overmind
/
matrix-docker-ansible-deploy
réplica de https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Fork 0
Código Incidencias 0 Lanzamientos 0 Wiki Actividad
Matrix Docker Ansible eploy
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
11336 Commits
12 Ramas
335 MiB
 
 
Árbol: a3e40e989e
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'a3e40e989e'
${ noResults }
matrix-docker-ansible-deploy/roles/custom/matrix-tuwunel/templates/tuwunel.toml.j2

242 líneas
11 KiB
Original Blame Histórico 

  1. {#

  2. SPDX-FileCopyrightText: 2025 - 2026 MDAD project contributors

  3. SPDX-FileCopyrightText: 2025 - 2026 Slavi Pantaleev

  4. 

  5. SPDX-License-Identifier: AGPL-3.0-or-later

  6. #}

  7. ### Tuwunel configuration rendered by matrix-docker-ansible-deploy.

  8. ###

  9. ### This file only emits options exposed as Ansible variables. All other knobs

  10. ### keep tuwunel's upstream defaults. To override anything not surfaced here,

  11. ### use `matrix_tuwunel_environment_variables_extension` (env vars override TOML)

  12. ### or replace the template via `matrix_tuwunel_template_tuwunel_config`.

  13. ###

  14. ### Reference: https://matrix-construct.github.io/tuwunel/configuration.html

  15. 

  16. [global]

  17. server_name = {{ matrix_tuwunel_config_server_name | to_json }}

  18. address = "0.0.0.0"

  19. port = {{ matrix_tuwunel_config_port_number }}

  20. database_path = "/var/lib/tuwunel"

  21. 

  22. max_request_size = {{ matrix_tuwunel_config_max_request_size }}

  23. 

  24. new_user_displayname_suffix = {{ matrix_tuwunel_config_new_user_displayname_suffix | to_json }}

  25. 

  26. allow_registration = {{ matrix_tuwunel_config_allow_registration | to_json }}

  27. {% if matrix_tuwunel_config_registration_token | length > 0 %}

  28. registration_token = {{ matrix_tuwunel_config_registration_token | to_json }}

  29. {% endif %}

  30. {% if matrix_tuwunel_config_yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse | bool %}

  31. yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse = true

  32. {% endif %}

  33. 

  34. {% if matrix_tuwunel_config_emergency_password | length > 0 %}

  35. emergency_password = {{ matrix_tuwunel_config_emergency_password | to_json }}

  36. {% endif %}

  37. 

  38. allow_encryption = {{ matrix_tuwunel_config_allow_encryption | to_json }}

  39. allow_room_creation = {{ matrix_tuwunel_config_allow_room_creation | to_json }}

  40. default_room_version = {{ matrix_tuwunel_config_default_room_version | to_json }}

  41. {% if matrix_tuwunel_config_auto_join_rooms | length > 0 %}

  42. auto_join_rooms = {{ matrix_tuwunel_config_auto_join_rooms | to_json }}

  43. {% endif %}

  44. 

  45. allow_federation = {{ matrix_tuwunel_config_allow_federation | to_json }}

  46. trusted_servers = {{ matrix_tuwunel_config_trusted_servers | to_json }}

  47. {% if matrix_tuwunel_config_allowed_remote_server_names | length > 0 %}

  48. allowed_remote_server_names_experimental = {{ matrix_tuwunel_config_allowed_remote_server_names | to_json }}

  49. {% endif %}

  50. {% if matrix_tuwunel_config_forbidden_remote_server_names | length > 0 %}

  51. forbidden_remote_server_names = {{ matrix_tuwunel_config_forbidden_remote_server_names | to_json }}

  52. {% endif %}

  53. {% if matrix_tuwunel_config_forbidden_remote_room_directory_server_names | length > 0 %}

  54. forbidden_remote_room_directory_server_names = {{ matrix_tuwunel_config_forbidden_remote_room_directory_server_names | to_json }}

  55. {% endif %}

  56. {% if matrix_tuwunel_config_prevent_media_downloads_from | length > 0 %}

  57. prevent_media_downloads_from = {{ matrix_tuwunel_config_prevent_media_downloads_from | to_json }}

  58. {% endif %}

  59. 

