Merge branch 'spantaleev:master' into master

CHANGELOG.md

@@ -1,3 +1,24 @@
+# 2024-06-22
+
+## The maubot user is now managed by the playbook
+
+To make things easier and to be consistent with other roles, the [maubot](./docs/configuring-playbook-bot-maubot.md) user (`bot.maubot` by default) is [now](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3376) automatically created be the playbook.
+
+If you have an existing maubot installation, you will need to specify `matrix_bot_maubot_initial_password` in your `vars.yml` file to make the playbook not complain about it being undefined.
+Since the bot is already registered in your installation, there's nothing for the playbook to do anyway. In case you don't remember the password you've registered your maubot user account with, you can specify any value for this variable.
+
+If you've registered another username for the bot (other than the recommended default of `bot.maubot`), consider adjusting the `matrix_bot_maubot_login` variable (e.g. `matrix_bot_maubot_login: my.maubot.username`).
+
+
+# 2024-06-03
+
+## WeChat bridging support
+
+Thanks to [Tobias Diez](https://github.com/tobiasdiez)'s [efforts](https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/3241), the playbook now supports bridging to [WeChat](https://www.wechat.com/) via the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge.
+
+See our [Setting up WeChat bridging](docs/configuring-playbook-bridge-wechat.md) documentation page for getting started.
+
+
 # 2024-03-26
 
 ## (Backward Compatibility Break) The playbook now defaults to KeyDB, instead of Redis

docs/configuring-playbook-bot-maubot.md

@@ -14,45 +14,42 @@ Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.
 
 ```yaml
 matrix_bot_maubot_enabled: true
+
+# Uncomment and adjust this part if you'd like to use a username different than the default
+# matrix_bot_maubot_login: bot.maubot
+
+# Generate a strong password here. Consider generating it with `pwgen -s 64 1`
+matrix_bot_maubot_initial_password: PASSWORD_FOR_THE_BOT
+
 matrix_bot_maubot_admins:
   - yourusername: securepassword
 ```
 
-You can add multiple admins. The admin accounts are not connected to any matrix ID and are only used to access the
-maubot administration interface.
+You can add multiple admins. The admin accounts are only used to access the maubot administration interface.
 
 
 ## Installing
 
-After configuring the playbook, run the [installation](installing.md) command again:
+After configuring the playbook, run the [installation](installing.md) command again (`just install-all`):
 
-```
-ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start
-```
+**Notes**:
+
+- if you change the bot password (`matrix_bot_maubot_initial_password` in your `vars.yml` file) subsequently,
+  the bot user's credentials on the homeserver won't be updated automatically.
+  If you'd like to change the bot user's password, use a tool like [synapse-admin](configuring-playbook-synapse-admin.md) to change it.
 
 ## Usage
 
 You can visit `matrix.<your-domain>/_matrix/maubot/` to manage your available plugins, clients and instances.
 
 You should start in the following order
-1. **Create one or more clients:** A client is a matrix account which the bot will use to message.
+1. **Create one or more clients:** A client is a matrix account which the bot will use to message. By default, the playbook creates a `bot.maubot` account (as per the configuration above). You only need to [obtain an access token](#obtaining-an-access-token) for it
 2. **Upload some Plugins:** Plugins can be obtained from [here](https://github.com/maubot/maubot#plugins) or any other source.
 3. **Create an instance:** An instance is the actual bot. You have to specify a client which the bot instance will use 
 and the plugin (how the bot will behave)
 
-To add a client you first need to create an account and obtain a valid access token.
-
-## Registering the bot user
-
-You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md):
-
-```
-ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=bot.maubot password=PASSWORD_FOR_THE_BOT admin=yes' --tags=register-user
-```
-
-Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`.
+## Obtaining an access token
 
-## Obtaining an admin access token
+This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands, you'll first need to `exec` into the maubot container with `docker exec -it matrix-bot-maubot sh`.
 
-This can be done via `mbc login` then `mbc auth` (see the [maubot documentation](https://docs.mau.fi/maubot/usage/cli/auth.html)). To run these commands you'll need to open the bot docker container with `docker exec -it matrix-bot-maubot sh`
-Alternatively, use Element or curl to [obtain an access token](obtaining-access-tokens.md).
+Alternatively, you can follow our generic [obtain an access token](obtaining-access-tokens.md) documentation.

docs/configuring-playbook-bridge-wechat.md

@@ -0,0 +1,17 @@
+# Setting up the WeChat Bridge (optional)
+
+The playbook can install and configure the [matrix-wechat](https://github.com/duo/matrix-wechat) bridge for you (for bridging to the [WeChat](https://www.wechat.com/) network).
+
+See the project page to learn what it does and why it might be useful to you.
+
+To enable the bridge, use the following playbook configuration and re-run the playbook's [installation](./installing.md) procedure:
+
+```yaml
+matrix_wechat_enabled: true
+```
+
+## Usage
+
+Once the bridge is installed, start a chat with `@wechatbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base domain, not the `matrix.` domain).
+
+Send `help` to the bot to see the available commands.

docs/configuring-playbook-prometheus-grafana.md

@@ -79,6 +79,8 @@ Name | Description
 `prometheus_postgres_exporter_enabled`|Set this to `true` to enable the [Postgres exporter](configuring-playbook-prometheus-postgres.md) (locally, on the container network)
 `prometheus_postgres_exporter_container_labels_traefik_enabled`|Set this to `true` to expose the [Postgres exporter](configuring-playbook-prometheus-postgres.md) metrics on `https://matrix.DOMAIN/metrics/postgres-exporter`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above.
 `matrix_prometheus_nginxlog_exporter_enabled`|Set this to `true` to enable the [NGINX Log exporter](configuring-playbook-prometheus-nginxlog.md) (locally, on the container network)
+`matrix_sliding_sync_metrics_enabled`|Set this to `true` to make [Sliding Sync](configuring-playbook-sliding-sync-proxy.md) expose metrics (locally, on the container network)
+`matrix_sliding_sync_metrics_proxying_enabled`|Set this to `true` to expose the [Sliding Sync](configuring-playbook-sliding-sync-proxy.md) metrics on `https://matrix.DOMAIN/metrics/sliding-sync`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above.
 `matrix_bridge_hookshot_metrics_enabled`|Set this to `true` to make [Hookshot](configuring-playbook-bridge-hookshot.md) expose metrics (locally, on the container network)
 `matrix_bridge_hookshot_metrics_proxying_enabled`|Set this to `true` to expose the [Hookshot](configuring-playbook-bridge-hookshot.md) metrics on `https://matrix.DOMAIN/metrics/hookshot`. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above.
 `matrix_SERVICE_metrics_proxying_enabled`|Various other services/roles may provide similar `_metrics_enabled` and `_metrics_proxying_enabled` variables for exposing their metrics. Refer to each role for details. To password-protect the metrics, see `matrix_metrics_exposure_http_basic_auth_users` above or `matrix_SERVICE_container_labels_metrics_middleware_basic_auth_enabled`/`matrix_SERVICE_container_labels_metrics_middleware_basic_auth_users` variables provided by each role.

docs/configuring-playbook-synapse-auto-accept-invite.md

@@ -5,7 +5,12 @@ The playbook can install and configure [synapse-auto-invite-accept](https://gith
 See that project's [documentation](https://github.com/matrix-org/synapse-auto-accept-invite) to learn what it does and why it might be useful to you.
 In short, it automatically accepts room invites. You can specify that only 1:1 room invites are auto-accepted. Defaults to false if not specified.
 
-If you decide that you'd like to let this playbook install it for you, you need a configuration like this:
+**NOTE**: Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the same feature [has been merged](https://github.com/element-hq/synapse/pull/17147) into Synapse (see the [Native alternative](#native-alternative) section below). You'd better use the native feature, instead of the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module.
+
+
+## Configuration
+
+If you decide that you'd like to let this playbook install the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite module for you, you need a configuration like this:
 
 ```yaml
 matrix_synapse_ext_synapse_auto_accept_invite_enabled: true
@@ -13,12 +18,30 @@ matrix_synapse_ext_synapse_auto_accept_invite_enabled: true
 matrix_synapse_ext_synapse_auto_accept_invite_accept_invites_only_direct_messages: true
 ```
 
-## Synapse worker deployments
+### Synapse worker deployments
 
-In a [workerized Synapse deployment](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/c9a842147e09647c355799ca024d65a5de66b099/docs/configuring-playbook-synapse.md#load-balancing-with-workers) it is possible to run this module on a worker to reduce the load on the main process (Default is 'null'). For example add this to your configuration:
+In a [workerized Synapse deployment](https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/c9a842147e09647c355799ca024d65a5de66b099/docs/configuring-playbook-synapse.md#load-balancing-with-workers) it is possible to run this module on a worker to reduce the load on the main process (Default is `null`). For example, add this to your configuration:
 
 ```yaml
 matrix_synapse_ext_synapse_auto_accept_invite_worker_to_run_on: 'matrix-synapse-worker-generic-0'
 ```
 
-There might be an [issue with federation](https://github.com/matrix-org/synapse-auto-accept-invite/issues/18).
+There might be an [issue with federation](https://github.com/matrix-org/synapse-auto-accept-invite/issues/18).
+
+
+## Native alternative
+
+Since Synapse [v1.109.0](https://github.com/element-hq/synapse/releases/tag/v1.109.0), the functionality provided by the [synapse-auto-invite-accept](https://github.com/matrix-org/synapse-auto-accept-invite) 3rd party module [has been made](https://github.com/element-hq/synapse/pull/17147) part of Synapse.
+
+Here's example configuration for using the **native** Synapse feature:
+
+```yml
+matrix_synapse_auto_accept_invites_enabled: true
+
+# Default settings below. Uncomment and adjust if necessary.
+# matrix_synapse_auto_accept_invites_only_for_direct_messages: false
+# matrix_synapse_auto_accept_invites_only_from_local_users: false
+
+# If workers are enabled, you may delegate usage to a specific worker.
+# matrix_synapse_auto_accept_invites_worker_to_run_on: 'matrix-synapse-worker-generic-0'
+```

docs/configuring-playbook.md

@@ -178,6 +178,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
 
 - [Setting up Heisenbridge bouncer-style IRC bridging](configuring-playbook-bridge-heisenbridge.md) (optional)
 
+- [Setting up WeChat bridging](configuring-playbook-bridge-wechat.md) (optional)
+
 
 ### Bots
 

docs/maintenance-postgres.md

@@ -111,7 +111,7 @@ You can manually influence some of the tuning variables . These parameters (vari
 
 Most users should be fine with the automatically-done tuning. However, you may wish to:
 
-- **adjust the automatically-deterimned tuning parameters manually**: change the values for the tuning variables defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) (see `devture_postgres_max_connections`, `devture_postgres_data_storage` etc). These variables are ultimately passed to Postgres via a `devture_postgres_postgres_process_extra_arguments_auto` variable
+- **adjust the automatically-determined tuning parameters manually**: change the values for the tuning variables defined in the Postgres role's [default configuration file](https://github.com/devture/com.devture.ansible.role.postgres/blob/main/defaults/main.yml) (see `devture_postgres_max_connections`, `devture_postgres_data_storage` etc). These variables are ultimately passed to Postgres via a `devture_postgres_postgres_process_extra_arguments_auto` variable
 
 - **turn automatically-performed tuning off**: override it like this: `devture_postgres_postgres_process_extra_arguments_auto: []`
 

group_vars/matrix_servers

@@ -93,6 +93,8 @@ matrix_homeserver_container_extra_arguments_auto: |
     +
     (['--mount type=bind,src=' + matrix_go_skype_bridge_config_path + '/registration.yaml,dst=/matrix-go-skype-bridge-registration.yaml,ro'] if matrix_go_skype_bridge_enabled else [])
     +
+    (['--mount type=bind,src=' + matrix_wechat_config_path + '/registration.yaml,dst=/matrix-wechat-registration.yaml,ro'] if matrix_wechat_enabled else [])
+    +
     (['--mount type=bind,src=' + matrix_heisenbridge_base_path + '/registration.yaml,dst=/heisenbridge-registration.yaml,ro'] if matrix_heisenbridge_enabled else [])
     +
     (['--mount type=bind,src=' + matrix_hookshot_base_path + '/registration.yml,dst=/hookshot-registration.yml,ro'] if matrix_hookshot_enabled else [])
@@ -162,6 +164,8 @@ matrix_homeserver_app_service_config_files_auto: |
     +
     (['/matrix-go-skype-bridge-registration.yaml'] if matrix_go_skype_bridge_enabled else [])
     +
+    (['/matrix-wechat-registration.yaml'] if matrix_wechat_enabled else [])
+    +
     (['/heisenbridge-registration.yaml'] if matrix_heisenbridge_enabled else [])
     +
     (['/hookshot-registration.yml'] if matrix_hookshot_enabled else [])
@@ -298,6 +302,10 @@ devture_systemd_service_manager_services_list_auto: |
     +
     ([{'name': 'matrix-go-skype-bridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'go-skype']}] if matrix_go_skype_bridge_enabled else [])
     +
+    ([{'name': 'matrix-wechat.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'wechat']}] if matrix_wechat_enabled else [])
+    +
+    ([{'name': 'matrix-wechat-agent.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'wechat']}] if matrix_wechat_enabled else [])
+    +
     ([{'name': 'matrix-heisenbridge.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'heisenbridge']}] if matrix_heisenbridge_enabled else [])
     +
     ([{'name': 'matrix-hookshot.service', 'priority': 2000, 'groups': ['matrix', 'bridges', 'hookshot', 'bridge-hookshot']}] if matrix_hookshot_enabled else [])
@@ -1713,6 +1721,57 @@ matrix_mautrix_wsproxy_syncproxy_database_password: "{{ '%s' | format(matrix_hom
 #
 ######################################################################
 
