From 3f45805fd2b3b05cd1f3893767d9f25b0760ad3a Mon Sep 17 00:00:00 2001 From: Daniel Sonck Date: Sat, 7 May 2022 12:40:17 +0200 Subject: [PATCH 01/70] Change back to original mx-puppet-discord Closes: #1801 --- .../defaults/main.yml | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml index 522576897..d6e6f859c 100644 --- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -1,27 +1,21 @@ --- # Mx Puppet Discord is a Matrix <-> Discord bridge -# See: https://gitlab.com/beeper/mx-puppet-monorepo (originally based on https://github.com/matrix-discord/mx-puppet-discord) -# -# We use the Beeper-maintained fork, because https://github.com/matrix-discord/mx-puppet-discord is horribly broken often. See: -# - https://github.com/matrix-discord/mx-puppet-discord/issues/201 -# - https://github.com/matrix-discord/mx-puppet-discord/issues/202 -# - https://github.com/matrix-discord/mx-puppet-discord/issues/203 -# - (other similar issues in the past) +# See: https://gitlab.com/mx-puppet/discord/mx-puppet-discord matrix_mx_puppet_discord_enabled: true matrix_mx_puppet_discord_container_image_self_build: false -matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo" +matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/mx-puppet/discord/mx-puppet-discord" matrix_mx_puppet_discord_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_discord_version == 'latest' else matrix_mx_puppet_discord_version }}" -matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "docker/Dockerfile-discord" +matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "Dockerfile" # Controls whether the mx-puppet-discord container exposes its HTTP port (tcp/8432 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_discord_container_http_host_bind_port: '' -matrix_mx_puppet_discord_version: latest -matrix_mx_puppet_discord_docker_image: "{{ matrix_mx_puppet_discord_docker_image_name_prefix }}beeper/mx-puppet-monorepo/discord:{{ matrix_mx_puppet_discord_version }}" +matrix_mx_puppet_discord_version: v0.1.1 +matrix_mx_puppet_discord_docker_image: "{{ matrix_mx_puppet_discord_docker_image_name_prefix }}mx-puppet/discord/mx-puppet-discord:{{ matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_discord_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_discord_docker_image_force_pull: "{{ matrix_mx_puppet_discord_docker_image.endswith(':latest') }}" From 84ea5f6eccf1d5c8962f265e7dfab1384334763e Mon Sep 17 00:00:00 2001 From: Kim Brose Date: Sat, 7 May 2022 14:34:33 +0200 Subject: [PATCH 02/70] Upgrade Hookshot (1.5.0 -> 1.6.1) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 45807ba9c..181bc2cc5 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.5.0 +matrix_hookshot_version: 1.6.1 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 7390646cd5d2879b7928c28701c0cddf42b0bf03 Mon Sep 17 00:00:00 2001 From: HarHarLinks Date: Sat, 7 May 2022 18:42:15 +0200 Subject: [PATCH 03/70] add hookshot feeds support --- roles/matrix-bridge-hookshot/defaults/main.yml | 5 +++++ roles/matrix-bridge-hookshot/templates/config.yml.j2 | 7 +++++++ 2 files changed, 12 insertions(+) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 45807ba9c..74ac714ac 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -121,6 +121,11 @@ matrix_hookshot_generic_allow_js_transformation_functions: false matrix_hookshot_generic_user_id_prefix: '_webhooks_' +matrix_hookshot_feeds_enabled: false +# polling interval in seconds +matrix_hookshot_feeds_interval: 600 + + # There is no need to edit ports. use matrix_hookshot_container_http_host_bind_ports below to expose ports instead. matrix_hookshot_provisioning_port: 9002 matrix_hookshot_provisioning_secret: '' diff --git a/roles/matrix-bridge-hookshot/templates/config.yml.j2 b/roles/matrix-bridge-hookshot/templates/config.yml.j2 index c17715097..6fbce7709 100644 --- a/roles/matrix-bridge-hookshot/templates/config.yml.j2 +++ b/roles/matrix-bridge-hookshot/templates/config.yml.j2 @@ -78,6 +78,13 @@ generic: allowJsTransformationFunctions: {{ matrix_hookshot_generic_allow_js_transformation_functions }} userIdPrefix: {{ matrix_hookshot_generic_user_id_prefix|to_json }} {% endif %} +{% if matrix_hookshot_feeds_enabled %} +feeds: + # (Optional) Configure this to enable RSS/Atom feed support + # + enabled: {{ matrix_hookshot_feeds_enabled }} + pollIntervalSeconds: {{ matrix_hookshot_feeds_interval }} +{% endif %} {% if matrix_hookshot_provisioning_enabled %} provisioning: # (Optional) Provisioning API for integration managers From 04aa609ae51dcc7eb8cdeff478ed651249fe8892 Mon Sep 17 00:00:00 2001 From: Arkonos Date: Sun, 8 May 2022 21:20:36 +0200 Subject: [PATCH 04/70] clarifying reverse proxying of well-known files --- docs/configuring-well-known.md | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 27a4001cf..9a6da547d 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -116,8 +116,22 @@ server { **For Caddy 2**, it would be something like this: ```caddy -reverse_proxy /.well-known/matrix/* https://matrix.DOMAIN { - header_up Host {http.reverse_proxy.upstream.hostport} +DOMAIN.com { + @wellknown { + path /.well-known/matrix/*:x + } + + handle @wellknown { + reverse_proxy https://matrix.DOMAIN.com { + header_up Host {http.reverse_proxy.upstream.hostport} + } + } + # Configration for the base domain goes here + # handle { + # header -Server + # encode zstd gzip + # reverse_proxy localhost:4020 + # } } ``` From 6abdb6e6f086a77b0b4a3b4dccce3e04794de7ad Mon Sep 17 00:00:00 2001 From: Arkonos Date: Sun, 8 May 2022 21:20:36 +0200 Subject: [PATCH 05/70] clarifying reverse proxying of well-known files --- docs/configuring-well-known.md | 18 ++++++++++++++++-- examples/caddy2/Caddyfile | 17 +++++++++++++++++ 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 27a4001cf..9a6da547d 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -116,8 +116,22 @@ server { **For Caddy 2**, it would be something like this: ```caddy -reverse_proxy /.well-known/matrix/* https://matrix.DOMAIN { - header_up Host {http.reverse_proxy.upstream.hostport} +DOMAIN.com { + @wellknown { + path /.well-known/matrix/*:x + } + + handle @wellknown { + reverse_proxy https://matrix.DOMAIN.com { + header_up Host {http.reverse_proxy.upstream.hostport} + } + } + # Configration for the base domain goes here + # handle { + # header -Server + # encode zstd gzip + # reverse_proxy localhost:4020 + # } } ``` diff --git a/examples/caddy2/Caddyfile b/examples/caddy2/Caddyfile index 6370cb015..7d8c193db 100644 --- a/examples/caddy2/Caddyfile +++ b/examples/caddy2/Caddyfile @@ -214,3 +214,20 @@ element.DOMAIN.tld { # } # } #} +DOMAIN.com { + @wellknown { + path /.well-known/matrix/* + } + + handle @wellknown { + reverse_proxy https://matrix.DOMAIN.com { + header_up Host {http.reverse_proxy.upstream.hostport} + } + } + # Configration for the base domain goes here + # handle { + # header -Server + # encode zstd gzip + # reverse_proxy localhost:4020 + # } +} From 527f5bc46973b368101488d1b1b56f9cee9bbbc1 Mon Sep 17 00:00:00 2001 From: Arkonos Date: Sun, 8 May 2022 21:56:14 +0200 Subject: [PATCH 06/70] clarifying where well-known files are created --- docs/configuring-well-known.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 9a6da547d..4a68047be 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -46,7 +46,7 @@ If you decide to go this route, you don't need to read ahead in this document. W If you're managing the base domain by yourself somehow, you'll need to set up serving of some `/.well-known/matrix/*` files from it via HTTPS. -To make things easy for you to set up, this playbook generates and hosts 2 well-known files on the Matrix domain's server (e.g. `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`), even though this is the wrong place to host them. +To make things easy for you to set up, this playbook generates and hosts 2 well-known files on the Matrix domain's server. The files are generated at `/matrix/static-files/.well-known/matrix/` and hosted at `https://matrix.example.com/.well-known/matrix/server` and `https://matrix.example.com/.well-known/matrix/client`, even though this is the wrong place to host them. You have 3 options when it comes to installing the files on the base domain's server: From fcfd00bcb4e71f7a20d3717650842d1431e93260 Mon Sep 17 00:00:00 2001 From: Daniel Sonck Date: Mon, 9 May 2022 23:38:01 +0200 Subject: [PATCH 07/70] Change back to original mx-puppet-slack Closes: #1808 --- .../matrix-bridge-mx-puppet-discord/defaults/main.yml | 2 +- roles/matrix-bridge-mx-puppet-slack/defaults/main.yml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml index d6e6f859c..2a2ecd58a 100644 --- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -5,7 +5,7 @@ matrix_mx_puppet_discord_enabled: true matrix_mx_puppet_discord_container_image_self_build: false -matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/mx-puppet/discord/mx-puppet-discord" +matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/mx-puppet/discord/mx-puppet-discord.git" matrix_mx_puppet_discord_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_discord_version == 'latest' else matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "Dockerfile" diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index bb92c1d8c..0560128fe 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -1,6 +1,6 @@ --- # Mx Puppet Slack is a Matrix <-> Slack bridge -# See: https://gitlab.com/beeper/mx-puppet-monorepo (originally based on https://github.com/Sorunome/mx-puppet-slack) +# See: https://github.com/Sorunome/mx-puppet-slack matrix_mx_puppet_slack_enabled: true @@ -8,17 +8,17 @@ matrix_mx_puppet_slack_oauth_client_id: '' matrix_mx_puppet_slack_oauth_client_secret: '' matrix_mx_puppet_slack_container_image_self_build: false -matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo.git" +matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/mx-puppet/slack/mx-puppet-slack.git" matrix_mx_puppet_slack_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_slack_version == 'latest' else matrix_mx_puppet_slack_version }}" -matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Dockerfile-slack" +matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "Dockerfile" # Controls whether the mx-puppet-slack container exposes its HTTP port (tcp/8432 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_slack_container_http_host_bind_port: '' -matrix_mx_puppet_slack_version: latest -matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}beeper/mx-puppet-monorepo/slack:{{ matrix_mx_puppet_slack_version }}" +matrix_mx_puppet_slack_version: v0.1.0 +matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}mx-puppet/slack/mx-puppet-slack:{{ matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}" From 9fc60d8c868158af533b7c7ea6e70c926f1be181 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 10 May 2022 16:20:34 +0300 Subject: [PATCH 08/70] Revert "Change back to original mx-puppet-slack" This reverts commit fcfd00bcb4e71f7a20d3717650842d1431e93260. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1808 Reverts https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1809 Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1810 --- .../matrix-bridge-mx-puppet-discord/defaults/main.yml | 2 +- roles/matrix-bridge-mx-puppet-slack/defaults/main.yml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml index 2a2ecd58a..d6e6f859c 100644 --- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -5,7 +5,7 @@ matrix_mx_puppet_discord_enabled: true matrix_mx_puppet_discord_container_image_self_build: false -matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/mx-puppet/discord/mx-puppet-discord.git" +matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/mx-puppet/discord/mx-puppet-discord" matrix_mx_puppet_discord_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_discord_version == 'latest' else matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "Dockerfile" diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index 0560128fe..bb92c1d8c 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -1,6 +1,6 @@ --- # Mx Puppet Slack is a Matrix <-> Slack bridge -# See: https://github.com/Sorunome/mx-puppet-slack +# See: https://gitlab.com/beeper/mx-puppet-monorepo (originally based on https://github.com/Sorunome/mx-puppet-slack) matrix_mx_puppet_slack_enabled: true @@ -8,17 +8,17 @@ matrix_mx_puppet_slack_oauth_client_id: '' matrix_mx_puppet_slack_oauth_client_secret: '' matrix_mx_puppet_slack_container_image_self_build: false -matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/mx-puppet/slack/mx-puppet-slack.git" +matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo.git" matrix_mx_puppet_slack_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_slack_version == 'latest' else matrix_mx_puppet_slack_version }}" -matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "Dockerfile" +matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Dockerfile-slack" # Controls whether the mx-puppet-slack container exposes its HTTP port (tcp/8432 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_slack_container_http_host_bind_port: '' -matrix_mx_puppet_slack_version: v0.1.0 -matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}mx-puppet/slack/mx-puppet-slack:{{ matrix_mx_puppet_slack_version }}" +matrix_mx_puppet_slack_version: latest +matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}beeper/mx-puppet-monorepo/slack:{{ matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}" From 62cb801878dd448025e604560ee180d8da099789 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 10 May 2022 13:57:12 +0000 Subject: [PATCH 09/70] Update cinny v1.8.2 -> v2.0.0 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 2ded40482..32e173113 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -5,7 +5,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v1.8.2 +matrix_client_cinny_version: v2.0.0 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 02d4a841c4f96ab6b1d9ec617b6d3033debd613a Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 10 May 2022 14:31:41 +0000 Subject: [PATCH 10/70] Update Element 1.10.11 -> 1.10.12 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index e45458754..ef89bca35 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -9,7 +9,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.10.11 +matrix_client_element_version: v1.10.12 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 3dfda42f3d0e5fcb402e41711e8b859fd0d9ac5a Mon Sep 17 00:00:00 2001 From: Kim Brose Date: Tue, 10 May 2022 16:50:46 +0200 Subject: [PATCH 11/70] Update configuring-playbook-bridge-hookshot.md --- docs/configuring-playbook-bridge-hookshot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index 208ce4e6b..ef6bc0ab1 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -26,7 +26,7 @@ Unless indicated otherwise, the following endpoints are reachable on your `matri | listener | default path | variable | used as | |---|---|---|---| -| webhooks | `/hookshot/webhooks/` | `matrix_hookshot_webhook_endpoint` | generics, GitHub "Webhook URL", etc. | +| webhooks | `/hookshot/webhooks/` | `matrix_hookshot_webhook_endpoint` | generics, GitHub "Webhook URL", GitLab "URL", etc. | | github oauth | `/hookshot/webhooks/oauth` | `matrix_hookshot_github_oauth_endpoint` | GitHub "Callback URL" | | jira oauth | `/hookshot/webhooks/jira/oauth` | `matrix_hookshot_jira_oauth_endpoint` | JIRA OAuth | | figma endpoint | `/hookshot/webhooks/figma/webhook` | `matrix_hookshot_figma_endpoint` | Figma | From 8c505e8a2cab0036541b87163cd7febd09fab3c1 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 10 May 2022 18:38:57 +0300 Subject: [PATCH 12/70] matrix-bot-buscarron v1.1.0 --- roles/matrix-bot-buscarron/defaults/main.yml | 17 ++++++++++++++++- roles/matrix-bot-buscarron/templates/env.j2 | 7 +++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/matrix-bot-buscarron/defaults/main.yml index 96e8ef91a..1e6faec00 100644 --- a/roles/matrix-bot-buscarron/defaults/main.yml +++ b/roles/matrix-bot-buscarron/defaults/main.yml @@ -8,7 +8,7 @@ matrix_bot_buscarron_container_image_self_build: false matrix_bot_buscarron_docker_repo: "https://gitlab.com/etke.cc/buscarron.git" matrix_bot_buscarron_docker_src_files_path: "{{ matrix_base_data_path }}/buscarron/docker-src" -matrix_bot_buscarron_version: v1.0.0 +matrix_bot_buscarron_version: v1.1.0 matrix_bot_buscarron_docker_image: "{{ matrix_bot_buscarron_docker_image_name_prefix }}buscarron:{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_buscarron_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_buscarron_docker_image_force_pull: "{{ matrix_bot_buscarron_docker_image.endswith(':latest') }}" @@ -88,6 +88,21 @@ matrix_bot_buscarron_spam_hosts: [] # spam email addresses matrix_bot_buscarron_spam_emails: [] +# Ban duration in hours +matrix_bot_buscarron_ban_duration: + +# Banlist size +matrix_bot_buscarron_ban_size: + +# Postmark token (confirmation emails) +matrix_bot_buscarron_pm_token: + +# Postmark sender signature +matrix_bot_buscarron_pm_from: + +# Postmark confirmation email's reply-to +matrix_bot_buscarron_pm_replyto: + # Additional environment variables to pass to the buscarron container # # Example: diff --git a/roles/matrix-bot-buscarron/templates/env.j2 b/roles/matrix-bot-buscarron/templates/env.j2 index c833f27be..876072e17 100644 --- a/roles/matrix-bot-buscarron/templates/env.j2 +++ b/roles/matrix-bot-buscarron/templates/env.j2 @@ -7,12 +7,19 @@ BUSCARRON_SPAM_HOSTS={{ matrix_bot_buscarron_spam_hosts|join(" ") }} BUSCARRON_SPAM_EMAILS={{ matrix_bot_buscarron_spam_emails|join(" ") }} BUSCARRON_SENTRY={{ matrix_bot_buscarron_sentry }} BUSCARRON_LOGLEVEL={{ matrix_bot_buscarron_loglevel }} +BUSCARRON_BAN_DURATION={{ matrix_bot_buscarron_ban_duration }} +BUSCARRON_BAN_SIZE={{ matrix_bot_buscarron_ban_size }} +BUSCARRON_PM_TOKEN={{ matrix_bot_buscarron_pm_token }} +BUSCARRON_PM_FROM={{ matrix_bot_buscarron_pm_from }} +BUSCARRON_PM_REPLYTO={{ matrix_bot_buscarron_pm_replyto }} {% set forms = [] %} {% for form in matrix_bot_buscarron_forms -%}{{- forms.append(form.name) -}} BUSCARRON_{{ form.name|upper }}_ROOM={{ form.room|default('') }} BUSCARRON_{{ form.name|upper }}_REDIRECT={{ form.redirect|default('') }} BUSCARRON_{{ form.name|upper }}_RATELIMIT={{ form.ratelimit|default('') }} BUSCARRON_{{ form.name|upper }}_EXTENSIONS={{ form.extensions|default('')|join(' ') }} +BUSCARRON_{{ form.name|upper }}_CONFIRMATION_SUBJECT={{ form.confirmation_subject|default('') }} +BUSCARRON_{{ form.name|upper }}_CONFIRMATION_BODY={{ form.confirmation_body|default('') }} {% endfor %} BUSCARRON_LIST={{ forms|join(" ") }} From d09934c79c270a674cc8d77d1bad8a20d1503712 Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 10 May 2022 18:44:20 +0300 Subject: [PATCH 13/70] matrix-bot-buscarron - set defaults --- roles/matrix-bot-buscarron/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/matrix-bot-buscarron/defaults/main.yml index 1e6faec00..c2b44fa11 100644 --- a/roles/matrix-bot-buscarron/defaults/main.yml +++ b/roles/matrix-bot-buscarron/defaults/main.yml @@ -89,10 +89,10 @@ matrix_bot_buscarron_spam_hosts: [] matrix_bot_buscarron_spam_emails: [] # Ban duration in hours -matrix_bot_buscarron_ban_duration: +matrix_bot_buscarron_ban_duration: 24 # Banlist size -matrix_bot_buscarron_ban_size: +matrix_bot_buscarron_ban_size: 10000 # Postmark token (confirmation emails) matrix_bot_buscarron_pm_token: From eda75e6492e42d63c6ee1c3a28fb2838cf11c5b8 Mon Sep 17 00:00:00 2001 From: Didier 'OdyX' Raboud Date: Wed, 11 May 2022 10:43:57 +0200 Subject: [PATCH 14/70] Bump Slack Appservice to 1.11.0 --- roles/matrix-bridge-appservice-slack/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-appservice-slack/defaults/main.yml b/roles/matrix-bridge-appservice-slack/defaults/main.yml index e303f8340..ae3f55df6 100644 --- a/roles/matrix-bridge-appservice-slack/defaults/main.yml +++ b/roles/matrix-bridge-appservice-slack/defaults/main.yml @@ -8,7 +8,7 @@ matrix_appservice_slack_container_image_self_build: false matrix_appservice_slack_docker_repo: "https://github.com/matrix-org/matrix-appservice-slack.git" matrix_appservice_slack_docker_src_files_path: "{{ matrix_base_data_path }}/appservice-slack/docker-src" -matrix_appservice_slack_version: release-1.10.0 +matrix_appservice_slack_version: release-1.11.0 matrix_appservice_slack_docker_image: "{{ matrix_container_global_registry_prefix }}matrixdotorg/matrix-appservice-slack:{{ matrix_appservice_slack_version }}" matrix_appservice_slack_docker_image_force_pull: "{{ matrix_appservice_slack_docker_image.endswith(':latest') }}" From 34de6c9c664d3299a82b7fcf6dee541a191a0c73 Mon Sep 17 00:00:00 2001 From: brush Date: Fri, 13 May 2022 03:44:16 -0700 Subject: [PATCH 15/70] Update configuring-well-known.md --- docs/configuring-well-known.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index 4a68047be..c27635a58 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -98,16 +98,15 @@ server { } ``` -**For Apache**, it would be something like this: +**For Apache2**, it would be something like this: ```apache ServerName DOMAIN SSLProxyEngine on - - ProxyPass "https://matrix.DOMAIN/.well-known/matrix" - + ProxyPass /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon + ProxyPassReverse /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon # other configuration From 3499b9cd0314746404a9fcd350ea15d967df3c51 Mon Sep 17 00:00:00 2001 From: brush Date: Fri, 13 May 2022 03:45:08 -0700 Subject: [PATCH 16/70] Update configuring-well-known.md --- docs/configuring-well-known.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-well-known.md b/docs/configuring-well-known.md index c27635a58..9a519343b 100644 --- a/docs/configuring-well-known.md +++ b/docs/configuring-well-known.md @@ -105,8 +105,8 @@ server { ServerName DOMAIN SSLProxyEngine on - ProxyPass /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon - ProxyPassReverse /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon + ProxyPass /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon + ProxyPassReverse /.well-known/matrix https://matrix.DOMAIN/.well-known/matrix nocanon # other configuration From 1431a351ab325a905c47491f787146b6f2e80fb4 Mon Sep 17 00:00:00 2001 From: Luis Date: Fri, 13 May 2022 11:57:59 -0300 Subject: [PATCH 17/70] Update configuring-playbook-bridge-hookshot.md fix Hookshot instructions link --- docs/configuring-playbook-bridge-hookshot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index ef6bc0ab1..ea7d80c05 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -16,7 +16,7 @@ Refer to the [official instructions](https://matrix-org.github.io/matrix-hooksho 2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). 3. If you're setting up the GitHub bridge, you'll need to generate and download a private key file after you created your GitHub app. Copy the contents of that file to the variable `matrix_hookshot_github_private_key` so the playbook can install it for you, or use one of the [other methods](#manage-github-private-key-with-matrix-aux-role) explained below. 4. If you've already installed Matrix services using the playbook before, you'll need to re-run it (`--tags=setup-all,start`). If not, proceed with [configuring other playbook services](configuring-playbook.md) and then with [Installing](installing.md). Get back to this guide once ready. Hookshot can be set up individually using the tag `setup-hookshot`. -5. Refer to [Hookshot's official instructions](https://matrix-org.github.io/matrix-hookshot/usage.html) to start using the bridge. **Important:** Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](urls-for-bridges-setup) below. +5. Refer to [Hookshot's official instructions](https://matrix-org.github.io/matrix-hookshot/latest/usage.html) to start using the bridge. **Important:** Note that the different listeners are bound to certain paths which might differ from those assumed by the hookshot documentation, see [URLs for bridges setup](urls-for-bridges-setup) below. Other configuration options are available via the `matrix_hookshot_configuration_extension_yaml` and `matrix_hookshot_registration_extension_yaml` variables, see the comments in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) for how to use them. From 8ec1f4bee01d9eed0ad569708804563a68f934ca Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Fri, 13 May 2022 16:20:04 +0000 Subject: [PATCH 18/70] Update Cinny v2.0.0 -> v2.0.1 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 32e173113..dd9c4dc75 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -5,7 +5,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.0.0 +matrix_client_cinny_version: v2.0.1 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From dca593cf7a8fd5898f1a04fba212258d21f571bb Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sat, 14 May 2022 11:33:19 +0000 Subject: [PATCH 19/70] Update Cinny v2.0.1 -> v2.0.2 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index dd9c4dc75..20d6a8704 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -5,7 +5,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.0.1 +matrix_client_cinny_version: v2.0.2 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 894669eca2092351e6105ef7beba981d96419b5e Mon Sep 17 00:00:00 2001 From: Daniel Sonck Date: Sat, 14 May 2022 21:07:57 +0200 Subject: [PATCH 20/70] Change back to working original mx-puppet-slack Now that v0.1.1 is out, which depends on the functional matrix-slack-parser it works again. --- .../matrix-bridge-mx-puppet-discord/defaults/main.yml | 2 +- roles/matrix-bridge-mx-puppet-slack/defaults/main.yml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml index d6e6f859c..2a2ecd58a 100644 --- a/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-discord/defaults/main.yml @@ -5,7 +5,7 @@ matrix_mx_puppet_discord_enabled: true matrix_mx_puppet_discord_container_image_self_build: false -matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/mx-puppet/discord/mx-puppet-discord" +matrix_mx_puppet_discord_container_image_self_build_repo: "https://gitlab.com/mx-puppet/discord/mx-puppet-discord.git" matrix_mx_puppet_discord_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_discord_version == 'latest' else matrix_mx_puppet_discord_version }}" matrix_mx_puppet_discord_container_image_self_build_dockerfile_path: "Dockerfile" diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index bb92c1d8c..3b069ea24 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -1,6 +1,6 @@ --- # Mx Puppet Slack is a Matrix <-> Slack bridge -# See: https://gitlab.com/beeper/mx-puppet-monorepo (originally based on https://github.com/Sorunome/mx-puppet-slack) +# See: https://github.com/Sorunome/mx-puppet-slack matrix_mx_puppet_slack_enabled: true @@ -8,17 +8,17 @@ matrix_mx_puppet_slack_oauth_client_id: '' matrix_mx_puppet_slack_oauth_client_secret: '' matrix_mx_puppet_slack_container_image_self_build: false -matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/beeper/mx-puppet-monorepo.git" +matrix_mx_puppet_slack_container_image_self_build_repo: "https://gitlab.com/mx-puppet/slack/mx-puppet-slack.git" matrix_mx_puppet_slack_container_image_self_build_version: "{{ 'main' if matrix_mx_puppet_slack_version == 'latest' else matrix_mx_puppet_slack_version }}" -matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "docker/Dockerfile-slack" +matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "Dockerfile" # Controls whether the mx-puppet-slack container exposes its HTTP port (tcp/8432 in the container). # # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_slack_container_http_host_bind_port: '' -matrix_mx_puppet_slack_version: latest -matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}beeper/mx-puppet-monorepo/slack:{{ matrix_mx_puppet_slack_version }}" +matrix_mx_puppet_slack_version: v0.1.1 +matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}mx-puppet/slack/mx-puppet-slack:{{ matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}" From c58c7dc643f2984daa82ef28202dc959a01ff7df Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sun, 15 May 2022 05:45:07 +0000 Subject: [PATCH 21/70] Update Cinny v2.0.2 -> v2.0.3 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 20d6a8704..5b0991cd6 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -5,7 +5,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.0.2 +matrix_client_cinny_version: v2.0.3 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From 2a9b52a1c2757fcb2093198245cf51581f29847f Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Mon, 16 May 2022 04:29:29 +0000 Subject: [PATCH 22/70] Update Element self build repo URL It forwards to the correct place but might as well just update it to the current URL. --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index ef89bca35..7abaf50ca 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -3,7 +3,7 @@ matrix_client_element_enabled: true matrix_client_element_container_image_self_build: false -matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/riot-web.git" +matrix_client_element_container_image_self_build_repo: "https://github.com/vector-im/element-web.git" # Controls whether to patch webpack.config.js when self-building, so that building can pass on low-memory systems (< 4 GB RAM): # - https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1357 # - https://github.com/vector-im/element-web/issues/19544 From 311f44a19cdfd805ba851d601aa0513c3801ae07 Mon Sep 17 00:00:00 2001 From: Aaron Raimist Date: Mon, 16 May 2022 04:36:18 +0000 Subject: [PATCH 23/70] Document `git` as a potential prereq Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1792 --- docs/prerequisites.