Merge branch 'spantaleev:master' into patch-1

group_vars/matrix_servers

@@ -374,14 +374,15 @@ matrix_mautrix_signal_login_shared_secret: "{{ matrix_synapse_ext_password_provi
 matrix_mautrix_signal_database_engine: 'postgres'
 matrix_mautrix_signal_database_password: "{{ matrix_synapse_macaroon_secret_key | password_hash('sha512', 'mau.signal.db') | to_uuid }}"
 
+matrix_mautrix_signal_container_self_build: "{{ matrix_architecture not in ['amd64', 'arm64'] }}"
+matrix_mautrix_signal_daemon_container_self_build: "{{ matrix_architecture != 'amd64' }}"
+
 ######################################################################
 #
 # /matrix-bridge-mautrix-signal
 #
 ######################################################################
 
-matrix_mautrix_signal_container_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
-
 ######################################################################
 #
 # matrix-bridge-mautrix-telegram
@@ -393,6 +394,8 @@ matrix_mautrix_telegram_enabled: false
 
 # Images are multi-arch (amd64 and arm64, but not arm32).
 matrix_mautrix_telegram_container_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
+matrix_telegram_lottieconverter_container_self_build: "{{ matrix_architecture not in ['arm64', 'amd64'] }}"
+matrix_telegram_lottieconverter_container_self_build_mask_arch: "{{ matrix_architecture != 'amd64' }}"
 
 matrix_mautrix_telegram_systemd_required_services_list: |
   {{

inventory/scripts/jitsi-generate-passwords.sh

@@ -11,7 +11,6 @@ echo "# Install it before using this script, or simply create your own passwords
 
 echo ""
 
-JICOFO_COMPONENT_SECRET=$(generatePassword)
 JICOFO_AUTH_PASSWORD=$(generatePassword)
 JVB_AUTH_PASSWORD=$(generatePassword)
 JIBRI_RECORDER_PASSWORD=$(generatePassword)
@@ -19,7 +18,6 @@ JIBRI_XMPP_PASSWORD=$(generatePassword)
 
 echo "# Paste these variables into your inventory/host_vars/matrix.DOMAIN/vars.yml file:"
 echo ""
-echo "matrix_jitsi_jicofo_component_secret: "$JICOFO_COMPONENT_SECRET
 echo "matrix_jitsi_jicofo_auth_password: "$JICOFO_AUTH_PASSWORD
 echo "matrix_jitsi_jvb_auth_password: "$JVB_AUTH_PASSWORD
 echo "matrix_jitsi_jibri_recorder_password: "$JIBRI_RECORDER_PASSWORD

roles/matrix-base/defaults/main.yml

@@ -11,6 +11,9 @@ matrix_domain: ~
 # This and the Element FQN (see below) are expected to be on the same server.
 matrix_server_fqn_matrix: "matrix.{{ matrix_domain }}"
 
+# This is where you access federation API.
+matrix_server_fqn_matrix_federation: '{{ matrix_server_fqn_matrix }}'
+
 # This is where you access the Element web UI from (if enabled via matrix_client_element_enabled; enabled by default).
 # This and the Matrix FQN (see above) are expected to be on the same server.
 matrix_server_fqn_element: "element.{{ matrix_domain }}"

roles/matrix-base/templates/static-files/well-known/matrix-server.j2

@@ -1,4 +1,4 @@
 #jinja2: lstrip_blocks: "True"
 {
-	"m.server": "{{ matrix_server_fqn_matrix }}:{{ matrix_federation_public_port }}"
+	"m.server": "{{ matrix_server_fqn_matrix_federation }}:{{ matrix_federation_public_port }}"
 }