+######################################################################
+#
+# matrix-bridge-wechat
+#
+######################################################################
+
+# We don't enable bridges by default.
+matrix_wechat_enabled: false
+
+matrix_wechat_systemd_required_services_list_auto: |
+  {{
+    matrix_addons_homeserver_systemd_services_list
+    +
+    ([devture_postgres_identifier ~ '.service'] if (devture_postgres_enabled and matrix_wechat_database_hostname == devture_postgres_connection_hostname) else [])
+  }}
+
+matrix_wechat_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
+
+matrix_wechat_agent_container_image_self_build: "{{ matrix_architecture not in ['amd64'] }}"
+
+matrix_wechat_container_network: "{{ matrix_addons_container_network }}"
+
+matrix_wechat_container_additional_networks_auto: |-
+  {{
+    (
+      ([] if matrix_addons_homeserver_container_network == '' else [matrix_addons_homeserver_container_network])
+      +
+      ([devture_postgres_container_network] if (devture_postgres_enabled and matrix_wechat_database_hostname == devture_postgres_connection_hostname and matrix_wechat_container_network != devture_postgres_container_network) else [])
+    ) | unique
+  }}
+
+matrix_wechat_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.as.token', rounds=655555) | to_uuid }}"
+
+matrix_wechat_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
+matrix_wechat_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.hs.token', rounds=655555) | to_uuid }}"
+
+matrix_wechat_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
+
+matrix_wechat_bridge_listen_secret: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'wechat.lstn', rounds=655555) | to_uuid }}"
+
+# Postgres is the default, except if not using internal Postgres server
+matrix_wechat_database_engine: "{{ 'postgres' if devture_postgres_enabled else 'sqlite' }}"
+matrix_wechat_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
+matrix_wechat_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'gowechat.db', rounds=655555) | to_uuid }}"
+
+######################################################################
+#
+# /matrix-bridge-wechat
+#
+######################################################################
+
 ######################################################################
 #
 # matrix-bridge-mautrix-whatsapp
@@ -2814,7 +2873,7 @@ backup_borg_location_exclude_patterns: |
 
 backup_borg_systemd_required_services_list: |
   {{
-    ['docker.service']
+    [devture_systemd_docker_base_docker_service_name]
     +
     ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
   }}
@@ -3031,7 +3090,7 @@ matrix_coturn_container_additional_volumes: |
 
 matrix_coturn_systemd_required_services_list: |
   {{
-    ['docker.service']
+    [devture_systemd_docker_base_docker_service_name]
     +
     ([devture_traefik_certs_dumper_identifier + '-wait-for-domain@' + matrix_server_fqn_matrix + '.service'] if matrix_playbook_reverse_proxy_type in ['playbook-managed-traefik', 'other-traefik-container'] and devture_traefik_certs_dumper_enabled and matrix_coturn_tls_enabled else [])
   }}
@@ -3149,7 +3208,7 @@ etherpad_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certReso
 
 etherpad_systemd_required_services_list: |
   {{
-    ['docker.service']
+    [devture_systemd_docker_base_docker_service_name]
     +
     ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled else [])
   }}
@@ -3694,6 +3753,12 @@ devture_postgres_managed_databases_auto: |
       'password': matrix_go_skype_bridge_database_password,
     }] if (matrix_go_skype_bridge_enabled and matrix_go_skype_bridge_database_engine == 'postgres' and matrix_go_skype_bridge_database_hostname == devture_postgres_connection_hostname) else [])
     +
+    ([{
+      'name': matrix_wechat_database_name,
+      'username': matrix_wechat_database_username,
+      'password': matrix_wechat_database_password,
+    }] if (matrix_wechat_enabled and matrix_wechat_database_engine == 'postgres' and matrix_wechat_database_hostname == devture_postgres_connection_hostname) else [])
+    +
     ([{
       'name': matrix_mautrix_facebook_database_name,
       'username': matrix_mautrix_facebook_database_username,
@@ -4876,6 +4941,9 @@ matrix_sliding_sync_container_labels_traefik_docker_network: "{{ matrix_playbook
 matrix_sliding_sync_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
 matrix_sliding_sync_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
 
+matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
+matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
+
 matrix_sliding_sync_systemd_required_services_list_auto: |
   {{
     matrix_homeserver_systemd_services_list
@@ -4889,7 +4957,13 @@ matrix_sliding_sync_environment_variable_syncv3_secret: "{{ '%s' | format(matrix
 matrix_sliding_sync_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
 matrix_sliding_sync_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'ss.db', rounds=655555) | to_uuid }}"
 
-######################################################################
+matrix_sliding_sync_metrics_enabled: "{{ prometheus_enabled or matrix_metrics_exposure_enabled }}"
+
+matrix_sliding_sync_metrics_proxying_enabled: "{{ matrix_sliding_sync_metrics_enabled and matrix_metrics_exposure_enabled }}"
+matrix_sliding_sync_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}"
+matrix_sliding_sync_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/sliding-sync"
+
+#####################################################################
 #
 # /matrix-sliding-sync
 #
@@ -5100,6 +5174,12 @@ matrix_user_creator_users_auto: |
       'initial_password': matrix_bot_buscarron_password,
       'initial_type': 'bot',
     }] if matrix_bot_buscarron_enabled else [])
+    +
+    ([{
+      'username': matrix_bot_maubot_login,
+      'initial_password': matrix_bot_maubot_initial_password,
+      'initial_type': 'bot',
+    }] if matrix_bot_maubot_enabled else [])
   }}
 
 ######################################################################
@@ -5119,7 +5199,7 @@ matrix_user_verification_service_enabled: false
 
 matrix_user_verification_service_systemd_required_services_list: |
   {{
-    ['docker.service']
+    [devture_systemd_docker_base_docker_service_name]
     +
     (['matrix-' + matrix_homeserver_implementation + '.service'])
   }}
@@ -5260,7 +5340,7 @@ devture_traefik_container_additional_networks_auto: |
 
 devture_traefik_systemd_required_services_list: |
   {{
-    (['docker.service'])
+    ([devture_systemd_docker_base_docker_service_name])
     +
     ([devture_container_socket_proxy_identifier + '.service'] if devture_container_socket_proxy_enabled else [])
   }}

requirements.yml

@@ -4,10 +4,10 @@
   version: v1.0.0-3
   name: auxiliary
 - src: git+https://gitlab.com/etke.cc/roles/backup_borg.git
-  version: v1.2.8-1.8.9-0
+  version: v1.2.8-1.8.11-1
   name: backup_borg
 - src: git+https://github.com/devture/com.devture.ansible.role.container_socket_proxy.git
-  version: v0.1.2-1
+  version: v0.1.2-2
   name: container_socket_proxy
 - src: git+https://github.com/geerlingguy/ansible-role-docker
   version: 7.2.0
@@ -16,22 +16,22 @@
   version: 129c8590e106b83e6f4c259649a613c6279e937a
   name: docker_sdk_for_python
 - src: git+https://gitlab.com/etke.cc/roles/etherpad.git
-  version: v2.0.3-0
+  version: v2.1.0-1
   name: etherpad
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
   version: v4.97.1-r0-0-2
   name: exim_relay
 - src: git+https://gitlab.com/etke.cc/roles/grafana.git
-  version: v11.0.0-0
+  version: v11.0.0-1
   name: grafana
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-jitsi.git
-  version: v9457-3
+  version: v9457-5
   name: jitsi
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-keydb.git
-  version: v6.3.4-1
+  version: v6.3.4-2
   name: keydb
 - src: git+https://gitlab.com/etke.cc/roles/ntfy.git
-  version: v2.10.0-0
+  version: v2.10.0-1
   name: ntfy
 - src: git+https://github.com/devture/com.devture.ansible.role.playbook_help.git
   version: 201c939eed363de269a83ba29784fc3244846048
@@ -43,25 +43,25 @@
   version: ff2fd42e1c1a9e28e3312bbd725395f9c2fc7f16
   name: playbook_state_preserver
 - src: git+https://github.com/devture/com.devture.ansible.role.postgres.git
-  version: v16.3-0
+  version: v16.3-1
   name: postgres
 - src: git+https://github.com/devture/com.devture.ansible.role.postgres_backup.git
-  version: 046004a8cb9946979b72ce81c2526c8033ea8067
+  version: 8c3585fb4857dbac026b2974bb6525289240effb
   name: postgres_backup
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus.git
-  version: v2.52.0-0
+  version: v2.53.0-0
   name: prometheus
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-node-exporter.git
-  version: v1.8.1-0
+  version: v1.8.1-1
   name: prometheus_node_exporter
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-prometheus-postgres-exporter.git
-  version: v0.14.0-4
+  version: v0.14.0-5
   name: prometheus_postgres_exporter
 - src: git+https://gitlab.com/etke.cc/roles/redis.git
-  version: v7.2.4-0
+  version: v7.2.4-1
   name: redis
 - src: git+https://github.com/devture/com.devture.ansible.role.systemd_docker_base.git
-  version: v1.1.0-0
+  version: v1.2.0-0
   name: systemd_docker_base
 - src: git+https://github.com/devture/com.devture.ansible.role.systemd_service_manager.git
   version: v1.0.0-4
@@ -70,8 +70,8 @@
   version: v1.0.0-0
   name: timesync
 - src: git+https://github.com/devture/com.devture.ansible.role.traefik.git
-  version: v2.11.2-0
+  version: v2.11.4-0
   name: traefik
 - src: git+https://github.com/devture/com.devture.ansible.role.traefik_certs_dumper.git
-  version: v2.8.3-1
+  version: v2.8.3-2
   name: traefik_certs_dumper

roles/custom/matrix-appservice-draupnir-for-all/defaults/main.yml

@@ -30,7 +30,7 @@ matrix_appservice_draupnir_for_all_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-draupnir.service depends on
 matrix_appservice_draupnir_for_all_systemd_required_services_list: "{{ matrix_appservice_draupnir_for_all_systemd_required_services_list_default + matrix_appservice_draupnir_for_all_systemd_required_services_list_auto + matrix_appservice_draupnir_for_all_systemd_required_services_list_custom }}"
-matrix_appservice_draupnir_for_all_systemd_required_services_list_default: ['docker.service']
+matrix_appservice_draupnir_for_all_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_appservice_draupnir_for_all_systemd_required_services_list_auto: []
 matrix_appservice_draupnir_for_all_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-buscarron/defaults/main.yml

@@ -88,7 +88,7 @@ matrix_bot_buscarron_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-buscarron.service depends on
 matrix_bot_buscarron_systemd_required_services_list: "{{ matrix_bot_buscarron_systemd_required_services_list_default + matrix_bot_buscarron_systemd_required_services_list_auto + matrix_bot_buscarron_systemd_required_services_list_custom }}"
-matrix_bot_buscarron_systemd_required_services_list_default: ['docker.service']
+matrix_bot_buscarron_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_buscarron_systemd_required_services_list_auto: []
 matrix_bot_buscarron_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-chatgpt/defaults/main.yml

@@ -37,7 +37,7 @@ matrix_bot_chatgpt_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-chatgpt.service depends on
 matrix_bot_chatgpt_systemd_required_services_list: "{{ matrix_bot_chatgpt_systemd_required_services_list_default + matrix_bot_chatgpt_systemd_required_services_list_auto + matrix_bot_chatgpt_systemd_required_services_list_custom }}"
-matrix_bot_chatgpt_systemd_required_services_list_default: ['docker.service']
+matrix_bot_chatgpt_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_chatgpt_systemd_required_services_list_auto: []
 matrix_bot_chatgpt_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-draupnir/defaults/main.yml

@@ -30,7 +30,7 @@ matrix_bot_draupnir_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-draupnir.service depends on
 matrix_bot_draupnir_systemd_required_services_list: "{{ matrix_bot_draupnir_systemd_required_services_list_default + matrix_bot_draupnir_systemd_required_services_list_auto + matrix_bot_draupnir_systemd_required_services_list_custom }}"
-matrix_bot_draupnir_systemd_required_services_list_default: ['docker.service']
+matrix_bot_draupnir_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_draupnir_systemd_required_services_list_auto: []
 matrix_bot_draupnir_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-go-neb/defaults/main.yml

@@ -87,7 +87,7 @@ matrix_bot_go_neb_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-go-neb.service depends on
 matrix_bot_go_neb_systemd_required_services_list: "{{ matrix_bot_go_neb_systemd_required_services_list_default + matrix_bot_go_neb_systemd_required_services_list_auto + matrix_bot_go_neb_systemd_required_services_list_custom }}"
-matrix_bot_go_neb_systemd_required_services_list_default: ['docker.service']
+matrix_bot_go_neb_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_go_neb_systemd_required_services_list_auto: []
 matrix_bot_go_neb_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-honoroit/defaults/main.yml

@@ -84,7 +84,7 @@ matrix_bot_honoroit_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-honoroit.service depends on
 matrix_bot_honoroit_systemd_required_services_list: "{{ matrix_bot_honoroit_systemd_required_services_list_default + matrix_bot_honoroit_systemd_required_services_list_auto + matrix_bot_honoroit_systemd_required_services_list_custom }}"
-matrix_bot_honoroit_systemd_required_services_list_default: ['docker.service']
+matrix_bot_honoroit_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_honoroit_systemd_required_services_list_auto: []
 matrix_bot_honoroit_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-matrix-registration-bot/defaults/main.yml

@@ -45,7 +45,7 @@ matrix_bot_matrix_registration_bot_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-matrix-registration-bot.service depends on
 matrix_bot_matrix_registration_bot_systemd_required_services_list: "{{ matrix_bot_matrix_registration_bot_systemd_required_services_list_default + matrix_bot_matrix_registration_bot_systemd_required_services_list_auto + matrix_bot_matrix_registration_bot_systemd_required_services_list_custom }}"
-matrix_bot_matrix_registration_bot_systemd_required_services_list_default: ['docker.service']
+matrix_bot_matrix_registration_bot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_matrix_registration_bot_systemd_required_services_list_auto: []
 matrix_bot_matrix_registration_bot_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-matrix-reminder-bot/defaults/main.yml

@@ -33,7 +33,7 @@ matrix_bot_matrix_reminder_bot_container_additional_networks_custom: []
 
 # List of systemd services that matrix-bot-matrix-reminder-bot.service depends on
 matrix_bot_matrix_reminder_bot_systemd_required_services_list: "{{ matrix_bot_matrix_reminder_bot_systemd_required_services_list_default + matrix_bot_matrix_reminder_bot_systemd_required_services_list_auto + matrix_bot_matrix_reminder_bot_systemd_required_services_list_custom }}"
-matrix_bot_matrix_reminder_bot_systemd_required_services_list_default: ['docker.service']
+matrix_bot_matrix_reminder_bot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_matrix_reminder_bot_systemd_required_services_list_auto: []
 matrix_bot_matrix_reminder_bot_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-maubot/defaults/main.yml

@@ -5,6 +5,12 @@
 
 matrix_bot_maubot_enabled: true
 
+matrix_bot_maubot_login: bot.maubot
+
+# This is just initial password and it will not manage subsequent password changes.
+# Use a tool like synapse-admin if you need to change it.
+matrix_bot_maubot_initial_password: ''
+
 matrix_bot_maubot_scheme: https
 matrix_bot_maubot_hostname: ''
 matrix_bot_maubot_path_prefix: /_matrix/maubot
@@ -114,7 +120,7 @@ matrix_bot_maubot_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-maubot.service depends on
 matrix_bot_maubot_systemd_required_services_list: "{{ matrix_bot_maubot_systemd_required_services_list_default + matrix_bot_maubot_systemd_required_services_list_auto + matrix_bot_maubot_systemd_required_services_list_custom }}"
-matrix_bot_maubot_systemd_required_services_list_default: ['docker.service']
+matrix_bot_maubot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_maubot_systemd_required_services_list_auto: []
 matrix_bot_maubot_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-maubot/tasks/validate_config.yml

@@ -25,3 +25,4 @@
     - {'name': 'matrix_bot_maubot_container_network', when: true}
     - {'name': 'matrix_bot_maubot_homeserver_name', when: true}
     - {'name': 'matrix_bot_maubot_homeserver_url', when: true}
+    - {'name': 'matrix_bot_maubot_initial_password', when: true}

roles/custom/matrix-bot-mjolnir/defaults/main.yml

@@ -30,7 +30,7 @@ matrix_bot_mjolnir_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-mjolnir.service depends on
 matrix_bot_mjolnir_systemd_required_services_list: "{{ matrix_bot_mjolnir_systemd_required_services_list_default + matrix_bot_mjolnir_systemd_required_services_list_auto + matrix_bot_mjolnir_systemd_required_services_list_custom }}"
-matrix_bot_mjolnir_systemd_required_services_list_default: ['docker.service']
+matrix_bot_mjolnir_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_mjolnir_systemd_required_services_list_auto: []
 matrix_bot_mjolnir_systemd_required_services_list_custom: []
 

roles/custom/matrix-bot-postmoogle/defaults/main.yml

@@ -30,7 +30,7 @@ matrix_bot_postmoogle_container_extra_arguments: []
 