  60. enable_policy_servers = {{ matrix_tuwunel_config_enable_policy_servers | to_json }}

  61. policy_server_request_timeout = {{ matrix_tuwunel_config_policy_server_request_timeout }}

  62. 

  63. allow_outgoing_presence = {{ matrix_tuwunel_config_allow_outgoing_presence | to_json }}

  64. 

  65. {% if matrix_tuwunel_config_url_preview_domain_contains_allowlist | length > 0 %}

  66. url_preview_domain_contains_allowlist = {{ matrix_tuwunel_config_url_preview_domain_contains_allowlist | to_json }}

  67. {% endif %}

  68. {% if matrix_tuwunel_config_url_preview_domain_explicit_allowlist | length > 0 %}

  69. url_preview_domain_explicit_allowlist = {{ matrix_tuwunel_config_url_preview_domain_explicit_allowlist | to_json }}

  70. {% endif %}

  71. url_preview_check_root_domain = {{ matrix_tuwunel_config_url_preview_check_root_domain | to_json }}

  72. 

  73. create_admin_room = {{ matrix_tuwunel_config_create_admin_room | to_json }}

  74. federate_admin_room = {{ matrix_tuwunel_config_federate_admin_room | to_json }}

  75. grant_admin_to_first_user = {{ matrix_tuwunel_config_grant_admin_to_first_user | to_json }}

  76. 

  77. log = {{ matrix_tuwunel_config_log | to_json }}

  78. 

  79. {% if matrix_tuwunel_config_turn_uris | length > 0 %}

  80. turn_uris = {{ matrix_tuwunel_config_turn_uris | to_json }}

  81. {% endif %}

  82. {% if matrix_tuwunel_config_turn_secret | length > 0 %}

  83. turn_secret = {{ matrix_tuwunel_config_turn_secret | to_json }}

  84. {% endif %}

  85. {% if matrix_tuwunel_config_turn_username | length > 0 %}

  86. turn_username = {{ matrix_tuwunel_config_turn_username | to_json }}

  87. {% endif %}

  88. {% if matrix_tuwunel_config_turn_password | length > 0 %}

  89. turn_password = {{ matrix_tuwunel_config_turn_password | to_json }}

  90. {% endif %}

  91. 

  92. {% if matrix_tuwunel_config_rocksdb_compression_algo | length > 0 %}

  93. rocksdb_compression_algo = {{ matrix_tuwunel_config_rocksdb_compression_algo | to_json }}

  94. {% endif %}

  95. {% if matrix_tuwunel_config_rocksdb_compression_level | string | length > 0 %}

  96. rocksdb_compression_level = {{ matrix_tuwunel_config_rocksdb_compression_level }}

  97. {% endif %}

  98. {% if matrix_tuwunel_config_rocksdb_bottommost_compression_level | string | length > 0 %}

  99. rocksdb_bottommost_compression_level = {{ matrix_tuwunel_config_rocksdb_bottommost_compression_level }}

  100. {% endif %}

  101. rocksdb_direct_io = {{ matrix_tuwunel_config_rocksdb_direct_io | to_json }}

  102. {% if matrix_tuwunel_config_rocksdb_parallelism_threads | int > 0 %}

  103. rocksdb_parallelism_threads = {{ matrix_tuwunel_config_rocksdb_parallelism_threads }}

  104. {% endif %}

  105. {% if matrix_tuwunel_config_rocksdb_max_log_file_size | string | length > 0 %}

  106. rocksdb_max_log_file_size = {{ matrix_tuwunel_config_rocksdb_max_log_file_size }}

  107. {% endif %}

  108. {% if matrix_tuwunel_config_rocksdb_log_time_to_roll | string | length > 0 %}

  109. rocksdb_log_time_to_roll = {{ matrix_tuwunel_config_rocksdb_log_time_to_roll }}

  110. {% endif %}

  111. {% if matrix_tuwunel_config_database_backup_path | length > 0 %}

  112. database_backup_path = {{ matrix_tuwunel_config_database_backup_path | to_json }}

  113. database_backups_to_keep = {{ matrix_tuwunel_config_database_backups_to_keep }}

  114. {% endif %}

  115. 

