
 use_default_rules: true
 skip_list:
  - unnamed-task
  - no-handler
  - no-jinja-nesting
  - schema
  - command-instead-of-shell
  - role-name
 offline: false
--- a/.github/workflows/matrix.yml
+++ b/.github/workflows/matrix.yml
@@ -7,10 +7,18 @@ on:  # yamllint disable-line rule:truthy
 jobs:
  yamllint:
    name: 🧹 yamllint
    name: yamllint
    runs-on: ubuntu-latest
    steps:
      - name: ⤵️ Check out configuration from GitHub
      - name: Check out
        uses: actions/checkout@v3
      - name: 🚀 Run yamllint
        uses: frenck/action-yamllint@v1.1.2
      - name: Run yamllint
        uses: frenck/action-yamllint@v1.2.0
  ansible-lint:
    name: ansible-lint
    runs-on: ubuntu-latest
    steps:
      - name: Check out
        uses: actions/checkout@v3
      - name: Run ansible-lint
        uses: ansible-community/ansible-lint-action@main
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,44 @@
 # 2022-07-14
 ## mx-puppet-skype removal
 The playbook no longer includes the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge, because it has been broken and unmaintaned for a long time. Users that have `matrix_mx_puppet_skype_enabled` in their configuration files will encounter an error when running the playbook until they remove references to this bridge from their configuration.
 To completely clean up your server from `mx-puppet-skype`'s presence on it:
 - ensure your Ansible configuration (`vars.yml` file) no longer contains `matrix_mx_puppet_skype_*` references
 - stop and disable the systemd service (run `systemctl disable --now matrix-mx-puppet-skype` on the server)
 - delete the systemd service (run `rm /etc/systemd/system/matrix-mx-puppet-skype.service` on the server)
 - delete `/matrix/mx-puppet-skype` (run `rm -rf /matrix/mx-puppet-skype` on the server)
 - drop the `matrix_mx_puppet_skype` database (run `/usr/local/bin/matrix-postgres-cli` on the server, and execute the `DROP DATABASE matrix_mx_puppet_skype;` query there)
 If you still need bridging to [Skype](https://www.skype.com/), consider switching to [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) instead. See [Setting up Go Skype Bridge bridging](docs/configuring-playbook-bridge-go-skype-bridge.md).
 If you think this is a mistake and `mx-puppet-skype` works for you (or you get it to work somehow), let us know and we may reconsider this removal.
 ## signald (0.19.0+) upgrade requires data migration
 In [Pull Request #1921](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1921) we upgraded [signald](https://signald.org/) (used by the mautrix-signal bridge) from `v0.18.5` to `v0.20.0`.
 Back in the [`v0.19.0` released of signald](https://gitlab.com/signald/signald/-/blob/main/releases/0.19.0.md) (which we skipped and migrated straight to `v0.20.0`), a new `--migrate-data` command had been added that migrates avatars, group images, attachments, etc., into the database (those were previously stored in the filesystem).
 If you've been using the mautrix-signal bridge for a while, you may have files stored in the local filesystem, which will need to be upgraded.
 We attempt to do this data migration automatically every time Signald starts (`matrix-mautrix-signal-daemon.service`) using a `ExecStartPre` systemd unit definition.
 Keep an eye on your Signal bridge and let us know (in our [support room](README.md#support) or in [Pull Request #1921](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1921)) if you experience any trouble!
 # 2022-07-05
 ## Ntfy push notifications support
 Thanks to [Julian Foad](https://matrix.to/#/@julian:foad.me.uk), the playbook can now install a [ntfy](https://ntfy.sh/) push notifications server for you.
 See our [Setting up the ntfy push notifications server](docs/configuring-playbook-ntfy.md) documentation to get started.
 # 2022-06-23
 ## (Potential Backward Compatibility Break) Changes around metrics collection
@@ -26,7 +67,7 @@
 3. If Synapse metrics are exposed, they will be made available at `https://matrix.DOMAIN/metrics/synapse/main-process` or `https://matrix.DOMAIN/metrics/synapse/worker/TYPE-ID` (when workers are enabled), not at `https://matrix.DOMAIN/_synapse/metrics` and `https://matrix.DOMAIN/_synapse-worker-.../metrics`
 4. The playbook still generates an `external_prometheus.yml.example` sample file for scraping Synapse from Prometheus as described in [Collecting Synapse worker metrics to an external Prometheus server](docs/configuring-playbook-prometheus-grafana.md#collecting-synapse-worker-metrics-to-an-external-prometheus-server), but it's now saved under `/matrix/synapse` (not `/matrix`).
 **If you where already using a external Prometheus server** before this change, and you gave a hashed version of the password as a variable, the playbook will now take care of hashing the password for you. Thus, you need to provide the non-hashed version now. 
 **If you where already using a external Prometheus server** before this change, and you gave a hashed version of the password as a variable, the playbook will now take care of hashing the password for you. Thus, you need to provide the non-hashed version now.
 # 2022-06-13
--- a/+ 7
+++ b/+ 7
@@ -0,0 +1,7 @@
 .PHONY: lint
 help: ## Show this help.
 	@fgrep -h "##" $(MAKEFILE_LIST) | fgrep -v fgrep | sed -e 's/\\$$//' | sed -e 's/##//'
 lint: ## Runs ansible-lint against all roles in the playbook
 	ansible-lint
--- a/README.md
+++ b/README.md
@@ -79,7 +79,7 @@ Using this playbook, you can get the following services configured on your serve
 - (optional) the [Heisenbridge](https://github.com/hifi/heisenbridge) for bridging your Matrix server to IRC bouncer-style - see [docs/configuring-playbook-bridge-heisenbridge.md](docs/configuring-playbook-bridge-heisenbridge.md) for setup documentation
 - (optional) the [mx-puppet-skype](https://hub.docker.com/r/sorunome/mx-puppet-skype) for bridging your Matrix server to [Skype](https://www.skype.com) - see [docs/configuring-playbook-bridge-mx-puppet-skype.md](docs/configuring-playbook-bridge-mx-puppet-skype.md) for setup documentation
 - (optional) the [go-skype-bridge](https://github.com/kelaresg/go-skype-bridge) for bridging your Matrix server to [Skype](https://www.skype.com) - see [docs/configuring-playbook-bridge-go-skype-bridge.md](docs/configuring-playbook-bridge-go-skype-bridge.md) for setup documentation
 - (optional) the [mx-puppet-slack](https://hub.docker.com/r/sorunome/mx-puppet-slack) for bridging your Matrix server to [Slack](https://slack.com) - see [docs/configuring-playbook-bridge-mx-puppet-slack.md](docs/configuring-playbook-bridge-mx-puppet-slack.md) for setup documentation
@@ -121,6 +121,8 @@ Using this playbook, you can get the following services configured on your serve
 - (optional) the [Sygnal](https://github.com/matrix-org/sygnal) push gateway - see [Setting up the Sygnal push gateway](docs/configuring-playbook-sygnal.md) for setup documentation
 - (optional) the [ntfy](https://ntfy.sh) push notifications server - see [docs/configuring-playbook-ntfy.md](docs/configuring-playbook-ntfy.md) for setup documentation
 - (optional) the [Hydrogen](https://github.com/vector-im/hydrogen-web) web client - see [docs/configuring-playbook-client-hydrogen.md](docs/configuring-playbook-client-hydrogen.md) for setup documentation
 - (optional) the [Cinny](https://github.com/ajbura/cinny) web client - see [docs/configuring-playbook-client-cinny.md](docs/configuring-playbook-client-cinny.md) for setup documentation
--- a/docs/configuring-dns.md
+++ b/docs/configuring-dns.md
@@ -36,6 +36,7 @@ If you are using Cloudflare DNS, make sure to disable the proxy and set all reco
 | CNAME | `stats`                      | -        | -      | -    | `matrix.<your-domain>` |
 | CNAME | `goneb`                      | -        | -      | -    | `matrix.<your-domain>` |
 | CNAME | `sygnal`                     | -        | -      | -    | `matrix.<your-domain>` |
 | CNAME | `ntfy`                       | -        | -      | -    | `matrix.<your-domain>` |
 | CNAME | `hydrogen`                   | -        | -      | -    | `matrix.<your-domain>` |
 | CNAME | `cinny`                      | -        | -      | -    | `matrix.<your-domain>` |
 | CNAME | `buscarron`                  | -        | -      | -    | `matrix.<your-domain>` |
@@ -57,11 +58,13 @@ The `goneb.<your-domain>` subdomain may be necessary, because this playbook coul
 The `sygnal.<your-domain>` subdomain may be necessary, because this playbook could install the [Sygnal](https://github.com/matrix-org/sygnal) push gateway. The installation of Sygnal is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Sygnal guide](configuring-playbook-sygnal.md). If you do not wish to set up Sygnal (you probably don't, unless you're also developing/building your own Matrix apps), feel free to skip the `sygnal.<your-domain>` DNS record.
 The `ntfy.<your-domain>` subdomain may be necessary, because this playbook could install the [ntfy](https://ntfy.sh/) UnifiedPush-compatible push notifications server. The installation of ntfy is disabled by default, it is not a core required component. To learn how to install it, see our [configuring ntfy guide](configuring-playbook-ntfy.md). If you do not wish to set up ntfy, feel free to skip the `ntfy.<your-domain>` DNS record.
 The `hydrogen.<your-domain>` subdomain may be necessary, because this playbook could install the [Hydrogen](https://github.com/vector-im/hydrogen-web) web client. The installation of Hydrogen is disabled by default, it is not a core required component. To learn how to install it, see our [configuring Hydrogen guide](configuring-playbook-client-hydrogen.md). If you do not wish to set up Hydrogen, feel free to skip the `hydrogen.<your-domain>` DNS record.
 The `cinny.<your-domain>` subdomain may be necessary, because this playbook could install the [Cinny](https://github.com/ajbura/cinny) web client. The installation of cinny is disabled by default, it is not a core required component. To learn how to install it, see our [configuring cinny guide](configuring-playbook-client-cinny.md). If you do not wish to set up cinny, feel free to skip the `cinny.<your-domain>` DNS record.
 The `buscarron.<your-domain>` subdomain may be necessary, because this playbook could install the [buscarron](https://github.com/etke.cc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.<your-domain>` DNS record.
 The `buscarron.<your-domain>` subdomain may be necessary, because this playbook could install the [buscarron](https://gitlab.com/etke.cc/buscarron) bot. The installation of buscarron is disabled by default, it is not a core required component. To learn how to install it, see our [configuring buscarron guide](configuring-playbook-bot-buscarron.md). If you do not wish to set up buscarron, feel free to skip the `buscarron.<your-domain>` DNS record.
 ## `_matrix-identity._tcp` SRV record setup
--- a/docs/configuring-playbook-bridge-mautrix-facebook.md
+++ b/docs/configuring-playbook-bridge-mautrix-facebook.md
@@ -24,10 +24,22 @@ If you would like to be able to administrate the bridge from your account it can
 matrix_mautrix_facebook_configuration_extension_yaml: |
  bridge:
    permissions:
      '@YOUR_USERNAME:YOUR_DOMAIN': admin
      '@YOUR_USERNAME:{{ matrix_domain }}': admin
 ```
 You may wish to look at `roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2` to find other things you would like to configure.
 Using both would look like
 ```yaml
 matrix_mautrix_facebook_configuration_extension_yaml: |
  bridge:
    permissions:
      '@YOUR_USERNAME:{{ matrix_domain }}': admin
    encryption:
      allow: true
      default: true
 ```
 You may wish to look at `roles/matrix-bridge-mautrix-facebook/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-facebook/defaults/main.yml` to find other things you would like to configure.
 ## Set up Double Puppeting
--- a/docs/configuring-playbook-bridge-mautrix-instagram.md
+++ b/docs/configuring-playbook-bridge-mautrix-instagram.md
@@ -7,6 +7,32 @@ See the project's [documentation](https://docs.mau.fi/bridges/python/instagram/i
 ```yaml
 matrix_mautrix_instagram_enabled: true
 ```
 There are some additional things you may wish to configure about the bridge before you continue.
 Encryption support is off by default. If you would like to enable encryption, add the following to your `vars.yml` file:
 ```yaml
 matrix_mautrix_instagram_configuration_extension_yaml: |
  bridge:
    encryption:
      allow: true
      default: true
 ```
 If you would like to be able to administrate the bridge from your account it can be configured like this:
 ```yaml
 # The easy way. The specified Matrix user ID will be made an admin of all bridges
 matrix_admin: "@YOUR_USERNAME:{{ matrix_domain }}"
 # OR:
 # The more verbose way. Applies to this bridge only. You may define multiple Matrix users as admins.
 matrix_mautrix_instagram_configuration_extension_yaml: |
  bridge:
    permissions:
      '@YOUR_USERNAME:YOUR_DOMAIN': admin
 ```
 You may wish to look at `roles/matrix-bridge-mautrix-instagram/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-instagram/defaults/main.yml` to find other things you would like to configure.
 ## Usage
--- a/docs/configuring-playbook-bridge-mx-puppet-skype.md
+++ b/docs/configuring-playbook-bridge-mx-puppet-skype.md
@@ -1,32 +1,5 @@
 # Setting up MX Puppet Skype (optional)
 **Note**: bridging to [Skype](https://www.skype.com/) can also happen via the [go-skype-bridge](configuring-playbook-bridge-go-skype-bridge.md) bridge supported by the playbook. In fact, bridging via `mx-puppet-skype` has often been reported as broken, so we recommend that you go directly for `go-skype-bridge`, instead of this.
 The playbook used to be able to install and configure [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype), but no longer includes this component, because it has been broken and unmaintaned for a long time.
 The playbook can install and configure
 [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) for you.
 See the project page to learn what it does and why it might be useful to you.
 To enable the [Skype](https://www.skype.com/) bridge just use the following
 playbook configuration:
 ```yaml
 matrix_mx_puppet_skype_enabled: true
 ```
 ## Usage
 Once the bot is enabled you need to start a chat with `Skype Puppet Bridge` with
 the handle `@_skypepuppet_bot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
 domain, not the `matrix.` domain).
 Send `link <username> <password>` to the bridge bot to link your skype account.
 Once logged in, send `list` to the bot user to list the available rooms.
 Clicking rooms in the list will result in you receiving an invitation to the
 bridged room.
 Also send `help` to the bot to see the commands available.
 Bridging to [Skype](https://www.skype.com/) can also happen via the [go-skype-bridge](configuring-playbook-bridge-go-skype-bridge.md) bridge supported by the playbook.
--- a/docs/configuring-playbook-mautrix-bridges.md
+++ b/docs/configuring-playbook-mautrix-bridges.md
@@ -0,0 +1,111 @@
 # Setting up a Generic Mautrix Bridge (optional)
 The playbook can install and configure various [mautrix](https://github.com/mautrix) bridges (twitter, facebook, instagram, signal, hangouts, googlechat, etc.), as well as many other (non-mautrix) bridges.
 This is a common guide for configuring mautrix bridges.
 You can see each bridge's features at in the `ROADMAP.md` file in its corresponding [mautrix](https://github.com/mautrix) repository.
 To enable a bridge add:
 ```yaml
 # Replace SERVICENAME with one of: twitter, facebook, instagram, ..
 matrix_mautrix_SERVICENAME_enabled: true
 ```
 to your `vars.yml`
 There are some additional things you may wish to configure about the bridge before you continue. Each bridge may have additional requirements besides `_enabled: true`. For example, the mautrix-telegram bridge (our documentation page about it is [here](configuring-playbook-bridge-mautrix-telegram.md)) requires the `matrix_mautrix_telegram_api_id` and `matrix_mautrix_telegram_api_hash` variables to be defined. Refer to each bridge's individual documentation page for details about enabling bridges.
 You can add
 ```yaml
 matrix_admin: "@YOUR_USERNAME:{{ matrix_domain }}"
 ```
 to `vars.yml` to **configure a user as an administrator for all bridges**.
 **Alternatively** (more verbose, but allows multiple admins to be configured), you can do the same on a per-bridge basis with:
 ```yaml
 matrix_mautrix_SERVICENAME_configuration_extension_yaml: |
  bridge:
    permissions:
      '@YOUR_USERNAME:{{ matrix_domain }}': admin
 ```
 Encryption support is off by default. If you would like to enable encryption, add the following to your `vars.yml` file:
 ```yaml
 matrix_mautrix_SERVICENAME_configuration_extension_yaml: |
  bridge:
    encryption:
      allow: true
      default: true
 ```
 You can only have one `matrix_mautrix_SERVICENAME_configuration_extension_yaml` definition in `vars.yml` per bridge, so if you need multiple pieces of configuration there, just merge them like this:
 ```yaml
 matrix_mautrix_SERVICENAME_configuration_extension_yaml: |
  bridge:
    permissions:
      '@YOUR_USERNAME:{{ matrix_domain }}': admin
    encryption:
      allow: true
      default: true
 ```
 ## Setting the bot's username
 ```yaml
 matrix_mautrix_SERVICENAME_appservice_bot_username: "BOTNAME"
 ```
 Can be used to set the username for the bridge.
 ## Discovering additional configuration options
 You may wish to look at `roles/matrix-bridge-mautrix-SERVICENAME/templates/config.yaml.j2` and `roles/matrix-bridge-mautrix-SERVICENAME/defaults/main.yml` to find other things you would like to configure.
 ## Set up Double Puppeting
 To set up  [Double Puppeting](https://docs.mau.fi/bridges/general/double-puppeting.html)
 please do so automatically, by enabling Shared Secret Auth
 The bridge will automatically perform Double Puppeting if you enable [Shared Secret Auth](configuring-playbook-shared-secret-auth.md) for this playbook by adding
 ```yaml
 matrix_synapse_ext_password_provider_shared_secret_auth_enabled: true
 matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret: YOUR_SHARED_SECRET_GOES_HERE
 ```
 You should generate a strong shared secret with a command like this: pwgen -s 64 1
 This is the recommended way of setting up Double Puppeting, as it's easier to accomplish, works for all your users automatically, and has less of a chance of breaking in the future.
 ## Controlling the logging level
 ```yaml
 matrix_mautrix_SERVICENAME_logging_level: WARN
 ```
 to `vars.yml` to control the logging level, where you may replace WARN with one of the following to control the verbosity of the logs generated:     TRACE, DEBUG, INFO, WARN, ERROR, or FATAL.
 If you have issues with a service, and are requesting support, the higher levels of logging will generally be more helpful.
 ## Usage
 You then need to start a chat with `@SERVICENAMEbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain). 
 Send `login ` to the bridge bot to get started You can learn more here about authentication from the bridge's official documentation on Authentication https://docs.mau.fi/bridges/python/SERVICENAME/authentication.html  .
 If you run into trouble, check the [Troubleshooting](#troubleshooting) section below.
 ## Troubleshooting
 For troubleshooting information with a specific bridge, please see the playbook documentation about it (some other document in in `docs/`) and the upstream ([mautrix](https://github.com/mautrix)) bridge documentation for that specific bridge.
 Reporting bridge bugs should happen upstream, in the corresponding mautrix repository, not to us.
--- a/docs/configuring-playbook-ntfy.md
+++ b/docs/configuring-playbook-ntfy.md
@@ -0,0 +1,93 @@
 # Setting up ntfy (optional)
 The playbook can install and configure the [ntfy](https://ntfy.sh/) push notifications server for you.
 Using the [UnifiedPush](https://unifiedpush.org) standard, ntfy enables self-hosted (Google-free) push notifications from Matrix (and other) servers to UnifiedPush-compatible matrix compatible client apps running on Android and other devices.
 This role is intended to support UnifiedPush notifications for use with the Matrix and Matrix-related services that this playbook installs. This role is not intended to support all of ntfy's other features.
 **Note**: In contrast to push notifications using Google's FCM or Apple's APNs, the use of UnifiedPush allows each end-user to choose the push notification server that they prefer.  As a consequence, deploying this ntfy server does not by itself ensure any particular user or device or client app will use it.
 ## Adjusting the playbook configuration
 Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file (adapt to your needs):
 ```yaml
 # Enabling it is the only required setting
 matrix_ntfy_enabled: true
 # Some other options
 matrix_server_fqn_ntfy: "ntfy.{{ matrix_domain }}"
 matrix_ntfy_configuration_extension_yaml: |
  log_level: DEBUG
 ```
 For a more complete list of variables that you could override, see `roles/matrix-ntfy/defaults/main.yml`.
 For a complete list of ntfy config options that you could put in `matrix_ntfy_configuration_extension_yaml`, see the [ntfy config documentation](https://ntfy.sh/docs/config/#config-options).
 ## Installing
 Don't forget to add `ntfy.<your-domain>` to DNS as described in [Configuring DNS](configuring-dns.md) before running the playbook.
 After configuring the playbook, run the [installation](installing.md) command again:
 ```
 ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
 ```
 ## Usage
 To make use of your ntfy installation, on Android for example, you need two things:
 * the `ntfy` app
 * a UnifiedPush-compatible matrix app
 You need to install the `ntfy` app on each device on which you want to receive push notifications through your ntfy server. The `ntfy` app will provide UnifiedPush notifications to any number of UnifiedPush-compatible messaging apps installed on the same device.
 ### Setting up the `ntfy` Android app
 1. Install the [ntfy Android app](https://ntfy.sh/docs/subscribe/phone/) from F-droid or Google Play.
 2. In its Settings -> `General: Default server`, enter your ntfy server URL, such as `https://ntfy.DOMAIN`.
 3. In its Settings -> `Advanced: Connection protocol`, choose `WebSockets`.
 That is all you need to do in the ntfy app. It has many other features, but for our purposes you can ignore them. In particular you do not need to follow any instructions about subscribing to a notification topic as UnifiedPush will do that automatically.
 ### Setting up a UnifiedPush-compatible matrix app
 Install any UnifiedPush-enabled matrix app on that same device. The matrix app will learn from the `ntfy` app that you have configured UnifiedPush on this device, and then it will tell your matrix server to use it.
 Steps needed for specific matrix apps:
 * FluffyChat-android:
  - Should auto-detect and use it. No manual settings.