 # List of systemd services that matrix-bot-postmoogle.service depends on
 matrix_bot_postmoogle_systemd_required_services_list: "{{ matrix_bot_postmoogle_systemd_required_services_list_default + matrix_bot_postmoogle_systemd_required_services_list_auto + matrix_bot_postmoogle_systemd_required_services_list_custom }}"
-matrix_bot_postmoogle_systemd_required_services_list_default: ['docker.service']
+matrix_bot_postmoogle_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_bot_postmoogle_systemd_required_services_list_auto: []
 matrix_bot_postmoogle_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-appservice-discord/defaults/main.yml

@@ -40,7 +40,7 @@ matrix_appservice_discord_container_extra_arguments: []
 
 # List of systemd services that matrix-appservice-discord.service depends on.
 matrix_appservice_discord_systemd_required_services_list: "{{ matrix_appservice_discord_systemd_required_services_list_default + matrix_appservice_discord_systemd_required_services_list_auto + matrix_appservice_discord_systemd_required_services_list_custom }}"
-matrix_appservice_discord_systemd_required_services_list_default: ['docker.service']
+matrix_appservice_discord_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_appservice_discord_systemd_required_services_list_auto: []
 matrix_appservice_discord_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-appservice-irc/defaults/main.yml

@@ -382,7 +382,7 @@ matrix_appservice_irc_container_extra_arguments: []
 
 # List of systemd services that matrix-appservice-irc.service depends on.
 matrix_appservice_irc_systemd_required_services_list: "{{ matrix_appservice_irc_systemd_required_services_list_default + matrix_appservice_irc_systemd_required_services_list_auto + matrix_appservice_irc_systemd_required_services_list_custom }}"
-matrix_appservice_irc_systemd_required_services_list_default: ['docker.service']
+matrix_appservice_irc_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_appservice_irc_systemd_required_services_list_auto: []
 matrix_appservice_irc_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-appservice-kakaotalk/defaults/main.yml

@@ -55,7 +55,12 @@ matrix_appservice_kakaotalk_container_extra_arguments: []
 
 # List of systemd services that matrix-appservice-kakaotalk.service depends on.
 matrix_appservice_kakaotalk_systemd_required_services_list: "{{ matrix_appservice_kakaotalk_systemd_required_services_list_default + matrix_appservice_kakaotalk_systemd_required_services_list_auto + matrix_appservice_kakaotalk_systemd_required_services_list_custom }}"
-matrix_appservice_kakaotalk_systemd_required_services_list_default: ['docker.service', 'matrix-appservice-kakaotalk-node.service']
+matrix_appservice_kakaotalk_systemd_required_services_list_default: |-
+  {{
+    ([devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [])
+    +
+    ['matrix-appservice-kakaotalk-node.service']
+  }}
 matrix_appservice_kakaotalk_systemd_required_services_list_auto: []
 matrix_appservice_kakaotalk_systemd_required_services_list_custom: []
 
@@ -72,7 +77,7 @@ matrix_appservice_kakaotalk_container_additional_networks_custom: []
 matrix_appservice_kakaotalk_node_container_extra_arguments: []
 
 # List of systemd services that matrix-appservice-kakaotalk-node.service depends on.
-matrix_appservice_kakaotalk_node_systemd_required_services_list: ['docker.service']
+matrix_appservice_kakaotalk_node_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # List of systemd services that matrix-appservice-kakaotalk-node.service wants
 matrix_appservice_kakaotalk_node_systemd_wanted_services_list: []

roles/custom/matrix-bridge-appservice-slack/defaults/main.yml

@@ -81,7 +81,7 @@ matrix_appservice_slack_container_extra_arguments: []
 
 # List of systemd services that matrix-appservice-slack.service depends on.
 matrix_appservice_slack_systemd_required_services_list: "{{ matrix_appservice_slack_systemd_required_services_list_default + matrix_appservice_slack_systemd_required_services_list_auto + matrix_appservice_slack_systemd_required_services_list_custom }}"
-matrix_appservice_slack_systemd_required_services_list_default: ['docker.service']
+matrix_appservice_slack_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_appservice_slack_systemd_required_services_list_auto: []
 matrix_appservice_slack_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-appservice-webhooks/defaults/main.yml

@@ -77,7 +77,7 @@ matrix_appservice_webhooks_container_extra_arguments: []
 
 # List of systemd services that matrix-appservice-webhooks.service depends on.
 matrix_appservice_webhooks_systemd_required_services_list: "{{ matrix_appservice_webhooks_systemd_required_services_list_default + matrix_appservice_webhooks_systemd_required_services_list_auto + matrix_appservice_webhooks_systemd_required_services_list_custom }}"
-matrix_appservice_webhooks_systemd_required_services_list_default: ['docker.service']
+matrix_appservice_webhooks_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_appservice_webhooks_systemd_required_services_list_auto: []
 matrix_appservice_webhooks_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-beeper-linkedin/defaults/main.yml

@@ -49,7 +49,7 @@ matrix_beeper_linkedin_container_extra_arguments: []
 
 # List of systemd services that matrix-beeper-linkedin.service depends on.
 matrix_beeper_linkedin_systemd_required_services_list: "{{ matrix_beeper_linkedin_systemd_required_services_list_default + matrix_beeper_linkedin_systemd_required_services_list_auto + matrix_beeper_linkedin_systemd_required_services_list_custom }}"
-matrix_beeper_linkedin_systemd_required_services_list_default: ['docker.service']
+matrix_beeper_linkedin_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_beeper_linkedin_systemd_required_services_list_auto: []
 matrix_beeper_linkedin_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-go-skype-bridge/defaults/main.yml

@@ -34,7 +34,7 @@ matrix_go_skype_bridge_container_extra_arguments: []
 
 # List of systemd services that matrix-go-skype-bridge.service depends on.
 matrix_go_skype_bridge_systemd_required_services_list: "{{ matrix_go_skype_bridge_systemd_required_services_list_default + matrix_go_skype_bridge_systemd_required_services_list_auto + matrix_go_skype_bridge_systemd_required_services_list_custom }}"
-matrix_go_skype_bridge_systemd_required_services_list_default: ['docker.service']
+matrix_go_skype_bridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_go_skype_bridge_systemd_required_services_list_auto: []
 matrix_go_skype_bridge_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-heisenbridge/defaults/main.yml

@@ -32,7 +32,7 @@ matrix_heisenbridge_container_extra_arguments: []
 
 # List of systemd services that service depends on.
 matrix_heisenbridge_systemd_required_services_list: "{{ matrix_heisenbridge_systemd_required_services_list_default + matrix_heisenbridge_systemd_required_services_list_auto + matrix_heisenbridge_systemd_required_services_list_custom }}"
-matrix_heisenbridge_systemd_required_services_list_default: ['docker.service']
+matrix_heisenbridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_heisenbridge_systemd_required_services_list_auto: []
 matrix_heisenbridge_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-hookshot/defaults/main.yml

@@ -17,7 +17,7 @@ matrix_hookshot_container_additional_networks_auto: []
 matrix_hookshot_container_additional_networks_custom: []
 
 # renovate: datasource=docker depName=halfshot/matrix-hookshot
-matrix_hookshot_version: 5.3.0
+matrix_hookshot_version: 5.4.1
 
 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}"
 matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}"
@@ -295,7 +295,7 @@ matrix_hookshot_container_labels_additional_labels: ''
 
 # List of systemd services that service depends on.
 matrix_hookshot_systemd_required_services_list: "{{ matrix_hookshot_systemd_required_services_list_default + matrix_hookshot_systemd_required_services_list_auto + matrix_hookshot_systemd_required_services_list_custom }}"
-matrix_hookshot_systemd_required_services_list_default: ['docker.service']
+matrix_hookshot_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_hookshot_systemd_required_services_list_auto: []
 matrix_hookshot_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-discord/defaults/main.yml

@@ -45,7 +45,7 @@ matrix_mautrix_discord_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-discord.service depends on.
 matrix_mautrix_discord_systemd_required_services_list: "{{ matrix_mautrix_discord_systemd_required_services_list_default + matrix_mautrix_discord_systemd_required_services_list_auto + matrix_mautrix_discord_systemd_required_services_list_custom }}"
-matrix_mautrix_discord_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_discord_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_discord_systemd_required_services_list_auto: []
 matrix_mautrix_discord_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-facebook/defaults/main.yml

@@ -80,7 +80,7 @@ matrix_mautrix_facebook_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-facebook.service depends on.
 matrix_mautrix_facebook_systemd_required_services_list: "{{ matrix_mautrix_facebook_systemd_required_services_list_default + matrix_mautrix_facebook_systemd_required_services_list_auto + matrix_mautrix_facebook_systemd_required_services_list_custom }}"
-matrix_mautrix_facebook_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_facebook_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_facebook_systemd_required_services_list_auto: []
 matrix_mautrix_facebook_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-gmessages/defaults/main.yml

@@ -9,7 +9,7 @@ matrix_mautrix_gmessages_container_image_self_build_repo: "https://github.com/ma
 matrix_mautrix_gmessages_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_gmessages_version == 'latest' else matrix_mautrix_gmessages_version }}"
 
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/gmessages
-matrix_mautrix_gmessages_version: v0.4.1
+matrix_mautrix_gmessages_version: v0.4.2
 
 # See: https://mau.dev/mautrix/gmessages/container_registry
 matrix_mautrix_gmessages_docker_image: "{{ matrix_mautrix_gmessages_docker_image_name_prefix }}mautrix/gmessages:{{ matrix_mautrix_gmessages_version }}"
@@ -67,7 +67,7 @@ matrix_mautrix_gmessages_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-gmessages.service depends on.
 matrix_mautrix_gmessages_systemd_required_services_list: "{{ matrix_mautrix_gmessages_systemd_required_services_list_default + matrix_mautrix_gmessages_systemd_required_services_list_auto + matrix_mautrix_gmessages_systemd_required_services_list_custom }}"
-matrix_mautrix_gmessages_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_gmessages_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_gmessages_systemd_required_services_list_auto: []
 matrix_mautrix_gmessages_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-googlechat/defaults/main.yml

@@ -83,7 +83,7 @@ matrix_mautrix_googlechat_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-googlechat.service depends on.
 matrix_mautrix_googlechat_systemd_required_services_list: "{{ matrix_mautrix_googlechat_systemd_required_services_list_default + matrix_mautrix_googlechat_systemd_required_services_list_auto + matrix_mautrix_googlechat_systemd_required_services_list_custom }}"
-matrix_mautrix_googlechat_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_googlechat_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_googlechat_systemd_required_services_list_auto: []
 matrix_mautrix_googlechat_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-hangouts/defaults/main.yml

@@ -89,7 +89,7 @@ matrix_mautrix_hangouts_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-hangouts.service depends on.
 matrix_mautrix_hangouts_systemd_required_services_list: "{{ matrix_mautrix_hangouts_systemd_required_services_list_default + matrix_mautrix_hangouts_systemd_required_services_list_auto + matrix_mautrix_hangouts_systemd_required_services_list_custom }}"
-matrix_mautrix_hangouts_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_hangouts_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_hangouts_systemd_required_services_list_auto: []
 matrix_mautrix_hangouts_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-instagram/defaults/main.yml

@@ -72,7 +72,7 @@ matrix_mautrix_instagram_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-instagram.service depends on.
 matrix_mautrix_instagram_systemd_required_services_list: "{{ matrix_mautrix_instagram_systemd_required_services_list_default + matrix_mautrix_instagram_systemd_required_services_list_auto + matrix_mautrix_instagram_systemd_required_services_list_custom }}"
-matrix_mautrix_instagram_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_instagram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_instagram_systemd_required_services_list_auto: []
 matrix_mautrix_instagram_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-meta-instagram/defaults/main.yml

@@ -69,7 +69,7 @@ matrix_mautrix_meta_instagram_container_extra_arguments: []
 
 # List of systemd services that the systemd service depends on.
 matrix_mautrix_meta_instagram_systemd_required_services_list: "{{ matrix_mautrix_meta_instagram_systemd_required_services_list_default + matrix_mautrix_meta_instagram_systemd_required_services_list_auto + matrix_mautrix_meta_instagram_systemd_required_services_list_custom }}"
-matrix_mautrix_meta_instagram_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_meta_instagram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_meta_instagram_systemd_required_services_list_auto: []
 matrix_mautrix_meta_instagram_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-meta-messenger/defaults/main.yml

@@ -69,7 +69,7 @@ matrix_mautrix_meta_messenger_container_extra_arguments: []
 
 # List of systemd services that the systemd service depends on.
 matrix_mautrix_meta_messenger_systemd_required_services_list: "{{ matrix_mautrix_meta_messenger_systemd_required_services_list_default + matrix_mautrix_meta_messenger_systemd_required_services_list_auto + matrix_mautrix_meta_messenger_systemd_required_services_list_custom }}"
-matrix_mautrix_meta_messenger_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_meta_messenger_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_meta_messenger_systemd_required_services_list_auto: []
 matrix_mautrix_meta_messenger_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-signal/defaults/main.yml

@@ -9,7 +9,7 @@ matrix_mautrix_signal_container_image_self_build_repo: "https://mau.dev/mautrix/
 matrix_mautrix_signal_container_image_self_build_branch: "{{ 'main' if matrix_mautrix_signal_version == 'latest' else matrix_mautrix_signal_version }}"
 
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/signal
-matrix_mautrix_signal_version: v0.6.1
+matrix_mautrix_signal_version: v0.6.2
 
 # See: https://mau.dev/mautrix/signal/container_registry
 matrix_mautrix_signal_docker_image: "{{ matrix_mautrix_signal_docker_image_name_prefix }}mautrix/signal:{{ matrix_mautrix_signal_docker_image_tag }}"
@@ -80,7 +80,7 @@ matrix_mautrix_signal_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-signal.service depends on.
 matrix_mautrix_signal_systemd_required_services_list: "{{ matrix_mautrix_signal_systemd_required_services_list_default + matrix_mautrix_signal_systemd_required_services_list_auto + matrix_mautrix_signal_systemd_required_services_list_custom }}"
-matrix_mautrix_signal_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_signal_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_signal_systemd_required_services_list_auto: []
 matrix_mautrix_signal_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-slack/defaults/main.yml

@@ -43,7 +43,7 @@ matrix_mautrix_slack_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-slack.service depends on.
 matrix_mautrix_slack_systemd_required_services_list: "{{ matrix_mautrix_slack_systemd_required_services_list_default + matrix_mautrix_slack_systemd_required_services_list_auto + matrix_mautrix_slack_systemd_required_services_list_custom }}"
-matrix_mautrix_slack_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_slack_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_slack_systemd_required_services_list_auto: []
 matrix_mautrix_slack_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-telegram/defaults/main.yml

@@ -131,7 +131,7 @@ matrix_mautrix_telegram_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-telegram.service depends on.
 matrix_mautrix_telegram_systemd_required_services_list: "{{ matrix_mautrix_telegram_systemd_required_services_list_default + matrix_mautrix_telegram_systemd_required_services_list_auto + matrix_mautrix_telegram_systemd_required_services_list_custom }}"
-matrix_mautrix_telegram_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_telegram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_telegram_systemd_required_services_list_auto: []
 matrix_mautrix_telegram_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-twitter/defaults/main.yml

