overmind
/
matrix-docker-ansible-deploy
espelho de https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Derivar 0
Código Questões 0 Lançamentos 0 Wiki Trabalho
Matrix Docker Ansible eploy
Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
8758 Cometimentos
12 Ramos
618 MiB
 
 
Árvore: ab30390bd4
Ramos Etiquetas
${ item.name }
Criar ramo ${ searchTerm }
de 'ab30390bd4'
${ noResults }
matrix-docker-ansible-deploy/roles/custom/matrix-bot-mjolnir/templates/production.yaml.j2

255 linhas
10 KiB
Em bruto Responsabilidade Histórico 

  1. {#

  2. SPDX-FileCopyrightText: 2024 MDAD Team and contributors

  3. 

  4. SPDX-License-Identifier: AGPL-3.0-or-later

  5. #}

  6. 

  7. # Endpoint URL that Mjolnir uses to interact with the Matrix homeserver (client-server API),

  8. # set this to the pantalaimon URL if you're using that.

  9. homeserverUrl: {{ matrix_bot_mjolnir_homeserver_url | to_json }}

  10. 

  11. # Endpoint URL that Mjolnir could use to fetch events related to reports (client-server API and /_synapse/),

  12. # only set this to the public-internet homeserver client API URL, do NOT set this to the pantalaimon URL.

  13. rawHomeserverUrl: {{ matrix_bot_mjolnir_raw_homeserver_url | to_json }}

  14. 

  15. # Matrix Access Token to use, Mjolnir will only use this if pantalaimon.use is false.

  16. accessToken: {{ matrix_bot_mjolnir_access_token | to_json }}

  17. 

  18. {% if matrix_bot_mjolnir_pantalaimon_use %}

  19. # Options related to Pantalaimon (https://github.com/matrix-org/pantalaimon)

  20. pantalaimon:

  21.   # Whether or not Mjolnir will use pantalaimon to access the Matrix homeserver,

  22.   # set to `true` if you're using pantalaimon.

  23.   #

  24.   # Be sure to point homeserverUrl to the pantalaimon instance.

  25.   #

  26.   # Mjolnir will log in using the given username and password once,

  27.   # then store the resulting access token in a file under dataPath.

  28.   use: true

  29. 

  30.   # The username to login with.

  31.   username: {{ matrix_bot_mjolnir_pantalaimon_username | to_json }}

  32. 

  33.   # The password Mjolnir will login with.

  34.   #

  35.   # After successfully logging in once, this will be ignored, so this value can be blanked after first startup.

  36.   password: {{ matrix_bot_mjolnir_pantalaimon_password | to_json }}

  37. {% endif %}

  38. 

  39. # The path Mjolnir will store its state/data in, leave default ("/data/storage") when using containers.

  40. dataPath: "/data"

  41. 

  42. # If true (the default), Mjolnir will only accept invites from users present in managementRoom.

  43. autojoinOnlyIfManager: true

  44. 

  45. # If `autojoinOnlyIfManager` is false, only the members in this space can invite

  46. # the bot to new rooms.

  47. #acceptInvitesFromSpace: "!qporfwt:example.com"

  48. 

  49. # Whether Mjolnir should report ignored invites to the management room (if autojoinOnlyIfManager is true).

  50. recordIgnoredInvites: false

  51. 

  52. # The room ID (or room alias) of the management room, anyone in this room can issue commands to Mjolnir.

  53. #

  54. # Mjolnir has no more granular access controls other than this, be sure you trust everyone in this room - secure it!

  55. #

  56. # This should be a room alias or room ID - not a matrix.to URL.

  57. #

  58. # Note: By default, Mjolnir is fairly verbose - expect a lot of messages in this room.

  59. # (see verboseLogging to adjust this a bit.)

  60. managementRoom: {{ matrix_bot_mjolnir_management_room | to_json }}

  61. 

  62. # Whether Mjolnir should log a lot more messages in the room,

  63. # mainly involves "all-OK" messages, and debugging messages for when mjolnir checks bans in a room.

  64. verboseLogging: false

  65. 

  66. # The log level of terminal (or container) output,

  67. # can be one of DEBUG, INFO, WARN and ERROR, in increasing order of importance and severity.

  68. #

  69. # This should be at INFO or DEBUG in order to get support for Mjolnir problems.

