diff --git a/docs/configuring-playbook-bridge-appservice-kakaotalk.md b/docs/configuring-playbook-bridge-appservice-kakaotalk.md
new file mode 100644
index 000000000..2c0b871cb
--- /dev/null
+++ b/docs/configuring-playbook-bridge-appservice-kakaotalk.md
@@ -0,0 +1,23 @@
+# Setting up Matrix Appservice KakaoTalk (optional)
+
+The playbook can install and configure
+[matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) for you.
+
+See the project page to learn what it does and why it might be useful to you.
+
+To enable the [KakaoTalk](https://www.kakaocorp.com/page/service/service/KakaoTalk) bridge just use the following
+playbook configuration:
+
+
+```yaml
+matrix_appservice_kakaotalk_enabled: true
+```
+
+
+## Usage
+
+Once the bot is enabled, you need to start a chat with `KakaoTalk bridge bot`
+with the handle `@kakaotalkbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
+domain, not the `matrix.` domain).
+
+Send `help` to the bot to see the commands available.
diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md
index e5301df13..2a929fdf6 100644
--- a/docs/configuring-playbook.md
+++ b/docs/configuring-playbook.md
@@ -118,6 +118,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
- [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional)
+- [Setting up Matrix Appservice KakaoTalk bridging](configuring-playbook-bridge-appservice-kakaotalk.md) (optional)
+
- [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional)
- ~~[Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md)~~ (optional) - this component has been broken for a long time, so it has been removed from the playbook. Consider [Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md)
diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers
index ea17edb40..f4988c24e 100755
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -214,6 +214,49 @@ matrix_appservice_irc_database_password: "{{ '%s' | format(matrix_homeserver_gen
######################################################################
+######################################################################
+#
+# matrix-bridge-appservice-kakaotalk
+#
+######################################################################
+
+# We don't enable bridges by default.
+matrix_appservice_kakaotalk_enabled: false
+
+matrix_appservice_kakaotalk_container_image_self_build: true
+
+matrix_appservice_kakaotalk_node_container_image_self_build: true
+
+matrix_appservice_kakaotalk_systemd_required_services_list: |
+ {{
+ ['docker.service']
+ +
+ ['matrix-' + matrix_homeserver_implementation + '.service']
+ +
+ (['matrix-postgres.service'] if matrix_postgres_enabled else [])
+ +
+ (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
+ +
+ ['matrix-appservice-kakaotalk-node.service']
+ }}
+
+matrix_appservice_kakaotalk_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'kt.as.token') | to_uuid }}"
+
+matrix_appservice_kakaotalk_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'kt.hs.token') | to_uuid }}"
+
+matrix_appservice_kakaotalk_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
+
+# Postgres is the default, except if not using `matrix_postgres` (internal postgres)
+matrix_appservice_kakaotalk_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}"
+matrix_appservice_kakaotalk_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kt.db') | to_uuid }}"
+
+######################################################################
+#
+# /matrix-bridge-appservice-kakaotalk
+#
+######################################################################
+
+
######################################################################
#
# matrix-bridge-beeper-linkedin
@@ -1811,6 +1854,12 @@ matrix_postgres_additional_databases: |
'password': matrix_appservice_irc_database_password,
}] if (matrix_appservice_irc_enabled and matrix_appservice_irc_database_engine == 'postgres' and matrix_appservice_irc_database_hostname == 'matrix-postgres') else [])
+
+ ([{
+ 'name': matrix_appservice_kakaotalk_database_name,
+ 'username': matrix_appservice_kakaotalk_database_username,
+ 'password': matrix_appservice_kakaotalk_database_password,
+ }] if (matrix_appservice_kakaotalk_enabled and matrix_appservice_kakaotalk_database_engine == 'postgres' and matrix_appservice_kakaotalk_database_hostname == 'matrix-postgres') else [])
+ +
([{
'name': matrix_beeper_linkedin_database_name,
'username': matrix_beeper_linkedin_database_username,
diff --git a/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml
new file mode 100644
index 000000000..ec6f048b1
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml
@@ -0,0 +1,158 @@
+---
+# Matrix Appservice KakaoTalk is a Matrix <-> KakaoTalk bridge
+# See: https://src.miscworks.net/fair/matrix-appservice-kakaotalk
+
+matrix_appservice_kakaotalk_enabled: true
+
+matrix_appservice_kakaotalk_container_image_self_build: true
+matrix_appservice_kakaotalk_container_image_self_build_repo: "https://src.miscworks.net/fair/matrix-appservice-kakaotalk"
+matrix_appservice_kakaotalk_container_image_self_build_branch: "{{ 'master' if matrix_appservice_kakaotalk_version == 'latest' else matrix_appservice_kakaotalk_version }}"
+
+matrix_appservice_kakaotalk_version: latest
+matrix_appservice_kakaotalk_docker_image: "{{ matrix_appservice_kakaotalk_docker_image_name_prefix }}fair/matrix-appservice-kakaotalk:{{ matrix_appservice_kakaotalk_version }}"