@@ -72,7 +72,7 @@ matrix_mautrix_twitter_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-twitter.service depends on.
 matrix_mautrix_twitter_systemd_required_services_list: "{{ matrix_mautrix_twitter_systemd_required_services_list_default + matrix_mautrix_twitter_systemd_required_services_list_auto + matrix_mautrix_twitter_systemd_required_services_list_custom }}"
-matrix_mautrix_twitter_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_twitter_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_twitter_systemd_required_services_list_auto: []
 matrix_mautrix_twitter_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml

@@ -9,7 +9,7 @@ matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautri
 matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
 
 # renovate: datasource=docker depName=dock.mau.dev/mautrix/whatsapp
-matrix_mautrix_whatsapp_version: v0.10.7
+matrix_mautrix_whatsapp_version: v0.10.8
 
 # See: https://mau.dev/mautrix/whatsapp/container_registry
 matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}"
@@ -69,7 +69,7 @@ matrix_mautrix_whatsapp_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-whatsapp.service depends on.
 matrix_mautrix_whatsapp_systemd_required_services_list: "{{ matrix_mautrix_whatsapp_systemd_required_services_list_default + matrix_mautrix_whatsapp_systemd_required_services_list_auto + matrix_mautrix_whatsapp_systemd_required_services_list_custom }}"
-matrix_mautrix_whatsapp_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_whatsapp_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_whatsapp_systemd_required_services_list_auto: []
 matrix_mautrix_whatsapp_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mautrix-wsproxy/defaults/main.yml

@@ -63,7 +63,7 @@ matrix_mautrix_wsproxy_container_extra_arguments: []
 
 # List of systemd services that matrix-mautrix-wsproxy.service depends on.
 matrix_mautrix_wsproxy_systemd_required_services_list: "{{ matrix_mautrix_wsproxy_systemd_required_services_list_default + matrix_mautrix_wsproxy_systemd_required_services_list_auto + matrix_mautrix_wsproxy_systemd_required_services_list_custom }}"
-matrix_mautrix_wsproxy_systemd_required_services_list_default: ['docker.service']
+matrix_mautrix_wsproxy_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mautrix_wsproxy_systemd_required_services_list_auto: []
 matrix_mautrix_wsproxy_systemd_required_services_list_custom: []
 
@@ -141,7 +141,12 @@ matrix_mautrix_wsproxy_syncproxy_docker_image: "dock.mau.dev/mautrix/syncproxy:{
 matrix_mautrix_wsproxy_syncproxy_docker_image_force_pull: "{{ matrix_mautrix_wsproxy_syncproxy_docker_image.endswith(':latest') }}"
 matrix_mautrix_wsproxy_syncproxy_container_extra_arguments: []
 
-matrix_mautrix_wsproxy_syncproxy_systemd_required_services_list: ['docker.service', 'matrix-mautrix-wsproxy.service']
+matrix_mautrix_wsproxy_syncproxy_systemd_required_services_list: |-
+  {{
+    ([devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [])
+    +
+    ['matrix-mautrix-wsproxy.service']
+  }}
 matrix_mautrix_wsproxy_syncproxy_systemd_wanted_services_list: []
 
 matrix_mautrix_wsproxy_syncproxy_homeserver_url: ''

roles/custom/matrix-bridge-mx-puppet-discord/defaults/main.yml

@@ -55,7 +55,7 @@ matrix_mx_puppet_discord_container_extra_arguments: []
 
 # List of systemd services that matrix-puppet-discord.service depends on.
 matrix_mx_puppet_discord_systemd_required_services_list: "{{ matrix_mx_puppet_discord_systemd_required_services_list_default + matrix_mx_puppet_discord_systemd_required_services_list_auto + matrix_mx_puppet_discord_systemd_required_services_list_custom }}"
-matrix_mx_puppet_discord_systemd_required_services_list_default: ['docker.service']
+matrix_mx_puppet_discord_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mx_puppet_discord_systemd_required_services_list_auto: []
 matrix_mx_puppet_discord_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mx-puppet-groupme/defaults/main.yml

@@ -51,7 +51,7 @@ matrix_mx_puppet_groupme_container_extra_arguments: []
 
 # List of systemd services that matrix-puppet-groupme.service depends on.
 matrix_mx_puppet_groupme_systemd_required_services_list: "{{ matrix_mx_puppet_groupme_systemd_required_services_list_default + matrix_mx_puppet_groupme_systemd_required_services_list_auto + matrix_mx_puppet_groupme_systemd_required_services_list_custom }}"
-matrix_mx_puppet_groupme_systemd_required_services_list_default: ['docker.service']
+matrix_mx_puppet_groupme_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mx_puppet_groupme_systemd_required_services_list_auto: []
 matrix_mx_puppet_groupme_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mx-puppet-instagram/defaults/main.yml

@@ -46,7 +46,7 @@ matrix_mx_puppet_instagram_container_extra_arguments: []
 
 # List of systemd services that matrix-puppet-instagram.service depends on.
 matrix_mx_puppet_instagram_systemd_required_services_list: "{{ matrix_mx_puppet_instagram_systemd_required_services_list_default + matrix_mx_puppet_instagram_systemd_required_services_list_auto + matrix_mx_puppet_instagram_systemd_required_services_list_custom }}"
-matrix_mx_puppet_instagram_systemd_required_services_list_default: ['docker.service']
+matrix_mx_puppet_instagram_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mx_puppet_instagram_systemd_required_services_list_auto: []
 matrix_mx_puppet_instagram_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mx-puppet-slack/defaults/main.yml

@@ -92,7 +92,7 @@ matrix_mx_puppet_slack_container_extra_arguments: []
 
 # List of systemd services that matrix-puppet-slack.service depends on.
 matrix_mx_puppet_slack_systemd_required_services_list: "{{ matrix_mx_puppet_slack_systemd_required_services_list_default + matrix_mx_puppet_slack_systemd_required_services_list_auto + matrix_mx_puppet_slack_systemd_required_services_list_custom }}"
-matrix_mx_puppet_slack_systemd_required_services_list_default: ['docker.service']
+matrix_mx_puppet_slack_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mx_puppet_slack_systemd_required_services_list_auto: []
 matrix_mx_puppet_slack_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mx-puppet-steam/defaults/main.yml

@@ -52,7 +52,7 @@ matrix_mx_puppet_steam_container_extra_arguments: []
 
 # List of systemd services that matrix-puppet-steam.service depends on.
 matrix_mx_puppet_steam_systemd_required_services_list: "{{ matrix_mx_puppet_steam_systemd_required_services_list_default + matrix_mx_puppet_steam_systemd_required_services_list_auto + matrix_mx_puppet_steam_systemd_required_services_list_custom }}"
-matrix_mx_puppet_steam_systemd_required_services_list_default: ['docker.service']
+matrix_mx_puppet_steam_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mx_puppet_steam_systemd_required_services_list_auto: []
 matrix_mx_puppet_steam_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-mx-puppet-twitter/defaults/main.yml

@@ -92,7 +92,7 @@ matrix_mx_puppet_twitter_container_extra_arguments: []
 
 # List of systemd services that mx-puppet-twitter.service depends on.
 matrix_mx_puppet_twitter_systemd_required_services_list: "{{ matrix_mx_puppet_twitter_systemd_required_services_list_default + matrix_mx_puppet_twitter_systemd_required_services_list_auto + matrix_mx_puppet_twitter_systemd_required_services_list_custom }}"
-matrix_mx_puppet_twitter_systemd_required_services_list_default: ['docker.service']
+matrix_mx_puppet_twitter_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_mx_puppet_twitter_systemd_required_services_list_auto: []
 matrix_mx_puppet_twitter_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-sms/defaults/main.yml

@@ -28,7 +28,7 @@ matrix_sms_bridge_container_extra_arguments: []
 
 # List of systemd services that service depends on.
 matrix_sms_bridge_systemd_required_services_list: "{{ matrix_sms_bridge_systemd_required_services_list_default + matrix_sms_bridge_systemd_required_services_list_auto + matrix_sms_bridge_systemd_required_services_list_custom }}"
-matrix_sms_bridge_systemd_required_services_list_default: ['docker.service']
+matrix_sms_bridge_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_sms_bridge_systemd_required_services_list_auto: []
 matrix_sms_bridge_systemd_required_services_list_custom: []
 

roles/custom/matrix-bridge-wechat/defaults/main.yml

@@ -0,0 +1,152 @@
+---
+
+# WeChat Bridge is a Matrix <-> WeChat bridge
+# Project source code URL: https://github.com/duo/matrix-wechat
+
+matrix_wechat_enabled: true
+
+# renovate: datasource=docker depName=lxduo/matrix-wechat
+matrix_wechat_version: 0.2.4
+matrix_wechat_container_image: "{{ matrix_wechat_container_image_name_prefix }}lxduo/matrix-wechat:{{ matrix_wechat_version }}"
+matrix_wechat_container_image_name_prefix: "{{ 'localhost/' if matrix_wechat_container_image_self_build else matrix_container_global_registry_prefix }}"
+matrix_wechat_container_image_force_pull: "{{ matrix_wechat_container_image.endswith(':latest') }}"
+
+matrix_wechat_container_image_self_build: false
+matrix_wechat_container_image_self_build_repo: "https://github.com/duo/matrix-wechat.git"
+matrix_wechat_container_image_self_build_branch: "{{ 'master' if matrix_wechat_version == 'latest' else matrix_wechat_version }}"
+
+# renovate: datasource=docker depName=lxduo/matrix-wechat-agent
+matrix_wechat_agent_version: 0.0.1
+matrix_wechat_agent_container_image: "{{ matrix_wechat_agent_container_image_name_prefix }}lxduo/matrix-wechat-agent:{{ matrix_wechat_agent_version }}"
+matrix_wechat_agent_container_image_name_prefix: "{{ 'localhost/' if matrix_wechat_agent_container_image_self_build else matrix_container_global_registry_prefix }}"
+matrix_wechat_agent_container_image_force_pull: "{{ matrix_wechat_agent_container_image.endswith(':latest') }}"
+
+# The agent needs to write to /home/user/.vnc.
+# `/home/user` is owned by `user:group` (`1000:1000`), so it needs to run with that user/group.
+matrix_wechat_agent_container_user_uid: 1000
+matrix_wechat_agent_container_user_gid: 1000
+
+matrix_wechat_agent_container_image_self_build: false
+matrix_wechat_agent_container_image_self_build_repo: "https://github.com/duo/matrix-wechat-agent.git"
+matrix_wechat_agent_container_image_self_build_branch: "{{ 'master' if matrix_wechat_agent_version == 'latest' else matrix_wechat_agent_version }}"
+
+matrix_wechat_base_path: "{{ matrix_base_data_path }}/wechat"
+matrix_wechat_config_path: "{{ matrix_wechat_base_path }}/config"
+matrix_wechat_data_path: "{{ matrix_wechat_base_path }}/data"
+matrix_wechat_container_src_files_path: "{{ matrix_wechat_base_path }}/container-src"
+matrix_wechat_agent_container_src_files_path: "{{ matrix_wechat_base_path }}/agent-container-src"
+
+matrix_wechat_homeserver_address: ""
+matrix_wechat_homeserver_domain: "{{ matrix_domain }}"
+matrix_wechat_appservice_address: 'http://matrix-wechat:8080'
+
+matrix_wechat_container_network: ""
+
+matrix_wechat_container_additional_networks: "{{ matrix_wechat_container_additional_networks_auto + matrix_wechat_container_additional_networks_custom }}"
+matrix_wechat_container_additional_networks_auto: []
+matrix_wechat_container_additional_networks_custom: []
+
+# A list of extra arguments to pass to the container
+matrix_wechat_container_extra_arguments: []
+
+# List of systemd services that matrix-wechat.service depends on.
+matrix_wechat_systemd_required_services_list: "{{ matrix_wechat_systemd_required_services_list_default + matrix_wechat_systemd_required_services_list_auto + matrix_wechat_systemd_required_services_list_custom }}"
+matrix_wechat_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
+matrix_wechat_systemd_required_services_list_auto: []
+matrix_wechat_systemd_required_services_list_custom: []
+
+# List of systemd services that matrix-wechat.service wants
+matrix_wechat_systemd_wanted_services_list: []
+
+matrix_wechat_appservice_token: ''
+matrix_wechat_homeserver_token: ''
+
+matrix_wechat_appservice_bot_username: wechatbot
+
+matrix_wechat_command_prefix: "!wechat"
+
+# Whether or not created rooms should have federation enabled.
+# If false, created portal rooms will never be federated.
+matrix_wechat_federate_rooms: true
+
+# Database-related configuration fields.
+matrix_wechat_database_engine: 'postgres'
+matrix_wechat_database_username: 'matrix_wechat'
+matrix_wechat_database_password: 'some-password'
+matrix_wechat_database_hostname: ''
+matrix_wechat_database_port: 5432
+matrix_wechat_database_name: 'matrix_wechat'
+matrix_wechat_database_sslmode: disable
+matrix_wechat_database_connection_string: 'postgresql://{{ matrix_wechat_database_username }}:{{ matrix_wechat_database_password }}@{{ matrix_wechat_database_hostname }}:{{ matrix_wechat_database_port }}/{{ matrix_wechat_database_name }}?sslmode={{ matrix_wechat_database_sslmode }}'
+
+matrix_wechat_bridge_listen_secret: ''
+
+# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
+matrix_wechat_login_shared_secret: ''
+matrix_wechat_login_shared_secret_map:
+  "{{ {matrix_wechat_homeserver_domain: matrix_wechat_login_shared_secret} if matrix_wechat_login_shared_secret else {} }}"
+
+# Servers to always allow double puppeting from
+matrix_wechat_double_puppet_server_map:
+  "{{ matrix_wechat_homeserver_domain: matrix_wechat_homeserver_address }}"
+
+# Enable End-to-bridge encryption
+matrix_wechat_encryption_allow: "{{ matrix_bridges_encryption_enabled }}"
+matrix_wechat_encryption_default: "{{ matrix_wechat_encryption_allow }}"
+
+# Minimum severity of journal log messages.
+# Options: debug, info, warn, error, fatal
+matrix_wechat_log_level: 'warn'
+
+matrix_wechat_permissions: |
+  {{
+    {matrix_wechat_homeserver_domain: 'user'}
+    | combine({matrix_admin: 'admin'} if matrix_admin else {})
+  }}
+
+# Default Wechat configuration template which covers the generic use case.
+# You can customize it by controlling the various variables inside it.
+#
+# For a more advanced customization, you can extend the default (see `matrix_wechat_configuration_extension_yaml`)
+# or completely replace this variable with your own template.
+matrix_wechat_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
+
+matrix_wechat_configuration_extension_yaml: |
+  # Your custom YAML configuration goes here.
+  # This configuration extends the default starting configuration (`matrix_wechat_configuration_yaml`).
+  #
+  # You can override individual variables from the default configuration, or introduce new ones.
+  #
+  # If you need something more special, you can take full control by
+  # completely redefining `matrix_wechat_configuration_yaml`.
+
+matrix_wechat_configuration_extension: "{{ matrix_wechat_configuration_extension_yaml | from_yaml if matrix_wechat_configuration_extension_yaml | from_yaml is mapping else {} }}"
+
+# Holds the final configuration (a combination of the default and its extension).
+# You most likely don't need to touch this variable. Instead, see `matrix_wechat_configuration_yaml`.
+matrix_wechat_configuration: "{{ matrix_wechat_configuration_yaml | from_yaml | combine(matrix_wechat_configuration_extension, recursive=True) }}"
+
+matrix_wechat_registration_yaml: |
+  id: wechat
+  url: {{ matrix_wechat_appservice_address }}
+  as_token: "{{ matrix_wechat_appservice_token }}"
+  hs_token: "{{ matrix_wechat_homeserver_token }}"
+  # See https://github.com/mautrix/signal/issues/43
+  sender_localpart: _bot_{{ matrix_wechat_appservice_bot_username }}
+  rate_limited: false
+  namespaces:
+      users:
+      - regex: '^@_wechat_(.*):{{ matrix_wechat_homeserver_domain | regex_escape }}$'
+        exclusive: true
+      - exclusive: true
+        regex: '^@{{ matrix_wechat_appservice_bot_username | regex_escape }}:{{ matrix_wechat_homeserver_domain | regex_escape }}$'
+  de.sorunome.msc2409.push_ephemeral: true
+
+matrix_wechat_registration: "{{ matrix_wechat_registration_yaml | from_yaml }}"
+
+
+matrix_wechat_agent_service_secret: "{{ matrix_wechat_bridge_listen_secret }}"
+
+matrix_wechat_agent_configuration_yaml: "{{ lookup('template', 'templates/agent-config.yaml.j2') }}"
+
+matrix_wechat_agent_configuration: "{{ matrix_wechat_agent_configuration_yaml | from_yaml }}"

