From 9c2a8addee93910cb9079f856bc3fb3932592c91 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 20:10:35 +0300 Subject: [PATCH 01/22] add postmoogle --- docs/configuring-playbook-bot-postmoogle.md | 54 ++++++++++ docs/configuring-playbook-email2matrix.md | 2 + group_vars/matrix_servers | 35 +++++++ roles/matrix-bot-postmoogle/defaults/main.yml | 96 ++++++++++++++++++ roles/matrix-bot-postmoogle/tasks/init.yml | 5 + roles/matrix-bot-postmoogle/tasks/main.yml | 23 +++++ .../tasks/setup_install.yml | 99 +++++++++++++++++++ .../tasks/setup_uninstall.yml | 36 +++++++ .../tasks/validate_config.yml | 9 ++ roles/matrix-bot-postmoogle/templates/env.j2 | 13 +++ .../systemd/matrix-bot-postmoogle.service.j2 | 40 ++++++++ setup.yml | 1 + 12 files changed, 413 insertions(+) create mode 100644 docs/configuring-playbook-bot-postmoogle.md create mode 100644 roles/matrix-bot-postmoogle/defaults/main.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/init.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/main.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/setup_install.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml create mode 100644 roles/matrix-bot-postmoogle/tasks/validate_config.yml create mode 100644 roles/matrix-bot-postmoogle/templates/env.j2 create mode 100644 roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md new file mode 100644 index 000000000..bbbfa405e --- /dev/null +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -0,0 +1,54 @@ +# Setting up Postmoogle (optional) + +**Note**: email bridging can also happen via the [email2matrix](configuring-playbook-email2matrix.md) bridge supported by the playbook. + +The playbook can install and configure [Postmoogle](https://gitlab.com/etke.cc/postmoogle) for you. + +It's a bot/bridge you can use to forward emails to Matrix rooms + +See the project's [documentation](https://gitlab.com/etke.cc/postmoogle) to learn what it does and why it might be useful to you. + + +## Registering the bot user + +By default, the playbook will set up the bot with a username like this: `@postmoogle:DOMAIN`. + +(to use a different username, adjust the `matrix_bot_postmoogle_login` variable). + +You **need to register the bot user manually** before setting up the bot. You can use the playbook to [register a new user](registering-users.md): + +``` +ansible-playbook -i inventory/hosts setup.yml --extra-vars='username=postmoogle password=PASSWORD_FOR_THE_BOT admin=no' --tags=register-user +``` + +Choose a strong password for the bot. You can generate a good password with a command like this: `pwgen -s 64 1`. + + +## Adjusting the playbook configuration + +Add the following configuration to your `inventory/host_vars/matrix.DOMAIN/vars.yml` file: + +```yaml +matrix_bot_postmoogle_enabled: true + +# Adjust this to whatever password you chose when registering the bot user +matrix_bot_postmoogle_password: PASSWORD_FOR_THE_BOT +``` + + +## Installing + +After configuring the playbook, run the [installation](installing.md) command again: + +``` +ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start +``` + + +## Usage + +To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails + +Send `help` to the room to see the bot's help menu for additional commands. + +You can also refer to the upstream [documentation](https://gitlab.com/etke.cc/postmoogle). diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 510a9dcc8..bc3fba8cb 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,5 +1,7 @@ # Setting up Email2Matrix (optional) +**Note**: email bridging can also happen via the [postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. + The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. See the project's [documentation](https://github.com/devture/email2matrix/blob/master/docs/README.md) to learn what it does and why it might be useful to you. diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 90482810e..91bfddc6a 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1198,6 +1198,35 @@ matrix_bot_buscarron_container_image_self_build: "{{ matrix_architecture not in # ###################################################################### +###################################################################### +# +# matrix-bot-postmoogle +# +###################################################################### + +# We don't enable bots by default. +matrix_bot_postmoogle_enabled: false + +matrix_bot_postmoogle_systemd_required_services_list: | + {{ + ['docker.service'] + + + (['matrix-postgres.service'] if matrix_postgres_enabled else []) + + + (['matrix-synapse.service'] if matrix_synapse_enabled else []) + }} + +# Postgres is the default, except if not using `matrix_postgres` (internal postgres) +matrix_bot_postmoogle_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" +matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db') | to_uuid }}" +matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" + +###################################################################### +# +# /matrix-bot-postmoogle +# +###################################################################### + ###################################################################### # @@ -1850,6 +1879,12 @@ matrix_postgres_additional_databases: | 'password': matrix_bot_honoroit_database_password, }] if (matrix_bot_honoroit_enabled and matrix_bot_honoroit_database_engine == 'postgres' and matrix_bot_honoroit_database_hostname == 'matrix-postgres') else []) + + ([{ + 'name': matrix_bot_postmoogle_database_name, + 'username': matrix_bot_postmoogle_database_username, + 'password': matrix_bot_postmoogle_database_password, + }] if (matrix_bot_postmoogle_enabled and matrix_bot_postmoogle_database_engine == 'postgres' and matrix_bot_postmoogle_database_hostname == 'matrix-postgres') else []) + + ([{ 'name': matrix_bot_maubot_database_name, 'username': matrix_bot_maubot_database_username, diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml new file mode 100644 index 000000000..7d5818ce7 --- /dev/null +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -0,0 +1,96 @@ +--- +# postmoogle is an email to matrix bot +# Project source code URL: https://gitlab.com/etke.cc/postmoogle + +matrix_bot_postmoogle_enabled: true + +matrix_bot_postmoogle_container_image_self_build: false +matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" +matrix_bot_postmoogle_docker_repo_version: "{{ matrix_bot_postmoogle_version }}" +matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" + +matrix_bot_postmoogle_version: latest +matrix_bot_postmoogle_docker_image: "{{ matrix_bot_postmoogle_docker_image_name_prefix }}postmoogle:{{ matrix_bot_postmoogle_version }}" +matrix_bot_postmoogle_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_postmoogle_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" +matrix_bot_postmoogle_docker_image_force_pull: "{{ matrix_bot_postmoogle_docker_image.endswith(':latest') }}" + +matrix_bot_postmoogle_base_path: "{{ matrix_base_data_path }}/postmoogle" +matrix_bot_postmoogle_config_path: "{{ matrix_bot_postmoogle_base_path }}/config" +matrix_bot_postmoogle_data_path: "{{ matrix_bot_postmoogle_base_path }}/data" + +# A list of extra arguments to pass to the container +matrix_bot_postmoogle_container_extra_arguments: [] + +# List of systemd services that matrix-bot-postmoogle.service depends on +matrix_bot_postmoogle_systemd_required_services_list: ['docker.service'] + +# List of systemd services that matrix-bot-postmoogle.service wants +matrix_bot_postmoogle_systemd_wanted_services_list: [] + + +# Database-related configuration fields. +# +# To use SQLite, stick to these defaults. +# +# To use Postgres: +# - change the engine (`matrix_bot_postmoogle_database_engine: 'postgres'`) +# - adjust your database credentials via the `matrix_bot_postmoogle_database_*` variables +matrix_bot_postmoogle_database_engine: 'sqlite' + +matrix_bot_postmoogle_sqlite_database_path_local: "{{ matrix_bot_postmoogle_data_path }}/bot.db" +matrix_bot_postmoogle_sqlite_database_path_in_container: "/data/bot.db" + +matrix_bot_postmoogle_database_username: 'postmoogle' +matrix_bot_postmoogle_database_password: 'some-password' +matrix_bot_postmoogle_database_hostname: 'matrix-postgres' +matrix_bot_postmoogle_database_port: 5432 +matrix_bot_postmoogle_database_name: 'postmoogle' + +matrix_bot_postmoogle_database_connection_string: 'postgres://{{ matrix_bot_postmoogle_database_username }}:{{ matrix_bot_postmoogle_database_password }}@{{ matrix_bot_postmoogle_database_hostname }}:{{ matrix_bot_postmoogle_database_port }}/{{ matrix_bot_postmoogle_database_name }}?sslmode=disable' + +matrix_bot_postmoogle_storage_database: "{{ + { + 'sqlite': matrix_bot_postmoogle_sqlite_database_path_in_container, + 