+matrix_appservice_kakaotalk_docker_image_name_prefix: "localhost/"
+matrix_appservice_kakaotalk_docker_image_force_pull: "{{ matrix_appservice_kakaotalk_docker_image.endswith(':latest') }}"
+
+matrix_appservice_kakaotalk_base_path: "{{ matrix_base_data_path }}/matrix-appservice-kakaotalk"
+matrix_appservice_kakaotalk_data_path: "{{ matrix_appservice_kakaotalk_base_path }}/data"
+matrix_appservice_kakaotalk_docker_src_files_path: "{{ matrix_appservice_kakaotalk_base_path }}/docker-src"
+
+matrix_appservice_kakaotalk_node_container_image_self_build: true
+matrix_appservice_kakaotalk_node_container_image_self_build_repo_path: "{{ matrix_appservice_kakaotalk_node_base_path }}/docker-src"
+matrix_appservice_kakaotalk_node_container_image_self_build_branch: "{{ 'master' if matrix_appservice_kakaotalk_version == 'latest' else matrix_appservice_kakaotalk_version }}"
+
+matrix_appservice_kakaotalk_node_docker_image: "{{ matrix_appservice_kakaotalk_node_docker_image_name_prefix }}fair/matrix-appservice-kakaotalk-node:{{ matrix_appservice_kakaotalk_version }}"
+matrix_appservice_kakaotalk_node_docker_image_name_prefix: "localhost/"
+matrix_appservice_kakaotalk_node_docker_image_force_pull: "{{ matrix_appservice_kakaotalk_node_docker_image.endswith(':latest') }}"
+
+matrix_appservice_kakaotalk_node_base_path: "{{ matrix_base_data_path }}/matrix-appservice-kakaotalk-node"
+matrix_appservice_kakaotalk_node_docker_src_files_path: "{{ matrix_appservice_kakaotalk_node_base_path }}/docker-src/node"
+
+matrix_appservice_kakaotalk_homeserver_address: "{{ matrix_homeserver_container_url }}"
+matrix_appservice_kakaotalk_homeserver_domain: "{{ matrix_domain }}"
+matrix_appservice_kakaotalk_appservice_address: 'http://matrix-appservice-kakaotalk:8080'
+
+# A list of extra arguments to pass to the container
+matrix_appservice_kakaotalk_container_extra_arguments: []
+
+# List of systemd services that matrix-appservice-kakaotalk.service depends on.
+matrix_appservice_kakaotalk_systemd_required_services_list:
+ - 'docker.service'
+ - 'matrix-appservice-kakaotalk-node.service'
+
+# List of systemd services that matrix-appservice-kakaotalk.service wants
+matrix_appservice_kakaotalk_systemd_wanted_services_list: []
+
+# List of systemd services that matrix-appservice-kakaotalk-node.service depends on.
+matrix_appservice_kakaotalk_node_systemd_required_services_list: ['docker.service']
+
+# List of systemd services that matrix-appservice-kakaotalk-node.service wants
+matrix_appservice_kakaotalk_node_systemd_wanted_services_list: []
+
+matrix_appservice_kakaotalk_appservice_token: ''
+matrix_appservice_kakaotalk_homeserver_token: ''
+
+matrix_appservice_kakaotalk_appservice_bot_username: kakaotalkbot
+
+# Whether or not created rooms should have federation enabled.
+# If false, created portal rooms will never be federated.
+matrix_appservice_kakaotalk_federate_rooms: true
+
+# Database-related configuration fields.
+#
+# To use SQLite, stick to these defaults.
+#
+# To use Postgres:
+# - change the engine (`matrix_appservice_kakaotalk_database_engine: 'postgres'`)
+# - adjust your database credentials via the `matrix_appservice_kakaotalk_database_*` variables
+matrix_appservice_kakaotalk_database_engine: 'sqlite'
+
+matrix_appservice_kakaotalk_sqlite_database_path_local: "{{ matrix_appservice_kakaotalk_data_path }}/matrix-appservice-kakaotalk.db"
+matrix_appservice_kakaotalk_sqlite_database_path_in_container: "/data/matrix-appservice-kakaotalk.db"
+
+matrix_appservice_kakaotalk_database_username: 'matrix_appservice_kakaotalk'
+matrix_appservice_kakaotalk_database_password: 'some-password'
+matrix_appservice_kakaotalk_database_hostname: 'matrix-postgres'
+matrix_appservice_kakaotalk_database_port: 5432
+matrix_appservice_kakaotalk_database_name: 'matrix_appservice_kakaotalk'
+
+matrix_appservice_kakaotalk_database_connection_string: 'postgresql://{{ matrix_appservice_kakaotalk_database_username }}:{{ matrix_appservice_kakaotalk_database_password }}@{{ matrix_appservice_kakaotalk_database_hostname }}:{{ matrix_appservice_kakaotalk_database_port }}/{{ matrix_appservice_kakaotalk_database_name }}?sslmode=disable'
+
+matrix_appservice_kakaotalk_appservice_database_type: "{{
+ {
+ 'sqlite': 'sqlite3',
+ 'postgres':'postgres',
+ }[matrix_appservice_kakaotalk_database_engine]
+}}"
+
+matrix_appservice_kakaotalk_appservice_database_uri: "{{
+ {
+ 'sqlite': matrix_appservice_kakaotalk_sqlite_database_path_in_container,
+ 'postgres': matrix_appservice_kakaotalk_database_connection_string,
+ }[matrix_appservice_kakaotalk_database_engine]
+}}"
+
+# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
+matrix_appservice_kakaotalk_login_shared_secret: ''
+matrix_appservice_kakaotalk_bridge_login_shared_secret_map:
+ "{{ {matrix_appservice_kakaotalk_homeserver_domain: matrix_appservice_kakaotalk_login_shared_secret} if matrix_appservice_kakaotalk_login_shared_secret else {} }}"
+
+# Servers to always allow double puppeting from
+matrix_appservice_kakaotalk_bridge_double_puppet_server_map:
+ "{{ matrix_appservice_kakaotalk_homeserver_domain : matrix_appservice_kakaotalk_homeserver_address }}"
+
+# Default matrix-appservice-kakaotalk configuration template which covers the generic use case.