roles/custom/matrix-bridge-wechat/tasks/install.yml

@@ -0,0 +1,129 @@
+---
+
+- name: Ensure WeChat Bridge paths exists
+  ansible.builtin.file:
+    path: "{{ item.path }}"
+    state: directory
+    mode: 0750
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - {path: "{{ matrix_wechat_base_path }}", when: true}
+    - {path: "{{ matrix_wechat_config_path }}", when: true}
+    - {path: "{{ matrix_wechat_data_path }}", when: true}
+    - {path: "{{ matrix_wechat_container_src_files_path }}", when: "{{ matrix_wechat_container_image_self_build }}"}
+    - {path: "{{ matrix_wechat_agent_container_src_files_path }}", when: "{{ matrix_wechat_agent_container_image_self_build }}"}
+  when: item.when | bool
+
+- name: Ensure WeChat Bridge image is pulled
+  community.docker.docker_image:
+    name: "{{ matrix_wechat_container_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_wechat_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_container_image_force_pull }}"
+  when: not matrix_wechat_container_image_self_build
+  register: result
+  retries: "{{ devture_playbook_help_container_retries_count }}"
+  delay: "{{ devture_playbook_help_container_retries_delay }}"
+  until: result is not failed
+
+- when: matrix_wechat_container_image_self_build | bool
+  block:
+    - name: Ensure WeChat Bridge repository is present on self-build
+      ansible.builtin.git:
+        repo: "{{ matrix_wechat_container_image_self_build_repo }}"
+        dest: "{{ matrix_wechat_container_src_files_path }}"
+        version: "{{ matrix_wechat_container_image_self_build_branch }}"
+        force: "yes"
+      become: true
+      become_user: "{{ matrix_user_username }}"
+      register: matrix_wechat_git_pull_results
+
+    - name: Ensure WeChat Bridge container image is built
+      community.docker.docker_image:
+        name: "{{ matrix_wechat_container_image }}"
+        source: build
+        force_source: "{{ matrix_wechat_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+        force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_git_pull_results.changed }}"
+        build:
+          dockerfile: Dockerfile
+          path: "{{ matrix_wechat_container_src_files_path }}"
+          pull: true
+
+- name: Ensure WeChat Agent image is pulled
+  community.docker.docker_image:
+    name: "{{ matrix_wechat_agent_container_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_wechat_agent_container_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_agent_container_image_force_pull }}"
+  when: not matrix_wechat_agent_container_image_self_build
+  register: result
+  retries: "{{ devture_playbook_help_container_retries_count }}"
+  delay: "{{ devture_playbook_help_container_retries_delay }}"
+  until: result is not failed
+
+- when: matrix_wechat_agent_container_image_self_build | bool
+  block:
+    - name: Ensure WeChat Agent repository is present on self-build
+      ansible.builtin.git:
+        repo: "{{ matrix_wechat_agent_container_image_self_build_repo }}"
+        dest: "{{ matrix_wechat_agent_container_src_files_path }}"
+        version: "{{ matrix_wechat_agent_container_image_self_build_branch }}"
+        force: "yes"
+      become: true
+      become_user: "{{ matrix_user_username }}"
+      register: matrix_wechat_agent_git_pull_results
+
+    - name: Ensure WeChat Agent container image is built
+      community.docker.docker_image:
+        name: "{{ matrix_wechat_agent_container_image }}"
+        source: build
+        force_source: "{{ matrix_wechat_agent_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+        force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_wechat_agent_git_pull_results.changed }}"
+        build:
+          dockerfile: Dockerfile
+          path: "{{ matrix_wechat_agent_container_src_files_path }}"
+          pull: true
+
+- name: Ensure WeChat configuration installed
+  ansible.builtin.copy:
+    content: "{{ matrix_wechat_configuration | to_nice_yaml(indent=2, width=999999) }}"
+    dest: "{{ matrix_wechat_config_path }}/config.yaml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure WeChat registration.yaml installed
+  ansible.builtin.copy:
+    content: "{{ matrix_wechat_registration | to_nice_yaml(indent=2, width=999999) }}"
+    dest: "{{ matrix_wechat_config_path }}/registration.yaml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure Wechat Agent configuration installed
+  ansible.builtin.copy:
+    content: "{{ matrix_wechat_agent_configuration | to_nice_yaml(indent=2, width=999999) }}"
+    dest: "{{ matrix_wechat_config_path }}/agent-config.yaml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure matrix-wechat container network is created
+  community.general.docker_network:
+    name: "{{ matrix_wechat_container_network }}"
+    driver: bridge
+
+- name: Ensure matrix-wechat.service installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/systemd/matrix-wechat.service.j2"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-wechat.service"
+    mode: 0644
+  register: matrix_wechat_systemd_service_result
+
+- name: Ensure matrix-wechat-agent.service installed
+  ansible.builtin.template:
+    src: "{{ role_path }}/templates/systemd/matrix-wechat-agent.service.j2"
+    dest: "{{ devture_systemd_docker_base_systemd_path }}/matrix-wechat-agent.service"
+    mode: 0644
+  register: matrix_wechat_agent_systemd_service_result

roles/custom/matrix-bridge-wechat/tasks/main.yml

@@ -0,0 +1,20 @@
+---
+
+- tags:
+    - setup-all
+    - setup-wechat
+    - install-all
+    - install-wechat
+  block:
+    - when: matrix_wechat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/validate_config.yml"
+
+    - when: matrix_wechat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/install.yml"
+
+- tags:
+    - setup-all
+    - setup-wechat
+  block:
+    - when: not matrix_wechat_enabled | bool
+      ansible.builtin.include_tasks: "{{ role_path }}/tasks/uninstall.yml"

roles/custom/matrix-bridge-wechat/tasks/uninstall.yml

@@ -0,0 +1,39 @@
+---
+
+- name: Check existence of matrix-wechat service
+  ansible.builtin.stat:
+    path: "/etc/systemd/system/matrix-wechat.service"
+  register: matrix_wechat_service_stat
+
+- when: matrix_wechat_service_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-wechat is stopped
+      ansible.builtin.service:
+        name: matrix-wechat
+        state: stopped
+        enabled: false
+        daemon_reload: true
+
+    - name: Ensure matrix-wechat.service doesn't exist
+      ansible.builtin.file:
+        path: "/etc/systemd/system/matrix-wechat.service"
+        state: absent
+
+- name: Check existence of matrix-wechat-agent service
+  ansible.builtin.stat:
+    path: "/etc/systemd/system/matrix-wechat-agent.service"
+  register: matrix_wechat_agent_service_stat
+
+- when: matrix_wechat_agent_service_stat.stat.exists | bool
+  block:
+    - name: Ensure matrix-wechat-agent is stopped
+      ansible.builtin.service:
+        name: matrix-wechat-agent
+        state: stopped
+        enabled: false
+        daemon_reload: true
+
+    - name: Ensure matrix-wechat-agent.service doesn't exist
+      ansible.builtin.file:
+        path: "/etc/systemd/system/matrix-wechat-agent.service"
+        state: absent

roles/custom/matrix-bridge-wechat/tasks/validate_config.yml

@@ -0,0 +1,19 @@
+---
+
+- name: Fail if required WeChat settings not defined
+  ansible.builtin.fail:
+    msg: >-
+      You need to define a required configuration setting (`{{ item.name }}`).
+  when: "item.when | bool and vars[item.name] == ''"
+  with_items:
+    - {'name': 'matrix_wechat_appservice_token', when: true}
+    - {'name': 'matrix_wechat_homeserver_address', when: true}
+    - {'name': 'matrix_wechat_homeserver_token', when: true}
+    - {'name': 'matrix_wechat_database_hostname', when: "{{ matrix_wechat_database_engine == 'postgres' }}"}
+    - {'name': 'matrix_wechat_container_network', when: true}
+    - {'name': 'matrix_wechat_bridge_listen_secret', when: true}
+
+- name: Fail if WeChat enabled on ARM64 (not supported by the wechat agent, even with self-building)
+  when: matrix_architecture not in ['amd64']
+  ansible.builtin.fail:
+    msg: "The WeChat Agent does not support the '{{ matrix_architecture }}' architecture yet. Its Dockerfile downloads amd64 binaries and does not work on arm64."

roles/custom/matrix-bridge-wechat/templates/agent-config.yaml.j2

@@ -0,0 +1,13 @@
+wechat:
+  version: 3.8.1.26
+  listen_port: 22222
+  init_timeout: 10s
+  request_timeout: 30s
+
+service:
+  addr: ws://matrix-wechat:20002
+  secret: {{ matrix_wechat_bridge_listen_secret | to_json }}
+  ping_interval: 30s
+
+log:
+  level: info