'postgres': matrix_bot_postmoogle_database_connection_string, + }[matrix_bot_postmoogle_database_engine] +}}" + +matrix_bot_postmoogle_database_dialect: "{{ + { + 'sqlite': 'sqlite3', + 'postgres': 'postgres', + }[matrix_bot_postmoogle_database_engine] +}}" + + +# The bot's username. This user needs to be created manually beforehand. +# Also see `matrix_bot_postmoogle_password`. +matrix_bot_postmoogle_login: "postmoogle" + +# The password that the bot uses to authenticate. +matrix_bot_postmoogle_password: '' + +matrix_bot_postmoogle_homeserver: "{{ matrix_homeserver_container_url }}" + +# Command prefix +matrix_bot_postmoogle_prefix: '' + +# Sentry DSN +matrix_bot_postmoogle_sentry: '' + +# Log level +matrix_bot_postmoogle_loglevel: '' + +# Disable encryption +matrix_bot_postmoogle_noencryption: false + +matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" + +matrix_bot_postmoogle_port: "25" + +# Additional environment variables to pass to the postmoogle container +# +# Example: +# matrix_bot_postmoogle_environment_variables_extension: | +# postmoogle_TEXT_DONE=Done +matrix_bot_postmoogle_environment_variables_extension: '' diff --git a/roles/matrix-bot-postmoogle/tasks/init.yml b/roles/matrix-bot-postmoogle/tasks/init.yml new file mode 100644 index 000000000..16b781713 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/init.yml @@ -0,0 +1,5 @@ +--- + +- ansible.builtin.set_fact: + matrix_systemd_services_list: "{{ matrix_systemd_services_list + ['matrix-bot-postmoogle.service'] }}" + when: matrix_bot_postmoogle_enabled | bool diff --git a/roles/matrix-bot-postmoogle/tasks/main.yml b/roles/matrix-bot-postmoogle/tasks/main.yml new file mode 100644 index 000000000..cbe590e17 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/init.yml" + tags: + - always + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/validate_config.yml" + when: "run_setup | bool and matrix_bot_postmoogle_enabled | bool" + tags: + - setup-all + - setup-bot-postmoogle + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_install.yml" + when: "run_setup | bool and matrix_bot_postmoogle_enabled | bool" + tags: + - setup-all + - setup-bot-postmoogle + +- ansible.builtin.import_tasks: "{{ role_path }}/tasks/setup_uninstall.yml" + when: "run_setup | bool and not matrix_bot_postmoogle_enabled | bool" + tags: + - setup-all + - setup-bot-postmoogle diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml new file mode 100644 index 000000000..d08856985 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -0,0 +1,99 @@ +--- +- block: + - name: Check if an SQLite database already exists + ansible.builtin.stat: + path: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" + register: matrix_bot_postmoogle_sqlite_database_path_local_stat_result + + - block: + - ansible.builtin.set_fact: + matrix_postgres_db_migration_request: + src: "{{ matrix_bot_postmoogle_sqlite_database_path_local }}" + dst: "{{ matrix_bot_postmoogle_database_connection_string }}" + caller: "{{ role_path | basename }}" + engine_variable_name: 'matrix_bot_postmoogle_database_engine' + engine_old: 'sqlite' + systemd_services_to_stop: ['matrix-bot-postmoogle.service'] + + - ansible.builtin.import_role: + name: matrix-postgres + tasks_from: migrate_db_to_postgres + + - ansible.builtin.set_fact: + matrix_bot_postmoogle_requires_restart: true + when: "matrix_bot_postmoogle_sqlite_database_path_local_stat_result.stat.exists | bool" + when: "matrix_bot_postmoogle_database_engine == 'postgres'" + +- name: Ensure postmoogle paths exist + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: 0750 + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + with_items: + - {path: "{{ matrix_bot_postmoogle_config_path }}", when: true} + - {path: "{{ matrix_bot_postmoogle_data_path }}", when: true} + - {path: "{{ matrix_bot_postmoogle_docker_src_files_path }}", when: true} + when: "item.when | bool" + +- name: Ensure postmoogle environment variables file created + ansible.builtin.template: + src: "{{ role_path }}/templates/env.j2" + dest: "{{ matrix_bot_postmoogle_config_path }}/env" + owner: "{{ matrix_user_username }}" + group: "{{ matrix_user_groupname }}" + mode: 0640 + +- name: Ensure postmoogle image is pulled + docker_image: + name: "{{ matrix_bot_postmoogle_docker_image }}" + source: "{{ 'pull' if ansible_version.major > 2 or ansible_version.minor > 7 else omit }}" + force_source: "{{ matrix_bot_postmoogle_docker_image_force_pull if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_bot_postmoogle_docker_image_force_pull }}" + when: "not matrix_bot_postmoogle_container_image_self_build | bool" + register: result + retries: "{{ matrix_container_retries_count }}" + delay: "{{ matrix_container_retries_delay }}" + until: result is not failed + +- name: Ensure postmoogle repository is present on self-build + ansible.builtin.git: + repo: "{{ matrix_bot_postmoogle_docker_repo }}" + version: "{{ matrix_bot_postmoogle_docker_repo_version }}" + dest: "{{ matrix_bot_postmoogle_docker_src_files_path }}" + force: "yes" + become: true + become_user: "{{ matrix_user_username }}" + register: matrix_bot_postmoogle_git_pull_results + when: "matrix_bot_postmoogle_container_image_self_build | bool" + +- name: Ensure postmoogle image is built + docker_image: + name: "{{ matrix_bot_postmoogle_docker_image }}" + source: build + force_source: "{{ matrix_bot_postmoogle_git_pull_results.changed if ansible_version.major > 2 or ansible_version.minor >= 8 else omit }}" + force: "{{ omit if ansible_version.major > 2 or ansible_version.minor >= 8 else matrix_mailer_git_pull_results.changed }}" + build: + dockerfile: Dockerfile + path: "{{ matrix_bot_postmoogle_docker_src_files_path }}" + pull: true + when: "matrix_bot_postmoogle_container_image_self_build | bool" + +- name: Ensure matrix-bot-postmoogle.service installed + ansible.builtin.template: + src: "{{ role_path }}/templates/systemd/matrix-bot-postmoogle.service.j2" + dest: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + mode: 0644 + register: matrix_bot_postmoogle_systemd_service_result + +- name: Ensure systemd reloaded after matrix-bot-postmoogle.service installation + ansible.builtin.service: + daemon_reload: true + when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" + +- name: Ensure matrix-bot-postmoogle.service restarted, if necessary + ansible.builtin.service: + name: "matrix-bot-postmoogle.service" + state: restarted + when: "matrix_bot_postmoogle_systemd_service_result.changed | bool" diff --git a/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml new file mode 100644 index 000000000..64164a860 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/setup_uninstall.yml @@ -0,0 +1,36 @@ +--- + +- name: Check existence of matrix-postmoogle service + ansible.builtin.stat: + path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + register: matrix_bot_postmoogle_service_stat + +- name: Ensure matrix-postmoogle is stopped + ansible.builtin.service: + name: matrix-bot-postmoogle + state: stopped + enabled: false + daemon_reload: true + register: stopping_result + when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" + +- name: Ensure matrix-bot-postmoogle.service doesn't exist + ansible.builtin.file: + path: "{{ matrix_systemd_path }}/matrix-bot-postmoogle.service" + state: absent + when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" + +- name: Ensure systemd reloaded after matrix-bot-postmoogle.service removal + ansible.builtin.service: + daemon_reload: true + when: "matrix_bot_postmoogle_service_stat.stat.exists | bool" + +- name: Ensure Matrix postmoogle paths don't exist + ansible.builtin.file: + path: "{{ matrix_bot_postmoogle_base_path }}" + state: absent + +- name: Ensure postmoogle Docker image doesn't exist + docker_image: + name: "{{ matrix_bot_postmoogle_docker_image }}" + state: absent diff --git a/roles/matrix-bot-postmoogle/tasks/validate_config.yml b/roles/matrix-bot-postmoogle/tasks/validate_config.yml new file mode 100644 index 000000000..b5d9d1ed2 --- /dev/null +++ b/roles/matrix-bot-postmoogle/tasks/validate_config.yml @@ -0,0 +1,9 @@ +--- + +- name: Fail if required settings not defined + ansible.builtin.fail: + msg: >- + You need to define a required configuration setting (`{{ item }}`). + when: "vars[item] == ''" + with_items: + - "matrix_bot_postmoogle_password" diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 new file mode 100644 index 000000000..f9f49e791 --- /dev/null +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -0,0 +1,13 @@ +POSTMOOGLE_LOGIN={{ matrix_bot_postmoogle_login }} +POSTMOOGLE_PASSWORD={{ matrix_bot_postmoogle_password }} +POSTMOOGLE_HOMESERVER={{ matrix_bot_postmoogle_homeserver }} +POSTMOOGLE_DOMAIN={{ matrix_bot_postmoogle_domain }} +POSTMOOGLE_PORT={{ matrix_bot_postmoogle_port }} +POSTMOOGLE_DB_DSN={{ matrix_bot_postmoogle_database_connection_string }} +POSTMOOGLE_DB_DIALECT={{ matrix_bot_postmoogle_database_dialect }} +POSTMOOGLE_PREFIX={{ matrix_bot_postmoogle_prefix }} +POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} +POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} +POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} + +{{ matrix_bot_postmoogle_environment_variables_extension }} diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 new file mode 100644 index 000000000..d53686035 --- /dev/null +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -0,0 +1,40 @@ +#jinja2: lstrip_blocks: "True" +[Unit] +Description=Matrix helpdesk bot +{% for service in matrix_bot_postmoogle_systemd_required_services_list %} +Requires={{ service }} +After={{ service }} +{% endfor %} +{% for service in matrix_bot_postmoogle_systemd_wanted_services_list %} +Wants={{ service }} +{% endfor %} +DefaultDependencies=no + +[Service] +Type=simple +Environment="HOME={{ matrix_systemd_unit_home_path }}" +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStartPre=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' + +ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle \ + --log-driver=none \ + --user={{ matrix_user_uid }}:{{ matrix_user_gid }} \ + --cap-drop=ALL \ + --read-only \ + --network={{ matrix_docker_network }} \ + --env-file={{ matrix_bot_postmoogle_config_path }}/env \ + -p {{ matrix_bot_postmoogle_port }}:{{ matrix_bot_postmoogle_port }} \ + --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ + {% for arg in matrix_bot_postmoogle_container_extra_arguments %} + {{ arg }} \ + {% endfor %} + {{ matrix_bot_postmoogle_docker_image }} + +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} kill matrix-bot-postmoogle 2>/dev/null || true' +ExecStop=-{{ matrix_host_command_sh }} -c '{{ matrix_host_command_docker }} rm matrix-bot-postmoogle 2>/dev/null || true' +Restart=always +RestartSec=30 +SyslogIdentifier=matrix-bot-postmoogle + +[Install] +WantedBy=multi-user.target diff --git a/setup.yml b/setup.yml index 18fbdf101..a4ef8c356 100755 --- a/setup.yml +++ b/setup.yml @@ -43,6 +43,7 @@ - matrix-bot-maubot - matrix-bot-buscarron - matrix-bot-honoroit + - matrix-bot-postmoogle - matrix-bot-go-neb - matrix-bot-mjolnir - matrix-synapse From 1338a3c9fcf545977721b0dfce4794d70320b929 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 20:23:39 +0300 Subject: [PATCH 02/22] postmoogle: adjust help, add maxsize --- docs/configuring-playbook-bot-postmoogle.md | 4 ++-- roles/matrix-bot-postmoogle/defaults/main.yml | 5 ++++- roles/matrix-bot-postmoogle/templates/env.j2 | 1 + 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index bbbfa405e..680365e4b 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -47,8 +47,8 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails +To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `!pm mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails -Send `help` to the room to see the bot's help menu for additional commands. +Send `!pm help` to the room to see the bot's help menu for additional commands. You can also refer to the upstream [documentation](https://gitlab.com/etke.cc/postmoogle). diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 7d5818ce7..4679e6788 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -73,7 +73,10 @@ matrix_bot_postmoogle_password: '' matrix_bot_postmoogle_homeserver: "{{ matrix_homeserver_container_url }}" # Command prefix -matrix_bot_postmoogle_prefix: '' +matrix_bot_postmoogle_prefix: '!pm' + +# Max email size in megabytes, including attachments +matrix_bot_postmoogle_maxsize: '1024' # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index f9f49e791..d2662fd35 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -6,6 +6,7 @@ POSTMOOGLE_PORT={{ matrix_bot_postmoogle_port }} POSTMOOGLE_DB_DSN={{ matrix_bot_postmoogle_database_connection_string }} POSTMOOGLE_DB_DIALECT={{ matrix_bot_postmoogle_database_dialect }} POSTMOOGLE_PREFIX={{ matrix_bot_postmoogle_prefix }} +POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} From 49fa03f8e8f98f772a1476bf43236429c8bc4c54 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 20:29:48 +0300 Subject: [PATCH 03/22] update README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index e30f9b540..b95b1fdc3 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,8 @@ Using this playbook, you can get the following services configured on your serve - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation +- (optional) [postmoogle](https://gitlab.com/etke.cc/postmoogle) email to matrix bot - see [docs/configuring-playbook-bot-postmoogle.md](docs/configuring-playbook-bot-postmoogle.md) for setup documentation + - (optional) [Go-NEB](https://github.com/matrix-org/go-neb) multi functional bot written in Go - see [docs/configuring-playbook-bot-go-neb.md](docs/configuring-playbook-bot-go-neb.md) for setup documentation - (optional) [Mjolnir](https://github.com/matrix-org/mjolnir), a moderation tool for Matrix - see [docs/configuring-playbook-bot-mjolnir.md](docs/configuring-playbook-bot-mjolnir.md) for setup documentation From 0a734a609a131022499865db358584531edeb242 Mon Sep 17 00:00:00 2001 From: Aine Date: Mon, 22 Aug 2022 22:10:15 +0300 Subject: [PATCH 04/22] postmoogle: add noowner and federation --- roles/matrix-bot-postmoogle/defaults/main.yml | 6 ++++++ roles/matrix-bot-postmoogle/templates/env.j2 | 2 ++ 2 files changed, 8 insertions(+) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 4679e6788..633d00999 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -78,6 +78,12 @@ matrix_bot_postmoogle_prefix: '!pm' # Max email size in megabytes, including attachments matrix_bot_postmoogle_maxsize: '1024' +# Allow room settings changes by any room participant +matrix_bot_postmoogle_noowner: false + +# Allow Postmoogle use by users over federation +matrix_bot_postmoogle_federation: false + # Sentry DSN matrix_bot_postmoogle_sentry: '' diff --git a/roles/matrix-bot-postmoogle/templates/env.j2 b/roles/matrix-bot-postmoogle/templates/env.j2 index d2662fd35..930681d8d 100644 --- a/roles/matrix-bot-postmoogle/templates/env.j2 +++ b/roles/matrix-bot-postmoogle/templates/env.j2 @@ -10,5 +10,7 @@ POSTMOOGLE_MAXSIZE={{ matrix_bot_postmoogle_maxsize }} POSTMOOGLE_SENTRY={{ matrix_bot_postmoogle_sentry }} POSTMOOGLE_LOGLEVEL={{ matrix_bot_postmoogle_loglevel }} POSTMOOGLE_NOENCRYPTION={{ matrix_bot_postmoogle_noencryption }} +POSTMOOGLE_NOOWNER={{ matrix_bot_postmoogle_noowner }} +POSTMOOGLE_FEDERATION={{ matrix_bot_postmoogle_federation }} {{ matrix_bot_postmoogle_environment_variables_extension }} From e8db7611d454eca8d6750fdd73563151eeb6a111 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 11:38:10 +0300 Subject: [PATCH 05/22] Add ENABLE_JAAS_COMPONENTS to Jitsi Related to https://github.com/jitsi/docker-jitsi-meet/issues/1377 Adding this doesn't really help though. `stable-7648-2` is broken regardless. `stable-7648-3` is necessary to make it work. We're already updated to `-3` anyway. This just adds the missing environment variable for completeness. --- roles/matrix-jitsi/defaults/main.yml | 1 + roles/matrix-jitsi/templates/web/env.j2 | 1 + 2 files changed, 2 insertions(+) diff --git a/roles/matrix-jitsi/defaults/main.yml b/roles/matrix-jitsi/defaults/main.yml index 8f1d40db6..d94c62f46 100644 --- a/roles/matrix-jitsi/defaults/main.yml +++ b/roles/matrix-jitsi/defaults/main.yml @@ -9,6 +9,7 @@ matrix_jitsi_enable_auth: false matrix_jitsi_enable_guests: false matrix_jitsi_enable_recording: false matrix_jitsi_enable_transcriptions: false +matrix_jitsi_enable_jaas_components: false matrix_jitsi_enable_p2p: true matrix_jitsi_enable_av_moderation: true matrix_jitsi_enable_breakout_rooms: true diff --git a/roles/matrix-jitsi/templates/web/env.j2 b/roles/matrix-jitsi/templates/web/env.j2 index ac15c0879..3e9f51b71 100644 --- a/roles/matrix-jitsi/templates/web/env.j2 +++ b/roles/matrix-jitsi/templates/web/env.j2 @@ -57,6 +57,7 @@ ENABLE_TALK_WHILE_MUTED ENABLE_TCC ENABLE_TRANSCRIPTIONS={{ 1 if matrix_jitsi_enable_transcriptions else 0 }} ENABLE_XMPP_WEBSOCKET +ENABLE_JAAS_COMPONENTS={{ 1 if matrix_jitsi_enable_jaas_components else false }} ETHERPAD_PUBLIC_URL ETHERPAD_URL_BASE={{ (matrix_jitsi_etherpad_base + '/') if matrix_jitsi_etherpad_enabled else ''}} GOOGLE_ANALYTICS_ID From e764ab165f7da8fafc68908a67bfa62840d1d134 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 10:25:32 +0000 Subject: [PATCH 06/22] Update group_vars/matrix_servers Co-authored-by: Slavi Pantaleev --- group_vars/matrix_servers | 1 + 1 file changed, 1 insertion(+) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index 91bfddc6a..8d464e34f 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -1219,6 +1219,7 @@ matrix_bot_postmoogle_systemd_required_services_list: | # Postgres is the default, except if not using `matrix_postgres` (internal