Add KakaoTalk bridge

docs/configuring-playbook-bridge-appservice-kakaotalk.md

@@ -0,0 +1,23 @@
+# Setting up Matrix Appservice KakaoTalk (optional)
+
+The playbook can install and configure
+[matrix-appservice-kakaotalk](https://src.miscworks.net/fair/matrix-appservice-kakaotalk) for you.
+
+See the project page to learn what it does and why it might be useful to you.
+
+To enable the [KakaoTalk](https://www.kakaocorp.com/page/service/service/KakaoTalk) bridge just use the following
+playbook configuration:
+
+
+```yaml
+matrix_appservice_kakaotalk_enabled: true
+```
+
+
+## Usage
+
+Once the bot is enabled, you need to start a chat with `KakaoTalk bridge bot`
+with the handle `@kakaotalkbot:YOUR_DOMAIN` (where `YOUR_DOMAIN` is your base
+domain, not the `matrix.` domain).
+
+Send `help` to the bot to see the commands available.

docs/configuring-playbook.md

@@ -118,6 +118,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins
 
 - [Setting up Appservice Webhooks bridging](configuring-playbook-bridge-appservice-webhooks.md) (optional)
 
+- [Setting up Matrix Appservice KakaoTalk bridging](configuring-playbook-bridge-appservice-kakaotalk.md) (optional)
+
 - [Setting up matrix-hookshot](configuring-playbook-bridge-hookshot.md) - a bridge between Matrix and multiple project management services, such as [GitHub](https://github.com), [GitLab](https://about.gitlab.com) and [JIRA](https://www.atlassian.com/software/jira). (optional)
 
 - ~~[Setting up MX Puppet Skype bridging](configuring-playbook-bridge-mx-puppet-skype.md)~~ (optional) - this component has been broken for a long time, so it has been removed from the playbook. Consider [Setting up Go Skype Bridge bridging](configuring-playbook-bridge-go-skype-bridge.md)

group_vars/matrix_servers

@@ -214,6 +214,49 @@ matrix_appservice_irc_database_password: "{{ '%s' | format(matrix_homeserver_gen
 ######################################################################
 
 
+######################################################################
+#
+# matrix-bridge-appservice-kakaotalk
+#
+######################################################################
+
+# We don't enable bridges by default.
+matrix_appservice_kakaotalk_enabled: false
+
+matrix_appservice_kakaotalk_container_image_self_build: true
+
+matrix_appservice_kakaotalk_node_container_image_self_build: true
+
+matrix_appservice_kakaotalk_systemd_required_services_list: |
+  {{
+    ['docker.service']
+    +
+    ['matrix-' + matrix_homeserver_implementation + '.service']
+    +
+    (['matrix-postgres.service'] if matrix_postgres_enabled else [])
+    +
+    (['matrix-nginx-proxy.service'] if matrix_nginx_proxy_enabled else [])
+    +
+    ['matrix-appservice-kakaotalk-node.service']
+  }}
+
+matrix_appservice_kakaotalk_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'kt.as.token') | to_uuid }}"
+
+matrix_appservice_kakaotalk_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'kt.hs.token') | to_uuid }}"
+
+matrix_appservice_kakaotalk_login_shared_secret: "{{ matrix_synapse_ext_password_provider_shared_secret_auth_shared_secret if matrix_synapse_ext_password_provider_shared_secret_auth_enabled else '' }}"
+
+# Postgres is the default, except if not using `matrix_postgres` (internal postgres)
+matrix_appservice_kakaotalk_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}"
+matrix_appservice_kakaotalk_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'as.kt.db') | to_uuid }}"
+
+######################################################################
+#
+# /matrix-bridge-appservice-kakaotalk
+#
+######################################################################
+
+
 ######################################################################
 #
 # matrix-bridge-beeper-linkedin
@@ -1811,6 +1854,12 @@ matrix_postgres_additional_databases: |
       'password': matrix_appservice_irc_database_password,
     }] if (matrix_appservice_irc_enabled and matrix_appservice_irc_database_engine == 'postgres' and matrix_appservice_irc_database_hostname == 'matrix-postgres') else [])
     +
+    ([{
+      'name': matrix_appservice_kakaotalk_database_name,
+      'username': matrix_appservice_kakaotalk_database_username,
+      'password': matrix_appservice_kakaotalk_database_password,
+    }] if (matrix_appservice_kakaotalk_enabled and matrix_appservice_kakaotalk_database_engine == 'postgres' and matrix_appservice_kakaotalk_database_hostname == 'matrix-postgres') else [])
+    +
     ([{
       'name': matrix_beeper_linkedin_database_name,
       'username': matrix_beeper_linkedin_database_username,