roles/matrix-bot-matrix-reminder-bot/defaults/main.yml

@@ -2,7 +2,7 @@
 # See: https://github.com/anoadragon453/matrix-reminder-bot
 
 matrix_bot_matrix_reminder_bot_enabled: true
-matrix_bot_matrix_reminder_bot_version: release-v0.2.0
+matrix_bot_matrix_reminder_bot_version: release-v0.2.1
 matrix_bot_matrix_reminder_bot_docker_image: "{{ matrix_container_global_registry_prefix }}anoa/matrix-reminder-bot:{{ matrix_bot_matrix_reminder_bot_version }}"
 matrix_bot_matrix_reminder_bot_docker_image_force_pull: "{{ matrix_bot_matrix_reminder_bot_docker_image.endswith(':latest') }}"
 

roles/matrix-bridge-mautrix-signal/defaults/main.yml

@@ -3,7 +3,7 @@
 
 matrix_mautrix_signal_enabled: true
 
-matrix_mautrix_signal_self_build: false
+matrix_mautrix_signal_container_self_build: false
 matrix_mautrix_signal_docker_repo: "https://mau.dev/tulir/mautrix-signal.git"
 matrix_mautrix_signal_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signal/docker-src"
 
@@ -13,6 +13,10 @@ matrix_mautrix_signal_daemon_version: latest
 matrix_mautrix_signal_docker_image: "dock.mau.dev/tulir/mautrix-signal:{{ matrix_mautrix_signal_version }}"
 matrix_mautrix_signal_docker_image_force_pull: "{{ matrix_mautrix_signal_docker_image.endswith(':latest') }}"
 
+matrix_mautrix_signal_daemon_container_self_build: false
+matrix_mautrix_signal_daemon_docker_repo: "https://mau.dev/maunium/signald.git"
+matrix_mautrix_signal_daemon_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-signald/docker-src"
+
 matrix_mautrix_signal_daemon_docker_image: "dock.mau.dev/maunium/signald:{{ matrix_mautrix_signal_daemon_version }}"
 matrix_mautrix_signal_daemon_docker_image_force_pull: "{{ matrix_mautrix_signal_daemon_docker_image.endswith(':latest') }}"
 

roles/matrix-bridge-mautrix-signal/tasks/setup_install.yml

@@ -8,6 +8,15 @@
       The matrix-bridge-mautrix-signal role needs to execute before the matrix-synapse role.
   when: "matrix_synapse_role_executed|default(False)"
 
+- name: Ensure Mautrix Signal image is pulled
+  docker_image:
+    name: "{{ matrix_mautrix_signal_docker_image }}"
+    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
+    force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
+  when: "matrix_mautrix_signal_enabled|bool and not matrix_mautrix_signal_container_self_build|bool"
+
+
 - name: Ensure Mautrix Signal repository is present on self-build
   git:
     repo: "{{ matrix_mautrix_signal_docker_repo }}"
@@ -28,14 +37,6 @@
       pull: yes
   when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_container_self_build|bool"
   
-- name: Ensure Mautrix Signal image is pulled
-  docker_image:
-    name: "{{ matrix_mautrix_signal_docker_image }}"
-    source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
-    force_source: "{{ matrix_mautrix_signal_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
-    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_docker_image_force_pull }}"
-  when: "matrix_mautrix_signal_enabled|bool and not matrix_mautrix_signal_container_self_build|bool"
-
 
 - name: Ensure Mautrix Signal Daemon image is pulled
   docker_image:
@@ -43,7 +44,28 @@
     source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}"
     force_source: "{{ matrix_mautrix_signal_daemon_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_signal_daemon_docker_image_force_pull }}"
-  when: matrix_mautrix_signal_enabled|bool
+  when: matrix_mautrix_signal_enabled and not matrix_mautrix_signal_daemon_container_self_build|bool
+  register: matrix_mautrix_signal_daemon_pull_results
+
+- name: Ensure Mautrix Signal Daemon repository is present on self-build
+  git:
+    repo: "{{ matrix_mautrix_signal_daemon_docker_repo }}"
+    dest: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}"
+    force: "yes"
+  register: matrix_mautrix_signal_daemon_git_pull_results
+  when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_daemon_container_self_build|bool"
+
+- name: Ensure Mautrix Signal Daemon image is built
+  docker_image:
+    name: "{{ matrix_mautrix_signal_daemon_docker_image }}"
+    source: build
+    force_source: "{{ matrix_mautrix_signal_daemon_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}"
+    build:
+      dockerfile: Dockerfile
+      path: "{{ matrix_mautrix_signal_daemon_docker_src_files_path }}"
+      pull: yes
+  when: "matrix_mautrix_signal_enabled|bool and matrix_mautrix_signal_daemon_container_self_build|bool"
 