postgres) matrix_bot_postmoogle_database_engine: "{{ 'postgres' if matrix_postgres_enabled else 'sqlite' }}" matrix_bot_postmoogle_database_password: "{{ '%s' | format(matrix_homeserver_generic_secret_key) | password_hash('sha512', 'postmoogle.db') | to_uuid }}" + matrix_bot_postmoogle_container_image_self_build: "{{ matrix_architecture not in ['amd64', 'arm32', 'arm64'] }}" ###################################################################### From 19f5588b0d583d00f9724a12d16d89843b3260e5 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 10:25:48 +0000 Subject: [PATCH 07/22] Update roles/matrix-bot-postmoogle/tasks/setup_install.yml Co-authored-by: Slavi Pantaleev --- roles/matrix-bot-postmoogle/tasks/setup_install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/tasks/setup_install.yml b/roles/matrix-bot-postmoogle/tasks/setup_install.yml index d08856985..d7e5dbee9 100644 --- a/roles/matrix-bot-postmoogle/tasks/setup_install.yml +++ b/roles/matrix-bot-postmoogle/tasks/setup_install.yml @@ -34,7 +34,7 @@ with_items: - {path: "{{ matrix_bot_postmoogle_config_path }}", when: true} - {path: "{{ matrix_bot_postmoogle_data_path }}", when: true} - - {path: "{{ matrix_bot_postmoogle_docker_src_files_path }}", when: true} + - {path: "{{ matrix_bot_postmoogle_docker_src_files_path }}", when: matrix_bot_postmoogle_container_image_self_build} when: "item.when | bool" - name: Ensure postmoogle environment variables file created From b3688cce71baf2a2909bde3903f8b0047487cb97 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 10:31:11 +0000 Subject: [PATCH 08/22] Update docs/configuring-playbook-bot-postmoogle.md Co-authored-by: Slavi Pantaleev --- docs/configuring-playbook-bot-postmoogle.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/configuring-playbook-bot-postmoogle.md b/docs/configuring-playbook-bot-postmoogle.md index 680365e4b..70ac57b63 100644 --- a/docs/configuring-playbook-bot-postmoogle.md +++ b/docs/configuring-playbook-bot-postmoogle.md @@ -47,7 +47,9 @@ ansible-playbook -i inventory/hosts setup.yml --tags=setup-all,start ## Usage -To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox, after that send `!pm mailbox NAME` to enable email address `NAME@matrix.domain` and start receiving emails +To use the bot, invite the `@postmoogle:DOMAIN` into a room you want to use as a mailbox. + +Then send `!pm mailbox NAME` to expose this Matrix room as an inbox with the email address `NAME@matrix.domain`. Emails sent to that email address will be forwarded to the room. Send `!pm help` to the room to see the bot's help menu for additional commands. From 4a08ae200e0a13b3464752cacc01b0a1aafefc1a Mon Sep 17 00:00:00 2001 From: Aine Date: Tue, 23 Aug 2022 13:55:53 +0300 Subject: [PATCH 09/22] postmoogle: feedback --- roles/matrix-bot-postmoogle/defaults/main.yml | 8 ++++++-- .../templates/systemd/matrix-bot-postmoogle.service.j2 | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index 633d00999..c3b363f63 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -88,14 +88,18 @@ matrix_bot_postmoogle_federation: false matrix_bot_postmoogle_sentry: '' # Log level -matrix_bot_postmoogle_loglevel: '' +matrix_bot_postmoogle_loglevel: 'INFO' # Disable encryption matrix_bot_postmoogle_noencryption: false matrix_bot_postmoogle_domain: "{{ matrix_server_fqn_matrix }}" -matrix_bot_postmoogle_port: "25" +# in-container port +matrix_bot_postmoogle_port: '2525' + +# on-host port +matrix_bot_postmoogle_smtp_host_bind_port: '25' # Additional environment variables to pass to the postmoogle container # diff --git a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 index d53686035..38eb89a65 100644 --- a/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 +++ b/roles/matrix-bot-postmoogle/templates/systemd/matrix-bot-postmoogle.service.j2 @@ -23,7 +23,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-bot-postmoogle --read-only \ --network={{ matrix_docker_network }} \ --env-file={{ matrix_bot_postmoogle_config_path }}/env \ - -p {{ matrix_bot_postmoogle_port }}:{{ matrix_bot_postmoogle_port }} \ + -p {{ matrix_bot_postmoogle_smtp_host_bind_port }}:{{ matrix_bot_postmoogle_port }} \ --mount type=bind,src={{ matrix_bot_postmoogle_data_path }},dst=/data \ {% for arg in matrix_bot_postmoogle_container_extra_arguments %} {{ arg }} \ From eaf13264e6ba2752b48858a746bf3de795ff07b8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 14:16:07 +0300 Subject: [PATCH 10/22] Announce Postmoogle email bridge bot Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2043 --- CHANGELOG.md | 9 +++++++++ README.md | 2 +- docs/configuring-playbook-email2matrix.md | 2 +- docs/configuring-playbook.md | 2 ++ docs/container-images.md | 2 ++ 5 files changed, 15 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ffe7825e1..0e094858d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,12 @@ +# 2022-08-23 + +## Postmoogle email bridge support + +Thanks to [Aine](https://gitlab.com/etke.cc) of [etke.cc](https://etke.cc/), the playbook can now set up the new [Postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge/bot. Postmoogle is like the [email2matrix bridge](https://github.com/devture/email2matrix) (also [already supported by the playbook](docs/configuring-playbook-email2matrix.md)), but more capable and with the intention to soon support *sending* emails, not just receiving. + +See our [Setting up Postmoogle email bridging](docs/configuring-playbook-bot-postmoogle.md) documentation to get started. + + # 2022-08-10 ## mautrix-whatsapp default configuration changes diff --git a/README.md b/README.md index a9f346499..221e8a85b 100644 --- a/README.md +++ b/README.md @@ -113,7 +113,7 @@ Using this playbook, you can get the following services configured on your serve - (optional) [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot - see [docs/configuring-playbook-bot-honoroit.md](docs/configuring-playbook-bot-honoroit.md) for setup documentation -- (optional) [postmoogle](https://gitlab.com/etke.cc/postmoogle) email to matrix bot - see [docs/configuring-playbook-bot-postmoogle.md](docs/configuring-playbook-bot-postmoogle.md) for setup documentation +- (optional) [Postmoogle](https://gitlab.com/etke.cc/postmoogle) email to matrix bot - see [docs/configuring-playbook-bot-postmoogle.md](docs/configuring-playbook-bot-postmoogle.md) for setup documentation - (optional) [Go-NEB](https://github.com/matrix-org/go-neb) multi functional bot written in Go - see [docs/configuring-playbook-bot-go-neb.md](docs/configuring-playbook-bot-go-neb.md) for setup documentation diff --git a/docs/configuring-playbook-email2matrix.md b/docs/configuring-playbook-email2matrix.md index 0f1d3fb51..9bebe0e97 100644 --- a/docs/configuring-playbook-email2matrix.md +++ b/docs/configuring-playbook-email2matrix.md @@ -1,6 +1,6 @@ # Setting up Email2Matrix (optional) -**Note**: email bridging can also happen via the [postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. +**Note**: email bridging can also happen via the [Postmoogle](configuring-playbook-bot-postmoogle.md) bot supported by the playbook. The playbook can install and configure [email2matrix](https://github.com/devture/email2matrix) for you. diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index 1c03a9b59..b3b44b5ff 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -143,6 +143,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Setting up Email2Matrix](configuring-playbook-email2matrix.md) (optional) +- [Setting up Postmoogle email bridging](configuring-playbook-bot-postmoogle.md) (optional) + - [Setting up Matrix SMS bridging](configuring-playbook-bridge-matrix-bridge-sms.md) (optional) - [Setting up Heisenbridge bouncer-style IRC bridging](configuring-playbook-bridge-heisenbridge.md) (optional) diff --git a/docs/container-images.md b/docs/container-images.md index 762f37522..b16babff0 100644 --- a/docs/container-images.md +++ b/docs/container-images.md @@ -100,6 +100,8 @@ These services are not part of our default installation, but can be enabled by [ - [etke.cc/honoroit](https://gitlab.com/etke.cc/honoroit/container_registry) - the [honoroit](https://gitlab.com/etke.cc/honoroit) helpdesk bot (optional) +- [etke.cc/postmoogle](https://gitlab.com/etke.cc/postmoogle/container_registry) - the [Postmoogle](https://gitlab.com/etke.cc/postmoogle) email bridge bot (optional) + - [matrixdotorg/go-neb](https://hub.docker.com/r/matrixdotorg/go-neb) - the [Go-NEB](https://github.com/matrix-org/go-neb) bot (optional) - [matrixdotorg/mjolnir](https://hub.docker.com/r/matrixdotorg/mjolnir) - the [mjolnir](https://github.com/matrix-org/mjolnir) moderation bot (optional) From 5e08e946370cff4f230d4b002628a99b02eee0d5 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Tue, 23 Aug 2022 14:34:45 +0300 Subject: [PATCH 11/22] Fix self-building for Postmoogle Before this, it