roles/matrix-bridge-appservice-kakaotalk/defaults/main.yml

@@ -0,0 +1,158 @@
+---
+# Matrix Appservice KakaoTalk is a Matrix <-> KakaoTalk bridge
+# See: https://src.miscworks.net/fair/matrix-appservice-kakaotalk
+
+matrix_appservice_kakaotalk_enabled: true
+
+matrix_appservice_kakaotalk_container_image_self_build: true
+matrix_appservice_kakaotalk_container_image_self_build_repo: "https://src.miscworks.net/fair/matrix-appservice-kakaotalk"
+matrix_appservice_kakaotalk_container_image_self_build_branch: "{{ 'master' if matrix_appservice_kakaotalk_version == 'latest' else matrix_appservice_kakaotalk_version }}"
+
+matrix_appservice_kakaotalk_version: latest
+matrix_appservice_kakaotalk_docker_image: "{{ matrix_appservice_kakaotalk_docker_image_name_prefix }}fair/matrix-appservice-kakaotalk:{{ matrix_appservice_kakaotalk_version }}"
+matrix_appservice_kakaotalk_docker_image_name_prefix: "localhost/"
+matrix_appservice_kakaotalk_docker_image_force_pull: "{{ matrix_appservice_kakaotalk_docker_image.endswith(':latest') }}"
+
+matrix_appservice_kakaotalk_base_path: "{{ matrix_base_data_path }}/matrix-appservice-kakaotalk"
+matrix_appservice_kakaotalk_data_path: "{{ matrix_appservice_kakaotalk_base_path }}/data"
+matrix_appservice_kakaotalk_docker_src_files_path: "{{ matrix_appservice_kakaotalk_base_path }}/docker-src"
+
+matrix_appservice_kakaotalk_node_container_image_self_build: true
+matrix_appservice_kakaotalk_node_container_image_self_build_repo_path: "{{ matrix_appservice_kakaotalk_node_base_path }}/docker-src"
+matrix_appservice_kakaotalk_node_container_image_self_build_branch: "{{ 'master' if matrix_appservice_kakaotalk_version == 'latest' else matrix_appservice_kakaotalk_version }}"
+
+matrix_appservice_kakaotalk_node_docker_image: "{{ matrix_appservice_kakaotalk_node_docker_image_name_prefix }}fair/matrix-appservice-kakaotalk-node:{{ matrix_appservice_kakaotalk_version }}"
+matrix_appservice_kakaotalk_node_docker_image_name_prefix: "localhost/"
+matrix_appservice_kakaotalk_node_docker_image_force_pull: "{{ matrix_appservice_kakaotalk_node_docker_image.endswith(':latest') }}"
+
+matrix_appservice_kakaotalk_node_base_path: "{{ matrix_base_data_path }}/matrix-appservice-kakaotalk-node"
+matrix_appservice_kakaotalk_node_docker_src_files_path: "{{ matrix_appservice_kakaotalk_node_base_path }}/docker-src/node"
+
+matrix_appservice_kakaotalk_homeserver_address: "{{ matrix_homeserver_container_url }}"
+matrix_appservice_kakaotalk_homeserver_domain: "{{ matrix_domain }}"
+matrix_appservice_kakaotalk_appservice_address: 'http://matrix-appservice-kakaotalk:8080'
+
+# A list of extra arguments to pass to the container
+matrix_appservice_kakaotalk_container_extra_arguments: []
+
+# List of systemd services that matrix-appservice-kakaotalk.service depends on.
+matrix_appservice_kakaotalk_systemd_required_services_list:
+  - 'docker.service'
+  - 'matrix-appservice-kakaotalk-node.service'
+
+# List of systemd services that matrix-appservice-kakaotalk.service wants
+matrix_appservice_kakaotalk_systemd_wanted_services_list: []
+
+# List of systemd services that matrix-appservice-kakaotalk-node.service depends on.
+matrix_appservice_kakaotalk_node_systemd_required_services_list: ['docker.service']
+
+# List of systemd services that matrix-appservice-kakaotalk-node.service wants
+matrix_appservice_kakaotalk_node_systemd_wanted_services_list: []
+
+matrix_appservice_kakaotalk_appservice_token: ''
+matrix_appservice_kakaotalk_homeserver_token: ''
+
+matrix_appservice_kakaotalk_appservice_bot_username: kakaotalkbot
+
+# Whether or not created rooms should have federation enabled.
+# If false, created portal rooms will never be federated.
+matrix_appservice_kakaotalk_federate_rooms: true
+
+# Database-related configuration fields.
+#
+# To use SQLite, stick to these defaults.
+#
+# To use Postgres:
+# - change the engine (`matrix_appservice_kakaotalk_database_engine: 'postgres'`)
+# - adjust your database credentials via the `matrix_appservice_kakaotalk_database_*` variables
+matrix_appservice_kakaotalk_database_engine: 'sqlite'
+
+matrix_appservice_kakaotalk_sqlite_database_path_local: "{{ matrix_appservice_kakaotalk_data_path }}/matrix-appservice-kakaotalk.db"
+matrix_appservice_kakaotalk_sqlite_database_path_in_container: "/data/matrix-appservice-kakaotalk.db"
+
+matrix_appservice_kakaotalk_database_username: 'matrix_appservice_kakaotalk'
+matrix_appservice_kakaotalk_database_password: 'some-password'
+matrix_appservice_kakaotalk_database_hostname: 'matrix-postgres'
+matrix_appservice_kakaotalk_database_port: 5432
+matrix_appservice_kakaotalk_database_name: 'matrix_appservice_kakaotalk'
+
+matrix_appservice_kakaotalk_database_connection_string: 'postgresql://{{ matrix_appservice_kakaotalk_database_username }}:{{ matrix_appservice_kakaotalk_database_password }}@{{ matrix_appservice_kakaotalk_database_hostname }}:{{ matrix_appservice_kakaotalk_database_port }}/{{ matrix_appservice_kakaotalk_database_name }}?sslmode=disable'
+
+matrix_appservice_kakaotalk_appservice_database_type: "{{
+	{
+		'sqlite': 'sqlite3',
+		'postgres':'postgres',
+	}[matrix_appservice_kakaotalk_database_engine]
+}}"
+
+matrix_appservice_kakaotalk_appservice_database_uri: "{{
+	{
+		'sqlite': matrix_appservice_kakaotalk_sqlite_database_path_in_container,
+		'postgres': matrix_appservice_kakaotalk_database_connection_string,
+	}[matrix_appservice_kakaotalk_database_engine]
+}}"
+
+# Can be set to enable automatic double-puppeting via Shared Secret Auth (https://github.com/devture/matrix-synapse-shared-secret-auth).
+matrix_appservice_kakaotalk_login_shared_secret: ''
+matrix_appservice_kakaotalk_bridge_login_shared_secret_map:
+  "{{ {matrix_appservice_kakaotalk_homeserver_domain: matrix_appservice_kakaotalk_login_shared_secret} if matrix_appservice_kakaotalk_login_shared_secret else {} }}"
+
+# Servers to always allow double puppeting from
+matrix_appservice_kakaotalk_bridge_double_puppet_server_map:
+  "{{ matrix_appservice_kakaotalk_homeserver_domain :  matrix_appservice_kakaotalk_homeserver_address }}"
+
+# Default matrix-appservice-kakaotalk configuration template which covers the generic use case.
+# You can customize it by controlling the various variables inside it.
+#
+# For a more advanced customization, you can extend the default (see `matrix_appservice_kakaotalk_configuration_extension_yaml`)
+# or completely replace this variable with your own template.
+matrix_appservice_kakaotalk_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"
+
+matrix_appservice_kakaotalk_configuration_extension_yaml: |
+  # Your custom YAML configuration goes here.
+  # This configuration extends the default starting configuration (`matrix_appservice_kakaotalk_configuration_yaml`).
+  #
+  # You can override individual variables from the default configuration, or introduce new ones.
+  #
+  # If you need something more special, you can take full control by
+  # completely redefining `matrix_appservice_kakaotalk_configuration_yaml`.
+
+matrix_appservice_kakaotalk_configuration_extension: "{{ matrix_appservice_kakaotalk_configuration_extension_yaml|from_yaml if matrix_appservice_kakaotalk_configuration_extension_yaml|from_yaml is mapping else {} }}"
+
+# Holds the final configuration (a combination of the default and its extension).
+# You most likely don't need to touch this variable. Instead, see `matrix_appservice_kakaotalk_configuration_yaml`.
+matrix_appservice_kakaotalk_configuration: "{{ matrix_appservice_kakaotalk_configuration_yaml|from_yaml|combine(matrix_appservice_kakaotalk_configuration_extension, recursive=True) }}"
+
+matrix_appservice_kakaotalk_node_configuration_json: "{{ lookup('template', 'templates/config.json.j2') }}"
+
+matrix_appservice_kakaotalk_node_configuration_extension_json: '{}'
+
+matrix_appservice_kakaotalk_node_configuration_extension: "{{ matrix_appservice_kakaotalk_node_configuration_extension_json|from_json if matrix_appservice_kakaotalk_node_configuration_extension_json|from_json is mapping else {} }}"
+
+matrix_appservice_kakaotalk_node_configuration: "{{ matrix_appservice_kakaotalk_node_configuration_json|combine(matrix_appservice_kakaotalk_node_configuration_extension, recursive=True) }}"
+
+matrix_appservice_kakaotalk_registration_yaml: |
+  id: kakaotalk
+  url: {{ matrix_appservice_kakaotalk_appservice_address }}
+  as_token: "{{ matrix_appservice_kakaotalk_appservice_token }}"
+  hs_token: "{{ matrix_appservice_kakaotalk_homeserver_token }}"
+  # See https://github.com/mautrix/signal/issues/43
+  sender_localpart: _bot_{{ matrix_appservice_kakaotalk_appservice_bot_username }}
+  rate_limited: false
+  namespaces:
+      users:
+      - regex: '^@kakaotalk_.+:{{ matrix_appservice_kakaotalk_homeserver_domain|regex_escape }}$'
+        exclusive: true
+      - exclusive: true
+        regex: '^@{{ matrix_appservice_kakaotalk_appservice_bot_username|regex_escape }}:{{ matrix_appservice_kakaotalk_homeserver_domain|regex_escape }}$'
+  de.sorunome.msc2409.push_ephemeral: true
+
+matrix_appservice_kakaotalk_registration: "{{ matrix_appservice_kakaotalk_registration_yaml|from_yaml }}"
+
+# Enable End-to-bridge encryption
+matrix_appservice_kakaotalk_bridge_encryption_allow: false
+matrix_appservice_kakaotalk_bridge_encryption_default: "{{ matrix_appservice_kakaotalk_bridge_encryption_allow }}"
+
+# Minimum severity of journal log messages.
+# Options: debug, info, warn, error, fatal
+matrix_appservice_kakaotalk_log_level: 'warn'

roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml

@@ -0,0 +1,21 @@
+---
+- set_fact:
+    matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-appservice-kakaotalk.service', 'matrix-appservice-kakaotalk-node.service'] }}"
+  when: matrix_appservice_kakaotalk_enabled|bool
+
+# If the matrix-synapse role is not used, these variables may not exist.
+- set_fact:
+    matrix_synapse_container_extra_arguments: >
+      {{
+        matrix_synapse_container_extra_arguments|default([])
+        +
+        ["--mount type=bind,src={{ matrix_appservice_kakaotalk_data_path }}/registration.yaml,dst=/matrix-appservice-kakaotalk-registration.yaml,ro"]
+      }}
+
+    matrix_synapse_app_service_config_files: >
+      {{
+        matrix_synapse_app_service_config_files|default([])
+        +
+        ["/matrix-appservice-kakaotalk-registration.yaml"]
+      }}
+  when: matrix_appservice_kakaotalk_enabled|bool

roles/matrix-bridge-appservice-kakaotalk/tasks/main.yml

@@ -0,0 +1,23 @@
+---
+
+- import_tasks: "{{ role_path }}/tasks/init.yml"
+  tags:
+    - always
+
+- import_tasks: "{{ role_path }}/tasks/validate_config.yml"
+  when: "run_setup|bool and matrix_appservice_kakaotalk_enabled|bool"
+  tags:
+    - setup-all
+    - setup-appservice-kakaotalk
+
+- import_tasks: "{{ role_path }}/tasks/setup_install.yml"
+  when: "run_setup|bool and matrix_appservice_kakaotalk_enabled|bool"
+  tags:
+    - setup-all
+    - setup-appservice-kakaotalk
+
+- import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml"
+  when: "run_setup|bool and not matrix_appservice_kakaotalk_enabled|bool"
+  tags:
+    - setup-all
+    - setup-appservice-kakaotalk

roles/matrix-bridge-appservice-kakaotalk/tasks/setup_install.yml

@@ -0,0 +1,195 @@
+---
+
+# If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist.
+# We don't want to fail in such cases.
+- name: Fail if matrix-synapse role already executed
+  fail:
+    msg: >-
+      The matrix-bridge-appservice-kakaotalk role needs to execute before the matrix-synapse role.
+  when: "matrix_synapse_role_executed|default(False)"
+
+- set_fact:
+    matrix_appservice_kakaotalk_requires_restart: false
+
+- block:
+    - name: Check if an SQLite database already exists
+      stat:
+        path: "{{ matrix_appservice_kakaotalk_sqlite_database_path_local }}"
+      register: matrix_appservice_kakaotalk_sqlite_database_path_local_stat_result
+
+    - block:
+        - set_fact:
+            matrix_postgres_db_migration_request:
+              src: "{{ matrix_appservice_kakaotalk_sqlite_database_path_local }}"
+              dst: "{{ matrix_appservice_kakaotalk_database_connection_string }}"
+              caller: "{{ role_path|basename }}"
+              engine_variable_name: 'matrix_appservice_kakaotalk_database_engine'
+              engine_old: 'sqlite'
+              systemd_services_to_stop: ['matrix-appservice-kakaotalk.service']
+              pgloader_options: ['--with "quote identifiers"']
+
+        - import_tasks: "{{ role_path }}/../matrix-postgres/tasks/util/migrate_db_to_postgres.yml"
+
+        - set_fact:
+            matrix_appservice_kakaotalk_requires_restart: true
+      when: "matrix_appservice_kakaotalk_sqlite_database_path_local_stat_result.stat.exists|bool"
+  when: "matrix_appservice_kakaotalk_database_engine == 'postgres'"
+
+
+- name: Ensure Matrix Appservice KakaoTalk paths exist
+  file:
+    path: "{{ item.path }}"
+    state: directory
+    mode: 0750
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+  with_items:
+    - {path: "{{ matrix_appservice_kakaotalk_base_path }}", when: true}
+    - {path: "{{ matrix_appservice_kakaotalk_data_path }}", when: true}
+    - {path: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}", when: "{{ matrix_appservice_kakaotalk_container_image_self_build }}"}
+    - {path: "{{ matrix_appservice_kakaotalk_node_base_path }}", when: true}
+    - {path: "{{ matrix_appservice_kakaotalk_node_container_image_self_build_repo_path }}", when: "{{ matrix_appservice_kakaotalk_node_container_image_self_build }}"}
+  when: item.when|bool
+
+- name: Ensure Matrix Appservice KakaoTalk image is pulled
+  docker_image:
+    name: "{{ matrix_appservice_kakaotalk_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_appservice_kakaotalk_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_docker_image_force_pull }}"
+  when: not matrix_appservice_kakaotalk_container_image_self_build
+  register: result
+  retries: "{{ matrix_container_retries_count }}"
+  delay: "{{ matrix_container_retries_delay }}"
+  until: result is not failed
+
+- name: Ensure Matrix Appservice KakaoTalk repository is present on self-build
+  git:
+    repo: "{{ matrix_appservice_kakaotalk_container_image_self_build_repo }}"
+    dest: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}"
+    version: "{{ matrix_appservice_kakaotalk_container_image_self_build_branch }}"
+    force: "yes"
+  become: true
+  become_user: "{{ matrix_user_username }}"
+  register: matrix_appservice_kakaotalk_git_pull_results
+  when: "matrix_appservice_kakaotalk_container_image_self_build|bool"
+
+- name: Ensure Matrix Appservice KakaoTalk Docker image is built
+  docker_image:
+    name: "{{ matrix_appservice_kakaotalk_docker_image }}"