 - name: Ensure Mautrix Signal paths exist
   file:

roles/matrix-bridge-mautrix-telegram/defaults/main.yml

@@ -3,6 +3,12 @@
 
 matrix_mautrix_telegram_enabled: true
 
+matrix_telegram_lottieconverter_container_self_build: false
+matrix_telegram_lottieconverter_container_self_build_mask_arch: false
+matrix_telegram_lottieconverter_docker_repo: "https://mau.dev/tulir/lottieconverter.git"
+matrix_telegram_lottieconverter_docker_src_files_path: "{{ matrix_base_data_path }}/lotticonverter/docker-src"
+matrix_telegram_lottieconverter_docker_image: "dock.mau.dev/tulir/lottieconverter:alpine-3.14" # needs to be ajusted according to FROM clause of Dockerfile of mautrix-telegram
+
 matrix_mautrix_telegram_container_self_build: false
 matrix_mautrix_telegram_docker_repo: "https://mau.dev/tulir/mautrix-telegram.git"
 matrix_mautrix_telegram_docker_src_files_path: "{{ matrix_base_data_path }}/mautrix-telegram/docker-src"

roles/matrix-bridge-mautrix-telegram/tasks/setup_install.yml

@@ -56,6 +56,26 @@
     force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mautrix_telegram_docker_image_force_pull }}"
   when: "not matrix_mautrix_telegram_container_self_build|bool"
 
+- name: Ensure lottieconverter is present when self-building
+  git:
+    repo: "{{ matrix_telegram_lottieconverter_docker_repo }}"
+    dest: "{{ matrix_telegram_lottieconverter_docker_src_files_path }}"
+    force: "yes"
+  register: matrix_telegram_lottieconverter_git_pull_results
+  when: "matrix_telegram_lottieconverter_container_self_build|bool and matrix_mautrix_telegram_container_self_build|bool"
+
+- name: Ensure lottieconverter Docker image is built
+  docker_image:
+    name: "{{ matrix_telegram_lottieconverter_docker_image }}"
+    source: build
+    force_source: "{{ matrix_telegram_lottieconverter_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}"
+    force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_telegram_lottieconverter_git_pull_results.changed }}"
+    build:
+      dockerfile: Dockerfile
+      path: "{{ matrix_telegram_lottieconverter_docker_src_files_path }}"
+      pull: yes
+  when: "matrix_telegram_lottieconverter_container_self_build|bool and matrix_telegram_lottieconverter_git_pull_results.changed and matrix_mautrix_telegram_container_self_build|bool"
+
 - name: Ensure matrix-mautrix-telegram repository is present when self-building
   git:
     repo: "{{ matrix_mautrix_telegram_docker_repo }}"
@@ -73,7 +93,9 @@
     build:
       dockerfile: Dockerfile
       path: "{{ matrix_mautrix_telegram_docker_src_files_path }}"
-      pull: yes
+      pull: "{{ not matrix_telegram_lottieconverter_container_self_build_mask_arch|bool }}"
+      args:
+        TARGETARCH: ""
   when: "matrix_mautrix_telegram_container_self_build|bool and matrix_mautrix_telegram_git_pull_results.changed"
 
 - name: Check if an old database file already exists

roles/matrix-client-hydrogen/defaults/main.yml

@@ -5,7 +5,7 @@ matrix_client_hydrogen_enabled: true
 matrix_client_hydrogen_container_image_self_build: true
 matrix_client_hydrogen_container_image_self_build_repo: "https://github.com/vector-im/hydrogen-web.git"
 