was trying to pull the `latest` git branch. Related to https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2043 --- roles/matrix-bot-postmoogle/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-postmoogle/defaults/main.yml b/roles/matrix-bot-postmoogle/defaults/main.yml index c3b363f63..5272e2f2d 100644 --- a/roles/matrix-bot-postmoogle/defaults/main.yml +++ b/roles/matrix-bot-postmoogle/defaults/main.yml @@ -6,7 +6,7 @@ matrix_bot_postmoogle_enabled: true matrix_bot_postmoogle_container_image_self_build: false matrix_bot_postmoogle_docker_repo: "https://gitlab.com/etke.cc/postmoogle.git" -matrix_bot_postmoogle_docker_repo_version: "{{ matrix_bot_postmoogle_version }}" +matrix_bot_postmoogle_docker_repo_version: "{{ 'main' if matrix_bot_postmoogle_version == 'latest' else matrix_bot_postmoogle_version }}" matrix_bot_postmoogle_docker_src_files_path: "{{ matrix_base_data_path }}/postmoogle/docker-src" matrix_bot_postmoogle_version: latest From 241bd4785fc331d84669e77afa284faffe70c88e Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 14:25:11 +0000 Subject: [PATCH 12/22] Update Honoroit 0.9.12 -> 0.9.13 --- roles/matrix-bot-honoroit/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-honoroit/defaults/main.yml b/roles/matrix-bot-honoroit/defaults/main.yml index fe0b0981a..7a3e0d190 100644 --- a/roles/matrix-bot-honoroit/defaults/main.yml +++ b/roles/matrix-bot-honoroit/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_honoroit_docker_repo: "https://gitlab.com/etke.cc/honoroit.git" matrix_bot_honoroit_docker_repo_version: "{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_src_files_path: "{{ matrix_base_data_path }}/honoroit/docker-src" -matrix_bot_honoroit_version: v0.9.12 +matrix_bot_honoroit_version: v0.9.13 matrix_bot_honoroit_docker_image: "{{ matrix_bot_honoroit_docker_image_name_prefix }}honoroit:{{ matrix_bot_honoroit_version }}" matrix_bot_honoroit_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_honoroit_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_honoroit_docker_image_force_pull: "{{ matrix_bot_honoroit_docker_image.endswith(':latest') }}" From 9bd5376e03403c3645d630654413e20db189ee21 Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 14:26:03 +0000 Subject: [PATCH 13/22] Update Buscarron 1.2.0 -> 1.2.1 --- roles/matrix-bot-buscarron/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bot-buscarron/defaults/main.yml b/roles/matrix-bot-buscarron/defaults/main.yml index 6d289bb9c..648d53447 100644 --- a/roles/matrix-bot-buscarron/defaults/main.yml +++ b/roles/matrix-bot-buscarron/defaults/main.yml @@ -9,7 +9,7 @@ matrix_bot_buscarron_docker_repo: "https://gitlab.com/etke.cc/buscarron.git" matrix_bot_buscarron_docker_repo_version: "{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_src_files_path: "{{ matrix_base_data_path }}/buscarron/docker-src" -matrix_bot_buscarron_version: v1.2.0 +matrix_bot_buscarron_version: v1.2.1 matrix_bot_buscarron_docker_image: "{{ matrix_bot_buscarron_docker_image_name_prefix }}buscarron:{{ matrix_bot_buscarron_version }}" matrix_bot_buscarron_docker_image_name_prefix: "{{ 'localhost/' if matrix_bot_buscarron_container_image_self_build else 'registry.gitlab.com/etke.cc/' }}" matrix_bot_buscarron_docker_image_force_pull: "{{ matrix_bot_buscarron_docker_image.endswith(':latest') }}" From 4f3e4dad14e92329dd15023e2aa121f46b399fbe Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 20:46:31 +0000 Subject: [PATCH 14/22] Update mautrix-twitter 0.1.4 -> 0.1.5 --- roles/matrix-bridge-mautrix-twitter/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml index 29999c450..684b889ac 100644 --- a/roles/matrix-bridge-mautrix-twitter/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-twitter/defaults/main.yml @@ -8,7 +8,7 @@ matrix_mautrix_twitter_container_image_self_build: false matrix_mautrix_twitter_container_image_self_build_repo: "https://github.com/mautrix/twitter.git" matrix_mautrix_twitter_container_image_self_build_repo_version: "{{ 'master' if matrix_mautrix_twitter_version == 'latest' else matrix_mautrix_twitter_version }}" -matrix_mautrix_twitter_version: v0.1.4 +matrix_mautrix_twitter_version: v0.1.5 # See: https://mau.dev/tulir/mautrix-twitter/container_registry matrix_mautrix_twitter_docker_image: "{{ matrix_mautrix_twitter_docker_image_name_prefix }}mautrix/twitter:{{ matrix_mautrix_twitter_version }}" matrix_mautrix_twitter_docker_image_name_prefix: "{{ 'localhost/' if matrix_mautrix_twitter_container_image_self_build else 'dock.mau.dev/' }}" From fe6b7493126ef3fd8ce21495381932ff2ebeac9b Mon Sep 17 00:00:00 2001 From: Aine <97398200+etkecc@users.noreply.github.com> Date: Tue, 23 Aug 2022 20:47:25 +0000 Subject: [PATCH 15/22] Update grafana 9.1.0 -> 9.1.1 --- roles/matrix-grafana/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-grafana/defaults/main.yml b/roles/matrix-grafana/defaults/main.yml index 4782c662c..6ef4cb6ab 100644 --- a/roles/matrix-grafana/defaults/main.yml +++ b/roles/matrix-grafana/defaults/main.yml @@ -5,7 +5,7 @@ matrix_grafana_enabled: false -matrix_grafana_version: 9.1.0 +matrix_grafana_version: 9.1.1 matrix_grafana_docker_image: "{{ matrix_container_global_registry_prefix }}grafana/grafana:{{ matrix_grafana_version }}" matrix_grafana_docker_image_force_pull: "{{ matrix_grafana_docker_image.endswith(':latest') }}" From 3f8cb96a1863bb4288147e37f136ca8afa13e371 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Tue, 23 Aug 2022 16:12:09 +0000 Subject: [PATCH 16/22] dendrite: fix user-registration command --- .../usr-local-bin/matrix-dendrite-create-account.j2 | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 index 5332b964d..7505566aa 100644 --- a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 +++ b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 @@ -8,5 +8,10 @@ fi user=$1 password=$2 +admin=$3 -docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" +if [ "$admin" -eq "1" ]; then + docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -admin -url http://localhost:{{ matrix_dendrite_http_bind_port }} +else + docker exec matrix-dendrite create-account -config /data/dendrite.yaml -username "$user" -password "$password" -url http://localhost:{{ matrix_dendrite_http_bind_port }} +fi From 3ff56bff1deb0ce048d8b4919afbd3fb2ffd28d2 Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Tue, 23 Aug 2022 21:41:59 +0000 Subject: [PATCH 17/22] dendrite: disabled registration by default --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index b2697858e..90eedb91e 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -83,7 +83,7 @@ matrix_dendrite_rate_limiting_threshold: 5 matrix_dendrite_rate_limiting_cooloff_ms: 500 # Controls whether people with access to the homeserver can register by themselves. -matrix_dendrite_registration_disabled: false +matrix_dendrite_registration_disabled: true # reCAPTCHA API for validating registration attempts matrix_dendrite_enable_registration_captcha: false From 3ffd1638a0b0e45758f86e3d6f4d4366595fc339 Mon Sep 17 00:00:00 2001 From: Vincent Post Date: Tue, 23 Aug 2022 23:55:43 +0200 Subject: [PATCH 18/22] feat(telegram-bridge): add variable to enable encryption support --- .../defaults/main.yml | 5 +++ .../templates/config.yaml.j2 | 32 ++++++++++--------- 2 files changed, 22 insertions(+), 15 deletions(-) diff --git a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml index 5c3c88fb8..79c9b7e59 100644 --- a/roles/matrix-bridge-mautrix-telegram/defaults/main.yml +++ b/roles/matrix-bridge-mautrix-telegram/defaults/main.yml @@ -156,3 +156,8 @@ matrix_mautrix_telegram_registration: "{{ matrix_mautrix_telegram_registration_y matrix_mautrix_telegram_username_template: 'telegram_{userid}' matrix_mautrix_telegram_alias_template: 'telegram_{groupname}' matrix_mautrix_telegram_displayname_template: '{displayname} (Telegram)' + +# Enable End-to-bridge encryption +matrix_mautrix_telegram_bridge_encryption_allow: false +matrix_mautrix_telegram_bridge_encryption_default: "{{ matrix_mautrix_telegram_bridge_encryption_allow }}" +matrix_mautrix_telegram_bridge_encryption_key_sharing_allow: "{{ matrix_mautrix_telegram_bridge_encryption_allow }}" diff --git a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 index 3a7ab7f1e..d50be47da 100644 --- a/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 +++ b/roles/matrix-bridge-mautrix-telegram/templates/config.yaml.j2 @@ -176,27 +176,29 @@ bridge: height: 256 background: "020202" # only for gif fps: 30 # only for webm - # End-to-bridge encryption support options. These require matrix-nio to be installed with pip - # and login_shared_secret to be configured in order to get a device for the bridge bot. + # End-to-bridge encryption support options. # - # Additionally, https://github.com/matrix-org/synapse/pull/5758 is required if using a normal - # application service. + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. encryption: # Allow encryption, work in group chat rooms with e2ee enabled - allow: false + allow: {{ matrix_mautrix_telegram_bridge_encryption_allow|to_json }} # Default to encryption, force-enable encryption in all portals the bridge creates # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false - # Database for the encryption data. Currently only supports Postgres and an in-memory - # store that's persisted as a pickle. - # If set to `default`, will use the appservice postgres database - # or a pickle file if the appservice database is sqlite. - # - # Format examples: - # Pickle: pickle:///filename.pickle - # Postgres: postgres://username:password@hostname/dbname + default: {{ matrix_mautrix_telegram_bridge_encryption_default|to_json }} + # Database for the encryption data. If set to `default`, will use the appservice database. database: default - + # Options for automatic key sharing. + key_sharing: + # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow: {{ matrix_mautrix_telegram_bridge_encryption_key_sharing_allow|to_json }} + # Require the requesting device to have a valid cross-signing signature? + # This doesn't require that the bridge has verified the device, only that the user has verified it. + # Not yet implemented. + require_cross_signing: false + # Require devices to be verified by the bridge? + # Verification by the bridge is not yet implemented. + require_verification: true # Whether or not to explicitly set the avatar and room name for private # chat portal rooms. This will be implicitly enabled if encryption.default is true. private_chat_portal_meta: false From d7ed672f7f3e7e43569af83ccb0b17e0788cce2d Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 24 Aug 2022 06:59:08 +0300 Subject: [PATCH 19/22] Fix matrix-dendrite-create-account usage help --- .../dendrite/usr-local-bin/matrix-dendrite-create-account.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 index 7505566aa..507c7012e 100644 --- a/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 +++ b/roles/matrix-dendrite/templates/dendrite/usr-local-bin/matrix-dendrite-create-account.j2 @@ -2,7 +2,7 @@ #!/bin/bash if [ $# -ne 2 ]; then - echo "Usage: "$0" " + echo "Usage: "$0" " exit 1 fi From f674afe5e8d7d4df50ae9f92439f0818c8086a0d Mon Sep 17 00:00:00 2001 From: Shaleen Jain Date: Wed, 24 Aug 2022 11:08:12 +0530 Subject: [PATCH 20/22] appservice: add and use homeserver_container_* vars (#2045) * appservice: add and use matrix_homeserver_* vars * appservice: use the new vars * Apply suggestions from code review Co-authored-by: Slavi Pantaleev Co-authored-by: Slavi Pantaleev --- group_vars/matrix_servers | 6 +++++ roles/matrix-base/vars/main.yml | 3 +++ .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../matrix-bridge-heisenbridge/tasks/init.yml | 8 +++---- roles/matrix-bridge-hookshot/tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- .../tasks/init.yml | 8 +++---- roles/matrix-bridge-sms/tasks/init.yml | 8 +++---- roles/matrix-dendrite/defaults/main.yml | 22 +++++++++++++++++++ .../templates/dendrite/dendrite.yaml.j2 | 2 +- .../systemd/matrix-dendrite.service.j2 | 2 +- roles/matrix-synapse/defaults/main.yml | 22 +++++++++++++++++++ .../templates/synapse/homeserver.yaml.j2 | 2 +- .../systemd/matrix-synapse-worker.service.j2 | 2 +- .../synapse/systemd/matrix-synapse.service.j2 | 2 +- 34 files changed, 158 insertions(+), 105 deletions(-) diff --git a/group_vars/matrix_servers b/group_vars/matrix_servers index fc67e761e..2ac8cc297 100755 --- a/group_vars/matrix_servers +++ b/group_vars/matrix_servers @@ -2331,6 +2331,9 @@ matrix_synapse_redis_enabled: "{{ matrix_redis_enabled }}" matrix_synapse_redis_host: "{{ 'matrix-redis' if matrix_redis_enabled else '' }}" matrix_synapse_redis_password: "{{ matrix_redis_connection_password if matrix_redis_enabled else '' }}" +matrix_synapse_container_runtime_injected_arguments: "{{ matrix_homeserver_container_runtime_injected_arguments }}" +matrix_synapse_app_service_runtime_injected_config_files: "{{ matrix_homeserver_app_service_runtime_injected_config_files }}" + ###################################################################### # # /matrix-synapse @@ -2596,6 +2599,9 @@ matrix_dendrite_systemd_wanted_services_list: | (['matrix-coturn.service'] if matrix_coturn_enabled else []) }} +matrix_dendrite_container_runtime_injected_arguments: "{{ matrix_homeserver_container_runtime_injected_arguments }}" +matrix_dendrite_app_service_runtime_injected_config_files: "{{ matrix_homeserver_app_service_runtime_injected_config_files }}" + ###################################################################### # # /matrix-dendrite diff --git a/roles/matrix-base/vars/main.yml b/roles/matrix-base/vars/main.yml index 28ac226a7..3578666f3 100644 --- a/roles/matrix-base/vars/main.yml +++ b/roles/matrix-base/vars/main.yml @@ -2,3 +2,6 @@ # This will contain a list of enabled services that the playbook is managing. # Each component is expected to append its service name to this list. matrix_systemd_services_list: [] + +matrix_homeserver_container_runtime_injected_arguments: [] +matrix_homeserver_app_service_runtime_injected_config_files: [] diff --git a/roles/matrix-bridge-appservice-discord/tasks/init.yml b/roles/matrix-bridge-appservice-discord/tasks/init.yml index b9d875dae..915d73021 100644 --- a/roles/matrix-bridge-appservice-discord/tasks/init.yml +++ b/roles/matrix-bridge-appservice-discord/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_discord_config_path }}/registration.yaml,dst=/matrix-appservice-discord-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-discord-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-irc/tasks/init.yml b/roles/matrix-bridge-appservice-irc/tasks/init.yml index 9713e9b7f..031271279 100644 --- a/roles/matrix-bridge-appservice-irc/tasks/init.yml +++ b/roles/matrix-bridge-appservice-irc/tasks/init.yml @@ -20,16 +20,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_irc_config_path }}/registration.yaml,dst=/matrix-appservice-irc-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-irc-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml index c2679b356..6112b5cce 100644 --- a/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml +++ b/roles/matrix-bridge-appservice-kakaotalk/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_kakaotalk_config_path }}/registration.yaml,dst=/matrix-appservice-kakaotalk-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-kakaotalk-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-slack/tasks/init.yml b/roles/matrix-bridge-appservice-slack/tasks/init.yml index e11125ed9..023b4288f 100644 --- a/roles/matrix-bridge-appservice-slack/tasks/init.yml +++ b/roles/matrix-bridge-appservice-slack/tasks/init.yml @@ -20,16 +20,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_slack_config_path }}/slack-registration.yaml,dst=/matrix-appservice-slack-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-slack-registration.yaml"] }} diff --git a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml index 8a12a686e..7cb2cfd6d 100644 --- a/roles/matrix-bridge-appservice-webhooks/tasks/init.yml +++ b/roles/matrix-bridge-appservice-webhooks/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_appservice_webhooks_config_path }}/webhooks-registration.yaml,dst=/matrix-appservice-webhooks-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-appservice-webhooks-registration.yaml"] }} diff --git a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml index 14137b705..1208f185b 100644 --- a/roles/matrix-bridge-beeper-linkedin/tasks/init.yml +++ b/roles/matrix-bridge-beeper-linkedin/tasks/init.yml @@ -6,16 +6,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_beeper_linkedin_config_path }}/registration.yaml,dst=/matrix-beeper-linkedin-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-beeper-linkedin-registration.yaml"] }} diff --git a/roles/matrix-bridge-go-skype-bridge/tasks/init.yml b/roles/matrix-bridge-go-skype-bridge/tasks/init.yml index 9b8265560..58808454f 100644 --- a/roles/matrix-bridge-go-skype-bridge/tasks/init.yml +++ b/roles/matrix-bridge-go-skype-bridge/tasks/init.yml @@ -5,16 +5,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_go_skype_bridge_config_path }}/registration.yaml,dst=/matrix-go-skype-bridge-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-go-skype-bridge-registration.yaml"] }} diff --git a/roles/matrix-bridge-heisenbridge/tasks/init.yml b/roles/matrix-bridge-heisenbridge/tasks/init.yml index 1612a5050..dd3d4c7d0 100644 --- a/roles/matrix-bridge-heisenbridge/tasks/init.yml +++ b/roles/matrix-bridge-heisenbridge/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_heisenbridge_base_path }}/registration.yaml,dst=/heisenbridge-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/heisenbridge-registration.yaml"] }} diff --git a/roles/matrix-bridge-hookshot/tasks/init.yml b/roles/matrix-bridge-hookshot/tasks/init.yml index f8a1e76cb..e6cd1209e 100644 --- a/roles/matrix-bridge-hookshot/tasks/init.yml +++ b/roles/matrix-bridge-hookshot/tasks/init.yml @@ -13,16 +13,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_hookshot_base_path }}/registration.yml,dst=/hookshot-registration.yml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/hookshot-registration.yml"] }} diff --git a/roles/matrix-bridge-mautrix-discord/tasks/init.yml b/roles/matrix-bridge-mautrix-discord/tasks/init.yml index 30baf0178..3f94a73ad 100644 --- a/roles/matrix-bridge-mautrix-discord/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-discord/tasks/init.yml @@ -5,16 +5,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_discord_config_path }}/registration.yaml,dst=/matrix-mautrix-discord-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-discord-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml index c5eb58bec..5252af828 100644 --- a/roles/matrix-bridge-mautrix-facebook/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-facebook/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_facebook_config_path }}/registration.yaml,dst=/matrix-mautrix-facebook-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-facebook-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml index 7f846526a..2c5bdc10c 100644 --- a/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-googlechat/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_googlechat_config_path }}/registration.yaml,dst=/matrix-mautrix-googlechat-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-googlechat-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml index 8ad9bc02a..39b88edbe 100644 --- a/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-hangouts/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_hangouts_config_path }}/registration.yaml,dst=/matrix-mautrix-hangouts-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-hangouts-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml index 5a78afed9..7ef037e33 100644 --- a/roles/matrix-bridge-mautrix-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-instagram/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_instagram_config_path }}/registration.yaml,dst=/matrix-mautrix-instagram-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-instagram-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-signal/tasks/init.yml b/roles/matrix-bridge-mautrix-signal/tasks/init.yml index c96fe596d..17ad98a4c 100644 --- a/roles/matrix-bridge-mautrix-signal/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-signal/tasks/init.yml @@ -6,16 +6,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_signal_config_path }}/registration.yaml,dst=/matrix-mautrix-signal-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-signal-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml index fac5a86c3..f9b3bb1c3 100644 --- a/roles/matrix-bridge-mautrix-telegram/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-telegram/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_telegram_config_path }}/registration.yaml,dst=/matrix-mautrix-telegram-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-telegram-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml index 75a60ffa1..67f0a7dcf 100644 --- a/roles/matrix-bridge-mautrix-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-twitter/tasks/init.yml @@ -6,16 +6,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_twitter_config_path }}/registration.yaml,dst=/matrix-mautrix-twitter-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-twitter-registration.yaml"] }} diff --git a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml index ab10a5303..7907c73d0 100644 --- a/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml +++ b/roles/matrix-bridge-mautrix-whatsapp/tasks/init.yml @@ -5,16 +5,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mautrix_whatsapp_config_path }}/registration.yaml,dst=/matrix-mautrix-whatsapp-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mautrix-whatsapp-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml index 9fbba3c81..9e2a937fe 100644 --- a/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-discord/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_discord_config_path }}/registration.yaml,dst=/matrix-mx-puppet-discord-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-discord-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml index 1a06b09ea..76d184dd1 100644 --- a/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-groupme/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_groupme_config_path }}/registration.yaml,dst=/matrix-mx-puppet-groupme-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-groupme-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml index 850c68592..741c32c0f 100644 --- a/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-instagram/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_instagram_config_path }}/registration.yaml,dst=/matrix-mx-puppet-instagram-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-instagram-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml index 2213df55c..506a271d3 100644 --- a/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-slack/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_slack_config_path }}/registration.yaml,dst=/matrix-mx-puppet-slack-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-slack-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml index fb3257b23..5f9a5a833 100644 --- a/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-steam/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_steam_config_path }}/registration.yaml,dst=/matrix-mx-puppet-steam-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-steam-registration.yaml"] }} diff --git a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml index d6e659643..444491ea2 100644 --- a/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml +++ b/roles/matrix-bridge-mx-puppet-twitter/tasks/init.yml @@ -12,16 +12,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_mx_puppet_twitter_config_path }}/registration.yaml,dst=/matrix-mx-puppet-twitter-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-mx-puppet-twitter-registration.yaml"] }} diff --git a/roles/matrix-bridge-sms/tasks/init.yml b/roles/matrix-bridge-sms/tasks/init.yml index 85684b81a..3c044c152 100644 --- a/roles/matrix-bridge-sms/tasks/init.yml +++ b/roles/matrix-bridge-sms/tasks/init.yml @@ -14,16 +14,16 @@ # If the matrix-synapse role is not used, these variables may not exist. - ansible.builtin.set_fact: - matrix_synapse_container_extra_arguments: > + matrix_homeserver_container_runtime_injected_arguments: > {{ - matrix_synapse_container_extra_arguments | default([]) + matrix_homeserver_container_runtime_injected_arguments | default([]) + ["--mount type=bind,src={{ matrix_sms_bridge_config_path }}/registration.yaml,dst=/matrix-sms-bridge-registration.yaml,ro"] }} - matrix_synapse_app_service_config_files: > + matrix_homeserver_app_service_runtime_injected_config_files: > {{ - matrix_synapse_app_service_config_files | default([]) + matrix_homeserver_app_service_runtime_injected_config_files | default([]) + ["/matrix-sms-bridge-registration.yaml"] }} diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 90eedb91e..52c9680f4 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -43,8 +43,19 @@ matrix_dendrite_container_http_host_bind_address: "" matrix_dendrite_container_https_host_bind_address: "" # A list of extra arguments to pass to the container (`docker run` command) +# Also see `matrix_dendrite_container_arguments` matrix_dendrite_container_extra_arguments: [] +# matrix_dendrite_container_runtime_injected_arguments is a list of extra arguments to pass to the container. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_container_extra_arguments`. +matrix_dendrite_container_runtime_injected_arguments: [] + +# matrix_dendrite_container_arguments holds the final list of extra arguments to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_container_extra_arguments`. +matrix_dendrite_container_arguments: "{{ matrix_dendrite_container_extra_arguments + matrix_dendrite_container_runtime_injected_arguments }}" + # A list of extra arguments to pass to the container process (`dendrite-monolith` command) # Example: # matrix_dendrite_process_extra_arguments: @@ -104,8 +115,19 @@ matrix_dendrite_container_additional_volumes: [] # A list of appservice config files (in-container filesystem paths). # This list gets populated dynamically based on Dendrite extensions that have been enabled. # You may wish to use this together with `matrix_dendrite_container_additional_volumes` or `matrix_dendrite_container_extra_arguments`. +# Also see `matrix_dendrite_app_service_config_files_final` matrix_dendrite_app_service_config_files: [] +# matrix_dendrite_app_service_runtime_injected_config_files is a list of appservice config files. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_app_service_config_files`. +matrix_dendrite_app_service_runtime_injected_config_files: [] + +# matrix_dendrite_app_service_config_files_final holds the final list of config files to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_dendrite_app_service_config_files`. +matrix_dendrite_app_service_config_files_final: "{{ matrix_dendrite_app_service_config_files + matrix_dendrite_app_service_runtime_injected_config_files }}" + # Enable exposure of metrics matrix_dendrite_metrics_enabled: false matrix_dendrite_metrics_username: "metrics" diff --git a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 index 62f8caba7..20131c106 100644 --- a/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 +++ b/roles/matrix-dendrite/templates/dendrite/dendrite.yaml.j2 @@ -145,7 +145,7 @@ app_service_api: disable_tls_validation: {{ matrix_dendrite_disable_tls_validation|to_json }} # Appservice configuration files to load into this homeserver. - config_files: {{ matrix_dendrite_app_service_config_files|to_json }} + config_files: {{ matrix_dendrite_app_service_config_files_final|to_json }} # Configuration for the Client API. client_api: diff --git a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 index 0613f443f..69eca497c 100644 --- a/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 +++ b/roles/matrix-dendrite/templates/dendrite/systemd/matrix-dendrite.service.j2 @@ -41,7 +41,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-dendrite \ {% for volume in matrix_dendrite_container_additional_volumes %} -v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \ {% endfor %} - {% for arg in matrix_dendrite_container_extra_arguments %} + {% for arg in matrix_dendrite_container_arguments %} {{ arg }} \ {% endfor %} {{ matrix_dendrite_docker_image }} \ diff --git a/roles/matrix-synapse/defaults/main.yml b/roles/matrix-synapse/defaults/main.yml index 3526cd154..6d204b174 100644 --- a/roles/matrix-synapse/defaults/main.yml +++ b/roles/matrix-synapse/defaults/main.yml @@ -61,8 +61,19 @@ matrix_synapse_container_metrics_api_host_bind_port: '' matrix_synapse_container_manhole_api_host_bind_port: '' # A list of extra arguments to pass to the container +# Also see `matrix_synapse_container_arguments` matrix_synapse_container_extra_arguments: [] +# matrix_synapse_container_runtime_injected_arguments is a list of extra arguments to pass to the container. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_container_extra_arguments`. +matrix_synapse_container_runtime_injected_arguments: [] + +# matrix_synapse_container_arguments holds the final list of extra arguments to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_container_extra_arguments`. +matrix_synapse_container_arguments: "{{ matrix_synapse_container_extra_arguments + matrix_synapse_container_runtime_injected_arguments }}" + # List of systemd services that matrix-synapse.service depends on matrix_synapse_systemd_required_services_list: ['docker.service'] @@ -324,8 +335,19 @@ matrix_synapse_additional_loggers: [] # A list of appservice config files (in-container filesystem paths). # This list gets populated dynamically based on Synapse extensions that have been enabled. # You may wish to use this together with `matrix_synapse_container_additional_volumes` or `matrix_synapse_container_extra_arguments`. +# Also see `matrix_synapse_app_service_config_files_final` matrix_synapse_app_service_config_files: [] +# matrix_synapse_app_service_runtime_injected_config_files is a list of appservice config files. +# This list is built during runtime. You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_app_service_config_files`. +matrix_synapse_app_service_runtime_injected_config_files: [] + +# matrix_synapse_app_service_config_files_final holds the final list of config files to pass to the container. +# You're not meant to override this variable. +# If you'd like to inject your own arguments, see `matrix_synapse_app_service_config_files`. +matrix_synapse_app_service_config_files_final: "{{ matrix_synapse_app_service_config_files + matrix_synapse_app_service_runtime_injected_config_files }}" + # This is set dynamically during execution depending on whether # any password providers have been enabled or not. matrix_synapse_password_providers_enabled: false diff --git a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 index cb9b85851..07c5ec89d 100644 --- a/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 +++ b/roles/matrix-synapse/templates/synapse/homeserver.yaml.j2 @@ -1647,7 +1647,7 @@ room_prejoin_state: # A list of application service config files to use # -app_service_config_files: {{ matrix_synapse_app_service_config_files|to_json }} +app_service_config_files: {{ matrix_synapse_app_service_config_files_final|to_json }} # Uncomment to enable tracking of application service IP addresses. Implicitly # enables MAU tracking for application service users. diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 index 43dc42d1f..c7ef13fa9 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse-worker.service.j2 @@ -39,7 +39,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name {{ matrix_synapse_wor {% for volume in matrix_synapse_container_additional_volumes %} -v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \ {% endfor %} - {% for arg in matrix_synapse_container_extra_arguments %} + {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} {{ matrix_synapse_docker_image }} \ diff --git a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 index 2b59748fd..027114fb3 100644 --- a/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 +++ b/roles/matrix-synapse/templates/synapse/systemd/matrix-synapse.service.j2 @@ -57,7 +57,7 @@ ExecStart={{ matrix_host_command_docker }} run --rm --name matrix-synapse \ {% for volume in matrix_synapse_container_additional_volumes %} -v {{ volume.src }}:{{ volume.dst }}:{{ volume.options }} \ {% endfor %} - {% for arg in matrix_synapse_container_extra_arguments %} + {% for arg in matrix_synapse_container_arguments %} {{ arg }} \ {% endfor %} {{ matrix_synapse_docker_image }} \ From b196e157966237f8fd4cc6792a87948208727d03 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Wed, 24 Aug 2022 17:08:53 +0300 Subject: [PATCH 21/22] Fix incorrectly named module arguments (ansible.builtin.group -> group) Regression since the mass-replace in 34cdaade0. Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2054 --- roles/matrix-client-element/tasks/setup_install.yml | 2 +- roles/matrix-synapse/tasks/import_media_store.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/matrix-client-element/tasks/setup_install.yml b/roles/matrix-client-element/tasks/setup_install.yml index 5fa34fa6e..b21da064d 100644 --- a/roles/matrix-client-element/tasks/setup_install.yml +++ b/roles/matrix-client-element/tasks/setup_install.yml @@ -45,7 +45,7 @@ line: '\1splitChunks: { maxSize: 100000,' backrefs: true owner: root - ansible.builtin.group: root + group: root mode: '0644' when: "matrix_client_element_container_image_self_build | bool and matrix_client_element_container_image_self_build_low_memory_system_patch_enabled | bool" diff --git a/roles/matrix-synapse/tasks/import_media_store.yml b/roles/matrix-synapse/tasks/import_media_store.yml index 133debe33..36ab9779b 100644 --- a/roles/matrix-synapse/tasks/import_media_store.yml +++ b/roles/matrix-synapse/tasks/import_media_store.yml @@ -57,7 +57,7 @@ delete: true # It's wasteful to preserve owner/group now. We chown below anyway. owner: false - ansible.builtin.group: false + group: false times: true delegate_to: "{{ inventory_hostname }}" From c558e0ad02cf648d7c627760b0a6bf4855b41f5b Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Thu, 25 Aug 2022 17:21:27 +0300 Subject: [PATCH 22/22] Upgrade Dendrite (v0.9.4 -> v0.9.5) --- roles/matrix-dendrite/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/matrix-dendrite/defaults/main.yml b/roles/matrix-dendrite/defaults/main.yml index 52c9680f4..50336a111 100644 --- a/roles/matrix-dendrite/defaults/main.yml +++ b/roles/matrix-dendrite/defaults/main.yml @@ -6,7 +6,7 @@ matrix_dendrite_enabled: true matrix_dendrite_docker_image: "{{ matrix_dendrite_docker_image_name_prefix }}matrixdotorg/dendrite-monolith:{{ matrix_dendrite_docker_image_tag }}" matrix_dendrite_docker_image_name_prefix: "docker.io/" -matrix_dendrite_docker_image_tag: "v0.9.4" +matrix_dendrite_docker_image_tag: "v0.9.5" matrix_dendrite_docker_image_force_pull: "{{ matrix_dendrite_docker_image.endswith(':latest') }}" matrix_dendrite_base_path: "{{ matrix_base_data_path }}/dendrite"