 * SchildiChat-android:
  1. enable `Settings` -> `Notifications` -> `UnifiedPush: Force custom push gateway`.
  2. choose `Settings` -> `Notifications` -> `UnifiedPush: Re-register push distributor`. *(For info, a more complex alternative to achieve the same is: delete the relevant unifiedpush registration in `ntfy` app, force-close SchildiChat, re-open it.)*
  3. verify `Settings` -> `Notifications` -> `UnifiedPush: Notification targets` as described below in the "Troubleshooting" section.
 * Element-android v1.4.26+:
  - [not yet documented; should auto-detect and use it?]
 If the matrix app asks, "Choose a distributor: FCM Fallback or ntfy", then choose "ntfy".
 If the matrix app doesn't seem to pick it up, try restarting it and try the Troubleshooting section below.
 ## Troubleshooting
 First check that the matrix client app you are using supports UnifiedPush. There may well be different variants of the app.
 Set the ntfy server's log level to 'DEBUG', as shown in the example settings above, and watch the server's logs with `sudo journalctl -fu matrix-ntfy`.
 To check if UnifiedPush is correctly configured on the client device, look at "Settings -> Notifications -> Notification Targets" in Element-Android or SchildiChat, or "Settings -> Notifications -> Devices" in FluffyChat. There should be one entry for each matrix client app that has enabled push notifications, and when that client is using UnifiedPush you should see a URL that begins with your ntfy server's URL.
 In the "Notification Targets" screen in Element-Android or SchildiChat, two relevant URLs are shown, "push\_key" and "Url", and both should begin with your ntfy server's URL. If "push\_key" shows your server but "Url" shows an external server such as `up.schildi.chat` then push notifications will still work but are being routed through that external server before they reach your ntfy server. To rectify that, in SchildiChat (at least around version 1.4.20.sc55) you must enable the `Force custom push gateway` setting as described in the "Usage" section above.
 If it is not working, useful tools are "Settings -> Notifications -> Re-register push distributor" and "Settings -> Notifications -> Troubleshoot Notifications" in SchildiChat (possibly also Element-Android). In particular the "Endpoint/FCM" step of that troubleshooter should display your ntfy server's URL that it has discovered from the ntfy client app.
 The simple [UnifiedPush troubleshooting](https://unifiedpush.org/users/troubleshooting/) app [UP-Example](https://f-droid.org/en/packages/org.unifiedpush.example/) can be used to manually test UnifiedPush registration and operation on an Android device.
--- a/docs/configuring-playbook-own-webserver.md
+++ b/docs/configuring-playbook-own-webserver.md
@@ -57,6 +57,14 @@ matrix_nginx_proxy_ssl_protocols: "TLSv1.2"
 If you are experiencing issues, try updating to a newer version of Nginx. As a data point in May 2021 a user reported that Nginx 1.14.2 was not working for them. They were getting errors about socket leaks. Updating to Nginx 1.19 fixed their issue.
 If you are not going to be running your webserver on the same docker network, or the same machine as matrix, these variables can be set to bind synapse to an exposed port. [Keep in mind that there are some security concerns if you simply proxy everything to it](https://github.com/matrix-org/synapse/blob/master/docs/reverse_proxy.md#synapse-administration-endpoints)
 ```yaml
 # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:8048" or "192.168.1.3:80"), or empty string to not expose.
 matrix_synapse_container_client_api_host_bind_port: ''
 matrix_synapse_container_federation_api_plain_host_bind_port: ''
 ```
 ### Using your own external Apache webserver
--- a/docs/configuring-playbook-ssl-certificates.md
+++ b/docs/configuring-playbook-ssl-certificates.md
@@ -74,6 +74,7 @@ By default, it obtains certificates for:
 - possibly for `jitsi.<your-domain>`, if you have explicitly [set up Jitsi](configuring-playbook-jitsi.md).
 - possibly for `stats.<your-domain>`, if you have explicitly [set up Grafana](configuring-playbook-prometheus-grafana.md).
 - possibly for `sygnal.<your-domain>`, if you have explicitly [set up Sygnal](configuring-playbook-sygnal.md).
 - possibly for `ntfy.<your-domain>`, if you have explicitly [set up ntfy](configuring-playbook-ntfy.md).
 - possibly for your base domain (`<your-domain>`), if you have explicitly configured [Serving the base domain](configuring-playbook-base-domain-serving.md)
 If you are hosting other domains on the Matrix machine, you can make the playbook obtain and renew certificates for those other domains too.
--- a/docs/configuring-playbook-telemetry.md
+++ b/docs/configuring-playbook-telemetry.md
@@ -3,8 +3,7 @@
 By default, this playbook configures your Matrix homeserver to not send any telemetry data anywhere.
 The [matrix.org](https://matrix.org) team would really appreciate it if you could help the project out by reporting
 anonymized usage statistics from your homeserver. Only very [basic aggregate
 data](#usage-statistics-being-submitted) (e.g. number of users) will be reported, but it helps track the
 usage statistics from your homeserver. Enabling usage statistics helps track the
 growth of the Matrix community, and helps to make Matrix a success.
@@ -19,28 +18,9 @@ matrix_synapse_report_stats: true
 ## Usage statistics being submitted
 If statistics reporting is enabled, the information that gets submitted to the matrix.org team [according to the source code](https://github.com/matrix-org/synapse/blob/master/synapse/app/homeserver.py) is:
 When enabled, Synapse will regularly upload a few dozen statistics about your server.
 This data includes your homeserver's domain, the total number of users, the number of active
 users, the total number of rooms, and the number of messages sent per day on your homeserver.
 - your homeserver's domain name
 - uptime of the homeserver program
 - [Python](https://www.python.org/) version powering your homeserver
 - total number of users on your home server (including bridged users)
 - total number of native Matrix users on your home server
 - total number of rooms on your homeserver
 - total number of daily active users on your homeserver
 - total number of daily active rooms on your homeserver
 - total number of messages sent per day
 - cache setting information
 - CPU and memory statistics for the homeserver program
 - database engine type and version
 See [Synapse's documentation](https://github.com/matrix-org/synapse/blob/develop/docs/usage/administration/monitoring/reporting_homeserver_usage_statistics.md#available-statistics)
 for the full list of statistics that are reported.
--- a/docs/configuring-playbook.md
+++ b/docs/configuring-playbook.md
@@ -120,7 +120,7 @@ When you're done with all the configuration you'd like to do, continue with [Ins
 - [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional)
 - [Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md) (optional) - often reported as broken; see **Go Skype Bridge** (below) as an alternative
 - ~~[Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md)~~ (optional) - this component has been broken for a long time, so it has been removed from the playbook. Consider [Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md)
 - [Setting up MX Puppet Slack bridging](configuring-playbook-bridge-mx-puppet-slack.md) (optional)
@@ -170,3 +170,5 @@ When you're done with all the configuration you'd like to do, continue with [Ins
 ### Other specialized services
 - [Setting up the Sygnal push gateway](configuring-playbook-sygnal.md) (optional)
 - [Setting up the ntfy push notifications server](configuring-playbook-ntfy.md) (optional)
--- a/docs/configuring-well-known.md
+++ b/docs/configuring-well-known.md
@@ -36,6 +36,37 @@ However, this playbook installs your Matrix server on another domain (e.g. `matr
 To learn how to set it up, read the Installing section below.
 ## (Optional) Introduction to Homeserver Admin Contact and Support page
 [MSC 1929](https://github.com/matrix-org/matrix-spec-proposals/pull/1929) specifies a way to add contact details of admins, as well as a link to a support page for users who are having issues with the service.
 This MSC did not get accepted yet, but we think it might already be useful to Homeserver admins who wish to provide this information to end-users.
 The two playbook variables that you could look for, if you're interested in being an early adopter, are: `matrix_homeserver_admin_contacts` and `matrix_homeserver_support_url`.
 Example snippet for `vars.yml`:
 ```
 # Enable generation of `/.well-known/matrix/support`.
 # This needs to be enabled explicitly for now, because MSC 1929 is not yet accepted.
 matrix_well_known_matrix_support_enabled: true
 # Homeserver admin contacts as per MSC 1929 https://github.com/matrix-org/matrix-spec-proposals/pull/1929
 matrix_homeserver_admin_contacts:
  - matrix_id: "@admin1:{{ matrix_domain }}"
    email_address: admin@domain.tld
    role: admin
  - matrix_id: "@admin2:{{ matrix_domain }}"
    email_address: admin2@domain.tld
    role: admin
  - email_address: security@domain.tld
    role: security
 matrix_homeserver_support_url: "https://example.domain.tld/support"
 ```
 To learn how to set up `/.well-known/matrix/support` for the base domain, read the Installing section below.
 ## Installing well-known files on the base domain's server
 To implement the two service discovery mechanisms, your base domain's server (e.g. `example.com`) needs to run an HTTPS-capable webserver.
@@ -168,6 +199,11 @@ backend matrix-backend
 /.well-known/matrix/* https://matrix.DOMAIN/.well-known/matrix/:splat 200!
 ```
 **For AWS CloudFront**
   1. Add a custom origin with matrix.<your-domain> to your distribution
   1. Add two behaviors, one for `.well-known/matrix/client` and one for `.well-known/matrix/server` and point them to your new origin.
 Make sure to:
 - **replace `DOMAIN`** in the server configuration with your actual domain name
@@ -180,5 +216,6 @@ No matter which method you've used to set up the well-known files, if you've don
 - `https://<domain>/.well-known/matrix/server`
 - `https://<domain>/.well-known/matrix/client`
 - `https://<domain>/.well-known/matrix/support`
 You can also check if everything is configured correctly, by [checking if services work](maintenance-checking-services.md).
--- a/docs/container-images.md
+++ b/docs/container-images.md
@@ -68,8 +68,6 @@ These services are not part of our default installation, but can be enabled by [
 - [folivonet/matrix-sms-bridge](https://hub.docker.com/repository/docker/folivonet/matrix-sms-bridge) - the [matrix-sms-bridge](https://github.com/benkuly/matrix-sms-bridge) (optional)
 - [sorunome/mx-puppet-skype](https://hub.docker.com/r/sorunome/mx-puppet-skype) - the [mx-puppet-skype](https://github.com/Sorunome/mx-puppet-skype) bridge to [Skype](https://www.skype.com) (optional)
 - [sorunome/mx-puppet-slack](https://hub.docker.com/r/sorunome/mx-puppet-slack) - the [mx-puppet-slack](https://github.com/Sorunome/mx-puppet-slack) bridge to [Slack](https://slack.com) (optional)
 - [sorunome/mx-puppet-instagram](https://hub.docker.com/r/sorunome/mx-puppet-instagram) - the [mx-puppet-instagram](https://github.com/Sorunome/mx-puppet-instagram) bridge to [Instagram](https://www.instagram.com) (optional)
@@ -109,3 +107,5 @@ These services are not part of our default installation, but can be enabled by [
 - [grafana/grafana](https://hub.docker.com/r/grafana/grafana/) - [Grafana](https://github.com/grafana/grafana/) is a graphing tool that works well with the above two images. Our playbook also adds two dashboards for [Synapse](https://github.com/matrix-org/synapse/tree/master/contrib/grafana) and  [Node Exporter](https://github.com/rfrail3/grafana-dashboards)
 - [matrixdotorg/sygnal](https://hub.docker.com/r/matrixdotorg/sygnal/) - [Sygnal](https://github.com/matrix-org/sygnal) is a reference Push Gateway for Matrix
 - [binwiederhier/ntfy](https://hub.docker.com/r/binwiederhier/ntfy/) - [ntfy](https://ntfy.sh/) is a self-hosted, UnifiedPush-compatible push notifications server
--- a/docs/self-building.md
+++ b/docs/self-building.md
@@ -33,7 +33,6 @@ List of roles where self-building the Docker image is currently possible:
 - `matrix-bridge-mautrix-telegram`
 - `matrix-bridge-mautrix-signal`
 - `matrix-bridge-mautrix-whatsapp`
 - `matrix-bridge-mx-puppet-skype`
 - `matrix-bridge-mx-puppet-steam`
 - `matrix-bot-mjolnir`
 - `matrix-bot-honoroit`
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -22,16 +22,16 @@ matrix_identity_server_url: "{{ ('https://' + matrix_server_fqn_matrix) if matri
 matrix_homeserver_container_url: |-
  {{
    'http://matrix-nginx-proxy:12080' if matrix_nginx_proxy_enabled else {
      'synapse': ('http://matrix-synapse:'+ matrix_synapse_container_client_api_port|string),
      'dendrite': ('http://matrix-dendrite:' + matrix_dendrite_http_bind_port|string),
      'synapse': ('http://matrix-synapse:'+ matrix_synapse_container_client_api_port | string),
      'dendrite': ('http://matrix-dendrite:' + matrix_dendrite_http_bind_port | string),
    }[matrix_homeserver_implementation]
  }}
 matrix_homeserver_container_federation_url: |-
  {{
    'http://matrix-nginx-proxy:12088' if matrix_nginx_proxy_enabled else {
      'synapse': ('http://matrix-synapse:'+ matrix_synapse_container_federation_api_plain_port|string),
      'dendrite': ('http://matrix-dendrite:' + matrix_dendrite_http_bind_port|string),
      'synapse': ('http://matrix-synapse:'+ matrix_synapse_container_federation_api_plain_port | string),
      'dendrite': ('http://matrix-dendrite:' + matrix_dendrite_http_bind_port | string),
    }[matrix_homeserver_implementation]
  }}
@@ -729,44 +729,6 @@ matrix_hookshot_urlprefix: "http{{ 's' if matrix_nginx_proxy_https_enabled else
 #
 ######################################################################
 ######################################################################
 #
 # matrix-bridge-mx-puppet-skype
 #
 ######################################################################
 # We don't enable bridges by default.
 matrix_mx_puppet_skype_enabled: false
 matrix_mx_puppet_skype_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
 matrix_mx_puppet_skype_systemd_required_services_list: |
  {{
    ['docker.service']
    +
    ['matrix-' + matrix_homeserver_implementation + '.service']
    +
    (['matrix-postgres.service'] if matrix_postgres_enabled else [])
    +
    (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
  }}
 matrix_mx_puppet_skype_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'skype.as.tok') | to_uuid }}"
 matrix_mx_puppet_skype_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'skype.hs.tok') | to_uuid }}"
 matrix_mx_puppet_skype_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
 # Postgres is the default, except if not using `matrix_postgres` (internal postgres)
 matrix_mx_puppet_skype_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}"
 matrix_mx_puppet_skype_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'mxpup.skype.db') | to_uuid }}"
 ######################################################################
 #
 # /matrix-bridge-mx-puppet-skype
 #
 ######################################################################
 ######################################################################
 #
@@ -1236,7 +1198,7 @@ matrix_backup_borg_postgresql_databases: |
        'name': matrix_synapse_database_database
    }] if (matrix_synapse_enabled and matrix_synapse_database_database == matrix_postgres_db_name and matrix_synapse_database_host == 'matrix-postgres') else [])
    +
    matrix_postgres_additional_databases)|map(attribute='name')|list
    matrix_postgres_additional_databases)|map(attribute='name') | list
  }}
 matrix_backup_borg_location_source_directories:
  - "{{ matrix_base_data_path }}"
@@ -1509,7 +1471,7 @@ matrix_ma1sd_container_image_self_build: "{{ matrix_architecture != 'amd64' }}"
 # Normally, matrix-nginx-proxy is enabled and nginx can reach ma1sd over the container network.
 # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it, you can expose
 # ma1sd's web-server port.
 matrix_ma1sd_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_ma1sd_container_port|string }}"
 matrix_ma1sd_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_ma1sd_container_port | string }}"
 # We enable Synapse integration via its Postgres database by default.
@@ -1592,6 +1554,7 @@ matrix_nginx_proxy_proxy_bot_go_neb_enabled: "{{ matrix_bot_go_neb_enabled }}"
 matrix_nginx_proxy_proxy_jitsi_enabled: "{{ matrix_jitsi_enabled }}"
 matrix_nginx_proxy_proxy_grafana_enabled: "{{ matrix_grafana_enabled }}"
 matrix_nginx_proxy_proxy_sygnal_enabled: "{{ matrix_sygnal_enabled }}"
 matrix_nginx_proxy_proxy_ntfy_enabled: "{{ matrix_ntfy_enabled }}"
 matrix_nginx_proxy_proxy_matrix_corporal_api_enabled: "{{ matrix_corporal_enabled and matrix_corporal_http_api_enabled }}"
 matrix_nginx_proxy_proxy_matrix_corporal_api_addr_with_container: "matrix-corporal:41081"
@@ -1617,14 +1580,14 @@ matrix_nginx_proxy_proxy_matrix_federation_api_addr_sans_container: "127.0.0.1:1
 matrix_nginx_proxy_proxy_synapse_enabled: "{{ matrix_synapse_enabled }}"
 matrix_nginx_proxy_proxy_synapse_client_api_addr_with_container: "matrix-synapse:{{ matrix_synapse_container_client_api_port }}"
 matrix_nginx_proxy_proxy_synapse_client_api_addr_sans_container: "127.0.0.1:{{ matrix_synapse_container_client_api_port }}"
 matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:{{matrix_synapse_container_federation_api_plain_port|string}}"
 matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "localhost:{{matrix_synapse_container_federation_api_plain_port|string}}"
 matrix_nginx_proxy_proxy_synapse_federation_api_addr_with_container: "matrix-synapse:{{matrix_synapse_container_federation_api_plain_port | string}}"
 matrix_nginx_proxy_proxy_synapse_federation_api_addr_sans_container: "127.0.0.1:{{matrix_synapse_container_federation_api_plain_port | string}}"
 matrix_nginx_proxy_proxy_dendrite_enabled: "{{ matrix_dendrite_enabled }}"
 matrix_nginx_proxy_proxy_dendrite_client_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port|string }}"
 matrix_nginx_proxy_proxy_dendrite_client_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port|string }}"
 matrix_nginx_proxy_proxy_dendrite_federation_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port|string }}"
 matrix_nginx_proxy_proxy_dendrite_federation_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port|string }}"
 matrix_nginx_proxy_proxy_dendrite_client_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port | string }}"
 matrix_nginx_proxy_proxy_dendrite_client_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port | string }}"
 matrix_nginx_proxy_proxy_dendrite_federation_api_addr_with_container: "matrix-dendrite:{{ matrix_dendrite_http_bind_port | string }}"
 matrix_nginx_proxy_proxy_dendrite_federation_api_addr_sans_container: "127.0.0.1:{{ matrix_dendrite_http_bind_port | string }}"
 # When matrix-nginx-proxy is disabled, the actual port number that the vhost uses may begin to matter.
 matrix_nginx_proxy_proxy_matrix_federation_port: "{{ matrix_federation_public_port }}"
@@ -1674,6 +1637,8 @@ matrix_nginx_proxy_systemd_wanted_services_list: |
    +
    (['matrix-sygnal.service'] if matrix_sygnal_enabled else [])
    +
    (['matrix-ntfy.service'] if matrix_ntfy_enabled else [])
    +
    (['matrix-jitsi.service'] if matrix_jitsi_enabled else [])
    +
    (['matrix-bot-go-neb.service'] if matrix_bot_go_neb_enabled else [])
@@ -1707,6 +1672,8 @@ matrix_ssl_domains_to_obtain_certificates_for: |
    +
    ([matrix_server_fqn_sygnal] if matrix_sygnal_enabled else [])
    +
    ([matrix_server_fqn_ntfy] if matrix_ntfy_enabled else [])
    +
    ([matrix_domain] if matrix_nginx_proxy_base_domain_serving_enabled else [])
    +
    matrix_ssl_additional_domains_to_obtain_certificates_for
@@ -1904,12 +1871,6 @@ matrix_postgres_additional_databases: |
      'password': matrix_mautrix_whatsapp_database_password,
    }] if (matrix_mautrix_whatsapp_enabled and matrix_mautrix_whatsapp_database_engine == 'postgres' and matrix_mautrix_whatsapp_database_hostname == 'matrix-postgres') else [])
    +
    ([{
      'name': matrix_mx_puppet_skype_database_name,
      'username': matrix_mx_puppet_skype_database_username,
      'password': matrix_mx_puppet_skype_database_password,
    }] if (matrix_mx_puppet_skype_enabled and matrix_mx_puppet_skype_database_engine == 'postgres' and matrix_mx_puppet_skype_database_hostname == 'matrix-postgres') else [])
    +
    ([{
      'name': matrix_mx_puppet_slack_database_name,
      'username': matrix_mx_puppet_slack_database_username,
@@ -1970,14 +1931,14 @@ matrix_postgres_import_roles_to_ignore: |
  {{
    [matrix_postgres_connection_username]
    +
    matrix_postgres_additional_databases|map(attribute='username')|list
    matrix_postgres_additional_databases|map(attribute='username') | list
  }}
 matrix_postgres_import_databases_to_ignore: |
  {{
    [matrix_postgres_db_name]
    +
    matrix_postgres_additional_databases|map(attribute='name')|list
    matrix_postgres_additional_databases|map(attribute='name') | list
  }}
 ######################################################################
@@ -2006,6 +1967,22 @@ matrix_sygnal_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enable
 #
 ######################################################################
 ######################################################################
 #
 # matrix-ntfy
 #
 ######################################################################
 matrix_ntfy_enabled: false
 matrix_ntfy_container_http_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:2586' }}"
 ######################################################################
 #
 # /matrix-ntfy
 #
 ######################################################################
 ######################################################################
 #
 # matrix-redis
@@ -2127,18 +2104,18 @@ matrix_synapse_container_image_self_build: "{{ matrix_architecture not in ['arm6
 # When ma1sd is enabled, we can use it to validate email addresses and phone numbers.
 # Synapse can validate email addresses by itself as well, but it's probably not what we want by default when we have an identity server.
