overmind
/
matrix-docker-ansible-deploy
огледало од https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Креирај огранак 0
Код Дискусије 0 Издања 0 Вики Activity
Matrix Docker Ansible eploy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10427 Комити
12 Гране
1.2 GiB
 
 
Дрво: 90d3cf78b3
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from '90d3cf78b3'
${ noResults }
matrix-docker-ansible-deploy/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2

257 lines
10 KiB
Датотека Blame Историја 

  1. {#

  2. SPDX-FileCopyrightText: 2021 Aaron Raimist

  3. SPDX-FileCopyrightText: 2022 - 2024 MDAD project contributors

  4. SPDX-FileCopyrightText: 2022 Slavi Pantaleev

  5. SPDX-FileCopyrightText: 2024 - 2025 Suguru Hirahara

  6. 

  7. SPDX-License-Identifier: AGPL-3.0-or-later

  8. #}

  9. 

  10. # Endpoint URL that Mjolnir uses to interact with the Matrix homeserver (client-server API),

  11. # set this to the pantalaimon URL if you're using that.

  12. homeserverUrl: {{ matrix_bot_mjolnir_homeserver_url | to_json }}

  13. 

  14. # Endpoint URL that Mjolnir could use to fetch events related to reports (client-server API and /_synapse/),

  15. # only set this to the public-internet homeserver client API URL, do NOT set this to the pantalaimon URL.

  16. rawHomeserverUrl: {{ matrix_bot_mjolnir_raw_homeserver_url | to_json }}

  17. 

  18. # Matrix Access Token to use, Mjolnir will only use this if pantalaimon.use is false.

  19. accessToken: {{ matrix_bot_mjolnir_access_token | to_json }}

  20. 

  21. {% if matrix_bot_mjolnir_pantalaimon_use %}

  22. # Options related to Pantalaimon (https://github.com/matrix-org/pantalaimon)

  23. pantalaimon:

  24.   # Whether or not Mjolnir will use pantalaimon to access the Matrix homeserver,

  25.   # set to `true` if you're using pantalaimon.

  26.   #

  27.   # Be sure to point homeserverUrl to the pantalaimon instance.

  28.   #

  29.   # Mjolnir will log in using the given username and password once,

  30.   # then store the resulting access token in a file under dataPath.

  31.   use: true

  32. 

  33.   # The username to login with.

  34.   username: {{ matrix_bot_mjolnir_pantalaimon_username | to_json }}

  35. 

  36.   # The password Mjolnir will login with.

  37.   #

  38.   # After successfully logging in once, this will be ignored, so this value can be blanked after first startup.

  39.   password: {{ matrix_bot_mjolnir_pantalaimon_password | to_json }}

  40. {% endif %}

  41. 

  42. # The path Mjolnir will store its state/data in, leave default ("/data/storage") when using containers.

  43. dataPath: "/data"

  44. 

  45. # If true (the default), Mjolnir will only accept invites from users present in managementRoom.

  46. autojoinOnlyIfManager: true

  47. 

  48. # If `autojoinOnlyIfManager` is false, only the members in this space can invite

  49. # the bot to new rooms.

  50. #acceptInvitesFromSpace: "!qporfwt:example.com"

  51. 

  52. # Whether Mjolnir should report ignored invites to the management room (if autojoinOnlyIfManager is true).

  53. recordIgnoredInvites: false

  54. 

  55. # The room ID (or room alias) of the management room, anyone in this room can issue commands to Mjolnir.

  56. #

  57. # Mjolnir has no more granular access controls other than this, be sure you trust everyone in this room - secure it!

  58. #

  59. # This should be a room alias or room ID - not a matrix.to URL.

  60. #

  61. # Note: By default, Mjolnir is fairly verbose - expect a lot of messages in this room.

  62. # (see verboseLogging to adjust this a bit.)

  63. managementRoom: {{ matrix_bot_mjolnir_management_room | to_json }}

  64. 

  65. # Whether Mjolnir should log a lot more messages in the room,

  66. # mainly involves "all-OK" messages, and debugging messages for when mjolnir checks bans in a room.

  67. verboseLogging: false

  68. 

  69. # The log level of terminal (or container) output.