+# You can customize it by controlling the various variables inside it.
+#
+# For a more advanced customization, you can extend the default (see `matrix_appservice_kakaotalk_configuration_extension_yaml`)
+# or completely replace this variable with your own template.
+matrix_appservice_kakaotalk_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
+
+matrix_appservice_kakaotalk_configuration_extension_yaml: |
+ # Your custom YAML configuration goes here.
+ # This configuration extends the default starting configuration (`matrix_appservice_kakaotalk_configuration_yaml`).
+ #
+ # You can override individual variables from the default configuration, or introduce new ones.
+ #
+ # If you need something more special, you can take full control by
+ # completely redefining `matrix_appservice_kakaotalk_configuration_yaml`.
+
+matrix_appservice_kakaotalk_configuration_extension: "{{ matrix_appservice_kakaotalk_configuration_extension_yaml|from_yaml if matrix_appservice_kakaotalk_configuration_extension_yaml|from_yaml is mapping else {} }}"
+
+# Holds the final configuration (a combination of the default and its extension).
+# You most likely don't need to touch this variable. Instead, see `matrix_appservice_kakaotalk_configuration_yaml`.
+matrix_appservice_kakaotalk_configuration: "{{ matrix_appservice_kakaotalk_configuration_yaml|from_yaml|combine(matrix_appservice_kakaotalk_configuration_extension, recursive=True) }}"
+
+matrix_appservice_kakaotalk_node_configuration_json: "{{ lookup('template', 'templates/config.json.j2') }}"
+
+matrix_appservice_kakaotalk_node_configuration_extension_json: '{}'
+
+matrix_appservice_kakaotalk_node_configuration_extension: "{{ matrix_appservice_kakaotalk_node_configuration_extension_json|from_json if matrix_appservice_kakaotalk_node_configuration_extension_json|from_json is mapping else {} }}"
+
+matrix_appservice_kakaotalk_node_configuration: "{{ matrix_appservice_kakaotalk_node_configuration_json|combine(matrix_appservice_kakaotalk_node_configuration_extension, recursive=True) }}"
+
+matrix_appservice_kakaotalk_registration_yaml: |
+ id: kakaotalk
+ url: {{ matrix_appservice_kakaotalk_appservice_address }}
+ as_token: "{{ matrix_appservice_kakaotalk_appservice_token }}"
+ hs_token: "{{ matrix_appservice_kakaotalk_homeserver_token }}"
+ # See https://github.com/mautrix/signal/issues/43
+ sender_localpart: _bot_{{ matrix_appservice_kakaotalk_appservice_bot_username }}
+ rate_limited: false
+ namespaces:
+ users:
+ - regex: '^@kakaotalk_.+:{{ matrix_appservice_kakaotalk_homeserver_domain|regex_escape }}$'
+ exclusive: true
+ - exclusive: true
+ regex: '^@{{ matrix_appservice_kakaotalk_appservice_bot_username|regex_escape }}:{{ matrix_appservice_kakaotalk_homeserver_domain|regex_escape }}$'
+ de.sorunome.msc2409.push_ephemeral: true
+
+matrix_appservice_kakaotalk_registration: "{{ matrix_appservice_kakaotalk_registration_yaml|from_yaml }}"
+
+# Enable End-to-bridge encryption
+matrix_appservice_kakaotalk_bridge_encryption_allow: false
+matrix_appservice_kakaotalk_bridge_encryption_default: "{{ matrix_appservice_kakaotalk_bridge_encryption_allow }}"
+
+# Minimum severity of journal log messages.
+# Options: debug, info, warn, error, fatal
+matrix_appservice_kakaotalk_log_level: 'warn'
diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml
new file mode 100644
index 000000000..6cf0e659b
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml
@@ -0,0 +1,21 @@
+---
+- set_fact:
+ matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-kakaotalk.service', 'matrix-appservice-kakaotalk-node.service'] }}"
+ when: matrix_appservice_kakaotalk_enabled|bool
+
+# If the matrix-synapse role is not used, these variables may not exist.