-matrix_client_hydrogen_version: v0.2.0
+matrix_client_hydrogen_version: v0.2.3
 matrix_client_hydrogen_docker_image: "{{ matrix_client_hydrogen_docker_image_name_prefix }}vectorim/hydrogen-web:{{ matrix_client_hydrogen_version }}"
 matrix_client_hydrogen_docker_image_name_prefix: "{{ 'localhost/' if matrix_client_hydrogen_container_image_self_build }}"
 matrix_client_hydrogen_docker_image_force_pull: "{{ matrix_client_hydrogen_docker_image.endswith(':latest') }}"

roles/matrix-jitsi/defaults/main.yml

@@ -32,8 +32,8 @@ matrix_jitsi_ldap_start_tls: false
 
 matrix_jitsi_timezone: UTC
 
-matrix_jitsi_xmpp_domain: matrix-jitsi-web
-matrix_jitsi_xmpp_server: matrix-jitsi-prosody
+matrix_jitsi_xmpp_domain: meet.jitsi
+matrix_jitsi_xmpp_server: xmpp.meet.jitsi
 matrix_jitsi_xmpp_auth_domain: auth.meet.jitsi
 matrix_jitsi_xmpp_bosh_url_base: http://{{ matrix_jitsi_xmpp_server }}:5280
 matrix_jitsi_xmpp_guest_domain: guest.meet.jitsi
@@ -53,7 +53,7 @@ matrix_jitsi_jibri_recorder_password: ''
 
 matrix_jitsi_enable_lobby: false
 
-matrix_jitsi_version: stable-5765-1
+matrix_jitsi_version: stable-5963
 matrix_jitsi_container_image_tag: "{{ matrix_jitsi_version }}" # for backward-compatibility
 
 matrix_jitsi_web_docker_image: "{{ matrix_container_global_registry_prefix }}jitsi/web:{{ matrix_jitsi_container_image_tag }}"

roles/matrix-jitsi/tasks/validate_config.yml

@@ -16,7 +16,6 @@
   with_items:
     - "matrix_jitsi_jibri_xmpp_password"
     - "matrix_jitsi_jibri_recorder_password"
-    - "matrix_jitsi_jicofo_component_secret"
     - "matrix_jitsi_jicofo_auth_password"
     - "matrix_jitsi_jvb_auth_password"
 

roles/matrix-jitsi/templates/jicofo/env.j2

@@ -1,17 +1,34 @@
-ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
-
-XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
-XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
-XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
-XMPP_SERVER={{ matrix_jitsi_xmpp_server }}
-
-JICOFO_COMPONENT_SECRET={{ matrix_jitsi_jicofo_component_secret }}
+AUTH_TYPE={{ matrix_jitsi_auth_type }}
+BRIDGE_AVG_PARTICIPANT_STRESS
+BRIDGE_STRESS_THRESHOLD
+ENABLE_AUTH
+ENABLE_AUTO_OWNER
+ENABLE_CODEC_VP8
+ENABLE_CODEC_VP9
+ENABLE_CODEC_H264
+ENABLE_OCTO
+ENABLE_RECORDING
+ENABLE_SCTP
 JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
 JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }}
-
-JVB_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }}
-
+JICOFO_ENABLE_BRIDGE_HEALTH_CHECKS
+JICOFO_CONF_INITIAL_PARTICIPANT_WAIT_TIMEOUT
+JICOFO_CONF_SINGLE_PARTICIPANT_TIMEOUT
+JICOFO_ENABLE_HEALTH_CHECKS
+JICOFO_SHORT_ID
+JICOFO_RESERVATION_ENABLED
+JICOFO_RESERVATION_REST_BASE_URL
 JIBRI_BREWERY_MUC={{ matrix_jitsi_jibri_brewery_muc }}
+JIBRI_REQUEST_RETRIES
 JIBRI_PENDING_TIMEOUT={{ matrix_jitsi_jibri_pending_timeout }}
-
+JIGASI_BREWERY_MUC
+JIGASI_SIP_URI
+JVB_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }}
+MAX_BRIDGE_PARTICIPANTS
+OCTO_BRIDGE_SELECTION_STRATEGY
 TZ={{ matrix_jitsi_timezone }}
+XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
+XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
+XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
+XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
+XMPP_SERVER={{ matrix_jitsi_xmpp_server }}