+    source: build
+    force_source: "{{ matrix_appservice_kakaotalk_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_git_pull_results.changed }}"
+    build:
+      dockerfile: Dockerfile
+      path: "{{ matrix_appservice_kakaotalk_docker_src_files_path }}"
+      pull: true
+  when: "matrix_appservice_kakaotalk_container_image_self_build|bool"
+
+- name: Ensure Matrix Appservice KakaoTalk Node image is pulled
+  docker_image:
+    name: "{{ matrix_appservice_kakaotalk_node_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_appservice_kakaotalk_node_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_node_docker_image_force_pull }}"
+  when: matrix_appservice_kakaotalk_enabled and not matrix_appservice_kakaotalk_node_container_image_self_build|bool
+  register: matrix_appservice_kakaotalk_node_pull_results
+
+- name: Ensure Matrix Appservice KakaoTalk Node repository is present on self-build
+  git:
+    repo: "{{ matrix_appservice_kakaotalk_container_image_self_build_repo }}"
+    dest: "{{ matrix_appservice_kakaotalk_node_container_image_self_build_repo_path }}"
+    version: "{{ matrix_appservice_kakaotalk_node_container_image_self_build_branch }}"
+    force: "yes"
+  become: true
+  become_user: "{{ matrix_user_username }}"
+  register: matrix_appservice_kakaotalk_node_git_pull_results
+  when: "matrix_appservice_kakaotalk_node_container_image_self_build|bool"
+
+- name: Ensure Matrix Appservice KakaoTalk Node image is built
+  docker_image:
+    name: "{{ matrix_appservice_kakaotalk_node_docker_image }}"
+    source: build
+    force_source: "{{ matrix_appservice_kakaotalk_node_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_appservice_kakaotalk_node_git_pull_results.changed }}"
+    build:
+      dockerfile: ./Dockerfile
+      path: "{{ matrix_appservice_kakaotalk_node_docker_src_files_path }}"
+      pull: true
+  when: "matrix_appservice_kakaotalk_node_container_image_self_build|bool"
+
+- name: Check if an old database file exists
+  stat:
+    path: "{{ matrix_appservice_kakaotalk_base_path }}/matrix-appservice-kakaotalk.db"
+  register: matrix_appservice_kakaotalk_stat_database
+
+- name: Check if an old matrix state file exists
+  stat:
+    path: "{{ matrix_appservice_kakaotalk_base_path }}/mx-state.json"
+  register: matrix_appservice_kakaotalk_stat_mx_state
+
+- name: (Data relocation) Ensure matrix-appservice-kakaotalk.service is stopped
+  service:
+    name: matrix-appservice-kakaotalk
+    state: stopped
+    enabled: false
+    daemon_reload: true
+  failed_when: false
+  when: "matrix_appservice_kakaotalk_stat_database.stat.exists"
+
+- name: (Data relocation) Move matrix-appservice-kakaotalk database file to ./data directory
+  command: "mv {{ matrix_appservice_kakaotalk_base_path }}/matrix-appservice-kakaotalk.db {{ matrix_appservice_kakaotalk_data_path }}/matrix-appservice-kakaotalk.db"
+  when: "matrix_appservice_kakaotalk_stat_database.stat.exists"
+
+- name: (Data relocation) Move matrix-appservice-kakaotalk mx-state file to ./data directory
+  command: "mv {{ matrix_appservice_kakaotalk_base_path }}/mx-state.json {{ matrix_appservice_kakaotalk_data_path }}/mx-state.json"
+  when: "matrix_appservice_kakaotalk_stat_mx_state.stat.exists"
+
+- name: Ensure matrix-appservice-kakaotalk config.yaml installed
+  copy:
+    content: "{{ matrix_appservice_kakaotalk_configuration|to_nice_yaml(indent=2, width=999999) }}"
+    dest: "{{ matrix_appservice_kakaotalk_data_path }}/config.yaml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure matrix-appservice-kakaotalk-node config.json installed
+  copy:
+    content: "{{ matrix_appservice_kakaotalk_node_configuration|to_nice_json }}"
+    dest: "{{ matrix_appservice_kakaotalk_data_path }}/config.json"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure matrix-appservice-kakaotalk registration.yaml installed
+  copy:
+    content: "{{ matrix_appservice_kakaotalk_registration|to_nice_yaml(indent=2, width=999999) }}"
+    dest: "{{ matrix_appservice_kakaotalk_data_path }}/registration.yaml"
+    mode: 0644
+    owner: "{{ matrix_user_username }}"
+    group: "{{ matrix_user_groupname }}"
+
+- name: Ensure matrix-appservice-kakaotalk-node.service installed
+  template:
+    src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk-node.service.j2"
+    dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service"
+    mode: 0644
+  register: matrix_appservice_kakaotalk_node_systemd_service_result
+
+- name: Ensure matrix-appservice-kakaotalk.service installed
+  template:
+    src: "{{ role_path }}/templates/systemd/matrix-appservice-kakaotalk.service.j2"
+    dest: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service"
+    mode: 0644
+  register: matrix_appservice_kakaotalk_systemd_service_result
+
+- name: Ensure systemd reloaded after matrix-appservice-kakaotalk.service installation
+  service:
+    daemon_reload: true
+  when: "matrix_appservice_kakaotalk_systemd_service_result.changed or matrix_appservice_kakaotalk_node_systemd_service_result.changed"
+
+- name: Ensure matrix-appservice-kakaotalk.service restarted, if necessary
+  service:
+    name: "matrix-appservice-kakaotalk.service"
+    state: restarted
+  when: "matrix_appservice_kakaotalk_requires_restart|bool"