roles/custom/matrix-bridge-wechat/templates/config.yaml.j2

@@ -0,0 +1,265 @@
+#jinja2: lstrip_blocks: "True"
+# Homeserver details.
+homeserver:
+    # The address that this appservice can use to connect to the homeserver.
+    address: {{ matrix_wechat_homeserver_address | to_json }}
+    # The domain of the homeserver (for MXIDs, etc).
+    domain: {{ matrix_wechat_homeserver_domain | to_json }}
+
+    # What software is the homeserver running?
+    # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
+    software: standard
+    # The URL to push real-time bridge status to.
+    # If set, the bridge will make POST requests to this URL whenever a user's connection state changes.
+    # The bridge will use the appservice as_token to authorize requests.
+    status_endpoint: null
+    # Endpoint for reporting per-message status.
+    message_send_checkpoint_endpoint: null
+    # Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
+    async_media: false
+
+    # Should the bridge use a websocket for connecting to the homeserver?
+    # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy,
+    # mautrix-asmux (deprecated), and hungryserv (proprietary).
+    websocket: false
+    # How often should the websocket be pinged? Pinging will be disabled if this is zero.
+    ping_interval_seconds: 0
+
+# Application service host/registration related details.
+# Changing these values requires regeneration of the registration.
+appservice:
+    # The address that the homeserver can use to connect to this appservice.
+    address: {{ matrix_wechat_appservice_address | to_json }}
+
+    # The hostname and port where this appservice should listen.
+    hostname: 0.0.0.0
+    port: 8080
+
+    # Database config.
+    database:
+        # The database type. "sqlite3" and "postgres" are supported.
+        type: postgres
+        # The database URI.
+        #   SQLite: File name is enough. https://github.com/mattn/go-sqlite3#connection-string
+        #   Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable
+        #             To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
+        uri: {{ matrix_wechat_database_connection_string | to_json }}
+        # Maximum number of connections. Mostly relevant for Postgres.
+        max_open_conns: 20
+        max_idle_conns: 2
+        # Maximum connection idle time and lifetime before they're closed. Disabled if null.
+        # Parsed with https://pkg.go.dev/time#ParseDuration
+        max_conn_idle_time: null
+        max_conn_lifetime: null
+
+    # The unique ID of this appservice.
+    id: wechat
+    # Appservice bot details.
+    bot:
+        # Username of the appservice bot.
+        username: {{ matrix_wechat_appservice_bot_username | to_json }}
+        # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
+        # to leave display name/avatar as-is.
+        displayname: WeChat bridge bot
+        avatar: mxc://matrix.org/rddVQBTjOOmNkNLXWfYJNfPW
+
+    # Whether or not to receive ephemeral events via appservice transactions.
+    # Requires MSC2409 support (i.e. Synapse 1.22+).
+    ephemeral_events: true
+
+    # Should incoming events be handled asynchronously?
+    # This may be necessary for large public instances with lots of messages going through.
+    # However, messages will not be guaranteed to be bridged in the same order they were sent in.
+    async_transactions: false
+
+    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
+    as_token: {{ matrix_wechat_appservice_token | to_json }}
+    hs_token: {{ matrix_wechat_homeserver_token | to_json }}
+
+# Bridge config
+bridge:
+    # Localpart template of MXIDs for WeChat users.
+    # {% raw %}{{.}}{% endraw %} is replaced with the uin of the WeChat user.
+    username_template: {% raw %}_wechat_{{.}}{% endraw %}
+    # Displayname template for WeChat users.
+    displayname_template: "{% raw %}{{if .Name}}{{.Name}}{{else}}{{.Uin}}{{end}} (WeChat){% endraw %}"
+    # WeChat listen address (for agent connection)
+    listen_address: "0.0.0.0:20002"
+    listen_secret: {{ matrix_wechat_bridge_listen_secret | to_json }}
+    # Should the bridge create a space for each logged-in user and add bridged rooms to it?
+    # Users who logged in before turning this on should run `!wa sync space` to create and fill the space for the first time.
+    personal_filtering_spaces: true
+    # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
+    message_status_events: false
+    # Whether the bridge should send error notices via m.notice events when a message fails to bridge.
+    message_error_notices: true
+    portal_message_buffer: 128
+    # Enable redaction
+    allow_redaction: false
+    # Should puppet avatars be fetched from the server even if an avatar is already set?
+    user_avatar_sync: true
+    # Should the bridge update the m.direct account data event when double puppeting is enabled.
+    # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
+    # and is therefore prone to race conditions.
+    sync_direct_chat_list: false
+    # When double puppeting is enabled, users can use `!wa toggle` to change whether
+    # presence is bridged. These settings set the default values.
+    # Existing users won't be affected when these are changed.
+    default_bridge_presence: false
+    # Send the presence as "available" to WeChat when users start typing on a portal.
+    # This works as a workaround for homeservers that do not support presence, and allows
+    # users to see when the WeChat user on the other side is typing during a conversation.
+    send_presence_on_typing: false
+    # Servers to always allow double puppeting from
+    double_puppet_server_map:
+        "{{ matrix_wechat_homeserver_domain }}": {{ matrix_wechat_homeserver_address }}
+    # Allow using double puppeting from any server with a valid client .well-known file.
+    double_puppet_allow_discovery: false
+    # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
+    #
+    # If set, double puppeting will be enabled automatically for local users
+    # instead of users having to find an access token and run `login-matrix`
+    # manually.
+    login_shared_secret_map: {{ matrix_wechat_login_shared_secret_map | to_json }}
+    # Whether to explicitly set the avatar and room name for private chat portal rooms.
+    # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms.
+    # If set to `always`, all DM rooms will have explicit names and avatars set.
+    # If set to `never`, DM rooms will never have names and avatars set.
+    private_chat_portal_meta: default
+    # Should group members be synced in parallel? This makes member sync faster
+    parallel_member_sync: false
+    # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
+    # This field will automatically be changed back to false after it, except if the config file is not writable.
+    resend_bridge_info: false
+    # When using double puppeting, should muted chats be muted in Matrix?
+    mute_bridging: false
+    # Allow invite permission for user. User can invite any bots to room with WeChat
+    # users (private chat and groups)
+    allow_user_invite: false
+    # Whether or not created rooms should have federation enabled.
+    # If false, created portal rooms will never be federated.
+    federate_rooms: true
+    # Should the bridge never send alerts to the bridge management room?
+    # These are mostly things like the user being logged out.
+    disable_bridge_alerts: false
+    # Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration
+    # Null means there's no enforced timeout.
+    message_handling_timeout:
+        # Send an error message after this timeout, but keep waiting for the response until the deadline.
+        # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay.
+        # If the message is older than this when it reaches the bridge, the message won't be handled at all.
+        error_after: null
+        # Drop messages after this timeout. They may still go through if the message got sent to the servers.
+        # This is counted from the time the bridge starts handling the message.
+        deadline: 120s
+
+    # The prefix for commands. Only required in non-management rooms.
+    command_prefix: {{ matrix_wechat_command_prefix | to_json }}
+
+    # Messages sent upon joining a management room.
+    # Markdown is supported. The defaults are listed below.
+    management_room_text:
+        # Sent when joining a room.
+        welcome: "Hello, I'm a WeChat bridge bot."
+        # Sent when joining a management room and the user is already logged in.
+        welcome_connected: "Use `help` for help."
+        # Sent when joining a management room and the user is not logged in.
+        welcome_unconnected: "Use `help` for help or `login` to log in."
+        # Optional extra text sent when joining a management room.
+        additional_help: ""
+
+    # End-to-bridge encryption support options.
+    #
+    # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
+    encryption:
+        # Allow encryption, work in group chat rooms with e2ee enabled
+        allow: {{ matrix_wechat_encryption_allow | to_json }}
+        # Default to encryption, force-enable encryption in all portals the bridge creates
+        # This will cause the bridge bot to be in private chats for the encryption to work properly.
+        default: {{ matrix_wechat_encryption_default | to_json }}
+        # Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
+        appservice: false
+        # Require encryption, drop any unencrypted messages.
+        require: false
+        # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
+        # You must use a client that supports requesting keys from other users to use this feature.
+        allow_key_sharing: false
+        # Should users mentions be in the event wire content to enable the server to send push notifications?
+        plaintext_mentions: false
+        # Options for deleting megolm sessions from the bridge.
+        delete_keys:
+            # Beeper-specific: delete outbound sessions when hungryserv confirms
+            # that the user has uploaded the key to key backup.
+            delete_outbound_on_ack: false
+            # Don't store outbound sessions in the inbound table.
+            dont_store_outbound: false
+            # Ratchet megolm sessions forward after decrypting messages.
+            ratchet_on_decrypt: false
+            # Delete fully used keys (index >= max_messages) after decrypting messages.
+            delete_fully_used_on_decrypt: false
+            # Delete previous megolm sessions from same device when receiving a new one.
+            delete_prev_on_new_session: false
+            # Delete megolm sessions received from a device when the device is deleted.
+            delete_on_device_delete: false
+            # Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
+            periodically_delete_expired: false
+            # Delete inbound megolm sessions that don't have the received_at field used for
+            # automatic ratcheting and expired session deletion. This is meant as a migration
+            # to delete old keys prior to the bridge update.
+            delete_outdated_inbound: false
+        # What level of device verification should be required from users?
+        #
+        # Valid levels:
+        #   unverified - Send keys to all device in the room.
+        #   cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
+        #   cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
+        #   cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
+        #                           Note that creating user signatures from the bridge bot is not currently possible.
+        #   verified - Require manual per-device verification
+        #              (currently only possible by modifying the `trust` column in the `crypto_device` database table).
+        verification_levels:
+            # Minimum level for which the bridge should send keys to when bridging messages from WeChat to Matrix.
+            receive: unverified
+            # Minimum level that the bridge should accept for incoming Matrix messages.
+            send: unverified
+            # Minimum level that the bridge should require for accepting key requests.
+            share: cross-signed-tofu
+        # Options for Megolm room key rotation. These options allow you to
+        # configure the m.room.encryption event content. See:
+        # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
+        # more information about that event.
+        rotation:
+            # Enable custom Megolm room key rotation settings. Note that these
+            # settings will only apply to rooms created after this option is
+            # set.
+            enable_custom: false
+            # The maximum number of milliseconds a session should be used
+            # before changing it. The Matrix spec recommends 604800000 (a week)
+            # as the default.
+            milliseconds: 604800000
+            # The maximum number of messages that should be sent with a given a
+            # session before changing it. The Matrix spec recommends 100 as the
+            # default.
+            messages: 100
+
+            # Disable rotating keys when a user's devices change?
+            # You should not enable this option unless you understand all the implications.
+            disable_device_change_key_rotation: false
+
+
+    # Permissions for using the bridge.
+    # Permitted values:
+    #     user - Access to use the bridge to chat with a WeChat account.
+    #    admin - User level and some additional administration tools
+    # Permitted keys:
+    #        * - All Matrix users
+    #   domain - All users on that homeserver
+    #     mxid - Specific user
+    permissions: {{ matrix_wechat_permissions | to_json }}
+
+# Logging config. See https://github.com/tulir/zeroconfig for details.
+logging:
+    min_level: {{ matrix_wechat_log_level }}
+    writers:
+    - type: stdout
+      format: pretty-colored

roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat-agent.service.j2

@@ -0,0 +1,49 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=Matrix WeChat Agent
+{% for service in matrix_wechat_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+{% for service in matrix_wechat_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat-agent 2>/dev/null || true'
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat-agent 2>/dev/null || true'
+
+{#
+	The agent needs to write to /home/user/.vnc.
+	`/home/user` is owned by `user:group` (`1000:1000`), so it needs to run with that user/group.
+#}
+ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
+			--rm \
+			--name=matrix-wechat-agent \
+			--log-driver=none \
+			--user={{ matrix_wechat_agent_container_user_uid }}:{{ matrix_wechat_agent_container_user_gid }} \
+			--cap-drop=ALL \
+			--network={{ matrix_wechat_container_network }} \
+			--mount type=bind,src={{ matrix_wechat_config_path }}/agent-config.yaml,dst=/home/user/matrix-wechat-agent/configure.yaml,ro \
+			{% for arg in matrix_wechat_container_extra_arguments %}
+			{{ arg }} \
+			{% endfor %}
+			{{ matrix_wechat_agent_container_image }}
+
+{% for network in matrix_wechat_container_additional_networks %}
+ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-wechat-agent
+{% endfor %}
+
+ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-wechat-agent
+
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat-agent 2>/dev/null || true'
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat-agent 2>/dev/null || true'
+Restart=always
+RestartSec=30
+SyslogIdentifier=matrix-wechat-agent
+
+[Install]
+WantedBy=multi-user.target

roles/custom/matrix-bridge-wechat/templates/systemd/matrix-wechat.service.j2

@@ -0,0 +1,47 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=Matrix WeChat Bridge
+{% for service in matrix_wechat_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+{% for service in matrix_wechat_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ devture_systemd_docker_base_systemd_unit_home_path }}"
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat 2>/dev/null || true'
+ExecStartPre=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat 2>/dev/null || true'
+
+ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
+			--rm \
+			--name=matrix-wechat \
+			--log-driver=none \
+			--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
+			--cap-drop=ALL \
+			--network={{ matrix_wechat_container_network }} \
+			--mount type=bind,src={{ matrix_wechat_config_path }},dst=/config,ro \
+			--mount type=bind,src={{ matrix_wechat_data_path }},dst=/data \
+			--workdir=/data \
+			{% for arg in matrix_wechat_container_extra_arguments %}
+			{{ arg }} \
+			{% endfor %}
+			{{ matrix_wechat_container_image }} \
+			/usr/bin/matrix-wechat -c /config/config.yaml -r /config/registration.yaml --no-update
+{% for network in matrix_wechat_container_additional_networks %}
+ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-wechat
+{% endfor %}
+
+ExecStart={{ devture_systemd_docker_base_host_command_docker }} start --attach matrix-wechat
+
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} stop --time={{ devture_systemd_docker_base_container_stop_grace_time_seconds }} matrix-wechat 2>/dev/null || true'
+ExecStop=-{{ devture_systemd_docker_base_host_command_sh }} -c '{{ devture_systemd_docker_base_host_command_docker }} rm matrix-wechat 2>/dev/null || true'
+Restart=always
+RestartSec=30
+SyslogIdentifier=matrix-wechat
+
+[Install]
+WantedBy=multi-user.target

roles/custom/matrix-cactus-comments-client/defaults/main.yml

@@ -13,7 +13,7 @@ matrix_cactus_comments_client_public_path: "{{ matrix_cactus_comments_client_bas
 matrix_cactus_comments_client_public_path_file_permissions: "0644"
 
 # renovate: datasource=docker depName=joseluisq/static-web-server
-matrix_cactus_comments_client_version: 2.31.1
+matrix_cactus_comments_client_version: 2.32.0
 
 matrix_cactus_comments_client_container_image: "{{ matrix_container_global_registry_prefix }}joseluisq/static-web-server:{{ matrix_cactus_comments_client_container_image_tag }}"
 matrix_cactus_comments_client_container_image_tag: "{{ 'latest' if matrix_cactus_comments_client_version == 'latest' else (matrix_cactus_comments_client_version + '-alpine') }}"
@@ -94,7 +94,7 @@ matrix_cactus_comments_client_webclient_css_url: "https://gateway.pinata.cloud/i
 matrix_cactus_comments_client_local_dir: ''
 
 # List of systemd services that matrix-cactus-comments-client.service depends on
-matrix_cactus_comments_client_systemd_required_services_list: ['docker.service']
+matrix_cactus_comments_client_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # List of systemd services that matrix-cactus-comments-client.service wants
 matrix_cactus_comments_client_systemd_wanted_services_list: "{{ matrix_cactus_comments_client_systemd_wanted_services_list_auto + matrix_cactus_comments_client_systemd_wanted_services_list_custom }}"

roles/custom/matrix-cactus-comments/defaults/main.yml

@@ -40,7 +40,7 @@ matrix_cactus_comments_container_additional_networks_custom: []
 matrix_cactus_comments_container_extra_arguments: []
 
 # List of systemd services that matrix-cactus-comments.service depends on
-matrix_cactus_comments_systemd_required_services_list: ['docker.service']
+matrix_cactus_comments_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # List of systemd services that matrix-cactus-comments.service wants
 matrix_cactus_comments_systemd_wanted_services_list: []

roles/custom/matrix-client-cinny/defaults/main.yml

@@ -72,7 +72,7 @@ matrix_client_cinny_container_labels_additional_labels: ''
 matrix_client_cinny_container_extra_arguments: []
 
 # List of systemd services that matrix-client-cinny.service depends on
-matrix_client_cinny_systemd_required_services_list: ['docker.service']
+matrix_client_cinny_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # Specifies the value of the `X-XSS-Protection` header
 # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

roles/custom/matrix-client-element/defaults/main.yml

@@ -11,7 +11,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/eleme
 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}"
 
 # renovate: datasource=docker depName=vectorim/element-web
-matrix_client_element_version: v1.11.67
+matrix_client_element_version: v1.11.69
 
 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}"
 matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}"
@@ -76,7 +76,7 @@ matrix_client_element_container_labels_additional_labels: ''
 matrix_client_element_container_extra_arguments: []
 
 # List of systemd services that matrix-client-element.service depends on
-matrix_client_element_systemd_required_services_list: ['docker.service']
+matrix_client_element_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # Specifies the value of the `X-XSS-Protection` header
 # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

roles/custom/matrix-client-hydrogen/defaults/main.yml

@@ -71,7 +71,7 @@ matrix_client_hydrogen_container_labels_additional_labels: ''
 matrix_client_hydrogen_container_extra_arguments: []
 
 # List of systemd services that matrix-client-hydrogen.service depends on
-matrix_client_hydrogen_systemd_required_services_list: ['docker.service']
+matrix_client_hydrogen_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # Specifies the value of the `X-XSS-Protection` header
 # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

roles/custom/matrix-client-schildichat/defaults/main.yml

@@ -70,7 +70,7 @@ matrix_client_schildichat_container_labels_additional_labels: ''
 matrix_client_schildichat_container_extra_arguments: []
 
 # List of systemd services that matrix-client-schildichat.service depends on
-matrix_client_schildichat_systemd_required_services_list: ['docker.service']
+matrix_client_schildichat_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # Specifies the value of the `X-XSS-Protection` header
 # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

roles/custom/matrix-conduit/defaults/main.yml

@@ -10,7 +10,7 @@ matrix_conduit_hostname: ''
 matrix_conduit_docker_image: "{{ matrix_conduit_docker_image_name_prefix }}matrixconduit/matrix-conduit:{{ matrix_conduit_docker_image_tag }}"
 matrix_conduit_docker_image_name_prefix: "docker.io/"
 # renovate: datasource=docker depName=matrixconduit/matrix-conduit
-matrix_conduit_docker_image_tag: "v0.7.0"
+matrix_conduit_docker_image_tag: "v0.8.0"
 matrix_conduit_docker_image_force_pull: "{{ matrix_conduit_docker_image.endswith(':latest') }}"
 
 matrix_conduit_base_path: "{{ matrix_base_data_path }}/conduit"
@@ -23,7 +23,7 @@ matrix_conduit_tmp_directory_size_mb: 500
 
 # List of systemd services that matrix-conduit.service depends on
 matrix_conduit_systemd_required_services_list: "{{ matrix_conduit_systemd_required_services_list_default + matrix_conduit_systemd_required_services_list_auto + matrix_conduit_systemd_required_services_list_custom }}"
-matrix_conduit_systemd_required_services_list_default: ["docker.service"]
+matrix_conduit_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_conduit_systemd_required_services_list_auto: []
 matrix_conduit_systemd_required_services_list_custom: []
 

roles/custom/matrix-corporal/defaults/main.yml

@@ -77,7 +77,7 @@ matrix_corporal_container_labels_additional_labels: ''
 
 # List of systemd services that matrix-corporal.service depends on
 matrix_corporal_systemd_required_services_list: "{{ matrix_corporal_systemd_required_services_list_default + matrix_corporal_systemd_required_services_list_auto + matrix_corporal_systemd_required_services_list_custom }}"
-matrix_corporal_systemd_required_services_list_default: ['docker.service']
+matrix_corporal_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_corporal_systemd_required_services_list_auto: []
 matrix_corporal_systemd_required_services_list_custom: []
 

roles/custom/matrix-coturn/defaults/main.yml

@@ -9,7 +9,7 @@ matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_
 matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile"
 
 # renovate: datasource=docker depName=coturn/coturn
-matrix_coturn_version: 4.6.2-r9
+matrix_coturn_version: 4.6.2-r10
 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine"
 matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}"
 matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}"
@@ -39,7 +39,7 @@ matrix_coturn_docker_src_files_path: "{{ matrix_coturn_base_path }}/docker-src"
 matrix_coturn_config_path: "{{ matrix_coturn_base_path }}/turnserver.conf"
 