roles/matrix-jitsi/templates/jvb/env.j2

@@ -1,20 +1,25 @@
-JVB_AUTH_PASSWORD={{ matrix_jitsi_jvb_auth_password }}
-JVB_TCP_PORT={{ matrix_jitsi_jvb_rtp_tcp_port }}
-JVB_PORT={{ matrix_jitsi_jvb_rtp_udp_port }}
+ENABLE_COLIBRI_WEBSOCKET
+ENABLE_OCTO
+DOCKER_HOST_ADDRESS
+XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
+XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
+XMPP_SERVER={{ matrix_jitsi_xmpp_server }}
 JVB_AUTH_USER={{ matrix_jitsi_jvb_auth_user }}
 JVB_AUTH_PASSWORD={{ matrix_jitsi_jvb_auth_password }}
 JVB_BREWERY_MUC={{ matrix_jitsi_jvb_brewery_muc }}
-
-XMPP_SERVER={{ matrix_jitsi_xmpp_server }}
-XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
-XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
-
-HOSTNAME=matrix-jitsi-jvb
-
+JVB_PORT={{ matrix_jitsi_jvb_rtp_udp_port }}
+JVB_TCP_HARVESTER_DISABLED=true
+JVB_TCP_PORT={{ matrix_jitsi_jvb_rtp_tcp_port }}
+JVB_TCP_MAPPED_PORT={{ matrix_jitsi_jvb_rtp_tcp_port }}
 {% if matrix_jitsi_jvb_stun_servers|length > 0 %}
 JVB_STUN_SERVERS={{ matrix_jitsi_jvb_stun_servers|join(',') }}
 {% endif %}
-
+JVB_ENABLE_APIS
+JVB_WS_DOMAIN
+JVB_WS_SERVER_ID
 PUBLIC_URL={{ matrix_jitsi_web_public_url }}
-
-{{ matrix_jitsi_jvb_environment_variables_extension }}
+JVB_OCTO_BIND_ADDRESS
+JVB_OCTO_PUBLIC_ADDRESS
+JVB_OCTO_BIND_PORT
+JVB_OCTO_REGION
+TZ={{ matrix_jitsi_timezone }}

roles/matrix-jitsi/templates/jvb/matrix-jitsi-jvb.service.j2

@@ -16,6 +16,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }}
 ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-jvb \
 			--log-driver=none \
 			--network={{ matrix_docker_network }} \
+			--network-alias=jvb.meet.jitsi \
 			--env-file={{ matrix_jitsi_jvb_base_path }}/env \
 			{% if matrix_jitsi_jvb_container_rtp_udp_host_bind_port %}
 			-p {{ matrix_jitsi_jvb_container_rtp_udp_host_bind_port }}:{{ matrix_jitsi_jvb_rtp_udp_port }}/udp \