roles/matrix-bridge-appservice-kakaotalk/tasks/setup_uninstall.yml

@@ -0,0 +1,47 @@
+---
+
+# Node service
+- name: Check existence of matrix-appservice-kakaotalk-node service
+  stat:
+    path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service"
+  register: matrix_appservice_kakaotalk_node_service_stat
+
+- name: Ensure matrix-appservice-kakaotalk-node is stopped
+  service:
+    name: matrix-appservice-kakaotalk-node
+    state: stopped
+    enabled: false
+    daemon_reload: true
+  when: "matrix_appservice_kakaotalk_node_service_stat.stat.exists"
+
+- name: Ensure matrix-appservice-kakaotalk-node.service doesn't exist
+  file:
+    path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk-node.service"
+    state: absent
+  when: "matrix_appservice_kakaotalk_node_service_stat.stat.exists"
+
+# Bridge service
+- name: Check existence of matrix-appservice-kakaotalk service
+  stat:
+    path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service"
+  register: matrix_appservice_kakaotalk_service_stat
+
+- name: Ensure matrix-appservice-kakaotalk is stopped
+  service:
+    name: matrix-appservice-kakaotalk
+    state: stopped
+    enabled: false
+    daemon_reload: true
+  when: "matrix_appservice_kakaotalk_service_stat.stat.exists"
+
+- name: Ensure matrix-appservice-kakaotalk.service doesn't exist
+  file:
+    path: "{{ matrix_systemd_path }}/matrix-appservice-kakaotalk.service"
+    state: absent
+  when: "matrix_appservice_kakaotalk_service_stat.stat.exists"
+
+# All services
+- name: Ensure systemd reloaded after matrix-appservice-kakaotalk_X.service removal
+  service:
+    daemon_reload: true
+  when: "matrix_appservice_kakaotalk_service_stat.stat.exists or matrix_appservice_kakaotalk_node_service_stat.stat.exists"

roles/matrix-bridge-appservice-kakaotalk/tasks/validate_config.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Fail if required settings not defined
+  fail:
+    msg: >-
+      You need to define a required configuration setting (`{{ item }}`).
+  when: "vars[item] == ''"
+  with_items:
+    - "matrix_appservice_kakaotalk_appservice_token"
+    - "matrix_appservice_kakaotalk_homeserver_token"

roles/matrix-bridge-appservice-kakaotalk/templates/config.json.j2

@@ -0,0 +1,12 @@
+{
+	"listen": {
+		"type": "unix",
+		"path": "/data/rpc.sock",
+		"force": false
+	},
+	"register_timeout": 3000,
+	"logging_keys": {
+		"request": ["mxid"],
+		"response": ["status"]
+	}
+}