+- set_fact:
+ matrix_synapse_container_extra_arguments: >
+ {{
+ matrix_synapse_container_extra_arguments|default([])
+ +
+ ["--mount type=bind,src={{ matrix_appservice_kakaotalk_data_path }}/registration.yaml,dst=/matrix-appservice-kakaotalk-registration.yaml,ro"]
+ }}
+
+ matrix_synapse_app_service_config_files: >
+ {{
+ matrix_synapse_app_service_config_files|default([])
+ +
+ ["/matrix-appservice-kakaotalk-registration.yaml"]
+ }}
+ when: matrix_appservice_kakaotalk_enabled|bool
diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml
new file mode 100644
index 000000000..a623fb652
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml
@@ -0,0 +1,23 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/init.yml"
+ tags:
+ - always
+
+- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
+ when: "run_setup|bool and matrix_appservice_kakaotalk_enabled|bool"
+ tags:
+ - setup-all
+ - setup-appservice-kakaotalk
+
+- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
+ when: "run_setup|bool and matrix_appservice_kakaotalk_enabled|bool"
+ tags:
+ - setup-all
+ - setup-appservice-kakaotalk
+
+- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
+ when: "run_setup|bool and not matrix_appservice_kakaotalk_enabled|bool"
+ tags:
+ - setup-all
+ - setup-appservice-kakaotalk
diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml
new file mode 100644
index 000000000..2087f32c2
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml
@@ -0,0 +1,195 @@
+---
+
+# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
+# We don't want to fail in such cases.
+- name: Fail if matrix-synapse role already executed
+ fail:
+ msg: >-
+ The matrix-bridge-appservice-kakaotalk role needs to execute before the matrix-synapse role.
+ when: "matrix_synapse_role_executed|default(False)"
+
+- set_fact:
+ matrix_appservice_kakaotalk_requires_restart: false
+
+- block:
+ - name: Check if an SQLite database already exists
+ stat:
+ path: "{{ matrix_appservice_kakaotalk_sqlite_database_path_local }}"
+ register: matrix_appservice_kakaotalk_sqlite_database_path_local_stat_result
+
+ - block:
+ - set_fact:
+ matrix_postgres_db_migration_request:
+ src: "{{ matrix_appservice_kakaotalk_sqlite_database_path_local }}"
+ dst: "{{ matrix_appservice_kakaotalk_database_connection_string }}"
+ caller: "{{ role_path|basename }}"
+ engine_variable_name: 'matrix_appservice_kakaotalk_database_engine'
+ engine_old: 'sqlite'
+ systemd_services_to_stop: ['matrix-appservice-kakaotalk.service']
+ pgloader_options: ['--with "quote identifiers"']
+
+ - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
+
+ - set_fact:
+ matrix_appservice_kakaotalk_requires_restart: true
+ when: "matrix_appservice_kakaotalk_sqlite_database_path_local_stat_result.stat.exists|bool"
+ when: "matrix_appservice_kakaotalk_database_engine == 'postgres'"
+
+
+- name: Ensure Matrix Appservice KakaoTalk paths exist
+ file:
+ path: "{{ item.path }}"
+ state: directory
+ mode: 0750
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+ with_items:
+ - {path: "{{ matrix_appservice_kakaotalk_base_path }}", when: true}
+ - {path: "{{ matrix_appservice_kakaotalk_data_path }}", when: true}
+ - {path: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}", when: "{{ matrix_appservice_kakaotalk_container_image_self_build }}"}
+ - {path: "{{ matrix_appservice_kakaotalk_node_base_path }}", when: true}
+ - {path: "{{ matrix_appservice_kakaotalk_node_container_image_self_build_repo_path }}", when: "{{ matrix_appservice_kakaotalk_node_container_image_self_build }}"}
+ when: item.when|bool
+
+- name: Ensure Matrix Appservice KakaoTalk image is pulled
+ docker_image:
+ name: "{{ matrix_appservice_kakaotalk_docker_image }}"
+ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+ force_source: "{{ matrix_appservice_kakaotalk_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_docker_image_force_pull }}"
+ when: not matrix_appservice_kakaotalk_container_image_self_build
+ register: result
+ retries: "{{ matrix_container_retries_count }}"
+ delay: "{{ matrix_container_retries_delay }}"
+ until: result is not failed
+
+- name: Ensure Matrix Appservice KakaoTalk repository is present on self-build
+ git:
+ repo: "{{ matrix_appservice_kakaotalk_container_image_self_build_repo }}"
+ dest: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}"
+ version: "{{ matrix_appservice_kakaotalk_container_image_self_build_branch }}"
+ force: "yes"
+ become: true
+ become_user: "{{ matrix_user_username }}"
+ register: matrix_appservice_kakaotalk_git_pull_results
+ when: "matrix_appservice_kakaotalk_container_image_self_build|bool"
+
+- name: Ensure Matrix Appservice KakaoTalk Docker image is built
+ docker_image:
+ name: "{{ matrix_appservice_kakaotalk_docker_image }}"
+ source: build
+ force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_git_pull_results.changed }}"
+ build:
+ dockerfile: Dockerfile
+ path: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}"
+ pull: true
+ when: "matrix_appservice_kakaotalk_container_image_self_build|bool"
+
+- name: Ensure Matrix Appservice KakaoTalk Node image is pulled
+ docker_image:
+ name: "{{ matrix_appservice_kakaotalk_node_docker_image }}"
+ source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+ force_source: "{{ matrix_appservice_kakaotalk_node_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_node_docker_image_force_pull }}"
+ when: matrix_appservice_kakaotalk_enabled and not matrix_appservice_kakaotalk_node_container_image_self_build|bool
+ register: matrix_appservice_kakaotalk_node_pull_results
+
+- name: Ensure Matrix Appservice KakaoTalk Node repository is present on self-build
+ git:
+ repo: "{{ matrix_appservice_kakaotalk_container_image_self_build_repo }}"
+ dest: "{{ matrix_appservice_kakaotalk_node_container_image_self_build_repo_path }}"
+ version: "{{ matrix_appservice_kakaotalk_node_container_image_self_build_branch }}"
+ force: "yes"
+ become: true
+ become_user: "{{ matrix_user_username }}"
+ register: matrix_appservice_kakaotalk_node_git_pull_results