  116. {% if matrix_tuwunel_config_cache_capacity_modifier | string | length > 0 %}

  117. cache_capacity_modifier = {{ matrix_tuwunel_config_cache_capacity_modifier }}

  118. {% endif %}

  119. {% if matrix_tuwunel_config_db_cache_capacity_mb | string | length > 0 %}

  120. db_cache_capacity_mb = {{ matrix_tuwunel_config_db_cache_capacity_mb }}

  121. {% endif %}

  122. {% if matrix_tuwunel_config_db_write_buffer_capacity_mb | string | length > 0 %}

  123. db_write_buffer_capacity_mb = {{ matrix_tuwunel_config_db_write_buffer_capacity_mb }}

  124. {% endif %}

  125. 

  126. {% if matrix_tuwunel_config_sentry_enabled | bool %}

  127. sentry = true

  128. {% if matrix_tuwunel_config_sentry_endpoint | length > 0 %}

  129. sentry_endpoint = {{ matrix_tuwunel_config_sentry_endpoint | to_json }}

  130. {% endif %}

  131. sentry_send_server_name = {{ matrix_tuwunel_config_sentry_send_server_name | to_json }}

  132. sentry_traces_sample_rate = {{ matrix_tuwunel_config_sentry_traces_sample_rate }}

  133. {% endif %}

  134. 

  135. {% if (matrix_tuwunel_config_tls_certs | length > 0) and (matrix_tuwunel_config_tls_key | length > 0) %}

  136. 

  137. [global.tls]

  138. certs = {{ matrix_tuwunel_config_tls_certs | to_json }}

  139. key = {{ matrix_tuwunel_config_tls_key | to_json }}

  140. dual_protocol = {{ matrix_tuwunel_config_tls_dual_protocol | to_json }}

  141. {% endif %}

  142. 

  143. {% set well_known_keys = [

  144.   matrix_tuwunel_config_well_known_client,

  145.   matrix_tuwunel_config_well_known_server,

  146.   matrix_tuwunel_config_well_known_support_page,

  147.   matrix_tuwunel_config_well_known_support_email,

  148.   matrix_tuwunel_config_well_known_support_mxid,

  149.   matrix_tuwunel_config_well_known_livekit_url,

  150. ] %}

  151. {% if well_known_keys | select | list | length > 0 %}

  152. 

  153. [global.well_known]

  154. {% if matrix_tuwunel_config_well_known_client | length > 0 %}

  155. client = {{ matrix_tuwunel_config_well_known_client | to_json }}

  156. {% endif %}

  157. {% if matrix_tuwunel_config_well_known_server | length > 0 %}

  158. server = {{ matrix_tuwunel_config_well_known_server | to_json }}

  159. {% endif %}

  160. {% if matrix_tuwunel_config_well_known_support_page | length > 0 %}

  161. support_page = {{ matrix_tuwunel_config_well_known_support_page | to_json }}

  162. {% endif %}

  163. {% if matrix_tuwunel_config_well_known_support_email | length > 0 %}

  164. support_email = {{ matrix_tuwunel_config_well_known_support_email | to_json }}

  165. {% endif %}

  166. {% if matrix_tuwunel_config_well_known_support_mxid | length > 0 %}

  167. support_mxid = {{ matrix_tuwunel_config_well_known_support_mxid | to_json }}

  168. {% endif %}

  169. {% if matrix_tuwunel_config_well_known_livekit_url | length > 0 %}

  170. livekit_url = {{ matrix_tuwunel_config_well_known_livekit_url | to_json }}

  171. {% endif %}

  172. {% endif %}

  173. 

  174. {% if matrix_tuwunel_config_blurhashing_enabled | bool %}

  175. 