roles/matrix-jitsi/templates/prosody/env.j2

@@ -1,10 +1,10 @@
 AUTH_TYPE={{ matrix_jitsi_auth_type }}
-
 ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
 ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }}
-
-PUBLIC_URL={{ matrix_jitsi_web_public_url }}
-
+ENABLE_LOBBY={{ 1 if matrix_jitsi_enable_lobby else 0 }}
+ENABLE_XMPP_WEBSOCKET
+GLOBAL_MODULES
+GLOBAL_CONFIG
 LDAP_URL={{ matrix_jitsi_ldap_url }}
 LDAP_BASE={{ matrix_jitsi_ldap_base }}
 LDAP_BINDDN={{ matrix_jitsi_ldap_binddn }}
@@ -18,32 +18,34 @@ LDAP_TLS_CHECK_PEER={{ 1 if matrix_jitsi_ldap_tls_check_peer else 0 }}
 LDAP_TLS_CACERT_FILE={{ matrix_jitsi_ldap_tls_cacert_file }}
 LDAP_TLS_CACERT_DIR={{ matrix_jitsi_ldap_tls_cacert_dir }}
 LDAP_START_TLS={{ 1 if matrix_jitsi_ldap_start_tls else 0 }}
-
 XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
 XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
 XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
 XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
 XMPP_INTERNAL_MUC_DOMAIN={{ matrix_jitsi_xmpp_internal_muc_domain }}
-
 XMPP_MODULES={{ matrix_jitsi_xmpp_modules }}
 XMPP_MUC_MODULES=
 XMPP_INTERNAL_MUC_MODULES=
-
 XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }}
-
-JICOFO_COMPONENT_SECRET={{ matrix_jitsi_jicofo_component_secret }}
+XMPP_CROSS_DOMAIN=true
 JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
 JICOFO_AUTH_PASSWORD={{ matrix_jitsi_jicofo_auth_password }}
-
 JVB_AUTH_USER={{ matrix_jitsi_jvb_auth_user }}
 JVB_AUTH_PASSWORD={{ matrix_jitsi_jvb_auth_password }}
-
+JIGASI_XMPP_USER=
+JIGASI_XMPP_PASSWORD=
 JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }}
 JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }}
-
 JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }}
 JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }}
-
-ENABLE_LOBBY={{ 1 if matrix_jitsi_enable_lobby else 0 }}
-
+JWT_APP_ID
+JWT_APP_SECRET
+JWT_ACCEPTED_ISSUERS
+JWT_ACCEPTED_AUDIENCES
+JWT_ASAP_KEYSERVER
+JWT_ALLOW_EMPTY
+JWT_AUTH_TYPE
+JWT_TOKEN_AUTH_MODULE
+LOG_LEVEL
+PUBLIC_URL={{ matrix_jitsi_web_public_url }}
 TZ={{ matrix_jitsi_timezone }}

roles/matrix-jitsi/templates/prosody/matrix-jitsi-prosody.service.j2

@@ -16,6 +16,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }}
 ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-prosody \
 			--log-driver=none \
 			--network={{ matrix_docker_network }} \
+			--network-alias={{ matrix_jitsi_xmpp_server }} \
 			{% if matrix_jitsi_prosody_container_http_host_bind_port %}
 			-p {{ matrix_jitsi_prosody_container_http_host_bind_port }}:5280 \
 			{% endif %}