+ when: "matrix_appservice_kakaotalk_node_container_image_self_build|bool"
+
+- name: Ensure Matrix Appservice KakaoTalk Node image is built
+ docker_image:
+ name: "{{ matrix_appservice_kakaotalk_node_docker_image }}"
+ source: build
+ force_source: "{{ matrix_appservice_kakaotalk_node_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+ force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_node_git_pull_results.changed }}"
+ build:
+ dockerfile: ./Dockerfile
+ path: "{{ matrix_appservice_kakaotalk_node_docker_src_files_path }}"
+ pull: true
+ when: "matrix_appservice_kakaotalk_node_container_image_self_build|bool"
+
+- name: Check if an old database file exists
+ stat:
+ path: "{{ matrix_appservice_kakaotalk_base_path }}/matrix-appservice-kakaotalk.db"
+ register: matrix_appservice_kakaotalk_stat_database
+
+- name: Check if an old matrix state file exists
+ stat:
+ path: "{{ matrix_appservice_kakaotalk_base_path }}/mx-state.json"
+ register: matrix_appservice_kakaotalk_stat_mx_state
+
+- name: (Data relocation) Ensure matrix-appservice-kakaotalk.service is stopped
+ service:
+ name: matrix-appservice-kakaotalk
+ state: stopped
+ enabled: false
+ daemon_reload: true
+ failed_when: false
+ when: "matrix_appservice_kakaotalk_stat_database.stat.exists"
+
+- name: (Data relocation) Move matrix-appservice-kakaotalk database file to ./data directory
+ command: "mv {{ matrix_appservice_kakaotalk_base_path }}/matrix-appservice-kakaotalk.db {{ matrix_appservice_kakaotalk_data_path }}/matrix-appservice-kakaotalk.db"
+ when: "matrix_appservice_kakaotalk_stat_database.stat.exists"
+
+- name: (Data relocation) Move matrix-appservice-kakaotalk mx-state file to ./data directory
+ command: "mv {{ matrix_appservice_kakaotalk_base_path }}/mx-state.json {{ matrix_appservice_kakaotalk_data_path }}/mx-state.json"
+ when: "matrix_appservice_kakaotalk_stat_mx_state.stat.exists"
+
+- name: Ensure matrix-appservice-kakaotalk config.yaml installed
+ copy:
+ content: "{{ matrix_appservice_kakaotalk_configuration|to_nice_yaml(indent=2, width=999999) }}"
+ dest: "{{ matrix_appservice_kakaotalk_data_path }}/config.yaml"
+ mode: 0644
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+
+- name: Ensure matrix-appservice-kakaotalk-node config.json installed
+ copy:
+ content: "{{ matrix_appservice_kakaotalk_node_configuration|to_nice_json }}"
+ dest: "{{ matrix_appservice_kakaotalk_data_path }}/config.json"
+ mode: 0644
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+
+- name: Ensure matrix-appservice-kakaotalk registration.yaml installed
+ copy:
+ content: "{{ matrix_appservice_kakaotalk_registration|to_nice_yaml(indent=2, width=999999) }}"
+ dest: "{{ matrix_appservice_kakaotalk_data_path }}/registration.yaml"
+ mode: 0644
+ owner: "{{ matrix_user_username }}"
+ group: "{{ matrix_user_groupname }}"
+
+- name: Ensure matrix-appservice-kakaotalk-node.service installed
+ template:
+ src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk-node.service.j2"
+ dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service"
+ mode: 0644
+ register: matrix_appservice_kakaotalk_node_systemd_service_result
+
+- name: Ensure matrix-appservice-kakaotalk.service installed
+ template:
+ src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk.service.j2"
+ dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service"
+ mode: 0644
+ register: matrix_appservice_kakaotalk_systemd_service_result
+
+- name: Ensure systemd reloaded after matrix-appservice-kakaotalk.service installation
+ service:
+ daemon_reload: true
+ when: "matrix_appservice_kakaotalk_systemd_service_result.changed or matrix_appservice_kakaotalk_node_systemd_service_result.changed"
+
+- name: Ensure matrix-appservice-kakaotalk.service restarted, if necessary
+ service:
+ name: "matrix-appservice-kakaotalk.service"
+ state: restarted
+ when: "matrix_appservice_kakaotalk_requires_restart|bool"
diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml
new file mode 100644
index 000000000..111f480a0
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml
@@ -0,0 +1,47 @@
+---
+
+# Node service
+- name: Check existence of matrix-appservice-kakaotalk-node service
+ stat:
+ path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service"
+ register: matrix_appservice_kakaotalk_node_service_stat
+
+- name: Ensure matrix-appservice-kakaotalk-node is stopped
+ service:
+ name: matrix-appservice-kakaotalk-node
+ state: stopped
+ enabled: false
+ daemon_reload: true
+ when: "matrix_appservice_kakaotalk_node_service_stat.stat.exists"
+
+- name: Ensure matrix-appservice-kakaotalk-node.service doesn't exist
+ file:
+ path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service"
+ state: absent
+ when: "matrix_appservice_kakaotalk_node_service_stat.stat.exists"
+
+# Bridge service
+- name: Check existence of matrix-appservice-kakaotalk service
+ stat:
+ path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service"
+ register: matrix_appservice_kakaotalk_service_stat
+
+- name: Ensure matrix-appservice-kakaotalk is stopped
+ service:
+ name: matrix-appservice-kakaotalk
+ state: stopped
+ enabled: false
+ daemon_reload: true
+ when: "matrix_appservice_kakaotalk_service_stat.stat.exists"
+
+- name: Ensure matrix-appservice-kakaotalk.service doesn't exist
+ file:
+ path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service"
+ state: absent
+ when: "matrix_appservice_kakaotalk_service_stat.stat.exists"
+
+# All services
+- name: Ensure systemd reloaded after matrix-appservice-kakaotalk_X.service removal
+ service:
+ daemon_reload: true
+ when: "matrix_appservice_kakaotalk_service_stat.stat.exists or matrix_appservice_kakaotalk_node_service_stat.stat.exists"
diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml
new file mode 100644
index 000000000..f2c1f6aaf
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml
@@ -0,0 +1,10 @@
+---
+
+- name: Fail if required settings not defined
+ fail:
+ msg: >-
+ You need to define a required configuration setting (`{{ item }}`).