 matrix_synapse_account_threepid_delegates_email: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port|string if matrix_ma1sd_enabled else '' }}"
 matrix_synapse_account_threepid_delegates_msisdn: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port|string if matrix_ma1sd_enabled else '' }}"
 matrix_synapse_account_threepid_delegates_email: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port | string if matrix_ma1sd_enabled else '' }}"
 matrix_synapse_account_threepid_delegates_msisdn: "{{ 'http://matrix-ma1sd:' + matrix_ma1sd_container_port | string if matrix_ma1sd_enabled else '' }}"
 # Normally, matrix-nginx-proxy is enabled and nginx can reach Synapse over the container network.
 # If matrix-nginx-proxy is not enabled, or you otherwise have a need for it,
 # you can expose Synapse's ports to the host.
 #
 # For exposing the Matrix Client API's port (plain HTTP) to the local host.
 matrix_synapse_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_client_api_port|string }}"
 matrix_synapse_container_client_api_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_client_api_port | string }}"
 #
 # For exposing the Matrix Federation API's plain port (plain HTTP) to the local host.
 matrix_synapse_container_federation_api_plain_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_federation_api_plain_port|string }}"
 matrix_synapse_container_federation_api_plain_host_bind_port: "{{ '' if matrix_nginx_proxy_enabled else '127.0.0.1:' + matrix_synapse_container_federation_api_plain_port | string }}"
 #
 # For exposing the Matrix Federation API's TLS port (HTTPS) to the internet on all network interfaces.
 matrix_synapse_container_federation_api_tls_host_bind_port: "{{ matrix_federation_public_port if (matrix_synapse_federation_enabled and matrix_synapse_tls_federation_listener_enabled) else '' }}"
@@ -2282,10 +2259,10 @@ matrix_prometheus_scraper_node_enabled: "{{ matrix_prometheus_node_exporter_enab
 matrix_prometheus_scraper_node_targets: "{{ ['matrix-prometheus-node-exporter:9100'] if matrix_prometheus_node_exporter_enabled else [] }}"
 matrix_prometheus_scraper_postgres_enabled: "{{ matrix_prometheus_postgres_exporter_enabled }}"
 matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port|string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
 matrix_prometheus_scraper_postgres_targets: "{{ ['matrix-prometheus-postgres-exporter:'+ matrix_prometheus_postgres_exporter_port | string] if matrix_prometheus_scraper_postgres_enabled else [] }}"
 matrix_prometheus_scraper_hookshot_enabled: "{{ matrix_hookshot_metrics_enabled|default(false) }}"
 matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url|string +':'+ matrix_hookshot_metrics_port|string] if matrix_hookshot_metrics_enabled else [] }}"
 matrix_prometheus_scraper_hookshot_targets: "{{ [matrix_hookshot_container_url | string +':'+ matrix_hookshot_metrics_port | string] if matrix_hookshot_metrics_enabled else [] }}"
 ######################################################################
 #
@@ -2414,7 +2391,7 @@ matrix_postgres_backup_databases: |
        'name': matrix_synapse_database_database
    }] if (matrix_synapse_enabled and matrix_synapse_database_database == matrix_postgres_db_name and matrix_synapse_database_host == 'matrix-postgres') else [])
    +
    matrix_postgres_additional_databases)|map(attribute='name')|list
    matrix_postgres_additional_databases)|map(attribute='name') | list
  }}
 ######################################################################
@@ -2436,10 +2413,10 @@ matrix_dendrite_enabled: "{{ matrix_homeserver_implementation == 'dendrite' }}"
 # you can expose Dendrite's ports to the host.
 #
 # For exposing Dendrite's plain HTTP server to the local host.
 matrix_dendrite_container_http_host_bind_address: "{{ '' if matrix_nginx_proxy_enabled else ('127.0.0.1:' + matrix_dendrite_http_bind_port|string) }}"
 matrix_dendrite_container_http_host_bind_address: "{{ '' if matrix_nginx_proxy_enabled else ('127.0.0.1:' + matrix_dendrite_http_bind_port | string) }}"
 #
 # For exposing Dendrite's HTTPS server to the local host.
 matrix_dendrite_container_https_host_bind_address: "{{ '' if matrix_nginx_proxy_enabled or not matrix_dendrite_https_bind_port else ('127.0.0.1:' + matrix_dendrite_https_bind_port|string) }}"
 matrix_dendrite_container_https_host_bind_address: "{{ '' if matrix_nginx_proxy_enabled or not matrix_dendrite_https_bind_port else ('127.0.0.1:' + matrix_dendrite_https_bind_port | string) }}"
 matrix_dendrite_sync_api_real_ip_header: "{{ 'X-Forwarded-For' if matrix_nginx_proxy_enabled else '' }}"
--- a/roles/matrix-aux/tasks/main.yml
+++ b/roles/matrix-aux/tasks/main.yml
@@ -1,7 +1,7 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/setup.yml"
  when: run_stop|bool
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup.yml"
  when: run_stop | bool
  tags:
    - setup-all
    - setup-aux-files
--- a/roles/matrix-aux/tasks/setup.yml
+++ b/roles/matrix-aux/tasks/setup.yml
@@ -1,19 +1,19 @@
 ---
 - name: Ensure AUX directories are created
  file:
  ansible.builtin.file:
    dest: "{{ item.dest }}"
    state: directory
    owner: "{{ item.owner|default(matrix_user_username) }}"
    group: "{{ item.group|default(matrix_user_groupname) }}"
    mode: "{{ item.mode|default(matrix_aux_directory_default_mode) }}"
    owner: "{{ item.owner | default(matrix_user_username) }}"
    group: "{{ item.group | default(matrix_user_groupname) }}"
    mode: "{{ item.mode | default(matrix_aux_directory_default_mode) }}"
  with_items: "{{ matrix_aux_directory_definitions }}"
 - name: Ensure AUX files are created
  copy:
  ansible.builtin.copy:
    dest: "{{ item.dest }}"
    content: "{{ item.content }}"
    owner: "{{ item.owner|default(matrix_user_username) }}"
    group: "{{ item.group|default(matrix_user_groupname) }}"
    mode: "{{ item.mode|default(matrix_aux_file_default_mode) }}"
    owner: "{{ item.owner | default(matrix_user_username) }}"
    group: "{{ item.group | default(matrix_user_groupname) }}"
    mode: "{{ item.mode | default(matrix_aux_file_default_mode) }}"
  with_items: "{{ matrix_aux_file_definitions }}"
--- a/roles/matrix-backup-borg/defaults/main.yml
+++ b/roles/matrix-backup-borg/defaults/main.yml
@@ -1,4 +1,6 @@
 ---
 # Project source code URL: https://gitlab.com/etke.cc/borgmatic
 matrix_backup_borg_enabled: true
 matrix_backup_borg_base_path: "{{ matrix_base_data_path }}/backup-borg"
@@ -6,13 +8,14 @@ matrix_backup_borg_config_path: "{{ matrix_backup_borg_base_path }}/config"
 matrix_backup_borg_container_image_self_build: false
 matrix_backup_borg_docker_repo: "https://gitlab.com/etke.cc/borgmatic"
 matrix_backup_borg_docker_repo_version: main
 matrix_backup_borg_docker_src_files_path: "{{ matrix_backup_borg_base_path }}/docker-src"
 # version determined automatically, based on postgres server version (if enabled), otherwise latest is used
 matrix_backup_borg_version: ""
 matrix_backup_borg_docker_image: "{{ matrix_backup_borg_docker_image_name_prefix }}etke.cc/borgmatic:{{ matrix_backup_borg_version }}"
 matrix_backup_borg_docker_image_name_prefix: "{{ 'localhost/' if matrix_backup_borg_container_image_self_build else 'registry.gitlab.com/' }}"
 matrix_backup_borg_docker_image_force_pull: "{{ matrix_backup_borg_docker_image.endswith(':latest') or matrix_backup_borg_version|default('') == '' }}"
 matrix_backup_borg_docker_image_force_pull: "{{ matrix_backup_borg_docker_image.endswith(':latest') or matrix_backup_borg_version | default('') == '' }}"
 # A list of extra arguments to pass to the container
 matrix_backup_borg_container_extra_arguments: []
@@ -91,8 +94,8 @@ matrix_backup_borg_configuration_extension_yaml: |
  # If you need something more special, you can take full control by
  # completely redefining `matrix_backup_borg_configuration_yaml`.
 matrix_backup_borg_configuration_extension: "{{ matrix_backup_borg_configuration_extension_yaml|from_yaml if matrix_backup_borg_configuration_extension_yaml|from_yaml is mapping else {} }}"
 matrix_backup_borg_configuration_extension: "{{ matrix_backup_borg_configuration_extension_yaml | from_yaml if matrix_backup_borg_configuration_extension_yaml | from_yaml is mapping else {} }}"
 # Holds the final borgmatic configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_backup_borg_configuration_yaml`.
 matrix_backup_borg_configuration: "{{ matrix_backup_borg_configuration_yaml|from_yaml|combine(matrix_backup_borg_configuration_extension, recursive=True) }}"
 matrix_backup_borg_configuration: "{{ matrix_backup_borg_configuration_yaml | from_yaml | combine(matrix_backup_borg_configuration_extension, recursive=True) }}"
--- a/roles/matrix-backup-borg/tasks/init.yml
+++ b/roles/matrix-backup-borg/tasks/init.yml
@@ -1,4 +1,4 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-backup-borg.timer'] }}"
  when: matrix_backup_borg_enabled|bool
  when: matrix_backup_borg_enabled | bool
--- a/roles/matrix-backup-borg/tasks/main.yml
+++ b/roles/matrix-backup-borg/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_backup_borg_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_backup_borg_enabled | bool"
  tags:
    - setup-all
    - setup-backup-borg
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_backup_borg_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_backup_borg_enabled | bool"
  tags:
    - setup-all
    - setup-backup-borg
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_backup_borg_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_backup_borg_enabled | bool"
  tags:
    - setup-all
    - setup-backup-borg
--- a/roles/matrix-backup-borg/tasks/setup_install.yml
+++ b/roles/matrix-backup-borg/tasks/setup_install.yml
@@ -1,19 +1,22 @@
 ---
 - block:
  - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/detect_existing_postgres_version.yml"
  - ansible.builtin.import_role:
      name: matrix-postgres
      tasks_from: detect_existing_postgres_version
  - name: Fail if detected Postgres version is unsupported
    fail:
    ansible.builtin.fail:
      msg: "You cannot use borg backup with such an old version ({{ matrix_postgres_detected_version }}) of Postgres. Consider upgrading - link to docs for upgrading Postgres: docs/maintenance-postgres.md#upgrading-postgresql"
    when: "matrix_postgres_detected_version not in matrix_backup_borg_supported_postgres_versions"
  - name: Set the correct borg backup version to use
    set_fact:
    ansible.builtin.set_fact:
      matrix_backup_borg_version: "{{ matrix_postgres_detected_version }}"
  when: matrix_backup_borg_postgresql_enabled|bool and matrix_backup_borg_version == ''
  when: matrix_backup_borg_postgresql_enabled | bool and matrix_backup_borg_version == ''
 - name: Ensure borg paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -22,18 +25,18 @@
  with_items:
    - {path: "{{ matrix_backup_borg_config_path }}", when: true}
    - {path: "{{ matrix_backup_borg_docker_src_files_path }}", when: true}
  when: "item.when|bool"
  when: "item.when | bool"
 - name: Ensure borgmatic config is created
  copy:
    content: "{{ matrix_backup_borg_configuration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_backup_borg_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_backup_borg_config_path }}/config.yaml"
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
    mode: 0640
 - name: Ensure borg passwd is created
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/passwd.j2"
    dest: "{{ matrix_backup_borg_config_path }}/passwd"
    owner: "{{ matrix_user_username }}"
@@ -41,7 +44,7 @@
    mode: 0640
 - name: Ensure borg ssh key is created
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/sshkey.j2"
    dest: "{{ matrix_backup_borg_config_path }}/sshkey"
    owner: "{{ matrix_user_username }}"
@@ -54,21 +57,22 @@
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_backup_borg_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_backup_borg_docker_image_force_pull }}"
  when: "not matrix_backup_borg_container_image_self_build|bool"
  when: "not matrix_backup_borg_container_image_self_build | bool"
  register: result
  retries: "{{ matrix_container_retries_count }}"
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed
 - name: Ensure borg repository is present on self-build
  git:
  ansible.builtin.git:
    repo: "{{ matrix_backup_borg_docker_repo }}"
    version: "{{ matrix_backup_borg_docker_repo_version }}"
    dest: "{{ matrix_backup_borg_docker_src_files_path }}"
    force: "yes"
  become: true
  become_user: "{{ matrix_user_username }}"
  register: matrix_backup_borg_git_pull_results
  when: "matrix_backup_borg_container_image_self_build|bool"
  when: "matrix_backup_borg_container_image_self_build | bool"
 - name: Ensure borg image is built
  docker_image:
@@ -80,33 +84,33 @@
      dockerfile: Dockerfile
      path: "{{ matrix_backup_borg_docker_src_files_path }}"
      pull: true
  when: "matrix_backup_borg_container_image_self_build|bool"
  when: "matrix_backup_borg_container_image_self_build | bool"
 - name: Ensure matrix-backup-borg.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-backup-borg.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-backup-borg.service"
    mode: 0644
  register: matrix_backup_borg_systemd_service_result
 - name: Ensure matrix-backup-borg.timer installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-backup-borg.timer.j2"
    dest: "{{ matrix_systemd_path }}/matrix-backup-borg.timer"
    mode: 0644
  register: matrix_backup_borg_systemd_timer_result
 - name: Ensure systemd reloaded after matrix-backup-borg.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_backup_borg_systemd_service_result.changed|bool"
  when: "matrix_backup_borg_systemd_service_result.changed | bool"
 - name: Ensure matrix-backup-borg.service enabled
  service:
  ansible.builtin.service:
    enabled: true
    name: matrix-backup-borg.service
 - name: Ensure matrix-backup-borg.timer enabled
  service:
  ansible.builtin.service:
    enabled: true
    name: matrix-backup-borg.timer
--- a/roles/matrix-backup-borg/tasks/setup_uninstall.yml
+++ b/roles/matrix-backup-borg/tasks/setup_uninstall.yml
@@ -1,37 +1,37 @@
 ---
 - name: Check existence of matrix-backup-borg service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-backup-borg.service"
  register: matrix_backup_borg_service_stat
 - name: Ensure matrix-backup-borg is stopped
  service:
  ansible.builtin.service:
    name: matrix-backup-borg
    state: stopped
    enabled: false
    daemon_reload: true
  register: stopping_result
  when: "matrix_backup_borg_service_stat.stat.exists|bool"
  when: "matrix_backup_borg_service_stat.stat.exists | bool"
 - name: Ensure matrix-backup-borg.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-backup-borg.service"
    state: absent
  when: "matrix_backup_borg_service_stat.stat.exists|bool"
  when: "matrix_backup_borg_service_stat.stat.exists | bool"
 - name: Ensure matrix-backup-borg.timer doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-backup-borg.timer"
    state: absent
  when: "matrix_backup_borg_service_stat.stat.exists|bool"
  when: "matrix_backup_borg_service_stat.stat.exists | bool"
 - name: Ensure systemd reloaded after matrix-backup-borg.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_backup_borg_service_stat.stat.exists|bool"
  when: "matrix_backup_borg_service_stat.stat.exists | bool"
 - name: Ensure Matrix borg paths don't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_backup_borg_base_path }}"
    state: absent
--- a/roles/matrix-backup-borg/tasks/validate_config.yml
+++ b/roles/matrix-backup-borg/tasks/validate_config.yml
@@ -1,6 +1,6 @@
 ---
 - name: Fail if required settings not defined
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
@@ -9,7 +9,7 @@
    - "matrix_backup_borg_location_repositories"
 - name: Fail if encryption passphrase is undefined unless repository is unencrypted
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required passphrase using the `matrix_backup_borg_storage_encryption_passphrase` variable.
  when: "matrix_backup_borg_storage_encryption_passphrase == '' and matrix_backup_borg_encryption != 'none'"
--- a/roles/matrix-base/defaults/main.yml
+++ b/roles/matrix-base/defaults/main.yml
@@ -12,6 +12,21 @@ matrix_domain: ~
 # Example value: "@someone:{{ matrix_domain }}"
 matrix_admin: ''
 # Homeserver admin contacts and support page as per MSC 1929
 # See: https://github.com/matrix-org/matrix-spec-proposals/pull/1929
 # Users in form:
 # matrix_homeserver_admin_contacts:
 #   - matrix_id: @admin:domain.tld
 #     email_address: admin@domain.tld
 #     role: admin
 #   - email_address: security@domain.tld
 #     role: security
 # Also see: `matrix_well_known_matrix_support_enabled`
 matrix_homeserver_admin_contacts: []
 # Url string like https://domain.tld/support.html
 # Also see: `matrix_well_known_matrix_support_enabled`
 matrix_homeserver_support_url: ''
 # This will contain the homeserver implementation that is in use.
 # Valid values: synapse, dendrite
 #
@@ -59,6 +74,9 @@ matrix_server_fqn_grafana: "stats.{{ matrix_domain }}"
 # This is where you access the Sygnal push gateway.
 matrix_server_fqn_sygnal: "sygnal.{{ matrix_domain }}"
 # This is where you access the ntfy push notification service.
 matrix_server_fqn_ntfy: "ntfy.{{ matrix_domain }}"
 matrix_federation_public_port: 8448
 # The architecture that your server runs.
@@ -116,8 +134,8 @@ matrix_host_command_openssl: "/usr/bin/env openssl"
 matrix_host_command_systemctl: "/usr/bin/env systemctl"
 matrix_host_command_sh: "/usr/bin/env sh"
 matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18)  else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
 matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
 matrix_ntpd_package: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18)  else ( 'systemd' if ansible_os_family == 'Suse' else 'ntp' ) }}"
 matrix_ntpd_service: "{{ 'systemd-timesyncd' if (ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7) or (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int > 18) or ansible_distribution == 'Archlinux' or ansible_os_family == 'Suse' else ('ntpd' if ansible_os_family == 'RedHat' else 'ntp') }}"
 matrix_homeserver_url: "https://{{ matrix_server_fqn_matrix }}"
@@ -139,7 +157,7 @@ matrix_integration_manager_ui_url: ~
 # The domain name where a Jitsi server is self-hosted.
 # If set, `/.well-known/matrix/client` will suggest Element clients to use that Jitsi server.
 # See: https://github.com/vector-im/element-web/blob/develop/docs/jitsi.md#configuring-element-to-use-your-self-hosted-jitsi-server
 matrix_client_element_jitsi_preferredDomain: ''
 matrix_client_element_jitsi_preferredDomain: ''  # noqa var-naming
 # Controls whether Element should use End-to-End Encryption by default.
 # Setting this to false will update `/.well-known/matrix/client` and tell Element clients to avoid E2EE.
@@ -184,11 +202,11 @@ matrix_well_known_matrix_client_configuration_default: "{{ lookup('template', 't
 #   }
 matrix_well_known_matrix_client_configuration_extension_json: '{}'
 matrix_well_known_matrix_client_configuration_extension: "{{ matrix_well_known_matrix_client_configuration_extension_json|from_json if matrix_well_known_matrix_client_configuration_extension_json|from_json is mapping else {} }}"
 matrix_well_known_matrix_client_configuration_extension: "{{ matrix_well_known_matrix_client_configuration_extension_json | from_json if matrix_well_known_matrix_client_configuration_extension_json | from_json is mapping else {} }}"
 # Holds the final `/.well-known/matrix/client` configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_well_known_matrix_client_configuration_default` and `matrix_well_known_matrix_client_configuration_extension_json`.
 matrix_well_known_matrix_client_configuration: "{{ matrix_well_known_matrix_client_configuration_default|combine(matrix_well_known_matrix_client_configuration_extension, recursive=True) }}"
 matrix_well_known_matrix_client_configuration: "{{ matrix_well_known_matrix_client_configuration_default | combine(matrix_well_known_matrix_client_configuration_extension, recursive=True) }}"
 # Default `/.well-known/matrix/server` configuration - it covers the generic use case.
 # You can customize it by controlling the various variables inside the template file that it references.
@@ -216,11 +234,23 @@ matrix_well_known_matrix_server_configuration_default: "{{ lookup('template', 't
 #   }
 matrix_well_known_matrix_server_configuration_extension_json: '{}'
 matrix_well_known_matrix_server_configuration_extension: "{{ matrix_well_known_matrix_server_configuration_extension_json|from_json if matrix_well_known_matrix_server_configuration_extension_json|from_json is mapping else {} }}"
 matrix_well_known_matrix_server_configuration_extension: "{{ matrix_well_known_matrix_server_configuration_extension_json | from_json if matrix_well_known_matrix_server_configuration_extension_json | from_json is mapping else {} }}"
 # Holds the final `/.well-known/matrix/server` configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_well_known_matrix_server_configuration_default` and `matrix_well_known_matrix_server_configuration_extension_json`.
 matrix_well_known_matrix_server_configuration: "{{ matrix_well_known_matrix_server_configuration_default|combine(matrix_well_known_matrix_server_configuration_extension, recursive=True) }}"
 matrix_well_known_matrix_server_configuration: "{{ matrix_well_known_matrix_server_configuration_default | combine(matrix_well_known_matrix_server_configuration_extension, recursive=True) }}"
 # The side-effect of this lookup is that Ansible would even parse the JSON for us, returning a dict.
 # This is unlike what it does when looking up YAML template files (no automatic parsing there).
 matrix_well_known_matrix_support_configuration_default: "{{ lookup('template', 'templates/static-files/well-known/matrix-support.j2') }}"
 matrix_well_known_matrix_support_configuration_extension_json: '{}'
 matrix_well_known_matrix_support_configuration_extension: "{{ matrix_well_known_matrix_support_configuration_extension_json | from_json if matrix_well_known_matrix_support_configuration_extension_json | from_json is mapping else {} }}"
 # Holds the final `/.well-known/matrix/support` configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_well_known_matrix_support_configuration_default` and `matrix_well_known_matrix_support_configuration_extension_json`.