roles/matrix-jitsi/templates/web/env.j2

@@ -1,42 +1,94 @@
+ENABLE_COLIBRI_WEBSOCKET
+ENABLE_FLOC=0
+ENABLE_LETSENCRYPT=0
+ENABLE_HTTP_REDIRECT=0
+ENABLE_HSTS=0
+ENABLE_XMPP_WEBSOCKET
+DISABLE_HTTPS=0
+DISABLE_DEEP_LINKING
+LETSENCRYPT_DOMAIN={{ matrix_server_fqn_jitsi }}
+LETSENCRYPT_EMAIL={{ matrix_ssl_lets_encrypt_support_email }}
+LETSENCRYPT_USE_STAGING=0
+PUBLIC_URL={{ matrix_jitsi_web_public_url }}
+TZ={{ matrix_jitsi_timezone }}
+AMPLITUDE_ID
+ANALYTICS_SCRIPT_URLS
+ANALYTICS_WHITELISTED_EVENTS
+CALLSTATS_CUSTOM_SCRIPT_URL
+CALLSTATS_ID
+CALLSTATS_SECRET
+CHROME_EXTENSION_BANNER_JSON
+CONFCODE_URL
+CONFIG_EXTERNAL_CONNECT
+DEFAULT_LANGUAGE
+DEPLOYMENTINFO_ENVIRONMENT
+DEPLOYMENTINFO_ENVIRONMENT_TYPE
+DEPLOYMENTINFO_REGION
+DEPLOYMENTINFO_SHARD
+DEPLOYMENTINFO_USERREGION
+DIALIN_NUMBERS_URL
+DIALOUT_AUTH_URL
+DIALOUT_CODES_URL
+DROPBOX_APPKEY
+DROPBOX_REDIRECT_URI
+DYNAMIC_BRANDING_URL
+ENABLE_AUDIO_PROCESSING
 ENABLE_AUTH={{ 1 if matrix_jitsi_enable_auth else 0 }}
+ENABLE_CALENDAR
+ENABLE_FILE_RECORDING_SERVICE
+ENABLE_FILE_RECORDING_SERVICE_SHARING
 ENABLE_GUESTS={{ 1 if matrix_jitsi_enable_guests else 0 }}
-
-ENABLE_TRANSCRIPTIONS={{ 1 if matrix_jitsi_enable_transcriptions else 0 }}
-
+ENABLE_IPV6
+ENABLE_LIPSYNC
+ENABLE_NO_AUDIO_DETECTION
 ENABLE_P2P={{ 1 if matrix_jitsi_enable_p2p else 0 }}
-
-DISABLE_HTTPS=1
-
-JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
-
-PUBLIC_URL={{ matrix_jitsi_web_public_url }}
-
-XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
-XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
-XMPP_BOSH_URL_BASE={{ matrix_jitsi_xmpp_bosh_url_base }}
-XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
-XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
-XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }}
-
-TZ={{ matrix_jitsi_timezone }}
-
-JIBRI_BREWERY_MUC={{ matrix_jitsi_jibri_brewery_muc }}
-JIBRI_PENDING_TIMEOUT={{ matrix_jitsi_jibri_pending_timeout }}
-JIBRI_XMPP_USER={{ matrix_jitsi_jibri_xmpp_user }}
-JIBRI_XMPP_PASSWORD={{ matrix_jitsi_jibri_xmpp_password }}
-JIBRI_RECORDER_USER={{ matrix_jitsi_jibri_recorder_user }}
-JIBRI_RECORDER_PASSWORD={{ matrix_jitsi_jibri_recorder_password }}
-
+ENABLE_PREJOIN_PAGE
+ENABLE_WELCOME_PAGE
+ENABLE_CLOSE_PAGE
 ENABLE_RECORDING={{ 1 if matrix_jitsi_enable_recording else 0 }}
-
+ENABLE_REMB
+ENABLE_REQUIRE_DISPLAY_NAME
+ENABLE_SIMULCAST
+ENABLE_STATS_ID
+ENABLE_STEREO
+ENABLE_SUBDOMAINS
+ENABLE_TALK_WHILE_MUTED
+ENABLE_TCC
+ENABLE_TRANSCRIPTIONS={{ 1 if matrix_jitsi_enable_transcriptions else 0 }}
+ETHERPAD_PUBLIC_URL
+ETHERPAD_URL_BASE={{ (matrix_jitsi_etherpad_base + '/') if matrix_jitsi_etherpad_enabled else ''}}
+GOOGLE_ANALYTICS_ID
+GOOGLE_API_APP_CLIENT_ID
+INVITE_SERVICE_URL
+JICOFO_AUTH_USER={{ matrix_jitsi_jicofo_auth_user }}
+MATOMO_ENDPOINT
+MATOMO_SITE_ID
+MICROSOFT_API_APP_CLIENT_ID
+NGINX_RESOLVER
+NGINX_WORKER_PROCESSES
+NGINX_WORKER_CONNECTIONS
+PEOPLE_SEARCH_URL
 RESOLUTION={{ matrix_jitsi_web_config_resolution_height_ideal_and_max }}
 RESOLUTION_MIN={{ matrix_jitsi_web_config_resolution_height_min }}
 RESOLUTION_WIDTH={{ matrix_jitsi_web_config_resolution_width_ideal_and_max }}
 RESOLUTION_WIDTH_MIN={{ matrix_jitsi_web_config_resolution_width_min }}
-
+START_AUDIO_ONLY
 START_AUDIO_MUTED={{ matrix_jitsi_web_config_start_audio_muted_after_nth_participant }}
+START_WITH_AUDIO_MUTED
+START_SILENT
+DISABLE_AUDIO_LEVELS
+ENABLE_NOISY_MIC_DETECTION
+START_BITRATE
+DESKTOP_SHARING_FRAMERATE_MIN
+DESKTOP_SHARING_FRAMERATE_MAX
 START_VIDEO_MUTED={{ matrix_jitsi_web_config_start_video_muted_after_nth_participant }}
-
-ETHERPAD_URL_BASE={{ (matrix_jitsi_etherpad_base + '/') if matrix_jitsi_etherpad_enabled else ''}}
-
-{{ matrix_jitsi_web_environment_variables_extension }}
+START_WITH_VIDEO_MUTED
+TESTING_CAP_SCREENSHARE_BITRATE
+TESTING_OCTO_PROBABILITY
+XMPP_AUTH_DOMAIN={{ matrix_jitsi_xmpp_auth_domain }}
+XMPP_BOSH_URL_BASE={{ matrix_jitsi_xmpp_bosh_url_base }}
+XMPP_DOMAIN={{ matrix_jitsi_xmpp_domain }}
+XMPP_GUEST_DOMAIN={{ matrix_jitsi_xmpp_guest_domain }}
+XMPP_MUC_DOMAIN={{ matrix_jitsi_xmpp_muc_domain }}
+XMPP_RECORDER_DOMAIN={{ matrix_jitsi_recorder_domain }}
+TOKEN_AUTH_URL