+ when: "vars[item] == ''"
+ with_items:
+ - "matrix_appservice_kakaotalk_appservice_token"
+ - "matrix_appservice_kakaotalk_homeserver_token"
diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/config.json.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/config.json.j2
new file mode 100644
index 000000000..1be06ad51
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/templates/config.json.j2
@@ -0,0 +1,12 @@
+{
+ "listen": {
+ "type": "unix",
+ "path": "/data/rpc.sock",
+ "force": false
+ },
+ "register_timeout": 3000,
+ "logging_keys": {
+ "request": ["mxid"],
+ "response": ["status"]
+ }
+}
diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2
new file mode 100644
index 000000000..71388c56a
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2
@@ -0,0 +1,287 @@
+#jinja2: lstrip_blocks: "True"
+# Homeserver details.
+homeserver:
+ # The address that this appservice can use to connect to the homeserver.
+ address: {{ matrix_appservice_kakaotalk_homeserver_address }}
+ # The domain of the homeserver (for MXIDs, etc).
+ domain: {{ matrix_appservice_kakaotalk_homeserver_domain }}
+ # Whether or not to verify the SSL certificate of the homeserver.
+ # Only applies if address starts with https://
+ verify_ssl: true
+ # Whether or not the homeserver supports asmux-specific endpoints,
+ # such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically
+ # updating m.direct.
+ asmux: false
+ # Number of retries for all HTTP requests if the homeserver isn't reachable.
+ http_retry_count: 4
+ # The URL to push real-time bridge status to.
+ # If set, the bridge will make POST requests to this URL whenever a user's Facebook MQTT connection state changes.
+ # The bridge will use the appservice as_token to authorize requests.
+ status_endpoint: null
+ # Endpoint for reporting per-message status.
+ message_send_checkpoint_endpoint: null
+ # Whether asynchronous uploads via MSC2246 should be enabled for media.
+ # Requires a media repo that supports MSC2246.
+ async_media: false
+
+# Application service host/registration related details.
+# Changing these values requires regeneration of the registration.
+appservice:
+ # The address that the homeserver can use to connect to this appservice.
+ address: {{ matrix_appservice_kakaotalk_appservice_address }}
+
+ # The hostname and port where this appservice should listen.
+ hostname: 0.0.0.0
+ port: 8080
+ # The maximum body size of appservice API requests (from the homeserver) in mebibytes
+ # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
+ max_body_size: 1
+
+ # The full URI to the database. SQLite and Postgres are supported.
+ # Format examples:
+ # SQLite: sqlite:///filename.db
+ # Postgres: postgres://username:password@hostname/dbname
+ database: {{ matrix_appservice_kakaotalk_appservice_database_uri|to_json }}
+ # Additional arguments for asyncpg.create_pool() or sqlite3.connect()
+ # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
+ # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
+ # For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
+ database_opts:
+ min_size: 5
+ max_size: 10
+
+ # The unique ID of this appservice.
+ id: kakaotalk
+ # Username of the appservice bot.
+ bot_username: kakaotalkbot
+ # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
+ # to leave display name/avatar as-is.
+ bot_displayname: KakaoTalk bridge bot
+ bot_avatar:
+
+ # Whether or not to receive ephemeral events via appservice transactions.
+ # Requires MSC2409 support (i.e. Synapse 1.22+).
+ # You should disable bridge -> sync_with_custom_puppets when this is enabled.
+ ephemeral_events: false
+
+ # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
+ as_token: "{{ matrix_appservice_kakaotalk_appservice_token }}"
+ hs_token: "{{ matrix_appservice_kakaotalk_homeserver_token }}"
+
+# Prometheus telemetry config. Requires prometheus-client to be installed.
+metrics:
+ enabled: false
+ listen_port: 8000
+
+# Manhole config.
+manhole:
+ # Whether or not opening the manhole is allowed.
+ enabled: false
+ # The path for the unix socket.
+ path: /var/tmp/matrix-appservice-kakaotalk.manhole
+ # The list of UIDs who can be added to the whitelist.