roles/matrix-bridge-appservice-kakaotalk/templates/config.yaml.j2

@@ -0,0 +1,287 @@
+#jinja2: lstrip_blocks: "True"
+# Homeserver details.
+homeserver:
+    # The address that this appservice can use to connect to the homeserver.
+    address: {{ matrix_appservice_kakaotalk_homeserver_address }}
+    # The domain of the homeserver (for MXIDs, etc).
+    domain: {{ matrix_appservice_kakaotalk_homeserver_domain }}
+    # Whether or not to verify the SSL certificate of the homeserver.
+    # Only applies if address starts with https://
+    verify_ssl: true
+    # Whether or not the homeserver supports asmux-specific endpoints,
+    # such as /_matrix/client/unstable/net.maunium.asmux/dms for atomically
+    # updating m.direct.
+    asmux: false
+    # Number of retries for all HTTP requests if the homeserver isn't reachable.
+    http_retry_count: 4
+    # The URL to push real-time bridge status to.
+    # If set, the bridge will make POST requests to this URL whenever a user's Facebook MQTT connection state changes.
+    # The bridge will use the appservice as_token to authorize requests.
+    status_endpoint: null
+    # Endpoint for reporting per-message status.
+    message_send_checkpoint_endpoint: null
+    # Whether asynchronous uploads via MSC2246 should be enabled for media.
+    # Requires a media repo that supports MSC2246.
+    async_media: false
+
+# Application service host/registration related details.
+# Changing these values requires regeneration of the registration.
+appservice:
+    # The address that the homeserver can use to connect to this appservice.
+    address: {{ matrix_appservice_kakaotalk_appservice_address }}
+
+    # The hostname and port where this appservice should listen.
+    hostname: 0.0.0.0
+    port: 8080
+    # The maximum body size of appservice API requests (from the homeserver) in mebibytes
+    # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
+    max_body_size: 1
+
+    # The full URI to the database. SQLite and Postgres are supported.
+    # Format examples:
+    #   SQLite:   sqlite:///filename.db
+    #   Postgres: postgres://username:password@hostname/dbname
+    database: {{ matrix_appservice_kakaotalk_appservice_database_uri|to_json }}
+    # Additional arguments for asyncpg.create_pool() or sqlite3.connect()
+    # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
+    # https://docs.python.org/3/library/sqlite3.html#sqlite3.connect
+    # For sqlite, min_size is used as the connection thread pool size and max_size is ignored.
+    database_opts:
+        min_size: 5
+        max_size: 10
+
+    # The unique ID of this appservice.
+    id: kakaotalk
+    # Username of the appservice bot.
+    bot_username: kakaotalkbot
+    # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
+    # to leave display name/avatar as-is.
+    bot_displayname: KakaoTalk bridge bot
+    bot_avatar:
+
+    # Whether or not to receive ephemeral events via appservice transactions.
+    # Requires MSC2409 support (i.e. Synapse 1.22+).
+    # You should disable bridge -> sync_with_custom_puppets when this is enabled.
+    ephemeral_events: false
+
+    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
+    as_token: "{{ matrix_appservice_kakaotalk_appservice_token }}"
+    hs_token: "{{ matrix_appservice_kakaotalk_homeserver_token }}"
+
+# Prometheus telemetry config. Requires prometheus-client to be installed.
+metrics:
+    enabled: false
+    listen_port: 8000
+
+# Manhole config.
+manhole:
+    # Whether or not opening the manhole is allowed.
+    enabled: false
+    # The path for the unix socket.
+    path: /var/tmp/matrix-appservice-kakaotalk.manhole
+    # The list of UIDs who can be added to the whitelist.
+    # If empty, any UIDs can be specified in the open-manhole command.
+    whitelist:
+    - 0
+
+# Config for things that are directly sent to KakaoTalk.
+kakaotalk:
+    device_name: "KakaoTalk Bridge"
+
+# Bridge config
+bridge:
+    # Localpart template of MXIDs for KakaoTalk users.
+    # {userid} is replaced with the user ID of the KakaoTalk user.
+    username_template: "kakaotalk_{userid}"
+    # Displayname template for KakaoTalk users.
+    # {displayname} is replaced with the display name of the KakaoTalk user.
+    displayname_template: '{displayname} (KT)'
+
+    # The prefix for commands. Only required in non-management rooms.
+    command_prefix: "!kt"
+
+    # Number of chats to sync (and create portals for) on startup/login.
+    # Set to 0 to disable automatic syncing, or -1 to sync as much as possible.
+    initial_chat_sync: 20
+    # Whether or not the KakaoTalk users of logged in Matrix users should be
+    # invited to private chats when the user sends a message from another client.
+    invite_own_puppet_to_pm: false
+    # Whether or not to use /sync to get presence, read receipts and typing notifications
+    # when double puppeting is enabled
+    sync_with_custom_puppets: true
+    # Whether or not to update the m.direct account data event when double puppeting is enabled.
+    # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
+    # and is therefore prone to race conditions.
+    sync_direct_chat_list: false
+    # Servers to always allow double puppeting from
+    double_puppet_server_map: {}
+    #    example.com: https://example.com
+    # Allow using double puppeting from any server with a valid client .well-known file.
+    double_puppet_allow_discovery: false
+    # Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
+    #
+    # If set, custom puppets will be enabled automatically for local users
+    # instead of users having to find an access token and run `login-matrix`
+    # manually.
+    # If using this for other servers than the bridge's server,
+    # you must also set the URL in the double_puppet_server_map.
+    login_shared_secret_map: {{ matrix_appservice_kakaotalk_bridge_login_shared_secret_map|to_json }}
+    # Whether or not to update avatars when syncing all contacts at startup.
+    update_avatar_initial_sync: true
+    # End-to-bridge encryption support options. These require matrix-nio to be installed with pip
+    # and login_shared_secret to be configured in order to get a device for the bridge bot.
+    #
+    # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal
+    # application service.
+    encryption:
+        # Allow encryption, work in group chat rooms with e2ee enabled
+        allow: false
+        # Default to encryption, force-enable encryption in all portals the bridge creates
+        # This will cause the bridge bot to be in private chats for the encryption to work properly.
+        default: false
+        # Options for automatic key sharing.
+        key_sharing:
+            # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
+            # You must use a client that supports requesting keys from other users to use this feature.