 # List of systemd services that matrix-coturn.service depends on
-matrix_coturn_systemd_required_services_list: ['docker.service']
+matrix_coturn_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # A list of additional "volumes" to mount in the container.
 # This list gets populated dynamically at runtime. You can provide a different default value,

roles/custom/matrix-dendrite/defaults/main.yml

@@ -178,13 +178,13 @@ matrix_dendrite_process_extra_arguments: []
 
 # List of systemd services that matrix-dendrite.service depends on
 matrix_dendrite_systemd_required_services_list: "{{ matrix_dendrite_systemd_required_services_list_default + matrix_dendrite_systemd_required_services_list_auto + matrix_dendrite_systemd_required_services_list_custom }}"
-matrix_dendrite_systemd_required_services_list_default: ["docker.service"]
+matrix_dendrite_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_dendrite_systemd_required_services_list_auto: []
 matrix_dendrite_systemd_required_services_list_custom: []
 
 # List of systemd services that matrix-dendrite.service wants
 matrix_dendrite_systemd_wanted_services_list: "{{ matrix_dendrite_systemd_wanted_services_list_default + matrix_dendrite_systemd_wanted_services_list_auto + matrix_dendrite_systemd_wanted_services_list_custom }}"
-matrix_dendrite_systemd_wanted_services_list_default: ["docker.service"]
+matrix_dendrite_systemd_wanted_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_dendrite_systemd_wanted_services_list_auto: []
 matrix_dendrite_systemd_wanted_services_list_custom: []
 

roles/custom/matrix-dimension/defaults/main.yml

@@ -37,7 +37,7 @@ matrix_dimension_docker_image_force_pull: "{{ matrix_dimension_docker_image.ends
 
 # List of systemd services that matrix-dimension.service depends on.
 matrix_dimension_systemd_required_services_list: "{{ matrix_dimension_systemd_required_services_list_default + matrix_dimension_systemd_required_services_list_auto + matrix_dimension_systemd_required_services_list_custom }}"
-matrix_dimension_systemd_required_services_list_default: ['docker.service']
+matrix_dimension_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_dimension_systemd_required_services_list_auto: []
 matrix_dimension_systemd_required_services_list_custom: []
 

roles/custom/matrix-dynamic-dns/defaults/main.yml

@@ -31,7 +31,7 @@ matrix_dynamic_dns_container_extra_arguments: []
 matrix_dynamic_dns_systemd_wanted_services_list: []
 
 # List of required services when running in mode
-matrix_dynamic_dns_systemd_required_services_list: ['docker.service']
+matrix_dynamic_dns_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # Build the container from source when running in mode
 matrix_dynamic_dns_container_image_self_build: false

roles/custom/matrix-email2matrix/defaults/main.yml

@@ -28,7 +28,7 @@ matrix_email2matrix_container_extra_arguments: []
 
 # List of systemd services that matrix-corporal.service depends on
 matrix_email2matrix_systemd_required_services_list: "{{ matrix_email2matrix_systemd_required_services_list_default + matrix_email2matrix_systemd_required_services_list_auto + matrix_email2matrix_systemd_required_services_list_custom }}"
-matrix_email2matrix_systemd_required_services_list_default: ['docker.service']
+matrix_email2matrix_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_email2matrix_systemd_required_services_list_auto: []
 matrix_email2matrix_systemd_required_services_list_custom: []
 

roles/custom/matrix-ldap-registration-proxy/defaults/main.yml

@@ -73,13 +73,13 @@ matrix_ldap_registration_proxy_container_extra_arguments: []
 
 # List of systemd services that matrix-ldap-registration-proxy.service depends on.
 matrix_ldap_registration_proxy_systemd_required_services_list: "{{ matrix_ldap_registration_proxy_systemd_required_services_list_default + matrix_ldap_registration_proxy_systemd_required_services_list_auto + matrix_ldap_registration_proxy_systemd_required_services_list_custom }}"
-matrix_ldap_registration_proxy_systemd_required_services_list_default: ['docker.service']
+matrix_ldap_registration_proxy_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_ldap_registration_proxy_systemd_required_services_list_auto: []
 matrix_ldap_registration_proxy_systemd_required_services_list_custom: []
 
 # List of systemd services that matrix-ldap-registration-proxy.service wants
 matrix_ldap_registration_proxy_systemd_wanted_services_list: "{{ matrix_ldap_registration_proxy_systemd_wanted_services_list_default + matrix_ldap_registration_proxy_systemd_wanted_services_list_auto + matrix_ldap_registration_proxy_systemd_wanted_services_list_custom }}"
-matrix_ldap_registration_proxy_systemd_wanted_services_list_default: ['docker.service']
+matrix_ldap_registration_proxy_systemd_wanted_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_ldap_registration_proxy_systemd_wanted_services_list_auto: []
 matrix_ldap_registration_proxy_systemd_wanted_services_list_custom: []
 

roles/custom/matrix-ma1sd/defaults/main.yml

@@ -35,7 +35,7 @@ matrix_ma1sd_container_extra_arguments: []
 
 # List of systemd services that matrix-ma1sd.service depends on
 matrix_ma1sd_systemd_required_services_list: "{{ matrix_ma1sd_systemd_required_services_list_default + matrix_ma1sd_systemd_required_services_list_auto + matrix_ma1sd_systemd_required_services_list_custom }}"
-matrix_ma1sd_systemd_required_services_list_default: ['docker.service']
+matrix_ma1sd_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_ma1sd_systemd_required_services_list_auto: []
 matrix_ma1sd_systemd_required_services_list_custom: []
 

roles/custom/matrix-media-repo/defaults/main.yml

@@ -15,10 +15,10 @@ matrix_media_repo_identifier: matrix-media-repo
 matrix_media_repo_container_image_self_build: false
 matrix_media_repo_container_image_self_build_repo: "https://github.com/turt2live/matrix-media-repo.git"
 
-matrix_media_repo_docker_image_path: "turt2live/matrix-media-repo"
+matrix_media_repo_docker_image_path: "t2bot/matrix-media-repo"
 matrix_media_repo_docker_image: "{{ matrix_media_repo_docker_image_name_prefix }}{{ matrix_media_repo_docker_image_path }}:{{ matrix_media_repo_docker_image_tag }}"
-matrix_media_repo_docker_image_name_prefix: "{{ 'localhost/' if matrix_media_repo_container_image_self_build else matrix_container_global_registry_prefix }}"
-# renovate: datasource=docker depName=turt2live/matrix-media-repo
+matrix_media_repo_docker_image_name_prefix: "{{ 'localhost/' if matrix_media_repo_container_image_self_build else 'ghcr.io/' }}"
+# renovate: datasource=docker depName=ghcr.io/t2bot/matrix-media-repo
 matrix_media_repo_docker_image_tag: "v1.3.4"
 matrix_media_repo_docker_image_force_pull: "{{ matrix_media_repo_docker_image.endswith(':latest') }}"
 
@@ -29,7 +29,7 @@ matrix_media_repo_docker_src_files_path: "{{ matrix_media_repo_base_path }}/dock
 
 # List of systemd services that matrix-media-repo.service depends on
 matrix_media_repo_systemd_required_services_list: "{{ matrix_media_repo_systemd_required_services_list_default + matrix_media_repo_systemd_required_services_list_auto + matrix_media_repo_systemd_required_services_list_custom }}"
-matrix_media_repo_systemd_required_services_list_default: ["docker.service"]
+matrix_media_repo_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_media_repo_systemd_required_services_list_auto: []
 matrix_media_repo_systemd_required_services_list_custom: []
 

roles/custom/matrix-pantalaimon/defaults/main.yml

@@ -32,7 +32,7 @@ matrix_pantalaimon_container_extra_arguments: []
 
 # List of systemd services that matrix-pantalaimon.service depends on
 matrix_pantalaimon_systemd_required_services_list: "{{ matrix_pantalaimon_systemd_required_services_list_default + matrix_pantalaimon_systemd_required_services_list_auto + matrix_pantalaimon_systemd_required_services_list_custom }}"
-matrix_pantalaimon_systemd_required_services_list_default: ['docker.service']
+matrix_pantalaimon_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_pantalaimon_systemd_required_services_list_auto: []
 matrix_pantalaimon_systemd_required_services_list_custom: []
 

roles/custom/matrix-prometheus-nginxlog-exporter/defaults/main.yml

@@ -72,7 +72,7 @@ matrix_prometheus_nginxlog_exporter_container_extra_arguments: []
 
 # List of systemd services that matrix-prometheus_nginxlog_exporter.service depends on
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list: "{{ matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto + matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom }}"
-matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default: ['docker.service']
+matrix_prometheus_nginxlog_exporter_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list_auto: []
 matrix_prometheus_nginxlog_exporter_systemd_required_services_list_custom: []
 

roles/custom/matrix-rageshake/defaults/main.yml

@@ -81,7 +81,7 @@ matrix_rageshake_container_labels_additional_labels: ''
 matrix_rageshake_container_extra_arguments: []
 
 # List of systemd services that matrix-rageshake.service depends on
-matrix_rageshake_systemd_required_services_list: ["docker.service"]
+matrix_rageshake_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # List of systemd services that matrix-rageshake.service wants
 matrix_rageshake_systemd_wanted_services_list: []

roles/custom/matrix-registration/defaults/main.yml

@@ -66,7 +66,7 @@ matrix_registration_container_extra_arguments: []
 
 # List of systemd services that matrix-registration.service depends on
 matrix_registration_systemd_required_services_list: "{{ matrix_registration_systemd_required_services_list_default + matrix_registration_systemd_required_services_list_auto + matrix_registration_systemd_required_services_list_custom }}"
-matrix_registration_systemd_required_services_list_default: ['docker.service']
+matrix_registration_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_registration_systemd_required_services_list_auto: []
 matrix_registration_systemd_required_services_list_custom: []
 

roles/custom/matrix-sliding-sync/defaults/main.yml

@@ -38,6 +38,16 @@ matrix_sliding_sync_container_network: ''
 # Use this to expose this container to another reverse proxy, which runs in a different container network.
 matrix_sliding_sync_container_additional_networks: []
 
+# Enable the exposure of metrics to Prometheus
+# See https://github.com/matrix-org/sliding-sync/tree/main/grafana
+matrix_sliding_sync_metrics_enabled: false
+matrix_sliding_sync_metrics_port: 2112
+
+# Controls whether Sliding Sync metrics should be proxied (exposed) on `matrix.DOMAIN/metrics/sliding-sync`
+matrix_sliding_sync_metrics_proxying_enabled: false
+matrix_sliding_sync_metrics_proxying_hostname: ''
+matrix_sliding_sync_metrics_proxying_path: /metrics/sliding-sync
+
 # matrix_sliding_sync_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
 # See `../templates/labels.j2` for details.
 #
@@ -53,6 +63,18 @@ matrix_sliding_sync_container_labels_traefik_entrypoints: web-secure
 matrix_sliding_sync_container_labels_traefik_tls: "{{ matrix_sliding_sync_container_labels_traefik_entrypoints != 'web' }}"
 matrix_sliding_sync_container_labels_traefik_tls_certResolver: default  # noqa var-naming
 
+# Controls whether labels will be added that expose metrics (see `matrix_sliding_sync_metrics_proxying_enabled`) for Sliding Sync
+matrix_sliding_sync_container_labels_public_metrics_enabled: "{{ matrix_sliding_sync_metrics_enabled and matrix_sliding_sync_metrics_proxying_enabled }}"
+matrix_sliding_sync_container_labels_public_metrics_traefik_path: "{{ matrix_sliding_sync_metrics_proxying_path }}"
+matrix_sliding_sync_container_labels_public_metrics_traefik_rule: "Host(`{{ matrix_sliding_sync_metrics_proxying_hostname }}`) && Path(`{{ matrix_sliding_sync_container_labels_public_metrics_traefik_path }}`)"
+matrix_sliding_sync_container_labels_public_metrics_traefik_priority: 0
+matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints: "{{ matrix_sliding_sync_container_labels_traefik_entrypoints }}"
+matrix_sliding_sync_container_labels_public_metrics_traefik_tls: "{{ matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints != 'web' }}"
+matrix_sliding_sync_container_labels_public_metrics_traefik_tls_certResolver: "{{ matrix_sliding_sync_container_labels_traefik_tls_certResolver }}"  # noqa var-naming
+matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled: false
+# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
+matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users: ''
+
 # Controls which additional headers to attach to all HTTP responses.
 # To add your own headers, use `matrix_sliding_sync_container_labels_traefik_additional_response_headers_custom`
 matrix_sliding_sync_container_labels_traefik_additional_response_headers: "{{ matrix_sliding_sync_container_labels_traefik_additional_response_headers_auto | combine(matrix_sliding_sync_container_labels_traefik_additional_response_headers_custom) }}"
@@ -73,7 +95,7 @@ matrix_sliding_sync_container_extra_arguments: []
 
 # List of systemd services that matrix-sliding-sync-proxy.service depends on
 matrix_sliding_sync_systemd_required_services_list: "{{ matrix_sliding_sync_systemd_required_services_list_default + matrix_sliding_sync_systemd_required_services_list_auto + matrix_sliding_sync_systemd_required_services_list_custom }}"
-matrix_sliding_sync_systemd_required_services_list_default: ["docker.service"]
+matrix_sliding_sync_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_sliding_sync_systemd_required_services_list_auto: []
 matrix_sliding_sync_systemd_required_services_list_custom: []
 
@@ -89,6 +111,9 @@ matrix_sliding_sync_environment_variable_syncv3_secret: ''
 # Controls the SYNCV3_DB environment variable
 matrix_sliding_sync_environment_variable_syncv3_db: 'user={{ matrix_sliding_sync_database_username }} password={{ matrix_sliding_sync_database_password }} host={{ matrix_sliding_sync_database_hostname }} port={{ matrix_sliding_sync_database_port }} dbname={{ matrix_sliding_sync_database_name }} sslmode={{ matrix_sliding_sync_database_sslmode }}'
 
+# Controls the SYNCV3_PROM environment variable
+matrix_sliding_sync_environment_variable_syncv3_prom: ':{{ matrix_sliding_sync_metrics_port }}'
+
 # Additional environment variables.
 matrix_sliding_sync_environment_variables_additional_variables: ''
 

roles/custom/matrix-sliding-sync/tasks/validate_config.yml

@@ -3,11 +3,13 @@
   ansible.builtin.fail:
     msg: >
       You need to define a required configuration setting (`{{ item.name }}`).
-  when: "vars[item] == ''"
+  when: "item.when | bool and vars[item.name] == ''"
   with_items:
-    - matrix_sliding_sync_hostname
-    - matrix_sliding_sync_path_prefix
-    - matrix_sliding_sync_database_hostname
-    - matrix_sliding_sync_environment_variable_syncv3_server
-    - matrix_sliding_sync_environment_variable_syncv3_secret
-    - matrix_sliding_sync_container_network
+    - {'name': 'matrix_sliding_sync_hostname', when: true}
+    - {'name': 'matrix_sliding_sync_path_prefix', when: true}
+    - {'name': 'matrix_sliding_sync_database_hostname', when: true}
+    - {'name': 'matrix_sliding_sync_environment_variable_syncv3_server', when: true}
+    - {'name': 'matrix_sliding_sync_environment_variable_syncv3_secret', when: true}
+    - {'name': 'matrix_sliding_sync_container_network', when: true}
+    - {'name': 'matrix_sliding_sync_metrics_proxying_hostname', when: "{{ matrix_sliding_sync_metrics_proxying_enabled }}"}
+    - {'name': 'matrix_sliding_sync_metrics_proxying_path_prefix', when: "{{ matrix_sliding_sync_metrics_proxying_enabled }}"}

roles/custom/matrix-sliding-sync/templates/env.j2

@@ -3,4 +3,8 @@ SYNCV3_SECRET={{ matrix_sliding_sync_environment_variable_syncv3_secret }}
 SYNCV3_BINDADDR=:8008
 SYNCV3_DB={{ matrix_sliding_sync_environment_variable_syncv3_db }}
 