 matrix_well_known_matrix_support_configuration: "{{ matrix_well_known_matrix_support_configuration_default | combine(matrix_well_known_matrix_support_configuration_extension, recursive=True) }}"
 # The Docker network that all services would be put into
 matrix_docker_network: "matrix"
@@ -239,6 +269,13 @@ matrix_vars_yml_snapshotting_src: "{{ inventory_dir }}/host_vars/{{ inventory_ho
 # matrix domain (`matrix_server_fqn_matrix`).
 matrix_well_known_matrix_server_enabled: true
 # Controls whether a `/.well-known/matrix/support` file is generated and used at all.
 #
 # This is not enabled by default, until the MSC gets accepted: https://github.com/matrix-org/matrix-spec-proposals/pull/1929
 #
 # See `matrix_homeserver_admin_contacts`, `matrix_homeserver_support_url`, etc.
 matrix_well_known_matrix_support_enabled: false
 # Controls whether Docker is automatically installed.
 # If you change this to false you must install and update Docker manually. You also need to install the docker (https://pypi.org/project/docker/) Python package.
 matrix_docker_installation_enabled: true
--- a/roles/matrix-base/tasks/clean_up_old_files.yml
+++ b/roles/matrix-base/tasks/clean_up_old_files.yml
@@ -1,7 +1,7 @@
 ---
 - name: Get rid of old files and directories
  file:
  ansible.builtin.file:
    path: "{{ item }}"
    state: absent
  with_items:
--- a/roles/matrix-base/tasks/main.yml
+++ b/roles/matrix-base/tasks/main.yml
@@ -1,34 +1,34 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/sanity_check.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
  when: run_setup|bool
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/clean_up_old_files.yml"
  when: run_setup | bool
  tags:
    - setup-all
 - import_tasks: "{{ role_path }}/tasks/server_base/setup.yml"
  when: run_setup|bool
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/server_base/setup.yml"
  when: run_setup | bool
  tags:
    - setup-all
 # This needs to always run, because it populates `matrix_user_uid` and `matrix_user_gid`,
 # which are required by many other roles.
 - import_tasks: "{{ role_path }}/tasks/setup_matrix_user.yml"
  when: run_setup|bool
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_matrix_user.yml"
  when: run_setup | bool
  tags:
    - always
    - setup-system-user
 - import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
  when: run_setup|bool
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_matrix_base.yml"
  when: run_setup | bool
  tags:
    - setup-all
 - import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
  when: run_setup|bool
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_well_known.yml"
  when: run_setup | bool
  tags:
    - setup-all
    - setup-ma1sd
--- a/roles/matrix-base/tasks/sanity_check.yml
+++ b/roles/matrix-base/tasks/sanity_check.yml
@@ -1,27 +1,27 @@
 ---
 - name: Fail if invalid homeserver implementation
  fail:
  ansible.builtin.fail:
    msg: "You need to set a valid homeserver implementation in `matrix_homeserver_implementation`"
  when: "matrix_homeserver_implementation not in ['synapse', 'dendrite']"
 # We generally support Ansible 2.7.1 and above.
 - name: Fail if running on Ansible < 2.7.1
  fail:
  ansible.builtin.fail:
    msg: "You are running on Ansible {{ ansible_version.string }}, which is not supported. See our guide about Ansible: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/ansible.md"
  when:
    - "(ansible_version.major < 2) or (ansible_version.major == 2 and ansible_version.minor < 7) or (ansible_version.major == 2 and ansible_version.minor == 7 and ansible_version.revision < 1)"
 # Though we do not support Ansible 2.9.6 which is buggy
 - name: Fail if running on Ansible 2.9.6 on Ubuntu
  fail:
  ansible.builtin.fail:
    msg: "You are running on Ansible {{ ansible_version.string }}, which is not supported. See our guide about Ansible: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/ansible.md"
  when:
    - ansible_distribution == 'Ubuntu'
    - "ansible_version.major == 2 and ansible_version.minor == 9 and ansible_version.revision == 6"
 - name: (Deprecation) Catch and report renamed settings
  fail:
  ansible.builtin.fail:
    msg: >-
      Your configuration contains a variable, which now has a different name.
      Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
@@ -35,7 +35,7 @@
 # We have a dedicated check for this variable, because we'd like to have a custom (friendlier) message.
 - name: Fail if matrix_homeserver_generic_secret_key is undefined
  fail:
  ansible.builtin.fail:
    msg: |
      The `matrix_homeserver_generic_secret_key` variable must be defined and have a non-null and non-empty value.
@@ -47,35 +47,45 @@
  when: "matrix_homeserver_generic_secret_key is none or matrix_homeserver_generic_secret_key == ''"
 - name: Fail if required variables are undefined
  fail:
  ansible.builtin.fail:
    msg: "The `{{ item.var }}` variable must be defined and have a non-null and non-empty value"
  with_items:
    - {'var': matrix_domain, 'value': "{{ matrix_domain|default('') }}"}
    - {'var': matrix_server_fqn_matrix, 'value': "{{ matrix_server_fqn_matrix|default('') }}"}
    - {'var': matrix_server_fqn_element, 'value': "{{ matrix_server_fqn_element|default('') }}"}
    - {'var': matrix_homeserver_container_url, 'value': "{{ matrix_homeserver_container_url|default('') }}"}
    - {'var': matrix_homeserver_container_federation_url, 'value': "{{ matrix_homeserver_container_federation_url|default('') }}"}
    - {'var': matrix_domain, 'value': "{{ matrix_domain | default('') }}"}
    - {'var': matrix_server_fqn_matrix, 'value': "{{ matrix_server_fqn_matrix | default('') }}"}
    - {'var': matrix_server_fqn_element, 'value': "{{ matrix_server_fqn_element | default('') }}"}
    - {'var': matrix_homeserver_container_url, 'value': "{{ matrix_homeserver_container_url | default('') }}"}
    - {'var': matrix_homeserver_container_federation_url, 'value': "{{ matrix_homeserver_container_federation_url | default('') }}"}
  when: "item.value is none or item.value == ''"
 - name: Fail if uppercase domain used
  fail:
  ansible.builtin.fail:
    msg: "Detected that you're using an uppercase domain name - `{{ item }}`. This will cause trouble. Please use all-lowercase!"
  with_items:
    - "{{ matrix_domain }}"
    - "{{ matrix_server_fqn_matrix }}"
    - "{{ matrix_server_fqn_element }}"
  when: "item != item|lower"
  when: "item != item | lower"
 - name: Fail if using python2 on Archlinux
  fail:
  ansible.builtin.fail:
    msg: "Detected that you're using python2 when installing onto Archlinux. Archlinux by default only supports python3."
  when:
    - ansible_distribution == 'Archlinux'
    - ansible_python.version.major != 3
 - name: Fail if architecture is set incorrectly
  fail:
  ansible.builtin.fail:
    msg: "Detected that variable matrix_architecture {{ matrix_architecture }} appears to be set incorrectly. See docs/alternative-architectures.md. Server appears to be {{ ansible_architecture }}."
  when: (ansible_architecture == "x86_64" and matrix_architecture != "amd64") or
        (ansible_architecture == "aarch64" and matrix_architecture != "arm64") or
        (ansible_architecture.startswith("armv") and matrix_architecture != "arm32")
 - name: Fail if encountering usage of removed role (mx-puppet-skype)
  ansible.builtin.fail:
    msg: >-
      Your configuration seems to include a reference to `matrix_mx_puppet_skype_enabled`. Are you trying to install the mx-puppet-skype bridge?
      The playbook no longer includes a role for installing mx-puppet-skype, because the mx-puppet-bridge is unmaintained and has been reported as broken for a long time.
      To get rid of this error, remove all `matrix_mx_puppet_*` references from your configuration.
      To clean up your server from mx-puppet-skype's presence, see this changelog entry: https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/CHANGELOG.md#mx-puppet-skype-removal.
      If you still need bridging to Skype, consider switching to the go-skype bridge instead. See `docs/configuring-playbook-bridge-go-skype-bridge.md`.
  when: "'matrix_mx_puppet_skype_enabled' in vars"
--- a/roles/matrix-base/tasks/server_base/setup.yml
+++ b/roles/matrix-base/tasks/server_base/setup.yml
@@ -1,18 +1,18 @@
 ---
 - include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat.yml"
  when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int < 8
 - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat.yml"
  when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int < 8
 - include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat8.yml"
  when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 7 and ansible_distribution_major_version|int < 30
 - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_redhat8.yml"
  when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 7 and ansible_distribution_major_version | int < 30
 - include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml"
  when: ansible_os_family == 'RedHat' and ansible_distribution_major_version|int > 30
 - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_fedora.yml"
  when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int > 30
 - block:
  # ansible_lsb is only available if lsb-release is installed.
  - name: Ensure lsb-release installed
    apt:
    ansible.builtin.apt:
      name:
        - lsb-release
      state: present
@@ -20,27 +20,27 @@
    register: lsb_release_installation_result
  - name: Reread ansible_lsb facts if lsb-release got installed
    setup: filter=ansible_lsb*
    ansible.builtin.setup: filter=ansible_lsb*
    when: lsb_release_installation_result.changed
  - include_tasks: "{{ role_path }}/tasks/server_base/setup_debian.yml"
  - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_debian.yml"
    when: (ansible_os_family == 'Debian') and (ansible_lsb.id != 'Raspbian')
  - include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml"
  - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_raspbian.yml"
    when: (ansible_os_family == 'Debian') and (ansible_lsb.id == 'Raspbian')
  when: ansible_os_family == 'Debian'
 - include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml"
 - ansible.builtin.include_tasks: "{{ role_path }}/tasks/server_base/setup_archlinux.yml"
  when: ansible_distribution == 'Archlinux'
 - name: Ensure Docker is started and autoruns
  service:
  ansible.builtin.service:
    name: docker
    state: started
    enabled: true
 - name: "Ensure {{ matrix_ntpd_service }} is started and autoruns"
  service:
  ansible.builtin.service:
    name: "{{ matrix_ntpd_service }}"
    state: started
    enabled: true
--- a/roles/matrix-base/tasks/server_base/setup_archlinux.yml
+++ b/roles/matrix-base/tasks/server_base/setup_archlinux.yml
@@ -5,12 +5,12 @@
    name:
      - python-docker
      - python-dnspython
    state: latest
    state: present
    update_cache: true
 - name: Ensure Docker is installed
  pacman:
    name:
      - docker
    state: latest
  when: matrix_docker_installation_enabled|bool
    state: present
  when: matrix_docker_installation_enabled | bool
--- a/roles/matrix-base/tasks/server_base/setup_debian.yml
+++ b/roles/matrix-base/tasks/server_base/setup_debian.yml
@@ -1,7 +1,7 @@
 ---
 - name: Ensure APT usage dependencies are installed
  apt:
  ansible.builtin.apt:
    name:
      - apt-transport-https
      - ca-certificates
@@ -10,32 +10,32 @@
    update_cache: true
 - name: Ensure Docker's APT key is trusted
  apt_key:
    url: "https://download.docker.com/linux/{{ ansible_distribution|lower }}/gpg"
  ansible.builtin.apt_key:
    url: "https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg"
    id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
    state: present
  register: add_repository_key
  ignore_errors: true
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure Docker repository is enabled
  apt_repository:
    repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable"
  ansible.builtin.apt_repository:
    repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable"
    state: present
    update_cache: true
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure APT packages are installed
  apt:
  ansible.builtin.apt:
    name:
      - "{{ matrix_ntpd_package }}"
    state: latest
    state: present
    update_cache: true
 - name: Ensure Docker is installed
  apt:
  ansible.builtin.apt:
    name:
      - "{{ matrix_docker_package_name }}"
      - "python{{'3' if ansible_python.version.major == 3 else ''}}-docker"
    state: latest
  when: matrix_docker_installation_enabled|bool
      - "python{{ '3' if ansible_python.version.major == 3 else '' }}-docker"
    state: present
  when: matrix_docker_installation_enabled | bool
--- a/roles/matrix-base/tasks/server_base/setup_fedora.yml
+++ b/roles/matrix-base/tasks/server_base/setup_fedora.yml
@@ -1,7 +1,7 @@
 ---
 - name: Ensure Docker repository is enabled
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/files/yum.repos.d/{{ item }}"
    dest: "/etc/yum.repos.d/docker-ce.repo"
    owner: "root"
@@ -9,31 +9,31 @@
    mode: 0644
  with_items:
    - docker-ce-fedora.repo
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure Docker's RPM key is trusted
  rpm_key:
  ansible.builtin.rpm_key:
    state: present
    key: https://download.docker.com/linux/fedora/gpg
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure yum packages are installed
  yum:
  ansible.builtin.yum:
    name:
      - "{{ matrix_ntpd_package }}"
    state: latest
    state: present
    update_cache: true
 - name: Ensure Docker is installed
  yum:
  ansible.builtin.yum:
    name:
      - "{{ matrix_docker_package_name }}"
      - python3-pip
    state: latest
  when: matrix_docker_installation_enabled|bool
    state: present
  when: matrix_docker_installation_enabled | bool
 - name: Ensure Docker-Py is installed
  pip:
  ansible.builtin.pip:
    name: docker-py
    state: latest
  when: matrix_docker_installation_enabled|bool
    state: present
  when: matrix_docker_installation_enabled | bool
--- a/roles/matrix-base/tasks/server_base/setup_raspbian.yml
+++ b/roles/matrix-base/tasks/server_base/setup_raspbian.yml
@@ -1,7 +1,7 @@
 ---
 - name: Ensure APT usage dependencies are installed
  apt:
  ansible.builtin.apt:
    name:
      - apt-transport-https
      - ca-certificates
@@ -10,32 +10,32 @@
    update_cache: true
 - name: Ensure Docker's APT key is trusted
  apt_key:
  ansible.builtin.apt_key:
    url: https://download.docker.com/linux/raspbian/gpg
    id: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
    state: present
  register: add_repository_key
  ignore_errors: true
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure Docker repository is enabled
  apt_repository:
  ansible.builtin.apt_repository:
    repo: "deb [arch={{ matrix_debian_arch }}] https://download.docker.com/linux/raspbian {{ ansible_distribution_release }} stable"
    state: present
    update_cache: true
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure APT packages are installed
  apt:
  ansible.builtin.apt:
    name:
      - "{{ matrix_ntpd_package }}"
    state: latest
    state: present
    update_cache: true
 - name: Ensure Docker is installed
  apt:
  ansible.builtin.apt:
    name:
      - "{{ matrix_docker_package_name }}"
      - "python{{'3' if ansible_python.version.major == 3 else ''}}-docker"
    state: latest
  when: matrix_docker_installation_enabled|bool
    state: present
  when: matrix_docker_installation_enabled | bool
--- a/roles/matrix-base/tasks/server_base/setup_redhat.yml
+++ b/roles/matrix-base/tasks/server_base/setup_redhat.yml
@@ -1,31 +1,31 @@
 ---
 - name: Ensure Docker repository is enabled
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/files/yum.repos.d/docker-ce-centos.repo"
    dest: "/etc/yum.repos.d/docker-ce.repo"
    owner: "root"
    group: "root"
    mode: 0644
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure Docker's RPM key is trusted
  rpm_key:
  ansible.builtin.rpm_key:
    state: present
    key: https://download.docker.com/linux/centos/gpg
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure yum packages are installed
  yum:
  ansible.builtin.yum:
    name:
      - "{{ matrix_ntpd_package }}"
    state: latest
    state: present
    update_cache: true
 - name: Ensure Docker is installed
  yum:
  ansible.builtin.yum:
    name:
      - "{{ matrix_docker_package_name }}"
      - docker-python
    state: latest
  when: matrix_docker_installation_enabled|bool
    state: present
  when: matrix_docker_installation_enabled | bool
--- a/roles/matrix-base/tasks/server_base/setup_redhat8.yml
+++ b/roles/matrix-base/tasks/server_base/setup_redhat8.yml
@@ -1,44 +1,44 @@
 ---
 - name: Ensure Docker repository is enabled
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/files/yum.repos.d/docker-ce-centos.repo"
    dest: "/etc/yum.repos.d/docker-ce.repo"
    owner: "root"
    group: "root"
    mode: 0644
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure Docker's RPM key is trusted
  rpm_key:
  ansible.builtin.rpm_key:
    state: present
    key: https://download.docker.com/linux/centos/gpg
  when: matrix_docker_installation_enabled|bool and matrix_docker_package_name == 'docker-ce'
  when: matrix_docker_installation_enabled | bool and matrix_docker_package_name == 'docker-ce'
 - name: Ensure EPEL is installed
  yum:
  ansible.builtin.yum:
    name:
      - epel-release
    state: latest
    state: present
    update_cache: true
 - name: Ensure yum packages are installed
  yum:
  ansible.builtin.yum:
    name:
      - "{{ matrix_ntpd_package }}"
    state: latest
    state: present
    update_cache: true
 - name: Ensure Docker is installed
  yum:
  ansible.builtin.yum:
    name:
      - "{{ matrix_docker_package_name }}"
      - python3-pip
    state: latest
  when: matrix_docker_installation_enabled|bool
    state: present
  when: matrix_docker_installation_enabled | bool
 - name: Ensure Docker-Py is installed
  pip:
  ansible.builtin.pip:
    name: docker-py
    state: latest
  when: matrix_docker_installation_enabled|bool
    state: present
  when: matrix_docker_installation_enabled | bool
--- a/roles/matrix-base/tasks/setup_matrix_base.yml
+++ b/roles/matrix-base/tasks/setup_matrix_base.yml
@@ -1,7 +1,7 @@
 ---
 - name: Ensure Matrix base path exists
  file:
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: "{{ matrix_base_data_path_mode }}"
@@ -11,13 +11,13 @@
    - "{{ matrix_base_data_path }}"
 - name: Preserve vars.yml on the server for easily restoring if it gets lost later on
  copy:
  ansible.builtin.copy:
    src: "{{ matrix_vars_yml_snapshotting_src }}"
    dest: "{{ matrix_base_data_path }}/vars.yml"
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
    mode: '0660'
  when: "matrix_vars_yml_snapshotting_enabled|bool"
  when: "matrix_vars_yml_snapshotting_enabled | bool"
 - name: Ensure Matrix network is created in Docker
  docker_network:
@@ -25,7 +25,7 @@
    driver: bridge
 - name: Ensure matrix-remove-all script created
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/usr-local-bin/matrix-remove-all.j2"
    dest: "{{ matrix_local_bin_path }}/matrix-remove-all"
    mode: 0750
--- a/roles/matrix-base/tasks/setup_matrix_user.yml
+++ b/roles/matrix-base/tasks/setup_matrix_user.yml
@@ -1,18 +1,18 @@
 ---
 - name: Ensure Matrix group is created
  group:
  ansible.builtin.group:
    name: "{{ matrix_user_groupname }}"
    gid: "{{ omit if matrix_user_gid is none else matrix_user_gid }}"
    state: present
  register: matrix_group
 - name: Set Matrix Group GID Variable
  set_fact:
  ansible.builtin.set_fact:
    matrix_user_gid: "{{ matrix_group.gid }}"
 - name: Ensure Matrix user is created
  user:
  ansible.builtin.user:
    name: "{{ matrix_user_username }}"
    uid: "{{ omit if matrix_user_uid is none else matrix_user_uid }}"
    state: present
@@ -23,5 +23,5 @@
  register: matrix_user
 - name: Set Matrix Group UID Variable
  set_fact:
  ansible.builtin.set_fact:
    matrix_user_uid: "{{ matrix_user.uid }}"
