From 74b9a47ddbe129c86de7f4f35f472c95ca9d32a6 Mon Sep 17 00:00:00 2001
From: Paul ALNET <paul@tawkie.fr>
Date: Mon, 21 Oct 2024 21:53:54 +0200
Subject: [PATCH] feat: support mautrix-whatsapp bridgev2 APIs

---
 group_vars/matrix_servers                     |  3 ++
 .../defaults/main.yml                         | 17 ++++++++++
 .../tasks/validate_config.yml                 |  1 +
 .../templates/labels.j2                       | 31 +++++++++++++++++++
 4 files changed, 52 insertions(+)

diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers
index da0805dc5..e7f35cfd2 100755
--- a/group_vars/matrix_servers
+++ b/group_vars/matrix_servers
@@ -1963,6 +1963,8 @@ matrix_mautrix_whatsapp_container_labels_traefik_tls_certResolver: "{{ devture_t
 matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
 matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
 
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname: "{{ matrix_server_fqn_matrix }}"
+
 matrix_mautrix_whatsapp_systemd_required_services_list_auto: |
   {{
     matrix_addons_homeserver_systemd_services_list
@@ -1971,6 +1973,7 @@ matrix_mautrix_whatsapp_systemd_required_services_list_auto: |
   }}
 
 matrix_mautrix_whatsapp_appservice_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.as.token', rounds=655555) | to_uuid }}"
+matrix_mautrix_whatsapp_appservice_bridgev2_enabled: false
 
 matrix_mautrix_whatsapp_homeserver_address: "{{ matrix_addons_homeserver_client_api_url }}"
 matrix_mautrix_whatsapp_homeserver_token: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'whats.hs.token', rounds=655555) | to_uuid }}"
diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
index d14d7e089..358b5f950 100644
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/defaults/main.yml
@@ -4,6 +4,8 @@
 
 matrix_mautrix_whatsapp_enabled: true
 
+matrix_mautrix_whatsapp_identifier: matrix-mautrix-whatsapp
+
 matrix_mautrix_whatsapp_container_image_self_build: false
 matrix_mautrix_whatsapp_container_image_self_build_repo: "https://mau.dev/mautrix/whatsapp.git"
 matrix_mautrix_whatsapp_container_image_self_build_branch: "{{ 'master' if matrix_mautrix_whatsapp_version == 'latest' else matrix_mautrix_whatsapp_version }}"
@@ -25,6 +27,10 @@ matrix_mautrix_whatsapp_homeserver_address: ""
 matrix_mautrix_whatsapp_homeserver_domain: "{{ matrix_domain }}"
 matrix_mautrix_whatsapp_appservice_address: "http://matrix-mautrix-whatsapp:8080"
 
+# Whether to make public the bridgev2 API endpoints.
+# See https://spec.mau.fi/megabridge/
+matrix_mautrix_whatsapp_appservice_bridgev2_enabled: false
+
 matrix_mautrix_whatsapp_extev_polls: false
 
 matrix_mautrix_whatsapp_command_prefix: "!wa"
@@ -55,6 +61,17 @@ matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_enabled:
 # See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
 matrix_mautrix_whatsapp_container_labels_metrics_middleware_basic_auth_users: ''
 
+# Controls whether labels will be added that expose the bridge's bridgev2 API endpoints
+matrix_mautrix_whatsapp_container_labels_bridgev2_enabled: "{{ matrix_mautrix_whatsapp_appservice_bridgev2_enabled }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname: ""
+# Following two variables should be RegEx-escaped, see https://doc.traefik.io/traefik/middlewares/http/replacepathregex/
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_stripprefix: "/_matrix/{{ matrix_mautrix_whatsapp_identifier }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_rule: "Host(`{{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname }}`) && PathPrefix(`{{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_stripprefix }}`)"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_priority: 0
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_entrypoints: "{{ matrix_mautrix_whatsapp_container_labels_traefik_entrypoints }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls: "{{ matrix_mautrix_whatsapp_container_labels_metrics_traefik_entrypoints != 'web' }}"
+matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls_certResolver: "{{ matrix_mautrix_whatsapp_container_labels_traefik_tls_certResolver }}"  # noqa var-naming
+
 # matrix_mautrix_whatsapp_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
 # See `../templates/labels.j2` for details.
 #
diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
index 7d4fa9479..976248d4f 100644
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/tasks/validate_config.yml
@@ -10,6 +10,7 @@
     - {'name': 'matrix_mautrix_whatsapp_homeserver_address', when: true}
     - {'name': 'matrix_mautrix_whatsapp_homeserver_token', when: true}
     - {'name': 'matrix_mautrix_whatsapp_database_hostname', when: "{{ matrix_mautrix_whatsapp_database_engine == 'postgres' }}"}
+    - {'name': 'matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_hostname', when: "{{ matrix_mautrix_whatsapp_container_labels_bridgev2_enabled }}"}
 
 - name: (Deprecation) Catch and report renamed settings
   ansible.builtin.fail:
diff --git a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/labels.j2 b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/labels.j2
index 23f94361e..7755a6902 100644
--- a/roles/custom/matrix-bridge-mautrix-whatsapp/templates/labels.j2
+++ b/roles/custom/matrix-bridge-mautrix-whatsapp/templates/labels.j2
@@ -5,6 +5,7 @@ traefik.enable=true
 traefik.docker.network={{ matrix_mautrix_whatsapp_container_labels_traefik_docker_network }}
 {% endif %}
 
+traefik.http.services.{{ matrix_mautrix_whatsapp_identifier }}-appservice.loadbalancer.server.port=8080
 traefik.http.services.matrix-mautrix-whatsapp-metrics.loadbalancer.server.port=8001
 
 {% if matrix_mautrix_whatsapp_container_labels_metrics_enabled %}
@@ -40,6 +41,36 @@ traefik.http.routers.matrix-mautrix-whatsapp-metrics.tls.certResolver={{ matrix_
 ############################################################
 {% endif %}
 
+{% if matrix_mautrix_whatsapp_container_labels_bridgev2_enabled %}
+############################################################
+#                                                          #
+# Appservice Bridgev2 API                                  #
+#                                                          #
+############################################################
+
+traefik.http.middlewares.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2-stripprefix.stripprefix.prefixes={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_stripprefix }}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.middlewares={{ matrix_mautrix_whatsapp_identifier }}-bridgev2-stripprefix
+
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.rule={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_rule }}
+
+{% if matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_priority | int > 0 %}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.priority={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_priority }}
+{% endif %}
+
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.service={{ matrix_mautrix_whatsapp_identifier }}-appservice
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.entrypoints={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_entrypoints }}
+
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.tls={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls | to_json }}
+{% if matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls %}
+traefik.http.routers.{{ matrix_mautrix_whatsapp_identifier }}-bridgev2.tls.certResolver={{ matrix_mautrix_whatsapp_container_labels_bridgev2_traefik_tls_certResolver }}
+{% endif %}
+
+############################################################
+#                                                          #
+# /Appservice Bridgev2 API                                 #
+#                                                          #
+############################################################
+{% endif %}
 
 {% endif %}