  70. #

  71. # Valid values: ERROR, WARN, INFO, DEBUG

  72. logLevel: "INFO"

  73. 

  74. # Whether or not Mjolnir should synchronize policy lists immediately after startup.

  75. # Equivalent to running '!mjolnir sync'.

  76. syncOnStartup: true

  77. 

  78. # Whether or not Mjolnir should check moderation permissions in all protected rooms on startup.

  79. # Equivalent to running `!mjolnir verify`.

  80. verifyPermissionsOnStartup: true

  81. 

  82. # Whether or not Mjolnir should actually apply bans and policy lists,

  83. # turn on to trial some untrusted configuration or lists.

  84. noop: false

  85. 

  86. # Whether Mjolnir should check member lists quicker (by using a different endpoint),

  87. # keep in mind that enabling this will miss invited (but not joined) users.

  88. #

  89. # Turn on if your bot is in (very) large rooms, or in large amounts of rooms.

  90. fasterMembershipChecks: false

  91. 

  92. # A case-insensitive list of ban reasons to have the bot also automatically redact the user's messages for.

  93. #

  94. # If the bot sees you ban a user with a reason that is an (exact case-insensitive) match to this list,

  95. # it will also remove the user's messages automatically.

  96. #

  97. # Typically this is useful to avoid having to give two commands to the bot.

  98. # Advanced: Use asterisks to have the reason match using "globs"

  99. # (f.e. "spam*testing" would match "spam for testing" as well as "spamtesting").

  100. #

  101. # See here for more info: https://www.digitalocean.com/community/tools/glob

  102. # Note: Keep in mind that glob is NOT regex!

  103. automaticallyRedactForReasons:

  104.   - "spam"

  105.   - "advertising"

  106. 

  107. # A list of rooms to protect. Mjolnir will add this to the list it knows from its account data.

  108. #

  109. # It won't, however, add it to the account data.

  110. # Manually add the room via '!mjolnir rooms add' to have it stay protected regardless if this config value changes.

  111. #

  112. # Note: These must be matrix.to URLs

  113. #protectedRooms:

  114. #  - "https://matrix.to/#/#matrix:example.org"

  115. 

  116. # Whether or not to add all joined rooms to the "protected rooms" list

  117. # (excluding the management room and watched policy list rooms, see below).

  118. #

  119. # Note that this effectively makes the protectedRooms and associated commands useless

  120. # for regular rooms.

  121. #

  122. # Note: the management room is *excluded* from this condition.

  123. # Explicitly add it as a protected room to protect it.

  124. #

  125. # Note: Ban list rooms the bot is watching but didn't create will not be protected.

  126. # Explicitly add these rooms as a protected room list if you want them protected.

  127. protectAllJoinedRooms: false

  128. 

  129. # Increase this delay to have Mjölnir wait longer between two consecutive backgrounded

  130. # operations. The total duration of operations will be longer, but the homeserver won't

  131. # be affected as much. Conversely, decrease this delay to have Mjölnir chain operations

  132. # faster. The total duration of operations will generally be shorter, but the performance

  133. # of the homeserver may be more impacted.

  134. backgroundDelayMS: 500

  135. 

  136. # Server administration commands, these commands will only work if Mjolnir is

  137. # a global server administrator, and the bot's server is a Synapse instance.

  138. #admin:

  139. #  # Whether or not Mjolnir can temporarily take control of any eligible account from the local homeserver who's in the room

  140. #  # (with enough permissions) to "make" a user an admin.

  141. #  #

  142. #  # This only works if a local user with enough admin permissions is present in the room.

  143. #  enableMakeRoomAdminCommand: false

  144. 

  145. # Misc options for command handling and commands

  146. commands:

  147.   # Whether or not the `!mjolnir` prefix is necessary to submit commands.

  148.   #

  149.   # If `true`, will allow commands like `!ban`, `!help`, etc.

  150.   #

  151.   # Note: Mjolnir can also be pinged by display name instead of having to use

  152.   # the !mjolnir prefix. For example, "my_moderator_bot: ban @spammer:example.org"

  153.   # will address only my_moderator_bot.

  154.   allowNoPrefix: false

  155. 

  156.   # Any additional bot prefixes that Mjolnir will listen to. i.e. adding `mod` will allow `!mod help`.