--- a/roles/matrix-base/tasks/setup_well_known.yml
+++ b/roles/matrix-base/tasks/setup_well_known.yml
@@ -4,7 +4,7 @@
 #
 # For running with another webserver, we recommend being part of the `matrix` group.
 - name: Ensure Matrix static-files path exists
  file:
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: 0755
@@ -14,24 +14,39 @@
    - "{{ matrix_static_files_base_path }}/.well-known/matrix"
 - name: Ensure Matrix /.well-known/matrix/client file configured
  copy:
    content: "{{ matrix_well_known_matrix_client_configuration|to_nice_json }}"
  ansible.builtin.copy:
    content: "{{ matrix_well_known_matrix_client_configuration | to_nice_json }}"
    dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/client"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Ensure Matrix /.well-known/matrix/server file configured
  copy:
    content: "{{ matrix_well_known_matrix_server_configuration|to_nice_json }}"
  ansible.builtin.copy:
    content: "{{ matrix_well_known_matrix_server_configuration | to_nice_json }}"
    dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
  when: matrix_well_known_matrix_server_enabled|bool
  when: matrix_well_known_matrix_server_enabled | bool
 - name: Ensure Matrix /.well-known/matrix/server file deleted
  file:
  ansible.builtin.file:
    path: "{{ matrix_static_files_base_path }}/.well-known/matrix/server"
    state: absent
  when: "not matrix_well_known_matrix_server_enabled|bool"
  when: "not matrix_well_known_matrix_server_enabled | bool"
 - name: Ensure Matrix /.well-known/matrix/support file configured
  ansible.builtin.copy:
    content: "{{ matrix_well_known_matrix_support_configuration | to_nice_json }}"
    dest: "{{ matrix_static_files_base_path }}/.well-known/matrix/support"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
  when: matrix_well_known_matrix_support_enabled | bool
 - name: Ensure Matrix /.well-known/matrix/support file deleted
  ansible.builtin.file:
    path: "{{ matrix_static_files_base_path }}/.well-known/matrix/support"
    state: absent
  when: "not matrix_well_known_matrix_support_enabled | bool"
--- a/roles/matrix-base/tasks/util/ensure_fuse_installed.yml
+++ b/roles/matrix-base/tasks/util/ensure_fuse_installed.yml
@@ -1,23 +1,23 @@
 ---
 # This is for both RedHat 7 and 8
 - name: Ensure fuse installed (RedHat)
  yum:
  ansible.builtin.yum:
    name:
      - fuse
    state: latest
    state: present
  when: ansible_os_family == 'RedHat'
 # This is for both Debian and Raspbian
 - name: Ensure fuse installed (Debian/Raspbian)
  apt:
  ansible.builtin.apt:
    name:
      - fuse
    state: latest
    state: present
  when: ansible_os_family == 'Debian'
 - name: Ensure fuse installed (Archlinux)
  pacman:
    name:
      - fuse3
    state: latest
    state: present
  when: ansible_distribution == 'Archlinux'
--- a/roles/matrix-base/tasks/util/ensure_openssl_installed.yml
+++ b/roles/matrix-base/tasks/util/ensure_openssl_installed.yml
@@ -1,23 +1,23 @@
 ---
 # This is for both RedHat 7 and 8
 - name: Ensure openssl installed (RedHat)
  yum:
  ansible.builtin.yum:
    name:
      - openssl
    state: latest
    state: present
  when: ansible_os_family == 'RedHat'
 # This is for both Debian and Raspbian
 - name: Ensure openssl installed (Debian/Raspbian)
  apt:
  ansible.builtin.apt:
    name:
      - openssl
    state: latest
    state: present
  when: ansible_os_family == 'Debian'
 - name: Ensure openssl installed (Archlinux)
  pacman:
    name:
      - openssl
    state: latest
    state: present
  when: ansible_distribution == 'Archlinux'
--- a/roles/matrix-base/templates/static-files/well-known/matrix-support.j2
+++ b/roles/matrix-base/templates/static-files/well-known/matrix-support.j2
@@ -0,0 +1,7 @@
 #jinja2: lstrip_blocks: "True"
 {
    "admins": {{ matrix_homeserver_admin_contacts|to_json }}
    {% if matrix_homeserver_support_url %},
        "support_page": {{ matrix_homeserver_support_url|to_json }}
    {% endif %}
 }
--- a/roles/matrix-bot-buscarron/defaults/main.yml
+++ b/roles/matrix-bot-buscarron/defaults/main.yml
@@ -1,11 +1,12 @@
 ---
 # buscarron is a helpdesk bot
 # See: https://gitlab.com/etke.cc/buscarron
 # Project source code URL: https://gitlab.com/etke.cc/buscarron
 matrix_bot_buscarron_enabled: true
 matrix_bot_buscarron_container_image_self_build: false
 matrix_bot_buscarron_docker_repo: "https://gitlab.com/etke.cc/buscarron.git"
 matrix_bot_buscarron_docker_repo_version: "{{ matrix_bot_buscarron_version }}"
 matrix_bot_buscarron_docker_src_files_path: "{{ matrix_base_data_path }}/buscarron/docker-src"
 matrix_bot_buscarron_version: v1.2.0
--- a/roles/matrix-bot-buscarron/tasks/init.yml
+++ b/roles/matrix-bot-buscarron/tasks/init.yml
@@ -1,5 +1,5 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-buscarron.service'] }}"
  when: matrix_bot_buscarron_enabled|bool
  when: matrix_bot_buscarron_enabled | bool
--- a/roles/matrix-bot-buscarron/tasks/main.yml
+++ b/roles/matrix-bot-buscarron/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_bot_buscarron_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_bot_buscarron_enabled | bool"
  tags:
    - setup-all
    - setup-bot-buscarron
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_bot_buscarron_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_bot_buscarron_enabled | bool"
  tags:
    - setup-all
    - setup-bot-buscarron
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_bot_buscarron_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_bot_buscarron_enabled | bool"
  tags:
    - setup-all
    - setup-bot-buscarron
--- a/roles/matrix-bot-buscarron/tasks/setup_install.yml
+++ b/roles/matrix-bot-buscarron/tasks/setup_install.yml
@@ -1,32 +1,34 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_bot_buscarron_requires_restart: false
 - block:
    - name: Check if an SQLite database already exists
      stat:
      ansible.builtin.stat:
        path: "{{ matrix_bot_buscarron_sqlite_database_path_local }}"
      register: matrix_bot_buscarron_sqlite_database_path_local_stat_result
    - block:
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_postgres_db_migration_request:
              src: "{{ matrix_bot_buscarron_sqlite_database_path_local }}"
              dst: "{{ matrix_bot_buscarron_database_connection_string }}"
              caller: "{{ role_path|basename }}"
              caller: "{{ role_path | basename }}"
              engine_variable_name: 'matrix_bot_buscarron_database_engine'
              engine_old: 'sqlite'
              systemd_services_to_stop: ['matrix-bot-buscarron.service']
        - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
        - ansible.builtin.import_role:
            name: matrix-postgres
            tasks_from: migrate_db_to_postgres
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_bot_buscarron_requires_restart: true
      when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists|bool"
      when: "matrix_bot_buscarron_sqlite_database_path_local_stat_result.stat.exists | bool"
  when: "matrix_bot_buscarron_database_engine == 'postgres'"
 - name: Ensure buscarron paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -37,10 +39,10 @@
    - {path: "{{ matrix_bot_buscarron_data_path }}", when: true}
    - {path: "{{ matrix_bot_buscarron_data_store_path }}", when: true}
    - {path: "{{ matrix_bot_buscarron_docker_src_files_path }}", when: true}
  when: "item.when|bool"
  when: "item.when | bool"
 - name: Ensure buscarron environment variables file created
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/env.j2"
    dest: "{{ matrix_bot_buscarron_config_path }}/env"
    owner: "{{ matrix_user_username }}"
@@ -53,21 +55,22 @@
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_bot_buscarron_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_buscarron_docker_image_force_pull }}"
  when: "not matrix_bot_buscarron_container_image_self_build|bool"
  when: "not matrix_bot_buscarron_container_image_self_build | bool"
  register: result
  retries: "{{ matrix_container_retries_count }}"
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed
 - name: Ensure buscarron repository is present on self-build
  git:
  ansible.builtin.git:
    repo: "{{ matrix_bot_buscarron_docker_repo }}"
    version: "{{ matrix_bot_buscarron_docker_repo_version }}"
    dest: "{{ matrix_bot_buscarron_docker_src_files_path }}"
    force: "yes"
  become: true
  become_user: "{{ matrix_user_username }}"
  register: matrix_bot_buscarron_git_pull_results
  when: "matrix_bot_buscarron_container_image_self_build|bool"
  when: "matrix_bot_buscarron_container_image_self_build | bool"
 - name: Ensure buscarron image is built
  docker_image:
@@ -79,22 +82,22 @@
      dockerfile: Dockerfile
      path: "{{ matrix_bot_buscarron_docker_src_files_path }}"
      pull: true
  when: "matrix_bot_buscarron_container_image_self_build|bool"
  when: "matrix_bot_buscarron_container_image_self_build | bool"
 - name: Ensure matrix-bot-buscarron.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-bot-buscarron.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service"
    mode: 0644
  register: matrix_bot_buscarron_systemd_service_result
 - name: Ensure systemd reloaded after matrix-bot-buscarron.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_buscarron_systemd_service_result.changed|bool"
  when: "matrix_bot_buscarron_systemd_service_result.changed | bool"
 - name: Ensure matrix-bot-buscarron.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-bot-buscarron.service"
    state: restarted
  when: "matrix_bot_buscarron_requires_restart|bool"
  when: "matrix_bot_buscarron_requires_restart | bool"
--- a/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-buscarron/tasks/setup_uninstall.yml
@@ -1,32 +1,32 @@
 ---
 - name: Check existence of matrix-buscarron service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service"
  register: matrix_bot_buscarron_service_stat
 - name: Ensure matrix-buscarron is stopped
  service:
  ansible.builtin.service:
    name: matrix-bot-buscarron
    state: stopped
    enabled: false
    daemon_reload: true
  register: stopping_result
  when: "matrix_bot_buscarron_service_stat.stat.exists|bool"
  when: "matrix_bot_buscarron_service_stat.stat.exists | bool"
 - name: Ensure matrix-bot-buscarron.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-bot-buscarron.service"
    state: absent
  when: "matrix_bot_buscarron_service_stat.stat.exists|bool"
  when: "matrix_bot_buscarron_service_stat.stat.exists | bool"
 - name: Ensure systemd reloaded after matrix-bot-buscarron.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_buscarron_service_stat.stat.exists|bool"
  when: "matrix_bot_buscarron_service_stat.stat.exists | bool"
 - name: Ensure Matrix buscarron paths don't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_bot_buscarron_base_path }}"
    state: absent
--- a/roles/matrix-bot-buscarron/tasks/validate_config.yml
+++ b/roles/matrix-bot-buscarron/tasks/validate_config.yml
@@ -1,7 +1,7 @@
 ---
 - name: Fail if required settings not defined
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
--- a/roles/matrix-bot-go-neb/defaults/main.yml
+++ b/roles/matrix-bot-go-neb/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 # Go-NEB is a Matrix bot written in Go. It is the successor to Matrix-NEB, the original Matrix bot written in Python.
 # See: https://github.com/matrix-org/go-neb
 # Project source code URL: https://github.com/matrix-org/go-neb
 matrix_bot_go_neb_enabled: true
 matrix_bot_go_neb_version: latest
@@ -224,8 +224,8 @@ matrix_bot_go_neb_configuration_extension_yaml: |
  # If you need something more special, you can take full control by
  # completely redefining `matrix_bot_go_neb_configuration_yaml`.
 matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_extension_yaml|from_yaml if matrix_bot_go_neb_configuration_extension_yaml|from_yaml is mapping else {} }}"
 matrix_bot_go_neb_configuration_extension: "{{ matrix_bot_go_neb_configuration_extension_yaml | from_yaml if matrix_bot_go_neb_configuration_extension_yaml | from_yaml is mapping else {} }}"
 # Holds the final configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_bot_go_neb_configuration_yaml`.
 matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml|from_yaml|combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"
 matrix_bot_go_neb_configuration: "{{ matrix_bot_go_neb_configuration_yaml | from_yaml | combine(matrix_bot_go_neb_configuration_extension, recursive=True) }}"
--- a/roles/matrix-bot-go-neb/tasks/init.yml
+++ b/roles/matrix-bot-go-neb/tasks/init.yml
@@ -1,5 +1,5 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-go-neb.service'] }}"
  when: matrix_bot_go_neb_enabled|bool
  when: matrix_bot_go_neb_enabled | bool
--- a/roles/matrix-bot-go-neb/tasks/main.yml
+++ b/roles/matrix-bot-go-neb/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_bot_go_neb_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_bot_go_neb_enabled | bool"
  tags:
    - setup-all
    - setup-bot-go-neb
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_bot_go_neb_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_bot_go_neb_enabled | bool"
  tags:
    - setup-all
    - setup-bot-go-neb
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_bot_go_neb_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_bot_go_neb_enabled | bool"
  tags:
    - setup-all
    - setup-bot-go-neb
--- a/roles/matrix-bot-go-neb/tasks/setup_install.yml
+++ b/roles/matrix-bot-go-neb/tasks/setup_install.yml
@@ -1,10 +1,10 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_bot_go_neb_requires_restart: false
 - name: Ensure go-neb paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -14,7 +14,7 @@
    - {path: "{{ matrix_bot_go_neb_config_path }}", when: true}
    - {path: "{{ matrix_bot_go_neb_data_path }}", when: true}
    - {path: "{{ matrix_bot_go_neb_data_store_path }}", when: true}
  when: "item.when|bool"
  when: "item.when | bool"
 - name: Ensure go-neb image is pulled
  docker_image:
@@ -28,27 +28,27 @@
  until: result is not failed
 - name: Ensure go-neb config installed
  copy:
    content: "{{ matrix_bot_go_neb_configuration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_bot_go_neb_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_bot_go_neb_config_path }}/config.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Ensure matrix-bot-go-neb.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-bot-go-neb.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service"
    mode: 0644
  register: matrix_bot_go_neb_systemd_service_result
 - name: Ensure systemd reloaded after matrix-bot-go-neb.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_go_neb_systemd_service_result.changed|bool"
  when: "matrix_bot_go_neb_systemd_service_result.changed | bool"
 - name: Ensure matrix-bot-go-neb.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-bot-go-neb.service"
    state: restarted
  when: "matrix_bot_go_neb_requires_restart|bool"
  when: "matrix_bot_go_neb_requires_restart | bool"
--- a/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-go-neb/tasks/setup_uninstall.yml
@@ -1,32 +1,32 @@
 ---
 - name: Check existence of matrix-go-neb service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service"
  register: matrix_bot_go_neb_service_stat
 - name: Ensure matrix-go-neb is stopped
  service:
  ansible.builtin.service:
    name: matrix-bot-go-neb
    state: stopped
    enabled: false
    daemon_reload: true
  register: stopping_result
  when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
  when: "matrix_bot_go_neb_service_stat.stat.exists | bool"
 - name: Ensure matrix-bot-go-neb.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-bot-go-neb.service"
    state: absent
  when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
  when: "matrix_bot_go_neb_service_stat.stat.exists | bool"
 - name: Ensure systemd reloaded after matrix-bot-go-neb.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_go_neb_service_stat.stat.exists|bool"
  when: "matrix_bot_go_neb_service_stat.stat.exists | bool"
 - name: Ensure Matrix go-neb paths don't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_bot_go_neb_base_path }}"
    state: absent
--- a/roles/matrix-bot-go-neb/tasks/validate_config.yml
+++ b/roles/matrix-bot-go-neb/tasks/validate_config.yml
@@ -1,13 +1,13 @@
 ---
 - name: Fail if there's not at least 1 client
  fail:
  ansible.builtin.fail:
    msg: >-
      You need at least 1 client in the matrix_bot_go_neb_clients block.
  when: matrix_bot_go_neb_clients is not defined or matrix_bot_go_neb_clients[0] is not defined
 - name: Fail if there's not at least 1 service
  fail:
  ansible.builtin.fail:
    msg: >-
      You need at least 1 service in the matrix_bot_go_neb_services block.
  when: matrix_bot_go_neb_services is not defined or matrix_bot_go_neb_services[0] is not defined
--- a/roles/matrix-bot-honoroit/defaults/main.yml
+++ b/roles/matrix-bot-honoroit/defaults/main.yml
@@ -1,14 +1,15 @@
 ---
 # honoroit is a helpdesk bot
 # See: https://gitlab.com/etke.cc/honoroit
 # Project source code URL: https://gitlab.com/etke.cc/honoroit
 matrix_bot_honoroit_enabled: true
 matrix_bot_honoroit_container_image_self_build: false
 matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git"
 matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}"
 matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src"
 matrix_bot_honoroit_version: v0.9.9
 matrix_bot_honoroit_version: v0.9.10
 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}"
 matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}"
 matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}"
@@ -96,6 +97,9 @@ matrix_bot_honoroit_text_prefix_open: ''
 # Text prefix: done
 matrix_bot_honoroit_text_prefix_done: ''
 # Text: no encryption
 matrix_bot_honoroit_text_noencryption: ''
 # Text: greetings
 matrix_bot_honoroit_text_greetings: ''
--- a/roles/matrix-bot-honoroit/tasks/init.yml
+++ b/roles/matrix-bot-honoroit/tasks/init.yml
@@ -1,5 +1,5 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-honoroit.service'] }}"
  when: matrix_bot_honoroit_enabled|bool
  when: matrix_bot_honoroit_enabled | bool
--- a/roles/matrix-bot-honoroit/tasks/main.yml
+++ b/roles/matrix-bot-honoroit/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_bot_honoroit_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_bot_honoroit_enabled | bool"
  tags:
    - setup-all
    - setup-bot-honoroit
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_bot_honoroit_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_bot_honoroit_enabled | bool"
  tags:
    - setup-all
    - setup-bot-honoroit
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_bot_honoroit_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_bot_honoroit_enabled | bool"
  tags:
    - setup-all
    - setup-bot-honoroit
--- a/roles/matrix-bot-honoroit/tasks/setup_install.yml
+++ b/roles/matrix-bot-honoroit/tasks/setup_install.yml
@@ -1,32 +1,34 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_bot_honoroit_requires_restart: false
 - block:
    - name: Check if an SQLite database already exists
      stat:
      ansible.builtin.stat:
        path: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
      register: matrix_bot_honoroit_sqlite_database_path_local_stat_result
    - block:
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_postgres_db_migration_request:
              src: "{{ matrix_bot_honoroit_sqlite_database_path_local }}"
              dst: "{{ matrix_bot_honoroit_database_connection_string }}"
              caller: "{{ role_path|basename }}"
              caller: "{{ role_path | basename }}"
              engine_variable_name: 'matrix_bot_honoroit_database_engine'
              engine_old: 'sqlite'
              systemd_services_to_stop: ['matrix-bot-honoroit.service']
        - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
        - ansible.builtin.import_role:
            name: matrix-postgres
            tasks_from: migrate_db_to_postgres
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_bot_honoroit_requires_restart: true
      when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists|bool"
      when: "matrix_bot_honoroit_sqlite_database_path_local_stat_result.stat.exists | bool"
  when: "matrix_bot_honoroit_database_engine == 'postgres'"
 - name: Ensure honoroit paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -37,10 +39,10 @@
    - {path: "{{ matrix_bot_honoroit_data_path }}", when: true}
    - {path: "{{ matrix_bot_honoroit_data_store_path }}", when: true}
    - {path: "{{ matrix_bot_honoroit_docker_src_files_path }}", when: true}
  when: "item.when|bool"
  when: "item.when | bool"
 - name: Ensure honoroit environment variables file created
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/env.j2"
    dest: "{{ matrix_bot_honoroit_config_path }}/env"
    owner: "{{ matrix_user_username }}"
@@ -53,21 +55,22 @@
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_bot_honoroit_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_honoroit_docker_image_force_pull }}"
  when: "not matrix_bot_honoroit_container_image_self_build|bool"
  when: "not matrix_bot_honoroit_container_image_self_build | bool"
  register: result
  retries: "{{ matrix_container_retries_count }}"
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed
 - name: Ensure honoroit repository is present on self-build
  git:
  ansible.builtin.git:
    repo: "{{ matrix_bot_honoroit_docker_repo }}"
    version: "{{ matrix_bot_honoroit_docker_repo_version }}"
    dest: "{{ matrix_bot_honoroit_docker_src_files_path }}"
    force: "yes"
  become: true
  become_user: "{{ matrix_user_username }}"
  register: matrix_bot_honoroit_git_pull_results
  when: "matrix_bot_honoroit_container_image_self_build|bool"
  when: "matrix_bot_honoroit_container_image_self_build | bool"
 - name: Ensure honoroit image is built
  docker_image:
@@ -79,22 +82,22 @@
      dockerfile: Dockerfile
      path: "{{ matrix_bot_honoroit_docker_src_files_path }}"
      pull: true
  when: "matrix_bot_honoroit_container_image_self_build|bool"
  when: "matrix_bot_honoroit_container_image_self_build | bool"
 - name: Ensure matrix-bot-honoroit.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-bot-honoroit.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service"
    mode: 0644
  register: matrix_bot_honoroit_systemd_service_result
 - name: Ensure systemd reloaded after matrix-bot-honoroit.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_honoroit_systemd_service_result.changed|bool"
  when: "matrix_bot_honoroit_systemd_service_result.changed | bool"
 - name: Ensure matrix-bot-honoroit.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-bot-honoroit.service"
    state: restarted
  when: "matrix_bot_honoroit_requires_restart|bool"
  when: "matrix_bot_honoroit_requires_restart | bool"
--- a/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-honoroit/tasks/setup_uninstall.yml
@@ -1,32 +1,32 @@
 ---
 - name: Check existence of matrix-honoroit service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service"
  register: matrix_bot_honoroit_service_stat
 - name: Ensure matrix-honoroit is stopped
  service:
  ansible.builtin.service:
    name: matrix-bot-honoroit
    state: stopped
    enabled: false
    daemon_reload: true
  register: stopping_result
  when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
  when: "matrix_bot_honoroit_service_stat.stat.exists | bool"
 - name: Ensure matrix-bot-honoroit.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-bot-honoroit.service"
    state: absent
  when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
  when: "matrix_bot_honoroit_service_stat.stat.exists | bool"
 - name: Ensure systemd reloaded after matrix-bot-honoroit.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_honoroit_service_stat.stat.exists|bool"
  when: "matrix_bot_honoroit_service_stat.stat.exists | bool"
 - name: Ensure Matrix honoroit paths don't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_bot_honoroit_base_path }}"
    state: absent
--- a/roles/matrix-bot-honoroit/tasks/validate_config.yml
+++ b/roles/matrix-bot-honoroit/tasks/validate_config.yml
@@ -1,7 +1,7 @@
 ---
 - name: Fail if required settings not defined
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
--- a/roles/matrix-bot-honoroit/templates/env.j2
+++ b/roles/matrix-bot-honoroit/templates/env.j2
@@ -11,6 +11,7 @@ HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }}
 HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }}
 HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }}
 HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }}
 HONOROIT_TEXT_NOENCRYPTION={{ matrix_bot_honoroit_text_noencryption }}
 HONOROIT_TEXT_GREETINGS={{ matrix_bot_honoroit_text_greetings }}
 HONOROIT_TEXT_INVITE={{ matrix_bot_honoroit_text_invite }}
 HONOROIT_TEXT_JOIN={{ matrix_bot_honoroit_text_join }}
--- a/roles/matrix-bot-matrix-registration-bot/defaults/main.yml
+++ b/roles/matrix-bot-matrix-registration-bot/defaults/main.yml
@@ -1,10 +1,11 @@
 ---
 # matrix-registration-bot creates and manages registration tokens for a matrix server
 # See: https://github.com/moan0s/matrix-registration-bot
 # Project source code URL: https://github.com/moan0s/matrix-registration-bot
 matrix_bot_matrix_registration_bot_enabled: true
 matrix_bot_matrix_registration_bot_container_image_self_build: false
 matrix_bot_matrix_registration_bot_docker_repo: "https://github.com/moan0s/matrix-registration-bot.git"
 matrix_bot_matrix_registration_bot_docker_repo_version: "{{ matrix_bot_matrix_registration_bot_version if matrix_bot_matrix_registration_bot_version != 'latest' else 'main' }}"
 matrix_bot_matrix_registration_bot_docker_src_files_path: "{{ matrix_bot_matrix_registration_bot_base_path }}/docker-src"
 matrix_bot_matrix_registration_bot_version: latest
--- a/roles/matrix-bot-matrix-registration-bot/tasks/init.yml
+++ b/roles/matrix-bot-matrix-registration-bot/tasks/init.yml
@@ -1,5 +1,5 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-registration-bot.service'] }}"
  when: matrix_bot_matrix_registration_bot_enabled|bool
  when: matrix_bot_matrix_registration_bot_enabled | bool
--- a/roles/matrix-bot-matrix-registration-bot/tasks/main.yml
+++ b/roles/matrix-bot-matrix-registration-bot/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_bot_matrix_registration_bot_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_bot_matrix_registration_bot_enabled | bool"
  tags:
    - setup-all
    - setup-bot-matrix-registration-bot
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_bot_matrix_registration_bot_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_bot_matrix_registration_bot_enabled | bool"
  tags:
    - setup-all
    - setup-bot-matrix-registration-bot
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_bot_matrix_registration_bot_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_bot_matrix_registration_bot_enabled | bool"
  tags:
    - setup-all
    - setup-bot-matrix-registration-bot
--- a/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml
+++ b/roles/matrix-bot-matrix-registration-bot/tasks/setup_install.yml
@@ -1,7 +1,7 @@
 ---
 - name: Ensure matrix-registration-bot paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -11,10 +11,10 @@
    - {path: "{{ matrix_bot_matrix_registration_bot_config_path }}", when: true}
    - - {path: "{{ matrix_bot_matrix_registration_bot_data_path }}", when: true}
    - {path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}", when: true}
  when: "item.when|bool"
  when: "item.when | bool"
 - name: Ensure matrix-registration-bot configuration file created
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/config/config.yml.j2"
    dest: "{{ matrix_bot_matrix_registration_bot_config_path }}/config.yml"
    owner: "{{ matrix_user_username }}"
@@ -27,21 +27,22 @@
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_bot_matrix_registration_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_registration_bot_docker_image_force_pull }}"
  when: "not matrix_bot_matrix_registration_bot_container_image_self_build|bool"
  when: "not matrix_bot_matrix_registration_bot_container_image_self_build | bool"
  register: result
  retries: "{{ matrix_container_retries_count }}"
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed
 - name: Ensure matrix-registration-bot repository is present on self-build
  git:
  ansible.builtin.git:
    repo: "{{ matrix_bot_matrix_registration_bot_docker_repo }}"
    version: "{{ matrix_bot_matrix_registration_bot_docker_repo_version }}"
    dest: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}"
    force: "yes"
  become: true
  become_user: "{{ matrix_user_username }}"
  register: matrix_bot_matrix_registration_bot_git_pull_results
  when: "matrix_bot_matrix_registration_bot_container_image_self_build|bool"
  when: "matrix_bot_matrix_registration_bot_container_image_self_build | bool"
 - name: Ensure matrix-registration-bot image is built
  docker_image:
@@ -53,21 +54,21 @@
      dockerfile: Dockerfile
      path: "{{ matrix_bot_matrix_registration_bot_docker_src_files_path }}"
      pull: true
  when: "matrix_bot_matrix_registration_bot_container_image_self_build|bool"
  when: "matrix_bot_matrix_registration_bot_container_image_self_build | bool"
 - name: Ensure matrix-bot-matrix-registration-bot.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-registration-bot.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service"
    mode: 0644
  register: matrix_bot_matrix_registration_bot_systemd_service_result
 - name: Ensure systemd reloaded after matrix-bot-matrix-registration-bot.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_matrix_registration_bot_systemd_service_result.changed|bool"
  when: "matrix_bot_matrix_registration_bot_systemd_service_result.changed | bool"
 - name: Ensure matrix-bot-matrix-registration-bot.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-bot-matrix-registration-bot.service"
    state: restarted
--- a/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-matrix-registration-bot/tasks/setup_uninstall.yml
@@ -1,32 +1,32 @@
 ---
 - name: Check existence of matrix-matrix-registration-bot service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service"
  register: matrix_bot_matrix_registration_bot_service_stat
 - name: Ensure matrix-matrix-registration-bot is stopped
  service:
  ansible.builtin.service:
    name: matrix-bot-matrix-registration-bot
    state: stopped
    enabled: false
    daemon_reload: true
  register: stopping_result
  when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists|bool"
  when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists | bool"
 - name: Ensure matrix-bot-matrix-registration-bot.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-bot-matrix-registration-bot.service"
    state: absent
  when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists|bool"
  when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists | bool"
 - name: Ensure systemd reloaded after matrix-bot-matrix-registration-bot.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists|bool"
  when: "matrix_bot_matrix_registration_bot_service_stat.stat.exists | bool"
 - name: Ensure Matrix matrix-registration-bot paths don't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_bot_matrix_registration_bot_base_path }}"
    state: absent
--- a/roles/matrix-bot-matrix-registration-bot/tasks/validate_config.yml
+++ b/roles/matrix-bot-matrix-registration-bot/tasks/validate_config.yml
@@ -1,7 +1,7 @@
 ---
 - name: Fail if required settings not defined
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
--- a/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/defaults/main.yml
@@ -1,11 +1,12 @@
 ---
 # matrix-reminder-bot is a bot for one-off and recurring reminders
 # See: https://github.com/anoadragon453/matrix-reminder-bot
 # Project source code URL: https://github.com/anoadragon453/matrix-reminder-bot
 matrix_bot_matrix_reminder_bot_enabled: true
 matrix_bot_matrix_reminder_bot_container_image_self_build: false
 matrix_bot_matrix_reminder_bot_docker_repo: "https://github.com/anoadragon453/matrix-reminder-bot.git"
 matrix_bot_matrix_reminder_bot_docker_repo_version: "{{ matrix_bot_matrix_reminder_bot_version }}"
 matrix_bot_matrix_reminder_bot_docker_src_files_path: "{{ matrix_base_data_path }}/matrix-reminder-bot/docker-src"
 matrix_bot_matrix_reminder_bot_version: release-v0.2.1
@@ -17,6 +18,8 @@ matrix_bot_matrix_reminder_bot_config_path: "{{ matrix_bot_matrix_reminder_bot_b
 matrix_bot_matrix_reminder_bot_data_path: "{{ matrix_bot_matrix_reminder_bot_base_path }}/data"
 matrix_bot_matrix_reminder_bot_data_store_path: "{{ matrix_bot_matrix_reminder_bot_data_path }}/store"
 matrix_bot_matrix_reminder_bot_command_prefix: "!"