  176. [global.blurhashing]

  177. components_x = {{ matrix_tuwunel_config_blurhashing_components_x }}

  178. components_y = {{ matrix_tuwunel_config_blurhashing_components_y }}

  179. blurhash_max_raw_size = {{ matrix_tuwunel_config_blurhashing_max_raw_size }}

  180. {% endif %}

  181. 

  182. {% if matrix_tuwunel_config_ldap_enabled | bool %}

  183. 

  184. [global.ldap]

  185. enable = true

  186. uri = {{ matrix_tuwunel_config_ldap_uri | to_json }}

  187. base_dn = {{ matrix_tuwunel_config_ldap_base_dn | to_json }}

  188. {% if matrix_tuwunel_config_ldap_bind_dn | length > 0 %}

  189. bind_dn = {{ matrix_tuwunel_config_ldap_bind_dn | to_json }}

  190. {% endif %}

  191. {% if matrix_tuwunel_config_ldap_bind_password_file | length > 0 %}

  192. bind_password_file = {{ matrix_tuwunel_config_ldap_bind_password_file | to_json }}

  193. {% endif %}

  194. filter = {{ matrix_tuwunel_config_ldap_filter | to_json }}

  195. uid_attribute = {{ matrix_tuwunel_config_ldap_uid_attribute | to_json }}

  196. name_attribute = {{ matrix_tuwunel_config_ldap_name_attribute | to_json }}

  197. {% if matrix_tuwunel_config_ldap_admin_base_dn | length > 0 %}

  198. admin_base_dn = {{ matrix_tuwunel_config_ldap_admin_base_dn | to_json }}

  199. {% endif %}

  200. {% if matrix_tuwunel_config_ldap_admin_filter | length > 0 %}

  201. admin_filter = {{ matrix_tuwunel_config_ldap_admin_filter | to_json }}

  202. {% endif %}

  203. {% endif %}

  204. 

  205. {% if matrix_tuwunel_config_jwt_enabled | bool %}

  206. 

  207. [global.jwt]

  208. enable = true

  209. {% if matrix_tuwunel_config_jwt_key | length > 0 %}

  210. key = {{ matrix_tuwunel_config_jwt_key | to_json }}

  211. {% endif %}

  212. format = {{ matrix_tuwunel_config_jwt_format | to_json }}

  213. algorithm = {{ matrix_tuwunel_config_jwt_algorithm | to_json }}

  214. register_user = {{ matrix_tuwunel_config_jwt_register_user | to_json }}

  215. {% if matrix_tuwunel_config_jwt_audience | length > 0 %}

  216. audience = {{ matrix_tuwunel_config_jwt_audience | to_json }}

  217. {% endif %}

  218. {% if matrix_tuwunel_config_jwt_issuer | length > 0 %}

  219. issuer = {{ matrix_tuwunel_config_jwt_issuer | to_json }}

  220. {% endif %}

  221. require_exp = {{ matrix_tuwunel_config_jwt_require_exp | to_json }}

  222. require_nbf = {{ matrix_tuwunel_config_jwt_require_nbf | to_json }}

  223. validate_exp = {{ matrix_tuwunel_config_jwt_validate_exp | to_json }}

  224. validate_nbf = {{ matrix_tuwunel_config_jwt_validate_nbf | to_json }}

  225. {% endif %}

  226. 

  227. {% for idp in matrix_tuwunel_config_identity_providers %}

  228. 

  229. [[global.identity_provider]]

  230. {% for key, value in idp.items() %}

  231. {{ key }} = {{ value | to_json }}

  232. {% endfor %}

  233. {% endfor %}

  234. 

  235. {% for sp in matrix_tuwunel_config_storage_providers %}

  236. 

  237. [global.storage_provider.{{ sp.id }}.{{ sp.kind }}]

  238. {% for key, value in sp.items() if key not in ['id', 'kind'] %}

  239. {{ key }} = {{ value | to_json }}

  240. {% endfor %}

  241. {% endfor %}