  70. logLevel: "INFO"

  71. 

  72. # Whether or not Mjolnir should synchronize policy lists immediately after startup.

  73. # Equivalent to running '!mjolnir sync'.

  74. syncOnStartup: true

  75. 

  76. # Whether or not Mjolnir should check moderation permissions in all protected rooms on startup.

  77. # Equivalent to running `!mjolnir verify`.

  78. verifyPermissionsOnStartup: true

  79. 

  80. # Whether or not Mjolnir should actually apply bans and policy lists,

  81. # turn on to trial some untrusted configuration or lists.

  82. noop: false

  83. 

  84. # Whether Mjolnir should check member lists quicker (by using a different endpoint),

  85. # keep in mind that enabling this will miss invited (but not joined) users.

  86. #

  87. # Turn on if your bot is in (very) large rooms, or in large amounts of rooms.

  88. fasterMembershipChecks: false

  89. 

  90. # A case-insensitive list of ban reasons to have the bot also automatically redact the user's messages for.

  91. #

  92. # If the bot sees you ban a user with a reason that is an (exact case-insensitive) match to this list,

  93. # it will also remove the user's messages automatically.

  94. #

  95. # Typically this is useful to avoid having to give two commands to the bot.

  96. # Advanced: Use asterisks to have the reason match using "globs"

  97. # (f.e. "spam*testing" would match "spam for testing" as well as "spamtesting").

  98. #

  99. # See here for more info: https://www.digitalocean.com/community/tools/glob

  100. # Note: Keep in mind that glob is NOT regex!

  101. automaticallyRedactForReasons:

  102.   - "spam"

  103.   - "advertising"

  104. 

  105. # A list of rooms to protect. Mjolnir will add this to the list it knows from its account data.

  106. #

  107. # It won't, however, add it to the account data.

  108. # Manually add the room via '!mjolnir rooms add' to have it stay protected regardless if this config value changes.

  109. #

  110. # Note: These must be matrix.to URLs

  111. #protectedRooms:

  112. #  - "https://matrix.to/#/#matrix:example.org"

  113. 

  114. # Whether or not to add all joined rooms to the "protected rooms" list

  115. # (excluding the management room and watched policy list rooms, see below).

  116. #

  117. # Note that this effectively makes the protectedRooms and associated commands useless

  118. # for regular rooms.

  119. #

  120. # Note: the management room is *excluded* from this condition.

  121. # Explicitly add it as a protected room to protect it.

  122. #

  123. # Note: Ban list rooms the bot is watching but didn't create will not be protected.

  124. # Explicitly add these rooms as a protected room list if you want them protected.

  125. protectAllJoinedRooms: false

  126. 

  127. # Increase this delay to have Mjölnir wait longer between two consecutive backgrounded

  128. # operations. The total duration of operations will be longer, but the homeserver won't

  129. # be affected as much. Conversely, decrease this delay to have Mjölnir chain operations

  130. # faster. The total duration of operations will generally be shorter, but the performance

  131. # of the homeserver may be more impacted.

  132. backgroundDelayMS: 500

  133. 

  134. # Server administration commands, these commands will only work if Mjolnir is

  135. # a global server administrator, and the bot's server is a Synapse instance.

  136. #admin:

  137. #  # Whether or not Mjolnir can temporarily take control of any eligible account from the local homeserver who's in the room

  138. #  # (with enough permissions) to "make" a user an admin.

  139. #  #

  140. #  # This only works if a local user with enough admin permissions is present in the room.

  141. #  enableMakeRoomAdminCommand: false

  142. 

  143. # Misc options for command handling and commands

  144. commands:

  145.   # Whether or not the `!mjolnir` prefix is necessary to submit commands.

  146.   #

  147.   # If `true`, will allow commands like `!ban`, `!help`, etc.

  148.   #

  149.   # Note: Mjolnir can also be pinged by display name instead of having to use

  150.   # the !mjolnir prefix. For example, "my_moderator_bot: ban @spammer:example.org"

  151.   # will address only my_moderator_bot.

  152.   allowNoPrefix: false

  153. 

  154.   # Any additional bot prefixes that Mjolnir will listen to. i.e. adding `mod` will allow `!mod help`.