roles/matrix-jitsi/templates/web/matrix-jitsi-web.service.j2

@@ -16,6 +16,7 @@ ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }}
 ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-jitsi-web \
 			--log-driver=none \
 			--network={{ matrix_docker_network }} \
+			--network-alias={{ matrix_jitsi_xmpp_domain }} \
 			--env-file={{ matrix_jitsi_web_base_path }}/env \
 			{% if matrix_jitsi_web_container_http_host_bind_port %}
 			-p {{ matrix_jitsi_web_container_http_host_bind_port }}:80 \

roles/matrix-nginx-proxy/defaults/main.yml

@@ -120,6 +120,7 @@ matrix_nginx_proxy_proxy_hydrogen_hostname: "{{ matrix_server_fqn_hydrogen }}"
 # Controls whether proxying the matrix domain should be done.
 matrix_nginx_proxy_proxy_matrix_enabled: false
 matrix_nginx_proxy_proxy_matrix_hostname: "{{ matrix_server_fqn_matrix }}"
+matrix_nginx_proxy_proxy_matrix_federation_hostname: "{{ matrix_nginx_proxy_proxy_matrix_hostname }}"
 # The port name used for federation in the nginx configuration.
 # This is not necessarily the port that it's actually on,
 # as port-mapping happens (`-p ..`) for the `matrix-nginx-proxy` container.

roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-base-domain.conf.j2

@@ -1,7 +1,7 @@
 #jinja2: lstrip_blocks: "True"
 
 {% macro render_vhost_directives() %}
-	root /nginx-data/matrix-domain;
+	root {{ matrix_nginx_proxy_data_path_in_container if matrix_nginx_proxy_enabled else matrix_nginx_proxy_data_path }}/matrix-domain;
 
 	gzip on;
 	gzip_types text/plain application/json;

roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2

@@ -239,7 +239,7 @@ server {
 		listen {{ matrix_nginx_proxy_proxy_matrix_federation_port }};
 	{% endif %}
 
-	server_name {{ matrix_nginx_proxy_proxy_matrix_hostname }};
+	server_name {{ matrix_nginx_proxy_proxy_matrix_federation_hostname }};
 	server_tokens off;
 
 	root /dev/null;