+ # If empty, any UIDs can be specified in the open-manhole command.
+ whitelist:
+ - 0
+
+# Config for things that are directly sent to KakaoTalk.
+kakaotalk:
+ device_name: "KakaoTalk Bridge"
+
+# Bridge config
+bridge:
+ # Localpart template of MXIDs for KakaoTalk users.
+ # {userid} is replaced with the user ID of the KakaoTalk user.
+ username_template: "kakaotalk_{userid}"
+ # Displayname template for KakaoTalk users.
+ # {displayname} is replaced with the display name of the KakaoTalk user.
+ displayname_template: '{displayname} (KT)'
+
+ # The prefix for commands. Only required in non-management rooms.
+ command_prefix: "!kt"
+
+ # Number of chats to sync (and create portals for) on startup/login.
+ # Set to 0 to disable automatic syncing, or -1 to sync as much as possible.
+ initial_chat_sync: 20
+ # Whether or not the KakaoTalk users of logged in Matrix users should be
+ # invited to private chats when the user sends a message from another client.
+ invite_own_puppet_to_pm: false
+ # Whether or not to use /sync to get presence, read receipts and typing notifications
+ # when double puppeting is enabled
+ sync_with_custom_puppets: true
+ # Whether or not to update the m.direct account data event when double puppeting is enabled.
+ # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
+ # and is therefore prone to race conditions.
+ sync_direct_chat_list: false
+ # Servers to always allow double puppeting from
+ double_puppet_server_map: {}
+ # example.com: https://example.com
+ # Allow using double puppeting from any server with a valid client .well-known file.
+ double_puppet_allow_discovery: false
+ # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
+ #
+ # If set, custom puppets will be enabled automatically for local users
+ # instead of users having to find an access token and run `login-matrix`
+ # manually.
+ # If using this for other servers than the bridge's server,
+ # you must also set the URL in the double_puppet_server_map.
+ login_shared_secret_map: {{ matrix_appservice_kakaotalk_bridge_login_shared_secret_map|to_json }}
+ # Whether or not to update avatars when syncing all contacts at startup.
+ update_avatar_initial_sync: true
+ # End-to-bridge encryption support options. These require matrix-nio to be installed with pip
+ # and login_shared_secret to be configured in order to get a device for the bridge bot.
+ #
+ # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
+ # application service.
+ encryption:
+ # Allow encryption, work in group chat rooms with e2ee enabled
+ allow: false
+ # Default to encryption, force-enable encryption in all portals the bridge creates
+ # This will cause the bridge bot to be in private chats for the encryption to work properly.
+ default: false
+ # Options for automatic key sharing.
+ key_sharing:
+ # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
+ # You must use a client that supports requesting keys from other users to use this feature.
+ allow: false
+ # Require the requesting device to have a valid cross-signing signature?
+ # This doesn't require that the bridge has verified the device, only that the user has verified it.
+ # Not yet implemented.
+ require_cross_signing: false
+ # Require devices to be verified by the bridge?
+ # Verification by the bridge is not yet implemented.
+ require_verification: true
+ # Whether or not the bridge should send a read receipt from the bridge bot when a message has
+ # been sent to KakaoTalk.
+ delivery_receipts: false
+ # Whether to allow inviting arbitrary mxids to portal rooms
+ allow_invites: false
+ # Whether or not created rooms should have federation enabled.
+ # If false, created portal rooms will never be federated.
+ federate_rooms: true
+ # Settings for backfilling messages from KakaoTalk.
+ backfill:
+ # Whether or not the KakaoTalk users of logged in Matrix users should be
+ # invited to private chats when backfilling history from KakaoTalk. This is
+ # usually needed to prevent rate limits and to allow timestamp massaging.
+ invite_own_puppet: true
+ # Maximum number of messages to backfill initially.
+ # Set to 0 to disable backfilling when creating portal, or -1 to backfill as much as possible.
+ initial_limit: 0
+ # Maximum number of messages to backfill if messages were missed while
+ # the bridge was disconnected.
+ # Set to 0 to disable backfilling missed messages, or -1 to backfill as much as possible.
+ missed_limit: 1000
+ # If using double puppeting, should notifications be disabled
+ # while the initial backfill is in progress?
+ disable_notifications: false
+ # The number of seconds that a disconnection can last without triggering an automatic re-sync
+ # and missed message backfilling when reconnecting.
+ # Set to 0 to always re-sync, or -1 to never re-sync automatically.
+ resync_max_disconnected_time: 5
+ # Should users remain logged in after being disconnected from chatroom updates?
+ # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk.
+ remain_logged_in_on_disconnect: true
+ # May the bridge restore user logins with session tokens instead of requiring a password?
+ # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk.
+ # Note that password-based login will be tried first for users who have saved their password.
+ allow_token_relogin: true
+ # Should the bridge connect users to chatroom updates after a token-based login?
+ # This will disconnect any KakaoTalk PC/bridge sessions that were started since the last connection.
+ # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk.
+ reconnect_on_token_relogin: true
+ # Should the bridge do a resync for connected users on startup?
+ sync_on_startup: true
+ # Whether or not temporary disconnections should send notices to the notice room.
+ # If this is false, disconnections will never send messages and connections will only send
+ # messages if it was disconnected for more than resync_max_disconnected_time seconds.