+            allow: false
+            # Require the requesting device to have a valid cross-signing signature?
+            # This doesn't require that the bridge has verified the device, only that the user has verified it.
+            # Not yet implemented.
+            require_cross_signing: false
+            # Require devices to be verified by the bridge?
+            # Verification by the bridge is not yet implemented.
+            require_verification: true
+    # Whether or not the bridge should send a read receipt from the bridge bot when a message has
+    # been sent to KakaoTalk.
+    delivery_receipts: false
+    # Whether to allow inviting arbitrary mxids to portal rooms
+    allow_invites: false
+    # Whether or not created rooms should have federation enabled.
+    # If false, created portal rooms will never be federated.
+    federate_rooms: true
+    # Settings for backfilling messages from KakaoTalk.
+    backfill:
+        # Whether or not the KakaoTalk users of logged in Matrix users should be
+        # invited to private chats when backfilling history from KakaoTalk. This is
+        # usually needed to prevent rate limits and to allow timestamp massaging.
+        invite_own_puppet: true
+        # Maximum number of messages to backfill initially.
+        # Set to 0 to disable backfilling when creating portal, or -1 to backfill as much as possible.
+        initial_limit: 0
+        # Maximum number of messages to backfill if messages were missed while
+        # the bridge was disconnected.
+        # Set to 0 to disable backfilling missed messages, or -1 to backfill as much as possible.
+        missed_limit: 1000
+        # If using double puppeting, should notifications be disabled
+        # while the initial backfill is in progress?
+        disable_notifications: false
+    # The number of seconds that a disconnection can last without triggering an automatic re-sync
+    # and missed message backfilling when reconnecting.
+    # Set to 0 to always re-sync, or -1 to never re-sync automatically.
+    resync_max_disconnected_time: 5
+    # Should users remain logged in after being disconnected from chatroom updates?
+    # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk.
+    remain_logged_in_on_disconnect: true
+    # May the bridge restore user logins with session tokens instead of requiring a password?
+    # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk.
+    # Note that password-based login will be tried first for users who have saved their password.
+    allow_token_relogin: true
+    # Should the bridge connect users to chatroom updates after a token-based login?
+    # This will disconnect any KakaoTalk PC/bridge sessions that were started since the last connection.
+    # This is a convenience feature, but might make the bridge look more suspicious to KakaoTalk.
+    reconnect_on_token_relogin: true
+    # Should the bridge do a resync for connected users on startup?
+    sync_on_startup: true
+    # Whether or not temporary disconnections should send notices to the notice room.
+    # If this is false, disconnections will never send messages and connections will only send
+    # messages if it was disconnected for more than resync_max_disconnected_time seconds.
+    temporary_disconnect_notices: true
+    # Disable bridge notices entirely
+    disable_bridge_notices: false
+    # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
+    # This field will automatically be changed back to false after it,
+    # except if the config file is not writable.
+    resend_bridge_info: false
+    # Whether or not mute status and tags should only be bridged when the portal room is created.
+    tag_only_on_create: true
+    # If set to true, downloading media from the CDN will use a plain aiohttp client without the usual headers or
+    # other configuration. This may be useful if you don't want to use the default proxy for large files.
+    sandbox_media_download: false
+
+    # Permissions for using the bridge.
+    # Permitted values:
+    #       user - Use the bridge with puppeting.
+    #      admin - Use and administrate the bridge.
+    # Permitted keys:
+    #        * - All Matrix users
+    #   domain - All users on that homeserver
+    #     mxid - Specific user
+    permissions:
+      '{{ matrix_appservice_kakaotalk_homeserver_domain }}': user
+      {% if matrix_admin %}
+      '{{ matrix_admin }}': admin
+      {% endif %}
+
+    relay:
+        # Whether relay mode should be allowed. If allowed, `!kt set-relay` can be used to turn any
+        # authenticated user into a relaybot for that chat.
+        enabled: false
+        # The formats to use when sending messages to KakaoTalk via a relay user.
+        #
+        # Available variables:
+        #   $sender_displayname - The display name of the sender (e.g. Example User)
+        #   $sender_username    - The username (Matrix ID localpart) of the sender (e.g. exampleuser)
+        #   $sender_mxid        - The Matrix ID of the sender (e.g. @exampleuser:example.com)
+        #   $message            - The message content
+        message_formats:
+            m.text: '<b>$sender_displayname</b>: $message'
+            m.notice: '<b>$sender_displayname<b>: $message'
+            m.emote: '* <b>$sender_displayname<b> $message'
+            m.file: 'File from <b>$sender_displayname</b>: $message'
+            m.image: 'Image from <b>$sender_displayname</b>: $message'
+            m.audio: 'Audio from <b>$sender_displayname</b>: $message'
+            m.video: 'Video from <b>$sender_displayname</b>: $message'
+            m.location: '<b>$sender_displayname</b> sent a location'
+
+rpc:
+    connection:
+        # Either unix or tcp
+        type: unix
+        # Only for type: unix
+        path: /data/rpc.sock
+        # Only for type: tcp
+        host: localhost
+        port: 29392
+
+# Python logging configuration.
+#
+# See section 16.7.2 of the Python documentation for more info:
+# https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
+logging:
+    version: 1
+    formatters:
+        colored:
+            (): matrix_appservice_kakaotalk.util.ColorFormatter
+            format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
+        normal:
+            format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
+    handlers:
+        file:
+            class: logging.handlers.RotatingFileHandler
+            formatter: normal
+            filename: /data/matrix-appservice-kakaotalk.log
+            maxBytes: 10485760
+            backupCount: 10
+        console:
+            class: logging.StreamHandler
+            formatter: colored
+    loggers:
+        mau:
+            level: DEBUG
+        paho:
+            level: INFO
+        aiohttp:
+            level: INFO
+    root:
+        level: DEBUG
+        handlers: [file, console]

roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk-node.service.j2

@@ -0,0 +1,39 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=Node backend for Matrix Appservice KakaoTalk
+
+{% for service in matrix_appservice_kakaotalk_node_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+
+{% for service in matrix_appservice_kakaotalk_node_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ matrix_systemd_unit_home_path }}"
+
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true'
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true'
+
+# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
+ExecStartPre={{ matrix_host_command_sleep }} 5
+
+ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk-node \
+			--log-driver=none \
+			--network={{ matrix_docker_network }} \
+			-v {{ matrix_appservice_kakaotalk_data_path }}:/data:z \
+			{{ matrix_appservice_kakaotalk_node_docker_image }}
+
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk-node 2>/dev/null || true'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk-node 2>/dev/null || true'
+
+Restart=always
+RestartSec=30
+SyslogIdentifier=matrix-appservice-kakaotalk-node
+
+[Install]
+WantedBy=multi-user.target

roles/matrix-bridge-appservice-kakaotalk/templates/systemd/matrix-appservice-kakaotalk.service.j2

@@ -0,0 +1,38 @@
+#jinja2: lstrip_blocks: "True"
+[Unit]
+Description=Matrix Appservice KakaoTalk bridge
+{% for service in matrix_appservice_kakaotalk_systemd_required_services_list %}
+Requires={{ service }}
+After={{ service }}
+{% endfor %}
+{% for service in matrix_appservice_kakaotalk_systemd_wanted_services_list %}
+Wants={{ service }}
+{% endfor %}
+DefaultDependencies=no
+
+[Service]
+Type=simple
+Environment="HOME={{ matrix_systemd_unit_home_path }}"
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true'
+ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true'
+
+# Intentional delay, so that the homeserver (we likely depend on) can manage to start.
+ExecStartPre={{ matrix_host_command_sleep }} 5
+
+ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-appservice-kakaotalk \
+			--log-driver=none \
+			--network={{ matrix_docker_network }} \
+			-v {{ matrix_appservice_kakaotalk_data_path }}:/data:z \
+			{% for arg in matrix_appservice_kakaotalk_container_extra_arguments %}
+			{{ arg }} \
+			{% endfor %}
+			{{ matrix_appservice_kakaotalk_docker_image }}
+
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-appservice-kakaotalk 2>/dev/null || true'
+ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-appservice-kakaotalk 2>/dev/null || true'
+Restart=always
+RestartSec=30
+SyslogIdentifier=matrix-appservice-kakaotalk
+
+[Install]
+WantedBy=multi-user.target

setup.yml

@@ -17,6 +17,7 @@
     - matrix-bridge-appservice-slack
     - matrix-bridge-appservice-webhooks
     - matrix-bridge-appservice-irc
+    - matrix-bridge-appservice-kakaotalk
     - matrix-bridge-beeper-linkedin
     - matrix-bridge-go-skype-bridge
     - matrix-bridge-mautrix-facebook