  155.   additionalPrefixes:

  156.     - "mjolnir_bot"

  157. 

  158.   # Whether or not commands with a wildcard (*) will require an additional `--force` argument

  159.   # in the command to be able to be submitted.

  160.   confirmWildcardBan: true

  161. 

  162. # Configuration specific to certain toggle-able protections

  163. #protections:

  164. #  # Configuration for the wordlist plugin, which can ban users based if they say certain

  165. #  # blocked words shortly after joining.

  166. #  wordlist:

  167. #    # A list of case-insensitive keywords that the WordList protection will watch for from new users.

  168. #    #

  169. #    # WordList will ban users who use these words when first joining a room, so take caution when selecting them.

  170. #    #

  171. #    # For advanced usage, regex can also be used, see the following links for more information;

  172. #    #  - https://www.digitalocean.com/community/tutorials/an-introduction-to-regular-expressions

  173. #    #  - https://regexr.com/

  174. #    #  - https://regexone.com/

  175. #    words:

  176. #      - "LoReM"

  177. #      - "IpSuM"

  178. #      - "DoLoR"

  179. #      - "aMeT"

  180. #

  181. #    # For how long (in minutes) the user is "new" to the WordList plugin.

  182. #    #

  183. #    # After this time, the user will no longer be banned for using a word in the above wordlist.

  184. #    #

  185. #    # Set to zero to disable the timeout and make users *always* appear "new".

  186. #    # (users will always be banned if they say a bad word)

  187. #    minutesBeforeTrusting: 20

  188. 

  189. # Options for advanced monitoring of the health of the bot.

  190. health:

  191.   # healthz options. These options are best for use in container environments

  192.   # like Kubernetes to detect how healthy the service is. The bot will report

  193.   # that it is unhealthy until it is able to process user requests. Typically

  194.   # this means that it'll flag itself as unhealthy for a number of minutes

  195.   # before saying "Now monitoring rooms" and flagging itself healthy.

  196.   #

  197.   # Health is flagged through HTTP status codes, defined below.

  198.   healthz:

  199.     # Whether the healthz integration should be enabled (default false)

  200.     enabled: false

  201. 

  202.     # The port to expose the webserver on. Defaults to 8080.

  203.     port: 8080

  204. 

  205.     # The address to listen for requests on. Defaults to all addresses.

  206.     address: "0.0.0.0"

  207. 

  208.     # The path to expose the monitoring endpoint at. Defaults to `/healthz`

  209.     endpoint: "/healthz"

  210. 

  211.     # The HTTP status code which reports that the bot is healthy/ready to

  212.     # process requests. Typically this should not be changed. Defaults to

  213.     # 200.

  214.     healthyStatus: 200

  215. 

  216.     # The HTTP status code which reports that the bot is not healthy/ready.

  217.     # Defaults to 418.

  218.     unhealthyStatus: 418

  219. 

  220. # Options for exposing web APIs.

  221. #web:

  222. #  # Whether to enable web APIs.

  223. #  enabled: false

  224. #

  225. #  # The port to expose the webserver on. Defaults to 8080.

  226. #  port: 8080

  227. #

  228. #  # The address to listen for requests on. Defaults to only the current

  229. #  # computer.

  230. #  address: localhost

  231. #

  232. #  # Alternative setting to open to the entire web. Be careful,

  233. #  # as this will increase your security perimeter:

  234. #  #

  235. #  #  address: "0.0.0.0"

  236. #

  237. #  # A web API designed to intercept Matrix API

  238. #  # POST /_matrix/client/r0/rooms/{roomId}/report/{eventId}

  239. #  # and display readable abuse reports in the moderation room.

  240. #  #

  241. #  # If you wish to take advantage of this feature, you will need

  242. #  # to configure a reverse proxy, see e.g. test/nginx.conf

  243. #  abuseReporting:

  244. #    # Whether to enable this feature.

  245. #    enabled: false

  246. 

  247. # Whether or not to actively poll synapse for abuse reports, to be used

  248. # instead of intercepting client calls to synapse's abuse endpoint, when that

  249. # isn't possible/practical.

  250. pollReports: false

  251. 

  252. # Whether or not new reports, received either by webapi or polling,

  253. # should be printed to our managementRoom.

  254. displayReports: false