+ temporary_disconnect_notices: true
+ # Disable bridge notices entirely
+ disable_bridge_notices: false
+ # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
+ # This field will automatically be changed back to false after it,
+ # except if the config file is not writable.
+ resend_bridge_info: false
+ # Whether or not mute status and tags should only be bridged when the portal room is created.
+ tag_only_on_create: true
+ # If set to true, downloading media from the CDN will use a plain aiohttp client without the usual headers or
+ # other configuration. This may be useful if you don't want to use the default proxy for large files.
+ sandbox_media_download: false
+
+ # Permissions for using the bridge.
+ # Permitted values:
+ # user - Use the bridge with puppeting.
+ # admin - Use and administrate the bridge.
+ # Permitted keys:
+ # * - All Matrix users
+ # domain - All users on that homeserver
+ # mxid - Specific user
+ permissions:
+ '{{ matrix_appservice_kakaotalk_homeserver_domain }}': user
+ {% if matrix_admin %}
+ '{{ matrix_admin }}': admin
+ {% endif %}
+
+ relay:
+ # Whether relay mode should be allowed. If allowed, `!kt set-relay` can be used to turn any
+ # authenticated user into a relaybot for that chat.
+ enabled: false
+ # The formats to use when sending messages to KakaoTalk via a relay user.
+ #
+ # Available variables:
+ # $sender_displayname - The display name of the sender (e.g. Example User)
+ # $sender_username - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
+ # $sender_mxid - The Matrix ID of the sender (e.g. @exampleuser:example.com)
+ # $message - The message content
+ message_formats:
+ m.text: '$sender_displayname: $message'
+ m.notice: '$sender_displayname: $message'
+ m.emote: '* $sender_displayname $message'
+ m.file: 'File from $sender_displayname: $message'
+ m.image: 'Image from $sender_displayname: $message'
+ m.audio: 'Audio from $sender_displayname: $message'
+ m.video: 'Video from $sender_displayname: $message'
+ m.location: '$sender_displayname sent a location'
+
+rpc:
+ connection:
+ # Either unix or tcp
+ type: unix
+ # Only for type: unix
+ path: /data/rpc.sock
+ # Only for type: tcp
+ host: localhost
+ port: 29392
+
+# Python logging configuration.
+#
+# See section 16.7.2 of the Python documentation for more info:
+# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
+logging:
+ version: 1
+ formatters:
+ colored:
+ (): matrix_appservice_kakaotalk.util.ColorFormatter
+ format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
+ normal:
+ format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
+ handlers:
+ file:
+ class: logging.handlers.RotatingFileHandler
+ formatter: normal
+ filename: /data/matrix-appservice-kakaotalk.log
+ maxBytes: 10485760
+ backupCount: 10
+ console:
+ class: logging.StreamHandler
+ formatter: colored
+ loggers:
+ mau:
+ level: DEBUG
+ paho:
+ level: INFO
+ aiohttp:
+ level: INFO
+ root:
+ level: DEBUG
+ handlers: [file, console]
diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2
new file mode 100644
index 000000000..6f6e66341
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2
@@ -0,0 +1,39 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=Node backend for Matrix Appservice KakaoTalk
+
+{% for service in matrix_appservice_kakaotalk_node_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+
+{% for service in matrix_appservice_kakaotalk_node_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ matrix_systemd_unit_home_path }}"
+
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true'
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true'
+
+# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
+ExecStartPre={{ matrix_host_command_sleep }} 5
+
+ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \
+ --log-driver=none \
+ --network={{ matrix_docker_network }} \
+ -v {{ matrix_appservice_kakaotalk_data_path }}:/data:z \
+ {{ matrix_appservice_kakaotalk_node_docker_image }}
+
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true'
+
+Restart=always
+RestartSec=30
+SyslogIdentifier=matrix-appservice-kakaotalk-node
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2 b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2
new file mode 100644
index 000000000..856aec515
--- /dev/null
+++ b/roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2
@@ -0,0 +1,38 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=Matrix Appservice KakaoTalk bridge
+{% for service in matrix_appservice_kakaotalk_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+{% for service in matrix_appservice_kakaotalk_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ matrix_systemd_unit_home_path }}"
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true'
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true'
+
+# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
+ExecStartPre={{ matrix_host_command_sleep }} 5
+
+ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk \
+ --log-driver=none \
+ --network={{ matrix_docker_network }} \
+ -v {{ matrix_appservice_kakaotalk_data_path }}:/data:z \
+ {% for arg in matrix_appservice_kakaotalk_container_extra_arguments %}
+ {{ arg }} \
+ {% endfor %}
+ {{ matrix_appservice_kakaotalk_docker_image }}
+
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true'
+Restart=always
+RestartSec=30
+SyslogIdentifier=matrix-appservice-kakaotalk
+
+[Install]
+WantedBy=multi-user.target
diff --git a/setup.yml b/setup.yml
index 49612a8cd..30538d819 100755
--- a/setup.yml
+++ b/setup.yml
@@ -17,6 +17,7 @@
- matrix-bridge-appservice-slack
- matrix-bridge-appservice-webhooks
- matrix-bridge-appservice-irc
+ - matrix-bridge-appservice-kakaotalk
- matrix-bridge-beeper-linkedin
- matrix-bridge-go-skype-bridge
- matrix-bridge-mautrix-facebook