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/prerequisites.md b/docs/prerequisites.md index 0da1c7157..1ed4befea 100644 --- a/docs/prerequisites.md +++ b/docs/prerequisites.md @@ -20,6 +20,8 @@ If your distro runs within an [LXC container](https://linuxcontainers.org/), you - The [Ansible](http://ansible.com/) program being installed on your own computer. It's used to run this playbook and configures your server for you. Take a look at [our guide about Ansible](ansible.md) for more information, as well as [version requirements](ansible.md#supported-ansible-versions) and alternative ways to run Ansible. +- [`git`](https://git-scm.com/) is the recommended way to download the playbook to your computer. `git` may also be required on the server if you will be [self-building](self-building.md) components. + - An HTTPS-capable web server at the base domain name (``) which is capable of serving static files. Unless you decide to [Serve the base domain from the Matrix server](configuring-playbook-base-domain-serving.md) or alternatively, to use DNS SRV records for [Server Delegation](howto-server-delegation.md). - Properly configured DNS records for `` (details in [Configuring DNS](configuring-dns.md)). From 8ecdfc3ed6818cf77ed42a0f6d5976753635c080 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 16 May 2022 09:26:15 +0200 Subject: [PATCH 24/70] Automatically enable admin api access via nginx (#1830) --- group_vars/matrix_servers | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 67a9339ae..8788ba10c 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1495,7 +1495,7 @@ matrix_nginx_proxy_proxy_matrix_client_api_client_max_body_size_mb: |- }[matrix_homeserver_implementation]|int }} -matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_admin_api_enabled: "{{ matrix_synapse_admin_enabled }}" +matrix_nginx_proxy_proxy_matrix_client_api_forwarded_location_synapse_admin_api_enabled: "{{ matrix_synapse_admin_enabled or matrix_bot_matrix_registration_bot_enabled }}" matrix_nginx_proxy_proxy_matrix_client_redirect_root_uri_to_domain: "{{ matrix_server_fqn_element if matrix_client_element_enabled else '' }}" From f21269f4418ebe707dac079a505cb4fcecd6b267 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 16 May 2022 21:40:31 +0300 Subject: [PATCH 25/70] Upgrade mx-puppet-slack (v0.1.1 -> v0.1.2) Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1829 --- roles/matrix-bridge-mx-puppet-slack/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml index 3b069ea24..b77614f70 100644 --- a/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-slack/defaults/main.yml @@ -17,7 +17,7 @@ matrix_mx_puppet_slack_container_image_self_build_dockerfile_path: "Dockerfile" # Takes an ":" or "" value (e.g. "127.0.0.1:8432"), or empty string to not expose. matrix_mx_puppet_slack_container_http_host_bind_port: '' -matrix_mx_puppet_slack_version: v0.1.1 +matrix_mx_puppet_slack_version: v0.1.2 matrix_mx_puppet_slack_docker_image: "{{ matrix_mx_puppet_slack_docker_image_name_prefix }}mx-puppet/slack/mx-puppet-slack:{{ matrix_mx_puppet_slack_version }}" matrix_mx_puppet_slack_docker_image_name_prefix: "{{ 'localhost/' if matrix_mx_puppet_slack_container_image_self_build else 'registry.gitlab.com/' }}" matrix_mx_puppet_slack_docker_image_force_pull: "{{ matrix_mx_puppet_slack_docker_image.endswith(':latest') }}" From 4109dc3bcd784865b6a71d8be3567260595635af Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Mon, 16 May 2022 19:56:54 +0000 Subject: [PATCH 26/70] Update Postgres (CVE-2022-1552 + last 9.x update) CVE: https://security-tracker.debian.org/tracker/CVE-2022-1552 Source: https://www.postgresql.org/about/news/postgresql-143-137-1211-1116-and-1021-released-2449/ Postgres 9.6 upgrade (**not a CVE fix, 9.x still vulnerable**): https://www.postgresql.org/docs/release/9.6.24/ --- roles/matrix-postgres/defaults/main.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/matrix-postgres/defaults/main.yml b/roles/matrix-postgres/defaults/main.yml index 8593bb83b..bb8202173 100644 --- a/roles/matrix-postgres/defaults/main.yml +++ b/roles/matrix-postgres/defaults/main.yml @@ -22,12 +22,12 @@ matrix_postgres_architecture: amd64 # > LOG: startup process (PID 37) was terminated by signal 11: Segmentation fault matrix_postgres_docker_image_suffix: "{{ '-alpine' if matrix_postgres_architecture in ['amd64', 'arm64'] else '' }}" -matrix_postgres_docker_image_v9: "{{ matrix_container_global_registry_prefix }}postgres:9.6.23{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.20{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.15{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.10{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.6{{ matrix_postgres_docker_image_suffix }}" -matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.2{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v9: "{{ matrix_container_global_registry_prefix }}postgres:9.6.24{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v10: "{{ matrix_container_global_registry_prefix }}postgres:10.21{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v11: "{{ matrix_container_global_registry_prefix }}postgres:11.16{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v12: "{{ matrix_container_global_registry_prefix }}postgres:12.11{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v13: "{{ matrix_container_global_registry_prefix }}postgres:13.7{{ matrix_postgres_docker_image_suffix }}" +matrix_postgres_docker_image_v14: "{{ matrix_container_global_registry_prefix }}postgres:14.3{{ matrix_postgres_docker_image_suffix }}" matrix_postgres_docker_image_latest: "{{ matrix_postgres_docker_image_v14 }}" # This variable is assigned at runtime. Overriding its value has no effect. From bab1ee22335c3437f227ee4168c9b57174a58e72 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 17 May 2022 11:31:25 +0300 Subject: [PATCH 27/70] Work around mx-puppet-discord failing with "No relay found" after reboot Related to https://gitlab.com/mx-puppet/discord/mx-puppet-discord/-/issues/117 Looks like the bridge is too quick to start and fails to initialize itself by connecting to Synapse. It's mostly observed after a system reboot, because Synapse (and everything else) is slower to start. Once mx-puppet-discord fails to initialize itself, a "No relay found" error will be observed any time you try to relay a Matrix message to Discord. Relaying messages in the other direction (Discord to Matrix) also fails. With this workaround (longer delay on mx-puppet-discord startup), I observe mx-puppet-discord working well, even after a full reboot. Of course, a proper fix is preferable, instead of delaying by a magic number of seconds. --- .../templates/systemd/matrix-mx-puppet-discord.service.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 index 7a4c4a383..52b12c3d0 100644 --- a/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 +++ b/roles/matrix-bridge-mx-puppet-discord/templates/systemd/matrix-mx-puppet-discord.service.j2 @@ -17,7 +17,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-mx-puppet-discord 2>/dev/null || true' # Intentional delay, so that the homeserver (we likely depend on) can manage to start. -ExecStartPre={{ matrix_host_command_sleep }} 5 +ExecStartPre={{ matrix_host_command_sleep }} 15 ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-mx-puppet-discord \ --log-driver=none \ From f972a80224bb6ba8b6338188a6ef031dc525d56e Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 17 May 2022 13:08:17 +0300 Subject: [PATCH 28/70] Upgrade Synapse (1.58.1 -> 1.59.0) --- roles/matrix-synapse/defaults/main.yml | 2 +- .../templates/synapse/homeserver.yaml.j2 | 21 ++++++++++++++----- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index ad1d863f5..bf2a765d0 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.58.1 +matrix_synapse_version: v1.59.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 37cad10fe..97f73c34e 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -432,6 +432,11 @@ manhole_settings: # sign up in a short space of time never to return after their initial # session. # +# The option `mau_appservice_trial_days` is similar to `mau_trial_days`, but +# applies a different trial number if the user was registered by an appservice. +# A value of 0 means no trial days are applied. Appservices not listed in this +# dictionary use the value of `mau_trial_days` instead. +# # 'mau_limit_alerting' is a means of limiting client side alerting # should the mau limit be reached. This is useful for small instances # where the admin has 5 mau seats (say) for 5 specific people and no @@ -442,6 +447,8 @@ manhole_settings: #max_mau_value: 50 #mau_trial_days: 2 #mau_limit_alerting: false +#mau_appservice_trial_days: +# "appservice-id": 1 # If enabled, the metrics for the number of monthly active users will # be populated, however no one will be limited. If limit_usage_by_mau @@ -742,11 +749,11 @@ federation_domain_whitelist: {{ matrix_synapse_federation_domain_whitelist|to_js # #allow_profile_lookup_over_federation: false -# Uncomment to disable device display name lookup over federation. By default, the -# Federation API allows other homeservers to obtain device display names of any user -# on this homeserver. Defaults to 'true'. +# Uncomment to allow device display name lookup over federation. By default, the +# Federation API prevents other homeservers from obtaining the display names of +# user devices on this homeserver. Defaults to 'false'. # -#allow_device_name_lookup_over_federation: false +#allow_device_name_lookup_over_federation: true ## Caching ## @@ -1375,7 +1382,11 @@ allowed_local_3pids: {{ matrix_synapse_allowed_local_3pids|to_json }} # registration_requires_token: {{ matrix_synapse_registration_requires_token|to_json }} - +# Allow users to submit a token during registration to bypass any required 3pid +# steps configured in `registrations_require_3pid`. +# Defaults to false, requiring that registration tokens (if enabled) complete a 3pid flow. +# +#enable_registration_token_3pid_bypass: false # If set, allows registration of standard or admin accounts by anyone who # has the shared secret, even if registration is otherwise disabled. From 2cce91fe1d33f6ca1130a7067260ab3440dcd78c Mon Sep 17 00:00:00 2001 From: Toni Spets Date: Wed, 18 May 2022 12:38:07 +0300 Subject: [PATCH 29/70] Upgrade Heisenbridge (1.12.0 -> 1.13.0) --- roles/matrix-bridge-heisenbridge/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-heisenbridge/defaults/main.yml b/roles/matrix-bridge-heisenbridge/defaults/main.yml index 96ab33821..dfbddd426 100644 --- a/roles/matrix-bridge-heisenbridge/defaults/main.yml +++ b/roles/matrix-bridge-heisenbridge/defaults/main.yml @@ -4,7 +4,7 @@ matrix_heisenbridge_enabled: true -matrix_heisenbridge_version: 1.12.0 +matrix_heisenbridge_version: 1.13.0 matrix_heisenbridge_docker_image: "{{ matrix_container_global_registry_prefix }}hif1/heisenbridge:{{ matrix_heisenbridge_version }}" matrix_heisenbridge_docker_image_force_pull: "{{ matrix_heisenbridge_docker_image.endswith(':latest') }}" From 4297af5c51f34439590c1e450394cc15baef49e0 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 18 May 2022 10:19:43 +0000 Subject: [PATCH 30/70] Update mautrix-whatsapp v0.3.1 -> v0.4.0 --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index d920be51c..0bea0536c 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_whatsapp_container_image_self_build: false matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git" matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}" -matrix_mautrix_whatsapp_version: v0.3.1 +matrix_mautrix_whatsapp_version: v0.4.0 # See: https://mau.dev/mautrix/whatsapp/container_registry matrix_mautrix_whatsapp_docker_image: "{{ matrix_mautrix_whatsapp_docker_image_name_prefix }}mautrix/whatsapp:{{ matrix_mautrix_whatsapp_version }}" matrix_mautrix_whatsapp_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_whatsapp_container_image_self_build else 'dock.mau.dev/' }}" From 99de38280df9ca928f9825375c882db100e31933 Mon Sep 17 00:00:00 2001 From: Paul B Date: Thu, 12 May 2022 12:24:35 +0200 Subject: [PATCH 31/70] bridge-signal: add variable to enable encryption --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 4 ++++ roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 | 6 +++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index 14a2c35fa..ce89a381b 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -127,3 +127,7 @@ matrix_mautrix_signal_registration_yaml: "{{ lookup('template', 'templates/regis matrix_mautrix_signal_registration: "{{ matrix_mautrix_signal_registration_yaml|from_yaml }}" matrix_mautrix_signal_log_level: 'DEBUG' + +matrix_mautrix_signal_bridge_encryption_allow: false +matrix_mautrix_signal_bridge_encryption_default: "{{ matrix_mautrix_signal_bridge_encryption_allow }}" +matrix_mautrix_signal_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_signal_bridge_encryption_allow }}" diff --git a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 index 2f427b907..b831fe9a1 100644 --- a/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-signal/templates/config.yaml.j2 @@ -152,15 +152,15 @@ bridge: # this to work. See https://github.com/tulir/mautrix-telegram/wiki/End‐to‐bridge-encryption encryption: # Allow encryption, work in group chat rooms with e2ee enabled - allow: false + allow: {{ matrix_mautrix_signal_bridge_encryption_allow|to_json }} # Default to encryption, force-enable encryption in all portals the bridge creates # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false + default: {{ matrix_mautrix_signal_bridge_encryption_default|to_json }} # Options for automatic key sharing. key_sharing: # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. - allow: false + allow: {{ matrix_mautrix_signal_bridge_encryption_key_sharing_allow|to_json }} # Require the requesting device to have a valid cross-signing signature? # This doesn't require that the bridge has verified the device, only that the user has verified it. # Not yet implemented. From e1e83353b400033a07d3d259bfdd5d96c4a8f9fb Mon Sep 17 00:00:00 2001 From: Paul B Date: Thu, 12 May 2022 12:57:29 +0200 Subject: [PATCH 32/70] bridge-whatsapp: add variable to enable end-to-bridge encryption --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 5 +++++ .../matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index d920be51c..f2523fa8e 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -123,3 +123,8 @@ matrix_mautrix_whatsapp_registration_yaml: | de.sorunome.msc2409.push_ephemeral: true matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_yaml|from_yaml }}" + +# Enable End-to-bridge encryption +matrix_mautrix_whatsapp_bridge_encryption_allow: false +matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" +matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index 0e3b855cb..c8318f961 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -158,16 +158,16 @@ bridge: # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. encryption: # Allow encryption, work in group chat rooms with e2ee enabled - allow: false + allow: {{ matrix_mautrix_whatsapp_bridge_encryption_allow|to_json }} # Default to encryption, force-enable encryption in all portals the bridge creates # This will cause the bridge bot to be in private chats for the encryption to work properly. # It is recommended to also set