 # A list of extra arguments to pass to the container
 matrix_bot_matrix_reminder_bot_container_extra_arguments: []
@@ -91,8 +94,8 @@ matrix_bot_matrix_reminder_bot_configuration_extension_yaml: |
  # matrix:
  #   device_name: My-Reminder-Bot
 matrix_bot_matrix_reminder_bot_configuration_extension: "{{ matrix_bot_matrix_reminder_bot_configuration_extension_yaml|from_yaml if matrix_bot_matrix_reminder_bot_configuration_extension_yaml|from_yaml is mapping else {} }}"
 matrix_bot_matrix_reminder_bot_configuration_extension: "{{ matrix_bot_matrix_reminder_bot_configuration_extension_yaml | from_yaml if matrix_bot_matrix_reminder_bot_configuration_extension_yaml | from_yaml is mapping else {} }}"
 # Holds the final configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_bot_matrix_reminder_bot_configuration_yaml`.
 matrix_bot_matrix_reminder_bot_configuration: "{{ matrix_bot_matrix_reminder_bot_configuration_yaml|from_yaml|combine(matrix_bot_matrix_reminder_bot_configuration_extension, recursive=True) }}"
 matrix_bot_matrix_reminder_bot_configuration: "{{ matrix_bot_matrix_reminder_bot_configuration_yaml | from_yaml | combine(matrix_bot_matrix_reminder_bot_configuration_extension, recursive=True) }}"
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/init.yml
@@ -1,5 +1,5 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-matrix-reminder-bot.service'] }}"
  when: matrix_bot_matrix_reminder_bot_enabled|bool
  when: matrix_bot_matrix_reminder_bot_enabled | bool
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_bot_matrix_reminder_bot_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_bot_matrix_reminder_bot_enabled | bool"
  tags:
    - setup-all
    - setup-bot-matrix-reminder-bot
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_bot_matrix_reminder_bot_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_bot_matrix_reminder_bot_enabled | bool"
  tags:
    - setup-all
    - setup-bot-matrix-reminder-bot
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_bot_matrix_reminder_bot_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_bot_matrix_reminder_bot_enabled | bool"
  tags:
    - setup-all
    - setup-bot-matrix-reminder-bot
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_install.yml
@@ -1,33 +1,35 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_bot_matrix_reminder_bot_requires_restart: false
 - block:
    - name: Check if an SQLite database already exists
      stat:
      ansible.builtin.stat:
        path: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
      register: matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result
    - block:
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_postgres_db_migration_request:
              src: "{{ matrix_bot_matrix_reminder_bot_sqlite_database_path_local }}"
              dst: "{{ matrix_bot_matrix_reminder_bot_database_connection_string }}"
              caller: "{{ role_path|basename }}"
              caller: "{{ role_path | basename }}"
              engine_variable_name: 'matrix_bot_matrix_reminder_bot_database_engine'
              engine_old: 'sqlite'
              systemd_services_to_stop: ['matrix-bot-matrix-reminder-bot.service']
        - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
        - ansible.builtin.import_role:
            name: matrix-postgres
            tasks_from: migrate_db_to_postgres
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_bot_matrix_reminder_bot_requires_restart: true
      when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists|bool"
      when: "matrix_bot_matrix_reminder_bot_sqlite_database_path_local_stat_result.stat.exists | bool"
  when: "matrix_bot_matrix_reminder_bot_database_engine == 'postgres'"
 - name: Ensure matrix-reminder-bot paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -38,7 +40,7 @@
    - {path: "{{ matrix_bot_matrix_reminder_bot_data_path }}", when: true}
    - {path: "{{ matrix_bot_matrix_reminder_bot_data_store_path }}", when: true}
    - {path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}", when: true}
  when: "item.when|bool"
  when: "item.when | bool"
 - name: Ensure matrix-reminder-bot image is pulled
  docker_image:
@@ -46,21 +48,22 @@
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_bot_matrix_reminder_bot_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_matrix_reminder_bot_docker_image_force_pull }}"
  when: "not matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
  when: "not matrix_bot_matrix_reminder_bot_container_image_self_build | bool"
  register: result
  retries: "{{ matrix_container_retries_count }}"
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed
 - name: Ensure matrix-reminder-bot repository is present on self-build
  git:
  ansible.builtin.git:
    repo: "{{ matrix_bot_matrix_reminder_bot_docker_repo }}"
    version: "{{ matrix_bot_matrix_reminder_bot_docker_repo_version }}"
    dest: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
    force: "yes"
  become: true
  become_user: "{{ matrix_user_username }}"
  register: matrix_bot_matrix_reminder_bot_git_pull_results
  when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
  when: "matrix_bot_matrix_reminder_bot_container_image_self_build | bool"
 - name: Ensure matrix-reminder-bot image is built
  docker_image:
@@ -72,30 +75,30 @@
      dockerfile: docker/Dockerfile
      path: "{{ matrix_bot_matrix_reminder_bot_docker_src_files_path }}"
      pull: true
  when: "matrix_bot_matrix_reminder_bot_container_image_self_build|bool"
  when: "matrix_bot_matrix_reminder_bot_container_image_self_build | bool"
 - name: Ensure matrix-reminder-bot config installed
  copy:
    content: "{{ matrix_bot_matrix_reminder_bot_configuration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_bot_matrix_reminder_bot_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_bot_matrix_reminder_bot_config_path }}/config.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Ensure matrix-bot-matrix-reminder-bot.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-bot-matrix-reminder-bot.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
    mode: 0644
  register: matrix_bot_matrix_reminder_bot_systemd_service_result
 - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed|bool"
  when: "matrix_bot_matrix_reminder_bot_systemd_service_result.changed | bool"
 - name: Ensure matrix-bot-matrix-reminder-bot.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-bot-matrix-reminder-bot.service"
    state: restarted
  when: "matrix_bot_matrix_reminder_bot_requires_restart|bool"
  when: "matrix_bot_matrix_reminder_bot_requires_restart | bool"
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/setup_uninstall.yml
@@ -1,32 +1,32 @@
 ---
 - name: Check existence of matrix-matrix-reminder-bot service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
  register: matrix_bot_matrix_reminder_bot_service_stat
 - name: Ensure matrix-matrix-reminder-bot is stopped
  service:
  ansible.builtin.service:
    name: matrix-bot-matrix-reminder-bot
    state: stopped
    enabled: false
    daemon_reload: true
  register: stopping_result
  when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
  when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists | bool"
 - name: Ensure matrix-bot-matrix-reminder-bot.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-bot-matrix-reminder-bot.service"
    state: absent
  when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
  when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists | bool"
 - name: Ensure systemd reloaded after matrix-bot-matrix-reminder-bot.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists|bool"
  when: "matrix_bot_matrix_reminder_bot_service_stat.stat.exists | bool"
 - name: Ensure Matrix matrix-reminder-bot paths don't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_bot_matrix_reminder_bot_base_path }}"
    state: absent
--- a/roles/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml
+++ b/roles/matrix-bot-matrix-reminder-bot/tasks/validate_config.yml
@@ -1,7 +1,7 @@
 ---
 - name: Fail if required settings not defined
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
@@ -10,7 +10,7 @@
    - "matrix_bot_matrix_reminder_bot_reminders_timezone"
 - name: (Deprecation) Catch and report renamed settings
  fail:
  ansible.builtin.fail:
    msg: >-
      Your configuration contains a variable, which now has a different name.
      Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
--- a/roles/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2
+++ b/roles/matrix-bot-matrix-reminder-bot/templates/config.yaml.j2
@@ -1,5 +1,5 @@
 # The string to prefix bot commands with
 command_prefix: "!"
 command_prefix: "{{ matrix_bot_matrix_reminder_bot_command_prefix }}"
 # Options for connecting to the bot's Matrix account
 matrix:
--- a/roles/matrix-bot-maubot/tasks/init.yml
+++ b/roles/matrix-bot-maubot/tasks/init.yml
@@ -3,7 +3,7 @@
 - name: Add maubot to the systemd service list
  ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-maubot.service'] }}"
  when: matrix_bot_maubot_enabled|bool
  when: matrix_bot_maubot_enabled | bool
 - name: Configure nginx for maubot
  block:
@@ -11,7 +11,7 @@
      ansible.builtin.set_fact:
        matrix_bot_maubot_matrix_nginx_proxy_configuration: |
          location ~ ^/(_matrix/maubot/.*) {
          {% if matrix_nginx_proxy_enabled|default(False) %}
          {% if matrix_nginx_proxy_enabled | default(False) %}
            {# Use the embedded DNS resolver in Docker containers to discover the service #}
             resolver 127.0.0.11 valid=5s;
             set $backend "matrix-bot-maubot:29316/$1";
@@ -25,13 +25,13 @@
            proxy_set_header Connection "upgrade";
          {% endif %}
          }
      when: matrix_bot_maubot_proxy_management_interface|bool
      when: matrix_bot_maubot_proxy_management_interface | bool
    - name: Register Maubot's proxying configuration with matrix-nginx-proxy
      ansible.builtin.set_fact:
        matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
          {{
            matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
            matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
            +
            [matrix_bot_maubot_matrix_nginx_proxy_configuration]
          }}
@@ -44,4 +44,4 @@
          reverse proxy.
          Please make sure that you're proxying the `/_matrix/maubot`
          URL endpoint to the matrix-maubot container.
      when: "matrix_bot_maubot_enabled|bool and matrix_bot_maubot_proxy_management_interface|bool and matrix_nginx_proxy_enabled is not defined"
      when: "matrix_bot_maubot_enabled | bool and matrix_bot_maubot_proxy_management_interface | bool and matrix_nginx_proxy_enabled is not defined"
--- a/roles/matrix-bot-mjolnir/defaults/main.yml
+++ b/roles/matrix-bot-mjolnir/defaults/main.yml
@@ -1,10 +1,10 @@
 ---
 # A moderation tool for Matrix
 # See: https://github.com/matrix-org/mjolnir
 # Project source code URL: https://github.com/matrix-org/mjolnir
 matrix_bot_mjolnir_enabled: true
 matrix_bot_mjolnir_version: "v1.4.2"
 matrix_bot_mjolnir_version: "v1.5.0"
 matrix_bot_mjolnir_container_image_self_build: false
 matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git"
@@ -52,8 +52,8 @@ matrix_bot_mjolnir_configuration_extension_yaml: |
  # If you need something more special, you can take full control by
  # completely redefining `matrix_bot_mjolnir_configuration_yaml`.
 matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration_extension_yaml|from_yaml if matrix_bot_mjolnir_configuration_extension_yaml|from_yaml is mapping else {} }}"
 matrix_bot_mjolnir_configuration_extension: "{{ matrix_bot_mjolnir_configuration_extension_yaml | from_yaml if matrix_bot_mjolnir_configuration_extension_yaml | from_yaml is mapping else {} }}"
 # Holds the final configuration (a combination of the default and its extension).
 # You most likely don't need to touch this variable. Instead, see `matrix_bot_mjolnir_configuration_yaml`.
 matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml|from_yaml|combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"
 matrix_bot_mjolnir_configuration: "{{ matrix_bot_mjolnir_configuration_yaml | from_yaml | combine(matrix_bot_mjolnir_configuration_extension, recursive=True) }}"
--- a/roles/matrix-bot-mjolnir/tasks/init.yml
+++ b/roles/matrix-bot-mjolnir/tasks/init.yml
@@ -2,10 +2,10 @@
 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
 - name: Fail if trying to self-build on Ansible < 2.8
  fail:
  ansible.builtin.fail:
    msg: "To self-build the Mjolnir image, you should use Ansible 2.8 or higher. See docs/ansible.md"
  when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_bot_mjolnir_container_image_self_build and matrix_bot_mjolnir_enabled"
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-mjolnir.service'] }}"
  when: matrix_bot_mjolnir_enabled|bool
  when: matrix_bot_mjolnir_enabled | bool
--- a/roles/matrix-bot-mjolnir/tasks/main.yml
+++ b/roles/matrix-bot-mjolnir/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_bot_mjolnir_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_bot_mjolnir_enabled | bool"
  tags:
    - setup-all
    - setup-bot-mjolnir
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_bot_mjolnir_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_bot_mjolnir_enabled | bool"
  tags:
    - setup-all
    - setup-bot-mjolnir
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_bot_mjolnir_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_bot_mjolnir_enabled | bool"
  tags:
    - setup-all
    - setup-bot-mjolnir
--- a/roles/matrix-bot-mjolnir/tasks/setup_install.yml
+++ b/roles/matrix-bot-mjolnir/tasks/setup_install.yml
@@ -1,10 +1,10 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_bot_mjolnir_requires_restart: false
 - name: Ensure matrix-bot-mjolnir paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -15,7 +15,7 @@
    - {path: "{{ matrix_bot_mjolnir_config_path }}", when: true}
    - {path: "{{ matrix_bot_mjolnir_data_path }}", when: true}
    - {path: "{{ matrix_bot_mjolnir_docker_src_files_path }}", when: "{{ matrix_bot_mjolnir_container_image_self_build }}"}
  when: "item.when|bool"
  when: "item.when | bool"
 - name: Ensure mjolnir Docker image is pulled
  docker_image:
@@ -23,14 +23,14 @@
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_bot_mjolnir_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_mjolnir_docker_image_force_pull }}"
  when: "not matrix_bot_mjolnir_container_image_self_build|bool"
  when: "not matrix_bot_mjolnir_container_image_self_build | bool"
  register: result
  retries: "{{ matrix_container_retries_count }}"
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed
 - name: Ensure mjolnir repository is present on self-build
  git:
  ansible.builtin.git:
    repo: "{{ matrix_bot_mjolnir_container_image_self_build_repo }}"
    dest: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
    version: "{{ matrix_bot_mjolnir_docker_image.split(':')[1] }}"
@@ -38,7 +38,7 @@
  become: true
  become_user: "{{ matrix_user_username }}"
  register: matrix_bot_mjolnir_git_pull_results
  when: "matrix_bot_mjolnir_container_image_self_build|bool"
  when: "matrix_bot_mjolnir_container_image_self_build | bool"
 - name: Ensure mjolnir Docker image is built
  docker_image:
@@ -49,30 +49,30 @@
      dockerfile: Dockerfile
      path: "{{ matrix_bot_mjolnir_docker_src_files_path }}"
      pull: true
  when: "matrix_bot_mjolnir_container_image_self_build|bool"
  when: "matrix_bot_mjolnir_container_image_self_build | bool"
 - name: Ensure matrix-bot-mjolnir config installed
  copy:
    content: "{{ matrix_bot_mjolnir_configuration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_bot_mjolnir_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_bot_mjolnir_config_path }}/production.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Ensure matrix-bot-mjolnir.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-bot-mjolnir.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service"
    mode: 0644
  register: matrix_bot_mjolnir_systemd_service_result
 - name: Ensure systemd reloaded after matrix-bot-mjolnir.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_mjolnir_systemd_service_result.changed|bool"
  when: "matrix_bot_mjolnir_systemd_service_result.changed | bool"
 - name: Ensure matrix-bot-mjolnir.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-bot-mjolnir.service"
    state: restarted
  when: "matrix_bot_mjolnir_requires_restart|bool"
  when: "matrix_bot_mjolnir_requires_restart | bool"
--- a/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml
+++ b/roles/matrix-bot-mjolnir/tasks/setup_uninstall.yml
@@ -1,32 +1,32 @@
 ---
 - name: Check existence of matrix-bot-mjolnir service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service"
  register: matrix_bot_mjolnir_service_stat
 - name: Ensure matrix-bot-mjolnir is stopped
  service:
  ansible.builtin.service:
    name: matrix-bot-mjolnir
    state: stopped
    enabled: false
    daemon_reload: true
  register: stopping_result
  when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
  when: "matrix_bot_mjolnir_service_stat.stat.exists | bool"
 - name: Ensure matrix-bot-mjolnir.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-bot-mjolnir.service"
    state: absent
  when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
  when: "matrix_bot_mjolnir_service_stat.stat.exists | bool"
 - name: Ensure systemd reloaded after matrix-bot-mjolnir.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_bot_mjolnir_service_stat.stat.exists|bool"
  when: "matrix_bot_mjolnir_service_stat.stat.exists | bool"
 - name: Ensure matrix-bot-mjolnir paths don't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_bot_mjolnir_base_path }}"
    state: absent
--- a/roles/matrix-bot-mjolnir/tasks/validate_config.yml
+++ b/roles/matrix-bot-mjolnir/tasks/validate_config.yml
@@ -1,7 +1,7 @@
 ---
 - name: Fail if required variables are undefined
  fail:
  ansible.builtin.fail:
    msg: "The `{{ item }}` variable must be defined and have a non-null value."