  157.   additionalPrefixes:

  158.     - "mjolnir_bot"

  159. 

  160.   # Whether or not commands with a wildcard (*) will require an additional `--force` argument

  161.   # in the command to be able to be submitted.

  162.   confirmWildcardBan: true

  163. 

  164. # Configuration specific to certain toggle-able protections

  165. #protections:

  166. #  # Configuration for the wordlist plugin, which can ban users based if they say certain

  167. #  # blocked words shortly after joining.

  168. #  wordlist:

  169. #    # A list of case-insensitive keywords that the WordList protection will watch for from new users.

  170. #    #

  171. #    # WordList will ban users who use these words when first joining a room, so take caution when selecting them.

  172. #    #

  173. #    # For advanced usage, regex can also be used, see the following links for more information;

  174. #    #  - https://www.digitalocean.com/community/tutorials/an-introduction-to-regular-expressions

  175. #    #  - https://regexr.com/

  176. #    #  - https://regexone.com/

  177. #    words:

  178. #      - "LoReM"

  179. #      - "IpSuM"

  180. #      - "DoLoR"

  181. #      - "aMeT"

  182. #

  183. #    # For how long (in minutes) the user is "new" to the WordList plugin.

  184. #    #

  185. #    # After this time, the user will no longer be banned for using a word in the above wordlist.

  186. #    #

  187. #    # Set to zero to disable the timeout and make users *always* appear "new".

  188. #    # (users will always be banned if they say a bad word)

  189. #    minutesBeforeTrusting: 20

  190. 

  191. # Options for advanced monitoring of the health of the bot.

  192. health:

  193.   # healthz options. These options are best for use in container environments

  194.   # like Kubernetes to detect how healthy the service is. The bot will report

  195.   # that it is unhealthy until it is able to process user requests. Typically

  196.   # this means that it'll flag itself as unhealthy for a number of minutes

  197.   # before saying "Now monitoring rooms" and flagging itself healthy.

  198.   #

  199.   # Health is flagged through HTTP status codes, defined below.

  200.   healthz:

  201.     # Whether the healthz integration should be enabled (default false)

  202.     enabled: false

  203. 

  204.     # The port to expose the webserver on. Defaults to 8080.

  205.     port: 8080

  206. 

  207.     # The address to listen for requests on. Defaults to all addresses.

  208.     address: "0.0.0.0"

  209. 

  210.     # The path to expose the monitoring endpoint at. Defaults to `/healthz`

  211.     endpoint: "/healthz"

  212. 

  213.     # The HTTP status code which reports that the bot is healthy/ready to

  214.     # process requests. Typically this should not be changed. Defaults to

  215.     # 200.

  216.     healthyStatus: 200

  217. 

  218.     # The HTTP status code which reports that the bot is not healthy/ready.

  219.     # Defaults to 418.

  220.     unhealthyStatus: 418

  221. 

  222. # Options for exposing web APIs.

  223. #web:

  224. #  # Whether to enable web APIs.

  225. #  enabled: false

  226. #

  227. #  # The port to expose the webserver on. Defaults to 8080.

  228. #  port: 8080

  229. #

  230. #  # The address to listen for requests on. Defaults to only the current

  231. #  # computer.

  232. #  address: localhost

  233. #

  234. #  # Alternative setting to open to the entire web. Be careful,

  235. #  # as this will increase your security perimeter:

  236. #  #

  237. #  #  address: "0.0.0.0"

  238. #

  239. #  # A web API designed to intercept Matrix API

  240. #  # POST /_matrix/client/r0/rooms/{roomId}/report/{eventId}

  241. #  # and display readable abuse reports in the moderation room.

  242. #  #

  243. #  # If you wish to take advantage of this feature, you will need

  244. #  # to configure a reverse proxy, see e.g. test/nginx.conf

  245. #  abuseReporting:

  246. #    # Whether to enable this feature.

  247. #    enabled: false

  248. 

  249. # Whether or not to actively poll synapse for abuse reports, to be used

  250. # instead of intercepting client calls to synapse's abuse endpoint, when that

  251. # isn't possible/practical.

  252. pollReports: false

  253. 

  254. # Whether or not new reports, received either by webapi or polling,

  255. # should be printed to our managementRoom.

  256. displayReports: false