private_chat_portal_meta to true when using this. - default: false + default: {{ matrix_mautrix_whatsapp_bridge_encryption_default|to_json }} # Options for automatic key sharing. key_sharing: # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. # You must use a client that supports requesting keys from other users to use this feature. - allow: false + allow: {{ matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow|to_json }} # Require the requesting device to have a valid cross-signing signature? # This doesn't require that the bridge has verified the device, only that the user has verified it. # Not yet implemented. From de8d6f8d6c14bed13370bec40c622115ce82660a Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 18 May 2022 11:37:34 +0000 Subject: [PATCH 33/70] Update Synapse v1.59.0 -> v.1.59.1 --- roles/matrix-synapse/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index bf2a765d0..23dfebf75 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.59.0 +matrix_synapse_version: v1.59.1 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" From a1e5ecf5513f804cd099724266e7c7d0b7a7259d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 18 May 2022 14:43:16 +0300 Subject: [PATCH 34/70] Upgrade hookshot (1.6.1 -> 1.7.0) This new version should be buildable on arm64. See: https://github.com/matrix-org/matrix-hookshot/releases/tag/1.7.0 There's still no prebuild arm64 image, so we continue relying on self-building there. --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index 61f689a55..ecc997708 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.6.1 +matrix_hookshot_version: 1.7.0 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 677a2fc50310aa15126dec7edb5c21b70b61bf58 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 18 May 2022 15:43:39 +0300 Subject: [PATCH 35/70] Fix compatibility with ansible=6 / ansible-core=2.13 Details here: https://docs.ansible.com/ansible/devel/porting_guides/porting_guide_6.html#id36 Basically: ```yaml - name: Prior to 2.13 debug: msg: '[1] + {{ [2] }}' - name: 2.13 and forward debug: msg: '{{ [1] + [2] }}' ``` Interestingly, we had been using the new/safe syntax in lofs of places. We were using the broken one in many others though. Hopefully all instances were fixed by this patch. --- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../matrix-bridge-heisenbridge/tasks/init.yml | 16 ++++++---- roles/matrix-bridge-hookshot/tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- .../tasks/init.yml | 16 ++++++---- roles/matrix-bridge-sms/tasks/init.yml | 16 ++++++---- .../ext/encryption-disabler/setup_install.yml | 16 ++++++---- .../tasks/ext/ldap-auth/setup.yml | 8 +++-- .../ext/mjolnir-antispam/setup_install.yml | 32 +++++++++++-------- .../tasks/ext/rest-auth/setup_install.yml | 16 ++++++---- .../ext/shared-secret-auth/setup_install.yml | 16 ++++++---- .../synapse-simple-antispam/setup_install.yml | 26 ++++++++------- 29 files changed, 298 insertions(+), 184 deletions(-) diff --git a/roles/matrix-bridge-appservice-discord/tasks/init.yml b/roles/matrix-bridge-appservice-discord/tasks/init.yml index e16a69796..a53112ad7 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/init.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/init.yml @@ -14,12 +14,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_appservice_discord_config_path }}/registration.yaml,dst=/matrix-appservice-discord-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_appservice_discord_config_path }}/registration.yaml,dst=/matrix-appservice-discord-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-appservice-discord-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-appservice-discord-registration.yaml"] + }} when: matrix_appservice_discord_enabled|bool diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/matrix-bridge-appservice-irc/tasks/init.yml index 5e1814121..a35144f05 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/init.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml @@ -21,12 +21,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_appservice_irc_config_path }}/registration.yaml,dst=/matrix-appservice-irc-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_appservice_irc_config_path }}/registration.yaml,dst=/matrix-appservice-irc-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-appservice-irc-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-appservice-irc-registration.yaml"] + }} when: matrix_appservice_irc_enabled|bool diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index 8cbc71821..c83318171 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -21,14 +21,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_appservice_slack_config_path }}/slack-registration.yaml,dst=/matrix-appservice-slack-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_appservice_slack_config_path }}/slack-registration.yaml,dst=/matrix-appservice-slack-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-appservice-slack-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-appservice-slack-registration.yaml"] + }} when: matrix_appservice_slack_enabled|bool # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml index b888c51f1..370b835d6 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml @@ -14,14 +14,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml,dst=/matrix-appservice-webhooks-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml,dst=/matrix-appservice-webhooks-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-appservice-webhooks-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-appservice-webhooks-registration.yaml"] + }} when: matrix_appservice_webhooks_enabled|bool # If the matrix-synapse role is not used, `matrix_synapse_role_executed` won't exist. diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml index 977db9252..64057301f 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml @@ -7,12 +7,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_beeper_linkedin_config_path }}/registration.yaml,dst=/matrix-beeper-linkedin-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_beeper_linkedin_config_path }}/registration.yaml,dst=/matrix-beeper-linkedin-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-beeper-linkedin-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-beeper-linkedin-registration.yaml"] + }} when: matrix_beeper_linkedin_enabled|bool diff --git a/roles/matrix-bridge-heisenbridge/tasks/init.yml b/roles/matrix-bridge-heisenbridge/tasks/init.yml index a66d7199d..ef3efb761 100644 --- a/roles/matrix-bridge-heisenbridge/tasks/init.yml +++ b/roles/matrix-bridge-heisenbridge/tasks/init.yml @@ -14,12 +14,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_heisenbridge_base_path }}/registration.yaml,dst=/heisenbridge-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_heisenbridge_base_path }}/registration.yaml,dst=/heisenbridge-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/heisenbridge-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/heisenbridge-registration.yaml"] + }} when: matrix_heisenbridge_enabled|bool diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/matrix-bridge-hookshot/tasks/init.yml index 384f6d3be..14bbcbb32 100644 --- a/roles/matrix-bridge-hookshot/tasks/init.yml +++ b/roles/matrix-bridge-hookshot/tasks/init.yml @@ -14,14 +14,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_hookshot_base_path }}/registration.yml,dst=/hookshot-registration.yml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_hookshot_base_path }}/registration.yml,dst=/hookshot-registration.yml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/hookshot-registration.yml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/hookshot-registration.yml"] + }} when: matrix_hookshot_enabled|bool - block: diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index 200e98463..f2cd59632 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -13,14 +13,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_facebook_config_path }}/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_facebook_config_path }}/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-facebook-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-facebook-registration.yaml"] + }} when: matrix_mautrix_facebook_enabled|bool - block: diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index f458df1bf..27845148e 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -13,14 +13,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_googlechat_config_path }}/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_googlechat_config_path }}/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-googlechat-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-googlechat-registration.yaml"] + }} when: matrix_mautrix_googlechat_enabled|bool - block: diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 680dcd88b..d00e52528 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -13,14 +13,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_hangouts_config_path }}/registration.yaml,dst=/matrix-mautrix-hangouts-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_hangouts_config_path }}/registration.yaml,dst=/matrix-mautrix-hangouts-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-hangouts-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-hangouts-registration.yaml"] + }} when: matrix_mautrix_hangouts_enabled|bool - block: diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml index d33acd09d..867133809 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml @@ -13,12 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_instagram_config_path }}/registration.yaml,dst=/matrix-mautrix-instagram-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_instagram_config_path }}/registration.yaml,dst=/matrix-mautrix-instagram-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-instagram-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-instagram-registration.yaml"] + }} when: matrix_mautrix_instagram_enabled|bool diff --git a/roles/matrix-bridge-mautrix-signal/tasks/init.yml b/roles/matrix-bridge-mautrix-signal/tasks/init.yml index 21d52066f..b9b698c57 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/init.yml @@ -7,12 +7,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_signal_config_path }}/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_signal_config_path }}/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-signal-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-signal-registration.yaml"] + }} when: matrix_mautrix_signal_enabled|bool diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index a97dcd8e0..93b4d9f85 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -13,14 +13,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_telegram_config_path }}/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_telegram_config_path }}/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-telegram-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-telegram-registration.yaml"] + }} when: matrix_mautrix_telegram_enabled|bool - block: diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml index 5b526bbde..34f4ebde2 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml @@ -7,14 +7,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_twitter_config_path }}/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_twitter_config_path }}/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-twitter-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-twitter-registration.yaml"] + }} when: matrix_mautrix_twitter_enabled|bool # ansible lower than 2.8, does not support docker_image build parameters diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml index 57166386b..d4fb82218 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml @@ -6,12 +6,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mautrix_whatsapp_config_path }}/registration.yaml,dst=/matrix-mautrix-whatsapp-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mautrix_whatsapp_config_path }}/registration.yaml,dst=/matrix-mautrix-whatsapp-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mautrix-whatsapp-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mautrix-whatsapp-registration.yaml"] + }} when: matrix_mautrix_whatsapp_enabled|bool diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml index 69458093d..115ccf353 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml @@ -13,12 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mx_puppet_discord_config_path }}/registration.yaml,dst=/matrix-mx-puppet-discord-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mx_puppet_discord_config_path }}/registration.yaml,dst=/matrix-mx-puppet-discord-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mx-puppet-discord-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mx-puppet-discord-registration.yaml"] + }} when: matrix_mx_puppet_discord_enabled|bool diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml index db28f324c..9bada5d87 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml @@ -13,12 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mx_puppet_groupme_config_path }}/registration.yaml,dst=/matrix-mx-puppet-groupme-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mx_puppet_groupme_config_path }}/registration.yaml,dst=/matrix-mx-puppet-groupme-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mx-puppet-groupme-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mx-puppet-groupme-registration.yaml"] + }} when: matrix_mx_puppet_groupme_enabled|bool diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml index d16e6be0f..ae6302b30 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml @@ -13,12 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mx_puppet_instagram_config_path }}/registration.yaml,dst=/matrix-mx-puppet-instagram-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mx_puppet_instagram_config_path }}/registration.yaml,dst=/matrix-mx-puppet-instagram-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mx-puppet-instagram-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mx-puppet-instagram-registration.yaml"] + }} when: matrix_mx_puppet_instagram_enabled|bool diff --git a/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml index d28f6ca1a..699ad6f69 100644 --- a/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-skype/tasks/init.yml @@ -13,12 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mx_puppet_skype_config_path }}/registration.yaml,dst=/matrix-mx-puppet-skype-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mx_puppet_skype_config_path }}/registration.yaml,dst=/matrix-mx-puppet-skype-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mx-puppet-skype-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mx-puppet-skype-registration.yaml"] + }} when: matrix_mx_puppet_skype_enabled|bool diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index 66d51784e..ed6753a2f 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -13,14 +13,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mx_puppet_slack_config_path }}/registration.yaml,dst=/matrix-mx-puppet-slack-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mx_puppet_slack_config_path }}/registration.yaml,dst=/matrix-mx-puppet-slack-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mx-puppet-slack-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mx-puppet-slack-registration.yaml"] + }} when: matrix_mx_puppet_slack_enabled|bool - block: diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml index efca41103..9a171af79 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml @@ -13,12 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mx_puppet_steam_config_path }}/registration.yaml,dst=/matrix-mx-puppet-steam-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mx_puppet_steam_config_path }}/registration.yaml,dst=/matrix-mx-puppet-steam-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mx-puppet-steam-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mx-puppet-steam-registration.yaml"] + }} when: matrix_mx_puppet_steam_enabled|bool diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index 757f1f414..d774de159 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -13,14 +13,18 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_mx_puppet_twitter_config_path }}/registration.yaml,dst=/matrix-mx-puppet-twitter-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_mx_puppet_twitter_config_path }}/registration.yaml,dst=/matrix-mx-puppet-twitter-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-mx-puppet-twitter-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-mx-puppet-twitter-registration.yaml"] + }} when: matrix_mx_puppet_twitter_enabled|bool - block: diff --git a/roles/matrix-bridge-sms/tasks/init.yml b/roles/matrix-bridge-sms/tasks/init.yml index b8af8e604..9ee96b3eb 100644 --- a/roles/matrix-bridge-sms/tasks/init.yml +++ b/roles/matrix-bridge-sms/tasks/init.yml @@ -15,12 +15,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - set_fact: matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_sms_bridge_config_path }}/registration.yaml,dst=/matrix-sms-bridge-registration.yaml,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_sms_bridge_config_path }}/registration.yaml,dst=/matrix-sms-bridge-registration.yaml,ro"] + }} matrix_synapse_app_service_config_files: > - {{ matrix_synapse_app_service_config_files|default([]) }} - + - {{ ["/matrix-sms-bridge-registration.yaml"] }} + {{ + matrix_synapse_app_service_config_files|default([]) + + + ["/matrix-sms-bridge-registration.yaml"] + }} when: matrix_sms_bridge_enabled|bool diff --git a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml index 90411a34b..cdcdd0828 100644 --- a/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/encryption-disabler/setup_install.yml @@ -27,11 +27,15 @@ }} matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_synapse_ext_path }}/matrix_e2ee_filter.py,dst={{ matrix_synapse_in_container_python_packages_path }}/matrix_e2ee_filter.py,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_synapse_ext_path }}/matrix_e2ee_filter.py,dst={{ matrix_synapse_in_container_python_packages_path }}/matrix_e2ee_filter.py,ro"] + }} matrix_synapse_additional_loggers: > - {{ matrix_synapse_additional_loggers }} - + - {{ [{'name': 'matrix_e2ee_filter', 'level': 'INFO'}] }} + {{ + matrix_synapse_additional_loggers + + + [{'name': 'matrix_e2ee_filter', 'level': 'INFO'}] + }} diff --git a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml b/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml index 374c9e55d..b483f688a 100644 --- a/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml +++ b/roles/matrix-synapse/tasks/ext/ldap-auth/setup.yml @@ -4,7 +4,9 @@ matrix_synapse_password_providers_enabled: true matrix_synapse_additional_loggers: > - {{ matrix_synapse_additional_loggers }} - + - {{ [{'name': 'ldap_auth_provider', 'level': 'INFO'}] }} + {{ + matrix_synapse_additional_loggers + + + [{'name': 'ldap_auth_provider', 'level': 'INFO'}] + }} when: matrix_synapse_ext_password_provider_ldap_enabled|bool diff --git a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml index ec298ccd2..1d224bc92 100644 --- a/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/mjolnir-antispam/setup_install.yml @@ -34,19 +34,23 @@ - set_fact: matrix_synapse_spam_checker: > - {{ matrix_synapse_spam_checker }} - + - [{ - "module": "mjolnir.AntiSpam", - "config": { - "block_invites": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_invites }}, - "block_messages": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_messages }}, - "block_usernames": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames }}, - "ban_lists": {{ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists }} - } - }] + {{ + matrix_synapse_spam_checker + + + [{ + "module": "mjolnir.AntiSpam", + "config": { + "block_invites": matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_invites, + "block_messages": matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_messages, + "block_usernames": matrix_synapse_ext_spam_checker_mjolnir_antispam_config_block_usernames, + "ban_lists": matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists, + } + }] + }} matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_synapse_ext_path }}/mjolnir/synapse_antispam/mjolnir,dst={{ matrix_synapse_in_container_python_packages_path }}/mjolnir,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_synapse_ext_path }}/mjolnir/synapse_antispam/mjolnir,dst={{ matrix_synapse_in_container_python_packages_path }}/mjolnir,ro"] + }} diff --git a/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml b/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml index 13a64c58c..22ad318de 100644 --- a/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/rest-auth/setup_install.yml @@ -22,11 +22,15 @@ matrix_synapse_password_providers_enabled: true matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_synapse_ext_path }}/rest_auth_provider.py,dst={{ matrix_synapse_in_container_python_packages_path }}/rest_auth_provider.py,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_synapse_ext_path }}/rest_auth_provider.py,dst={{ matrix_synapse_in_container_python_packages_path }}/rest_auth_provider.py,ro"] + }} matrix_synapse_additional_loggers: > - {{ matrix_synapse_additional_loggers }} - + - {{ [{'name': 'rest_auth_provider', 'level': 'INFO'}] }} + {{ + matrix_synapse_additional_loggers + + + [{'name': 'rest_auth_provider', 'level': 'INFO'}] + }} diff --git a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml index 843f03703..091b0eb2f 100644 --- a/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/shared-secret-auth/setup_install.yml @@ -37,11 +37,15 @@ }} matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_synapse_ext_path }}/shared_secret_authenticator.py,dst={{ matrix_synapse_in_container_python_packages_path }}/shared_secret_authenticator.py,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_synapse_ext_path }}/shared_secret_authenticator.py,dst={{ matrix_synapse_in_container_python_packages_path }}/shared_secret_authenticator.py,ro"] + }} matrix_synapse_additional_loggers: > - {{ matrix_synapse_additional_loggers }} - + - {{ [{'name': 'shared_secret_authenticator', 'level': 'INFO'}] }} + {{ + matrix_synapse_additional_loggers + + + [{'name': 'shared_secret_authenticator', 'level': 'INFO'}] + }} diff --git a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml index 740d9474c..579a707c6 100644 --- a/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml +++ b/roles/matrix-synapse/tasks/ext/synapse-simple-antispam/setup_install.yml @@ -39,16 +39,20 @@ - set_fact: matrix_synapse_modules: > - {{ matrix_synapse_modules }} - + - [{ - "module": "synapse_simple_antispam.AntiSpamInvites", - "config": { - "blocked_homeservers": {{ matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers }} - } - }] + {{ + matrix_synapse_modules + + + [{ + "module": "synapse_simple_antispam.AntiSpamInvites", + "config": { + "blocked_homeservers": matrix_synapse_ext_spam_checker_synapse_simple_antispam_config_blocked_homeservers + } + }] + }} matrix_synapse_container_extra_arguments: > - {{ matrix_synapse_container_extra_arguments|default([]) }} - + - ["--mount type=bind,src={{ matrix_synapse_ext_path }}/synapse-simple-antispam/synapse_simple_antispam,dst={{ matrix_synapse_in_container_python_packages_path }}/synapse_simple_antispam,ro"] + {{ + matrix_synapse_container_extra_arguments|default([]) + + + ["--mount type=bind,src={{ matrix_synapse_ext_path }}/synapse-simple-antispam/synapse_simple_antispam,dst={{ matrix_synapse_in_container_python_packages_path }}/synapse_simple_antispam,ro"] + }} From a906fad12ebfb24cdea35da404ca9f4465f29081 Mon Sep 17 00:00:00 2001 From: Vicx Date: Fri, 20 May 2022 19:09:16 +0200 Subject: [PATCH 36/70] Fix synapse LDAP simple bind config When using LDAP simple bind, the `bind_dn` and `bind_password` configuration values must not be present. --- roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 37cad10fe..266c3243f 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -2521,8 +2521,10 @@ password_providers: uid: {{ matrix_synapse_ext_password_provider_ldap_attributes_uid|string|to_json }} mail: {{ matrix_synapse_ext_password_provider_ldap_attributes_mail|string|to_json }} name: {{ matrix_synapse_ext_password_provider_ldap_attributes_name|string|to_json }} +{% if matrix_synapse_ext_password_provider_ldap_bind_dn %} bind_dn: {{ matrix_synapse_ext_password_provider_ldap_bind_dn|string|to_json }} bind_password: {{ matrix_synapse_ext_password_provider_ldap_bind_password|string|to_json }} +{% endif %} filter: {{ matrix_synapse_ext_password_provider_ldap_filter|string|to_json }} {% endif %} {% endif %} From 0c741e8d166bcc73792cbb44810be59e7031c330 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 19:58:22 +0200 Subject: [PATCH 37/70] Set version to v1.1.5 --- roles/matrix-bot-matrix-registration-bot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/matrix-bot-matrix-registration-bot/defaults/main.yml index 40538478e..99e6e3a95 100644 --- a/roles/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -7,7 +7,7 @@ matrix_bot_matrix_registration_bot_container_image_self_build: false matrix_bot_matrix_registration_bot_docker_repo: "https://github.com/moan0s/matrix-registration-bot.git" matrix_bot_matrix_registration_bot_docker_src_files_path: "{{ matrix_bot_matrix_registration_bot_base_path }}/docker-src" -matrix_bot_matrix_registration_bot_version: latest +matrix_bot_matrix_registration_bot_version: v1.1.5 matrix_bot_matrix_registration_bot_docker_image: "{{ matrix_container_global_registry_prefix }}moanos/matrix-registration-bot:{{ matrix_bot_matrix_registration_bot_version }}" matrix_bot_matrix_registration_bot_docker_image_force_pull: "{{ matrix_bot_matrix_registration_bot_docker_image.endswith(':latest') }}" From 275943c0f8cee716ca70b53e35da451dca2e4df7 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:03:59 +0200 Subject: [PATCH 38/70] Updated: mjolnir v1.4.2 --- roles/matrix-bot-mjolnir/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-mjolnir/defaults/main.yml b/roles/matrix-bot-mjolnir/defaults/main.yml index 0093576cc..dd2483794 100644 --- a/roles/matrix-bot-mjolnir/defaults/main.yml +++ b/roles/matrix-bot-mjolnir/defaults/main.yml @@ -4,7 +4,7 @@ matrix_bot_mjolnir_enabled: true -matrix_bot_mjolnir_version: "v1.4.1" +matrix_bot_mjolnir_version: "v1.4.2" matrix_bot_mjolnir_container_image_self_build: false matrix_bot_mjolnir_container_image_self_build_repo: "https://github.com/matrix-org/mjolnir.git" From 751a8f8a5d9532447f6d92b9681ac6d062fcb7f2 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:16:04 +0200 Subject: [PATCH 39/70] Updated: mautrix-googlechat to v0.3.2 --- roles/matrix-bridge-mautrix-googlechat/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml index e334e8d6b..bdedef07c 100644 --- a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml @@ -7,7 +7,7 @@ matrix_mautrix_googlechat_enabled: true matrix_mautrix_googlechat_container_image_self_build: false matrix_mautrix_googlechat_container_image_self_build_repo: "https://github.com/mautrix/googlechat.git" -matrix_mautrix_googlechat_version: v0.3.1 +matrix_mautrix_googlechat_version: v0.3.2 # See: https://mau.dev/mautrix/googlechat/container_registry matrix_mautrix_googlechat_docker_image: "{{ matrix_mautrix_googlechat_docker_image_name_prefix }}mautrix/googlechat:{{ matrix_mautrix_googlechat_version }}" matrix_mautrix_googlechat_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_googlechat_container_image_self_build else 'dock.mau.dev/' }}" From d804e97ff6bcc682ba91af64599680fcab3f2543 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:19:58 +0200 Subject: [PATCH 40/70] Updated: mautrix-twitter to v0.1.4 --- roles/matrix-bridge-mautrix-twitter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index 3dd4667cf..b2e292ffc 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -7,7 +7,7 @@ matrix_mautrix_twitter_enabled: true matrix_mautrix_twitter_container_image_self_build: false matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/mautrix/twitter.git" -matrix_mautrix_twitter_version: v0.1.3 +matrix_mautrix_twitter_version: v0.1.4 # See: https://mau.dev/tulir/mautrix-twitter/container_registry matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}" matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}" From e779ec45f4e9d52b66e21c188e79922ba176df89 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:24:38 +0200 Subject: [PATCH 41/70] Updated: hydrogen-web to v0.2.29 --- roles/matrix-bridge-mx-puppet-skype/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml index 905e50863..27b6c0d0b 100644 --- a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml @@ -1,6 +1,6 @@ --- # Mx Puppet Skype is a Matrix <-> Skype bridge -# See: https://github.com/Sorunome/mx-puppet-skype +# See: https://github.com/Sorunome/mx-puppet-instagram matrix_mx_puppet_skype_enabled: true From 8a65e3a0db33f08e989f010eac924125c843ebd4 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:24:56 +0200 Subject: [PATCH 42/70] Updated: hydrogen to v0.2.29 --- roles/matrix-client-hydrogen/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-hydrogen/defaults/main.yml b/roles/matrix-client-hydrogen/defaults/main.yml index 4b91eb2bc..88d52ba5c 100644 --- a/roles/matrix-client-hydrogen/defaults/main.yml +++ b/roles/matrix-client-hydrogen/defaults/main.yml @@ -7,7 +7,7 @@ matrix_client_hydrogen_enabled: true matrix_client_hydrogen_container_image_self_build: true matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git" -matrix_client_hydrogen_version: v0.2.26 +matrix_client_hydrogen_version: v0.2.29 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}" matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}" From 2c312435c63b129cba07982bf512f0529ab32633 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:25:41 +0200 Subject: [PATCH 43/70] Reverted URL change --- roles/matrix-bridge-mx-puppet-skype/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml index 27b6c0d0b..905e50863 100644 --- a/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml +++ b/roles/matrix-bridge-mx-puppet-skype/defaults/main.yml @@ -1,6 +1,6 @@ --- # Mx Puppet Skype is a Matrix <-> Skype bridge -# See: https://github.com/Sorunome/mx-puppet-instagram +# See: https://github.com/Sorunome/mx-puppet-skype matrix_mx_puppet_skype_enabled: true From 554615d72712ec61536b9915b2f214fb1b082318 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:28:01 +0200 Subject: [PATCH 44/70] Updated: ddclient to v3.9.1-ls89 --- roles/matrix-dynamic-dns/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dynamic-dns/defaults/main.yml b/roles/matrix-dynamic-dns/defaults/main.yml index 5d733eb3d..95a1188b4 100644 --- a/roles/matrix-dynamic-dns/defaults/main.yml +++ b/roles/matrix-dynamic-dns/defaults/main.yml @@ -5,7 +5,7 @@ matrix_dynamic_dns_enabled: true # The dynamic dns daemon interval matrix_dynamic_dns_daemon_interval: '300' -matrix_dynamic_dns_version: v3.9.1-ls79 +matrix_dynamic_dns_version: v3.9.1-ls89 # The docker container to use when in mode matrix_dynamic_dns_docker_image: "{{ matrix_dynamic_dns_docker_image_name_prefix }}linuxserver/ddclient:{{ matrix_dynamic_dns_version }}" From 64850531baf73b73809597856aea6c2ddfa212e5 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:30:06 +0200 Subject: [PATCH 45/70] Updated: etherpad to 1.8.18 --- roles/matrix-etherpad/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-etherpad/defaults/main.yml b/roles/matrix-etherpad/defaults/main.yml index 0daf24a35..8a0248606 100644 --- a/roles/matrix-etherpad/defaults/main.yml +++ b/roles/matrix-etherpad/defaults/main.yml @@ -4,7 +4,7 @@ matrix_etherpad_enabled: false matrix_etherpad_base_path: "{{ matrix_base_data_path }}/etherpad" -matrix_etherpad_version: 1.8.16 +matrix_etherpad_version: 1.8.18 matrix_etherpad_docker_image: "{{ matrix_container_global_registry_prefix }}etherpad/etherpad:{{ matrix_etherpad_version }}" matrix_etherpad_docker_image_force_pull: "{{ matrix_etherpad_docker_image.endswith(':latest') }}" From 9c24167b8de0286ac28a6cdc032d8df2cd48db88 Mon Sep 17 00:00:00 2001 From: GoliathLabs Date: Fri, 20 May 2022 20:32:19 +0200 Subject: [PATCH 46/70] Updated: grafana to 8.5.3 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index ee184e1d4..991cb19d6 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -4,7 +4,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 8.5.1 +matrix_grafana_version: 8.5.3 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 271a8d0a738c621d0748a854eb1a28834fefb2b2 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Sat, 21 May 2022 10:20:56 +0300 Subject: [PATCH 47/70] Upgrade certbot (v1.23.0 -> v1.27.0) --- roles/matrix-nginx-proxy/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index dfbac32e7..64e2e06bf 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -485,7 +485,7 @@ matrix_ssl_lets_encrypt_staging: false # Learn more here: https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server matrix_ssl_lets_encrypt_server: '' -matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.23.0" +matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/certbot:{{ matrix_ssl_architecture }}-v1.27.0" matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}" matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402 matrix_ssl_lets_encrypt_support_email: ~ From 3b40d8b0a09036af58fce0a39c7df5c1ec23acb6 Mon Sep 17 00:00:00 2001 From: Erick Wibben Date: Sat, 21 May 2022 10:24:27 -0500 Subject: [PATCH 48/70] Update Matrix-Registration-Bot main.yml Line 10, which sets the tag to which docker version to pull was reverted from `v1.1.15` to latest. This gets the playbook working again --- roles/matrix-bot-matrix-registration-bot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-matrix-registration-bot/defaults/main.yml b/roles/matrix-bot-matrix-registration-bot/defaults/main.yml index 99e6e3a95..40538478e 100644 --- a/roles/matrix-bot-matrix-registration-bot/defaults/main.yml +++ b/roles/matrix-bot-matrix-registration-bot/defaults/main.yml @@ -7,7 +7,7 @@ matrix_bot_matrix_registration_bot_container_image_self_build: false matrix_bot_matrix_registration_bot_docker_repo: "https://github.com/moan0s/matrix-registration-bot.git" matrix_bot_matrix_registration_bot_docker_src_files_path: "{{ matrix_bot_matrix_registration_bot_base_path }}/docker-src" -matrix_bot_matrix_registration_bot_version: v1.1.5 +matrix_bot_matrix_registration_bot_version: latest matrix_bot_matrix_registration_bot_docker_image: "{{ matrix_container_global_registry_prefix }}moanos/matrix-registration-bot:{{ matrix_bot_matrix_registration_bot_version }}" matrix_bot_matrix_registration_bot_docker_image_force_pull: "{{ matrix_bot_matrix_registration_bot_docker_image.endswith(':latest') }}" From f448cca73254c7a94920ece4c766f1d53116a9d9 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 24 May 2022 11:26:01 +0000 Subject: [PATCH 49/70] Update coturn 4.5.2-r11 -> 4.5.2-r12 --- roles/matrix-coturn/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-coturn/defaults/main.yml b/roles/matrix-coturn/defaults/main.yml index 46492e21d..bf3564cd0 100644 --- a/roles/matrix-coturn/defaults/main.yml +++ b/roles/matrix-coturn/defaults/main.yml @@ -7,7 +7,7 @@ matrix_coturn_container_image_self_build_repo: "https://github.com/coturn/coturn matrix_coturn_container_image_self_build_repo_version: "docker/{{ matrix_coturn_version }}" matrix_coturn_container_image_self_build_repo_dockerfile_path: "docker/coturn/alpine/Dockerfile" -matrix_coturn_version: 4.5.2-r11 +matrix_coturn_version: 4.5.2-r12 matrix_coturn_docker_image: "{{ matrix_coturn_docker_image_name_prefix }}coturn/coturn:{{ matrix_coturn_version }}-alpine" matrix_coturn_docker_image_name_prefix: "{{ 'localhost/' if matrix_coturn_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_coturn_docker_image_force_pull: "{{ matrix_coturn_docker_image.endswith(':latest') }}" From e37bcd1dafb2f07316022161b331e69ec9ef163c Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 24 May 2022 14:14:41 +0000 Subject: [PATCH 50/70] Updated Element 1.10.12 -> 1.10.13 --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index 7abaf50ca..b0625dba8 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -9,7 +9,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.10.12 +matrix_client_element_version: v1.10.13 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From f60eb7232948c1d222de7c27c9ec33418a653bd4 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Wed, 25 May 2022 09:00:32 +0000 Subject: [PATCH 51/70] Updated signal daemon 0.18.1 -> 0.18.5 --- roles/matrix-bridge-mautrix-signal/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-signal/defaults/main.yml b/roles/matrix-bridge-mautrix-signal/defaults/main.yml index ce89a381b..ad0752e34 100644 --- a/roles/matrix-bridge-mautrix-signal/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-signal/defaults/main.yml @@ -9,7 +9,7 @@ matrix_mautrix_signal_docker_repo: "https://mau.dev/mautrix/signal.git" matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src" matrix_mautrix_signal_version: v0.3.0 -matrix_mautrix_signal_daemon_version: 0.18.1 +matrix_mautrix_signal_daemon_version: 0.18.5 # See: https://mau.dev/mautrix/signal/container_registry matrix_mautrix_signal_docker_image: "dock.mau.dev/mautrix/signal:{{ matrix_mautrix_signal_version }}" matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}" From 883317ac2fdb74cf3bb250fa71e2b2a2684692a3 Mon Sep 17 00:00:00 2001 From: shukon Date: Wed, 25 May 2022 17:29:43 +0200 Subject: [PATCH 52/70] Update configuring-playbook-bridge-hookshot.md --- docs/configuring-playbook-bridge-hookshot.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuring-playbook-bridge-hookshot.md b/docs/configuring-playbook-bridge-hookshot.md index ea7d80c05..f47f24c0e 100644 --- a/docs/configuring-playbook-bridge-hookshot.md +++ b/docs/configuring-playbook-bridge-hookshot.md @@ -4,13 +4,13 @@ The playbook can install and configure [matrix-hookshot](https://github.com/matr Hookshot can bridge [Webhooks](https://en.wikipedia.org/wiki/Webhook) from software project management services such as GitHub, GitLab, JIRA, and Figma, as well as generic webhooks. -See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/hookshot.html) to learn what it does in detail and why it might be useful to you. +See the project's [documentation](https://matrix-org.github.io/matrix-hookshot/latest/hookshot.html) to learn what it does in detail and why it might be useful to you. Note: the playbook also supports [matrix-appservice-webhooks](configuring-playbook-bridge-appservice-webhooks.md), which however is soon to be archived by its author and to be replaced by hookshot. ## Setup Instructions -Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/setup.html) to learn what the individual options do. +Refer to the [official instructions](https://matrix-org.github.io/matrix-hookshot/latest/setup.html) to learn what the individual options do. 1. For each of the services (GitHub, GitLab, Jira, Figma, generic webhooks) fill in the respective variables `matrix_hookshot_service_*` listed in [main.yml](/roles/matrix-bridge-hookshot/defaults/main.yml) as required. 2. Take special note of the `matrix_hookshot_*_enabled` variables. Services that need no further configuration are enabled by default (GitLab, Generic), while you must first add the required configuration and enable the others (GitHub, Jira, Figma). From 2e527338d3fe1952a6295bb1ecf5fb4d22f25ea0 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Sun, 29 May 2022 08:23:17 +0000 Subject: [PATCH 53/70] Update Cinny 2.0.3 -> 2.0.4 --- roles/matrix-client-cinny/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-cinny/defaults/main.yml b/roles/matrix-client-cinny/defaults/main.yml index 5b0991cd6..891058009 100644 --- a/roles/matrix-client-cinny/defaults/main.yml +++ b/roles/matrix-client-cinny/defaults/main.yml @@ -5,7 +5,7 @@ matrix_client_cinny_enabled: true matrix_client_cinny_container_image_self_build: false matrix_client_cinny_container_image_self_build_repo: "https://github.com/ajbura/cinny.git" -matrix_client_cinny_version: v2.0.3 +matrix_client_cinny_version: v2.0.4 matrix_client_cinny_docker_image: "{{ matrix_client_cinny_docker_image_name_prefix }}ajbura/cinny:{{ matrix_client_cinny_version }}" matrix_client_cinny_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_cinny_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_cinny_docker_image_force_pull: "{{ matrix_client_cinny_docker_image.endswith(':latest') }}" From fd3a9b2fbb9eaabff3300e73c4dcc1f9234978ef Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 31 May 2022 09:20:49 +0000 Subject: [PATCH 54/70] Update Honoroit 0.9.7 -> 0.9.8 * add `NOENCRYPTION` option * fix race condition on thread start * fix greetings messages * updated deps --- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 9e7cf2b5c..709cd472b 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -8,7 +8,7 @@ matrix_bot_honoroit_container_image_self_build: false matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.7 +matrix_bot_honoroit_version: v0.9.8 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" From 78204619ea8a68615448f91e81e7932deea823da Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 31 May 2022 16:28:33 +0300 Subject: [PATCH 55/70] Stop using deprecated (in Synapse v1.59) user_dir and appservice workers Source: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types As an alternative, we should probably find a way to run one or a few more generic workers (which will handle appservice and user_dir stuff) and update `homeserver.yaml` so that it would point to the name of these workers using `notify_appservices_from_worker` and `update_user_directory_from_worker` options. For now, this solves the deprecation, so we can have a peace of mind going forward. We're force-setting these worker counts to 0, so that we can clean up existing homeservers which use these worker types. In the future, these options will either be removed or repurposed (so that they transparently create more generic workers that handle user_dir/appservice loads). --- roles/matrix-synapse/defaults/main.yml | 13 ++++-- .../matrix-synapse/tasks/validate_config.yml | 13 +++++- .../templates/synapse/homeserver.yaml.j2 | 6 --- roles/matrix-synapse/vars/workers.yml | 42 ++++++++++++++++++- 4 files changed, 63 insertions(+), 11 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 23dfebf75..67c28b499 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -358,10 +358,13 @@ matrix_synapse_workers_presets: one-of-each: generic_workers_count: 1 pusher_workers_count: 1 - appservice_workers_count: 1 + # appservice workers are deprecated since Synapse v1.59. This will be removed. + appservice_workers_count: 0 federation_sender_workers_count: 1 media_repository_workers_count: 1 # Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. + # user_dir workers are deprecated since Synapse v1.59. This will be removed. + # See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types user_dir_workers_count: 0 frontend_proxy_workers_count: 1 @@ -383,7 +386,9 @@ matrix_synapse_workers_pusher_workers_count: "{{ matrix_synapse_workers_presets[ matrix_synapse_workers_pusher_workers_metrics_range_start: 19200 # matrix_synapse_workers_appservice_workers_count can only be 0 or 1. More instances are not supported. -matrix_synapse_workers_appservice_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['appservice_workers_count'] }}" +# appservice workers are deprecated since Synapse v1.59. This will be removed. +# See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types +matrix_synapse_workers_appservice_workers_count: 0 matrix_synapse_workers_appservice_workers_metrics_range_start: 19300 # matrix_synapse_workers_federation_sender_workers_count can only be 0 or 1 for now. @@ -397,7 +402,9 @@ matrix_synapse_workers_media_repository_workers_port_range_start: 18551 matrix_synapse_workers_media_repository_workers_metrics_range_start: 19551 # Disabled until https://github.com/matrix-org/synapse/issues/8787 is resolved. -matrix_synapse_workers_user_dir_workers_count: "{{ matrix_synapse_workers_presets[matrix_synapse_workers_preset]['user_dir_workers_count'] }}" +# user_dir workers are deprecated since Synapse v1.59. This will be removed. +# See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types +matrix_synapse_workers_user_dir_workers_count: 0 matrix_synapse_workers_user_dir_workers_port_range_start: 18661 matrix_synapse_workers_user_dir_workers_metrics_range_start: 19661 diff --git a/roles/matrix-synapse/tasks/validate_config.yml b/roles/matrix-synapse/tasks/validate_config.yml index 89107c0a6..bb8a2bcd0 100644 --- a/roles/matrix-synapse/tasks/validate_config.yml +++ b/roles/matrix-synapse/tasks/validate_config.yml @@ -12,13 +12,24 @@ - "matrix_synapse_database_password" - "matrix_synapse_database_database" +- name: Fail if asking to configure deprecaed workers (appservice, userdir) + fail: + msg: >- + `{{ item }}` cannot be more than 0. + This type of worker has been deprecated since Synapse v1.59. + Please remove your `{{ item }}` configuration to solve this problem. + See: https://github.com/matrix-org/synapse/blob/v1.59.0/docs/upgrade.md#deprecation-of-the-synapseappappservice-and-synapseappuser_dir-worker-application-types + when: "vars[item]|int != 0" + with_items: + - "matrix_synapse_workers_appservice_workers_count" + - "matrix_synapse_workers_user_dir_workers_count" + - name: Fail if asking for more than 1 instance of single-instance workers fail: msg: >- `{{ item }}` cannot be more than 1. This is a single-instance worker. when: "vars[item]|int > 1" with_items: - - "matrix_synapse_workers_appservice_workers_count" - "matrix_synapse_workers_pusher_workers_count" - "matrix_synapse_workers_federation_sender_workers_count" diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index 8ab985275..cce713300 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -352,9 +352,6 @@ worker_app: synapse.app.homeserver # thx https://oznetnerd.com/2017/04/18/jinja2-selectattr-filter/ # reduce the main worker's offerings to core homeserver business -{% if matrix_synapse_workers_enabled_list|selectattr('type', 'equalto', 'appservice')|list %} -notify_appservices: false -{% endif %} {% if matrix_synapse_workers_enabled_list|selectattr('type', 'equalto', 'federation_sender')|list %} send_federation: false {% endif %} @@ -364,9 +361,6 @@ enable_media_repo: false {% if matrix_synapse_workers_enabled_list|selectattr('type', 'equalto', 'pusher')|list %} start_pushers: false {% endif %} -{% if matrix_synapse_workers_enabled_list|selectattr('type', 'equalto', 'user_dir')|list %} -update_user_directory: false -{% endif %} daemonize: false {% endif %} diff --git a/roles/matrix-synapse/vars/workers.yml b/roles/matrix-synapse/vars/workers.yml index 33bf585b3..91b289c7b 100644 --- a/roles/matrix-synapse/vars/workers.yml +++ b/roles/matrix-synapse/vars/workers.yml @@ -279,7 +279,7 @@ matrix_synapse_workers_generic_worker_endpoints: # run_background_tasks_on: background_worker # ``` - # You might also wish to investigate the `update_user_directory` and + # You might also wish to investigate the `update_user_directory_from_worker` and # `media_instance_running_background_jobs` settings. # An example for a dedicated background worker instance: @@ -288,6 +288,40 @@ matrix_synapse_workers_generic_worker_endpoints: # {{#include systemd-with-workers/workers/background_worker.yaml}} # ``` + # #### Updating the User Directory + + # You can designate one generic worker to update the user directory. + + # Specify its name in the shared configuration as follows: + + # ```yaml + # update_user_directory_from_worker: worker_name + # ``` + + # This work cannot be load-balanced; please ensure the main process is restarted + # after setting this option in the shared configuration! + + # This style of configuration supersedes the legacy `synapse.app.user_dir` + # worker application type. + + + # #### Notifying Application Services + + # You can designate one generic worker to send output traffic to Application Services. + + # Specify its name in the shared configuration as follows: + + # ```yaml + # notify_appservices_from_worker: worker_name + # ``` + + # This work cannot be load-balanced; please ensure the main process is restarted + # after setting this option in the shared configuration! + + # This style of configuration supersedes the legacy `synapse.app.appservice` + # worker application type. + + # pusher worker (no API endpoints) [ # Handles sending push notifications to sygnal and email. Doesn't handle any # REST endpoints itself, but you should set `start_pushers: False` in the @@ -305,6 +339,9 @@ matrix_synapse_workers_generic_worker_endpoints: # ] # appservice worker (no API endpoints) [ + # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the + # `notify_appservices_from_worker` option instead.](#notifying-application-services) + # Handles sending output traffic to Application Services. Doesn't handle any # REST endpoints itself, but you should set `notify_appservices: False` in the # shared configuration file to stop the main synapse sending appservice notifications. @@ -371,6 +408,9 @@ matrix_synapse_workers_media_repository_endpoints: # Note that if a reverse proxy is used , then `/_matrix/media/` must be routed for both inbound client and federation requests (if they are handled separately). matrix_synapse_workers_user_dir_endpoints: + # **Deprecated as of Synapse v1.59.** [Use `synapse.app.generic_worker` with the + # `update_user_directory_from_worker` option instead.](#updating-the-user-directory) + # Handles searches in the user directory. It can handle REST endpoints matching # the following regular expressions: From 246c43be1ea4e353eeaa3f97b45c0f265b4d6491 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 31 May 2022 17:24:38 +0300 Subject: [PATCH 56/70] Upgrade Synapse (v1.59.1 -> v1.60.0) --- CHANGELOG.md | 35 ++++++++++++++++++++++++++ roles/matrix-synapse/defaults/main.yml | 6 +++-- 2 files changed, 39 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 03ce5c7b5..4a56f6fc8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,38 @@ +# 2022-05-31 + +## Synapse v1.60 upgrade may cause trouble and require manual intervention + +Synapse v1.60 will try to add a new unique index to `state_group_edges` upon startup and could fail if your database is corrupted. + +We haven't observed this problem yet, but [the Synapse v1.60.0 upgrade notes](https://github.com/matrix-org/synapse/blob/v1.60.0/docs/upgrade.md#adding-a-new-unique-index-to-state_group_edges-could-fail-if-your-database-is-corrupted) mention it, so we're giving you a heads up here in case you're unlucky. + +**If Synapse fails to start** after your next playbook run, you'll need to: + +- SSH into the Matrix server +- launch `/usr/local/bin/matrix-postgres-cli` +- switch to the `synapse` database: `\c synapse` +- run the following SQL query: + +```sql +BEGIN; +DELETE FROM state_group_edges WHERE (ctid, state_group, prev_state_group) IN ( + SELECT row_id, state_group, prev_state_group + FROM ( + SELECT + ctid AS row_id, + MIN(ctid) OVER (PARTITION BY state_group, prev_state_group) AS min_row_id, + state_group, + prev_state_group + FROM state_group_edges + ) AS t1 + WHERE row_id <> min_row_id +); +COMMIT; +``` + +You could then restart services: `ansible-playbook -i inventory/hosts setup.yml --tags=start` + + # 2022-04-25 ## buscarron bot support diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 67c28b499..a39235aeb 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -9,7 +9,7 @@ matrix_synapse_container_image_self_build_repo: "https://github.com/matrix-org/s matrix_synapse_docker_image: "{{ matrix_synapse_docker_image_name_prefix }}matrixdotorg/synapse:{{ matrix_synapse_docker_image_tag }}" matrix_synapse_docker_image_name_prefix: "{{ 'localhost/' if matrix_synapse_container_image_self_build else matrix_container_global_registry_prefix }}" -matrix_synapse_version: v1.59.1 +matrix_synapse_version: v1.60.0 matrix_synapse_docker_image_tag: "{{ matrix_synapse_version }}" matrix_synapse_docker_image_force_pull: "{{ matrix_synapse_docker_image.endswith(':latest') }}" @@ -559,7 +559,9 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: [] # Enable this to activate the E2EE disabling Synapse module. # See: https://github.com/digitalentity/matrix_encryption_disabler matrix_synapse_ext_encryption_disabler_enabled: false -matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/digitalentity/matrix_encryption_disabler/1182388f7019e8ec1e28f035070c7919d0e4cc24/matrix_e2ee_filter.py" +# Using a fork for this until this gets merged to make it compatible with Synapse v1.60: https://github.com/digitalentity/matrix_encryption_disabler/pull/9 +# See: https://github.com/matrix-org/synapse/blob/v1.60.0/docs/upgrade.md#new-signature-for-the-spam-checker-callback-check_event_for_spam +matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/spantaleev/matrix_encryption_disabler/60b0e211281954f70f8202636cea8d6e27b83148/matrix_e2ee_filter.py" # A list of server domain names for which to deny encryption if the event sender's domain matches the domain in the list. # By default, with the configuration below, we prevent all homeserver users from initiating encryption in ANY room. matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of: ["{{ matrix_domain }}"] From 2c1da0ac2a3b2b72773b247a4272d45ab95607c3 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 31 May 2022 17:35:22 +0300 Subject: [PATCH 57/70] Switch matrix_encryption_disabler back to upstream repository Now that https://github.com/digitalentity/matrix_encryption_disabler/pull/9 has been merged, we can get the module from there. Continuation of 246c43be1ea4e3 --- roles/matrix-synapse/defaults/main.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index a39235aeb..d0debe85f 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -559,9 +559,7 @@ matrix_synapse_ext_spam_checker_mjolnir_antispam_config_ban_lists: [] # Enable this to activate the E2EE disabling Synapse module. # See: https://github.com/digitalentity/matrix_encryption_disabler matrix_synapse_ext_encryption_disabler_enabled: false -# Using a fork for this until this gets merged to make it compatible with Synapse v1.60: https://github.com/digitalentity/matrix_encryption_disabler/pull/9 -# See: https://github.com/matrix-org/synapse/blob/v1.60.0/docs/upgrade.md#new-signature-for-the-spam-checker-callback-check_event_for_spam -matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/spantaleev/matrix_encryption_disabler/60b0e211281954f70f8202636cea8d6e27b83148/matrix_e2ee_filter.py" +matrix_synapse_ext_encryption_disabler_download_url: "https://raw.githubusercontent.com/digitalentity/matrix_encryption_disabler/cdc37a07441acb7c2a3288bcb29b376658d5e766/matrix_e2ee_filter.py" # A list of server domain names for which to deny encryption if the event sender's domain matches the domain in the list. # By default, with the configuration below, we prevent all homeserver users from initiating encryption in ANY room. matrix_synapse_ext_encryption_disabler_deny_encryption_for_users_of: ["{{ matrix_domain }}"] From 25fd7f0cff116c60e25692174531a1d316358afb Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 31 May 2022 20:32:10 +0300 Subject: [PATCH 58/70] update Honoroit 0.9.8 -> 0.9.9 --- roles/matrix-bot-honoroit/defaults/main.yml | 5 ++++- roles/matrix-bot-honoroit/templates/env.j2 | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index 709cd472b..292de0bf4 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -8,7 +8,7 @@ matrix_bot_honoroit_container_image_self_build: false matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.8 +matrix_bot_honoroit_version: v0.9.9 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" @@ -84,6 +84,9 @@ matrix_bot_honoroit_sentry: '' # Log level matrix_bot_honoroit_loglevel: '' +# Disable encryption +matrix_bot_honoroit_noencryption: false + # Max items in cache matrix_bot_honoroit_cachesize: '' diff --git a/roles/matrix-bot-honoroit/templates/env.j2 b/roles/matrix-bot-honoroit/templates/env.j2 index 7f1eef5b8..de8b9d848 100644 --- a/roles/matrix-bot-honoroit/templates/env.j2 +++ b/roles/matrix-bot-honoroit/templates/env.j2 @@ -8,6 +8,7 @@ HONOROIT_PREFIX={{ matrix_bot_honoroit_prefix }} HONOROIT_SENTRY={{ matrix_bot_honoroit_sentry }} HONOROIT_LOGLEVEL={{ matrix_bot_honoroit_loglevel }} HONOROIT_CACHESIZE={{ matrix_bot_honoroit_cachesize }} +HONOROIT_NOENCRYPTION={{ matrix_bot_honoroit_noencryption }} HONOROIT_TEXT_PREFIX_OPEN={{ matrix_bot_honoroit_text_prefix_open }} HONOROIT_TEXT_PREFIX_DONE={{ matrix_bot_honoroit_text_prefix_done }} HONOROIT_TEXT_GREETINGS={{ matrix_bot_honoroit_text_greetings }} From 8ea7cd73cf12428acd80f4e575c6020050ed8930 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 1 Jun 2022 09:36:48 +0300 Subject: [PATCH 59/70] Fix self-building for matrix-registration Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1864 Related to https://github.com/zeratax/matrix-registration/issues/93 This is a poor way to do things though. It may break again in the future. matrix-registration is a poorly maintained project and should likely be removed from the playbook. --- docs/configuring-playbook-matrix-registration.md | 2 ++ roles/matrix-registration/defaults/main.yml | 4 ++++ roles/matrix-registration/tasks/setup_install.yml | 8 ++++++++ 3 files changed, 14 insertions(+) diff --git a/docs/configuring-playbook-matrix-registration.md b/docs/configuring-playbook-matrix-registration.md index b0240d3f9..2b4b07ff2 100644 --- a/docs/configuring-playbook-matrix-registration.md +++ b/docs/configuring-playbook-matrix-registration.md @@ -2,6 +2,8 @@ The playbook can install and configure [matrix-registration](https://github.com/ZerataX/matrix-registration) for you. +**WARNING**: this is a poorly maintained and buggy project. It's better to avoid using it. + > matrix-registration is a simple python application to have a token based matrix registration. Use matrix-registration to **create unique registration links**, which people can use to register on your Matrix server. It allows you to **keep your server's registration closed (private)**, but still allow certain people (these having a special link) to register a user account. diff --git a/roles/matrix-registration/defaults/main.yml b/roles/matrix-registration/defaults/main.yml index d924551a1..a5db3022d 100644 --- a/roles/matrix-registration/defaults/main.yml +++ b/roles/matrix-registration/defaults/main.yml @@ -7,6 +7,10 @@ matrix_registration_enabled: true matrix_registration_container_image_self_build: false matrix_registration_container_image_self_build_repo: "https://github.com/ZerataX/matrix-registration" matrix_registration_container_image_self_build_branch: "{{ 'master' if matrix_registration_version == 'latest' else matrix_registration_version }}" +# Controls whether we'll be patching the dependencies in `setup.py` when self-building. +# Without patching, building will likely fail, because of the poor unbounded way dependencies are defined (e.g. `flask-limiter>=1.1.0`). +# This is an attempt to get matrix-registration in its current (outdated) version to build. +matrix_registration_container_image_self_build_python_dependencies_patch_enabled: true matrix_registration_base_path: "{{ matrix_base_data_path }}/matrix-registration" matrix_registration_config_path: "{{ matrix_registration_base_path }}/config" diff --git a/roles/matrix-registration/tasks/setup_install.yml b/roles/matrix-registration/tasks/setup_install.yml index 6ff2de302..36cd0fd4a 100644 --- a/roles/matrix-registration/tasks/setup_install.yml +++ b/roles/matrix-registration/tasks/setup_install.yml @@ -68,6 +68,14 @@ register: matrix_registration_git_pull_results when: "matrix_registration_container_image_self_build|bool" +# See: https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1864 +- name: Patch setup.py to allow self-built version to work + lineinfile: + path: "{{ matrix_registration_docker_src_files_path }}/setup.py" + regexp: 'flask-limiter' + line: '"flask-limiter~=1.1.0", "Markupsafe<2.1",' + when: "matrix_registration_container_image_self_build|bool and matrix_registration_container_image_self_build_python_dependencies_patch_enabled|bool" + - name: Ensure matrix-registration Docker image is built docker_image: name: "{{ matrix_registration_docker_image }}" From c05e78fc9a6cf2db54575c831d831b25ff367e1b Mon Sep 17 00:00:00 2001 From: roughnecks Date: Thu, 2 Jun 2022 16:52:15 +0200 Subject: [PATCH 60/70] Fix string null in status_endpoint --- roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index c8318f961..fbd41be73 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -10,7 +10,7 @@ homeserver: # The URL to push real-time bridge status to. # If set, the bridge will make POST requests to this URL whenever a user's whatsapp connection state changes. # The bridge will use the appservice as_token to authorize requests. - status_endpoint: "null" + status_endpoint: null appservice: # The address that the homeserver can use to connect to this appservice. From fc38f4a6a90541f8d610ce1b2d3444266e0a50df Mon Sep 17 00:00:00 2001 From: Ruben Hias Date: Mon, 6 Jun 2022 11:27:10 +0200 Subject: [PATCH 61/70] Updated mautrix-googlechat to v0.3.3 --- roles/matrix-bridge-mautrix-googlechat/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml index bdedef07c..dd5b83689 100644 --- a/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-googlechat/defaults/main.yml @@ -7,7 +7,7 @@ matrix_mautrix_googlechat_enabled: true matrix_mautrix_googlechat_container_image_self_build: false matrix_mautrix_googlechat_container_image_self_build_repo: "https://github.com/mautrix/googlechat.git" -matrix_mautrix_googlechat_version: v0.3.2 +matrix_mautrix_googlechat_version: v0.3.3 # See: https://mau.dev/mautrix/googlechat/container_registry matrix_mautrix_googlechat_docker_image: "{{ matrix_mautrix_googlechat_docker_image_name_prefix }}mautrix/googlechat:{{ matrix_mautrix_googlechat_version }}" matrix_mautrix_googlechat_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_googlechat_container_image_self_build else 'dock.mau.dev/' }}" From 4a72c90a6b1286f9e2206c7b07b0338cc61f4f14 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 7 Jun 2022 14:34:02 +0300 Subject: [PATCH 62/70] Upgrade Element (v1.10.13 -> v1.10.14) --- roles/matrix-client-element/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-client-element/defaults/main.yml b/roles/matrix-client-element/defaults/main.yml index b0625dba8..86b0ee6ad 100644 --- a/roles/matrix-client-element/defaults/main.yml +++ b/roles/matrix-client-element/defaults/main.yml @@ -9,7 +9,7 @@ matrix_client_element_container_image_self_build_repo: "https://github.com/vecto # - https://github.com/vector-im/element-web/issues/19544 matrix_client_element_container_image_self_build_low_memory_system_patch_enabled: "{{ ansible_memtotal_mb < 4096 }}" -matrix_client_element_version: v1.10.13 +matrix_client_element_version: v1.10.14 matrix_client_element_docker_image: "{{ matrix_client_element_docker_image_name_prefix }}vectorim/element-web:{{ matrix_client_element_version }}" matrix_client_element_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_element_container_image_self_build else matrix_container_global_registry_prefix }}" matrix_client_element_docker_image_force_pull: "{{ matrix_client_element_docker_image.endswith(':latest') }}" From 12b28a47494f4b3b09dc625f5581ea05cdb66e8a Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Jun 2022 14:13:53 +0300 Subject: [PATCH 63/70] Upgrade Hookshot (1.7.0 -> 1.7.2) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index ecc997708..cdfde23dc 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.7.0 +matrix_hookshot_version: 1.7.2 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 959a6ac0b1a7aedf97d775788d2e9feabebd1f9c Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Jun 2022 14:42:04 +0300 Subject: [PATCH 64/70] Upgrade devture/ansible version and documen nsenter usage Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1772 --- docs/ansible.md | 51 ++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 46 insertions(+), 5 deletions(-) diff --git a/docs/ansible.md b/docs/ansible.md index 50cf83ed3..5802e8cb1 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -41,9 +41,50 @@ If you find yourself needing to resort to such hacks, please consider reporting ## Using Ansible via Docker -Alternatively, you can run Ansible on your computer from inside a Docker container (powered by the [devture/ansible](https://hub.docker.com/r/devture/ansible/) Docker image). +Alternatively, you can run Ansible inside a Docker container (powered by the [devture/ansible](https://hub.docker.com/r/devture/ansible/) Docker image). -Here's a sample command to get you started (run this from the playbook's directory): +This ensures that you're using a very recent Ansible version, which is less likely to be incompatible with the playbook. + +There are 2 ways to go about it: + +- [Running Ansible in a container on the Matrix server itself](#running-ansible-in-a-container-on-the-matrix-server-itself) +- [Running Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server) + + +### Running Ansible in a container on the Matrix server itself + +To run Ansible in a (Docker) container on the Matrix server itself, you need to have a working Docker installation. +Docker is normally installed by the playbook, so this may be a bit of a chicken and egg problem. To solve it: + +- you **either** need to install Docker manually first. Follow [the upstream instructions](https://docs.docker.com/engine/install/) for your distribution and consider setting `matrix_docker_installation_enabled: false` in your `vars.yml` file, to prevent the playbook from installing Docker +- **or** you need to run the playbook in another way (e.g. [Running Ansible in a container on another computer (not the Matrix server)](#running-ansible-in-a-container-on-another-computer-not-the-matrix-server)) at least the first time around + +Once you have a working Docker installation on the server, **clone the playbook** somewhere on the server and configure it as per usual (`inventory/hosts`, `inventory/host_vars/..`, etc.), as described in [configuring the playbook](configuring-playbook.md). + +You would then need to add `ansible_connection=community.docker.nsenter` to the host line in `inventory/hosts`. This tells Ansible to connect to the "remote" machine by switching Linux namespaces with [nsenter](https://man7.org/linux/man-pages/man1/nsenter.1.html), instead of using SSH. +Alternatively, you can leave your `inventory/hosts` as is and specify the connection type in **each** `ansible-playbook` call you do later, like this: `ansible-playbook --connection=community.docker.nsenter ...` + +Run this from the playbook's directory: + +```bash +docker run -it --rm \ +--privileged \ +--pid=host \ +-w /work \ +-v `pwd`:/work \ +--entrypoint=/bin/sh \ +docker.io/devture/ansible:2.13.0-r0 +``` + +Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. +The `/work` directory contains the playbook's code. + +You can execute `ansible-playbook ...` (or `ansible-playbook --connection=community.docker.nsenter ...`) commands as per normal now. + + +### Running Ansible in a container on another computer (not the Matrix server) + +Run this from the playbook's directory: ```bash docker run -it --rm \ @@ -51,7 +92,7 @@ docker run -it --rm \ -v `pwd`:/work \ -v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro \ --entrypoint=/bin/sh \ -docker.io/devture/ansible:2.11.6-r1 +docker.io/devture/ansible:2.13.0-r0 ``` The above command tries to mount an SSH key (`$HOME/.ssh/id_rsa`) into the container (at `/root/.ssh/id_rsa`). @@ -60,9 +101,9 @@ If your SSH key is at a different path (not in `$HOME/.ssh/id_rsa`), adjust that Once you execute the above command, you'll be dropped into a `/work` directory inside a Docker container. The `/work` directory contains the playbook's code. -You can execute `ansible-playbook` commands as per normal now. +You can execute `ansible-playbook ...` commands as per normal now. -### If you don't use SSH keys for authentication +#### If you don't use SSH keys for authentication If you don't use SSH keys for authentication, simply remove that whole line (`-v $HOME/.ssh/id_rsa:/root/.ssh/id_rsa:ro`). To authenticate at your server using a password, you need to add a package. So, when you are in the shell of the ansible docker container (the previously used `docker run -it ...` command), run: From c05f47666f3544a5410d3e5e1c9882755700ebdb Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Jun 2022 14:47:04 +0300 Subject: [PATCH 65/70] Announce the ability to run Ansible in a container on the Matrix server Continuation of 959a6ac0b1a7a --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4a56f6fc8..6f9fe2aaa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +# 2022-06-09 + +## Running Ansible in a container can now happen on the Matrix server itself + +If you're tired of being on an old and problematic Ansible version, you can now run [run Ansible in a container on the Matrix server itself](docs/ansible.md#running-ansible-in-a-container-on-the-matrix-server-itself). + + # 2022-05-31 ## Synapse v1.60 upgrade may cause trouble and require manual intervention From 8cc39c5eb5b6d238496d100886c9085d2c8edc15 Mon Sep 17 00:00:00 2001 From: Kai Biebel <38378574+seclution@users.noreply.github.com> Date: Thu, 9 Jun 2022 14:09:47 +0200 Subject: [PATCH 66/70] update PIP install-link --- docs/ansible.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/ansible.md b/docs/ansible.md index 5802e8cb1..bd1fe9273 100644 --- a/docs/ansible.md +++ b/docs/ansible.md @@ -30,7 +30,7 @@ Depending on your distribution, you may be able to upgrade Ansible in a few diff - by using an additional repository (PPA, etc.), which provides newer Ansible versions. See instructions for [CentOS](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-ansible-on-rhel-centos-or-fedora), [Debian](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-ansible-on-debian), or [Ubuntu](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html#installing-ansible-on-ubuntu) on the Ansible website. -- by removing the Ansible package (`yum remove ansible` or `apt-get remove ansible`) and installing via [pip](https://pip.pypa.io/en/stable/installing/) (`pip install ansible`). +- by removing the Ansible package (`yum remove ansible` or `apt-get remove ansible`) and installing via [pip](https://pip.pypa.io/en/stable/installation/) (`pip install ansible`). If using the `pip` method, do note that the `ansible-playbook` binary may not be on the `$PATH` (https://linuxconfig.org/linux-path-environment-variable), but in some more special location like `/usr/local/bin/ansible-playbook`. You may need to invoke it using the full path. From 99c24ef0e84c9a773a2377a94f06969a6c5c5144 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 9 Jun 2022 20:52:46 +0300 Subject: [PATCH 67/70] Upgrade Hookshot (1.7.2 -> 1.7.3) --- roles/matrix-bridge-hookshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-hookshot/defaults/main.yml b/roles/matrix-bridge-hookshot/defaults/main.yml index cdfde23dc..3a2d5bc94 100644 --- a/roles/matrix-bridge-hookshot/defaults/main.yml +++ b/roles/matrix-bridge-hookshot/defaults/main.yml @@ -10,7 +10,7 @@ matrix_hookshot_container_image_self_build: false matrix_hookshot_container_image_self_build_repo: "https://github.com/matrix-org/matrix-hookshot.git" matrix_hookshot_container_image_self_build_branch: "{{ 'main' if matrix_hookshot_version == 'latest' else matrix_hookshot_version }}" -matrix_hookshot_version: 1.7.2 +matrix_hookshot_version: 1.7.3 matrix_hookshot_docker_image: "{{ matrix_hookshot_docker_image_name_prefix }}halfshot/matrix-hookshot:{{ matrix_hookshot_version }}" matrix_hookshot_docker_image_name_prefix: "{{ 'localhost/' if matrix_hookshot_container_image_self_build else matrix_container_global_registry_prefix }}" From 39914881a7cd997d6c01578a33ee99e073479d57 Mon Sep 17 00:00:00 2001 From: 3hhh Date: Sat, 11 Jun 2022 07:55:44 +0200 Subject: [PATCH 68/70] whatsapp bridge: disable logging to external files The same logs still go to the systemd journal. --- roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index fbd41be73..cfecc2cf0 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -211,7 +211,8 @@ logging: # The directory for log files. Will be created if not found. directory: ./logs # Available variables: .Date for the file date and .Index for different log files on the same day. - file_name_format: "{{ '{{.Date}}-{{.Index}}.log' }}" + # empy/null = journal logging only + file_name_format: # Date format for file names in the Go time format: https://golang.org/pkg/time/#pkg-constants file_date_format: "2006-01-02" # Log file permissions. From 6b94ccbcff3b133688c5d461781e3f7634f90742 Mon Sep 17 00:00:00 2001 From: 3hhh Date: Sat, 11 Jun 2022 08:05:11 +0200 Subject: [PATCH 69/70] whatsapp bridge: add matrix_mautrix_whatsapp_log_level Fixes #1873 --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 4 ++++ roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index e7b5e6f6d..4ffca69fe 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -128,3 +128,7 @@ matrix_mautrix_whatsapp_registration: "{{ matrix_mautrix_whatsapp_registration_y matrix_mautrix_whatsapp_bridge_encryption_allow: false matrix_mautrix_whatsapp_bridge_encryption_default: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_whatsapp_bridge_encryption_allow }}" + +# Minimum severity of journal log messages. +# Options: debug, info, warn, error, fatal +matrix_mautrix_whatsapp_log_level: 'debug' diff --git a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 index cfecc2cf0..d73718eaa 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-whatsapp/templates/config.yaml.j2 @@ -221,4 +221,4 @@ logging: timestamp_format: "Jan _2, 2006 15:04:05" # Minimum severity for log messages. # Options: debug, info, warn, error, fatal - print_level: debug + print_level: {{ matrix_mautrix_whatsapp_log_level }} From cebbe0beecd0e225c5bf2df62df2dd243c34d80e Mon Sep 17 00:00:00 2001 From: 3hhh Date: Sat, 11 Jun 2022 08:11:28 +0200 Subject: [PATCH 70/70] whatsapp bridge: set the default log level to warning Debug logs are inappropriate for production use. --- roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml index 4ffca69fe..5be700516 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/defaults/main.yml @@ -131,4 +131,4 @@ matrix_mautrix_whatsapp_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_ # Minimum severity of journal log messages. # Options: debug, info, warn, error, fatal -matrix_mautrix_whatsapp_log_level: 'debug' +matrix_mautrix_whatsapp_log_level: 'warn'