  with_items:
    - "matrix_bot_mjolnir_access_token"
--- a/roles/matrix-bridge-appservice-discord/defaults/main.yml
+++ b/roles/matrix-bridge-appservice-discord/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 # matrix-appservice-discord is a Matrix <-> Discord bridge
 # See: https://github.com/Half-Shot/matrix-appservice-discord
 # Project source code URL: https://github.com/Half-Shot/matrix-appservice-discord
 matrix_appservice_discord_enabled: true
@@ -39,10 +39,10 @@ matrix_appservice_discord_appservice_url: 'http://matrix-appservice-discord:9005
 matrix_appservice_discord_bridge_domain: "{{ matrix_domain }}"
 # As of right now, the homeserver URL must be a public URL. See below.
 matrix_appservice_discord_bridge_homeserverUrl: "{{ matrix_homeserver_url }}"
 matrix_appservice_discord_bridge_disablePresence: false
 matrix_appservice_discord_bridge_enableSelfServiceBridging: false
 matrix_appservice_discord_bridge_disablePortalBridging: false
 matrix_appservice_discord_bridge_homeserverUrl: "{{ matrix_homeserver_url }}"  # noqa var-naming
 matrix_appservice_discord_bridge_disablePresence: false  # noqa var-naming
 matrix_appservice_discord_bridge_enableSelfServiceBridging: false  # noqa var-naming
 matrix_appservice_discord_bridge_disablePortalBridging: false  # noqa var-naming
 # Database-related configuration fields.
 #
@@ -65,7 +65,7 @@ matrix_appservice_discord_database_name: 'matrix_appservice_discord'
 # These 2 variables are what actually ends up in the bridge configuration.
 # It's best if you don't change them directly, but rather redefine the sub-variables that constitute them.
 matrix_appservice_discord_database_filename: "{{ matrix_appservice_discord_sqlite_database_path_in_container }}"
 matrix_appservice_discord_database_connString: 'postgresql://{{ matrix_appservice_discord_database_username }}:{{ matrix_appservice_discord_database_password }}@{{ matrix_appservice_discord_database_hostname }}:{{ matrix_appservice_discord_database_port }}/{{ matrix_appservice_discord_database_name }}'
 matrix_appservice_discord_database_connString: 'postgresql://{{ matrix_appservice_discord_database_username }}:{{ matrix_appservice_discord_database_password }}@{{ matrix_appservice_discord_database_hostname }}:{{ matrix_appservice_discord_database_port }}/{{ matrix_appservice_discord_database_name }}'  # noqa var-naming
 # Tells whether the bot should make use of "Privileged Gateway Intents".
@@ -74,7 +74,7 @@ matrix_appservice_discord_database_connString: 'postgresql://{{ matrix_appservic
 # by triggering all Intent checkboxes on a page like this: `https://discord.com/developers/applications/694448564151123988/bot`
 #
 # Learn more: https://gist.github.com/advaith1/e69bcc1cdd6d0087322734451f15aa2f
 matrix_appservice_discord_auth_usePrivilegedIntents: false
 matrix_appservice_discord_auth_usePrivilegedIntents: false  # noqa var-naming
 matrix_appservice_discord_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
@@ -87,9 +87,9 @@ matrix_appservice_discord_configuration_extension_yaml: |
  # If you need something more special, you can take full control by
  # completely redefining `matrix_appservice_discord_configuration_yaml`.
 matrix_appservice_discord_configuration_extension: "{{ matrix_appservice_discord_configuration_extension_yaml|from_yaml if matrix_appservice_discord_configuration_extension_yaml|from_yaml is mapping else {} }}"
 matrix_appservice_discord_configuration_extension: "{{ matrix_appservice_discord_configuration_extension_yaml | from_yaml if matrix_appservice_discord_configuration_extension_yaml | from_yaml is mapping else {} }}"
 matrix_appservice_discord_configuration: "{{ matrix_appservice_discord_configuration_yaml|from_yaml|combine(matrix_appservice_discord_configuration_extension, recursive=True) }}"
 matrix_appservice_discord_configuration: "{{ matrix_appservice_discord_configuration_yaml | from_yaml | combine(matrix_appservice_discord_configuration_extension, recursive=True) }}"
 matrix_appservice_discord_registration_yaml: |
  #jinja2: lstrip_blocks: "True"
@@ -99,14 +99,14 @@ matrix_appservice_discord_registration_yaml: |
  namespaces:
    users:
    - exclusive: true
      regex: '@_discord_.*:{{ matrix_appservice_discord_homeserver_domain|regex_escape }}'
      regex: '@_discord_.*:{{ matrix_appservice_discord_homeserver_domain | regex_escape }}'
    aliases:
    - exclusive: true
      regex: '#_discord_.*:{{ matrix_appservice_discord_homeserver_domain|regex_escape }}'
      regex: '#_discord_.*:{{ matrix_appservice_discord_homeserver_domain | regex_escape }}'
  url: {{ matrix_appservice_discord_appservice_url }}
  sender_localpart: _discord_bot
  rate_limited: false
  protocols:
    - discord
 matrix_appservice_discord_registration: "{{ matrix_appservice_discord_registration_yaml|from_yaml }}"
 matrix_appservice_discord_registration: "{{ matrix_appservice_discord_registration_yaml | from_yaml }}"
--- a/roles/matrix-bridge-appservice-discord/tasks/init.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/init.yml
@@ -2,28 +2,28 @@
 # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
 # We don't want to fail in such cases.
 - name: Fail if matrix-synapse role already executed
  fail:
  ansible.builtin.fail:
    msg: >-
      The matrix-bridge-appservice-discord role needs to execute before the matrix-synapse role.
  when: "matrix_appservice_discord_enabled and matrix_synapse_role_executed|default(False)"
  when: "matrix_appservice_discord_enabled and matrix_synapse_role_executed | default(False)"
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-discord.service'] }}"
  when: matrix_appservice_discord_enabled|bool
  when: matrix_appservice_discord_enabled | bool
 # If the matrix-synapse role is not used, these variables may not exist.
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_synapse_container_extra_arguments: >
      {{
        matrix_synapse_container_extra_arguments|default([])
        matrix_synapse_container_extra_arguments | default([])
        +
        ["--mount type=bind,src={{ matrix_appservice_discord_config_path }}/registration.yaml,dst=/matrix-appservice-discord-registration.yaml,ro"]
      }}
    matrix_synapse_app_service_config_files: >
      {{
        matrix_synapse_app_service_config_files|default([])
        matrix_synapse_app_service_config_files | default([])
        +
        ["/matrix-appservice-discord-registration.yaml"]
      }}
  when: matrix_appservice_discord_enabled|bool
  when: matrix_appservice_discord_enabled | bool
--- a/roles/matrix-bridge-appservice-discord/tasks/main.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_appservice_discord_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-discord
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_appservice_discord_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_appservice_discord_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-discord
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_appservice_discord_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_appservice_discord_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-discord
--- a/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/setup_install.yml
@@ -1,29 +1,31 @@
 ---
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_appservice_discord_requires_restart: false
 - block:
    - name: Check if an SQLite database already exists
      stat:
      ansible.builtin.stat:
        path: "{{ matrix_appservice_discord_sqlite_database_path_local }}"
      register: matrix_appservice_discord_sqlite_database_path_local_stat_result
    - block:
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_postgres_db_migration_request:
              src: "{{ matrix_appservice_discord_sqlite_database_path_local }}"
              dst: "{{ matrix_appservice_discord_database_connString }}"
              caller: "{{ role_path|basename }}"
              caller: "{{ role_path | basename }}"
              engine_variable_name: 'matrix_appservice_discord_database_engine'
              engine_old: 'sqlite'
              systemd_services_to_stop: ['matrix-appservice-discord.service']
        - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
        - ansible.builtin.import_role:
            name: matrix-postgres
            tasks_from: migrate_db_to_postgres
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_appservice_discord_requires_restart: true
      when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists|bool"
      when: "matrix_appservice_discord_sqlite_database_path_local_stat_result.stat.exists | bool"
  when: "matrix_appservice_discord_database_engine == 'postgres'"
 - name: Ensure Appservice Discord image is pulled
@@ -38,7 +40,7 @@
  until: result is not failed
 - name: Ensure AppService Discord paths exist
  file:
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    mode: 0750
@@ -50,12 +52,12 @@
    - "{{ matrix_appservice_discord_data_path }}"
 - name: Check if an old database file already exists
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_appservice_discord_base_path }}/discord.db"
  register: matrix_appservice_discord_stat_db
 - name: (Data relocation) Ensure matrix-appservice-discord.service is stopped
  service:
  ansible.builtin.service:
    name: matrix-appservice-discord
    state: stopped
    enabled: false
@@ -64,7 +66,7 @@
  when: "matrix_appservice_discord_stat_db.stat.exists"
 - name: (Data relocation) Move AppService Discord discord.db file to ./data directory
  command: "mv {{ matrix_appservice_discord_base_path }}/{{ item }} {{ matrix_appservice_discord_data_path }}/{{ item }}"
  ansible.builtin.command: "mv {{ matrix_appservice_discord_base_path }}/{{ item }} {{ matrix_appservice_discord_data_path }}/{{ item }}"
  with_items:
    - discord.db
    - user-store.db
@@ -72,16 +74,16 @@
  when: "matrix_appservice_discord_stat_db.stat.exists"
 - name: Ensure AppService Discord config.yaml installed
  copy:
    content: "{{ matrix_appservice_discord_configuration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_appservice_discord_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_appservice_discord_config_path }}/config.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Ensure AppService Discord registration.yaml installed
  copy:
    content: "{{ matrix_appservice_discord_registration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_appservice_discord_registration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_appservice_discord_config_path }}/registration.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
@@ -90,7 +92,7 @@
 # If `matrix_appservice_discord_client_id` hasn't changed, the same invite link would be generated.
 # We intentionally suppress Ansible changes.
 - name: Generate AppService Discord invite link
  shell: >-
  ansible.builtin.shell: >-
    {{ matrix_host_command_docker }} run --rm --name matrix-appservice-discord-link-gen
    --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
    --cap-drop=ALL
@@ -101,19 +103,19 @@
  changed_when: false
 - name: Ensure matrix-appservice-discord.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-appservice-discord.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-appservice-discord.service"
    mode: 0644
  register: matrix_appservice_discord_systemd_service_result
 - name: Ensure systemd reloaded after matrix-appservice-discord.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_appservice_discord_systemd_service_result.changed"
 - name: Ensure matrix-appservice-discord.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-appservice-discord.service"
    state: restarted
  when: "matrix_appservice_discord_requires_restart|bool"
  when: "matrix_appservice_discord_requires_restart | bool"
--- a/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/setup_uninstall.yml
@@ -1,12 +1,12 @@
 ---
 - name: Check existence of matrix-appservice-discord service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-appservice-discord.service"
  register: matrix_appservice_discord_service_stat
 - name: Ensure matrix-appservice-discord is stopped
  service:
  ansible.builtin.service:
    name: matrix-appservice-discord
    state: stopped
    enabled: false
@@ -14,12 +14,12 @@
  when: "matrix_appservice_discord_service_stat.stat.exists"
 - name: Ensure matrix-appservice-discord.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-appservice-discord.service"
    state: absent
  when: "matrix_appservice_discord_service_stat.stat.exists"
 - name: Ensure systemd reloaded after matrix-appservice-discord.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_appservice_discord_service_stat.stat.exists"
--- a/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml
+++ b/roles/matrix-bridge-appservice-discord/tasks/validate_config.yml
@@ -1,7 +1,7 @@
 ---
 - name: Fail if required settings not defined
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
@@ -13,7 +13,7 @@
    - "matrix_appservice_discord_homeserver_domain"
 - name: (Deprecation) Catch and report renamed appservice-discord variables
  fail:
  ansible.builtin.fail:
    msg: >-
      Your configuration contains a variable, which now has a different name.
      Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
@@ -22,5 +22,5 @@
    - {'old': 'matrix_appservice_discord_container_expose_client_server_api_port', 'new': '<superseded by matrix_appservice_discord_container_http_host_bind_port>'}
 - name: Require a valid database engine
  fail: msg="`matrix_appservice_discord_database_engine` needs to be either 'sqlite' or 'postgres'"
  ansible.builtin.fail: msg="`matrix_appservice_discord_database_engine` needs to be either 'sqlite' or 'postgres'"
  when: "matrix_appservice_discord_database_engine not in ['sqlite', 'postgres']"
--- a/roles/matrix-bridge-appservice-discord/templates/config.yaml.j2
+++ b/roles/matrix-bridge-appservice-discord/templates/config.yaml.j2
@@ -34,7 +34,7 @@ bridge:
  determineCodeLanguage: false
 # Authentication configuration for the discord bot.
 auth:
  clientID: {{ matrix_appservice_discord_client_id|string|to_json }}
  clientID: {{ matrix_appservice_discord_client_id | string|to_json }}
  botToken: {{ matrix_appservice_discord_bot_token|to_json }}
  # You must enable "Privileged Gateway Intents" in your bot settings on discord.com (e.g. https://discord.com/developers/applications/12345/bot)
  # for this to work
--- a/roles/matrix-bridge-appservice-irc/defaults/main.yml
+++ b/roles/matrix-bridge-appservice-irc/defaults/main.yml
@@ -1,15 +1,19 @@
 ---
 # Matrix Appservice IRC is a Matrix <-> IRC bridge
 # See: https://github.com/matrix-org/matrix-appservice-irc
 # Project source code URL: https://github.com/matrix-org/matrix-appservice-irc
 matrix_appservice_irc_enabled: true
 matrix_appservice_irc_container_image_self_build: false
 matrix_appservice_irc_docker_repo: "https://github.com/matrix-org/matrix-appservice-irc.git"
 matrix_appservice_irc_docker_repo_version: "{{ 'master' if matrix_appservice_irc_version == 'latest' else matrix_appservice_irc_version }}"
 matrix_appservice_irc_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-irc/docker-src"
 matrix_appservice_irc_version: release-0.34.0
 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_version }}"
 # matrix_appservice_irc_version used to contain the full Docker image tag (e.g. `release-X.X.X`).
 # It's a bare version number now. We try to somewhat retain compatibility below.
 matrix_appservice_irc_version: 0.34.0
 matrix_appservice_irc_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-irc:{{ matrix_appservice_irc_docker_image_tag }}"
 matrix_appservice_irc_docker_image_tag: "{{ 'latest' if matrix_appservice_irc_version == 'latest' else ('release-' + matrix_appservice_irc_version) }}"
 matrix_appservice_irc_docker_image_force_pull: "{{ matrix_appservice_irc_docker_image.endswith(':latest') }}"
 matrix_appservice_irc_base_path: "{{ matrix_base_data_path }}/appservice-irc"
@@ -19,7 +23,7 @@ matrix_appservice_irc_data_path: "{{ matrix_appservice_irc_base_path }}/data"
 matrix_appservice_irc_homeserver_url: "{{ matrix_homeserver_container_url }}"
 matrix_appservice_irc_homeserver_media_url: 'https://{{ matrix_server_fqn_matrix }}'
 matrix_appservice_irc_homeserver_domain: '{{ matrix_domain }}'
 matrix_appservice_irc_homeserver_enablePresence: true
 matrix_appservice_irc_homeserver_enablePresence: true  # noqa var-naming
 matrix_appservice_irc_appservice_address: 'http://matrix-appservice-irc:9999'
 matrix_appservice_irc_database_engine: nedb
@@ -34,14 +38,15 @@ matrix_appservice_irc_database_name: matrix_appservice_irc
 matrix_appservice_irc_database_connection_string: 'postgresql://{{ matrix_appservice_irc_database_username }}:{{ matrix_appservice_irc_database_password }}@{{ matrix_appservice_irc_database_hostname }}:{{ matrix_appservice_irc_database_port }}/{{ matrix_appservice_irc_database_name }}?sslmode=disable'
 # This is what actually goes into `database.connectionString` for the bridge.
 matrix_appservice_irc_database_connectionString: "{{
 	{
 		'nedb': 'nedb:///data',
 		'postgres': matrix_appservice_irc_database_connection_string,
 	}[matrix_appservice_irc_database_engine]
 }}"
 matrix_appservice_irc_database_connectionString: |-  # noqa var-naming
  {{
    {
      'nedb': 'nedb:///data',
      'postgres': matrix_appservice_irc_database_connection_string,
    }[matrix_appservice_irc_database_engine]
  }}
 matrix_appservice_irc_ircService_servers: []
 matrix_appservice_irc_ircService_servers: []  # noqa var-naming
 # Example of `matrix_appservice_irc_ircService_servers` with one server (and all its options):
 #
@@ -382,9 +387,9 @@ matrix_appservice_irc_configuration_extension_yaml: |
  # If you need something more special, you can take full control by
  # completely redefining `matrix_appservice_irc_configuration_yaml`.
 matrix_appservice_irc_configuration_extension: "{{ matrix_appservice_irc_configuration_extension_yaml|from_yaml if matrix_appservice_irc_configuration_extension_yaml|from_yaml is mapping else {} }}"
 matrix_appservice_irc_configuration_extension: "{{ matrix_appservice_irc_configuration_extension_yaml | from_yaml if matrix_appservice_irc_configuration_extension_yaml | from_yaml is mapping else {} }}"
 matrix_appservice_irc_configuration: "{{ matrix_appservice_irc_configuration_yaml|from_yaml|combine(matrix_appservice_irc_configuration_extension, recursive=True) }}"
 matrix_appservice_irc_configuration: "{{ matrix_appservice_irc_configuration_yaml | from_yaml | combine(matrix_appservice_irc_configuration_extension, recursive=True) }}"
 # The original registration.yaml file generated by AppService IRC is merged with this config override,
 # to produce the final registration.yaml file ultimately used by both the bridge and the homeserver.
@@ -399,4 +404,4 @@ matrix_appservice_irc_registration_override_yaml: |
  as_token: "{{ matrix_appservice_irc_appservice_token }}"
  hs_token: "{{ matrix_appservice_irc_homeserver_token }}"
 matrix_appservice_irc_registration_override: "{{ matrix_appservice_irc_registration_override_yaml|from_yaml }}"
 matrix_appservice_irc_registration_override: "{{ matrix_appservice_irc_registration_override_yaml | from_yaml }}"
--- a/roles/matrix-bridge-appservice-irc/tasks/init.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml
@@ -2,35 +2,35 @@
 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
 - name: Fail if trying to self-build on Ansible < 2.8
  fail:
    msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md"
  ansible.builtin.fail:
    msg: "To self-build the matrix-appservice-irc image, you should use Ansible 2.8 or higher. See docs/ansible.md"
  when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_appservice_irc_container_image_self_build and matrix_appservice_irc_enabled"
 # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
 # We don't want to fail in such cases.
 - name: Fail if matrix-synapse role already executed
  fail:
  ansible.builtin.fail:
    msg: >-
      The matrix-bridge-appservice-irc role needs to execute before the matrix-synapse role.
  when: "matrix_appservice_irc_enabled|bool and matrix_synapse_role_executed|default(False)"
  when: "matrix_appservice_irc_enabled | bool and matrix_synapse_role_executed | default(False)"
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-irc.service'] }}"
  when: matrix_appservice_irc_enabled|bool
  when: matrix_appservice_irc_enabled | bool
 # If the matrix-synapse role is not used, these variables may not exist.
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_synapse_container_extra_arguments: >
      {{
        matrix_synapse_container_extra_arguments|default([])
        matrix_synapse_container_extra_arguments | default([])
        +
        ["--mount type=bind,src={{ matrix_appservice_irc_config_path }}/registration.yaml,dst=/matrix-appservice-irc-registration.yaml,ro"]
      }}
    matrix_synapse_app_service_config_files: >
      {{
        matrix_synapse_app_service_config_files|default([])
        matrix_synapse_app_service_config_files | default([])
        +
        ["/matrix-appservice-irc-registration.yaml"]
      }}
  when: matrix_appservice_irc_enabled|bool
  when: matrix_appservice_irc_enabled | bool
--- a/roles/matrix-bridge-appservice-irc/tasks/main.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_appservice_irc_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-irc
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_appservice_irc_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_appservice_irc_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-irc
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_appservice_irc_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_appservice_irc_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-irc
--- a/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/migrate_nedb_to_postgres.yml
@@ -1,46 +1,46 @@
 ---
 - name: Fail if Postgres not enabled
  fail:
  ansible.builtin.fail:
    msg: "Postgres via the matrix-postgres role is not enabled (`matrix_postgres_enabled`). Cannot migrate."
  when: "not matrix_postgres_enabled|bool"
  when: "not matrix_postgres_enabled | bool"
 # Defaults
 - name: Set postgres_start_wait_time, if not provided
  set_fact:
  ansible.builtin.set_fact:
    postgres_start_wait_time: 15
  when: "postgres_start_wait_time|default('') == ''"
  when: "postgres_start_wait_time | default('') == ''"
 # Actual import work
 - name: Ensure matrix-postgres is started
  service:
  ansible.builtin.service:
    name: matrix-postgres
    state: started
    daemon_reload: true
  register: matrix_postgres_service_start_result
 - name: Wait a bit, so that Postgres can start
  wait_for:
  ansible.builtin.wait_for:
    timeout: "{{ postgres_start_wait_time }}"
  delegate_to: 127.0.0.1
  become: false
  when: "matrix_postgres_service_start_result.changed|bool"
  when: "matrix_postgres_service_start_result.changed | bool"
 - name: Check existence of matrix-appservice-irc service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service"
  register: matrix_appservice_irc_service_stat
 - name: Ensure matrix-appservice-irc is stopped
  service:
  ansible.builtin.service:
    name: matrix-appservice-irc
    state: stopped
  when: "matrix_appservice_irc_service_stat.stat.exists"
 - name: Import appservice-irc NeDB database into Postgres
  command:
  ansible.builtin.command:
    cmd: >-
      {{ matrix_host_command_docker }} run
      --rm
@@ -52,19 +52,23 @@
      {{ matrix_appservice_irc_docker_image }}
      -c
      '/usr/local/bin/node /app/lib/scripts/migrate-db-to-pgres.js --dbdir /data --privateKey /data/passkey.pem --connectionString {{ matrix_appservice_irc_database_connection_string }}'
  register: matrix_appservice_irc_import_nedb_to_postgres_result
  changed_when: matrix_appservice_irc_import_nedb_to_postgres_result.rc == 0
 - name: Archive NeDB database files
  command:
  ansible.builtin.command:
    cmd: "mv {{ matrix_appservice_irc_data_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}.backup"
  with_items:
    - rooms.db
    - users.db
  register: matrix_appservice_irc_import_nedb_to_postgres_move_result
  changed_when: matrix_appservice_irc_import_nedb_to_postgres_move_result.rc == 0
 - name: Inject result
  set_fact:
  ansible.builtin.set_fact:
    matrix_playbook_runtime_results: |
      {{
        matrix_playbook_runtime_results|default([])
        matrix_playbook_runtime_results | default([])
        +
        [
          "NOTE: Your appservice-irc database files have been imported into Postgres. The original database files have been moved from `{{ matrix_appservice_irc_data_path }}/*.db` to `{{ matrix_appservice_irc_data_path }}/*.db.backup`. When you've confirmed that the import went well and everything works, you should be able to safely delete these files."