+{% if matrix_sliding_sync_metrics_enabled %}
+SYNCV3_PROM={{ matrix_sliding_sync_environment_variable_syncv3_prom }}
+{% endif %}
+
 {{ matrix_sliding_sync_environment_variables_additional_variables }}

roles/custom/matrix-sliding-sync/templates/labels.j2

@@ -6,6 +6,7 @@ traefik.docker.network={{ matrix_sliding_sync_container_labels_traefik_docker_ne
 {% endif %}
 
 traefik.http.services.matrix-sliding-sync.loadbalancer.server.port=8008
+traefik.http.services.matrix-sliding-sync-metrics.loadbalancer.server.port={{ matrix_sliding_sync_metrics_port }}
 
 {% set middlewares = [] %}
 
@@ -41,6 +42,36 @@ traefik.http.routers.matrix-sliding-sync.tls={{ matrix_sliding_sync_container_la
 traefik.http.routers.matrix-sliding-sync.tls.certResolver={{ matrix_sliding_sync_container_labels_traefik_tls_certResolver }}
 {% endif %}
 
+{% if matrix_sliding_sync_container_labels_public_metrics_enabled %}
+{% set metrics_middlewares = [] %}
+
+{% if matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_enabled %}
+{% set metrics_middlewares = metrics_middlewares + ['matrix-sliding-sync-metrics-basic-auth'] %}
+traefik.http.middlewares.matrix-sliding-sync-metrics-basic-auth.basicauth.users={{ matrix_sliding_sync_container_labels_public_metrics_middleware_basic_auth_users }}
+{% endif %}
+
+{% set metrics_middlewares = metrics_middlewares + ['matrix-sliding-sync-metrics-replacepath'] %}
+traefik.http.middlewares.matrix-sliding-sync-metrics-replacepath.replacepath.path=/metrics
+
+traefik.http.routers.matrix-sliding-sync-metrics.rule={{ matrix_sliding_sync_container_labels_public_metrics_traefik_rule }}
+
+{% if metrics_middlewares | length > 0 %}
+traefik.http.routers.matrix-sliding-sync-metrics.middlewares={{ metrics_middlewares | join(',') }}
+{% endif %}
+
+{% if matrix_sliding_sync_container_labels_public_metrics_traefik_priority | int > 0 %}
+traefik.http.routers.matrix-sliding-sync-metrics.priority={{ matrix_sliding_sync_container_labels_public_metrics_traefik_priority }}
+{% endif %}
+
+traefik.http.routers.matrix-sliding-sync-metrics.service=matrix-sliding-sync-metrics
+traefik.http.routers.matrix-sliding-sync-metrics.entrypoints={{ matrix_sliding_sync_container_labels_public_metrics_traefik_entrypoints }}
+
+traefik.http.routers.matrix-sliding-sync-metrics.tls={{ matrix_sliding_sync_container_labels_public_metrics_traefik_tls | to_json }}
+{% if matrix_sliding_sync_container_labels_public_metrics_traefik_tls %}
+traefik.http.routers.matrix-sliding-sync-metrics.tls.certResolver={{ matrix_sliding_sync_container_labels_public_metrics_traefik_tls_certResolver }}
+{% endif %}
+{% endif %}
+
 {% endif %}
 
 {{ matrix_sliding_sync_container_labels_additional_labels }}

roles/custom/matrix-static-files/defaults/main.yml

@@ -8,7 +8,7 @@ matrix_static_files_enabled: true
 matrix_static_files_identifier: matrix-static-files
 
 # renovate: datasource=docker depName=joseluisq/static-web-server
-matrix_static_files_version: 2.31.1
+matrix_static_files_version: 2.32.0
 
 matrix_static_files_base_path: "{{ matrix_base_data_path }}/{{ 'static-files' if matrix_static_files_identifier == 'matrix-static-files' else matrix_static_files_identifier }}"
 matrix_static_files_config_path: "{{ matrix_static_files_base_path }}/config"
@@ -17,7 +17,7 @@ matrix_static_files_public_well_known_path: "{{ matrix_static_files_public_path
 matrix_static_files_public_well_known_matrix_path: "{{ matrix_static_files_public_well_known_path }}/matrix"
 
 # List of systemd services that matrix-static-files.service depends on
-matrix_static_files_systemd_required_services_list: ['docker.service']
+matrix_static_files_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # List of systemd services that matrix-static-files.service wants
 matrix_static_files_systemd_wanted_services_list: "{{ matrix_static_files_systemd_wanted_services_list_auto + matrix_static_files_systemd_wanted_services_list_custom }}"

roles/custom/matrix-sygnal/defaults/main.yml

@@ -20,7 +20,7 @@ matrix_sygnal_config_path: "{{ matrix_sygnal_base_path }}/config"
 matrix_sygnal_data_path: "{{ matrix_sygnal_base_path }}/data"
 
 # List of systemd services that matrix-sygnal.service depends on.
-matrix_sygnal_systemd_required_services_list: ['docker.service']
+matrix_sygnal_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # List of systemd services that matrix-sygnal.service wants
 matrix_sygnal_systemd_wanted_services_list: []

roles/custom/matrix-synapse-admin/defaults/main.yml

@@ -73,7 +73,7 @@ matrix_synapse_admin_container_labels_traefik_additional_response_headers_custom
 matrix_synapse_admin_container_labels_additional_labels: ''
 
 # List of systemd services that matrix-synapse-admin.service depends on
-matrix_synapse_admin_systemd_required_services_list: ['docker.service']
+matrix_synapse_admin_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 
 # List of systemd services that matrix-synapse-admin.service wants
 matrix_synapse_admin_systemd_wanted_services_list: []

roles/custom/matrix-synapse-auto-compressor/defaults/main.yml

@@ -32,7 +32,7 @@ matrix_synapse_auto_compressor_container_extra_arguments: []
 
 # List of systemd services that matrix-synapse-auto-compressor.service depends on
 matrix_synapse_auto_compressor_systemd_required_services_list: "{{ matrix_synapse_auto_compressor_systemd_required_services_list_default + matrix_synapse_auto_compressor_systemd_required_services_list_auto + matrix_synapse_auto_compressor_systemd_required_services_list_custom }}"
-matrix_synapse_auto_compressor_systemd_required_services_list_default: ['docker.service']
+matrix_synapse_auto_compressor_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_synapse_auto_compressor_systemd_required_services_list_auto: []
 matrix_synapse_auto_compressor_systemd_required_services_list_custom: []
 

roles/custom/matrix-synapse-reverse-proxy-companion/defaults/main.yml

@@ -20,7 +20,7 @@ matrix_synapse_reverse_proxy_companion_confd_path: "{{ matrix_synapse_reverse_pr
 
 # List of systemd services that matrix-synapse-reverse-proxy-companion.service depends on
 matrix_synapse_reverse_proxy_companion_systemd_required_services_list: "{{ matrix_synapse_reverse_proxy_companion_systemd_required_services_list_default + matrix_synapse_reverse_proxy_companion_systemd_required_services_list_auto + matrix_synapse_reverse_proxy_companion_systemd_required_services_list_custom }}"
-matrix_synapse_reverse_proxy_companion_systemd_required_services_list_default: ['docker.service']
+matrix_synapse_reverse_proxy_companion_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_synapse_reverse_proxy_companion_systemd_required_services_list_auto: []
 matrix_synapse_reverse_proxy_companion_systemd_required_services_list_custom: []
 

roles/custom/matrix-synapse/defaults/main.yml

@@ -16,7 +16,7 @@ matrix_synapse_enabled: true
 matrix_synapse_github_org_and_repo: element-hq/synapse
 
 # renovate: datasource=docker depName=ghcr.io/element-hq/synapse
-matrix_synapse_version: v1.108.0
+matrix_synapse_version: v1.109.0
 
 matrix_synapse_username: ''
 matrix_synapse_uid: ''
@@ -310,7 +310,7 @@ matrix_synapse_container_master_extra_arguments: []
 
 # List of systemd services that matrix-synapse.service depends on
 matrix_synapse_systemd_required_services_list: "{{ matrix_synapse_systemd_required_services_list_default + matrix_synapse_systemd_required_services_list_auto + matrix_synapse_systemd_required_services_list_custom }}"
-matrix_synapse_systemd_required_services_list_default: ['docker.service']
+matrix_synapse_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
 matrix_synapse_systemd_required_services_list_auto: []
 matrix_synapse_systemd_required_services_list_custom: []
 
@@ -320,6 +320,12 @@ matrix_synapse_systemd_wanted_services_list_default: []
 matrix_synapse_systemd_wanted_services_list_auto: []
 matrix_synapse_systemd_wanted_services_list_custom: []
 
+# List of systemd services that matrix-goofys.service depends on
+matrix_synapse_goofys_systemd_required_services_list: "{{ matrix_synapse_goofys_systemd_required_services_list_default + matrix_synapse_goofys_systemd_required_services_list_auto + matrix_synapse_goofys_systemd_required_services_list_custom }}"
+matrix_synapse_goofys_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
+matrix_synapse_goofys_systemd_required_services_list_auto: []
+matrix_synapse_goofys_systemd_required_services_list_custom: []
+
 # Controls how long to sleep for after starting the matrix-synapse container.
 #
 # Delaying, so that the homeserver can manage to fully start and various services
@@ -537,6 +543,27 @@ matrix_synapse_auto_join_rooms: []
 # automatically if they don't already exist.
 matrix_synapse_autocreate_auto_join_rooms: true
 
+# Controls whether room invites will be accepted on behalf of users.
+# See: https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#auto-accept-invites
+# This should not be used together with the `synapse_auto_accept_invite` module (see `matrix_synapse_ext_synapse_auto_accept_invite_enabled`).
+# Also see:
+# - `matrix_synapse_auto_accept_invites_only_for_direct_messages`
+# - `matrix_synapse_auto_accept_invites_only_from_local_users`
+# - `matrix_synapse_auto_accept_invites_worker_to_run_on`
+matrix_synapse_auto_accept_invites_enabled: false
+
+# Controls whether auto-invite acceptance should only be done for direct messages.
+# Related to: `matrix_synapse_auto_accept_invites_enabled`
+matrix_synapse_auto_accept_invites_only_for_direct_messages: false
+
+# Controls whether auto-invite acceptance should only be done when the invitatio nis coming from a local user.
+# Related to: `matrix_synapse_auto_accept_invites_enabled`
+matrix_synapse_auto_accept_invites_only_from_local_users: false
+
+# When Synapse workers enabled it is possible (but not required) to assign a worker to run the auto-accept-invites feature on (null = main process).
+# Related to: `matrix_synapse_auto_accept_invites_enabled`
+matrix_synapse_auto_accept_invites_worker_to_run_on: null
+
 # Controls whether password authentication is allowed
 # It may be useful when you've configured OAuth, SAML or CAS and want authentication
 # to happen only through them
@@ -1222,6 +1249,10 @@ matrix_synapse_ext_synapse_s3_storage_provider_update_db_day_count: 0
 matrix_synapse_ext_synapse_s3_storage_provider_periodic_migration_schedule: '*-*-* 05:00:00'
 
 # Synapse module to automatically accept room invites.
+#
+# Since Synapse v1.109.0 (https://github.com/element-hq/synapse/pull/17147),
+# this functionality has been merged into Synapse. See `matrix_synapse_auto_accept_invites_enabled`.
+#
 # See: https://github.com/matrix-org/synapse-auto-accept-invite
 # Installing it requires building a customized Docker image for Synapse (see `matrix_synapse_container_image_customizations_enabled`).
 # Enabling this will enable customizations and inject the appropriate Dockerfile clauses for installing synapse-auto-accept-invite.

roles/custom/matrix-synapse/tasks/validate_config.yml

@@ -121,3 +121,15 @@
       when: "matrix_synapse_container_image_customizations_templates_git_repository_keyscan_enabled | bool and vars[item] == ''"
       with_items:
         - matrix_synapse_container_image_customizations_templates_git_repository_keyscan_hostname
+
+
+- name: Fail when auto-accept-invite enabled as a native feature and a module at the same time
+  ansible.builtin.fail:
+    msg: >-
+      Your configuration enables the auto-accept invites feature both as a native Synapse feature (`matrix_synapse_auto_accept_invites_enabled`) and a 3rd party module (`matrix_synapse_ext_synapse_auto_accept_invite_enabled`).
+      This is unnecessary, since they both do the same and the native feature is built on top of the 3rd party module anyway.
+      Enabling both at the same time will lead to issues.
+      We recommend leaving `matrix_synapse_auto_accept_invites_enabled` in your configuration and removing `matrix_synapse_ext_synapse_auto_accept_invite_enabled`.
+  when:
+    - matrix_synapse_auto_accept_invites_enabled
+    - matrix_synapse_ext_synapse_auto_accept_invite_enabled

roles/custom/matrix-synapse/templates/goofys/systemd/matrix-goofys.service.j2

@@ -1,8 +1,10 @@
 #jinja2: lstrip_blocks: "True"
 [Unit]
 Description=Matrix Goofys media store
-After=docker.service
-Requires=docker.service
+{% for service in matrix_synapse_goofys_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
 DefaultDependencies=no
 
 [Service]

roles/custom/matrix-synapse/templates/synapse/homeserver.yaml.j2

@@ -1550,6 +1550,12 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json
 #
 #auto_join_rooms_for_guests: false
 
+auto_accept_invites:
+    enabled: {{ matrix_synapse_auto_accept_invites_enabled | to_json }}
+    only_for_direct_messages: {{ matrix_synapse_auto_accept_invites_only_for_direct_messages | to_json }}
+    only_from_local_users: {{ matrix_synapse_auto_accept_invites_only_from_local_users | to_json }}
+    worker_to_run_on: {{ matrix_synapse_auto_accept_invites_worker_to_run_on | to_json }}
+
 # Whether to inhibit errors raised when registering a new account if the user ID
 # already exists. If turned on, that requests to /register/available will always
 # show a user ID as available, and Synapse won't raise an error when starting
@@ -1565,7 +1571,7 @@ autocreate_auto_join_rooms: {{ matrix_synapse_autocreate_auto_join_rooms|to_json
 
 # Enable collection and rendering of performance metrics
 #
-enable_metrics: {{ matrix_synapse_metrics_enabled|to_json  }}
+enable_metrics: {{ matrix_synapse_metrics_enabled|to_json }}
 
 # Enable sentry integration
 # NOTE: While attempts are made to ensure that the logs don't contain

setup.yml

@@ -58,6 +58,7 @@
     - custom/matrix-bridge-appservice-kakaotalk
     - custom/matrix-bridge-beeper-linkedin
     - custom/matrix-bridge-go-skype-bridge
+    - custom/matrix-bridge-wechat
     - custom/matrix-bridge-mautrix-facebook
     - custom/matrix-bridge-mautrix-twitter
     - custom/matrix-bridge-mautrix-hangouts