--- a/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/setup_install.yml
@@ -1,9 +1,9 @@
 ---
 - import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/../matrix-base/tasks/util/ensure_openssl_installed.yml"
 - name: Ensure Appservice IRC paths exist
  file:
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: directory
    mode: 0750
@@ -14,47 +14,53 @@
    - {path: "{{ matrix_appservice_irc_config_path }}", when: true}
    - {path: "{{ matrix_appservice_irc_data_path }}", when: true}
    - {path: "{{ matrix_appservice_irc_docker_src_files_path }}", when: "{{ matrix_appservice_irc_container_image_self_build }}"}
  when: item.when|bool
  when: item.when | bool
 - name: Check if an old passkey file already exists
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_appservice_irc_base_path }}/passkey.pem"
  register: matrix_appservice_irc_stat_passkey
 - block:
    - name: (Data relocation) Ensure matrix-appservice-irc.service is stopped
      service:
      ansible.builtin.service:
        name: matrix-appservice-irc
        state: stopped
        daemon_reload: true
      failed_when: false
    - name: (Data relocation) Move AppService IRC passkey.pem file to ./data directory
      command: "mv {{ matrix_appservice_irc_base_path }}/passkey.pem {{ matrix_appservice_irc_data_path }}/passkey.pem"
      ansible.builtin.command:
        cmd: "mv {{ matrix_appservice_irc_base_path }}/passkey.pem {{ matrix_appservice_irc_data_path }}/passkey.pem"
      register: matrix_appservice_irc_move_passkey_result
      changed_when: matrix_appservice_irc_move_passkey_result.rc == 0
    - name: (Data relocation) Move AppService IRC database files to ./data directory
      command: "mv {{ matrix_appservice_irc_base_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}"
      ansible.builtin.command:
        cmd: "mv {{ matrix_appservice_irc_base_path }}/{{ item }} {{ matrix_appservice_irc_data_path }}/{{ item }}"
      register: matrix_appservice_irc_move_dbs_result
      changed_when: matrix_appservice_irc_move_dbs_result.rc == 0
      with_items:
        - rooms.db
        - users.db
      failed_when: false
  when: "matrix_appservice_irc_stat_passkey.stat.exists"
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_appservice_irc_requires_restart: false
 - block:
    - name: Check if a nedb database already exists
      stat:
      ansible.builtin.stat:
        path: "{{ matrix_appservice_irc_data_path }}/users.db"
      register: matrix_appservice_irc_nedb_database_path_local_stat_result
    - block:
        - import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml"
        - ansible.builtin.import_tasks: "{{ role_path }}/tasks/migrate_nedb_to_postgres.yml"
        - set_fact:
        - ansible.builtin.set_fact:
            matrix_appservice_irc_requires_restart: true
      when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists|bool"
      when: "matrix_appservice_irc_nedb_database_path_local_stat_result.stat.exists | bool"
  when: "matrix_appservice_irc_database_engine == 'postgres'"
 - name: Ensure Appservice IRC image is pulled
@@ -63,21 +69,22 @@
    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
    force_source: "{{ matrix_appservice_irc_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_irc_docker_image_force_pull }}"
  when: "matrix_appservice_irc_enabled|bool and not matrix_appservice_irc_container_image_self_build|bool"
  when: "matrix_appservice_irc_enabled | bool and not matrix_appservice_irc_container_image_self_build | bool"
  register: result
  retries: "{{ matrix_container_retries_count }}"
  delay: "{{ matrix_container_retries_delay }}"
  until: result is not failed
 - name: Ensure matrix-appservice-irc repository is present when self-building
  git:
  ansible.builtin.git:
    repo: "{{ matrix_appservice_irc_docker_repo }}"
    version: "{{ matrix_appservice_irc_docker_repo_version }}"
    dest: "{{ matrix_appservice_irc_docker_src_files_path }}"
    force: "yes"
  become: true
  become_user: "{{ matrix_user_username }}"
  register: matrix_appservice_irc_git_pull_results
  when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool"
  when: "matrix_appservice_irc_enabled | bool and matrix_appservice_irc_container_image_self_build | bool"
 - name: Ensure matrix-appservice-irc Docker image is built
  docker_image:
@@ -89,23 +96,23 @@
      dockerfile: Dockerfile
      path: "{{ matrix_appservice_irc_docker_src_files_path }}"
      pull: true
  when: "matrix_appservice_irc_enabled|bool and matrix_appservice_irc_container_image_self_build|bool and matrix_appservice_irc_git_pull_results.changed"
  when: "matrix_appservice_irc_enabled | bool and matrix_appservice_irc_container_image_self_build | bool and matrix_appservice_irc_git_pull_results.changed"
 - name: Ensure Matrix Appservice IRC config installed
  copy:
    content: "{{ matrix_appservice_irc_configuration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_appservice_irc_configuration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_appservice_irc_config_path }}/config.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Check if Appservice IRC passkey exists
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
  register: irc_passkey_file
 - name: Generate Appservice IRC passkey if it doesn't exist
  shell: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048"
  ansible.builtin.shell: "{{ matrix_host_command_openssl }} genpkey -out {{ matrix_appservice_irc_data_path }}/passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048"
  become: true
  become_user: "{{ matrix_user_username }}"
  when: "not irc_passkey_file.stat.exists"
@@ -113,7 +120,7 @@
 # In the past, we used to generate the passkey.pem file with root, so permissions may not be okay.
 # Fix it.
 - name: (Migration) Ensure Appservice IRC passkey permissions are okay
  file:
  ansible.builtin.file:
    path: "{{ matrix_appservice_irc_data_path }}/passkey.pem"
    mode: 0644
    owner: "{{ matrix_user_username }}"
@@ -139,7 +146,7 @@
 # an up-to-date file, and we fix it up with some static values later on,
 # to produce a final registration.yaml file, as we desire.
 - name: Generate Appservice IRC registration-template.yaml
  shell: >-
  ansible.builtin.shell: >-
    {{ matrix_host_command_docker }} run --rm --name matrix-appservice-irc-gen
    --user={{ matrix_user_uid }}:{{ matrix_user_gid }}
    --cap-drop=ALL
@@ -157,46 +164,46 @@
  changed_when: false
 - name: Read Appservice IRC registration-template.yaml
  slurp:
  ansible.builtin.slurp:
    src: "{{ matrix_appservice_irc_config_path }}/registration-template.yaml"
  register: matrix_appservice_irc_registration_template_slurp
 - name: Remove unnecessary Appservice IRC registration-template.yaml
  file:
  ansible.builtin.file:
    path: "{{ matrix_appservice_irc_config_path }}/registration-template.yaml"
    state: absent
  changed_when: false
 - name: Parse registration-template.yaml
  set_fact:
  ansible.builtin.set_fact:
    matrix_appservice_irc_registration_template: "{{ matrix_appservice_irc_registration_template_slurp['content'] | b64decode | from_yaml }}"
 - name: Combine registration-template.yaml and own registration override config
  set_fact:
    matrix_appservice_irc_registration: "{{ matrix_appservice_irc_registration_template|combine(matrix_appservice_irc_registration_override, recursive=True) }}"
  ansible.builtin.set_fact:
    matrix_appservice_irc_registration: "{{ matrix_appservice_irc_registration_template | combine(matrix_appservice_irc_registration_override, recursive=True) }}"
 - name: Ensure Appservice IRC registration.yaml installed
  copy:
    content: "{{ matrix_appservice_irc_registration|to_nice_yaml(indent=2, width=999999) }}"
  ansible.builtin.copy:
    content: "{{ matrix_appservice_irc_registration | to_nice_yaml(indent=2, width=999999) }}"
    dest: "{{ matrix_appservice_irc_config_path }}/registration.yaml"
    mode: 0644
    owner: "{{ matrix_user_username }}"
    group: "{{ matrix_user_groupname }}"
 - name: Ensure matrix-appservice-irc.service installed
  template:
  ansible.builtin.template:
    src: "{{ role_path }}/templates/systemd/matrix-appservice-irc.service.j2"
    dest: "{{ matrix_systemd_path }}/matrix-appservice-irc.service"
    mode: 0644
  register: matrix_appservice_irc_systemd_service_result
 - name: Ensure systemd reloaded after matrix-appservice-irc.service installation
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_appservice_irc_systemd_service_result.changed"
 - name: Ensure matrix-appservice-irc.service restarted, if necessary
  service:
  ansible.builtin.service:
    name: "matrix-appservice-irc.service"
    state: restarted
  when: "matrix_appservice_irc_requires_restart|bool"
  when: "matrix_appservice_irc_requires_restart | bool"
--- a/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/setup_uninstall.yml
@@ -1,12 +1,12 @@
 ---
 - name: Check existence of matrix-appservice-irc service
  stat:
  ansible.builtin.stat:
    path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service"
  register: matrix_appservice_irc_service_stat
 - name: Ensure matrix-appservice-irc is stopped
  service:
  ansible.builtin.service:
    name: matrix-appservice-irc
    state: stopped
    enabled: false
@@ -14,12 +14,12 @@
  when: "matrix_appservice_irc_service_stat.stat.exists"
 - name: Ensure matrix-appservice-irc.service doesn't exist
  file:
  ansible.builtin.file:
    path: "{{ matrix_systemd_path }}/matrix-appservice-irc.service"
    state: absent
  when: "matrix_appservice_irc_service_stat.stat.exists"
 - name: Ensure systemd reloaded after matrix-appservice-irc.service removal
  service:
  ansible.builtin.service:
    daemon_reload: true
  when: "matrix_appservice_irc_service_stat.stat.exists"
--- a/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml
+++ b/roles/matrix-bridge-appservice-irc/tasks/validate_config.yml
@@ -1,7 +1,7 @@
 ---
 - name: Fail if required settings not defined
  fail:
  ansible.builtin.fail:
    msg: >-
      You need to define a required configuration setting (`{{ item }}`).
  when: "vars[item] == ''"
@@ -17,7 +17,7 @@
 #
 # This is a safety check to ensure we fail earlier and in a nicer way.
 - name: Fail if no additional configuration provided
  fail:
  ansible.builtin.fail:
    msg: >-
      Your Appservice IRC configuration is incomplete (lacking an `ircService.servers` configuration).
      You need to define one or more servers by either using `matrix_appservice_irc_ircService_servers`
@@ -26,7 +26,7 @@
  when: "matrix_appservice_irc_configuration.ircService.servers|length == 0"
 - name: (Deprecation) Catch and report renamed appservice-irc variables
  fail:
  ansible.builtin.fail:
    msg: >-
      Your configuration contains a variable, which now has a different name.
      Please change your configuration to rename the variable (`{{ item.old }}` -> `{{ item.new }}`).
--- a/roles/matrix-bridge-appservice-slack/defaults/main.yml
+++ b/roles/matrix-bridge-appservice-slack/defaults/main.yml
@@ -1,15 +1,19 @@
 ---
 # matrix-appservice-slack is a Matrix <-> Slack bridge
 # See: https://github.com/matrix-org/matrix-appservice-slack
 # Project source code URL: https://github.com/matrix-org/matrix-appservice-slack
 matrix_appservice_slack_enabled: true
 matrix_appservice_slack_container_image_self_build: false
 matrix_appservice_slack_docker_repo: "https://github.com/matrix-org/matrix-appservice-slack.git"
 matrix_appservice_slack_docker_repo_version: "{{ 'master' if matrix_appservice_slack_version == 'latest' else matrix_appservice_slack_version }}"
 matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-slack/docker-src"
 matrix_appservice_slack_version: release-1.11.0
 matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_version }}"
 # matrix_appservice_slack_version used to contain the full Docker image tag (e.g. `release-X.X.X`).
 # It's a bare version number now. We try to somewhat retain compatibility below.
 matrix_appservice_slack_version: 1.11.0
 matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_docker_image_tag }}"
 matrix_appservice_slack_docker_image_tag: "{{ 'latest' if matrix_appservice_slack_version == 'latest' else ('release-' + matrix_appservice_slack_version) }}"
 matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}"
 matrix_appservice_slack_base_path: "{{ matrix_base_data_path }}/appservice-slack"
@@ -63,12 +67,13 @@ matrix_appservice_slack_database_name: matrix_appservice_slack
 matrix_appservice_slack_database_connection_string: 'postgresql://{{ matrix_appservice_slack_database_username }}:{{ matrix_appservice_slack_database_password }}@{{ matrix_appservice_slack_database_hostname }}:{{ matrix_appservice_slack_database_port }}/{{ matrix_appservice_slack_database_name }}?sslmode=disable'
 # This is what actually goes into `database.connectionString` for the bridge.
 matrix_appservice_slack_database_connectionString: "{{
 	{
 		'nedb': 'nedb:///data',
 		'postgres': matrix_appservice_slack_database_connection_string,
 	}[matrix_appservice_slack_database_engine]
 }}"
 matrix_appservice_slack_database_connectionString: |-  # noqa var-naming
  {{
    {
      'nedb': 'nedb:///data',
      'postgres': matrix_appservice_slack_database_connection_string,
    }[matrix_appservice_slack_database_engine]
  }}
 matrix_appservice_slack_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
@@ -95,9 +100,9 @@ matrix_appservice_slack_configuration_extension_yaml: |
    #    - "./debug.log": "info"
    #- "./error.log": "error"
 matrix_appservice_slack_configuration_extension: "{{ matrix_appservice_slack_configuration_extension_yaml|from_yaml if matrix_appservice_slack_configuration_extension_yaml|from_yaml else {} }}"
 matrix_appservice_slack_configuration_extension: "{{ matrix_appservice_slack_configuration_extension_yaml | from_yaml if matrix_appservice_slack_configuration_extension_yaml | from_yaml else {} }}"
 matrix_appservice_slack_configuration: "{{ matrix_appservice_slack_configuration_yaml|from_yaml|combine(matrix_appservice_slack_configuration_extension, recursive=True) }}"
 matrix_appservice_slack_configuration: "{{ matrix_appservice_slack_configuration_yaml | from_yaml | combine(matrix_appservice_slack_configuration_extension, recursive=True) }}"
 matrix_appservice_slack_registration_yaml: |
  id: "{{ matrix_appservice_slack_id_token }}"
@@ -111,9 +116,9 @@ matrix_appservice_slack_registration_yaml: |
    - exclusive: false
      regex: '#{{ matrix_appservice_slack_user_prefix }}.*'
    rooms: []
  url: "{{matrix_appservice_slack_appservice_url}}:{{ matrix_appservice_slack_matrix_port }}"
  url: "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_matrix_port }}"
  sender_localpart: slackbot
  rate_limited: true
  protocols: null
 matrix_appservice_slack_registration: "{{ matrix_appservice_slack_registration_yaml|from_yaml }}"
 matrix_appservice_slack_registration: "{{ matrix_appservice_slack_registration_yaml | from_yaml }}"
--- a/roles/matrix-bridge-appservice-slack/tasks/init.yml
+++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml
@@ -2,62 +2,62 @@
 # See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1070
 # and https://github.com/spantaleev/matrix-docker-ansible-deploy/commit/1ab507349c752042d26def3e95884f6df8886b74#commitcomment-51108407
 - name: Fail if trying to self-build on Ansible < 2.8
  fail:
    msg: "To self-build the Element image, you should use Ansible 2.8 or higher. See docs/ansible.md"
  ansible.builtin.fail:
    msg: "To self-build the matrix-appservice-slack image, you should use Ansible 2.8 or higher. See docs/ansible.md"
  when: "ansible_version.major == 2 and ansible_version.minor < 8 and matrix_appservice_slack_container_image_self_build and matrix_appservice_slack_enabled"
 # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
 # We don't want to fail in such cases.
 - name: Fail if matrix-synapse role already executed
  fail:
  ansible.builtin.fail:
    msg: >-
      The matrix-bridge-appservice-slack role needs to execute before the matrix-synapse role.
  when: "matrix_synapse_role_executed|default(False)"
  when: "matrix_synapse_role_executed | default(False)"
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-slack.service'] }}"
  when: matrix_appservice_slack_enabled|bool
  when: matrix_appservice_slack_enabled | bool
 # If the matrix-synapse role is not used, these variables may not exist.
 - set_fact:
 - ansible.builtin.set_fact:
    matrix_synapse_container_extra_arguments: >
      {{
        matrix_synapse_container_extra_arguments|default([])
        matrix_synapse_container_extra_arguments | default([])
        +
        ["--mount type=bind,src={{ matrix_appservice_slack_config_path }}/slack-registration.yaml,dst=/matrix-appservice-slack-registration.yaml,ro"]
      }}
    matrix_synapse_app_service_config_files: >
      {{
        matrix_synapse_app_service_config_files|default([])
        matrix_synapse_app_service_config_files | default([])
        +
        ["/matrix-appservice-slack-registration.yaml"]
      }}
  when: matrix_appservice_slack_enabled|bool
  when: matrix_appservice_slack_enabled | bool
 # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
 # We don't want to fail in such cases.
 - name: Fail if matrix-synapse role already executed
  fail:
  ansible.builtin.fail:
    msg: >-
      The matrix-bridge-appservice-slack role needs to execute before the matrix-synapse role.
  when: "matrix_synapse_role_executed|default(False)"
  when: "matrix_synapse_role_executed | default(False)"
 - block:
    - name: Fail if matrix-nginx-proxy role already executed
      fail:
      ansible.builtin.fail:
        msg: >-
          Trying to append Slack Appservice's reverse-proxying configuration to matrix-nginx-proxy,
          but it's pointless since the matrix-nginx-proxy role had already executed.
          To fix this, please change the order of roles in your playbook,
          so that the matrix-nginx-proxy role would run after the matrix-bridge-appservice-slack role.
      when: matrix_nginx_proxy_role_executed|default(False)|bool
      when: matrix_nginx_proxy_role_executed | default(False) | bool
    - name: Generate Matrix Appservice Slack proxying configuration for matrix-nginx-proxy
      set_fact:
      ansible.builtin.set_fact:
        matrix_appservice_slack_matrix_nginx_proxy_configuration: |
          location {{ matrix_appservice_slack_public_endpoint }} {
          {% if matrix_nginx_proxy_enabled|default(False) %}
          {% if matrix_nginx_proxy_enabled | default(False) %}
              {# Use the embedded DNS resolver in Docker containers to discover the service #}
              resolver 127.0.0.11 valid=5s;
              set $backend "{{ matrix_appservice_slack_appservice_url }}:{{ matrix_appservice_slack_slack_port }}";
@@ -69,23 +69,23 @@
          }
    - name: Register Slack Appservice proxying configuration with matrix-nginx-proxy
      set_fact:
      ansible.builtin.set_fact:
        matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks: |
          {{
            matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks|default([])
            matrix_nginx_proxy_proxy_matrix_additional_server_configuration_blocks | default([])
            +
            [matrix_appservice_slack_matrix_nginx_proxy_configuration]
          }}
  tags:
    - always
  when: matrix_appservice_slack_enabled|bool
  when: matrix_appservice_slack_enabled | bool
 - name: Warn about reverse-proxying if matrix-nginx-proxy not used
  debug:
  ansible.builtin.debug:
    msg: >-
      NOTE: You've enabled the Matrix Slack bridge but are not using the matrix-nginx-proxy
      reverse proxy.
      Please make sure that you're proxying the `{{ something }}`
      URL endpoint to the matrix-appservice-slack container.
      You can expose the container's port using the `matrix_appservice_slack_container_http_host_bind_port` variable.
  when: "matrix_appservice_slack_enabled|bool and not matrix_nginx_proxy_enabled|default(False)|bool"
  when: "matrix_appservice_slack_enabled | bool and not matrix_nginx_proxy_enabled | default(False) | bool"
--- a/roles/matrix-bridge-appservice-slack/tasks/main.yml
+++ b/roles/matrix-bridge-appservice-slack/tasks/main.yml
@@ -1,23 +1,23 @@
 ---
 - import_tasks: "{{ role_path }}/tasks/init.yml"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml"
  tags:
    - always
 - import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup|bool and matrix_appservice_slack_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml"
  when: "run_setup | bool and matrix_appservice_slack_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-slack
 - import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup|bool and matrix_appservice_slack_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml"
  when: "run_setup | bool and matrix_appservice_slack_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-slack
 - import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup|bool and not matrix_appservice_slack_enabled|bool"
 - ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
  when: "run_setup | bool and not matrix_appservice_slack_enabled | bool"
  tags:
    - setup-all
    - setup-appservice-slack